diff --git a/src/URLhaus.csv b/src/URLhaus.csv
index 8c7f2eba..40110650 100644
--- a/src/URLhaus.csv
+++ b/src/URLhaus.csv
@@ -1,12 +1,1858 @@
 ################################################################
 # abuse.ch URLhaus Database Dump (CSV)                         #
-# Last updated: 2019-02-17 11:40:03 (UTC)                      #
+# Last updated: 2019-02-18 00:19:50 (UTC)                      #
 #                                                              #
 # Terms Of Use: https://urlhaus.abuse.ch/api/                  #
 # For questions please contact urlhaus [at] abuse.ch           #
 ################################################################
 #
 # id,dateadded,url,url_status,threat,tags,urlhaus_link
+"131073","2019-02-18 00:19:50","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131073/"
+"131072","2019-02-18 00:19:24","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131072/"
+"131071","2019-02-18 00:19:21","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131071/"
+"131070","2019-02-18 00:19:18","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131070/"
+"131069","2019-02-18 00:19:15","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131069/"
+"131068","2019-02-18 00:19:12","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131068/"
+"131067","2019-02-18 00:19:08","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131067/"
+"131066","2019-02-18 00:18:46","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131066/"
+"131065","2019-02-18 00:18:20","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131065/"
+"131064","2019-02-18 00:18:07","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131064/"
+"131063","2019-02-18 00:18:04","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131063/"
+"131062","2019-02-18 00:18:00","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131062/"
+"131061","2019-02-18 00:17:48","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131061/"
+"131060","2019-02-18 00:17:37","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131060/"
+"131059","2019-02-18 00:17:20","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131059/"
+"131058","2019-02-18 00:17:08","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131058/"
+"131057","2019-02-18 00:16:53","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131057/"
+"131056","2019-02-18 00:16:45","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131056/"
+"131055","2019-02-18 00:16:40","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131055/"
+"131054","2019-02-18 00:16:30","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131054/"
+"131053","2019-02-18 00:16:26","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131053/"
+"131052","2019-02-18 00:16:22","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131052/"
+"131051","2019-02-18 00:16:17","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131051/"
+"131050","2019-02-18 00:16:11","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131050/"
+"131049","2019-02-18 00:15:58","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131049/"
+"131048","2019-02-18 00:15:44","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131048/"
+"131047","2019-02-18 00:15:31","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131047/"
+"131046","2019-02-18 00:15:13","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131046/"
+"131045","2019-02-18 00:14:59","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131045/"
+"131044","2019-02-18 00:14:58","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131044/"
+"131043","2019-02-18 00:14:55","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131043/"
+"131042","2019-02-18 00:14:19","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131042/"
+"131041","2019-02-18 00:14:02","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131041/"
+"131040","2019-02-18 00:13:42","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131040/"
+"131039","2019-02-18 00:13:33","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131039/"
+"131038","2019-02-18 00:13:13","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131038/"
+"131037","2019-02-18 00:13:04","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131037/"
+"131036","2019-02-18 00:12:49","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131036/"
+"131035","2019-02-18 00:12:32","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131035/"
+"131034","2019-02-18 00:12:22","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131034/"
+"131033","2019-02-18 00:12:10","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131033/"
+"131032","2019-02-18 00:11:45","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131032/"
+"131031","2019-02-18 00:11:40","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131031/"
+"131030","2019-02-18 00:11:35","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131030/"
+"131029","2019-02-18 00:11:28","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131029/"
+"131028","2019-02-18 00:11:24","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131028/"
+"131027","2019-02-18 00:11:19","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131027/"
+"131026","2019-02-18 00:11:14","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131026/"
+"131025","2019-02-18 00:11:09","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131025/"
+"131024","2019-02-18 00:11:04","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131024/"
+"131023","2019-02-18 00:11:01","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131023/"
+"131022","2019-02-18 00:11:00","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131022/"
+"131021","2019-02-18 00:10:58","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131021/"
+"131020","2019-02-18 00:10:55","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131020/"
+"131019","2019-02-18 00:10:53","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131019/"
+"131018","2019-02-18 00:10:50","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131018/"
+"131017","2019-02-18 00:10:47","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131017/"
+"131016","2019-02-18 00:10:44","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131016/"
+"131015","2019-02-18 00:10:40","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131015/"
+"131014","2019-02-18 00:10:38","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131014/"
+"131013","2019-02-18 00:10:35","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131013/"
+"131012","2019-02-18 00:10:32","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131012/"
+"131011","2019-02-18 00:10:29","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131011/"
+"131010","2019-02-18 00:10:28","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131010/"
+"131009","2019-02-18 00:10:27","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131009/"
+"131008","2019-02-18 00:10:22","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131008/"
+"131007","2019-02-18 00:10:19","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131007/"
+"131006","2019-02-18 00:10:16","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131006/"
+"131005","2019-02-18 00:10:13","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131005/"
+"131004","2019-02-18 00:10:11","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131004/"
+"131003","2019-02-18 00:10:08","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131003/"
+"131002","2019-02-18 00:10:04","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/131002/"
+"131001","2019-02-18 00:09:59","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131001/"
+"131000","2019-02-18 00:09:52","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131000/"
+"130999","2019-02-18 00:09:45","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130999/"
+"130998","2019-02-18 00:09:41","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130998/"
+"130997","2019-02-18 00:09:27","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130997/"
+"130996","2019-02-18 00:09:16","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130996/"
+"130995","2019-02-18 00:08:55","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130995/"
+"130994","2019-02-18 00:08:39","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130994/"
+"130993","2019-02-18 00:08:37","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130993/"
+"130992","2019-02-18 00:08:36","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130992/"
+"130990","2019-02-18 00:08:35","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130990/"
+"130991","2019-02-18 00:08:35","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130991/"
+"130989","2019-02-18 00:08:33","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130989/"
+"130988","2019-02-18 00:08:15","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130988/"
+"130987","2019-02-18 00:07:53","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130987/"
+"130986","2019-02-18 00:07:45","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130986/"
+"130985","2019-02-18 00:07:42","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130985/"
+"130984","2019-02-18 00:07:41","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130984/"
+"130983","2019-02-18 00:07:35","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130983/"
+"130982","2019-02-18 00:07:27","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130982/"
+"130981","2019-02-18 00:07:15","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130981/"
+"130980","2019-02-18 00:07:06","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130980/"
+"130979","2019-02-18 00:06:57","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130979/"
+"130978","2019-02-18 00:06:51","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130978/"
+"130977","2019-02-18 00:06:50","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130977/"
+"130976","2019-02-18 00:06:43","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130976/"
+"130975","2019-02-18 00:06:40","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130975/"
+"130974","2019-02-18 00:06:36","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130974/"
+"130973","2019-02-18 00:06:32","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130973/"
+"130972","2019-02-18 00:06:29","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130972/"
+"130971","2019-02-18 00:06:22","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130971/"
+"130970","2019-02-18 00:06:15","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130970/"
+"130969","2019-02-18 00:06:06","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130969/"
+"130968","2019-02-18 00:05:56","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130968/"
+"130967","2019-02-18 00:05:50","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130967/"
+"130966","2019-02-18 00:05:47","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130966/"
+"130965","2019-02-18 00:05:45","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130965/"
+"130964","2019-02-18 00:05:26","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130964/"
+"130963","2019-02-18 00:05:16","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130963/"
+"130962","2019-02-18 00:05:05","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130962/"
+"130961","2019-02-18 00:04:57","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130961/"
+"130960","2019-02-18 00:04:46","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130960/"
+"130959","2019-02-18 00:04:45","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130959/"
+"130958","2019-02-18 00:04:36","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130958/"
+"130957","2019-02-18 00:04:29","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130957/"
+"130956","2019-02-18 00:04:22","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130956/"
+"130955","2019-02-18 00:04:16","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130955/"
+"130954","2019-02-18 00:04:03","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130954/"
+"130953","2019-02-18 00:04:02","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130953/"
+"130952","2019-02-18 00:04:01","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130952/"
+"130951","2019-02-18 00:03:59","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130951/"
+"130950","2019-02-18 00:03:56","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130950/"
+"130949","2019-02-18 00:03:52","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130949/"
+"130948","2019-02-18 00:03:49","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130948/"
+"130947","2019-02-18 00:03:45","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130947/"
+"130946","2019-02-18 00:03:41","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130946/"
+"130945","2019-02-18 00:03:39","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130945/"
+"130944","2019-02-18 00:03:38","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130944/"
+"130943","2019-02-18 00:03:37","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130943/"
+"130942","2019-02-18 00:03:34","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130942/"
+"130941","2019-02-18 00:03:31","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130941/"
+"130940","2019-02-18 00:03:29","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130940/"
+"130939","2019-02-18 00:03:26","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130939/"
+"130938","2019-02-18 00:03:24","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130938/"
+"130937","2019-02-18 00:03:21","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130937/"
+"130936","2019-02-18 00:03:19","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130936/"
+"130935","2019-02-18 00:03:16","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130935/"
+"130934","2019-02-18 00:03:13","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130934/"
+"130933","2019-02-18 00:03:11","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130933/"
+"130932","2019-02-18 00:03:10","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130932/"
+"130931","2019-02-18 00:03:08","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130931/"
+"130930","2019-02-18 00:03:05","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130930/"
+"130929","2019-02-18 00:03:02","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130929/"
+"130928","2019-02-18 00:03:00","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130928/"
+"130927","2019-02-18 00:02:57","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130927/"
+"130926","2019-02-18 00:02:56","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130926/"
+"130925","2019-02-18 00:02:54","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130925/"
+"130924","2019-02-18 00:02:51","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130924/"
+"130923","2019-02-18 00:02:49","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130923/"
+"130922","2019-02-18 00:02:28","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130922/"
+"130921","2019-02-18 00:02:26","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130921/"
+"130920","2019-02-18 00:02:23","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130920/"
+"130919","2019-02-18 00:02:21","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130919/"
+"130918","2019-02-18 00:02:20","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130918/"
+"130917","2019-02-18 00:02:17","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130917/"
+"130916","2019-02-18 00:02:16","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130916/"
+"130913","2019-02-18 00:02:15","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130913/"
+"130914","2019-02-18 00:02:15","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130914/"
+"130915","2019-02-18 00:02:15","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130915/"
+"130911","2019-02-18 00:02:14","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130911/"
+"130912","2019-02-18 00:02:14","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130912/"
+"130910","2019-02-18 00:02:12","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130910/"
+"130909","2019-02-18 00:02:10","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130909/"
+"130908","2019-02-18 00:02:08","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130908/"
+"130907","2019-02-18 00:02:07","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130907/"
+"130906","2019-02-18 00:02:02","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130906/"
+"130905","2019-02-18 00:02:00","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130905/"
+"130904","2019-02-18 00:01:59","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130904/"
+"130903","2019-02-18 00:01:57","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130903/"
+"130902","2019-02-18 00:01:56","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130902/"
+"130901","2019-02-18 00:01:54","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130901/"
+"130899","2019-02-18 00:01:53","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130899/"
+"130900","2019-02-18 00:01:53","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130900/"
+"130896","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130896/"
+"130897","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130897/"
+"130898","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130898/"
+"130894","2019-02-18 00:01:50","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130894/"
+"130895","2019-02-18 00:01:50","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130895/"
+"130893","2019-02-18 00:01:49","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130893/"
+"130892","2019-02-18 00:01:48","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130892/"
+"130891","2019-02-18 00:01:47","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130891/"
+"130890","2019-02-18 00:01:44","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130890/"
+"130889","2019-02-18 00:01:43","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130889/"
+"130887","2019-02-18 00:01:42","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130887/"
+"130888","2019-02-18 00:01:42","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130888/"
+"130886","2019-02-18 00:01:36","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130886/"
+"130885","2019-02-18 00:01:35","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130885/"
+"130884","2019-02-18 00:01:34","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130884/"
+"130883","2019-02-18 00:01:33","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130883/"
+"130882","2019-02-18 00:01:32","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130882/"
+"130880","2019-02-18 00:01:31","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130880/"
+"130881","2019-02-18 00:01:31","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130881/"
+"130879","2019-02-18 00:01:30","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130879/"
+"130878","2019-02-18 00:01:29","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130878/"
+"130877","2019-02-18 00:01:28","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130877/"
+"130876","2019-02-18 00:01:25","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130876/"
+"130875","2019-02-18 00:01:24","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130875/"
+"130874","2019-02-18 00:01:23","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130874/"
+"130873","2019-02-18 00:01:20","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130873/"
+"130872","2019-02-18 00:01:17","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130872/"
+"130871","2019-02-18 00:01:13","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130871/"
+"130870","2019-02-18 00:01:10","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130870/"
+"130869","2019-02-18 00:01:06","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130869/"
+"130868","2019-02-18 00:01:01","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130868/"
+"130867","2019-02-18 00:00:59","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130867/"
+"130866","2019-02-18 00:00:57","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130866/"
+"130865","2019-02-18 00:00:56","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130865/"
+"130864","2019-02-18 00:00:53","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130864/"
+"130863","2019-02-18 00:00:49","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130863/"
+"130862","2019-02-18 00:00:47","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130862/"
+"130861","2019-02-18 00:00:44","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130861/"
+"130860","2019-02-18 00:00:41","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130860/"
+"130859","2019-02-18 00:00:39","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130859/"
+"130858","2019-02-18 00:00:36","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130858/"
+"130857","2019-02-18 00:00:34","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130857/"
+"130856","2019-02-18 00:00:31","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130856/"
+"130855","2019-02-18 00:00:28","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130855/"
+"130854","2019-02-18 00:00:27","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130854/"
+"130853","2019-02-18 00:00:26","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130853/"
+"130852","2019-02-18 00:00:22","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130852/"
+"130851","2019-02-18 00:00:19","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130851/"
+"130850","2019-02-18 00:00:16","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130850/"
+"130849","2019-02-18 00:00:13","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130849/"
+"130848","2019-02-18 00:00:11","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130848/"
+"130847","2019-02-18 00:00:09","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130847/"
+"130846","2019-02-18 00:00:06","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130846/"
+"130845","2019-02-18 00:00:03","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130845/"
+"130844","2019-02-17 23:59:59","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130844/"
+"130843","2019-02-17 23:59:57","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130843/"
+"130842","2019-02-17 23:59:54","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130842/"
+"130841","2019-02-17 23:59:52","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130841/"
+"130840","2019-02-17 23:59:51","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130840/"
+"130839","2019-02-17 23:59:47","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130839/"
+"130836","2019-02-17 23:59:45","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130836/"
+"130837","2019-02-17 23:59:45","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130837/"
+"130838","2019-02-17 23:59:45","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130838/"
+"130833","2019-02-17 23:59:44","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130833/"
+"130834","2019-02-17 23:59:44","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130834/"
+"130835","2019-02-17 23:59:44","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130835/"
+"130832","2019-02-17 23:59:41","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130832/"
+"130831","2019-02-17 23:59:39","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130831/"
+"130829","2019-02-17 23:59:37","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130829/"
+"130830","2019-02-17 23:59:37","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130830/"
+"130828","2019-02-17 23:59:36","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130828/"
+"130827","2019-02-17 23:59:35","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130827/"
+"130826","2019-02-17 23:59:34","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130826/"
+"130825","2019-02-17 23:59:32","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130825/"
+"130824","2019-02-17 23:59:31","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130824/"
+"130823","2019-02-17 23:59:30","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130823/"
+"130821","2019-02-17 23:59:29","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130821/"
+"130822","2019-02-17 23:59:29","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130822/"
+"130818","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130818/"
+"130819","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130819/"
+"130820","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130820/"
+"130816","2019-02-17 23:59:26","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130816/"
+"130817","2019-02-17 23:59:26","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130817/"
+"130815","2019-02-17 23:59:25","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130815/"
+"130814","2019-02-17 23:59:24","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130814/"
+"130813","2019-02-17 23:59:23","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130813/"
+"130812","2019-02-17 23:59:21","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130812/"
+"130811","2019-02-17 23:59:20","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130811/"
+"130809","2019-02-17 23:59:19","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130809/"
+"130810","2019-02-17 23:59:19","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130810/"
+"130808","2019-02-17 23:59:16","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130808/"
+"130807","2019-02-17 23:59:15","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130807/"
+"130806","2019-02-17 23:59:14","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130806/"
+"130805","2019-02-17 23:59:13","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130805/"
+"130804","2019-02-17 23:59:12","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130804/"
+"130803","2019-02-17 23:59:11","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130803/"
+"130802","2019-02-17 23:59:09","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130802/"
+"130801","2019-02-17 23:59:07","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130801/"
+"130800","2019-02-17 23:59:06","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130800/"
+"130799","2019-02-17 23:59:05","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130799/"
+"130798","2019-02-17 23:59:03","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130798/"
+"130797","2019-02-17 23:58:50","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130797/"
+"130796","2019-02-17 23:58:49","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130796/"
+"130795","2019-02-17 23:58:46","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130795/"
+"130794","2019-02-17 23:58:43","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130794/"
+"130793","2019-02-17 23:58:39","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130793/"
+"130792","2019-02-17 23:58:34","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130792/"
+"130791","2019-02-17 23:58:29","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130791/"
+"130790","2019-02-17 23:58:25","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130790/"
+"130789","2019-02-17 23:58:22","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130789/"
+"130788","2019-02-17 23:58:21","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130788/"
+"130787","2019-02-17 23:58:20","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130787/"
+"130786","2019-02-17 23:58:17","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130786/"
+"130785","2019-02-17 23:58:14","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130785/"
+"130784","2019-02-17 23:58:11","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130784/"
+"130783","2019-02-17 23:58:08","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130783/"
+"130782","2019-02-17 23:58:06","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130782/"
+"130781","2019-02-17 23:58:03","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130781/"
+"130780","2019-02-17 23:58:01","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130780/"
+"130779","2019-02-17 23:57:59","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130779/"
+"130778","2019-02-17 23:57:56","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130778/"
+"130777","2019-02-17 23:57:54","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130777/"
+"130776","2019-02-17 23:57:53","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130776/"
+"130775","2019-02-17 23:57:52","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130775/"
+"130774","2019-02-17 23:57:49","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130774/"
+"130773","2019-02-17 23:57:47","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130773/"
+"130772","2019-02-17 23:57:44","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130772/"
+"130771","2019-02-17 23:57:43","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130771/"
+"130770","2019-02-17 23:57:40","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130770/"
+"130769","2019-02-17 23:57:38","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130769/"
+"130768","2019-02-17 23:57:36","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130768/"
+"130767","2019-02-17 23:57:32","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130767/"
+"130766","2019-02-17 23:57:30","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130766/"
+"130765","2019-02-17 23:57:27","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130765/"
+"130764","2019-02-17 23:57:24","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130764/"
+"130763","2019-02-17 23:57:23","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130763/"
+"130762","2019-02-17 23:57:21","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130762/"
+"130760","2019-02-17 23:57:18","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130760/"
+"130761","2019-02-17 23:57:18","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130761/"
+"130757","2019-02-17 23:57:17","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130757/"
+"130758","2019-02-17 23:57:17","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130758/"
+"130759","2019-02-17 23:57:17","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130759/"
+"130756","2019-02-17 23:57:16","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130756/"
+"130755","2019-02-17 23:57:06","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130755/"
+"130754","2019-02-17 23:57:04","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130754/"
+"130753","2019-02-17 23:57:03","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130753/"
+"130751","2019-02-17 23:57:02","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130751/"
+"130752","2019-02-17 23:57:02","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130752/"
+"130750","2019-02-17 23:57:00","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130750/"
+"130749","2019-02-17 23:56:59","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130749/"
+"130748","2019-02-17 23:56:57","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130748/"
+"130747","2019-02-17 23:56:56","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130747/"
+"130746","2019-02-17 23:56:55","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130746/"
+"130744","2019-02-17 23:56:54","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130744/"
+"130745","2019-02-17 23:56:54","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130745/"
+"130743","2019-02-17 23:56:53","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130743/"
+"130740","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130740/"
+"130741","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130741/"
+"130742","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130742/"
+"130739","2019-02-17 23:56:51","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130739/"
+"130738","2019-02-17 23:56:50","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130738/"
+"130737","2019-02-17 23:56:49","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130737/"
+"130736","2019-02-17 23:56:48","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130736/"
+"130735","2019-02-17 23:56:47","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130735/"
+"130734","2019-02-17 23:56:46","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130734/"
+"130733","2019-02-17 23:56:45","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130733/"
+"130732","2019-02-17 23:56:44","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130732/"
+"130731","2019-02-17 23:56:42","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130731/"
+"130730","2019-02-17 23:56:41","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130730/"
+"130728","2019-02-17 23:56:40","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130728/"
+"130729","2019-02-17 23:56:40","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130729/"
+"130726","2019-02-17 23:56:38","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130726/"
+"130727","2019-02-17 23:56:38","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130727/"
+"130725","2019-02-17 23:56:37","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130725/"
+"130724","2019-02-17 23:56:36","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130724/"
+"130723","2019-02-17 23:56:35","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130723/"
+"130722","2019-02-17 23:56:33","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130722/"
+"130721","2019-02-17 23:56:31","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130721/"
+"130720","2019-02-17 23:56:30","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130720/"
+"130719","2019-02-17 23:56:29","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130719/"
+"130718","2019-02-17 23:56:26","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130718/"
+"130717","2019-02-17 23:56:23","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130717/"
+"130716","2019-02-17 23:56:19","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130716/"
+"130715","2019-02-17 23:56:16","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130715/"
+"130714","2019-02-17 23:56:11","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130714/"
+"130713","2019-02-17 23:56:07","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130713/"
+"130712","2019-02-17 23:56:04","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130712/"
+"130711","2019-02-17 23:56:03","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130711/"
+"130710","2019-02-17 23:56:02","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130710/"
+"130709","2019-02-17 23:55:59","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130709/"
+"130708","2019-02-17 23:55:56","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130708/"
+"130707","2019-02-17 23:55:54","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130707/"
+"130706","2019-02-17 23:55:51","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130706/"
+"130705","2019-02-17 23:55:48","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130705/"
+"130704","2019-02-17 23:55:46","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130704/"
+"130703","2019-02-17 23:55:43","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130703/"
+"130702","2019-02-17 23:55:41","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130702/"
+"130701","2019-02-17 23:55:38","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130701/"
+"130700","2019-02-17 23:55:36","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130700/"
+"130699","2019-02-17 23:55:35","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130699/"
+"130698","2019-02-17 23:55:33","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130698/"
+"130697","2019-02-17 23:55:30","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130697/"
+"130696","2019-02-17 23:55:27","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130696/"
+"130695","2019-02-17 23:55:24","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130695/"
+"130694","2019-02-17 23:55:21","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130694/"
+"130693","2019-02-17 23:55:20","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130693/"
+"130692","2019-02-17 23:55:18","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130692/"
+"130691","2019-02-17 23:55:15","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130691/"
+"130690","2019-02-17 23:55:13","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130690/"
+"130689","2019-02-17 23:55:09","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130689/"
+"130688","2019-02-17 23:55:06","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130688/"
+"130687","2019-02-17 23:55:03","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130687/"
+"130686","2019-02-17 23:55:01","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130686/"
+"130685","2019-02-17 23:54:59","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130685/"
+"130684","2019-02-17 23:54:56","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130684/"
+"130680","2019-02-17 23:54:54","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130680/"
+"130681","2019-02-17 23:54:54","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130681/"
+"130682","2019-02-17 23:54:54","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130682/"
+"130683","2019-02-17 23:54:54","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130683/"
+"130678","2019-02-17 23:54:53","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130678/"
+"130679","2019-02-17 23:54:53","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130679/"
+"130677","2019-02-17 23:54:51","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130677/"
+"130676","2019-02-17 23:54:48","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130676/"
+"130674","2019-02-17 23:54:47","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130674/"
+"130675","2019-02-17 23:54:47","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130675/"
+"130673","2019-02-17 23:54:46","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130673/"
+"130672","2019-02-17 23:54:45","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130672/"
+"130671","2019-02-17 23:54:42","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130671/"
+"130670","2019-02-17 23:54:32","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130670/"
+"130669","2019-02-17 23:54:23","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130669/"
+"130668","2019-02-17 23:54:13","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130668/"
+"130667","2019-02-17 23:54:09","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130667/"
+"130666","2019-02-17 23:54:08","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130666/"
+"130665","2019-02-17 23:54:02","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130665/"
+"130663","2019-02-17 23:53:36","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130663/"
+"130664","2019-02-17 23:53:36","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130664/"
+"130662","2019-02-17 23:53:35","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130662/"
+"130661","2019-02-17 23:53:34","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130661/"
+"130660","2019-02-17 23:53:29","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130660/"
+"130659","2019-02-17 23:53:23","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130659/"
+"130658","2019-02-17 23:53:19","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130658/"
+"130657","2019-02-17 23:53:13","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130657/"
+"130656","2019-02-17 23:53:09","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130656/"
+"130655","2019-02-17 23:53:08","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130655/"
+"130654","2019-02-17 23:53:07","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130654/"
+"130653","2019-02-17 23:53:01","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130653/"
+"130652","2019-02-17 23:52:56","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130652/"
+"130650","2019-02-17 23:52:54","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130650/"
+"130651","2019-02-17 23:52:54","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130651/"
+"130648","2019-02-17 23:52:52","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130648/"
+"130649","2019-02-17 23:52:52","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130649/"
+"130647","2019-02-17 23:52:46","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130647/"
+"130646","2019-02-17 23:52:42","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130646/"
+"130645","2019-02-17 23:52:38","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130645/"
+"130644","2019-02-17 23:52:33","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130644/"
+"130643","2019-02-17 23:52:18","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130643/"
+"130642","2019-02-17 23:52:13","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130642/"
+"130641","2019-02-17 23:52:07","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130641/"
+"130640","2019-02-17 23:21:05","http://89.35.39.78/x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/130640/"
+"130639","2019-02-17 23:21:03","http://89.35.39.78/i586.dddd","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/130639/"
+"130638","2019-02-17 22:45:33","http://chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130638/"
+"130637","2019-02-17 21:19:33","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130637/"
+"130636","2019-02-17 21:19:28","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130636/"
+"130635","2019-02-17 21:19:20","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130635/"
+"130634","2019-02-17 21:19:12","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130634/"
+"130633","2019-02-17 21:19:01","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130633/"
+"130632","2019-02-17 21:18:58","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130632/"
+"130631","2019-02-17 21:18:55","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130631/"
+"130630","2019-02-17 21:18:54","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130630/"
+"130629","2019-02-17 21:18:53","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130629/"
+"130628","2019-02-17 21:18:50","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130628/"
+"130627","2019-02-17 21:18:46","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130627/"
+"130626","2019-02-17 21:18:44","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130626/"
+"130625","2019-02-17 21:18:41","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130625/"
+"130624","2019-02-17 21:18:39","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130624/"
+"130623","2019-02-17 21:18:36","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130623/"
+"130622","2019-02-17 21:18:34","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130622/"
+"130621","2019-02-17 21:18:31","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130621/"
+"130620","2019-02-17 21:18:29","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130620/"
+"130619","2019-02-17 21:18:26","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130619/"
+"130618","2019-02-17 21:18:25","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130618/"
+"130617","2019-02-17 21:18:24","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130617/"
+"130616","2019-02-17 21:18:20","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130616/"
+"130615","2019-02-17 21:18:17","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130615/"
+"130614","2019-02-17 21:18:15","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130614/"
+"130613","2019-02-17 21:18:12","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130613/"
+"130612","2019-02-17 21:18:11","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130612/"
+"130611","2019-02-17 21:18:08","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130611/"
+"130610","2019-02-17 21:18:01","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130610/"
+"130609","2019-02-17 21:17:58","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130609/"
+"130608","2019-02-17 21:17:54","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130608/"
+"130607","2019-02-17 21:17:52","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130607/"
+"130606","2019-02-17 21:17:49","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130606/"
+"130605","2019-02-17 21:17:46","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130605/"
+"130604","2019-02-17 21:17:44","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130604/"
+"130603","2019-02-17 21:17:42","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130603/"
+"130601","2019-02-17 21:17:39","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130601/"
+"130602","2019-02-17 21:17:39","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130602/"
+"130598","2019-02-17 21:17:38","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130598/"
+"130599","2019-02-17 21:17:38","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130599/"
+"130600","2019-02-17 21:17:38","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130600/"
+"130597","2019-02-17 21:17:37","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130597/"
+"130596","2019-02-17 21:17:31","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130596/"
+"130595","2019-02-17 21:17:27","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130595/"
+"130593","2019-02-17 21:17:25","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130593/"
+"130594","2019-02-17 21:17:25","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130594/"
+"130592","2019-02-17 21:17:24","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130592/"
+"130591","2019-02-17 21:17:23","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130591/"
+"130590","2019-02-17 21:17:22","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130590/"
+"130589","2019-02-17 21:17:20","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130589/"
+"130588","2019-02-17 21:17:19","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130588/"
+"130587","2019-02-17 21:17:18","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130587/"
+"130585","2019-02-17 21:17:17","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130585/"
+"130586","2019-02-17 21:17:17","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130586/"
+"130584","2019-02-17 21:17:16","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130584/"
+"130581","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130581/"
+"130582","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130582/"
+"130583","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130583/"
+"130580","2019-02-17 21:17:14","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130580/"
+"130579","2019-02-17 21:17:13","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130579/"
+"130578","2019-02-17 21:17:12","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130578/"
+"130577","2019-02-17 21:17:11","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130577/"
+"130576","2019-02-17 21:17:09","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130576/"
+"130575","2019-02-17 21:17:08","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130575/"
+"130573","2019-02-17 21:17:07","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130573/"
+"130574","2019-02-17 21:17:07","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130574/"
+"130572","2019-02-17 21:17:04","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130572/"
+"130571","2019-02-17 21:17:02","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130571/"
+"130569","2019-02-17 21:17:01","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130569/"
+"130570","2019-02-17 21:17:01","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130570/"
+"130567","2019-02-17 21:16:59","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130567/"
+"130568","2019-02-17 21:16:59","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130568/"
+"130566","2019-02-17 21:16:58","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130566/"
+"130565","2019-02-17 21:16:57","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130565/"
+"130564","2019-02-17 21:16:55","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130564/"
+"130563","2019-02-17 21:16:53","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130563/"
+"130562","2019-02-17 21:16:50","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130562/"
+"130561","2019-02-17 21:16:49","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130561/"
+"130560","2019-02-17 21:16:47","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130560/"
+"130559","2019-02-17 21:16:43","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130559/"
+"130558","2019-02-17 21:16:40","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130558/"
+"130557","2019-02-17 21:16:35","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130557/"
+"130556","2019-02-17 21:16:31","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130556/"
+"130555","2019-02-17 21:16:26","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130555/"
+"130554","2019-02-17 21:16:22","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130554/"
+"130553","2019-02-17 21:16:19","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130553/"
+"130552","2019-02-17 21:16:17","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130552/"
+"130551","2019-02-17 21:16:15","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130551/"
+"130550","2019-02-17 21:16:12","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130550/"
+"130549","2019-02-17 21:16:09","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130549/"
+"130548","2019-02-17 21:16:06","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130548/"
+"130547","2019-02-17 21:16:03","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130547/"
+"130546","2019-02-17 21:15:59","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130546/"
+"130545","2019-02-17 21:15:56","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130545/"
+"130544","2019-02-17 21:15:53","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130544/"
+"130543","2019-02-17 21:15:50","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130543/"
+"130542","2019-02-17 21:15:46","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130542/"
+"130541","2019-02-17 21:15:43","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130541/"
+"130540","2019-02-17 21:15:41","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130540/"
+"130539","2019-02-17 21:15:40","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130539/"
+"130538","2019-02-17 21:15:34","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130538/"
+"130537","2019-02-17 21:15:30","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130537/"
+"130536","2019-02-17 21:15:27","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130536/"
+"130535","2019-02-17 21:15:23","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130535/"
+"130534","2019-02-17 21:15:21","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130534/"
+"130533","2019-02-17 21:15:18","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130533/"
+"130532","2019-02-17 21:15:14","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130532/"
+"130531","2019-02-17 21:15:11","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130531/"
+"130530","2019-02-17 21:15:06","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130530/"
+"130529","2019-02-17 21:15:03","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130529/"
+"130528","2019-02-17 21:15:00","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130528/"
+"130527","2019-02-17 21:14:58","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130527/"
+"130526","2019-02-17 21:14:56","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130526/"
+"130525","2019-02-17 21:14:53","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130525/"
+"130523","2019-02-17 21:14:49","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130523/"
+"130524","2019-02-17 21:14:49","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130524/"
+"130520","2019-02-17 21:14:48","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130520/"
+"130521","2019-02-17 21:14:48","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130521/"
+"130522","2019-02-17 21:14:48","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130522/"
+"130519","2019-02-17 21:14:47","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130519/"
+"130518","2019-02-17 21:14:42","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130518/"
+"130517","2019-02-17 21:14:33","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130517/"
+"130516","2019-02-17 21:14:25","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130516/"
+"130515","2019-02-17 21:14:21","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130515/"
+"130514","2019-02-17 21:14:15","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130514/"
+"130513","2019-02-17 21:14:02","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130513/"
+"130512","2019-02-17 21:13:55","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130512/"
+"130511","2019-02-17 21:13:43","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130511/"
+"130510","2019-02-17 21:13:35","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130510/"
+"130509","2019-02-17 21:13:26","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130509/"
+"130508","2019-02-17 21:13:21","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130508/"
+"130507","2019-02-17 21:13:20","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130507/"
+"130506","2019-02-17 21:13:13","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130506/"
+"130505","2019-02-17 21:13:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130505/"
+"130504","2019-02-17 21:13:09","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130504/"
+"130503","2019-02-17 21:13:07","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130503/"
+"130502","2019-02-17 21:13:06","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130502/"
+"130501","2019-02-17 21:12:57","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130501/"
+"130500","2019-02-17 21:12:48","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130500/"
+"130499","2019-02-17 21:12:40","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130499/"
+"130498","2019-02-17 21:12:28","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130498/"
+"130497","2019-02-17 21:12:16","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130497/"
+"130496","2019-02-17 21:12:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130496/"
+"130495","2019-02-17 21:12:06","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130495/"
+"130494","2019-02-17 21:11:43","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130494/"
+"130493","2019-02-17 21:11:35","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130493/"
+"130492","2019-02-17 21:11:26","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130492/"
+"130491","2019-02-17 21:11:25","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130491/"
+"130490","2019-02-17 21:11:14","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130490/"
+"130489","2019-02-17 21:11:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130489/"
+"130488","2019-02-17 21:11:03","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130488/"
+"130487","2019-02-17 21:10:53","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130487/"
+"130486","2019-02-17 21:10:44","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130486/"
+"130485","2019-02-17 21:10:33","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130485/"
+"130484","2019-02-17 21:10:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130484/"
+"130483","2019-02-17 21:10:03","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130483/"
+"130482","2019-02-17 21:09:55","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130482/"
+"130481","2019-02-17 21:09:44","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130481/"
+"130480","2019-02-17 21:09:35","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130480/"
+"130479","2019-02-17 21:09:27","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130479/"
+"130478","2019-02-17 21:09:20","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130478/"
+"130477","2019-02-17 21:09:12","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130477/"
+"130476","2019-02-17 21:09:02","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130476/"
+"130475","2019-02-17 21:08:58","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130475/"
+"130474","2019-02-17 21:08:56","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130474/"
+"130473","2019-02-17 21:08:53","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130473/"
+"130472","2019-02-17 21:08:47","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130472/"
+"130471","2019-02-17 21:08:42","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130471/"
+"130470","2019-02-17 21:08:34","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130470/"
+"130469","2019-02-17 21:08:29","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130469/"
+"130468","2019-02-17 21:08:25","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130468/"
+"130467","2019-02-17 21:08:18","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130467/"
+"130466","2019-02-17 21:08:11","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130466/"
+"130465","2019-02-17 21:08:03","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130465/"
+"130464","2019-02-17 21:07:56","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130464/"
+"130463","2019-02-17 21:07:49","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130463/"
+"130462","2019-02-17 21:07:44","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130462/"
+"130461","2019-02-17 21:07:39","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130461/"
+"130460","2019-02-17 21:07:31","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130460/"
+"130459","2019-02-17 21:07:26","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130459/"
+"130458","2019-02-17 21:07:20","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130458/"
+"130457","2019-02-17 21:07:14","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130457/"
+"130456","2019-02-17 21:07:10","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130456/"
+"130455","2019-02-17 21:07:02","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130455/"
+"130454","2019-02-17 21:06:57","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130454/"
+"130453","2019-02-17 21:06:53","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130453/"
+"130452","2019-02-17 21:06:46","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130452/"
+"130451","2019-02-17 21:06:40","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130451/"
+"130450","2019-02-17 21:06:32","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130450/"
+"130449","2019-02-17 21:06:27","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130449/"
+"130448","2019-02-17 21:06:17","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130448/"
+"130447","2019-02-17 21:05:52","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130447/"
+"130446","2019-02-17 21:05:28","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130446/"
+"130444","2019-02-17 21:05:27","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130444/"
+"130445","2019-02-17 21:05:27","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130445/"
+"130443","2019-02-17 21:05:26","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130443/"
+"130442","2019-02-17 21:05:25","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130442/"
+"130441","2019-02-17 21:05:22","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130441/"
+"130440","2019-02-17 21:04:34","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130440/"
+"130439","2019-02-17 21:04:08","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130439/"
+"130438","2019-02-17 21:03:57","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130438/"
+"130437","2019-02-17 21:03:52","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130437/"
+"130436","2019-02-17 21:03:47","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130436/"
+"130435","2019-02-17 21:03:34","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130435/"
+"130434","2019-02-17 21:03:23","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130434/"
+"130433","2019-02-17 21:03:06","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130433/"
+"130432","2019-02-17 21:02:52","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130432/"
+"130431","2019-02-17 21:02:41","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130431/"
+"130430","2019-02-17 21:02:34","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130430/"
+"130429","2019-02-17 21:02:30","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130429/"
+"130428","2019-02-17 21:02:22","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130428/"
+"130427","2019-02-17 21:02:19","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130427/"
+"130426","2019-02-17 21:02:16","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130426/"
+"130425","2019-02-17 21:02:13","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130425/"
+"130424","2019-02-17 21:02:10","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130424/"
+"130423","2019-02-17 21:02:02","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130423/"
+"130422","2019-02-17 21:01:55","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130422/"
+"130421","2019-02-17 21:01:47","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130421/"
+"130420","2019-02-17 21:01:35","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130420/"
+"130419","2019-02-17 21:01:26","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130419/"
+"130418","2019-02-17 21:01:23","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130418/"
+"130417","2019-02-17 21:01:20","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130417/"
+"130416","2019-02-17 21:01:04","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130416/"
+"130415","2019-02-17 21:00:57","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130415/"
+"130414","2019-02-17 21:00:50","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130414/"
+"130413","2019-02-17 21:00:49","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130413/"
+"130412","2019-02-17 21:00:42","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130412/"
+"130411","2019-02-17 21:00:41","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130411/"
+"130410","2019-02-17 21:00:38","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130410/"
+"130409","2019-02-17 21:00:35","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130409/"
+"130408","2019-02-17 21:00:30","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130408/"
+"130407","2019-02-17 21:00:25","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130407/"
+"130406","2019-02-17 21:00:17","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130406/"
+"130405","2019-02-17 21:00:15","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130405/"
+"130404","2019-02-17 21:00:10","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130404/"
+"130403","2019-02-17 20:23:07","http://211.21.205.207:40722/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130403/"
+"130402","2019-02-17 20:23:04","http://1.32.43.40:12984/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130402/"
+"130401","2019-02-17 20:23:00","http://mikrotik.com.pe/cli/as.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130401/"
+"130400","2019-02-17 20:22:58","http://www.pestguard.com.bd/protected.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130400/"
+"130399","2019-02-17 20:22:56","http://pestguard.com.bd/protected.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130399/"
+"130398","2019-02-17 20:22:54","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130398/"
+"130397","2019-02-17 20:22:51","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130397/"
+"130396","2019-02-17 20:22:47","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130396/"
+"130395","2019-02-17 20:22:44","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130395/"
+"130394","2019-02-17 20:22:40","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130394/"
+"130393","2019-02-17 20:22:36","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130393/"
+"130392","2019-02-17 20:22:33","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130392/"
+"130391","2019-02-17 20:22:32","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130391/"
+"130390","2019-02-17 20:22:31","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130390/"
+"130389","2019-02-17 20:22:29","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130389/"
+"130388","2019-02-17 20:22:26","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130388/"
+"130387","2019-02-17 20:22:23","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130387/"
+"130386","2019-02-17 20:22:20","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130386/"
+"130385","2019-02-17 20:22:18","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130385/"
+"130384","2019-02-17 20:22:16","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130384/"
+"130383","2019-02-17 20:22:13","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130383/"
+"130382","2019-02-17 20:22:11","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130382/"
+"130381","2019-02-17 20:22:08","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130381/"
+"130380","2019-02-17 20:22:05","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130380/"
+"130379","2019-02-17 20:22:04","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130379/"
+"130378","2019-02-17 20:22:03","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130378/"
+"130377","2019-02-17 20:21:59","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130377/"
+"130376","2019-02-17 20:21:57","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130376/"
+"130375","2019-02-17 20:21:54","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130375/"
+"130374","2019-02-17 20:21:51","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130374/"
+"130373","2019-02-17 20:21:50","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130373/"
+"130372","2019-02-17 20:21:48","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130372/"
+"130371","2019-02-17 20:21:45","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130371/"
+"130370","2019-02-17 20:21:43","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130370/"
+"130369","2019-02-17 20:21:39","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130369/"
+"130368","2019-02-17 20:21:36","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130368/"
+"130367","2019-02-17 20:21:33","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130367/"
+"130366","2019-02-17 20:21:31","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130366/"
+"130365","2019-02-17 20:21:30","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130365/"
+"130364","2019-02-17 20:21:27","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130364/"
+"130361","2019-02-17 20:21:24","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130361/"
+"130362","2019-02-17 20:21:24","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130362/"
+"130363","2019-02-17 20:21:24","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130363/"
+"130358","2019-02-17 20:21:23","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130358/"
+"130359","2019-02-17 20:21:23","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130359/"
+"130360","2019-02-17 20:21:23","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130360/"
+"130357","2019-02-17 20:21:19","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130357/"
+"130356","2019-02-17 20:21:14","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130356/"
+"130355","2019-02-17 20:21:02","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130355/"
+"130354","2019-02-17 20:21:01","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130354/"
+"130353","2019-02-17 20:20:59","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130353/"
+"130352","2019-02-17 20:20:52","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130352/"
+"130351","2019-02-17 20:20:49","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130351/"
+"130350","2019-02-17 20:20:47","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130350/"
+"130349","2019-02-17 20:20:46","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130349/"
+"130348","2019-02-17 20:20:44","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130348/"
+"130346","2019-02-17 20:20:43","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130346/"
+"130347","2019-02-17 20:20:43","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130347/"
+"130343","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130343/"
+"130344","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130344/"
+"130345","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130345/"
+"130341","2019-02-17 20:20:39","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130341/"
+"130342","2019-02-17 20:20:39","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130342/"
+"130340","2019-02-17 20:20:36","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130340/"
+"130339","2019-02-17 20:20:33","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130339/"
+"130338","2019-02-17 20:20:30","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130338/"
+"130337","2019-02-17 20:20:26","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130337/"
+"130335","2019-02-17 20:20:20","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130335/"
+"130336","2019-02-17 20:20:20","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130336/"
+"130334","2019-02-17 20:20:18","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130334/"
+"130333","2019-02-17 20:20:00","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130333/"
+"130332","2019-02-17 20:19:52","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130332/"
+"130331","2019-02-17 20:19:45","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130331/"
+"130330","2019-02-17 20:19:44","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130330/"
+"130329","2019-02-17 20:19:34","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130329/"
+"130328","2019-02-17 20:19:33","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130328/"
+"130327","2019-02-17 20:19:25","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130327/"
+"130326","2019-02-17 20:19:19","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130326/"
+"130325","2019-02-17 20:19:13","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130325/"
+"130324","2019-02-17 20:19:09","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130324/"
+"130323","2019-02-17 20:18:53","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130323/"
+"130322","2019-02-17 20:18:48","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130322/"
+"130321","2019-02-17 20:18:41","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130321/"
+"130320","2019-02-17 20:18:34","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130320/"
+"130319","2019-02-17 20:18:31","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130319/"
+"130318","2019-02-17 20:18:26","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130318/"
+"130317","2019-02-17 20:18:20","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130317/"
+"130316","2019-02-17 20:18:15","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130316/"
+"130315","2019-02-17 20:18:10","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130315/"
+"130314","2019-02-17 20:18:06","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130314/"
+"130313","2019-02-17 20:18:03","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130313/"
+"130312","2019-02-17 20:18:01","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130312/"
+"130311","2019-02-17 20:17:58","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130311/"
+"130310","2019-02-17 20:17:54","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130310/"
+"130309","2019-02-17 20:17:50","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130309/"
+"130308","2019-02-17 20:17:46","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130308/"
+"130307","2019-02-17 20:17:43","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130307/"
+"130306","2019-02-17 20:17:40","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130306/"
+"130305","2019-02-17 20:17:36","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130305/"
+"130304","2019-02-17 20:17:32","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130304/"
+"130303","2019-02-17 20:17:28","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130303/"
+"130302","2019-02-17 20:17:25","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130302/"
+"130301","2019-02-17 20:17:23","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130301/"
+"130300","2019-02-17 20:17:22","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130300/"
+"130299","2019-02-17 20:17:16","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130299/"
+"130298","2019-02-17 20:17:13","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130298/"
+"130297","2019-02-17 20:17:09","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130297/"
+"130296","2019-02-17 20:17:05","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130296/"
+"130295","2019-02-17 20:17:02","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130295/"
+"130294","2019-02-17 20:16:59","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130294/"
+"130293","2019-02-17 20:16:55","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130293/"
+"130292","2019-02-17 20:16:52","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130292/"
+"130291","2019-02-17 20:16:45","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130291/"
+"130290","2019-02-17 20:16:42","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130290/"
+"130289","2019-02-17 20:16:39","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130289/"
+"130288","2019-02-17 20:16:33","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130288/"
+"130287","2019-02-17 20:16:26","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130287/"
+"130286","2019-02-17 20:16:08","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130286/"
+"130285","2019-02-17 20:15:52","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130285/"
+"130284","2019-02-17 20:15:51","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130284/"
+"130282","2019-02-17 20:15:50","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130282/"
+"130283","2019-02-17 20:15:50","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130283/"
+"130281","2019-02-17 20:15:49","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130281/"
+"130280","2019-02-17 20:15:40","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130280/"
+"130279","2019-02-17 20:15:24","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130279/"
+"130278","2019-02-17 20:15:10","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130278/"
+"130277","2019-02-17 20:15:05","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130277/"
+"130276","2019-02-17 20:15:04","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130276/"
+"130275","2019-02-17 20:15:03","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130275/"
+"130274","2019-02-17 20:14:56","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130274/"
+"130273","2019-02-17 20:14:51","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130273/"
+"130272","2019-02-17 20:14:40","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130272/"
+"130271","2019-02-17 20:14:33","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130271/"
+"130270","2019-02-17 20:14:25","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130270/"
+"130269","2019-02-17 20:14:22","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130269/"
+"130268","2019-02-17 20:14:21","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130268/"
+"130267","2019-02-17 20:14:16","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130267/"
+"130265","2019-02-17 20:14:15","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130265/"
+"130266","2019-02-17 20:14:15","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130266/"
+"130263","2019-02-17 20:14:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130263/"
+"130264","2019-02-17 20:14:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130264/"
+"130262","2019-02-17 20:14:09","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130262/"
+"130261","2019-02-17 20:14:03","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130261/"
+"130260","2019-02-17 20:13:57","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130260/"
+"130259","2019-02-17 20:13:49","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130259/"
+"130258","2019-02-17 20:13:41","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130258/"
+"130257","2019-02-17 20:13:40","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130257/"
+"130256","2019-02-17 20:13:37","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130256/"
+"130255","2019-02-17 20:13:16","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130255/"
+"130254","2019-02-17 20:13:04","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130254/"
+"130253","2019-02-17 20:12:56","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130253/"
+"130252","2019-02-17 20:12:55","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130252/"
+"130251","2019-02-17 20:12:44","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130251/"
+"130250","2019-02-17 20:12:43","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130250/"
+"130249","2019-02-17 20:12:36","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130249/"
+"130248","2019-02-17 20:12:28","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130248/"
+"130247","2019-02-17 20:12:22","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130247/"
+"130246","2019-02-17 20:12:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130246/"
+"130245","2019-02-17 20:11:53","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130245/"
+"130244","2019-02-17 20:11:47","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130244/"
+"130243","2019-02-17 20:11:40","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130243/"
+"130242","2019-02-17 20:11:33","https://orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130242/"
+"130241","2019-02-17 20:11:29","https://orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130241/"
+"130240","2019-02-17 20:11:23","https://orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130240/"
+"130239","2019-02-17 20:11:18","https://orciprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130239/"
+"130238","2019-02-17 20:11:12","https://orciprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130238/"
+"130237","2019-02-17 20:11:06","https://orciprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130237/"
+"130236","2019-02-17 20:11:03","https://orciprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130236/"
+"130235","2019-02-17 20:11:01","https://orciprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130235/"
+"130234","2019-02-17 20:10:59","https://orciprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130234/"
+"130233","2019-02-17 20:10:56","https://orciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130233/"
+"130232","2019-02-17 20:10:53","https://orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130232/"
+"130231","2019-02-17 20:10:49","https://orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130231/"
+"130230","2019-02-17 20:10:46","https://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130230/"
+"130229","2019-02-17 20:10:44","https://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130229/"
+"130228","2019-02-17 20:10:41","https://orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130228/"
+"130227","2019-02-17 20:10:37","https://orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130227/"
+"130226","2019-02-17 20:10:35","https://orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130226/"
+"130225","2019-02-17 20:10:26","https://orciprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130225/"
+"130224","2019-02-17 20:10:23","https://orciprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130224/"
+"130223","2019-02-17 20:10:22","https://orciprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130223/"
+"130222","2019-02-17 20:10:20","https://orciprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130222/"
+"130221","2019-02-17 20:10:15","https://orciprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130221/"
+"130220","2019-02-17 20:10:12","https://orciprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130220/"
+"130219","2019-02-17 20:10:09","https://orciprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130219/"
+"130218","2019-02-17 20:10:06","https://orciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130218/"
+"130217","2019-02-17 20:10:05","https://orciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130217/"
+"130216","2019-02-17 20:10:02","https://orciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130216/"
+"130215","2019-02-17 20:09:59","https://orciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130215/"
+"130214","2019-02-17 20:09:56","https://orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130214/"
+"130213","2019-02-17 20:09:50","https://orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130213/"
+"130212","2019-02-17 20:09:48","https://orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130212/"
+"130211","2019-02-17 20:09:45","https://orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130211/"
+"130210","2019-02-17 20:09:42","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130210/"
+"130209","2019-02-17 20:09:41","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130209/"
+"130208","2019-02-17 20:09:38","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130208/"
+"130206","2019-02-17 20:09:36","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130206/"
+"130207","2019-02-17 20:09:36","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130207/"
+"130203","2019-02-17 20:09:35","http://orciprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130203/"
+"130204","2019-02-17 20:09:35","http://orciprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130204/"
+"130205","2019-02-17 20:09:35","http://orciprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130205/"
+"130202","2019-02-17 20:09:34","http://orciprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130202/"
+"130201","2019-02-17 20:09:32","http://orciprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130201/"
+"130200","2019-02-17 20:09:30","http://orciprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130200/"
+"130198","2019-02-17 20:09:27","http://orciprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130198/"
+"130199","2019-02-17 20:09:27","http://orciprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130199/"
+"130197","2019-02-17 20:09:25","http://orciprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130197/"
+"130196","2019-02-17 20:09:19","http://orciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130196/"
+"130195","2019-02-17 20:09:12","http://orciprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130195/"
+"130194","2019-02-17 20:09:02","http://orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130194/"
+"130193","2019-02-17 20:08:52","http://orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130193/"
+"130192","2019-02-17 20:08:43","http://orciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130192/"
+"130191","2019-02-17 20:08:39","http://orciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130191/"
+"130190","2019-02-17 20:08:38","http://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130190/"
+"130189","2019-02-17 20:08:32","http://orciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130189/"
+"130188","2019-02-17 20:08:31","http://orciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130188/"
+"130186","2019-02-17 20:08:30","http://orciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130186/"
+"130187","2019-02-17 20:08:30","http://orciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130187/"
+"130185","2019-02-17 20:08:29","http://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130185/"
+"130184","2019-02-17 20:08:24","http://orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130184/"
+"130183","2019-02-17 20:08:23","http://orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130183/"
+"130182","2019-02-17 20:08:22","http://orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130182/"
+"130181","2019-02-17 20:08:17","http://orciprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130181/"
+"130180","2019-02-17 20:08:09","http://orciprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130180/"
+"130179","2019-02-17 20:08:07","http://orciprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130179/"
+"130178","2019-02-17 20:08:05","http://orciprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130178/"
+"130177","2019-02-17 20:07:46","http://orciprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130177/"
+"130176","2019-02-17 20:07:40","http://orciprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130176/"
+"130175","2019-02-17 20:07:31","http://orciprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130175/"
+"130174","2019-02-17 20:07:29","http://orciprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130174/"
+"130173","2019-02-17 20:07:22","http://orciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130173/"
+"130172","2019-02-17 20:07:21","http://orciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130172/"
+"130171","2019-02-17 20:07:17","http://orciprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130171/"
+"130170","2019-02-17 20:07:13","http://orciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130170/"
+"130169","2019-02-17 20:07:06","http://orciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130169/"
+"130168","2019-02-17 20:06:58","http://orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130168/"
+"130167","2019-02-17 20:06:42","http://orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130167/"
+"130166","2019-02-17 20:06:34","http://orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130166/"
+"130165","2019-02-17 20:06:25","http://orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130165/"
+"130164","2019-02-17 20:06:17","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130164/"
+"130163","2019-02-17 20:06:11","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130163/"
+"130162","2019-02-17 20:06:04","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130162/"
+"130161","2019-02-17 20:05:42","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130161/"
+"130160","2019-02-17 20:05:36","https://www.dropbox.com/s/2rf7ry7dwx1qmp8/INV.ISO?dl=1","online","malware_download","compressed,iso,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/130160/"
+"130159","2019-02-17 20:05:27","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130159/"
+"130158","2019-02-17 20:05:21","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130158/"
+"130157","2019-02-17 20:05:13","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130157/"
+"130156","2019-02-17 20:05:11","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130156/"
+"130155","2019-02-17 20:05:07","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130155/"
+"130154","2019-02-17 20:05:03","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130154/"
+"130153","2019-02-17 20:05:01","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130153/"
+"130152","2019-02-17 20:04:58","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130152/"
+"130151","2019-02-17 20:04:55","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130151/"
+"130150","2019-02-17 20:04:53","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130150/"
+"130149","2019-02-17 20:04:50","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130149/"
+"130148","2019-02-17 20:04:48","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130148/"
+"130147","2019-02-17 20:04:45","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130147/"
+"130146","2019-02-17 20:04:42","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130146/"
+"130145","2019-02-17 20:04:40","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130145/"
+"130144","2019-02-17 20:04:39","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130144/"
+"130143","2019-02-17 20:04:37","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130143/"
+"130142","2019-02-17 20:04:34","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130142/"
+"130141","2019-02-17 20:04:31","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130141/"
+"130140","2019-02-17 20:04:28","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130140/"
+"130139","2019-02-17 20:04:25","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130139/"
+"130138","2019-02-17 20:04:24","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130138/"
+"130137","2019-02-17 20:04:22","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130137/"
+"130136","2019-02-17 20:04:19","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130136/"
+"130135","2019-02-17 20:04:17","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130135/"
+"130134","2019-02-17 20:04:12","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130134/"
+"130133","2019-02-17 20:04:09","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130133/"
+"130132","2019-02-17 20:04:07","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130132/"
+"130131","2019-02-17 20:04:04","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130131/"
+"130130","2019-02-17 20:04:02","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130130/"
+"130129","2019-02-17 20:04:00","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130129/"
+"130126","2019-02-17 20:03:58","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130126/"
+"130127","2019-02-17 20:03:58","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130127/"
+"130128","2019-02-17 20:03:58","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130128/"
+"130123","2019-02-17 20:03:57","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130123/"
+"130124","2019-02-17 20:03:57","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130124/"
+"130125","2019-02-17 20:03:57","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130125/"
+"130122","2019-02-17 20:03:54","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130122/"
+"130121","2019-02-17 20:03:52","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130121/"
+"130120","2019-02-17 20:03:51","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130120/"
+"130118","2019-02-17 20:03:50","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130118/"
+"130119","2019-02-17 20:03:50","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130119/"
+"130117","2019-02-17 20:03:49","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130117/"
+"130116","2019-02-17 20:03:48","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130116/"
+"130115","2019-02-17 20:03:46","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130115/"
+"130114","2019-02-17 20:03:45","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130114/"
+"130113","2019-02-17 20:03:44","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130113/"
+"130111","2019-02-17 20:03:42","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130111/"
+"130112","2019-02-17 20:03:42","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130112/"
+"130108","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130108/"
+"130109","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130109/"
+"130110","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130110/"
+"130106","2019-02-17 20:03:40","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130106/"
+"130107","2019-02-17 20:03:40","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130107/"
+"130105","2019-02-17 20:03:39","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130105/"
+"130104","2019-02-17 20:03:38","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130104/"
+"130103","2019-02-17 20:03:36","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130103/"
+"130102","2019-02-17 20:03:35","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130102/"
+"130101","2019-02-17 20:03:34","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130101/"
+"130100","2019-02-17 20:03:33","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130100/"
+"130099","2019-02-17 20:03:32","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130099/"
+"130098","2019-02-17 20:03:30","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130098/"
+"130097","2019-02-17 20:03:28","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130097/"
+"130095","2019-02-17 20:03:27","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130095/"
+"130096","2019-02-17 20:03:27","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130096/"
+"130094","2019-02-17 20:03:25","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130094/"
+"130093","2019-02-17 20:03:24","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130093/"
+"130092","2019-02-17 20:03:23","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130092/"
+"130091","2019-02-17 20:03:22","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130091/"
+"130090","2019-02-17 20:03:20","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130090/"
+"130089","2019-02-17 20:03:18","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130089/"
+"130088","2019-02-17 20:03:16","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130088/"
+"130087","2019-02-17 20:03:15","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130087/"
+"130086","2019-02-17 20:03:14","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130086/"
+"130085","2019-02-17 20:03:11","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130085/"
+"130084","2019-02-17 20:03:08","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130084/"
+"130083","2019-02-17 20:03:05","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130083/"
+"130082","2019-02-17 20:03:01","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130082/"
+"130081","2019-02-17 20:02:57","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130081/"
+"130080","2019-02-17 20:02:54","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130080/"
+"130079","2019-02-17 20:02:51","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130079/"
+"130078","2019-02-17 20:02:50","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130078/"
+"130077","2019-02-17 20:02:44","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130077/"
+"130076","2019-02-17 20:02:41","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130076/"
+"130075","2019-02-17 20:02:39","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130075/"
+"130074","2019-02-17 20:02:36","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130074/"
+"130073","2019-02-17 20:02:33","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130073/"
+"130072","2019-02-17 20:02:30","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130072/"
+"130071","2019-02-17 20:02:28","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130071/"
+"130070","2019-02-17 20:02:26","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130070/"
+"130069","2019-02-17 20:02:23","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130069/"
+"130068","2019-02-17 20:02:21","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130068/"
+"130067","2019-02-17 20:02:18","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130067/"
+"130066","2019-02-17 20:02:17","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130066/"
+"130065","2019-02-17 20:02:16","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130065/"
+"130064","2019-02-17 20:02:12","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130064/"
+"130063","2019-02-17 20:02:09","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130063/"
+"130062","2019-02-17 20:02:06","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130062/"
+"130061","2019-02-17 20:02:04","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130061/"
+"130060","2019-02-17 20:02:02","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130060/"
+"130059","2019-02-17 20:02:00","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130059/"
+"130058","2019-02-17 20:01:58","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130058/"
+"130057","2019-02-17 20:01:55","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130057/"
+"130056","2019-02-17 20:01:52","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130056/"
+"130055","2019-02-17 20:01:49","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130055/"
+"130054","2019-02-17 20:01:47","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130054/"
+"130053","2019-02-17 20:01:44","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130053/"
+"130052","2019-02-17 20:01:42","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130052/"
+"130051","2019-02-17 20:01:38","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130051/"
+"130048","2019-02-17 20:01:30","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130048/"
+"130049","2019-02-17 20:01:30","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130049/"
+"130050","2019-02-17 20:01:30","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130050/"
+"130046","2019-02-17 20:01:29","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130046/"
+"130047","2019-02-17 20:01:29","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130047/"
+"130045","2019-02-17 20:01:28","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130045/"
+"130044","2019-02-17 20:01:21","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130044/"
+"130043","2019-02-17 20:01:13","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130043/"
+"130042","2019-02-17 20:01:12","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130042/"
+"130041","2019-02-17 20:01:11","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130041/"
+"130040","2019-02-17 20:01:10","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130040/"
+"130039","2019-02-17 20:01:08","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130039/"
+"130038","2019-02-17 20:01:07","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130038/"
+"130037","2019-02-17 20:01:05","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130037/"
+"130036","2019-02-17 20:01:04","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130036/"
+"130035","2019-02-17 20:01:02","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130035/"
+"130034","2019-02-17 20:01:01","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130034/"
+"130033","2019-02-17 20:01:00","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130033/"
+"130031","2019-02-17 20:00:58","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130031/"
+"130032","2019-02-17 20:00:58","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130032/"
+"130028","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130028/"
+"130029","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130029/"
+"130030","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130030/"
+"130027","2019-02-17 20:00:55","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130027/"
+"130026","2019-02-17 20:00:54","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130026/"
+"130025","2019-02-17 20:00:51","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130025/"
+"130024","2019-02-17 20:00:49","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130024/"
+"130023","2019-02-17 20:00:48","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130023/"
+"130022","2019-02-17 20:00:47","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130022/"
+"130021","2019-02-17 20:00:45","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130021/"
+"130020","2019-02-17 20:00:43","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130020/"
+"130019","2019-02-17 20:00:41","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130019/"
+"130018","2019-02-17 20:00:40","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130018/"
+"130017","2019-02-17 20:00:39","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130017/"
+"130016","2019-02-17 20:00:38","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130016/"
+"130015","2019-02-17 20:00:37","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130015/"
+"130014","2019-02-17 20:00:36","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130014/"
+"130013","2019-02-17 20:00:35","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130013/"
+"130012","2019-02-17 20:00:33","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/130012/"
+"130011","2019-02-17 20:00:32","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130011/"
+"130010","2019-02-17 20:00:30","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130010/"
+"130009","2019-02-17 20:00:29","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130009/"
+"130008","2019-02-17 20:00:27","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130008/"
+"130007","2019-02-17 20:00:24","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130007/"
+"130006","2019-02-17 20:00:21","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130006/"
+"130005","2019-02-17 20:00:16","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130005/"
+"130004","2019-02-17 20:00:11","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130004/"
+"130003","2019-02-17 20:00:02","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130003/"
+"130002","2019-02-17 19:59:58","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130002/"
+"130001","2019-02-17 19:59:55","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130001/"
+"130000","2019-02-17 19:59:54","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130000/"
+"129999","2019-02-17 19:59:53","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129999/"
+"129998","2019-02-17 19:59:50","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129998/"
+"129997","2019-02-17 19:59:48","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129997/"
+"129996","2019-02-17 19:59:45","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129996/"
+"129995","2019-02-17 19:59:42","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129995/"
+"129994","2019-02-17 19:59:40","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129994/"
+"129993","2019-02-17 19:59:38","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129993/"
+"129992","2019-02-17 19:59:35","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129992/"
+"129991","2019-02-17 19:59:33","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129991/"
+"129990","2019-02-17 19:59:30","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129990/"
+"129989","2019-02-17 19:59:27","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129989/"
+"129988","2019-02-17 19:59:26","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129988/"
+"129987","2019-02-17 19:59:25","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129987/"
+"129986","2019-02-17 19:59:21","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129986/"
+"129985","2019-02-17 19:59:19","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129985/"
+"129984","2019-02-17 19:59:16","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129984/"
+"129983","2019-02-17 19:59:13","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129983/"
+"129982","2019-02-17 19:59:12","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129982/"
+"129981","2019-02-17 19:59:10","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129981/"
+"129980","2019-02-17 19:59:07","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129980/"
+"129979","2019-02-17 19:59:03","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129979/"
+"129978","2019-02-17 19:58:59","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129978/"
+"129977","2019-02-17 19:58:56","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129977/"
+"129976","2019-02-17 19:58:54","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129976/"
+"129975","2019-02-17 19:58:51","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129975/"
+"129974","2019-02-17 19:58:50","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129974/"
+"129973","2019-02-17 19:58:48","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129973/"
+"129970","2019-02-17 19:58:45","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129970/"
+"129971","2019-02-17 19:58:45","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129971/"
+"129972","2019-02-17 19:58:45","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129972/"
+"129967","2019-02-17 19:58:44","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129967/"
+"129968","2019-02-17 19:58:44","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129968/"
+"129969","2019-02-17 19:58:44","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129969/"
+"129966","2019-02-17 19:58:42","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129966/"
+"129965","2019-02-17 19:58:39","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129965/"
+"129964","2019-02-17 19:58:38","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129964/"
+"129962","2019-02-17 19:58:37","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129962/"
+"129963","2019-02-17 19:58:37","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129963/"
+"129961","2019-02-17 19:58:36","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129961/"
+"129960","2019-02-17 19:58:35","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129960/"
+"129959","2019-02-17 19:58:33","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129959/"
+"129958","2019-02-17 19:58:32","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129958/"
+"129956","2019-02-17 19:58:30","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129956/"
+"129957","2019-02-17 19:58:30","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129957/"
+"129955","2019-02-17 19:58:29","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129955/"
+"129952","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129952/"
+"129953","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129953/"
+"129954","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129954/"
+"129950","2019-02-17 19:58:27","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129950/"
+"129951","2019-02-17 19:58:27","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129951/"
+"129949","2019-02-17 19:58:26","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129949/"
+"129948","2019-02-17 19:58:25","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129948/"
+"129947","2019-02-17 19:58:24","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129947/"
+"129946","2019-02-17 19:58:23","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129946/"
+"129945","2019-02-17 19:58:22","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129945/"
+"129944","2019-02-17 19:58:21","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129944/"
+"129943","2019-02-17 19:58:20","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129943/"
+"129942","2019-02-17 19:58:18","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129942/"
+"129941","2019-02-17 19:58:17","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129941/"
+"129940","2019-02-17 19:58:16","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129940/"
+"129939","2019-02-17 19:58:15","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129939/"
+"129938","2019-02-17 19:58:14","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129938/"
+"129937","2019-02-17 19:58:13","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129937/"
+"129936","2019-02-17 19:58:12","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129936/"
+"129935","2019-02-17 19:58:11","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129935/"
+"129934","2019-02-17 19:58:10","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129934/"
+"129933","2019-02-17 19:58:06","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129933/"
+"129932","2019-02-17 19:58:05","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129932/"
+"129931","2019-02-17 19:58:04","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129931/"
+"129930","2019-02-17 19:58:00","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129930/"
+"129929","2019-02-17 19:57:58","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129929/"
+"129928","2019-02-17 19:57:54","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129928/"
+"129927","2019-02-17 19:57:50","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129927/"
+"129926","2019-02-17 19:57:46","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129926/"
+"129925","2019-02-17 19:57:41","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129925/"
+"129924","2019-02-17 19:57:38","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129924/"
+"129923","2019-02-17 19:57:37","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129923/"
+"129922","2019-02-17 19:57:36","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129922/"
+"129921","2019-02-17 19:57:33","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129921/"
+"129920","2019-02-17 19:57:30","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129920/"
+"129919","2019-02-17 19:57:28","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129919/"
+"129918","2019-02-17 19:57:25","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129918/"
+"129917","2019-02-17 19:57:22","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129917/"
+"129916","2019-02-17 19:57:20","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129916/"
+"129915","2019-02-17 19:57:17","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129915/"
+"129914","2019-02-17 19:57:15","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129914/"
+"129913","2019-02-17 19:57:12","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129913/"
+"129912","2019-02-17 19:57:09","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129912/"
+"129911","2019-02-17 19:57:08","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129911/"
+"129910","2019-02-17 19:57:07","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129910/"
+"129909","2019-02-17 19:57:03","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129909/"
+"129908","2019-02-17 19:57:00","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129908/"
+"129907","2019-02-17 19:56:57","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129907/"
+"129906","2019-02-17 19:56:54","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129906/"
+"129905","2019-02-17 19:56:53","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129905/"
+"129904","2019-02-17 19:56:50","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129904/"
+"129903","2019-02-17 19:56:48","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129903/"
+"129902","2019-02-17 19:56:45","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129902/"
+"129901","2019-02-17 19:56:41","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129901/"
+"129900","2019-02-17 19:56:39","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129900/"
+"129899","2019-02-17 19:56:36","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129899/"
+"129898","2019-02-17 19:56:34","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129898/"
+"129897","2019-02-17 19:56:32","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129897/"
+"129896","2019-02-17 19:56:24","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129896/"
+"129895","2019-02-17 19:56:22","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129895/"
+"129891","2019-02-17 19:56:21","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129891/"
+"129892","2019-02-17 19:56:21","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129892/"
+"129893","2019-02-17 19:56:21","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129893/"
+"129894","2019-02-17 19:56:21","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129894/"
+"129890","2019-02-17 19:56:20","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129890/"
+"129889","2019-02-17 19:56:18","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129889/"
+"129888","2019-02-17 19:56:16","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129888/"
+"129886","2019-02-17 19:56:14","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129886/"
+"129887","2019-02-17 19:56:14","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129887/"
+"129885","2019-02-17 19:56:13","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129885/"
+"129884","2019-02-17 19:56:12","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129884/"
+"129883","2019-02-17 19:56:11","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129883/"
+"129882","2019-02-17 19:56:09","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129882/"
+"129881","2019-02-17 19:56:08","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129881/"
+"129880","2019-02-17 19:56:07","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129880/"
+"129879","2019-02-17 19:56:06","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129879/"
+"129878","2019-02-17 19:56:05","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129878/"
+"129875","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129875/"
+"129876","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129876/"
+"129877","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129877/"
+"129873","2019-02-17 19:56:03","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129873/"
+"129874","2019-02-17 19:56:03","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129874/"
+"129872","2019-02-17 19:56:02","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129872/"
+"129871","2019-02-17 19:56:01","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129871/"
+"129870","2019-02-17 19:56:00","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129870/"
+"129869","2019-02-17 19:55:59","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129869/"
+"129868","2019-02-17 19:55:58","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129868/"
+"129866","2019-02-17 19:55:57","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129866/"
+"129867","2019-02-17 19:55:57","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129867/"
+"129865","2019-02-17 19:55:55","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129865/"
+"129864","2019-02-17 19:55:54","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129864/"
+"129862","2019-02-17 19:55:52","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129862/"
+"129863","2019-02-17 19:55:52","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129863/"
+"129861","2019-02-17 19:55:51","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129861/"
+"129860","2019-02-17 19:55:50","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129860/"
+"129859","2019-02-17 19:55:49","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129859/"
+"129858","2019-02-17 19:55:48","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129858/"
+"129857","2019-02-17 19:55:47","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129857/"
+"129856","2019-02-17 19:55:45","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129856/"
+"129855","2019-02-17 19:55:43","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129855/"
+"129854","2019-02-17 19:55:42","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129854/"
+"129853","2019-02-17 19:55:41","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129853/"
+"129852","2019-02-17 19:55:38","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129852/"
+"129851","2019-02-17 19:55:35","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129851/"
+"129850","2019-02-17 19:55:30","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129850/"
+"129849","2019-02-17 19:55:27","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129849/"
+"129848","2019-02-17 19:55:23","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129848/"
+"129847","2019-02-17 19:55:19","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129847/"
+"129846","2019-02-17 19:55:16","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129846/"
+"129845","2019-02-17 19:55:15","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129845/"
+"129844","2019-02-17 19:55:14","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129844/"
+"129843","2019-02-17 19:55:11","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129843/"
+"129842","2019-02-17 19:55:08","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129842/"
+"129841","2019-02-17 19:55:06","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129841/"
+"129840","2019-02-17 19:55:03","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129840/"
+"129839","2019-02-17 19:55:01","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129839/"
+"129838","2019-02-17 19:54:58","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129838/"
+"129837","2019-02-17 19:54:56","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129837/"
+"129836","2019-02-17 19:54:53","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129836/"
+"129835","2019-02-17 19:54:50","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129835/"
+"129834","2019-02-17 19:54:47","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129834/"
+"129833","2019-02-17 19:54:46","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129833/"
+"129832","2019-02-17 19:54:45","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129832/"
+"129831","2019-02-17 19:54:41","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129831/"
+"129830","2019-02-17 19:54:38","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129830/"
+"129829","2019-02-17 19:54:36","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129829/"
+"129828","2019-02-17 19:54:33","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129828/"
+"129827","2019-02-17 19:54:32","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129827/"
+"129826","2019-02-17 19:54:30","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129826/"
+"129825","2019-02-17 19:54:27","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129825/"
+"129824","2019-02-17 19:54:25","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129824/"
+"129823","2019-02-17 19:54:21","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129823/"
+"129822","2019-02-17 19:54:18","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129822/"
+"129821","2019-02-17 19:54:16","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129821/"
+"129820","2019-02-17 19:54:10","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129820/"
+"129819","2019-02-17 19:54:09","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129819/"
+"129818","2019-02-17 19:54:07","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129818/"
+"129817","2019-02-17 19:54:05","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129817/"
+"129814","2019-02-17 19:54:04","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129814/"
+"129815","2019-02-17 19:54:04","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129815/"
+"129816","2019-02-17 19:54:04","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129816/"
+"129812","2019-02-17 19:54:03","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129812/"
+"129813","2019-02-17 19:54:03","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129813/"
+"129811","2019-02-17 19:54:00","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129811/"
+"129810","2019-02-17 19:53:57","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129810/"
+"129808","2019-02-17 19:53:56","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129808/"
+"129809","2019-02-17 19:53:56","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129809/"
+"129807","2019-02-17 19:53:55","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129807/"
+"129806","2019-02-17 19:53:53","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129806/"
+"129805","2019-02-17 19:53:52","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129805/"
+"129804","2019-02-17 19:53:51","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129804/"
+"129803","2019-02-17 19:53:49","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129803/"
+"129802","2019-02-17 19:53:48","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129802/"
+"129800","2019-02-17 19:53:47","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129800/"
+"129801","2019-02-17 19:53:47","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129801/"
+"129798","2019-02-17 19:53:46","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129798/"
+"129799","2019-02-17 19:53:46","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129799/"
+"129795","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129795/"
+"129796","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129796/"
+"129797","2019-02-17 19:53:45","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129797/"
+"129794","2019-02-17 19:53:43","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129794/"
+"129793","2019-02-17 19:53:42","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129793/"
+"129792","2019-02-17 19:53:41","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129792/"
+"129791","2019-02-17 19:53:39","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129791/"
+"129789","2019-02-17 19:53:38","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129789/"
+"129790","2019-02-17 19:53:38","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129790/"
+"129788","2019-02-17 19:53:37","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129788/"
+"129787","2019-02-17 19:53:35","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129787/"
+"129786","2019-02-17 19:53:34","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129786/"
+"129784","2019-02-17 19:53:33","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129784/"
+"129785","2019-02-17 19:53:33","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129785/"
+"129782","2019-02-17 19:53:31","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129782/"
+"129783","2019-02-17 19:53:31","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129783/"
+"129781","2019-02-17 19:53:29","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129781/"
+"129780","2019-02-17 19:53:28","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129780/"
+"129779","2019-02-17 19:53:27","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129779/"
+"129778","2019-02-17 19:53:26","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129778/"
+"129777","2019-02-17 19:53:23","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129777/"
+"129776","2019-02-17 19:53:22","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129776/"
+"129775","2019-02-17 19:53:21","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129775/"
+"129774","2019-02-17 19:53:16","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129774/"
+"129773","2019-02-17 19:53:13","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129773/"
+"129772","2019-02-17 19:53:09","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129772/"
+"129771","2019-02-17 19:53:06","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129771/"
+"129770","2019-02-17 19:53:02","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129770/"
+"129769","2019-02-17 19:52:58","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129769/"
+"129768","2019-02-17 19:52:55","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129768/"
+"129767","2019-02-17 19:52:54","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129767/"
+"129766","2019-02-17 19:52:52","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129766/"
+"129765","2019-02-17 19:52:50","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129765/"
+"129764","2019-02-17 19:52:48","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129764/"
+"129763","2019-02-17 19:52:45","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129763/"
+"129762","2019-02-17 19:52:42","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129762/"
+"129761","2019-02-17 19:52:40","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129761/"
+"129760","2019-02-17 19:52:38","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129760/"
+"129759","2019-02-17 19:52:35","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129759/"
+"129758","2019-02-17 19:52:32","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129758/"
+"129757","2019-02-17 19:52:29","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129757/"
+"129756","2019-02-17 19:52:27","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129756/"
+"129755","2019-02-17 19:52:25","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129755/"
+"129754","2019-02-17 19:52:24","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129754/"
+"129753","2019-02-17 19:52:21","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129753/"
+"129752","2019-02-17 19:52:18","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129752/"
+"129751","2019-02-17 19:52:16","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129751/"
+"129750","2019-02-17 19:52:13","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129750/"
+"129749","2019-02-17 19:52:12","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129749/"
+"129748","2019-02-17 19:52:09","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129748/"
+"129747","2019-02-17 19:52:07","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129747/"
+"129746","2019-02-17 19:52:04","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129746/"
+"129745","2019-02-17 19:52:01","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129745/"
+"129744","2019-02-17 19:51:58","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129744/"
+"129743","2019-02-17 19:51:56","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129743/"
+"129742","2019-02-17 19:51:54","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129742/"
+"129741","2019-02-17 19:51:52","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129741/"
+"129740","2019-02-17 19:51:50","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129740/"
+"129739","2019-02-17 19:51:43","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129739/"
+"129736","2019-02-17 19:51:42","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129736/"
+"129737","2019-02-17 19:51:42","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129737/"
+"129738","2019-02-17 19:51:42","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129738/"
+"129734","2019-02-17 19:51:41","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129734/"
+"129735","2019-02-17 19:51:41","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129735/"
+"129733","2019-02-17 19:51:38","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129733/"
+"129732","2019-02-17 19:51:35","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129732/"
+"129730","2019-02-17 19:51:34","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129730/"
+"129731","2019-02-17 19:51:34","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129731/"
+"129729","2019-02-17 19:51:33","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129729/"
+"129728","2019-02-17 19:51:30","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129728/"
+"129727","2019-02-17 19:51:29","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129727/"
+"129726","2019-02-17 19:51:27","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129726/"
+"129725","2019-02-17 19:51:25","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129725/"
+"129724","2019-02-17 19:51:23","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129724/"
+"129722","2019-02-17 19:51:22","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129722/"
+"129723","2019-02-17 19:51:22","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129723/"
+"129720","2019-02-17 19:51:20","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129720/"
+"129721","2019-02-17 19:51:20","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129721/"
+"129718","2019-02-17 19:51:19","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129718/"
+"129719","2019-02-17 19:51:19","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129719/"
+"129717","2019-02-17 19:51:18","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129717/"
+"129716","2019-02-17 19:51:17","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129716/"
+"129715","2019-02-17 19:51:15","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129715/"
+"129714","2019-02-17 19:51:13","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129714/"
+"129713","2019-02-17 19:51:06","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129713/"
+"129712","2019-02-17 19:50:57","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129712/"
+"129711","2019-02-17 19:50:54","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129711/"
+"129710","2019-02-17 19:50:52","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129710/"
+"129709","2019-02-17 19:50:41","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129709/"
+"129708","2019-02-17 19:50:36","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129708/"
+"129707","2019-02-17 19:50:31","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129707/"
+"129706","2019-02-17 19:50:28","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129706/"
+"129705","2019-02-17 19:50:21","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129705/"
+"129704","2019-02-17 19:50:20","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129704/"
+"129703","2019-02-17 19:50:14","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129703/"
+"129702","2019-02-17 19:50:07","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129702/"
+"129701","2019-02-17 19:50:01","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129701/"
+"129700","2019-02-17 19:49:54","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129700/"
+"129699","2019-02-17 19:49:40","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129699/"
+"129698","2019-02-17 19:49:34","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129698/"
+"129697","2019-02-17 19:49:29","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129697/"
+"129696","2019-02-17 19:49:23","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129696/"
+"129695","2019-02-17 19:49:20","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129695/"
+"129694","2019-02-17 19:49:15","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129694/"
+"129693","2019-02-17 19:49:10","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129693/"
+"129692","2019-02-17 19:49:03","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129692/"
+"129691","2019-02-17 19:48:58","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129691/"
+"129690","2019-02-17 19:48:55","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129690/"
+"129689","2019-02-17 19:48:53","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129689/"
+"129688","2019-02-17 19:48:52","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129688/"
+"129687","2019-02-17 19:48:48","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129687/"
+"129686","2019-02-17 19:48:45","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129686/"
+"129685","2019-02-17 19:48:41","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129685/"
+"129684","2019-02-17 19:48:38","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129684/"
+"129683","2019-02-17 19:48:34","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129683/"
+"129682","2019-02-17 19:48:31","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129682/"
+"129681","2019-02-17 19:48:28","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129681/"
+"129680","2019-02-17 19:48:24","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129680/"
+"129679","2019-02-17 19:48:21","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129679/"
+"129678","2019-02-17 19:48:18","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129678/"
+"129677","2019-02-17 19:48:16","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129677/"
+"129676","2019-02-17 19:48:14","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129676/"
+"129675","2019-02-17 19:48:09","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129675/"
+"129674","2019-02-17 19:48:06","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129674/"
+"129673","2019-02-17 19:47:13","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129673/"
+"129672","2019-02-17 19:47:09","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129672/"
+"129671","2019-02-17 19:47:08","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129671/"
+"129670","2019-02-17 19:47:04","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129670/"
+"129669","2019-02-17 19:47:01","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129669/"
+"129668","2019-02-17 19:46:57","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129668/"
+"129667","2019-02-17 19:46:51","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129667/"
+"129666","2019-02-17 19:46:48","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129666/"
+"129665","2019-02-17 19:46:43","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129665/"
+"129664","2019-02-17 19:46:40","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129664/"
+"129663","2019-02-17 19:46:32","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129663/"
+"129662","2019-02-17 19:46:16","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129662/"
+"129661","2019-02-17 19:46:02","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129661/"
+"129660","2019-02-17 19:46:01","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129660/"
+"129659","2019-02-17 19:46:00","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129659/"
+"129658","2019-02-17 19:45:59","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129658/"
+"129657","2019-02-17 19:45:57","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129657/"
+"129656","2019-02-17 19:45:55","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129656/"
+"129655","2019-02-17 19:45:39","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129655/"
+"129654","2019-02-17 19:45:23","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129654/"
+"129653","2019-02-17 19:45:17","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129653/"
+"129652","2019-02-17 19:45:16","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129652/"
+"129651","2019-02-17 19:45:15","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129651/"
+"129650","2019-02-17 19:45:08","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129650/"
+"129649","2019-02-17 19:45:03","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129649/"
+"129648","2019-02-17 19:44:53","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129648/"
+"129647","2019-02-17 19:44:45","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129647/"
+"129646","2019-02-17 19:44:37","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129646/"
+"129645","2019-02-17 19:44:34","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129645/"
+"129644","2019-02-17 19:44:33","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129644/"
+"129643","2019-02-17 19:44:26","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129643/"
+"129642","2019-02-17 19:44:24","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129642/"
+"129641","2019-02-17 19:44:22","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129641/"
+"129640","2019-02-17 19:44:20","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129640/"
+"129639","2019-02-17 19:44:17","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129639/"
+"129638","2019-02-17 19:44:10","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129638/"
+"129637","2019-02-17 19:44:04","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129637/"
+"129636","2019-02-17 19:43:56","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129636/"
+"129635","2019-02-17 19:43:48","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129635/"
+"129634","2019-02-17 19:43:42","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129634/"
+"129633","2019-02-17 19:43:39","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129633/"
+"129632","2019-02-17 19:43:36","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129632/"
+"129631","2019-02-17 19:43:18","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129631/"
+"129630","2019-02-17 19:43:10","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129630/"
+"129629","2019-02-17 19:43:02","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129629/"
+"129628","2019-02-17 19:42:59","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129628/"
+"129627","2019-02-17 19:42:49","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129627/"
+"129626","2019-02-17 19:42:46","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129626/"
+"129625","2019-02-17 19:42:38","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129625/"
+"129624","2019-02-17 19:42:31","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129624/"
+"129623","2019-02-17 19:42:24","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129623/"
+"129622","2019-02-17 19:42:16","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129622/"
+"129621","2019-02-17 19:41:59","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129621/"
+"129620","2019-02-17 19:41:54","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129620/"
+"129619","2019-02-17 19:41:45","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129619/"
+"129618","2019-02-17 19:41:34","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129618/"
+"129617","2019-02-17 19:41:29","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129617/"
+"129616","2019-02-17 19:41:19","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129616/"
+"129615","2019-02-17 19:41:09","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129615/"
+"129614","2019-02-17 19:41:01","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129614/"
+"129613","2019-02-17 19:40:55","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129613/"
+"129612","2019-02-17 19:40:50","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129612/"
+"129611","2019-02-17 19:40:48","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129611/"
+"129610","2019-02-17 19:40:45","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129610/"
+"129609","2019-02-17 19:40:40","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129609/"
+"129608","2019-02-17 19:40:36","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129608/"
+"129607","2019-02-17 19:40:32","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129607/"
+"129606","2019-02-17 19:40:28","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129606/"
+"129605","2019-02-17 19:40:25","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129605/"
+"129604","2019-02-17 19:40:21","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129604/"
+"129603","2019-02-17 19:40:18","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129603/"
+"129602","2019-02-17 19:40:14","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129602/"
+"129601","2019-02-17 19:40:10","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129601/"
+"129600","2019-02-17 19:40:06","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129600/"
+"129599","2019-02-17 19:40:04","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129599/"
+"129598","2019-02-17 19:40:02","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129598/"
+"129597","2019-02-17 19:39:56","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129597/"
+"129596","2019-02-17 19:39:51","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129596/"
+"129595","2019-02-17 19:39:48","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129595/"
+"129594","2019-02-17 19:39:44","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129594/"
+"129593","2019-02-17 19:39:41","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129593/"
+"129592","2019-02-17 19:39:38","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129592/"
+"129591","2019-02-17 19:39:35","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129591/"
+"129590","2019-02-17 19:39:31","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129590/"
+"129589","2019-02-17 19:39:25","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129589/"
+"129588","2019-02-17 19:39:21","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129588/"
+"129587","2019-02-17 19:39:18","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129587/"
+"129586","2019-02-17 19:39:15","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129586/"
+"129585","2019-02-17 19:39:09","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129585/"
+"129584","2019-02-17 19:38:55","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129584/"
+"129581","2019-02-17 19:38:48","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129581/"
+"129582","2019-02-17 19:38:48","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129582/"
+"129583","2019-02-17 19:38:48","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129583/"
+"129579","2019-02-17 19:38:47","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129579/"
+"129580","2019-02-17 19:38:47","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129580/"
+"129578","2019-02-17 19:38:46","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129578/"
+"129577","2019-02-17 19:38:40","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129577/"
+"129576","2019-02-17 19:38:33","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129576/"
+"129575","2019-02-17 19:38:31","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129575/"
+"129573","2019-02-17 19:38:30","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129573/"
+"129574","2019-02-17 19:38:30","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129574/"
+"129572","2019-02-17 19:38:28","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129572/"
+"129571","2019-02-17 19:38:27","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129571/"
+"129570","2019-02-17 19:38:26","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129570/"
+"129569","2019-02-17 19:38:24","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129569/"
+"129568","2019-02-17 19:38:23","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129568/"
+"129566","2019-02-17 19:38:22","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129566/"
+"129567","2019-02-17 19:38:22","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129567/"
+"129563","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129563/"
+"129564","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129564/"
+"129565","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129565/"
+"129561","2019-02-17 19:38:19","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129561/"
+"129562","2019-02-17 19:38:19","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129562/"
+"129560","2019-02-17 19:38:18","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129560/"
+"129559","2019-02-17 19:38:16","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129559/"
+"129558","2019-02-17 19:38:15","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129558/"
+"129557","2019-02-17 19:38:13","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129557/"
+"129555","2019-02-17 19:38:12","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129555/"
+"129556","2019-02-17 19:38:12","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129556/"
+"129554","2019-02-17 19:38:11","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129554/"
+"129553","2019-02-17 19:38:08","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129553/"
+"129552","2019-02-17 19:38:07","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129552/"
+"129550","2019-02-17 19:38:05","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129550/"
+"129551","2019-02-17 19:38:05","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129551/"
+"129548","2019-02-17 19:38:03","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129548/"
+"129549","2019-02-17 19:38:03","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129549/"
+"129547","2019-02-17 19:37:59","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129547/"
+"129546","2019-02-17 19:37:53","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129546/"
+"129545","2019-02-17 19:37:47","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129545/"
+"129544","2019-02-17 19:37:40","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129544/"
+"129543","2019-02-17 19:37:23","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129543/"
+"129542","2019-02-17 19:37:17","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129542/"
+"129541","2019-02-17 19:37:10","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129541/"
+"129540","2019-02-17 19:37:04","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129540/"
+"129539","2019-02-17 19:36:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129539/"
+"129538","2019-02-17 19:36:54","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129538/"
+"129537","2019-02-17 19:36:48","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129537/"
+"129536","2019-02-17 19:36:41","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129536/"
+"129535","2019-02-17 19:36:34","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129535/"
+"129534","2019-02-17 19:36:28","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129534/"
+"129533","2019-02-17 19:36:25","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129533/"
+"129532","2019-02-17 19:36:20","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129532/"
+"129531","2019-02-17 19:36:15","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129531/"
+"129530","2019-02-17 19:36:09","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129530/"
+"129529","2019-02-17 19:36:05","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129529/"
+"129528","2019-02-17 19:35:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129528/"
+"129527","2019-02-17 19:35:55","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129527/"
+"129526","2019-02-17 19:35:50","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129526/"
+"129525","2019-02-17 19:35:45","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129525/"
+"129524","2019-02-17 19:35:39","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129524/"
+"129523","2019-02-17 19:35:33","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129523/"
+"129522","2019-02-17 19:35:27","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129522/"
+"129521","2019-02-17 19:35:23","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129521/"
+"129520","2019-02-17 19:35:18","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129520/"
+"129519","2019-02-17 19:35:10","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129519/"
+"129518","2019-02-17 19:35:05","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129518/"
+"129517","2019-02-17 19:34:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129517/"
+"129516","2019-02-17 19:34:53","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129516/"
+"129515","2019-02-17 19:34:50","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129515/"
+"129514","2019-02-17 19:34:45","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129514/"
+"129513","2019-02-17 19:34:39","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129513/"
+"129512","2019-02-17 19:34:33","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129512/"
+"129511","2019-02-17 19:34:27","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129511/"
+"129510","2019-02-17 19:34:22","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129510/"
+"129509","2019-02-17 19:34:16","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129509/"
+"129508","2019-02-17 19:34:12","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129508/"
+"129507","2019-02-17 19:34:06","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129507/"
+"129506","2019-02-17 19:34:03","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129506/"
+"129504","2019-02-17 19:34:00","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129504/"
+"129505","2019-02-17 19:34:00","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129505/"
+"129501","2019-02-17 19:33:59","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129501/"
+"129502","2019-02-17 19:33:59","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129502/"
+"129503","2019-02-17 19:33:59","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129503/"
+"129500","2019-02-17 19:33:58","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129500/"
+"129499","2019-02-17 19:33:55","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129499/"
+"129498","2019-02-17 19:33:51","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129498/"
+"129496","2019-02-17 19:33:49","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129496/"
+"129497","2019-02-17 19:33:49","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129497/"
+"129495","2019-02-17 19:33:48","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129495/"
+"129494","2019-02-17 19:33:46","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129494/"
+"129493","2019-02-17 19:33:45","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129493/"
+"129492","2019-02-17 19:33:43","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129492/"
+"129491","2019-02-17 19:33:42","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129491/"
+"129490","2019-02-17 19:33:40","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129490/"
+"129488","2019-02-17 19:33:39","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129488/"
+"129489","2019-02-17 19:33:39","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129489/"
+"129486","2019-02-17 19:33:37","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129486/"
+"129487","2019-02-17 19:33:37","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129487/"
+"129483","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129483/"
+"129484","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129484/"
+"129485","2019-02-17 19:33:36","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129485/"
+"129482","2019-02-17 19:33:35","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129482/"
+"129481","2019-02-17 19:33:33","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129481/"
+"129480","2019-02-17 19:33:32","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129480/"
+"129479","2019-02-17 19:33:31","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129479/"
+"129477","2019-02-17 19:33:30","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129477/"
+"129478","2019-02-17 19:33:30","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129478/"
+"129476","2019-02-17 19:33:27","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129476/"
+"129475","2019-02-17 19:33:25","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129475/"
+"129474","2019-02-17 19:33:24","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129474/"
+"129472","2019-02-17 19:33:23","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129472/"
+"129473","2019-02-17 19:33:23","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129473/"
+"129470","2019-02-17 19:33:21","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129470/"
+"129471","2019-02-17 19:33:21","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129471/"
+"129469","2019-02-17 19:33:20","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129469/"
+"129468","2019-02-17 19:33:19","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129468/"
+"129467","2019-02-17 19:33:18","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129467/"
+"129466","2019-02-17 19:33:17","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129466/"
+"129465","2019-02-17 19:33:15","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129465/"
+"129464","2019-02-17 19:33:14","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129464/"
+"129463","2019-02-17 19:33:13","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129463/"
+"129462","2019-02-17 19:33:10","https://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129462/"
+"129461","2019-02-17 19:33:07","https://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129461/"
+"129460","2019-02-17 19:33:04","https://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129460/"
+"129459","2019-02-17 19:33:00","https://rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129459/"
+"129458","2019-02-17 19:32:56","https://rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129458/"
+"129457","2019-02-17 19:32:52","https://rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129457/"
+"129456","2019-02-17 19:32:50","https://rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129456/"
+"129455","2019-02-17 19:32:49","https://rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129455/"
+"129454","2019-02-17 19:32:48","https://rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129454/"
+"129453","2019-02-17 19:32:45","https://rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129453/"
+"129452","2019-02-17 19:32:42","https://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129452/"
+"129451","2019-02-17 19:32:40","https://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129451/"
+"129450","2019-02-17 19:32:37","https://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129450/"
+"129449","2019-02-17 19:32:34","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129449/"
+"129448","2019-02-17 19:32:32","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129448/"
+"129447","2019-02-17 19:32:30","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129447/"
+"129446","2019-02-17 19:32:27","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129446/"
+"129445","2019-02-17 19:32:24","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129445/"
+"129444","2019-02-17 19:32:22","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129444/"
+"129443","2019-02-17 19:32:20","https://rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129443/"
+"129442","2019-02-17 19:32:19","https://rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129442/"
+"129441","2019-02-17 19:32:16","https://rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129441/"
+"129440","2019-02-17 19:32:13","https://rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129440/"
+"129439","2019-02-17 19:32:10","https://rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129439/"
+"129438","2019-02-17 19:32:07","https://rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129438/"
+"129437","2019-02-17 19:32:06","https://rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129437/"
+"129436","2019-02-17 19:32:04","https://rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129436/"
+"129435","2019-02-17 19:32:01","https://rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129435/"
+"129434","2019-02-17 19:31:58","https://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129434/"
+"129433","2019-02-17 19:31:54","https://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129433/"
+"129432","2019-02-17 19:31:52","https://rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129432/"
+"129431","2019-02-17 19:31:49","https://rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129431/"
+"129430","2019-02-17 19:31:46","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129430/"
+"129429","2019-02-17 19:31:45","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129429/"
+"129428","2019-02-17 19:31:43","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129428/"
+"129427","2019-02-17 19:31:41","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129427/"
+"129423","2019-02-17 19:31:40","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129423/"
+"129424","2019-02-17 19:31:40","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129424/"
+"129425","2019-02-17 19:31:40","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129425/"
+"129426","2019-02-17 19:31:40","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129426/"
+"129422","2019-02-17 19:31:39","http://rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129422/"
+"129421","2019-02-17 19:31:37","http://rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129421/"
+"129420","2019-02-17 19:31:34","http://rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129420/"
+"129419","2019-02-17 19:31:33","http://rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129419/"
+"129417","2019-02-17 19:31:32","http://rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129417/"
+"129418","2019-02-17 19:31:32","http://rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129418/"
+"129416","2019-02-17 19:31:31","http://rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129416/"
+"129415","2019-02-17 19:31:30","http://rsmart-testsolutions.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129415/"
+"129414","2019-02-17 19:31:28","http://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129414/"
+"129413","2019-02-17 19:31:27","http://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129413/"
+"129412","2019-02-17 19:31:25","http://rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129412/"
+"129410","2019-02-17 19:31:24","http://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129410/"
+"129411","2019-02-17 19:31:24","http://rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129411/"
+"129409","2019-02-17 19:31:23","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129409/"
+"129406","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129406/"
+"129407","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129407/"
+"129408","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129408/"
+"129405","2019-02-17 19:31:21","http://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129405/"
+"129404","2019-02-17 19:31:20","http://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129404/"
+"129403","2019-02-17 19:31:19","http://rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129403/"
+"129402","2019-02-17 19:31:18","http://rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129402/"
+"129401","2019-02-17 19:31:16","http://rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129401/"
+"129400","2019-02-17 19:31:15","http://rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129400/"
+"129398","2019-02-17 19:31:14","http://rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129398/"
+"129399","2019-02-17 19:31:14","http://rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129399/"
+"129397","2019-02-17 19:31:10","http://rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129397/"
+"129396","2019-02-17 19:31:08","http://rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129396/"
+"129394","2019-02-17 19:31:06","http://rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129394/"
+"129395","2019-02-17 19:31:06","http://rsmart-testsolutions.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129395/"
+"129393","2019-02-17 19:31:04","http://rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129393/"
+"129392","2019-02-17 19:31:03","http://rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129392/"
+"129391","2019-02-17 19:31:02","http://rsmart-testsolutions.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129391/"
+"129390","2019-02-17 19:31:00","http://rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129390/"
+"129389","2019-02-17 19:30:59","http://rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129389/"
+"129388","2019-02-17 19:30:57","http://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129388/"
+"129387","2019-02-17 19:30:52","http://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129387/"
+"129386","2019-02-17 19:30:50","http://rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129386/"
+"129385","2019-02-17 19:30:45","http://rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129385/"
+"129384","2019-02-17 19:30:35","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129384/"
+"129383","2019-02-17 19:30:25","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129383/"
+"129382","2019-02-17 19:30:16","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129382/"
+"129381","2019-02-17 19:30:10","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129381/"
+"129380","2019-02-17 19:30:05","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129380/"
+"129379","2019-02-17 19:29:59","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129379/"
+"129378","2019-02-17 19:29:55","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129378/"
+"129377","2019-02-17 19:29:53","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129377/"
+"129376","2019-02-17 19:29:51","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129376/"
+"129375","2019-02-17 19:29:47","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129375/"
+"129374","2019-02-17 19:29:42","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129374/"
+"129373","2019-02-17 19:29:36","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129373/"
+"129372","2019-02-17 19:29:29","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129372/"
+"129371","2019-02-17 19:29:21","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129371/"
+"129370","2019-02-17 19:29:15","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129370/"
+"129369","2019-02-17 19:29:08","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129369/"
+"129368","2019-02-17 19:29:02","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129368/"
+"129367","2019-02-17 19:28:57","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129367/"
+"129366","2019-02-17 19:28:53","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129366/"
+"129365","2019-02-17 19:28:50","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129365/"
+"129364","2019-02-17 19:28:49","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129364/"
+"129363","2019-02-17 19:28:42","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129363/"
+"129362","2019-02-17 19:28:38","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129362/"
+"129361","2019-02-17 19:28:32","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129361/"
+"129360","2019-02-17 19:28:28","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129360/"
+"129359","2019-02-17 19:28:25","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129359/"
+"129358","2019-02-17 19:28:18","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129358/"
+"129357","2019-02-17 19:28:13","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129357/"
+"129356","2019-02-17 19:28:07","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129356/"
+"129355","2019-02-17 19:28:00","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129355/"
+"129354","2019-02-17 19:27:56","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129354/"
+"129353","2019-02-17 19:27:51","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129353/"
+"129352","2019-02-17 19:27:47","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129352/"
+"129351","2019-02-17 19:27:36","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129351/"
+"129350","2019-02-17 19:27:14","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129350/"
+"129349","2019-02-17 19:26:53","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zan.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129349/"
+"129348","2019-02-17 19:26:52","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zaher.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129348/"
+"129347","2019-02-17 19:26:50","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/z.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129347/"
+"129346","2019-02-17 19:26:48","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/nissa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129346/"
+"129345","2019-02-17 19:26:45","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/n.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129345/"
+"129344","2019-02-17 19:26:41","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129344/"
+"129343","2019-02-17 19:26:19","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129343/"
+"129342","2019-02-17 19:25:23","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129342/"
+"129341","2019-02-17 19:25:12","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129341/"
+"129340","2019-02-17 19:25:09","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129340/"
+"129339","2019-02-17 19:25:04","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129339/"
+"129338","2019-02-17 19:24:56","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129338/"
+"129337","2019-02-17 19:24:50","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129337/"
+"129336","2019-02-17 19:24:38","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129336/"
+"129335","2019-02-17 19:24:29","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129335/"
+"129334","2019-02-17 19:24:17","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129334/"
+"129333","2019-02-17 19:24:11","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129333/"
+"129332","2019-02-17 19:24:08","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129332/"
+"129331","2019-02-17 19:24:01","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129331/"
+"129329","2019-02-17 19:24:00","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129329/"
+"129330","2019-02-17 19:24:00","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129330/"
+"129328","2019-02-17 19:23:59","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129328/"
+"129327","2019-02-17 19:23:58","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129327/"
+"129326","2019-02-17 19:23:52","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129326/"
+"129325","2019-02-17 19:23:46","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129325/"
+"129324","2019-02-17 19:23:37","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/user.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129324/"
+"129323","2019-02-17 19:23:26","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129323/"
+"129322","2019-02-17 19:23:19","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/invoice.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129322/"
+"129321","2019-02-17 19:23:18","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/mt103.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129321/"
+"129320","2019-02-17 19:23:16","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dmw.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129320/"
+"129319","2019-02-17 19:22:56","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129319/"
+"129318","2019-02-17 19:22:46","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vvc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129318/"
+"129316","2019-02-17 19:22:38","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vb.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129316/"
+"129317","2019-02-17 19:22:38","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129317/"
+"129315","2019-02-17 19:22:27","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129315/"
+"129314","2019-02-17 19:22:23","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129314/"
+"129313","2019-02-17 19:22:15","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129313/"
+"129312","2019-02-17 19:22:06","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129312/"
+"129311","2019-02-17 19:21:59","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129311/"
+"129310","2019-02-17 19:21:52","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129310/"
+"129309","2019-02-17 19:21:33","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129309/"
+"129308","2019-02-17 19:21:26","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129308/"
+"129307","2019-02-17 19:21:14","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129307/"
+"129306","2019-02-17 19:08:02","http://cild.edu.vn/DE_de/VZFPYLAO2818712/gescanntes-Dokument/RECH","offline","malware_download","doc","https://urlhaus.abuse.ch/url/129306/"
+"129305","2019-02-17 18:42:05","http://1.9.124.131:2933/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129305/"
+"129304","2019-02-17 18:37:09","https://bmstu-iu9.github.io/compiler-labs/1/BeRo/btpc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129304/"
+"129303","2019-02-17 18:34:03","http://wf-hack.com/vk/informcomd/antib.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129303/"
+"129302","2019-02-17 18:24:19","http://mission2019.website/we.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129302/"
+"129301","2019-02-17 18:24:10","http://mission2019.website/wzz.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129301/"
+"129300","2019-02-17 18:14:36","http://89.35.39.78/ghost","online","malware_download","backdoor,elf,Elknot,Ganiw","https://urlhaus.abuse.ch/url/129300/"
+"129299","2019-02-17 18:14:23","http://185.101.105.130/Okami.okami","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129299/"
+"129297","2019-02-17 18:14:22","http://185.101.105.130/Okami.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129297/"
+"129298","2019-02-17 18:14:22","http://185.101.105.130/Okami.arm5","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129298/"
+"129296","2019-02-17 18:14:21","http://185.101.105.130/Okami.sparc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129296/"
+"129295","2019-02-17 18:14:19","http://185.101.105.130/Okami.m68k","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129295/"
+"129294","2019-02-17 18:14:17","http://185.101.105.130/Okami.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129294/"
+"129293","2019-02-17 18:14:17","http://185.101.105.130/Okami.ppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129293/"
+"129292","2019-02-17 18:14:16","http://185.101.105.130/Okami.i686","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129292/"
+"129291","2019-02-17 18:14:14","http://185.101.105.130/Okami.arm6","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129291/"
+"129290","2019-02-17 18:14:14","http://185.101.105.130/Okami.x86","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129290/"
+"129289","2019-02-17 18:14:09","http://185.101.105.130/Okami.sh4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129289/"
+"129288","2019-02-17 18:14:06","http://185.101.105.130/Okami.mipsel","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129288/"
+"129287","2019-02-17 18:14:03","http://185.101.105.130/Okami.mips","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129287/"
+"129286","2019-02-17 17:29:02","http://www.wf-hack.com/FantasyHack.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129286/"
+"129285","2019-02-17 17:10:05","http://wf-hack.com/vk/dowloand/abr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129285/"
+"129284","2019-02-17 15:35:09","http://125.136.94.85:53541/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129284/"
+"129283","2019-02-17 15:35:05","http://75.55.248.20:45084/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129283/"
+"129282","2019-02-17 15:27:30","http://d9.driver.160.com/9/9/56/Sumsung_bda_245T_95669.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129282/"
+"129281","2019-02-17 15:03:05","http://mikrotik.com.pe/gestion/inc/fpdf/liyb/22.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/129281/"
+"129280","2019-02-17 15:03:02","http://mikrotik.com.pe/gestion/inc/fpdf/liyb/14.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/129280/"
+"129279","2019-02-17 15:02:27","http://mikrotik.com.pe/gestion/inc/fpdf/liyb/14.png","online","malware_download","exe","https://urlhaus.abuse.ch/url/129279/"
+"129278","2019-02-17 15:02:20","http://mikrotik.com.pe/gestion/inc/fpdf/liyb/22.png","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/129278/"
+"129277","2019-02-17 15:02:07","http://mikrotik.com.pe/gestion/inc/fpdf/liyb/ds.png","online","malware_download","exe","https://urlhaus.abuse.ch/url/129277/"
+"129276","2019-02-17 15:00:22","http://www.svmdabwali.com/file/Made-In-China.com/2cams.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129276/"
+"129275","2019-02-17 14:31:30","http://d8.driver.160.com/8/D6/D0/WDM_R182_216137.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129275/"
+"129274","2019-02-17 13:48:08","http://svmdabwali.com/file/made-in-china.com/2cams.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129274/"
+"129273","2019-02-17 13:09:06","http://stgroups.co/sites/EN_en/OVERDUE-ACCOUNT/Account-10953","offline","malware_download","doc","https://urlhaus.abuse.ch/url/129273/"
+"129272","2019-02-17 13:08:14","http://190.250.124.10:50685/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129272/"
+"129271","2019-02-17 13:08:11","http://118.233.43.29:45511/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129271/"
+"129270","2019-02-17 13:08:05","http://73.73.137.64:7843/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129270/"
+"129269","2019-02-17 13:07:04","http://61.222.95.43:34223/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129269/"
+"129268","2019-02-17 13:06:07","http://190.194.44.136:13432/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129268/"
+"129267","2019-02-17 13:06:05","http://59.98.44.226:15167/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129267/"
+"129266","2019-02-17 13:03:08","http://104.248.229.149/yakuza.sh4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129266/"
+"129265","2019-02-17 13:03:07","http://104.248.229.149/yakuza.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129265/"
+"129264","2019-02-17 13:03:06","http://104.248.229.149/yakuza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/129264/"
+"129263","2019-02-17 13:03:06","http://159.65.12.8/bins/oxy.x86","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129263/"
+"129262","2019-02-17 13:03:04","http://159.65.12.8/bins/oxy.spc","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129262/"
+"129261","2019-02-17 13:03:03","http://159.65.12.8/bins/oxy.sh4","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129261/"
+"129260","2019-02-17 13:03:01","http://159.65.12.8/bins/oxy.ppc440","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129260/"
+"129259","2019-02-17 13:03:00","http://159.65.12.8/bins/oxy.ppc","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129259/"
+"129258","2019-02-17 13:02:59","http://159.65.12.8/bins/oxy.mpsl","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129258/"
+"129257","2019-02-17 13:02:57","http://159.65.12.8/bins/oxy.mips","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129257/"
+"129256","2019-02-17 13:02:56","http://159.65.12.8/bins/oxy.m68k","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129256/"
+"129255","2019-02-17 13:02:55","http://159.65.12.8/bins/oxy.i686","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129255/"
+"129254","2019-02-17 13:02:53","http://159.65.12.8/bins/oxy.i586","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129254/"
+"129253","2019-02-17 13:02:52","http://159.65.12.8/bins/oxy.arm7","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129253/"
+"129252","2019-02-17 13:02:50","http://159.65.12.8/bins/oxy.arm6","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129252/"
+"129251","2019-02-17 13:02:49","http://159.65.12.8/bins/oxy.arm5","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129251/"
+"129250","2019-02-17 13:02:47","http://159.65.12.8/bins/oxy.arm","online","malware_download","elf,gafgyt,mirai","https://urlhaus.abuse.ch/url/129250/"
+"129249","2019-02-17 13:02:45","http://69.90.132.160/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129249/"
+"129248","2019-02-17 13:02:44","http://69.90.132.160/bins/sora.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129248/"
+"129247","2019-02-17 13:02:43","http://69.90.132.160/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129247/"
+"129246","2019-02-17 13:02:42","http://69.90.132.160/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129246/"
+"129245","2019-02-17 13:02:41","http://69.90.132.160/bins/sora.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129245/"
+"129244","2019-02-17 13:02:40","http://69.90.132.160/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129244/"
+"129243","2019-02-17 13:02:39","http://69.90.132.160/bins/sora.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129243/"
+"129242","2019-02-17 13:02:38","http://69.90.132.160/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129242/"
+"129241","2019-02-17 13:02:37","http://69.90.132.160/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129241/"
+"129240","2019-02-17 13:02:36","http://69.90.132.160/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129240/"
+"129239","2019-02-17 13:02:35","http://69.90.132.160/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129239/"
+"129238","2019-02-17 13:02:34","http://68.183.174.0/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129238/"
+"129237","2019-02-17 13:02:04","http://68.183.174.0/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129237/"
+"129236","2019-02-17 13:01:33","http://68.183.174.0/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129236/"
+"129235","2019-02-17 13:01:03","http://68.183.174.0/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129235/"
+"129234","2019-02-17 13:00:33","http://68.183.174.0/bins/hoho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129234/"
+"129233","2019-02-17 13:00:03","http://68.183.174.0/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129233/"
+"129232","2019-02-17 12:59:33","http://68.183.174.0/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129232/"
+"129231","2019-02-17 12:59:02","http://68.183.174.0/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129231/"
+"129230","2019-02-17 12:58:32","http://68.183.174.0/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129230/"
+"129229","2019-02-17 12:58:02","http://68.183.174.0/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129229/"
+"129228","2019-02-17 12:57:32","http://68.183.174.0/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/129228/"
 "129227","2019-02-17 11:40:03","http://sol4ek.com/azo/svrhost.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129227/"
 "129226","2019-02-17 10:15:18","http://72.208.129.238:32286/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129226/"
 "129225","2019-02-17 10:15:13","http://219.85.233.13:27673/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129225/"
@@ -38,7 +1884,7 @@
 "129199","2019-02-17 09:59:31","https://ciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129199/"
 "129198","2019-02-17 09:59:29","https://ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129198/"
 "129197","2019-02-17 09:59:26","https://ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129197/"
-"129196","2019-02-17 09:59:23","https://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129196/"
+"129196","2019-02-17 09:59:23","https://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129196/"
 "129195","2019-02-17 09:59:21","https://ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129195/"
 "129194","2019-02-17 09:59:18","https://ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129194/"
 "129193","2019-02-17 09:59:15","https://ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129193/"
@@ -53,11 +1899,11 @@
 "129184","2019-02-17 09:58:53","https://ciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129184/"
 "129183","2019-02-17 09:58:52","https://ciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129183/"
 "129182","2019-02-17 09:58:49","https://ciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129182/"
-"129181","2019-02-17 09:58:47","https://ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129181/"
+"129181","2019-02-17 09:58:47","https://ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129181/"
 "129180","2019-02-17 09:58:45","https://ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129180/"
 "129179","2019-02-17 09:58:41","https://ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129179/"
 "129178","2019-02-17 09:58:39","https://ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129178/"
-"129177","2019-02-17 09:58:36","https://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129177/"
+"129177","2019-02-17 09:58:36","https://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129177/"
 "129176","2019-02-17 09:58:33","http://dixe.online/En/document/Invoice_number/cJaLC-On_M-yu","offline","malware_download","doc","https://urlhaus.abuse.ch/url/129176/"
 "129175","2019-02-17 09:58:31","http://ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129175/"
 "129174","2019-02-17 09:58:30","http://ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129174/"
@@ -78,7 +1924,7 @@
 "129159","2019-02-17 09:58:14","http://ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129159/"
 "129158","2019-02-17 09:58:13","http://ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129158/"
 "129157","2019-02-17 09:58:12","http://ciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129157/"
-"129155","2019-02-17 09:58:11","http://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129155/"
+"129155","2019-02-17 09:58:11","http://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129155/"
 "129156","2019-02-17 09:58:11","http://ciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129156/"
 "129154","2019-02-17 09:58:10","http://ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129154/"
 "129151","2019-02-17 09:58:09","http://ciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129151/"
@@ -100,11 +1946,11 @@
 "129138","2019-02-17 09:56:59","http://ciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129138/"
 "129136","2019-02-17 09:56:58","http://ciprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129136/"
 "129135","2019-02-17 09:56:57","http://ciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129135/"
-"129134","2019-02-17 09:56:56","http://ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129134/"
+"129134","2019-02-17 09:56:56","http://ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129134/"
 "129133","2019-02-17 09:56:53","http://ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129133/"
 "129132","2019-02-17 09:56:50","http://ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129132/"
 "129131","2019-02-17 09:56:49","http://ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129131/"
-"129130","2019-02-17 09:56:48","http://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129130/"
+"129130","2019-02-17 09:56:48","http://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129130/"
 "129129","2019-02-17 09:56:45","https://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129129/"
 "129128","2019-02-17 09:56:43","https://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129128/"
 "129127","2019-02-17 09:56:39","https://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129127/"
@@ -117,7 +1963,7 @@
 "129120","2019-02-17 09:56:20","https://benfey.ciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129120/"
 "129119","2019-02-17 09:56:18","https://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129119/"
 "129118","2019-02-17 09:56:15","https://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129118/"
-"129117","2019-02-17 09:56:12","https://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129117/"
+"129117","2019-02-17 09:56:12","https://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129117/"
 "129116","2019-02-17 09:56:10","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129116/"
 "129115","2019-02-17 09:56:07","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129115/"
 "129114","2019-02-17 09:56:04","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129114/"
@@ -132,11 +1978,11 @@
 "129105","2019-02-17 09:55:42","https://benfey.ciprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129105/"
 "129104","2019-02-17 09:55:41","https://benfey.ciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129104/"
 "129103","2019-02-17 09:55:38","https://benfey.ciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129103/"
-"129102","2019-02-17 09:55:36","https://benfey.ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129102/"
+"129102","2019-02-17 09:55:36","https://benfey.ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129102/"
 "129101","2019-02-17 09:55:33","https://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129101/"
 "129100","2019-02-17 09:55:29","https://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129100/"
 "129099","2019-02-17 09:55:26","https://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129099/"
-"129098","2019-02-17 09:55:23","https://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129098/"
+"129098","2019-02-17 09:55:23","https://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129098/"
 "129097","2019-02-17 09:55:20","http://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129097/"
 "129096","2019-02-17 09:55:19","http://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129096/"
 "129095","2019-02-17 09:55:17","http://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129095/"
@@ -157,7 +2003,7 @@
 "129080","2019-02-17 09:54:31","http://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129080/"
 "129078","2019-02-17 09:54:29","http://benfey.ciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129078/"
 "129079","2019-02-17 09:54:29","http://benfey.ciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129079/"
-"129077","2019-02-17 09:54:28","http://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129077/"
+"129077","2019-02-17 09:54:28","http://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129077/"
 "129074","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129074/"
 "129075","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129075/"
 "129076","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129076/"
@@ -178,11 +2024,11 @@
 "129059","2019-02-17 09:54:13","http://benfey.ciprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129059/"
 "129058","2019-02-17 09:54:12","http://benfey.ciprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129058/"
 "129057","2019-02-17 09:54:11","http://benfey.ciprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129057/"
-"129056","2019-02-17 09:54:10","http://benfey.ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129056/"
+"129056","2019-02-17 09:54:10","http://benfey.ciprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129056/"
 "129055","2019-02-17 09:54:09","http://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129055/"
 "129054","2019-02-17 09:54:06","http://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129054/"
 "129053","2019-02-17 09:54:05","http://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129053/"
-"129052","2019-02-17 09:54:04","http://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129052/"
+"129052","2019-02-17 09:54:04","http://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129052/"
 "129051","2019-02-17 09:38:03","http://sevesheldon.com/wp-includes/pomo/1.exe","offline","malware_download","exe,hancitor,payload,Pony,stage2","https://urlhaus.abuse.ch/url/129051/"
 "129050","2019-02-17 09:35:53","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129050/"
 "129049","2019-02-17 09:35:51","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129049/"
@@ -196,7 +2042,7 @@
 "129041","2019-02-17 09:35:27","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129041/"
 "129040","2019-02-17 09:35:24","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129040/"
 "129039","2019-02-17 09:35:21","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129039/"
-"129038","2019-02-17 09:35:19","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129038/"
+"129038","2019-02-17 09:35:19","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129038/"
 "129037","2019-02-17 09:35:16","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129037/"
 "129036","2019-02-17 09:35:14","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129036/"
 "129035","2019-02-17 09:35:11","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129035/"
@@ -211,11 +2057,11 @@
 "129026","2019-02-17 09:34:50","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129026/"
 "129025","2019-02-17 09:34:49","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129025/"
 "129024","2019-02-17 09:34:46","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129024/"
-"129023","2019-02-17 09:34:43","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129023/"
+"129023","2019-02-17 09:34:43","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/129023/"
 "129022","2019-02-17 09:34:40","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129022/"
 "129021","2019-02-17 09:34:36","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129021/"
 "129020","2019-02-17 09:34:34","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129020/"
-"129019","2019-02-17 09:34:31","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129019/"
+"129019","2019-02-17 09:34:31","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129019/"
 "129018","2019-02-17 09:34:29","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129018/"
 "129017","2019-02-17 09:34:27","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129017/"
 "129016","2019-02-17 09:34:25","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129016/"
@@ -235,7 +2081,7 @@
 "129002","2019-02-17 09:34:11","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129002/"
 "129001","2019-02-17 09:34:10","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129001/"
 "129000","2019-02-17 09:34:09","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129000/"
-"128998","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128998/"
+"128998","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128998/"
 "128999","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128999/"
 "128996","2019-02-17 09:34:07","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128996/"
 "128997","2019-02-17 09:34:07","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128997/"
@@ -257,11 +2103,11 @@
 "128980","2019-02-17 09:33:48","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128980/"
 "128979","2019-02-17 09:33:47","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128979/"
 "128978","2019-02-17 09:33:46","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128978/"
-"128977","2019-02-17 09:33:45","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128977/"
+"128977","2019-02-17 09:33:45","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128977/"
 "128976","2019-02-17 09:33:44","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128976/"
 "128975","2019-02-17 09:33:42","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128975/"
 "128974","2019-02-17 09:33:40","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128974/"
-"128973","2019-02-17 09:33:39","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128973/"
+"128973","2019-02-17 09:33:39","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128973/"
 "128972","2019-02-17 09:33:37","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128972/"
 "128971","2019-02-17 09:33:34","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128971/"
 "128970","2019-02-17 09:33:30","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128970/"
@@ -274,7 +2120,7 @@
 "128963","2019-02-17 09:33:11","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128963/"
 "128962","2019-02-17 09:33:09","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128962/"
 "128961","2019-02-17 09:33:06","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128961/"
-"128960","2019-02-17 09:33:03","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128960/"
+"128960","2019-02-17 09:33:03","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128960/"
 "128959","2019-02-17 09:33:00","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128959/"
 "128958","2019-02-17 09:32:57","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128958/"
 "128957","2019-02-17 09:32:55","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128957/"
@@ -289,11 +2135,11 @@
 "128948","2019-02-17 09:32:33","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128948/"
 "128947","2019-02-17 09:32:32","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128947/"
 "128946","2019-02-17 09:32:30","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128946/"
-"128945","2019-02-17 09:32:27","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128945/"
+"128945","2019-02-17 09:32:27","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128945/"
 "128944","2019-02-17 09:32:24","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128944/"
 "128943","2019-02-17 09:32:20","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128943/"
 "128942","2019-02-17 09:32:18","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128942/"
-"128941","2019-02-17 09:32:16","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128941/"
+"128941","2019-02-17 09:32:16","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128941/"
 "128940","2019-02-17 09:32:13","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128940/"
 "128939","2019-02-17 09:32:12","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128939/"
 "128938","2019-02-17 09:32:10","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128938/"
@@ -313,7 +2159,7 @@
 "128924","2019-02-17 09:31:36","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128924/"
 "128923","2019-02-17 09:31:34","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128923/"
 "128922","2019-02-17 09:31:33","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128922/"
-"128920","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128920/"
+"128920","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128920/"
 "128921","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128921/"
 "128918","2019-02-17 09:31:31","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128918/"
 "128919","2019-02-17 09:31:31","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128919/"
@@ -335,11 +2181,11 @@
 "128902","2019-02-17 09:31:15","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128902/"
 "128901","2019-02-17 09:31:14","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128901/"
 "128900","2019-02-17 09:31:13","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128900/"
-"128899","2019-02-17 09:31:12","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128899/"
+"128899","2019-02-17 09:31:12","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128899/"
 "128898","2019-02-17 09:31:11","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128898/"
 "128897","2019-02-17 09:31:09","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128897/"
 "128896","2019-02-17 09:31:08","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128896/"
-"128895","2019-02-17 09:31:06","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128895/"
+"128895","2019-02-17 09:31:06","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128895/"
 "128894","2019-02-17 09:23:07","http://xfit.kz/administrator/cache/com_virtuemart_cats/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/128894/"
 "128893","2019-02-17 09:19:05","https://cdn.discordapp.com/attachments/538861511133888526/546550948026253332/jumpscare.exe","online","malware_download","exe,orcus,payload,rat,stage2","https://urlhaus.abuse.ch/url/128893/"
 "128892","2019-02-17 09:16:10","https://cdn.discordapp.com/attachments/538861511133888526/546557289419636736/fff.exe","online","malware_download","exe,orcus,payload,rat,stage2","https://urlhaus.abuse.ch/url/128892/"
@@ -385,7 +2231,7 @@
 "128852","2019-02-17 06:46:49","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128852/"
 "128851","2019-02-17 06:46:47","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128851/"
 "128850","2019-02-17 06:46:44","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128850/"
-"128849","2019-02-17 06:46:41","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128849/"
+"128849","2019-02-17 06:46:41","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128849/"
 "128848","2019-02-17 06:46:39","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128848/"
 "128847","2019-02-17 06:46:36","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128847/"
 "128846","2019-02-17 06:46:34","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128846/"
@@ -400,11 +2246,11 @@
 "128837","2019-02-17 06:46:10","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128837/"
 "128836","2019-02-17 06:46:09","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128836/"
 "128835","2019-02-17 06:46:06","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128835/"
-"128834","2019-02-17 06:46:03","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128834/"
+"128834","2019-02-17 06:46:03","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128834/"
 "128833","2019-02-17 06:46:01","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128833/"
 "128832","2019-02-17 06:45:56","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128832/"
 "128831","2019-02-17 06:45:53","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128831/"
-"128830","2019-02-17 06:45:51","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128830/"
+"128830","2019-02-17 06:45:51","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128830/"
 "128829","2019-02-17 06:45:48","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128829/"
 "128828","2019-02-17 06:45:47","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128828/"
 "128827","2019-02-17 06:45:44","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128827/"
@@ -424,7 +2270,7 @@
 "128813","2019-02-17 06:45:26","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128813/"
 "128812","2019-02-17 06:45:25","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128812/"
 "128811","2019-02-17 06:45:23","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128811/"
-"128809","2019-02-17 06:45:22","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128809/"
+"128809","2019-02-17 06:45:22","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128809/"
 "128810","2019-02-17 06:45:22","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128810/"
 "128806","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128806/"
 "128807","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128807/"
@@ -446,11 +2292,11 @@
 "128792","2019-02-17 06:44:58","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128792/"
 "128790","2019-02-17 06:44:55","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128790/"
 "128789","2019-02-17 06:44:52","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128789/"
-"128788","2019-02-17 06:44:49","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128788/"
+"128788","2019-02-17 06:44:49","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128788/"
 "128787","2019-02-17 06:44:46","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128787/"
 "128786","2019-02-17 06:44:41","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128786/"
 "128785","2019-02-17 06:44:39","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128785/"
-"128784","2019-02-17 06:44:34","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128784/"
+"128784","2019-02-17 06:44:34","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128784/"
 "128783","2019-02-17 06:44:27","https://rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128783/"
 "128782","2019-02-17 06:44:23","https://rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128782/"
 "128781","2019-02-17 06:44:17","https://rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128781/"
@@ -463,7 +2309,7 @@
 "128774","2019-02-17 06:43:53","https://rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128774/"
 "128773","2019-02-17 06:43:49","https://rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128773/"
 "128772","2019-02-17 06:43:44","https://rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128772/"
-"128771","2019-02-17 06:43:39","https://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128771/"
+"128771","2019-02-17 06:43:39","https://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128771/"
 "128770","2019-02-17 06:43:33","https://rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128770/"
 "128769","2019-02-17 06:43:28","https://rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128769/"
 "128768","2019-02-17 06:43:23","https://rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128768/"
@@ -478,11 +2324,11 @@
 "128759","2019-02-17 06:42:39","https://rjsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128759/"
 "128758","2019-02-17 06:42:37","https://rjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128758/"
 "128757","2019-02-17 06:42:33","https://rjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128757/"
-"128756","2019-02-17 06:42:29","https://rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128756/"
+"128756","2019-02-17 06:42:29","https://rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128756/"
 "128755","2019-02-17 06:42:25","https://rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128755/"
 "128754","2019-02-17 06:42:20","https://rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128754/"
 "128753","2019-02-17 06:42:16","https://rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128753/"
-"128752","2019-02-17 06:42:13","https://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128752/"
+"128752","2019-02-17 06:42:13","https://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128752/"
 "128751","2019-02-17 06:42:10","http://rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128751/"
 "128750","2019-02-17 06:42:03","http://rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128750/"
 "128749","2019-02-17 06:41:48","http://rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128749/"
@@ -503,7 +2349,7 @@
 "128734","2019-02-17 06:40:04","http://rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128734/"
 "128733","2019-02-17 06:39:56","http://rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128733/"
 "128732","2019-02-17 06:39:53","http://rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128732/"
-"128731","2019-02-17 06:39:52","http://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128731/"
+"128731","2019-02-17 06:39:52","http://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128731/"
 "128730","2019-02-17 06:39:46","http://rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128730/"
 "128728","2019-02-17 06:39:45","http://rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128728/"
 "128729","2019-02-17 06:39:45","http://rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128729/"
@@ -524,11 +2370,11 @@
 "128713","2019-02-17 06:37:21","http://rjsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128713/"
 "128712","2019-02-17 06:37:14","http://rjsrwaco.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128712/"
 "128711","2019-02-17 06:37:07","http://rjsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128711/"
-"128710","2019-02-17 06:37:00","http://rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128710/"
+"128710","2019-02-17 06:37:00","http://rjsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128710/"
 "128709","2019-02-17 06:36:50","http://rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128709/"
 "128708","2019-02-17 06:36:27","http://rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128708/"
 "128707","2019-02-17 06:36:20","http://rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128707/"
-"128706","2019-02-17 06:36:11","http://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128706/"
+"128706","2019-02-17 06:36:11","http://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128706/"
 "128705","2019-02-17 06:26:06","https://www.e-basvur.com/wp-content/themes/bizcorp/inc/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/128705/"
 "128704","2019-02-17 06:26:04","http://104.168.149.180/vb/Amakano.i686","online","malware_download","elf","https://urlhaus.abuse.ch/url/128704/"
 "128703","2019-02-17 06:26:02","http://104.168.149.180/vb/Amakano.mpsl","online","malware_download","elf","https://urlhaus.abuse.ch/url/128703/"
@@ -538,11 +2384,11 @@
 "128699","2019-02-17 05:39:00","http://helpyouman.tk/files/f0276370.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128699/"
 "128698","2019-02-17 03:22:05","http://forodigitalpyme.es/US/file/Invoice_Notice/YSBoc-HFsMY_FXHFU-bf","offline","malware_download","doc","https://urlhaus.abuse.ch/url/128698/"
 "128697","2019-02-17 03:22:03","http://kmu-kaluga.ru/assets/images/cnt/benefits/whe.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128697/"
-"128696","2019-02-17 03:10:10","http://kmu-kaluga.ru/assets/images/cnt/benefits/whe4.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128696/"
+"128696","2019-02-17 03:10:10","http://kmu-kaluga.ru/assets/images/cnt/benefits/whe4.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128696/"
 "128695","2019-02-17 03:10:09","http://helpyouman.tk/files/f0276376.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128695/"
 "128694","2019-02-17 03:01:38","http://helpyouman.tk/files/f0277191.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128694/"
 "128693","2019-02-17 02:50:04","http://kmu-kaluga.ru/assets/images/cnt/benefits/elbb.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128693/"
-"128692","2019-02-17 02:49:09","http://kmu-kaluga.ru/assets/images/cnt/benefits/frc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128692/"
+"128692","2019-02-17 02:49:09","http://kmu-kaluga.ru/assets/images/cnt/benefits/frc.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/128692/"
 "128691","2019-02-17 02:48:07","http://coffeeatthejunction.com/hBfL","offline","malware_download","amazonprofile,Cobalt,CobaltStrike,encrypted,payload,stage2,Strike","https://urlhaus.abuse.ch/url/128691/"
 "128690","2019-02-17 02:46:06","http://helpyouman.tk/files/a0275202.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128690/"
 "128689","2019-02-17 02:40:08","http://helpyouman.tk/files/f0277063.xsph.ru.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128689/"
@@ -575,7 +2421,7 @@
 "128662","2019-02-17 00:23:19","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128662/"
 "128661","2019-02-17 00:23:16","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128661/"
 "128660","2019-02-17 00:23:12","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128660/"
-"128659","2019-02-17 00:23:05","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128659/"
+"128659","2019-02-17 00:23:05","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128659/"
 "128658","2019-02-17 00:22:34","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128658/"
 "128657","2019-02-17 00:22:31","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128657/"
 "128656","2019-02-17 00:22:28","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128656/"
@@ -590,11 +2436,11 @@
 "128647","2019-02-17 00:21:56","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128647/"
 "128646","2019-02-17 00:21:54","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128646/"
 "128645","2019-02-17 00:21:51","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128645/"
-"128644","2019-02-17 00:21:48","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128644/"
+"128644","2019-02-17 00:21:48","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128644/"
 "128643","2019-02-17 00:21:45","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128643/"
 "128642","2019-02-17 00:21:39","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128642/"
 "128641","2019-02-17 00:21:36","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128641/"
-"128640","2019-02-17 00:21:32","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128640/"
+"128640","2019-02-17 00:21:32","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128640/"
 "128639","2019-02-17 00:21:29","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128639/"
 "128638","2019-02-17 00:21:22","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128638/"
 "128637","2019-02-17 00:21:11","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128637/"
@@ -615,7 +2461,7 @@
 "128622","2019-02-17 00:20:25","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128622/"
 "128621","2019-02-17 00:20:22","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128621/"
 "128620","2019-02-17 00:20:20","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128620/"
-"128619","2019-02-17 00:20:19","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128619/"
+"128619","2019-02-17 00:20:19","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128619/"
 "128618","2019-02-17 00:20:17","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128618/"
 "128617","2019-02-17 00:20:16","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128617/"
 "128616","2019-02-17 00:20:14","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128616/"
@@ -636,12 +2482,12 @@
 "128602","2019-02-17 00:19:49","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128602/"
 "128600","2019-02-17 00:19:48","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128600/"
 "128599","2019-02-17 00:19:46","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128599/"
-"128598","2019-02-17 00:19:42","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128598/"
+"128598","2019-02-17 00:19:42","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128598/"
 "128597","2019-02-17 00:19:36","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128597/"
 "128596","2019-02-17 00:19:17","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128596/"
 "128595","2019-02-17 00:19:11","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128595/"
 "128594","2019-02-17 00:19:04","https://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128594/"
-"128593","2019-02-17 00:19:00","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128593/"
+"128593","2019-02-17 00:19:00","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128593/"
 "128592","2019-02-17 00:18:54","https://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128592/"
 "128591","2019-02-17 00:18:49","https://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128591/"
 "128590","2019-02-17 00:18:44","https://folkbjnrwwww.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128590/"
@@ -653,7 +2499,7 @@
 "128584","2019-02-17 00:18:22","https://folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128584/"
 "128583","2019-02-17 00:18:19","https://folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128583/"
 "128582","2019-02-17 00:18:15","https://folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128582/"
-"128581","2019-02-17 00:18:10","https://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128581/"
+"128581","2019-02-17 00:18:10","https://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128581/"
 "128580","2019-02-17 00:18:06","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128580/"
 "128579","2019-02-17 00:18:03","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128579/"
 "128578","2019-02-17 00:17:59","https://folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128578/"
@@ -668,11 +2514,11 @@
 "128569","2019-02-17 00:17:17","https://folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128569/"
 "128568","2019-02-17 00:17:15","https://folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128568/"
 "128567","2019-02-17 00:17:11","https://folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128567/"
-"128566","2019-02-17 00:17:08","https://folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128566/"
+"128566","2019-02-17 00:17:08","https://folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128566/"
 "128565","2019-02-17 00:17:02","https://folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128565/"
 "128564","2019-02-17 00:16:57","https://folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128564/"
 "128563","2019-02-17 00:16:55","https://folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128563/"
-"128562","2019-02-17 00:16:52","https://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128562/"
+"128562","2019-02-17 00:16:52","https://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128562/"
 "128561","2019-02-17 00:16:50","http://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128561/"
 "128560","2019-02-17 00:16:49","http://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128560/"
 "128559","2019-02-17 00:16:46","http://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128559/"
@@ -692,7 +2538,7 @@
 "128545","2019-02-17 00:16:29","http://folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128545/"
 "128544","2019-02-17 00:16:28","http://folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128544/"
 "128543","2019-02-17 00:16:27","http://folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128543/"
-"128541","2019-02-17 00:16:26","http://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128541/"
+"128541","2019-02-17 00:16:26","http://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128541/"
 "128542","2019-02-17 00:16:26","http://folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128542/"
 "128540","2019-02-17 00:16:25","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128540/"
 "128538","2019-02-17 00:16:24","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128538/"
@@ -714,11 +2560,11 @@
 "128524","2019-02-17 00:16:10","http://folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128524/"
 "128522","2019-02-17 00:16:09","http://folkbjnrwwww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128522/"
 "128521","2019-02-17 00:16:07","http://folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128521/"
-"128520","2019-02-17 00:16:06","http://folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128520/"
+"128520","2019-02-17 00:16:06","http://folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128520/"
 "128519","2019-02-17 00:16:05","http://folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128519/"
 "128518","2019-02-17 00:16:03","http://folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128518/"
 "128517","2019-02-17 00:16:02","http://folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128517/"
-"128516","2019-02-17 00:16:01","http://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128516/"
+"128516","2019-02-17 00:16:01","http://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128516/"
 "128515","2019-02-17 00:15:58","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128515/"
 "128514","2019-02-17 00:15:56","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128514/"
 "128513","2019-02-17 00:15:52","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128513/"
@@ -731,7 +2577,7 @@
 "128506","2019-02-17 00:15:33","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128506/"
 "128505","2019-02-17 00:15:31","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128505/"
 "128504","2019-02-17 00:15:28","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128504/"
-"128503","2019-02-17 00:15:25","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128503/"
+"128503","2019-02-17 00:15:25","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128503/"
 "128502","2019-02-17 00:15:23","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128502/"
 "128501","2019-02-17 00:15:20","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128501/"
 "128500","2019-02-17 00:15:18","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128500/"
@@ -746,11 +2592,11 @@
 "128491","2019-02-17 00:14:52","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128491/"
 "128490","2019-02-17 00:14:50","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128490/"
 "128489","2019-02-17 00:14:48","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128489/"
-"128488","2019-02-17 00:14:46","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128488/"
+"128488","2019-02-17 00:14:46","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128488/"
 "128487","2019-02-17 00:14:43","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128487/"
 "128486","2019-02-17 00:14:39","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128486/"
 "128485","2019-02-17 00:14:37","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128485/"
-"128484","2019-02-17 00:14:34","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128484/"
+"128484","2019-02-17 00:14:34","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128484/"
 "128483","2019-02-17 00:14:31","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128483/"
 "128482","2019-02-17 00:14:30","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128482/"
 "128481","2019-02-17 00:14:28","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128481/"
@@ -771,7 +2617,7 @@
 "128466","2019-02-17 00:14:12","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128466/"
 "128465","2019-02-17 00:14:11","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128465/"
 "128464","2019-02-17 00:14:10","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128464/"
-"128463","2019-02-17 00:14:09","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128463/"
+"128463","2019-02-17 00:14:09","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128463/"
 "128460","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128460/"
 "128461","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128461/"
 "128462","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128462/"
@@ -792,11 +2638,11 @@
 "128445","2019-02-17 00:12:53","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128445/"
 "128444","2019-02-17 00:12:52","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128444/"
 "128443","2019-02-17 00:12:51","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128443/"
-"128442","2019-02-17 00:12:50","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128442/"
+"128442","2019-02-17 00:12:50","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128442/"
 "128441","2019-02-17 00:12:49","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128441/"
 "128440","2019-02-17 00:12:47","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128440/"
 "128439","2019-02-17 00:12:45","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128439/"
-"128438","2019-02-17 00:12:44","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128438/"
+"128438","2019-02-17 00:12:44","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128438/"
 "128437","2019-02-17 00:12:41","https://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128437/"
 "128436","2019-02-17 00:12:38","https://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128436/"
 "128435","2019-02-17 00:12:35","https://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128435/"
@@ -809,7 +2655,7 @@
 "128428","2019-02-17 00:12:15","https://actionfraud.coqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128428/"
 "128427","2019-02-17 00:12:12","https://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128427/"
 "128426","2019-02-17 00:12:09","https://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128426/"
-"128425","2019-02-17 00:12:06","https://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128425/"
+"128425","2019-02-17 00:12:06","https://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128425/"
 "128424","2019-02-17 00:12:04","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128424/"
 "128423","2019-02-17 00:12:01","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128423/"
 "128422","2019-02-17 00:11:59","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128422/"
@@ -824,11 +2670,11 @@
 "128413","2019-02-17 00:11:35","https://actionfraud.coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128413/"
 "128412","2019-02-17 00:11:34","https://actionfraud.coqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128412/"
 "128411","2019-02-17 00:11:32","https://actionfraud.coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128411/"
-"128410","2019-02-17 00:11:29","https://actionfraud.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128410/"
+"128410","2019-02-17 00:11:29","https://actionfraud.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128410/"
 "128409","2019-02-17 00:11:27","https://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128409/"
 "128408","2019-02-17 00:11:23","https://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128408/"
 "128407","2019-02-17 00:11:21","https://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128407/"
-"128406","2019-02-17 00:11:18","https://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128406/"
+"128406","2019-02-17 00:11:18","https://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128406/"
 "128405","2019-02-17 00:11:16","http://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128405/"
 "128404","2019-02-17 00:11:15","http://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128404/"
 "128403","2019-02-17 00:11:13","http://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128403/"
@@ -849,7 +2695,7 @@
 "128388","2019-02-17 00:10:41","http://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128388/"
 "128387","2019-02-17 00:10:39","http://actionfraud.coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128387/"
 "128386","2019-02-17 00:10:38","http://actionfraud.coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128386/"
-"128385","2019-02-17 00:10:37","http://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128385/"
+"128385","2019-02-17 00:10:37","http://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128385/"
 "128383","2019-02-17 00:10:36","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128383/"
 "128384","2019-02-17 00:10:36","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128384/"
 "128380","2019-02-17 00:10:35","http://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128380/"
@@ -870,11 +2716,11 @@
 "128367","2019-02-17 00:10:19","http://actionfraud.coqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128367/"
 "128366","2019-02-17 00:10:18","http://actionfraud.coqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128366/"
 "128365","2019-02-17 00:10:17","http://actionfraud.coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128365/"
-"128364","2019-02-17 00:10:15","http://actionfraud.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128364/"
+"128364","2019-02-17 00:10:15","http://actionfraud.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128364/"
 "128363","2019-02-17 00:10:13","http://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128363/"
 "128362","2019-02-17 00:10:10","http://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128362/"
 "128361","2019-02-17 00:10:09","http://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128361/"
-"128360","2019-02-17 00:10:08","http://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128360/"
+"128360","2019-02-17 00:10:08","http://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128360/"
 "128359","2019-02-16 23:59:05","http://drberrinkarakuy.com/WbB9Y9w/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/128359/"
 "128358","2019-02-16 23:58:10","http://garenanow.myvnc.com:81/CIG_MHKD.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128358/"
 "128356","2019-02-16 23:46:03","http://83.166.241.99/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128356/"
@@ -884,27 +2730,27 @@
 "128353","2019-02-16 23:45:03","http://83.166.241.99/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128353/"
 "128352","2019-02-16 23:45:02","http://83.166.241.99/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128352/"
 "128351","2019-02-16 23:44:02","http://83.166.241.99/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128351/"
-"128350","2019-02-16 23:41:03","http://185.101.105.168/OwO/Tsunami.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128350/"
-"128349","2019-02-16 23:41:02","http://185.101.105.168/OwO/Tsunami.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128349/"
-"128348","2019-02-16 23:38:11","http://185.101.105.168/OwO/Tsunami.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128348/"
-"128347","2019-02-16 23:38:06","http://185.101.105.168/OwO/Tsunami.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128347/"
-"128346","2019-02-16 23:38:04","http://185.101.105.168/OwO/Tsunami.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128346/"
-"128345","2019-02-16 23:38:03","http://185.101.105.168/OwO/Tsunami.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128345/"
-"128344","2019-02-16 23:33:03","http://185.101.105.168/OwO/Tsunami.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128344/"
-"128343","2019-02-16 23:22:04","http://185.101.105.168:80/OwO/Tsunami.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128343/"
+"128350","2019-02-16 23:41:03","http://185.101.105.168/OwO/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128350/"
+"128349","2019-02-16 23:41:02","http://185.101.105.168/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128349/"
+"128348","2019-02-16 23:38:11","http://185.101.105.168/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128348/"
+"128347","2019-02-16 23:38:06","http://185.101.105.168/OwO/Tsunami.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128347/"
+"128346","2019-02-16 23:38:04","http://185.101.105.168/OwO/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128346/"
+"128345","2019-02-16 23:38:03","http://185.101.105.168/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128345/"
+"128344","2019-02-16 23:33:03","http://185.101.105.168/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128344/"
+"128343","2019-02-16 23:22:04","http://185.101.105.168:80/OwO/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128343/"
 "128342","2019-02-16 23:22:03","http://83.166.241.99:80/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128342/"
-"128341","2019-02-16 23:22:02","http://185.101.105.168:80/OwO/Tsunami.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128341/"
-"128340","2019-02-16 23:20:09","http://185.101.105.168:80/OwO/Tsunami.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128340/"
-"128339","2019-02-16 23:20:08","http://185.101.105.168:80/OwO/Tsunami.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128339/"
+"128341","2019-02-16 23:22:02","http://185.101.105.168:80/OwO/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128341/"
+"128340","2019-02-16 23:20:09","http://185.101.105.168:80/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128340/"
+"128339","2019-02-16 23:20:08","http://185.101.105.168:80/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128339/"
 "128338","2019-02-16 23:20:05","http://fctu.xyz/document/cr7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128338/"
 "128337","2019-02-16 23:20:02","http://83.166.241.99:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128337/"
 "128335","2019-02-16 23:19:03","http://83.166.241.99:80/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128335/"
 "128336","2019-02-16 23:19:03","http://83.166.241.99:80/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128336/"
-"128334","2019-02-16 23:07:07","http://185.101.105.168:80/OwO/Tsunami.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128334/"
+"128334","2019-02-16 23:07:07","http://185.101.105.168:80/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128334/"
 "128333","2019-02-16 23:01:15","http://83.166.241.99:80/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128333/"
 "128332","2019-02-16 23:01:12","http://83.166.241.99:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128332/"
 "128331","2019-02-16 23:01:08","http://83.166.241.99:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128331/"
-"128330","2019-02-16 23:01:05","http://185.101.105.168:80/OwO/Tsunami.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128330/"
+"128330","2019-02-16 23:01:05","http://185.101.105.168:80/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128330/"
 "128329","2019-02-16 21:54:09","http://169.50.86.213:443/xU9UHGabKGbf2d7Yg4XTDA5f3T_lv","online","malware_download","exe","https://urlhaus.abuse.ch/url/128329/"
 "128328","2019-02-16 21:53:01","http://112.117.221.26/cdn/pcclient/20180716/16/16/masar.zip","online","malware_download","Banload","https://urlhaus.abuse.ch/url/128328/"
 "128327","2019-02-16 21:52:50","http://112.117.221.39/cdn/pcclient/20181128/16/55/masblog.zip","online","malware_download","Banload","https://urlhaus.abuse.ch/url/128327/"
@@ -957,7 +2803,7 @@
 "128280","2019-02-16 18:09:34","https://sitwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128280/"
 "128279","2019-02-16 18:09:30","https://sitwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128279/"
 "128278","2019-02-16 18:09:26","https://sitwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128278/"
-"128277","2019-02-16 18:09:23","https://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128277/"
+"128277","2019-02-16 18:09:23","https://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128277/"
 "128276","2019-02-16 18:09:19","https://sitwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128276/"
 "128275","2019-02-16 18:09:15","https://sitwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128275/"
 "128274","2019-02-16 18:09:12","https://sitwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128274/"
@@ -972,11 +2818,11 @@
 "128265","2019-02-16 18:08:15","https://sitwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128265/"
 "128264","2019-02-16 18:08:13","https://sitwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128264/"
 "128263","2019-02-16 18:08:10","https://sitwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128263/"
-"128262","2019-02-16 18:08:07","https://sitwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128262/"
+"128262","2019-02-16 18:08:07","https://sitwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128262/"
 "128261","2019-02-16 18:08:04","https://sitwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128261/"
 "128260","2019-02-16 18:07:59","https://sitwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128260/"
 "128259","2019-02-16 18:07:56","https://sitwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128259/"
-"128258","2019-02-16 18:07:52","https://sitwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128258/"
+"128258","2019-02-16 18:07:52","https://sitwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128258/"
 "128257","2019-02-16 18:07:49","http://sitwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128257/"
 "128256","2019-02-16 18:07:44","http://sitwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128256/"
 "128255","2019-02-16 18:07:28","http://sitwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128255/"
@@ -997,7 +2843,7 @@
 "128240","2019-02-16 18:05:50","http://sitwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128240/"
 "128239","2019-02-16 18:05:42","http://sitwww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128239/"
 "128238","2019-02-16 18:05:38","http://sitwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128238/"
-"128237","2019-02-16 18:05:37","http://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128237/"
+"128237","2019-02-16 18:05:37","http://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128237/"
 "128236","2019-02-16 18:05:31","http://sitwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128236/"
 "128234","2019-02-16 18:05:30","http://sitwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128234/"
 "128235","2019-02-16 18:05:30","http://sitwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128235/"
@@ -1018,11 +2864,11 @@
 "128219","2019-02-16 18:04:09","http://sitwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128219/"
 "128218","2019-02-16 18:04:02","http://sitwww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128218/"
 "128217","2019-02-16 18:03:55","http://sitwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128217/"
-"128216","2019-02-16 18:03:49","http://sitwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128216/"
+"128216","2019-02-16 18:03:49","http://sitwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128216/"
 "128215","2019-02-16 18:03:42","http://sitwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128215/"
 "128214","2019-02-16 18:03:23","http://sitwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128214/"
 "128213","2019-02-16 18:03:17","http://sitwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128213/"
-"128212","2019-02-16 18:03:09","http://sitwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128212/"
+"128212","2019-02-16 18:03:09","http://sitwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128212/"
 "128211","2019-02-16 17:39:20","http://garenanow.myvnc.com:81/CIG.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128211/"
 "128210","2019-02-16 17:39:11","http://chinhdropfile80.myvnc.com:81/CIG.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128210/"
 "128209","2019-02-16 17:35:14","http://jetwaysairlines.us/titan/tandr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/128209/"
@@ -1068,7 +2914,7 @@
 "128169","2019-02-16 17:17:27","https://arash.tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128169/"
 "128168","2019-02-16 17:17:24","https://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128168/"
 "128167","2019-02-16 17:17:22","https://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128167/"
-"128166","2019-02-16 17:17:19","https://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128166/"
+"128166","2019-02-16 17:17:19","https://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128166/"
 "128165","2019-02-16 17:17:17","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128165/"
 "128164","2019-02-16 17:17:14","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128164/"
 "128163","2019-02-16 17:17:12","https://arash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128163/"
@@ -1083,11 +2929,11 @@
 "128154","2019-02-16 17:16:49","https://arash.tcoqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128154/"
 "128153","2019-02-16 17:16:48","https://arash.tcoqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128153/"
 "128152","2019-02-16 17:16:46","https://arash.tcoqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128152/"
-"128151","2019-02-16 17:16:41","https://arash.tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128151/"
+"128151","2019-02-16 17:16:41","https://arash.tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128151/"
 "128150","2019-02-16 17:16:36","https://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128150/"
 "128149","2019-02-16 17:16:33","https://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128149/"
 "128148","2019-02-16 17:16:29","https://arash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128148/"
-"128147","2019-02-16 17:16:27","https://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128147/"
+"128147","2019-02-16 17:16:27","https://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128147/"
 "128146","2019-02-16 17:16:24","http://arash.tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128146/"
 "128145","2019-02-16 17:16:23","http://arash.tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128145/"
 "128144","2019-02-16 17:16:20","http://arash.tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128144/"
@@ -1107,7 +2953,7 @@
 "128130","2019-02-16 17:16:05","http://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128130/"
 "128129","2019-02-16 17:16:03","http://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128129/"
 "128128","2019-02-16 17:16:02","http://arash.tcoqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128128/"
-"128126","2019-02-16 17:16:01","http://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128126/"
+"128126","2019-02-16 17:16:01","http://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128126/"
 "128127","2019-02-16 17:16:01","http://arash.tcoqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128127/"
 "128125","2019-02-16 17:15:59","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128125/"
 "128122","2019-02-16 17:15:58","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128122/"
@@ -1130,11 +2976,11 @@
 "128107","2019-02-16 17:15:40","http://arash.tcoqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128107/"
 "128106","2019-02-16 17:15:39","http://arash.tcoqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128106/"
 "128105","2019-02-16 17:15:38","http://arash.tcoqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128105/"
-"128104","2019-02-16 17:15:37","http://arash.tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128104/"
+"128104","2019-02-16 17:15:37","http://arash.tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128104/"
 "128103","2019-02-16 17:15:36","http://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128103/"
 "128102","2019-02-16 17:15:33","http://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128102/"
 "128101","2019-02-16 17:15:32","http://arash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128101/"
-"128100","2019-02-16 17:15:31","http://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128100/"
+"128100","2019-02-16 17:15:31","http://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128100/"
 "128099","2019-02-16 17:15:28","https://tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128099/"
 "128098","2019-02-16 17:15:25","https://tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128098/"
 "128097","2019-02-16 17:15:21","https://tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128097/"
@@ -1147,7 +2993,7 @@
 "128090","2019-02-16 17:15:00","https://tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128090/"
 "128089","2019-02-16 17:14:58","https://tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128089/"
 "128088","2019-02-16 17:14:55","https://tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128088/"
-"128087","2019-02-16 17:14:52","https://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128087/"
+"128087","2019-02-16 17:14:52","https://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128087/"
 "128086","2019-02-16 17:14:49","https://tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128086/"
 "128085","2019-02-16 17:14:47","https://tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128085/"
 "128084","2019-02-16 17:14:44","https://tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128084/"
@@ -1162,11 +3008,11 @@
 "128075","2019-02-16 17:14:18","https://tcoqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128075/"
 "128074","2019-02-16 17:14:15","https://tcoqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128074/"
 "128073","2019-02-16 17:14:08","https://tcoqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128073/"
-"128072","2019-02-16 17:14:02","https://tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128072/"
+"128072","2019-02-16 17:14:02","https://tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128072/"
 "128071","2019-02-16 17:13:57","https://tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128071/"
 "128070","2019-02-16 17:13:51","https://tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128070/"
 "128069","2019-02-16 17:13:47","https://tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128069/"
-"128068","2019-02-16 17:13:43","https://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128068/"
+"128068","2019-02-16 17:13:43","https://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128068/"
 "128067","2019-02-16 17:13:38","http://tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128067/"
 "128066","2019-02-16 17:13:32","http://tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128066/"
 "128065","2019-02-16 17:13:14","http://tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128065/"
@@ -1187,7 +3033,7 @@
 "128050","2019-02-16 17:11:32","http://tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128050/"
 "128049","2019-02-16 17:11:25","http://tcoqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128049/"
 "128048","2019-02-16 17:11:23","http://tcoqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128048/"
-"128047","2019-02-16 17:11:22","http://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128047/"
+"128047","2019-02-16 17:11:22","http://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128047/"
 "128046","2019-02-16 17:11:18","http://tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128046/"
 "128045","2019-02-16 17:11:17","http://tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128045/"
 "128044","2019-02-16 17:11:16","http://tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128044/"
@@ -1209,11 +3055,11 @@
 "128028","2019-02-16 17:08:54","http://tcoqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128028/"
 "128027","2019-02-16 17:08:43","http://tcoqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128027/"
 "128026","2019-02-16 17:08:34","http://tcoqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128026/"
-"128025","2019-02-16 17:08:25","http://tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128025/"
+"128025","2019-02-16 17:08:25","http://tcoqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/128025/"
 "128024","2019-02-16 17:08:17","http://tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128024/"
 "128023","2019-02-16 17:07:56","http://tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128023/"
 "128022","2019-02-16 17:07:52","http://tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128022/"
-"128021","2019-02-16 17:07:45","http://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128021/"
+"128021","2019-02-16 17:07:45","http://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128021/"
 "128020","2019-02-16 17:07:38","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128020/"
 "128019","2019-02-16 17:07:34","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128019/"
 "128018","2019-02-16 17:07:28","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128018/"
@@ -1226,7 +3072,7 @@
 "128011","2019-02-16 17:06:54","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128011/"
 "128010","2019-02-16 17:06:48","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128010/"
 "128009","2019-02-16 17:06:42","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128009/"
-"128008","2019-02-16 17:06:36","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128008/"
+"128008","2019-02-16 17:06:36","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128008/"
 "128007","2019-02-16 17:06:30","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128007/"
 "128006","2019-02-16 17:06:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128006/"
 "128005","2019-02-16 17:06:13","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128005/"
@@ -1241,11 +3087,11 @@
 "127996","2019-02-16 17:05:10","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127996/"
 "127995","2019-02-16 17:05:04","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127995/"
 "127994","2019-02-16 17:04:58","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127994/"
-"127993","2019-02-16 17:04:52","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127993/"
+"127993","2019-02-16 17:04:52","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127993/"
 "127992","2019-02-16 17:04:44","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127992/"
 "127991","2019-02-16 17:04:35","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127991/"
 "127990","2019-02-16 17:04:29","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127990/"
-"127989","2019-02-16 17:04:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127989/"
+"127989","2019-02-16 17:04:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127989/"
 "127988","2019-02-16 17:04:18","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127988/"
 "127987","2019-02-16 17:04:10","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127987/"
 "127986","2019-02-16 17:03:56","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127986/"
@@ -1265,7 +3111,7 @@
 "127972","2019-02-16 17:02:32","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127972/"
 "127971","2019-02-16 17:02:26","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127971/"
 "127970","2019-02-16 17:02:19","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127970/"
-"127968","2019-02-16 17:02:17","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127968/"
+"127968","2019-02-16 17:02:17","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127968/"
 "127969","2019-02-16 17:02:17","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127969/"
 "127967","2019-02-16 17:02:13","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127967/"
 "127965","2019-02-16 17:02:12","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127965/"
@@ -1287,11 +3133,11 @@
 "127951","2019-02-16 17:01:46","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127951/"
 "127949","2019-02-16 17:01:44","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127949/"
 "127948","2019-02-16 17:01:43","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127948/"
-"127947","2019-02-16 17:01:42","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127947/"
+"127947","2019-02-16 17:01:42","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127947/"
 "127946","2019-02-16 17:01:41","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127946/"
 "127945","2019-02-16 17:01:38","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127945/"
 "127944","2019-02-16 17:01:37","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127944/"
-"127943","2019-02-16 17:01:36","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127943/"
+"127943","2019-02-16 17:01:36","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127943/"
 "127942","2019-02-16 17:01:30","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127942/"
 "127941","2019-02-16 17:01:26","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127941/"
 "127940","2019-02-16 17:01:19","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127940/"
@@ -1304,7 +3150,7 @@
 "127933","2019-02-16 17:00:32","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127933/"
 "127932","2019-02-16 17:00:27","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127932/"
 "127931","2019-02-16 17:00:20","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127931/"
-"127930","2019-02-16 17:00:11","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127930/"
+"127930","2019-02-16 17:00:11","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127930/"
 "127929","2019-02-16 17:00:08","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127929/"
 "127928","2019-02-16 17:00:05","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127928/"
 "127927","2019-02-16 17:00:01","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127927/"
@@ -1319,11 +3165,11 @@
 "127918","2019-02-16 16:59:19","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127918/"
 "127917","2019-02-16 16:59:16","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127917/"
 "127916","2019-02-16 16:59:12","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127916/"
-"127915","2019-02-16 16:59:05","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127915/"
+"127915","2019-02-16 16:59:05","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127915/"
 "127914","2019-02-16 16:59:03","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127914/"
 "127913","2019-02-16 16:58:58","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127913/"
 "127912","2019-02-16 16:58:56","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127912/"
-"127911","2019-02-16 16:58:53","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127911/"
+"127911","2019-02-16 16:58:53","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127911/"
 "127910","2019-02-16 16:58:51","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127910/"
 "127909","2019-02-16 16:58:49","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127909/"
 "127908","2019-02-16 16:58:47","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127908/"
@@ -1344,7 +3190,7 @@
 "127893","2019-02-16 16:58:28","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127893/"
 "127891","2019-02-16 16:58:26","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127891/"
 "127892","2019-02-16 16:58:26","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127892/"
-"127890","2019-02-16 16:58:25","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127890/"
+"127890","2019-02-16 16:58:25","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127890/"
 "127888","2019-02-16 16:58:24","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127888/"
 "127889","2019-02-16 16:58:24","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127889/"
 "127887","2019-02-16 16:58:23","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127887/"
@@ -1365,11 +3211,11 @@
 "127872","2019-02-16 16:58:04","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127872/"
 "127871","2019-02-16 16:58:03","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127871/"
 "127870","2019-02-16 16:58:02","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127870/"
-"127869","2019-02-16 16:58:01","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127869/"
+"127869","2019-02-16 16:58:01","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127869/"
 "127868","2019-02-16 16:58:00","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127868/"
 "127867","2019-02-16 16:57:58","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127867/"
 "127866","2019-02-16 16:57:57","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127866/"
-"127865","2019-02-16 16:57:56","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127865/"
+"127865","2019-02-16 16:57:56","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127865/"
 "127864","2019-02-16 16:57:53","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127864/"
 "127863","2019-02-16 16:57:50","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127863/"
 "127862","2019-02-16 16:57:46","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127862/"
@@ -1382,7 +3228,7 @@
 "127855","2019-02-16 16:57:22","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127855/"
 "127854","2019-02-16 16:57:19","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127854/"
 "127853","2019-02-16 16:57:17","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127853/"
-"127852","2019-02-16 16:57:13","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127852/"
+"127852","2019-02-16 16:57:13","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127852/"
 "127851","2019-02-16 16:57:11","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127851/"
 "127850","2019-02-16 16:57:09","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127850/"
 "127849","2019-02-16 16:57:07","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127849/"
@@ -1397,11 +3243,11 @@
 "127840","2019-02-16 16:56:42","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127840/"
 "127839","2019-02-16 16:56:40","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127839/"
 "127838","2019-02-16 16:56:37","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127838/"
-"127837","2019-02-16 16:56:35","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127837/"
+"127837","2019-02-16 16:56:35","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127837/"
 "127836","2019-02-16 16:56:32","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127836/"
 "127835","2019-02-16 16:56:28","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127835/"
 "127834","2019-02-16 16:56:26","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127834/"
-"127833","2019-02-16 16:56:23","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127833/"
+"127833","2019-02-16 16:56:23","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127833/"
 "127832","2019-02-16 16:56:20","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127832/"
 "127831","2019-02-16 16:56:19","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127831/"
 "127830","2019-02-16 16:56:17","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127830/"
@@ -1421,7 +3267,7 @@
 "127816","2019-02-16 16:56:00","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127816/"
 "127815","2019-02-16 16:55:58","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127815/"
 "127814","2019-02-16 16:55:57","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127814/"
-"127812","2019-02-16 16:55:56","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127812/"
+"127812","2019-02-16 16:55:56","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127812/"
 "127813","2019-02-16 16:55:56","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127813/"
 "127809","2019-02-16 16:55:54","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127809/"
 "127810","2019-02-16 16:55:54","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127810/"
@@ -1443,11 +3289,11 @@
 "127794","2019-02-16 16:55:23","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127794/"
 "127793","2019-02-16 16:55:22","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127793/"
 "127792","2019-02-16 16:55:21","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127792/"
-"127791","2019-02-16 16:55:20","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127791/"
+"127791","2019-02-16 16:55:20","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127791/"
 "127790","2019-02-16 16:55:19","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127790/"
 "127789","2019-02-16 16:55:16","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127789/"
 "127788","2019-02-16 16:55:15","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127788/"
-"127787","2019-02-16 16:55:14","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127787/"
+"127787","2019-02-16 16:55:14","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127787/"
 "127786","2019-02-16 16:55:10","https://bjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127786/"
 "127785","2019-02-16 16:55:08","https://bjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127785/"
 "127784","2019-02-16 16:55:04","https://bjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127784/"
@@ -1460,7 +3306,7 @@
 "127777","2019-02-16 16:54:44","https://bjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127777/"
 "127776","2019-02-16 16:54:41","https://bjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127776/"
 "127775","2019-02-16 16:54:38","https://bjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127775/"
-"127774","2019-02-16 16:54:35","https://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127774/"
+"127774","2019-02-16 16:54:35","https://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127774/"
 "127773","2019-02-16 16:54:33","https://bjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127773/"
 "127772","2019-02-16 16:54:30","https://bjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127772/"
 "127771","2019-02-16 16:54:28","https://bjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127771/"
@@ -1475,11 +3321,11 @@
 "127762","2019-02-16 16:54:06","https://bjnrwwww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127762/"
 "127761","2019-02-16 16:54:04","https://bjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127761/"
 "127760","2019-02-16 16:54:02","https://bjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127760/"
-"127759","2019-02-16 16:54:00","https://bjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127759/"
+"127759","2019-02-16 16:54:00","https://bjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127759/"
 "127758","2019-02-16 16:53:57","https://bjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127758/"
 "127757","2019-02-16 16:53:53","https://bjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127757/"
 "127756","2019-02-16 16:53:51","https://bjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127756/"
-"127755","2019-02-16 16:53:48","https://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127755/"
+"127755","2019-02-16 16:53:48","https://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127755/"
 "127754","2019-02-16 16:53:45","http://bjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127754/"
 "127753","2019-02-16 16:53:44","http://bjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127753/"
 "127752","2019-02-16 16:53:41","http://bjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127752/"
@@ -1499,7 +3345,7 @@
 "127738","2019-02-16 16:53:26","http://bjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127738/"
 "127737","2019-02-16 16:53:24","http://bjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127737/"
 "127736","2019-02-16 16:53:22","http://bjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127736/"
-"127734","2019-02-16 16:53:21","http://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127734/"
+"127734","2019-02-16 16:53:21","http://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127734/"
 "127735","2019-02-16 16:53:21","http://bjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127735/"
 "127733","2019-02-16 16:53:17","http://bjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127733/"
 "127730","2019-02-16 16:53:16","http://bjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127730/"
@@ -1521,11 +3367,11 @@
 "127716","2019-02-16 16:52:01","http://bjnrwwww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127716/"
 "127715","2019-02-16 16:51:52","http://bjnrwwww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127715/"
 "127714","2019-02-16 16:51:40","http://bjnrwwww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127714/"
-"127713","2019-02-16 16:51:28","http://bjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127713/"
+"127713","2019-02-16 16:51:28","http://bjnrwwww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127713/"
 "127712","2019-02-16 16:51:17","http://bjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127712/"
 "127711","2019-02-16 16:50:54","http://bjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127711/"
 "127710","2019-02-16 16:50:45","http://bjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127710/"
-"127709","2019-02-16 16:50:35","http://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127709/"
+"127709","2019-02-16 16:50:35","http://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127709/"
 "127708","2019-02-16 16:50:26","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127708/"
 "127707","2019-02-16 16:50:21","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127707/"
 "127706","2019-02-16 16:50:13","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127706/"
@@ -1538,7 +3384,7 @@
 "127699","2019-02-16 16:49:43","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127699/"
 "127698","2019-02-16 16:49:37","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127698/"
 "127697","2019-02-16 16:49:33","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127697/"
-"127696","2019-02-16 16:49:28","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127696/"
+"127696","2019-02-16 16:49:28","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127696/"
 "127695","2019-02-16 16:49:24","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127695/"
 "127694","2019-02-16 16:49:21","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127694/"
 "127693","2019-02-16 16:49:17","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127693/"
@@ -1553,11 +3399,11 @@
 "127684","2019-02-16 16:48:27","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127684/"
 "127683","2019-02-16 16:48:23","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127683/"
 "127682","2019-02-16 16:48:19","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127682/"
-"127681","2019-02-16 16:48:15","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127681/"
+"127681","2019-02-16 16:48:15","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127681/"
 "127680","2019-02-16 16:48:11","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127680/"
 "127679","2019-02-16 16:48:00","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127679/"
 "127678","2019-02-16 16:47:58","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127678/"
-"127677","2019-02-16 16:47:54","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127677/"
+"127677","2019-02-16 16:47:54","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127677/"
 "127676","2019-02-16 16:47:51","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127676/"
 "127675","2019-02-16 16:47:44","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127675/"
 "127674","2019-02-16 16:47:22","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127674/"
@@ -1578,7 +3424,7 @@
 "127659","2019-02-16 16:44:52","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127659/"
 "127658","2019-02-16 16:44:43","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127658/"
 "127657","2019-02-16 16:44:36","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127657/"
-"127656","2019-02-16 16:44:33","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127656/"
+"127656","2019-02-16 16:44:33","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127656/"
 "127655","2019-02-16 16:44:23","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127655/"
 "127654","2019-02-16 16:44:20","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127654/"
 "127653","2019-02-16 16:44:17","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127653/"
@@ -1600,11 +3446,11 @@
 "127637","2019-02-16 16:42:13","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127637/"
 "127636","2019-02-16 16:42:02","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127636/"
 "127635","2019-02-16 16:41:53","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127635/"
-"127634","2019-02-16 16:41:47","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127634/"
+"127634","2019-02-16 16:41:47","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127634/"
 "127633","2019-02-16 16:41:42","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127633/"
 "127632","2019-02-16 16:41:23","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127632/"
 "127631","2019-02-16 16:41:18","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127631/"
-"127630","2019-02-16 16:41:09","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127630/"
+"127630","2019-02-16 16:41:09","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127630/"
 "127629","2019-02-16 16:22:33","http://chinhdropfile.myvnc.com:81/CIG.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/127629/"
 "127628","2019-02-16 12:40:14","https://www.palmomedia.de/wp-content/themes/mcluhan/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127628/"
 "127627","2019-02-16 12:40:13","http://185.244.25.173/bins/Solstice.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127627/"
@@ -1619,13 +3465,13 @@
 "127617","2019-02-16 12:40:04","http://104.219.235.147/bins/yakuza.m68k","online","malware_download","None","https://urlhaus.abuse.ch/url/127617/"
 "127618","2019-02-16 12:40:04","http://185.244.25.173/bins/Solstice.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127618/"
 "127616","2019-02-16 12:40:02","http://104.219.235.147/bins/yakuza.mpsl","online","malware_download","None","https://urlhaus.abuse.ch/url/127616/"
-"127615","2019-02-16 12:25:03","http://104.219.235.157/bins/xbox.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127615/"
-"127614","2019-02-16 12:24:05","http://104.219.235.157/bins/xbox.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127614/"
-"127613","2019-02-16 12:24:04","http://104.219.235.157/bins/xbox.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127613/"
-"127612","2019-02-16 12:24:03","http://104.219.235.157/bins/xbox.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127612/"
+"127615","2019-02-16 12:25:03","http://104.219.235.157/bins/xbox.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127615/"
+"127614","2019-02-16 12:24:05","http://104.219.235.157/bins/xbox.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127614/"
+"127613","2019-02-16 12:24:04","http://104.219.235.157/bins/xbox.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127613/"
+"127612","2019-02-16 12:24:03","http://104.219.235.157/bins/xbox.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127612/"
 "127611","2019-02-16 12:24:02","http://208.89.211.38/bins/x86.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127611/"
-"127610","2019-02-16 12:22:03","http://104.219.235.157/bins/xbox.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127610/"
-"127609","2019-02-16 12:22:02","http://104.219.235.157/bins/xbox.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127609/"
+"127610","2019-02-16 12:22:03","http://104.219.235.157/bins/xbox.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127610/"
+"127609","2019-02-16 12:22:02","http://104.219.235.157/bins/xbox.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127609/"
 "127608","2019-02-16 12:17:06","http://198.98.58.235/cnc.ppc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127608/"
 "127607","2019-02-16 12:17:05","http://198.98.58.235/cnc.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127607/"
 "127606","2019-02-16 12:17:03","http://198.98.58.235/cnc.mpsl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127606/"
@@ -1636,25 +3482,25 @@
 "127601","2019-02-16 12:14:06","http://198.98.58.235/cnc.586","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127601/"
 "127600","2019-02-16 12:14:03","http://198.98.58.235/cnc.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127600/"
 "127599","2019-02-16 12:13:09","http://198.98.58.235/cnc.686","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/127599/"
-"127598","2019-02-16 12:13:07","http://104.219.235.157/bins/xbox.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127598/"
-"127597","2019-02-16 12:13:06","http://104.219.235.157/bins/xbox.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127597/"
-"127596","2019-02-16 12:13:04","http://104.219.235.157/bins/xbox.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127596/"
+"127598","2019-02-16 12:13:07","http://104.219.235.157/bins/xbox.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127598/"
+"127597","2019-02-16 12:13:06","http://104.219.235.157/bins/xbox.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127597/"
+"127596","2019-02-16 12:13:04","http://104.219.235.157/bins/xbox.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127596/"
 "127595","2019-02-16 12:00:03","http://185.244.25.173:80/bins/Solstice.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127595/"
-"127594","2019-02-16 11:59:03","http://104.219.235.157:80/bins/xbox.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127594/"
+"127594","2019-02-16 11:59:03","http://104.219.235.157:80/bins/xbox.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127594/"
 "127593","2019-02-16 11:59:02","http://185.244.25.173:80/bins/Solstice.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127593/"
-"127592","2019-02-16 11:57:04","http://104.219.235.157:80/bins/xbox.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127592/"
+"127592","2019-02-16 11:57:04","http://104.219.235.157:80/bins/xbox.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127592/"
 "127591","2019-02-16 11:57:03","http://185.244.25.173:80/bins/Solstice.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127591/"
-"127590","2019-02-16 11:57:02","http://104.219.235.157:80/bins/xbox.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127590/"
-"127589","2019-02-16 11:44:04","http://104.219.235.157:80/bins/xbox.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127589/"
+"127590","2019-02-16 11:57:02","http://104.219.235.157:80/bins/xbox.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127590/"
+"127589","2019-02-16 11:44:04","http://104.219.235.157:80/bins/xbox.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127589/"
 "127588","2019-02-16 11:44:03","http://185.244.25.173:80/bins/Solstice.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127588/"
 "127587","2019-02-16 11:43:02","http://185.244.25.173:80/bins/Solstice.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127587/"
-"127586","2019-02-16 11:42:07","http://104.219.235.157:80/bins/xbox.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127586/"
-"127585","2019-02-16 11:42:05","http://104.219.235.157:80/bins/xbox.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127585/"
-"127584","2019-02-16 11:42:03","http://104.219.235.157:80/bins/xbox.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127584/"
-"127583","2019-02-16 11:41:04","http://104.219.235.157:80/bins/xbox.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127583/"
+"127586","2019-02-16 11:42:07","http://104.219.235.157:80/bins/xbox.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127586/"
+"127585","2019-02-16 11:42:05","http://104.219.235.157:80/bins/xbox.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127585/"
+"127584","2019-02-16 11:42:03","http://104.219.235.157:80/bins/xbox.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127584/"
+"127583","2019-02-16 11:41:04","http://104.219.235.157:80/bins/xbox.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127583/"
 "127582","2019-02-16 11:32:09","http://220.133.156.146:32371/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/127582/"
 "127581","2019-02-16 11:32:05","http://208.89.211.38:80/bins/x86.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127581/"
-"127580","2019-02-16 11:32:02","http://104.219.235.157:80/bins/xbox.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127580/"
+"127580","2019-02-16 11:32:02","http://104.219.235.157:80/bins/xbox.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127580/"
 "127579","2019-02-16 11:28:03","http://netsoft.net.pl/wp-content/themes/porcelain/lang/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127579/"
 "127578","2019-02-16 10:58:03","http://mrdp.net.pl/administrator/cache/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127578/"
 "127577","2019-02-16 10:46:16","http://croesetranslations.com/files/Postal_Rosario_Garcia_11.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/127577/"
@@ -1724,7 +3570,7 @@
 "127513","2019-02-16 07:06:05","http://157.230.156.23/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127513/"
 "127512","2019-02-16 07:06:03","http://157.230.156.23/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127512/"
 "127511","2019-02-16 07:05:16","http://157.230.156.23/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127511/"
-"127510","2019-02-16 07:05:14","http://fluzz.ga/file/KEYBACKUP.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/127510/"
+"127510","2019-02-16 07:05:14","http://fluzz.ga/file/KEYBACKUP.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/127510/"
 "127509","2019-02-16 06:51:52","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127509/"
 "127508","2019-02-16 06:51:47","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127508/"
 "127507","2019-02-16 06:51:39","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127507/"
@@ -1737,7 +3583,7 @@
 "127500","2019-02-16 06:50:55","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127500/"
 "127499","2019-02-16 06:50:52","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127499/"
 "127498","2019-02-16 06:50:50","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127498/"
-"127497","2019-02-16 06:50:47","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127497/"
+"127497","2019-02-16 06:50:47","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127497/"
 "127496","2019-02-16 06:50:44","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127496/"
 "127495","2019-02-16 06:50:42","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127495/"
 "127494","2019-02-16 06:50:39","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127494/"
@@ -1752,11 +3598,11 @@
 "127485","2019-02-16 06:50:15","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127485/"
 "127484","2019-02-16 06:50:14","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127484/"
 "127483","2019-02-16 06:50:11","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127483/"
-"127482","2019-02-16 06:50:08","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127482/"
+"127482","2019-02-16 06:50:08","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127482/"
 "127481","2019-02-16 06:50:05","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127481/"
 "127480","2019-02-16 06:49:59","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127480/"
 "127479","2019-02-16 06:49:57","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127479/"
-"127478","2019-02-16 06:49:54","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127478/"
+"127478","2019-02-16 06:49:54","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127478/"
 "127477","2019-02-16 06:49:52","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127477/"
 "127476","2019-02-16 06:49:51","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127476/"
 "127475","2019-02-16 06:49:49","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127475/"
@@ -1777,7 +3623,7 @@
 "127460","2019-02-16 06:49:32","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127460/"
 "127459","2019-02-16 06:49:31","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127459/"
 "127458","2019-02-16 06:49:30","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127458/"
-"127457","2019-02-16 06:49:29","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127457/"
+"127457","2019-02-16 06:49:29","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127457/"
 "127454","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127454/"
 "127455","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127455/"
 "127456","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127456/"
@@ -1798,11 +3644,11 @@
 "127439","2019-02-16 06:49:11","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127439/"
 "127438","2019-02-16 06:49:10","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127438/"
 "127437","2019-02-16 06:49:09","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127437/"
-"127436","2019-02-16 06:49:08","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127436/"
+"127436","2019-02-16 06:49:08","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127436/"
 "127435","2019-02-16 06:49:07","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127435/"
 "127434","2019-02-16 06:49:04","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127434/"
 "127433","2019-02-16 06:49:03","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127433/"
-"127432","2019-02-16 06:49:01","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127432/"
+"127432","2019-02-16 06:49:01","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127432/"
 "127431","2019-02-16 06:48:58","https://cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127431/"
 "127430","2019-02-16 06:48:56","https://cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127430/"
 "127429","2019-02-16 06:48:51","https://cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127429/"
@@ -1815,7 +3661,7 @@
 "127422","2019-02-16 06:48:32","https://cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127422/"
 "127421","2019-02-16 06:48:29","https://cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127421/"
 "127420","2019-02-16 06:48:27","https://cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127420/"
-"127419","2019-02-16 06:48:24","https://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127419/"
+"127419","2019-02-16 06:48:24","https://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127419/"
 "127418","2019-02-16 06:48:21","https://cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127418/"
 "127417","2019-02-16 06:48:19","https://cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127417/"
 "127416","2019-02-16 06:48:17","https://cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127416/"
@@ -1830,11 +3676,11 @@
 "127407","2019-02-16 06:47:54","https://cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127407/"
 "127406","2019-02-16 06:47:53","https://cocomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127406/"
 "127405","2019-02-16 06:47:50","https://cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127405/"
-"127404","2019-02-16 06:47:48","https://cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127404/"
+"127404","2019-02-16 06:47:48","https://cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127404/"
 "127403","2019-02-16 06:47:45","https://cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127403/"
 "127402","2019-02-16 06:47:41","https://cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127402/"
 "127401","2019-02-16 06:47:39","https://cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127401/"
-"127400","2019-02-16 06:47:36","https://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127400/"
+"127400","2019-02-16 06:47:36","https://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127400/"
 "127399","2019-02-16 06:47:33","http://cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127399/"
 "127398","2019-02-16 06:47:32","http://cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127398/"
 "127397","2019-02-16 06:47:30","http://cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127397/"
@@ -1854,7 +3700,7 @@
 "127383","2019-02-16 06:47:16","http://cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127383/"
 "127382","2019-02-16 06:47:15","http://cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127382/"
 "127381","2019-02-16 06:47:14","http://cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127381/"
-"127379","2019-02-16 06:47:13","http://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127379/"
+"127379","2019-02-16 06:47:13","http://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127379/"
 "127380","2019-02-16 06:47:13","http://cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127380/"
 "127377","2019-02-16 06:47:11","http://cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127377/"
 "127378","2019-02-16 06:47:11","http://cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127378/"
@@ -1876,11 +3722,11 @@
 "127362","2019-02-16 06:46:19","http://cocomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127362/"
 "127360","2019-02-16 06:46:17","http://cocomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127360/"
 "127359","2019-02-16 06:46:16","http://cocomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127359/"
-"127358","2019-02-16 06:46:15","http://cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127358/"
+"127358","2019-02-16 06:46:15","http://cocomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127358/"
 "127357","2019-02-16 06:46:13","http://cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127357/"
 "127356","2019-02-16 06:46:10","http://cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127356/"
 "127355","2019-02-16 06:46:09","http://cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127355/"
-"127354","2019-02-16 06:46:07","http://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127354/"
+"127354","2019-02-16 06:46:07","http://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127354/"
 "127353","2019-02-16 06:46:03","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127353/"
 "127352","2019-02-16 06:45:59","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127352/"
 "127351","2019-02-16 06:45:55","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127351/"
@@ -1893,7 +3739,7 @@
 "127344","2019-02-16 06:45:30","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127344/"
 "127343","2019-02-16 06:45:27","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127343/"
 "127342","2019-02-16 06:45:24","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127342/"
-"127341","2019-02-16 06:45:20","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127341/"
+"127341","2019-02-16 06:45:20","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127341/"
 "127340","2019-02-16 06:45:17","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127340/"
 "127339","2019-02-16 06:45:14","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127339/"
 "127338","2019-02-16 06:45:11","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127338/"
@@ -1908,11 +3754,11 @@
 "127329","2019-02-16 06:44:43","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127329/"
 "127328","2019-02-16 06:44:41","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127328/"
 "127327","2019-02-16 06:44:38","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127327/"
-"127326","2019-02-16 06:44:35","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127326/"
+"127326","2019-02-16 06:44:35","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127326/"
 "127325","2019-02-16 06:44:32","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127325/"
 "127324","2019-02-16 06:44:27","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127324/"
 "127323","2019-02-16 06:44:25","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127323/"
-"127322","2019-02-16 06:44:22","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127322/"
+"127322","2019-02-16 06:44:22","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127322/"
 "127321","2019-02-16 06:44:20","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127321/"
 "127320","2019-02-16 06:44:19","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127320/"
 "127319","2019-02-16 06:44:16","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127319/"
@@ -1932,7 +3778,7 @@
 "127305","2019-02-16 06:43:33","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127305/"
 "127304","2019-02-16 06:43:32","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127304/"
 "127303","2019-02-16 06:43:31","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127303/"
-"127301","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127301/"
+"127301","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127301/"
 "127302","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127302/"
 "127299","2019-02-16 06:43:29","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127299/"
 "127300","2019-02-16 06:43:29","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127300/"
@@ -1954,11 +3800,11 @@
 "127283","2019-02-16 06:43:13","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127283/"
 "127282","2019-02-16 06:43:12","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127282/"
 "127281","2019-02-16 06:43:11","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127281/"
-"127280","2019-02-16 06:43:10","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127280/"
+"127280","2019-02-16 06:43:10","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127280/"
 "127279","2019-02-16 06:43:09","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127279/"
 "127277","2019-02-16 06:43:06","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127277/"
 "127278","2019-02-16 06:43:06","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127278/"
-"127276","2019-02-16 06:43:04","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127276/"
+"127276","2019-02-16 06:43:04","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127276/"
 "127275","2019-02-16 06:37:07","http://www.carsonbiz.com/htts/server.exe","online","malware_download","exe,njRAT,payload,stage2","https://urlhaus.abuse.ch/url/127275/"
 "127274","2019-02-16 06:37:04","https://cld.pt/dl/download/ed83c39b-a2c1-4d8e-b532-5f249d4b41ac/%24%24%24%24%23%23%24%24.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/127274/"
 "127273","2019-02-16 06:32:04","http://185.244.25.173:80/bins/Solstice.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127273/"
@@ -2006,7 +3852,7 @@
 "127231","2019-02-16 05:04:41","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127231/"
 "127230","2019-02-16 05:04:38","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127230/"
 "127229","2019-02-16 05:04:36","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127229/"
-"127228","2019-02-16 05:04:33","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127228/"
+"127228","2019-02-16 05:04:33","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127228/"
 "127227","2019-02-16 05:04:31","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127227/"
 "127226","2019-02-16 05:04:28","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127226/"
 "127225","2019-02-16 05:04:26","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127225/"
@@ -2021,11 +3867,11 @@
 "127216","2019-02-16 05:04:04","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127216/"
 "127215","2019-02-16 05:04:03","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127215/"
 "127214","2019-02-16 05:04:00","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127214/"
-"127213","2019-02-16 05:03:58","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127213/"
+"127213","2019-02-16 05:03:58","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127213/"
 "127212","2019-02-16 05:03:55","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127212/"
 "127211","2019-02-16 05:03:51","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127211/"
 "127210","2019-02-16 05:03:48","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127210/"
-"127209","2019-02-16 05:03:45","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127209/"
+"127209","2019-02-16 05:03:45","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127209/"
 "127208","2019-02-16 05:03:43","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127208/"
 "127207","2019-02-16 05:03:42","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127207/"
 "127206","2019-02-16 05:03:39","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127206/"
@@ -2045,7 +3891,7 @@
 "127192","2019-02-16 05:03:22","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127192/"
 "127191","2019-02-16 05:03:21","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127191/"
 "127190","2019-02-16 05:03:20","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127190/"
-"127188","2019-02-16 05:03:19","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127188/"
+"127188","2019-02-16 05:03:19","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127188/"
 "127189","2019-02-16 05:03:19","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127189/"
 "127184","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127184/"
 "127185","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127185/"
@@ -2067,11 +3913,11 @@
 "127170","2019-02-16 05:03:03","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127170/"
 "127169","2019-02-16 05:03:02","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127169/"
 "127168","2019-02-16 05:03:01","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127168/"
-"127167","2019-02-16 05:03:00","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127167/"
+"127167","2019-02-16 05:03:00","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127167/"
 "127166","2019-02-16 05:02:59","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127166/"
 "127165","2019-02-16 05:02:57","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127165/"
 "127164","2019-02-16 05:02:56","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127164/"
-"127163","2019-02-16 05:02:54","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127163/"
+"127163","2019-02-16 05:02:54","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127163/"
 "127162","2019-02-16 05:02:51","https://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127162/"
 "127161","2019-02-16 05:02:48","https://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127161/"
 "127160","2019-02-16 05:02:42","https://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127160/"
@@ -2084,7 +3930,7 @@
 "127153","2019-02-16 05:02:22","https://comduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127153/"
 "127152","2019-02-16 05:02:19","https://comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127152/"
 "127151","2019-02-16 05:02:16","https://comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127151/"
-"127150","2019-02-16 05:02:14","https://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127150/"
+"127150","2019-02-16 05:02:14","https://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127150/"
 "127149","2019-02-16 05:02:11","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127149/"
 "127148","2019-02-16 05:02:06","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127148/"
 "127147","2019-02-16 05:02:04","https://comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127147/"
@@ -2099,11 +3945,11 @@
 "127138","2019-02-16 05:01:41","https://comduoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127138/"
 "127137","2019-02-16 05:01:39","https://comduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127137/"
 "127136","2019-02-16 05:01:37","https://comduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127136/"
-"127135","2019-02-16 05:01:35","https://comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127135/"
+"127135","2019-02-16 05:01:35","https://comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127135/"
 "127134","2019-02-16 05:01:32","https://comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127134/"
 "127133","2019-02-16 05:01:29","https://comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127133/"
 "127132","2019-02-16 05:01:26","https://comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127132/"
-"127131","2019-02-16 05:01:23","https://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127131/"
+"127131","2019-02-16 05:01:23","https://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127131/"
 "127130","2019-02-16 05:01:20","http://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127130/"
 "127129","2019-02-16 05:01:19","http://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127129/"
 "127128","2019-02-16 05:01:17","http://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127128/"
@@ -2124,7 +3970,7 @@
 "127113","2019-02-16 05:00:28","http://comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127113/"
 "127112","2019-02-16 05:00:25","http://comduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127112/"
 "127111","2019-02-16 05:00:23","http://comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127111/"
-"127110","2019-02-16 05:00:21","http://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127110/"
+"127110","2019-02-16 05:00:21","http://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127110/"
 "127109","2019-02-16 05:00:15","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127109/"
 "127108","2019-02-16 05:00:13","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127108/"
 "127107","2019-02-16 05:00:11","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127107/"
@@ -2145,11 +3991,11 @@
 "127092","2019-02-16 04:58:18","http://comduoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127092/"
 "127091","2019-02-16 04:58:08","http://comduoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127091/"
 "127090","2019-02-16 04:58:01","http://comduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127090/"
-"127089","2019-02-16 04:57:55","http://comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127089/"
+"127089","2019-02-16 04:57:55","http://comduoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127089/"
 "127088","2019-02-16 04:57:46","http://comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127088/"
 "127087","2019-02-16 04:57:27","http://comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127087/"
 "127086","2019-02-16 04:57:20","http://comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127086/"
-"127085","2019-02-16 04:57:11","http://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127085/"
+"127085","2019-02-16 04:57:11","http://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127085/"
 "127084","2019-02-16 04:55:09","https://agilife.pl/file/1767554/ajlzT-SeK_W-xRz/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/127084/"
 "127083","2019-02-16 04:54:10","http://autobuschel.ru/En_us/llc/8629908607223/gTPLL-q5m_vyXAFmH-syu/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/127083/"
 "127082","2019-02-16 04:53:53","http://equiracing.fr/templates/rhuk_milkyway_equiracing/css/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127082/"
@@ -2167,20 +4013,20 @@
 "127070","2019-02-16 04:35:09","http://lhi.or.id/.well-known/acme-challenge/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127070/"
 "127069","2019-02-16 04:11:32","http://efficientlifechurch.org/wp-includes/ID3/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127069/"
 "127068","2019-02-16 04:11:31","http://efficientlifechurch.org/wp-includes/ID3/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127068/"
-"127067","2019-02-16 04:11:17","http://bi.netmonks.org/wp-content/plugins/akismet/_inc/img/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127067/"
-"127066","2019-02-16 04:11:15","http://bi.netmonks.org/wp-content/plugins/akismet/_inc/img/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127066/"
+"127067","2019-02-16 04:11:17","http://bi.netmonks.org/wp-content/plugins/akismet/_inc/img/slavneft.zakaz.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127067/"
+"127066","2019-02-16 04:11:15","http://bi.netmonks.org/wp-content/plugins/akismet/_inc/img/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/127066/"
 "127065","2019-02-16 04:03:45","http://shafercharacter.org/.well-known/acme-challenge/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127065/"
 "127064","2019-02-16 04:03:28","http://nexclick.ir/wp-content/themes/appart/fonts-farsi/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127064/"
 "127063","2019-02-16 03:42:21","https://gastrohero.zendesk.com/attachments/token/SpLLREGAJCvV26JDPR1szmfVu/?name=Rechnung+D01K88L.doc/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127063/"
 "127062","2019-02-16 03:42:19","http://xn--90aeb9ae9a.xn--p1ai/Amazon/Documents/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127062/"
 "127061","2019-02-16 03:42:14","http://sexchatsnol.nl/Amazon/En/Documents/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127061/"
 "127060","2019-02-16 03:42:09","http://ilo-drink.nl/Amazon/EN/Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127060/"
-"127059","2019-02-16 03:41:20","http://doservicework.com/Amazon/Details/2019-02/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127059/"
+"127059","2019-02-16 03:41:20","http://doservicework.com/Amazon/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127059/"
 "127058","2019-02-16 03:41:14","http://currenteventsmemes.com/Amazon/En/Clients_Messages/2019-02/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127058/"
 "127057","2019-02-16 03:41:07","http://aterrosanitarioouroverde.com.br/Amazon/Clients_transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127057/"
 "127056","2019-02-16 03:38:18","http://ronex90.myjino.ru/Amazon/Clients_information/2019-02/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127056/"
-"127055","2019-02-16 03:38:17","http://qitafood.com/Amazon/Payments/02_19/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127055/"
-"127054","2019-02-16 03:38:10","http://misionnevado.gob.ve/Sec_Refund/xerox/receipt/Jamd-in_mauMO-bbc/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127054/"
+"127055","2019-02-16 03:38:17","http://qitafood.com/Amazon/Payments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127055/"
+"127054","2019-02-16 03:38:10","http://misionnevado.gob.ve/Sec_Refund/xerox/receipt/Jamd-in_mauMO-bbc/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127054/"
 "127053","2019-02-16 03:38:05","http://hdzbih.tv/verif.myacc.send.biz/index.php.suspected/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127053/"
 "127052","2019-02-16 03:38:03","http://erem.com.ua/Amazon/Transaction_details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127052/"
 "127051","2019-02-16 03:14:45","https://coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127051/"
@@ -2195,7 +4041,7 @@
 "127042","2019-02-16 03:14:13","https://coqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127042/"
 "127041","2019-02-16 03:14:09","https://coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127041/"
 "127040","2019-02-16 03:14:05","https://coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127040/"
-"127039","2019-02-16 03:14:01","https://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127039/"
+"127039","2019-02-16 03:14:01","https://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127039/"
 "127038","2019-02-16 03:13:57","https://coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127038/"
 "127037","2019-02-16 03:13:54","https://coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127037/"
 "127036","2019-02-16 03:13:51","https://coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127036/"
@@ -2210,11 +4056,11 @@
 "127027","2019-02-16 03:13:24","https://coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127027/"
 "127026","2019-02-16 03:13:22","https://coqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127026/"
 "127025","2019-02-16 03:13:18","https://coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127025/"
-"127024","2019-02-16 03:13:15","https://coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127024/"
+"127024","2019-02-16 03:13:15","https://coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/127024/"
 "127023","2019-02-16 03:13:11","https://coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127023/"
 "127022","2019-02-16 03:13:01","https://coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127022/"
 "127021","2019-02-16 03:12:59","https://coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127021/"
-"127020","2019-02-16 03:12:56","https://coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127020/"
+"127020","2019-02-16 03:12:56","https://coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127020/"
 "127019","2019-02-16 03:12:53","http://coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127019/"
 "127018","2019-02-16 03:12:52","http://coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127018/"
 "127017","2019-02-16 03:12:50","http://coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127017/"
@@ -2235,7 +4081,7 @@
 "127002","2019-02-16 03:12:33","http://coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127002/"
 "127001","2019-02-16 03:12:32","http://coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127001/"
 "127000","2019-02-16 03:12:31","http://coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127000/"
-"126999","2019-02-16 03:12:30","http://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126999/"
+"126999","2019-02-16 03:12:30","http://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126999/"
 "126996","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126996/"
 "126997","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126997/"
 "126998","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126998/"
@@ -2256,11 +4102,11 @@
 "126982","2019-02-16 03:12:14","http://coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126982/"
 "126980","2019-02-16 03:12:13","http://coqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126980/"
 "126979","2019-02-16 03:12:11","http://coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126979/"
-"126978","2019-02-16 03:12:10","http://coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126978/"
+"126978","2019-02-16 03:12:10","http://coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126978/"
 "126977","2019-02-16 03:12:09","http://coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126977/"
 "126976","2019-02-16 03:12:07","http://coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126976/"
 "126975","2019-02-16 03:12:06","http://coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126975/"
-"126974","2019-02-16 03:12:05","http://coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126974/"
+"126974","2019-02-16 03:12:05","http://coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126974/"
 "126973","2019-02-16 03:12:02","https://lists.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126973/"
 "126972","2019-02-16 03:11:59","https://lists.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126972/"
 "126971","2019-02-16 03:11:56","https://lists.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126971/"
@@ -2273,7 +4119,7 @@
 "126964","2019-02-16 03:11:38","https://lists.coqianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126964/"
 "126963","2019-02-16 03:11:36","https://lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126963/"
 "126962","2019-02-16 03:11:33","https://lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126962/"
-"126961","2019-02-16 03:11:30","https://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126961/"
+"126961","2019-02-16 03:11:30","https://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126961/"
 "126960","2019-02-16 03:11:28","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126960/"
 "126959","2019-02-16 03:11:25","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126959/"
 "126958","2019-02-16 03:11:23","https://lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126958/"
@@ -2288,11 +4134,11 @@
 "126949","2019-02-16 03:10:11","https://lists.coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126949/"
 "126948","2019-02-16 03:10:10","https://lists.coqianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126948/"
 "126947","2019-02-16 03:10:07","https://lists.coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126947/"
-"126946","2019-02-16 03:10:03","https://lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126946/"
+"126946","2019-02-16 03:10:03","https://lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126946/"
 "126945","2019-02-16 03:10:01","https://lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126945/"
 "126944","2019-02-16 03:09:57","https://lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126944/"
 "126943","2019-02-16 03:09:54","https://lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126943/"
-"126942","2019-02-16 03:09:52","https://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126942/"
+"126942","2019-02-16 03:09:52","https://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126942/"
 "126941","2019-02-16 03:09:49","http://lists.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126941/"
 "126940","2019-02-16 03:09:48","http://lists.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126940/"
 "126939","2019-02-16 03:09:46","http://lists.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126939/"
@@ -2312,7 +4158,7 @@
 "126925","2019-02-16 03:09:31","http://lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126925/"
 "126924","2019-02-16 03:09:30","http://lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126924/"
 "126923","2019-02-16 03:09:29","http://lists.coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126923/"
-"126921","2019-02-16 03:09:28","http://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126921/"
+"126921","2019-02-16 03:09:28","http://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126921/"
 "126922","2019-02-16 03:09:28","http://lists.coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126922/"
 "126920","2019-02-16 03:09:27","http://lists.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126920/"
 "126917","2019-02-16 03:09:26","http://lists.coqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126917/"
@@ -2334,53 +4180,53 @@
 "126904","2019-02-16 03:09:13","http://lists.coqianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126904/"
 "126902","2019-02-16 03:09:12","http://lists.coqianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126902/"
 "126901","2019-02-16 03:09:11","http://lists.coqianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126901/"
-"126900","2019-02-16 03:09:10","http://lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126900/"
+"126900","2019-02-16 03:09:10","http://lists.coqianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126900/"
 "126899","2019-02-16 03:09:09","http://lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126899/"
 "126898","2019-02-16 03:09:07","http://lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126898/"
 "126897","2019-02-16 03:09:06","http://lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126897/"
-"126896","2019-02-16 03:09:05","http://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126896/"
+"126896","2019-02-16 03:09:05","http://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126896/"
 "126895","2019-02-16 02:54:07","http://nkcatering.pl/wp-content/themes/vogue/templates/contents/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126895/"
 "126894","2019-02-16 02:54:06","http://alisa-photo.com.ua/admin/ctxmenu/font/docx.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126894/"
 "126893","2019-02-16 02:54:04","http://yolyardim.baynuri.net/wp-content/ai1wm-backups/slavneft.zakaz.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126893/"
-"126892","2019-02-16 02:28:23","https://quadriconexiones.info/putty.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126892/"
-"126891","2019-02-16 02:28:20","https://quadriconexiones.info/putty.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126891/"
-"126890","2019-02-16 02:28:17","https://quadriconexiones.info/mylokinew.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126890/"
-"126889","2019-02-16 02:28:16","https://quadriconexiones.info/mylokifebp.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126889/"
-"126888","2019-02-16 02:28:14","https://quadriconexiones.info/mylokifeb.png","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126888/"
-"126887","2019-02-16 02:28:12","https://quadriconexiones.info/mylokifeb.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126887/"
-"126886","2019-02-16 02:28:10","https://quadriconexiones.info/fbnew.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126886/"
-"126885","2019-02-16 02:28:08","https://quadriconexiones.info/fbnew.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126885/"
-"126884","2019-02-16 02:28:04","https://www.quadriconexiones.info/putty.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126884/"
-"126883","2019-02-16 02:28:01","https://www.quadriconexiones.info/putty.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126883/"
-"126882","2019-02-16 02:27:59","https://www.quadriconexiones.info/mylokinew.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126882/"
-"126881","2019-02-16 02:27:57","https://www.quadriconexiones.info/mylokifebp.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126881/"
-"126880","2019-02-16 02:27:55","https://www.quadriconexiones.info/mylokifeb.png","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126880/"
-"126879","2019-02-16 02:27:53","https://www.quadriconexiones.info/mylokifeb.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126879/"
-"126878","2019-02-16 02:27:51","https://www.quadriconexiones.info/fbnew.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126878/"
-"126877","2019-02-16 02:27:49","https://www.quadriconexiones.info/fbnew.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126877/"
-"126876","2019-02-16 02:27:47","http://www.quadriconexiones.info/putty.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126876/"
-"126875","2019-02-16 02:27:39","http://www.quadriconexiones.info/putty.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126875/"
-"126874","2019-02-16 02:27:31","http://www.quadriconexiones.info/mylokinew.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126874/"
-"126873","2019-02-16 02:27:27","http://www.quadriconexiones.info/mylokifebp.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126873/"
-"126872","2019-02-16 02:27:23","http://www.quadriconexiones.info/mylokifeb.png","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126872/"
-"126871","2019-02-16 02:27:18","http://www.quadriconexiones.info/mylokifeb.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126871/"
-"126870","2019-02-16 02:27:14","http://www.quadriconexiones.info/fbnew.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126870/"
-"126869","2019-02-16 02:27:08","http://www.quadriconexiones.info/fbnew.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126869/"
-"126868","2019-02-16 02:23:13","http://quadriconexiones.info/putty.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126868/"
-"126867","2019-02-16 02:23:12","http://quadriconexiones.info/putty.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126867/"
-"126866","2019-02-16 02:23:10","http://quadriconexiones.info/mylokinew.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126866/"
-"126865","2019-02-16 02:23:09","http://quadriconexiones.info/mylokifebp.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126865/"
-"126864","2019-02-16 02:23:08","http://quadriconexiones.info/mylokifeb.png","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126864/"
-"126863","2019-02-16 02:23:07","http://quadriconexiones.info/mylokifeb.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126863/"
-"126862","2019-02-16 02:23:06","http://quadriconexiones.info/fbnew.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126862/"
-"126861","2019-02-16 02:23:05","http://quadriconexiones.info/fbnew.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126861/"
-"126860","2019-02-16 02:18:18","http://www.acropol.com.eg/pdf/wealthy.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126860/"
-"126859","2019-02-16 02:18:16","http://www.acropol.com.eg/pdf/sunny.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126859/"
-"126858","2019-02-16 02:18:13","http://www.acropol.com.eg/pdf/sales.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126858/"
-"126857","2019-02-16 02:18:11","http://www.acropol.com.eg/pdf/onos.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126857/"
-"126856","2019-02-16 02:18:09","http://www.acropol.com.eg/pdf/info.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126856/"
-"126855","2019-02-16 02:18:07","http://www.acropol.com.eg/pdf/contact.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126855/"
-"126854","2019-02-16 02:18:04","http://www.acropol.com.eg/pdf/admin.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126854/"
+"126892","2019-02-16 02:28:23","https://quadriconexiones.info/putty.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126892/"
+"126891","2019-02-16 02:28:20","https://quadriconexiones.info/putty.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126891/"
+"126890","2019-02-16 02:28:17","https://quadriconexiones.info/mylokinew.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126890/"
+"126889","2019-02-16 02:28:16","https://quadriconexiones.info/mylokifebp.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126889/"
+"126888","2019-02-16 02:28:14","https://quadriconexiones.info/mylokifeb.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126888/"
+"126887","2019-02-16 02:28:12","https://quadriconexiones.info/mylokifeb.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126887/"
+"126886","2019-02-16 02:28:10","https://quadriconexiones.info/fbnew.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126886/"
+"126885","2019-02-16 02:28:08","https://quadriconexiones.info/fbnew.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126885/"
+"126884","2019-02-16 02:28:04","https://www.quadriconexiones.info/putty.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126884/"
+"126883","2019-02-16 02:28:01","https://www.quadriconexiones.info/putty.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126883/"
+"126882","2019-02-16 02:27:59","https://www.quadriconexiones.info/mylokinew.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126882/"
+"126881","2019-02-16 02:27:57","https://www.quadriconexiones.info/mylokifebp.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126881/"
+"126880","2019-02-16 02:27:55","https://www.quadriconexiones.info/mylokifeb.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126880/"
+"126879","2019-02-16 02:27:53","https://www.quadriconexiones.info/mylokifeb.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126879/"
+"126878","2019-02-16 02:27:51","https://www.quadriconexiones.info/fbnew.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126878/"
+"126877","2019-02-16 02:27:49","https://www.quadriconexiones.info/fbnew.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126877/"
+"126876","2019-02-16 02:27:47","http://www.quadriconexiones.info/putty.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126876/"
+"126875","2019-02-16 02:27:39","http://www.quadriconexiones.info/putty.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126875/"
+"126874","2019-02-16 02:27:31","http://www.quadriconexiones.info/mylokinew.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126874/"
+"126873","2019-02-16 02:27:27","http://www.quadriconexiones.info/mylokifebp.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126873/"
+"126872","2019-02-16 02:27:23","http://www.quadriconexiones.info/mylokifeb.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126872/"
+"126871","2019-02-16 02:27:18","http://www.quadriconexiones.info/mylokifeb.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126871/"
+"126870","2019-02-16 02:27:14","http://www.quadriconexiones.info/fbnew.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126870/"
+"126869","2019-02-16 02:27:08","http://www.quadriconexiones.info/fbnew.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126869/"
+"126868","2019-02-16 02:23:13","http://quadriconexiones.info/putty.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126868/"
+"126867","2019-02-16 02:23:12","http://quadriconexiones.info/putty.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126867/"
+"126866","2019-02-16 02:23:10","http://quadriconexiones.info/mylokinew.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126866/"
+"126865","2019-02-16 02:23:09","http://quadriconexiones.info/mylokifebp.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126865/"
+"126864","2019-02-16 02:23:08","http://quadriconexiones.info/mylokifeb.png","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126864/"
+"126863","2019-02-16 02:23:07","http://quadriconexiones.info/mylokifeb.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126863/"
+"126862","2019-02-16 02:23:06","http://quadriconexiones.info/fbnew.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126862/"
+"126861","2019-02-16 02:23:05","http://quadriconexiones.info/fbnew.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126861/"
+"126860","2019-02-16 02:18:18","http://www.acropol.com.eg/pdf/wealthy.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126860/"
+"126859","2019-02-16 02:18:16","http://www.acropol.com.eg/pdf/sunny.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126859/"
+"126858","2019-02-16 02:18:13","http://www.acropol.com.eg/pdf/sales.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126858/"
+"126857","2019-02-16 02:18:11","http://www.acropol.com.eg/pdf/onos.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126857/"
+"126856","2019-02-16 02:18:09","http://www.acropol.com.eg/pdf/info.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126856/"
+"126855","2019-02-16 02:18:07","http://www.acropol.com.eg/pdf/contact.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126855/"
+"126854","2019-02-16 02:18:04","http://www.acropol.com.eg/pdf/admin.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126854/"
 "126853","2019-02-16 02:13:15","http://donsworld.org/templates/kitephotography/js/messg.jpg","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126853/"
 "126852","2019-02-16 02:13:12","http://nathannewman.org/wp-content/themes/boldnews/lang/messg.jpg","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126852/"
 "126851","2019-02-16 02:13:09","http://www.rdmarmotte.net/wp-content/themes/responsive/woocommerce/cart/Philip.Morris.International.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126851/"
@@ -2392,15 +4238,15 @@
 "126845","2019-02-16 02:13:02","http://www.taoday.net/wp-content/themes/twentyten/languages/Philip.Morris.International.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126845/"
 "126844","2019-02-16 02:13:01","http://www.taoday.net/wp-content/themes/twentyten/languages/Vseros.Bank.zakaz.docx.zip","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126844/"
 "126843","2019-02-16 02:08:03","http://teelam9.com/Document5.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/126843/"
-"126842","2019-02-16 02:06:10","http://teelam9.com/myloki1.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126842/"
-"126841","2019-02-16 02:06:09","http://teelam9.com/myloki1.jpg","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126841/"
-"126840","2019-02-16 02:06:08","http://teelam9.com/mylok.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126840/"
-"126839","2019-02-16 02:05:04","http://teelam9.com/myloki11.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126839/"
+"126842","2019-02-16 02:06:10","http://teelam9.com/myloki1.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126842/"
+"126841","2019-02-16 02:06:09","http://teelam9.com/myloki1.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126841/"
+"126840","2019-02-16 02:06:08","http://teelam9.com/mylok.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126840/"
+"126839","2019-02-16 02:05:04","http://teelam9.com/myloki11.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/126839/"
 "126838","2019-02-16 01:58:04","http://realhaunts.com/wp-content/plugins/akismet/_inc/img/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/126838/"
 "126837","2019-02-16 01:57:02","http://online01-capitalhelp24.da-ar.ru/En/doc/Invoice_Notice/mGJcc-uY_ZmaFH-ZL6","offline","malware_download","doc","https://urlhaus.abuse.ch/url/126837/"
 "126836","2019-02-16 01:56:12","http://82.80.63.165:44155/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126836/"
 "126835","2019-02-16 01:56:09","http://14.46.70.58:49575/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126835/"
-"126834","2019-02-16 01:56:06","http://191.193.51.34:5133/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126834/"
+"126834","2019-02-16 01:56:06","http://191.193.51.34:5133/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/126834/"
 "126833","2019-02-16 01:52:11","http://primeeast.net/images/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126833/"
 "126832","2019-02-16 01:49:05","http://torontoluxuryrealestatelistings.com/US_us/corporation/YBFNo-8ndqK_UdBOJ-aK3","offline","malware_download","doc","https://urlhaus.abuse.ch/url/126832/"
 "126831","2019-02-16 01:48:02","http://mikrotik.com.pe/gestion/inc/fpdf/yellowhta/DHL1_TRACKING1_DETAILS1.hta","online","malware_download","autoit,Loader","https://urlhaus.abuse.ch/url/126831/"
@@ -2424,7 +4270,7 @@
 "126813","2019-02-16 01:33:52","https://duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126813/"
 "126812","2019-02-16 01:33:49","https://duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126812/"
 "126811","2019-02-16 01:33:46","https://duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126811/"
-"126810","2019-02-16 01:33:43","https://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126810/"
+"126810","2019-02-16 01:33:43","https://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126810/"
 "126809","2019-02-16 01:33:41","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126809/"
 "126808","2019-02-16 01:33:38","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126808/"
 "126807","2019-02-16 01:33:36","https://duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126807/"
@@ -2439,10 +4285,10 @@
 "126798","2019-02-16 01:33:07","https://duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126798/"
 "126797","2019-02-16 01:33:05","https://duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126797/"
 "126796","2019-02-16 01:33:00","https://duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126796/"
-"126795","2019-02-16 01:32:56","https://duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126795/"
+"126795","2019-02-16 01:32:56","https://duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126795/"
 "126794","2019-02-16 01:32:51","https://duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126794/"
 "126793","2019-02-16 01:32:45","https://duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126793/"
-"126792","2019-02-16 01:32:41","https://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126792/"
+"126792","2019-02-16 01:32:41","https://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126792/"
 "126791","2019-02-16 01:32:37","https://duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126791/"
 "126790","2019-02-16 01:32:32","http://duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126790/"
 "126789","2019-02-16 01:32:25","http://duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126789/"
@@ -2464,7 +4310,7 @@
 "126773","2019-02-16 01:31:55","http://duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126773/"
 "126771","2019-02-16 01:31:53","http://duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126771/"
 "126772","2019-02-16 01:31:53","http://duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126772/"
-"126770","2019-02-16 01:31:52","http://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126770/"
+"126770","2019-02-16 01:31:52","http://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126770/"
 "126767","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126767/"
 "126768","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126768/"
 "126769","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126769/"
@@ -2485,11 +4331,11 @@
 "126753","2019-02-16 01:31:38","http://duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126753/"
 "126751","2019-02-16 01:31:37","http://duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126751/"
 "126750","2019-02-16 01:31:36","http://duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126750/"
-"126749","2019-02-16 01:31:35","http://duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126749/"
+"126749","2019-02-16 01:31:35","http://duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126749/"
 "126748","2019-02-16 01:31:34","http://duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126748/"
 "126747","2019-02-16 01:31:32","http://duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126747/"
 "126746","2019-02-16 01:31:31","http://duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126746/"
-"126745","2019-02-16 01:31:30","http://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126745/"
+"126745","2019-02-16 01:31:30","http://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126745/"
 "126744","2019-02-16 01:31:27","https://farmcomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126744/"
 "126743","2019-02-16 01:31:24","https://farmcomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126743/"
 "126742","2019-02-16 01:31:20","https://farmcomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126742/"
@@ -2502,7 +4348,7 @@
 "126735","2019-02-16 01:31:01","https://farmcomputewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126735/"
 "126734","2019-02-16 01:30:58","https://farmcomputewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126734/"
 "126733","2019-02-16 01:30:55","https://farmcomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126733/"
-"126732","2019-02-16 01:30:53","https://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126732/"
+"126732","2019-02-16 01:30:53","https://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126732/"
 "126731","2019-02-16 01:30:50","https://farmcomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126731/"
 "126730","2019-02-16 01:30:48","https://farmcomputewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126730/"
 "126729","2019-02-16 01:30:45","https://farmcomputewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126729/"
@@ -2517,11 +4363,11 @@
 "126720","2019-02-16 01:30:21","https://farmcomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126720/"
 "126719","2019-02-16 01:30:20","https://farmcomputewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126719/"
 "126718","2019-02-16 01:30:18","https://farmcomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126718/"
-"126717","2019-02-16 01:30:14","https://farmcomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126717/"
+"126717","2019-02-16 01:30:14","https://farmcomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126717/"
 "126716","2019-02-16 01:30:12","https://farmcomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126716/"
 "126715","2019-02-16 01:29:37","https://farmcomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126715/"
 "126714","2019-02-16 01:29:34","https://farmcomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126714/"
-"126713","2019-02-16 01:29:32","https://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126713/"
+"126713","2019-02-16 01:29:32","https://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126713/"
 "126712","2019-02-16 01:29:29","http://farmcomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126712/"
 "126711","2019-02-16 01:29:28","http://farmcomputewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126711/"
 "126710","2019-02-16 01:29:26","http://farmcomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126710/"
@@ -2542,7 +4388,7 @@
 "126695","2019-02-16 01:29:11","http://farmcomputewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126695/"
 "126693","2019-02-16 01:29:09","http://farmcomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126693/"
 "126694","2019-02-16 01:29:09","http://farmcomputewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126694/"
-"126692","2019-02-16 01:29:08","http://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126692/"
+"126692","2019-02-16 01:29:08","http://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126692/"
 "126689","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126689/"
 "126690","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126690/"
 "126691","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126691/"
@@ -2563,11 +4409,11 @@
 "126675","2019-02-16 01:28:53","http://farmcomputewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126675/"
 "126673","2019-02-16 01:28:52","http://farmcomputewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126673/"
 "126672","2019-02-16 01:28:51","http://farmcomputewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126672/"
-"126671","2019-02-16 01:28:50","http://farmcomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126671/"
+"126671","2019-02-16 01:28:50","http://farmcomputewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126671/"
 "126670","2019-02-16 01:28:49","http://farmcomputewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126670/"
 "126669","2019-02-16 01:28:46","http://farmcomputewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126669/"
 "126668","2019-02-16 01:28:45","http://farmcomputewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126668/"
-"126667","2019-02-16 01:28:44","http://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126667/"
+"126667","2019-02-16 01:28:44","http://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126667/"
 "126666","2019-02-16 01:28:41","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126666/"
 "126665","2019-02-16 01:28:39","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126665/"
 "126664","2019-02-16 01:28:35","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126664/"
@@ -2580,7 +4426,7 @@
 "126657","2019-02-16 01:28:14","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126657/"
 "126656","2019-02-16 01:28:12","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126656/"
 "126655","2019-02-16 01:28:09","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126655/"
-"126654","2019-02-16 01:28:06","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126654/"
+"126654","2019-02-16 01:28:06","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126654/"
 "126653","2019-02-16 01:28:04","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126653/"
 "126652","2019-02-16 01:28:01","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126652/"
 "126651","2019-02-16 01:27:58","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126651/"
@@ -2595,11 +4441,11 @@
 "126642","2019-02-16 01:27:20","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126642/"
 "126641","2019-02-16 01:27:18","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126641/"
 "126640","2019-02-16 01:27:13","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126640/"
-"126639","2019-02-16 01:27:09","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126639/"
+"126639","2019-02-16 01:27:09","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126639/"
 "126638","2019-02-16 01:27:04","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126638/"
 "126637","2019-02-16 01:26:59","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126637/"
 "126636","2019-02-16 01:26:56","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126636/"
-"126635","2019-02-16 01:26:53","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126635/"
+"126635","2019-02-16 01:26:53","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126635/"
 "126634","2019-02-16 01:26:49","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126634/"
 "126633","2019-02-16 01:26:41","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126633/"
 "126632","2019-02-16 01:26:25","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126632/"
@@ -2620,7 +4466,7 @@
 "126617","2019-02-16 01:24:57","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126617/"
 "126616","2019-02-16 01:24:50","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126616/"
 "126615","2019-02-16 01:24:47","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126615/"
-"126614","2019-02-16 01:24:46","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126614/"
+"126614","2019-02-16 01:24:46","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126614/"
 "126613","2019-02-16 01:24:40","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126613/"
 "126611","2019-02-16 01:24:39","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126611/"
 "126612","2019-02-16 01:24:39","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126612/"
@@ -2641,11 +4487,11 @@
 "126596","2019-02-16 01:22:50","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126596/"
 "126595","2019-02-16 01:22:46","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126595/"
 "126594","2019-02-16 01:22:41","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126594/"
-"126593","2019-02-16 01:22:36","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126593/"
+"126593","2019-02-16 01:22:36","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126593/"
 "126592","2019-02-16 01:22:30","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126592/"
 "126591","2019-02-16 01:22:16","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126591/"
 "126590","2019-02-16 01:22:11","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126590/"
-"126589","2019-02-16 01:22:06","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126589/"
+"126589","2019-02-16 01:22:06","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126589/"
 "126588","2019-02-16 00:58:12","http://prostranstvorosta.ru/EN_en/download/78720601871/gNrCC-bhx_DdkAUl-KL0/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126588/"
 "126587","2019-02-16 00:54:13","http://jaintigers.com/file/fanR-W8_pmwhaZW-2j4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126587/"
 "126586","2019-02-16 00:50:04","http://mantoerika.yazdvip.ir/US/xerox/Invoice_number/MJECq-y52_WUlHeblzb-c6/","online","malware_download","None","https://urlhaus.abuse.ch/url/126586/"
@@ -2657,7 +4503,7 @@
 "126580","2019-02-16 00:32:52","http://dkstudy.com/LGCAITZQT8921006/de/Rechnungsanschrift/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/126580/"
 "126579","2019-02-16 00:32:50","https://dkstudy.com/LGCAITZQT8921006/de/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126579/"
 "126578","2019-02-16 00:32:44","http://seksmag.nl/En_us/document/Invoice_number/SwMIY-3uko_iI-OJK/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126578/"
-"126577","2019-02-16 00:32:42","http://blueelephantmassage.com.au/En/download/8243513533/ZsScr-fwQ_vfsKCVRz-TUA/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126577/"
+"126577","2019-02-16 00:32:42","http://blueelephantmassage.com.au/En/download/8243513533/ZsScr-fwQ_vfsKCVRz-TUA/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126577/"
 "126576","2019-02-16 00:32:35","http://cng.spb.ru/De_de/FCHGHSYQQE1228151/gescanntes-Dokument/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126576/"
 "126575","2019-02-16 00:32:31","http://gohappybody.com/En_us/xerox/KUjt-nQhwP_FF-5K/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/126575/"
 "126574","2019-02-16 00:32:30","http://timothymills.org.uk/corporation/Copy_Invoice/uXaER-jbJ_DYX-lyE/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126574/"
@@ -2665,12 +4511,12 @@
 "126572","2019-02-16 00:32:17","http://qqenglish.com.cn/EN_en/llc/rkjV-e8WJ4_Qj-3Gs/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126572/"
 "126571","2019-02-16 00:32:09","http://pw-financial.net/Februar2019/YXSHKE7345353/Rechnungs/Rechnungszahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126571/"
 "126570","2019-02-16 00:29:04","http://afshari.yazdvip.ir/EN_en/company/Inv/gVSlo-m8WoH_AVpZKB-BN/","online","malware_download","None","https://urlhaus.abuse.ch/url/126570/"
-"126569","2019-02-16 00:27:09","http://92.63.197.153/work/3.exe","online","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/126569/"
+"126569","2019-02-16 00:27:09","http://92.63.197.153/work/3.exe","offline","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/126569/"
 "126568","2019-02-16 00:27:08","http://help3in1.oss-cn-hangzhou.aliyuncs.com/1405/QQHelper_1405.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126568/"
 "126567","2019-02-16 00:25:03","http://hvanli.com/US_us/doc/GgFgC-xe_tpeYEEQpt-zH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126567/"
 "126566","2019-02-16 00:20:02","http://masjidsolar.nl/EN_en/doc/Invoice_Notice/yeKx-z3_pQRN-OH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126566/"
 "126565","2019-02-16 00:16:02","http://xn-----9kccsa1afbhzcgd9a1ay5l.xn--p1ai/scan/EN_en/scan/New_invoice/xdjG-hNRx_vKYc-Dl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126565/"
-"126564","2019-02-16 00:13:12","http://realdealhouse.eu/WAL/WAH.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126564/"
+"126564","2019-02-16 00:13:12","http://realdealhouse.eu/WAL/WAH.exe","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/126564/"
 "126563","2019-02-16 00:13:05","http://viticomvietnam.com/US/file/Invoice_Notice/oqFVw-8nZ_llHfonJEE-tr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126563/"
 "126562","2019-02-16 00:04:07","http://altuntuval.com/info/Invoice/dRdoc-G3Q_TdxMB-ygf/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126562/"
 "126561","2019-02-16 00:00:05","http://batdongsanphonoi.vn/company/Invoice/uwlS-nrB_QbgLLvsD-gY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126561/"
@@ -2701,7 +4547,7 @@
 "126536","2019-02-15 23:35:01","http://infobreakerz.com/Amazon/Clients/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126536/"
 "126535","2019-02-15 23:34:53","http://exdev.com.au/AMAZON/Attachments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126535/"
 "126534","2019-02-15 23:34:44","http://earplasticsurgeon.com/Amazon/En/Clients_transactions/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126534/"
-"126533","2019-02-15 23:34:35","http://costartechnology.com/Amazon/EN/Payments_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126533/"
+"126533","2019-02-15 23:34:35","http://costartechnology.com/Amazon/EN/Payments_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126533/"
 "126532","2019-02-15 23:34:28","http://brucelin.co/Amazon/Clients_transactions/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126532/"
 "126531","2019-02-15 23:34:25","http://bownforcouncil.com/Amazon/Transactions-details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126531/"
 "126530","2019-02-15 23:34:21","http://astventures.in/Amazon/Transaction_details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126530/"
@@ -2713,7 +4559,7 @@
 "126524","2019-02-15 23:30:26","http://hubertpascal.org/templates/hubertpascal/css/fonts/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126524/"
 "126523","2019-02-15 23:30:16","http://mrbr.net.pl/administrator/cache/messg.jpg","online","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126523/"
 "126522","2019-02-15 23:30:12","http://zdrowie-blog.pl/wp-content/themes/wt_falcon/includes/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126522/"
-"126521","2019-02-15 23:30:06","http://befirstclub.org/EN_en/70553116/VLOP-sxNSc_nyHGmQi-Yz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126521/"
+"126521","2019-02-15 23:30:06","http://befirstclub.org/EN_en/70553116/VLOP-sxNSc_nyHGmQi-Yz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126521/"
 "126520","2019-02-15 23:25:04","http://equall.co/New_invoice/896860086/mSKV-N3G_kylxdZkR-mm/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126520/"
 "126519","2019-02-15 23:23:16","http://jonathantercero.com/wp-content/themes/sonata/inc/meta-box/css/jqueryui/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126519/"
 "126518","2019-02-15 23:23:04","http://jonathantercero.com/wp-content/themes/sonata/inc/meta-box/css/jqueryui/VserosBank.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126518/"
@@ -2724,9 +4570,9 @@
 "126513","2019-02-15 23:14:12","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/Philip.Morris.International.zip","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126513/"
 "126512","2019-02-15 23:14:11","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/messg.jpg","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126512/"
 "126511","2019-02-15 23:13:03","http://sonshinecelebrations.com/EN_en/download/Inv/ILaR-yT_toW-qu2/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126511/"
-"126510","2019-02-15 23:12:05","http://teelam9.com/myfb11.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126510/"
+"126510","2019-02-15 23:12:05","http://teelam9.com/myfb11.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/126510/"
 "126509","2019-02-15 23:09:06","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126509/"
-"126508","2019-02-15 23:09:02","http://jambanswers.org/.well-known/pki-validation/Vseros.Bank.zakaz.docx.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126508/"
+"126508","2019-02-15 23:09:02","http://jambanswers.org/.well-known/pki-validation/Vseros.Bank.zakaz.docx.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126508/"
 "126507","2019-02-15 23:08:03","http://westsideresources.org/US_us/scan/Copy_Invoice/BmNl-4B_LMSObWM-FN9/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126507/"
 "126506","2019-02-15 23:03:02","http://mkcelectric.com/doc/qvjs-cJG4D_zNPVc-GG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126506/"
 "126505","2019-02-15 22:59:02","http://aginversiones.net/US_us/llc/23806405831/vRSJ-4fgRh_HIg-cN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126505/"
@@ -2760,7 +4606,7 @@
 "126477","2019-02-15 22:06:43","http://buralistesdugard.fr/Amazon/Transactions-details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126477/"
 "126476","2019-02-15 22:06:38","http://bestcleaningcolombia.com/Amazon/Clients_transactions/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126476/"
 "126475","2019-02-15 22:06:30","http://3.92.174.100/Amazon/En/Information/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126475/"
-"126474","2019-02-15 22:06:23","http://18.217.96.49/Amazon/EN/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126474/"
+"126474","2019-02-15 22:06:23","http://18.217.96.49/Amazon/EN/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126474/"
 "126473","2019-02-15 22:06:14","http://caree.in/corporation/ogjZD-sn4YS_aGlxAcciF-yVX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126473/"
 "126472","2019-02-15 22:03:03","http://pravara-mi.com/download/Invoice_number/fofur-h2CAB_c-lgb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126472/"
 "126471","2019-02-15 21:58:02","http://white-top.com/PVXzw-4087_sYrq-MzZ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126471/"
@@ -2782,7 +4628,7 @@
 "126455","2019-02-15 21:25:05","http://clickprintnow.com.au/EN_en/corporation/JCxH-tCidK_bdKaWc-tjW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126455/"
 "126454","2019-02-15 21:21:05","http://shaynamccullough.com/US/Invoice/JFUcr-BSmEE_rjtG-MT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126454/"
 "126453","2019-02-15 21:17:02","http://decorinfo.ru/document/Invoice_number/BLcL-0V3_TuwLe-Zph/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126453/"
-"126452","2019-02-15 21:08:04","http://104.248.66.24/En_us/llc/Inv/ekEtx-tJPL_uda-dmT/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126452/"
+"126452","2019-02-15 21:08:04","http://104.248.66.24/En_us/llc/Inv/ekEtx-tJPL_uda-dmT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126452/"
 "126451","2019-02-15 21:03:03","http://idecor.ge/llc/LZFor-doj_RJZPSF-jP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126451/"
 "126450","2019-02-15 20:58:06","http://103.11.22.51/wp-content/uploads/US_us/info/Inv/JuiTQ-Ubvx_Zn-D8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126450/"
 "126449","2019-02-15 20:54:07","http://162.243.254.239/quoteandbuy/New_invoice/lgQw-bp3v1_mGHi-RkF/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126449/"
@@ -2812,7 +4658,7 @@
 "126425","2019-02-15 20:23:10","http://sadaemujahid.com/a1/lord.exe","offline","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126425/"
 "126424","2019-02-15 20:23:05","http://useraccount.co/assets/pqs/logo.jpg","online","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126424/"
 "126423","2019-02-15 20:20:05","http://traktor.parsnet.space/En/YZUYI-dlk_CfhKdCOSl-i6C/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126423/"
-"126422","2019-02-15 20:16:10","http://snopsd.duckdns.org:7101/mt810000019034.jar?_sm_au_%3diVVsR0FwMDnjWRqP","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/126422/"
+"126422","2019-02-15 20:16:10","http://snopsd.duckdns.org:7101/mt810000019034.jar?_sm_au_%3diVVsR0FwMDnjWRqP","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/126422/"
 "126421","2019-02-15 20:15:31","http://207.154.223.104/sycTwoHI4/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126421/"
 "126420","2019-02-15 20:15:29","http://128.199.172.4/J1EuGgi0sx/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126420/"
 "126419","2019-02-15 20:15:27","http://themodellabel.com/QByaBRWa/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126419/"
@@ -2828,12 +4674,12 @@
 "126409","2019-02-15 20:01:03","http://185.244.25.153:80/bins/DEMON.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126409/"
 "126408","2019-02-15 20:01:02","http://185.244.25.153:80/bins/DEMON.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/126408/"
 "126407","2019-02-15 20:00:01","http://3.112.13.31/Amazon/En/Clients_Messages/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126407/"
-"126406","2019-02-15 19:59:59","http://mohinhgohandmadedtoys.com/Amazon/EN/Transactions/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126406/"
+"126406","2019-02-15 19:59:59","http://mohinhgohandmadedtoys.com/Amazon/EN/Transactions/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126406/"
 "126405","2019-02-15 19:59:56","http://my.jiwa-nala.org/css/Amazon/En/Messages/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126405/"
 "126404","2019-02-15 19:59:54","http://mulmart.ru/Amazon/EN/Documents/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126404/"
 "126403","2019-02-15 19:59:53","http://hoatuoithienhuong.com/Amazon/En/Transaction_details/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126403/"
 "126402","2019-02-15 19:59:50","http://ge.kreo.co.ke/Amazon/Orders_details/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126402/"
-"126401","2019-02-15 19:59:49","http://hoatuoitoancau.com/Amazon/Clients_transactions/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126401/"
+"126401","2019-02-15 19:59:49","http://hoatuoitoancau.com/Amazon/Clients_transactions/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126401/"
 "126400","2019-02-15 19:59:47","http://email.rocricambi.com/c/eJxtjssOgjAQAL8Gjo0W1PbQg8boAV_xEb0uu0UaZDGlIvr18gEmc5q5DBmZk55S7AzoFa8vDrt3jdfkXPN9ueukWmdlfwAkvnCVfY_Amha3fV9sTtkkSkfowicHroLtoRXY1HFpUpqNJaKeyhQ05mo80kolMyAiVaCexA9ThvCMknkkVwPVE7Hh4AGD47tAGFxnvStE_YEhvTgIb9vm5Vvbitx9hx57c93iwzb0b-IHSp5JPQ/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/126400/"
 "126399","2019-02-15 19:59:46","http://email.rocricambi.com/c/eJxdjssOgjAURL8Glo3cYoVFF_iMEROMGtz2hS2RYmgbxa-XuDSZzZxJTkZS4DInMjb0tHJj3X7WOygbsn9DXw-XatPC8Zz7qly2-FYfMNSmtK9SFBlc5yFKZ8wJZV1wSPRdrKnEC8KJaAhJE1ALSQjPYSo8SzDGPIkfVHv_jHARwXaKNnctlVODt33H5E8zYacE6kYmRB-sR05Zibj5TEM80KJpzMjQMdw1e_w9-AKXrENd/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/126399/"
 "126398","2019-02-15 19:59:45","http://nicosong.com/RF/corporation/Receipt_Notice/295565133969/TxInO-SmV_UEMi-A4g/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/126398/"
@@ -2864,36 +4710,36 @@
 "126373","2019-02-15 19:29:49","http://secscan.oss-cn-hangzhou.aliyuncs.com/file.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126373/"
 "126372","2019-02-15 19:28:58","http://taoge.oss-cn-hangzhou.aliyuncs.com/%E5%87%A4%E5%87%B0%E5%A4%96%E4%BC%A0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/126372/"
 "126371","2019-02-15 19:28:42","http://kimberly5esthetique.com/xerox/Invoice_Notice/aboxP-ru_UVSOu-9Q/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126371/"
-"126370","2019-02-15 19:28:32","http://kinhbacchemical.com/En_us/xerox/650849278697591/DjXN-vK_PAiJzKk-f1z/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126370/"
+"126370","2019-02-15 19:28:32","http://kinhbacchemical.com/En_us/xerox/650849278697591/DjXN-vK_PAiJzKk-f1z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126370/"
 "126369","2019-02-15 19:28:24","http://www.prowidor.com/corporation/Inv/KPDJg-tK_lRzuQw-KCt","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/126369/"
 "126368","2019-02-15 19:28:16","http://realtytraining.org/test_theatre/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/126368/"
 "126367","2019-02-15 19:27:56","http://jy-property.com/Amazon/Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126367/"
 "126366","2019-02-15 19:27:51","http://istratrans.ru/AMAZON/Payments/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126366/"
-"126365","2019-02-15 19:27:46","http://haunnhyundaibacninh.com/AMAZON/Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126365/"
+"126365","2019-02-15 19:27:46","http://haunnhyundaibacninh.com/AMAZON/Messages/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126365/"
 "126364","2019-02-15 19:27:42","http://h809171554.nichost.ru/Amazon/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126364/"
 "126363","2019-02-15 19:27:39","http://focus-group.spb.ru/Amazon/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126363/"
-"126362","2019-02-15 19:27:36","http://csvina.vn/wp-snapshots/Amazon/En/Orders-details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126362/"
+"126362","2019-02-15 19:27:36","http://csvina.vn/wp-snapshots/Amazon/En/Orders-details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126362/"
 "126361","2019-02-15 19:27:33","http://charms.com.co/Amazon/EN/Orders_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126361/"
-"126360","2019-02-15 19:27:30","http://cash-lovers.com/Amazon/En/Attachments/02_19/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/126360/"
+"126360","2019-02-15 19:27:30","http://cash-lovers.com/Amazon/En/Attachments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126360/"
 "126359","2019-02-15 19:26:59","http://big.5072610.ru/Amazon/En/Details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126359/"
 "126358","2019-02-15 19:26:54","http://arvendanismanlik.com/Amazon/EN/Transaction_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126358/"
 "126357","2019-02-15 19:26:46","http://arieloutdoors.in/Amazon/En/Transaction_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126357/"
 "126356","2019-02-15 19:26:39","http://54.202.85.204/Amazon/EN/Information/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126356/"
 "126355","2019-02-15 19:26:30","http://52.63.71.120/Amazon/En/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126355/"
-"126354","2019-02-15 19:26:22","http://52.63.119.3/Amazon/En/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126354/"
+"126354","2019-02-15 19:26:22","http://52.63.119.3/Amazon/En/Clients/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126354/"
 "126353","2019-02-15 19:26:15","http://52.205.176.136/Amazon/EN/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126353/"
 "126352","2019-02-15 19:26:10","http://52.202.101.89/Amazon/En/Orders-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126352/"
 "126351","2019-02-15 19:25:39","http://52.196.225.91/wordpress/Amazon/EN/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126351/"
 "126350","2019-02-15 19:25:34","http://188.192.104.226/wordpress/Amazon/EN/Transactions-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126350/"
 "126349","2019-02-15 19:25:30","http://188.131.164.117/Amazon/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126349/"
 "126348","2019-02-15 19:25:25","http://159.65.142.218/wp-admin/Amazon/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126348/"
-"126347","2019-02-15 19:25:20","http://13.126.61.22/Amazon/En/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126347/"
+"126347","2019-02-15 19:25:20","http://13.126.61.22/Amazon/En/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126347/"
 "126346","2019-02-15 19:25:14","http://115.66.127.67/Amazon/EN/Transactions/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126346/"
 "126345","2019-02-15 19:25:07","http://104.155.134.95/Amazon/En/Clients/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126345/"
 "126344","2019-02-15 19:24:59","http://joerath.ca/US_us/scan/Inv/379791966093282/ozeH-2byJM_hd-yP/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126344/"
 "126343","2019-02-15 19:24:46","http://190.164.186.104/EN_en/New_invoice/kaGto-SKA_DSIJvMBnm-DfE/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126343/"
-"126342","2019-02-15 19:24:38","http://demo.hoatuoinhuy.vn/US/scan/CfeF-Q5gO_rtdLh-U5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126342/"
-"126341","2019-02-15 19:24:28","http://demo.supegift.com/En_us/Invoice_Notice/mUcf-v6U_Antg-bbJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126341/"
+"126342","2019-02-15 19:24:38","http://demo.hoatuoinhuy.vn/US/scan/CfeF-Q5gO_rtdLh-U5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126342/"
+"126341","2019-02-15 19:24:28","http://demo.supegift.com/En_us/Invoice_Notice/mUcf-v6U_Antg-bbJ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126341/"
 "126340","2019-02-15 19:24:13","http://sun-proxy.oss-cn-hangzhou.aliyuncs.com/download/pc/sundaili1.2.45.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126340/"
 "126339","2019-02-15 19:22:13","http://laoliehuo.oss-cn-hangzhou.aliyuncs.com/updlq/K-20170709-3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126339/"
 "126338","2019-02-15 19:19:51","https://www.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126338/"
@@ -2908,7 +4754,7 @@
 "126329","2019-02-15 19:18:56","https://www.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126329/"
 "126328","2019-02-15 19:18:53","https://www.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126328/"
 "126327","2019-02-15 19:18:49","https://www.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126327/"
-"126326","2019-02-15 19:18:45","https://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126326/"
+"126326","2019-02-15 19:18:45","https://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126326/"
 "126325","2019-02-15 19:18:42","https://www.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126325/"
 "126324","2019-02-15 19:18:36","https://www.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126324/"
 "126323","2019-02-15 19:18:31","https://www.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126323/"
@@ -2920,11 +4766,11 @@
 "126317","2019-02-15 19:17:59","https://www.watchdogdns.duckdns.org/jack/dd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126317/"
 "126316","2019-02-15 19:17:53","https://www.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126316/"
 "126315","2019-02-15 19:17:46","https://www.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126315/"
-"126314","2019-02-15 19:17:40","https://www.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126314/"
+"126314","2019-02-15 19:17:40","https://www.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126314/"
 "126313","2019-02-15 19:17:36","https://www.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126313/"
 "126312","2019-02-15 19:17:30","https://www.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126312/"
 "126311","2019-02-15 19:17:27","https://www.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126311/"
-"126310","2019-02-15 19:17:23","https://www.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126310/"
+"126310","2019-02-15 19:17:23","https://www.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126310/"
 "126309","2019-02-15 19:17:18","http://www.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126309/"
 "126308","2019-02-15 19:17:12","http://www.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126308/"
 "126307","2019-02-15 19:16:56","http://www.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126307/"
@@ -2937,7 +4783,7 @@
 "126300","2019-02-15 19:16:39","http://www.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126300/"
 "126299","2019-02-15 19:16:37","http://www.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126299/"
 "126298","2019-02-15 19:16:36","http://www.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126298/"
-"126297","2019-02-15 19:16:35","http://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126297/"
+"126297","2019-02-15 19:16:35","http://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126297/"
 "126296","2019-02-15 19:16:33","http://www.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126296/"
 "126295","2019-02-15 19:16:32","http://www.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126295/"
 "126294","2019-02-15 19:16:24","http://www.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126294/"
@@ -2950,11 +4796,11 @@
 "126287","2019-02-15 19:16:13","http://www.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126287/"
 "126286","2019-02-15 19:16:12","http://www.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126286/"
 "126285","2019-02-15 19:16:10","http://www.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126285/"
-"126284","2019-02-15 19:16:09","http://www.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126284/"
+"126284","2019-02-15 19:16:09","http://www.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126284/"
 "126283","2019-02-15 19:16:07","http://www.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126283/"
 "126282","2019-02-15 19:16:03","http://www.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126282/"
 "126281","2019-02-15 19:16:01","http://www.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126281/"
-"126280","2019-02-15 19:16:00","http://www.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126280/"
+"126280","2019-02-15 19:16:00","http://www.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126280/"
 "126279","2019-02-15 19:15:57","https://ta107s3.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126279/"
 "126278","2019-02-15 19:15:55","https://ta107s3.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126278/"
 "126277","2019-02-15 19:15:51","https://ta107s3.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126277/"
@@ -2967,7 +4813,7 @@
 "126270","2019-02-15 19:15:31","https://ta107s3.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126270/"
 "126269","2019-02-15 19:15:27","https://ta107s3.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126269/"
 "126268","2019-02-15 19:15:25","https://ta107s3.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126268/"
-"126267","2019-02-15 19:15:22","https://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126267/"
+"126267","2019-02-15 19:15:22","https://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126267/"
 "126266","2019-02-15 19:15:20","https://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126266/"
 "126265","2019-02-15 19:15:17","https://ta107s3.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126265/"
 "126264","2019-02-15 19:15:14","https://ta107s3.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126264/"
@@ -2982,11 +4828,11 @@
 "126255","2019-02-15 19:14:42","https://ta107s3.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126255/"
 "126254","2019-02-15 19:14:36","https://ta107s3.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126254/"
 "126253","2019-02-15 19:14:31","https://ta107s3.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126253/"
-"126252","2019-02-15 19:14:23","https://ta107s3.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126252/"
+"126252","2019-02-15 19:14:23","https://ta107s3.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126252/"
 "126251","2019-02-15 19:14:18","https://ta107s3.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126251/"
 "126250","2019-02-15 19:14:10","https://ta107s3.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126250/"
 "126249","2019-02-15 19:14:05","https://ta107s3.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126249/"
-"126248","2019-02-15 19:14:02","https://ta107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126248/"
+"126248","2019-02-15 19:14:02","https://ta107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126248/"
 "126247","2019-02-15 19:13:59","http://ta107s3.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126247/"
 "126246","2019-02-15 19:13:58","http://ta107s3.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126246/"
 "126245","2019-02-15 19:13:55","http://ta107s3.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126245/"
@@ -3001,7 +4847,7 @@
 "126236","2019-02-15 19:13:37","http://ta107s3.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126236/"
 "126235","2019-02-15 19:13:36","http://ta107s3.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126235/"
 "126234","2019-02-15 19:13:35","http://ta107s3.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126234/"
-"126233","2019-02-15 19:13:34","http://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126233/"
+"126233","2019-02-15 19:13:34","http://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126233/"
 "126232","2019-02-15 19:13:33","http://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126232/"
 "126231","2019-02-15 19:13:32","http://ta107s3.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126231/"
 "126230","2019-02-15 19:13:31","http://ta107s3.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126230/"
@@ -3017,11 +4863,11 @@
 "126221","2019-02-15 19:13:20","http://ta107s3.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126221/"
 "126219","2019-02-15 19:13:18","http://ta107s3.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126219/"
 "126218","2019-02-15 19:13:17","http://ta107s3.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126218/"
-"126217","2019-02-15 19:13:16","http://ta107s3.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126217/"
+"126217","2019-02-15 19:13:16","http://ta107s3.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126217/"
 "126216","2019-02-15 19:13:15","http://ta107s3.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126216/"
 "126215","2019-02-15 19:13:13","http://ta107s3.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126215/"
 "126214","2019-02-15 19:13:12","http://ta107s3.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126214/"
-"126213","2019-02-15 19:13:11","http://ta107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126213/"
+"126213","2019-02-15 19:13:11","http://ta107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126213/"
 "126212","2019-02-15 19:13:08","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126212/"
 "126211","2019-02-15 19:13:06","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126211/"
 "126210","2019-02-15 19:13:02","http://forsalebybuilderusa.com/En/scan/Invoice_number/0009788342914/vsHI-qTON_DqAgcAYw-11j/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126210/"
@@ -3035,7 +4881,7 @@
 "126202","2019-02-15 19:12:33","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126202/"
 "126201","2019-02-15 19:12:30","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126201/"
 "126200","2019-02-15 19:12:28","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126200/"
-"126199","2019-02-15 19:12:25","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126199/"
+"126199","2019-02-15 19:12:25","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126199/"
 "126198","2019-02-15 19:12:22","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126198/"
 "126197","2019-02-15 19:12:19","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126197/"
 "126196","2019-02-15 19:12:17","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126196/"
@@ -3050,11 +4896,11 @@
 "126187","2019-02-15 19:11:55","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126187/"
 "126186","2019-02-15 19:11:53","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126186/"
 "126185","2019-02-15 19:11:51","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126185/"
-"126184","2019-02-15 19:11:48","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126184/"
+"126184","2019-02-15 19:11:48","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126184/"
 "126183","2019-02-15 19:11:45","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126183/"
 "126182","2019-02-15 19:11:42","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126182/"
 "126181","2019-02-15 19:11:39","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126181/"
-"126180","2019-02-15 19:11:37","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126180/"
+"126180","2019-02-15 19:11:37","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126180/"
 "126179","2019-02-15 19:11:34","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126179/"
 "126178","2019-02-15 19:11:33","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126178/"
 "126177","2019-02-15 19:11:31","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126177/"
@@ -3068,7 +4914,7 @@
 "126169","2019-02-15 19:11:19","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126169/"
 "126168","2019-02-15 19:11:17","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126168/"
 "126167","2019-02-15 19:11:16","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126167/"
-"126165","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126165/"
+"126165","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126165/"
 "126166","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126166/"
 "126164","2019-02-15 19:11:13","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126164/"
 "126163","2019-02-15 19:11:12","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126163/"
@@ -3085,11 +4931,11 @@
 "126152","2019-02-15 19:11:00","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126152/"
 "126151","2019-02-15 19:10:59","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126151/"
 "126150","2019-02-15 19:10:58","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126150/"
-"126149","2019-02-15 19:10:57","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126149/"
+"126149","2019-02-15 19:10:57","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126149/"
 "126148","2019-02-15 19:10:56","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126148/"
 "126147","2019-02-15 19:10:53","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126147/"
 "126146","2019-02-15 19:10:52","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126146/"
-"126145","2019-02-15 19:10:50","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126145/"
+"126145","2019-02-15 19:10:50","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126145/"
 "126144","2019-02-15 19:10:47","https://com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126144/"
 "126143","2019-02-15 19:10:45","https://com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126143/"
 "126142","2019-02-15 19:10:31","https://com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126142/"
@@ -3102,7 +4948,7 @@
 "126135","2019-02-15 19:10:09","https://com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126135/"
 "126134","2019-02-15 19:10:06","https://com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126134/"
 "126133","2019-02-15 19:10:04","https://com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126133/"
-"126132","2019-02-15 19:10:00","https://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126132/"
+"126132","2019-02-15 19:10:00","https://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126132/"
 "126131","2019-02-15 19:09:58","https://com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126131/"
 "126130","2019-02-15 19:09:55","https://com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126130/"
 "126129","2019-02-15 19:09:53","https://com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126129/"
@@ -3117,11 +4963,11 @@
 "126120","2019-02-15 19:09:30","https://com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126120/"
 "126119","2019-02-15 19:09:29","https://com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126119/"
 "126118","2019-02-15 19:09:26","https://com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126118/"
-"126117","2019-02-15 19:09:24","https://com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126117/"
+"126117","2019-02-15 19:09:24","https://com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126117/"
 "126116","2019-02-15 19:09:21","https://com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126116/"
 "126115","2019-02-15 19:09:17","https://com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126115/"
 "126114","2019-02-15 19:09:15","https://com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126114/"
-"126113","2019-02-15 19:09:12","https://com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126113/"
+"126113","2019-02-15 19:09:12","https://com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126113/"
 "126112","2019-02-15 19:09:10","http://com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126112/"
 "126111","2019-02-15 19:09:09","http://com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126111/"
 "126110","2019-02-15 19:09:07","http://com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126110/"
@@ -3136,7 +4982,7 @@
 "126101","2019-02-15 19:08:54","http://com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126101/"
 "126100","2019-02-15 19:08:52","http://com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126100/"
 "126099","2019-02-15 19:08:51","http://com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126099/"
-"126098","2019-02-15 19:08:50","http://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126098/"
+"126098","2019-02-15 19:08:50","http://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126098/"
 "126097","2019-02-15 19:08:49","http://com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126097/"
 "126096","2019-02-15 19:08:48","http://com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126096/"
 "126095","2019-02-15 19:08:47","http://com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126095/"
@@ -3152,11 +4998,11 @@
 "126085","2019-02-15 19:08:36","http://com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126085/"
 "126084","2019-02-15 19:08:35","http://com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126084/"
 "126083","2019-02-15 19:08:34","http://com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126083/"
-"126082","2019-02-15 19:08:33","http://com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126082/"
+"126082","2019-02-15 19:08:33","http://com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126082/"
 "126081","2019-02-15 19:08:32","http://com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126081/"
 "126080","2019-02-15 19:08:29","http://com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126080/"
 "126079","2019-02-15 19:08:28","http://com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126079/"
-"126078","2019-02-15 19:08:27","http://com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126078/"
+"126078","2019-02-15 19:08:27","http://com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126078/"
 "126077","2019-02-15 19:08:24","https://iprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126077/"
 "126076","2019-02-15 19:08:22","https://iprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126076/"
 "126075","2019-02-15 19:08:18","https://iprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126075/"
@@ -3169,7 +5015,7 @@
 "126068","2019-02-15 19:07:58","https://iprudential.com.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126068/"
 "126067","2019-02-15 19:07:55","https://iprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126067/"
 "126066","2019-02-15 19:07:53","https://iprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126066/"
-"126065","2019-02-15 19:07:50","https://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126065/"
+"126065","2019-02-15 19:07:50","https://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126065/"
 "126064","2019-02-15 19:07:48","https://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126064/"
 "126063","2019-02-15 19:07:46","https://iprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126063/"
 "126062","2019-02-15 19:07:44","https://iprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126062/"
@@ -3184,15 +5030,15 @@
 "126053","2019-02-15 19:07:22","https://iprudential.com.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126053/"
 "126052","2019-02-15 19:07:21","https://iprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126052/"
 "126051","2019-02-15 19:07:19","https://iprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126051/"
-"126050","2019-02-15 19:07:16","https://iprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126050/"
+"126050","2019-02-15 19:07:16","https://iprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126050/"
 "126049","2019-02-15 19:07:14","https://iprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126049/"
 "126048","2019-02-15 19:07:10","https://iprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126048/"
 "126047","2019-02-15 19:07:08","https://iprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126047/"
-"126046","2019-02-15 19:07:05","https://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126046/"
+"126046","2019-02-15 19:07:05","https://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126046/"
 "126045","2019-02-15 19:07:03","http://iprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126045/"
 "126044","2019-02-15 19:07:02","http://iprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126044/"
 "126043","2019-02-15 19:06:59","http://iprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126043/"
-"126042","2019-02-15 19:06:57","http://iprudential.com.watchdogdns.duckdns.org/world/vcx.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126042/"
+"126042","2019-02-15 19:06:57","http://iprudential.com.watchdogdns.duckdns.org/world/vcx.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126042/"
 "126041","2019-02-15 19:06:54","http://iprudential.com.watchdogdns.duckdns.org/world/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126041/"
 "126040","2019-02-15 19:06:51","http://iprudential.com.watchdogdns.duckdns.org/world/pt.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126040/"
 "126038","2019-02-15 19:06:49","http://iprudential.com.watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126038/"
@@ -3203,7 +5049,7 @@
 "126034","2019-02-15 19:06:43","http://iprudential.com.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126034/"
 "126033","2019-02-15 19:06:42","http://iprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126033/"
 "126032","2019-02-15 19:06:40","http://iprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126032/"
-"126031","2019-02-15 19:06:39","http://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126031/"
+"126031","2019-02-15 19:06:39","http://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126031/"
 "126030","2019-02-15 19:06:38","http://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126030/"
 "126029","2019-02-15 19:06:37","http://iprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126029/"
 "126028","2019-02-15 19:06:35","http://iprudential.com.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126028/"
@@ -3219,11 +5065,11 @@
 "126018","2019-02-15 19:06:20","http://iprudential.com.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126018/"
 "126017","2019-02-15 19:06:19","http://iprudential.com.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126017/"
 "126016","2019-02-15 19:06:17","http://iprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126016/"
-"126015","2019-02-15 19:06:16","http://iprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126015/"
+"126015","2019-02-15 19:06:16","http://iprudential.com.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126015/"
 "126014","2019-02-15 19:06:15","http://iprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126014/"
 "126013","2019-02-15 19:06:13","http://iprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126013/"
 "126012","2019-02-15 19:06:12","http://iprudential.com.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126012/"
-"126011","2019-02-15 19:06:10","http://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126011/"
+"126011","2019-02-15 19:06:10","http://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126011/"
 "126010","2019-02-15 19:06:07","https://jsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126010/"
 "126009","2019-02-15 19:06:04","https://jsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126009/"
 "126008","2019-02-15 19:06:01","https://jsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126008/"
@@ -3236,7 +5082,7 @@
 "126001","2019-02-15 19:05:42","https://jsrwaco.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126001/"
 "126000","2019-02-15 19:05:39","https://jsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126000/"
 "125999","2019-02-15 19:05:36","https://jsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125999/"
-"125998","2019-02-15 19:05:33","https://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125998/"
+"125998","2019-02-15 19:05:33","https://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125998/"
 "125997","2019-02-15 19:05:31","https://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125997/"
 "125996","2019-02-15 19:05:29","https://jsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125996/"
 "125995","2019-02-15 19:05:26","https://jsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125995/"
@@ -3251,11 +5097,11 @@
 "125986","2019-02-15 19:04:59","https://jsrwaco.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125986/"
 "125985","2019-02-15 19:04:58","https://jsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125985/"
 "125984","2019-02-15 19:04:56","https://jsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125984/"
-"125983","2019-02-15 19:04:53","https://jsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125983/"
+"125983","2019-02-15 19:04:53","https://jsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125983/"
 "125982","2019-02-15 19:04:51","https://jsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125982/"
 "125981","2019-02-15 19:04:47","https://jsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125981/"
 "125980","2019-02-15 19:04:44","https://jsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125980/"
-"125979","2019-02-15 19:04:41","https://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125979/"
+"125979","2019-02-15 19:04:41","https://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125979/"
 "125978","2019-02-15 19:04:38","http://jsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125978/"
 "125977","2019-02-15 19:04:36","http://jsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125977/"
 "125976","2019-02-15 19:04:31","http://jsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125976/"
@@ -3270,7 +5116,7 @@
 "125967","2019-02-15 19:03:01","http://jsrwaco.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125967/"
 "125966","2019-02-15 19:02:44","http://jsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125966/"
 "125965","2019-02-15 19:02:25","http://jsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125965/"
-"125964","2019-02-15 19:02:14","http://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125964/"
+"125964","2019-02-15 19:02:14","http://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125964/"
 "125963","2019-02-15 19:02:07","http://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125963/"
 "125962","2019-02-15 19:02:01","http://jsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125962/"
 "125961","2019-02-15 19:01:55","http://jsrwaco.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125961/"
@@ -3287,11 +5133,11 @@
 "125950","2019-02-15 19:00:48","http://jsrwaco.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125950/"
 "125949","2019-02-15 19:00:44","http://jsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125949/"
 "125948","2019-02-15 19:00:39","http://160.16.198.220/scan/Inv/NFqVR-RQ_aLTZfrBiO-fYA/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125948/"
-"125947","2019-02-15 19:00:36","http://jsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125947/"
+"125947","2019-02-15 19:00:36","http://jsrwaco.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125947/"
 "125946","2019-02-15 19:00:30","http://jsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125946/"
 "125945","2019-02-15 19:00:10","http://jsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125945/"
 "125944","2019-02-15 19:00:05","http://jsrwaco.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125944/"
-"125943","2019-02-15 18:59:56","http://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125943/"
+"125943","2019-02-15 18:59:56","http://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125943/"
 "125942","2019-02-15 18:59:49","https://resonance-pub.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125942/"
 "125941","2019-02-15 18:59:45","https://resonance-pub.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125941/"
 "125940","2019-02-15 18:59:39","https://resonance-pub.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125940/"
@@ -3304,7 +5150,7 @@
 "125933","2019-02-15 18:59:09","https://resonance-pub.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125933/"
 "125932","2019-02-15 18:59:06","https://resonance-pub.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125932/"
 "125931","2019-02-15 18:59:02","https://resonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125931/"
-"125930","2019-02-15 18:58:58","https://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125930/"
+"125930","2019-02-15 18:58:58","https://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125930/"
 "125929","2019-02-15 18:58:54","https://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125929/"
 "125928","2019-02-15 18:58:51","https://resonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125928/"
 "125927","2019-02-15 18:58:48","https://resonance-pub.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125927/"
@@ -3319,11 +5165,11 @@
 "125918","2019-02-15 18:58:17","https://resonance-pub.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125918/"
 "125917","2019-02-15 18:58:16","https://resonance-pub.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125917/"
 "125916","2019-02-15 18:58:13","https://resonance-pub.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125916/"
-"125915","2019-02-15 18:58:10","https://resonance-pub.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125915/"
+"125915","2019-02-15 18:58:10","https://resonance-pub.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125915/"
 "125914","2019-02-15 18:58:06","https://resonance-pub.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125914/"
 "125913","2019-02-15 18:58:01","https://resonance-pub.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125913/"
 "125912","2019-02-15 18:57:58","https://resonance-pub.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125912/"
-"125911","2019-02-15 18:57:55","https://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125911/"
+"125911","2019-02-15 18:57:55","https://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125911/"
 "125910","2019-02-15 18:57:52","http://resonance-pub.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125910/"
 "125909","2019-02-15 18:57:46","http://resonance-pub.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125909/"
 "125908","2019-02-15 18:57:24","http://resonance-pub.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125908/"
@@ -3338,7 +5184,7 @@
 "125899","2019-02-15 18:55:52","http://resonance-pub.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125899/"
 "125898","2019-02-15 18:55:44","http://resonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125898/"
 "125897","2019-02-15 18:55:33","http://resonance-pub.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125897/"
-"125896","2019-02-15 18:55:29","http://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125896/"
+"125896","2019-02-15 18:55:29","http://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125896/"
 "125895","2019-02-15 18:55:17","http://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125895/"
 "125894","2019-02-15 18:55:10","http://resonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125894/"
 "125893","2019-02-15 18:55:04","http://resonance-pub.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125893/"
@@ -3354,11 +5200,11 @@
 "125883","2019-02-15 18:53:44","http://resonance-pub.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125883/"
 "125882","2019-02-15 18:53:39","http://resonance-pub.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125882/"
 "125881","2019-02-15 18:53:32","http://resonance-pub.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125881/"
-"125880","2019-02-15 18:53:26","http://resonance-pub.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125880/"
+"125880","2019-02-15 18:53:26","http://resonance-pub.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125880/"
 "125879","2019-02-15 18:53:17","http://resonance-pub.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125879/"
 "125878","2019-02-15 18:52:59","http://resonance-pub.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125878/"
 "125877","2019-02-15 18:52:55","http://resonance-pub.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125877/"
-"125876","2019-02-15 18:52:54","http://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125876/"
+"125876","2019-02-15 18:52:54","http://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125876/"
 "125875","2019-02-15 18:52:50","https://qianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125875/"
 "125874","2019-02-15 18:52:47","https://qianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125874/"
 "125873","2019-02-15 18:52:42","https://qianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125873/"
@@ -3371,7 +5217,7 @@
 "125866","2019-02-15 18:52:19","https://qianlong.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125866/"
 "125865","2019-02-15 18:52:16","https://qianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125865/"
 "125864","2019-02-15 18:52:13","https://qianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125864/"
-"125863","2019-02-15 18:52:10","https://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125863/"
+"125863","2019-02-15 18:52:10","https://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125863/"
 "125862","2019-02-15 18:52:07","https://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125862/"
 "125861","2019-02-15 18:52:05","https://qianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125861/"
 "125860","2019-02-15 18:52:02","https://qianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125860/"
@@ -3386,11 +5232,11 @@
 "125851","2019-02-15 18:51:40","https://qianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125851/"
 "125850","2019-02-15 18:51:39","https://qianlong.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125850/"
 "125849","2019-02-15 18:51:37","https://qianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125849/"
-"125848","2019-02-15 18:51:34","https://qianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125848/"
+"125848","2019-02-15 18:51:34","https://qianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125848/"
 "125847","2019-02-15 18:51:31","https://qianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125847/"
 "125846","2019-02-15 18:51:27","https://qianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125846/"
 "125845","2019-02-15 18:51:25","https://qianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125845/"
-"125844","2019-02-15 18:51:22","https://qianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125844/"
+"125844","2019-02-15 18:51:22","https://qianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125844/"
 "125843","2019-02-15 18:51:19","http://qianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125843/"
 "125842","2019-02-15 18:51:18","http://qianlong.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125842/"
 "125841","2019-02-15 18:51:15","http://qianlong.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125841/"
@@ -3405,7 +5251,7 @@
 "125832","2019-02-15 18:51:01","http://qianlong.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125832/"
 "125831","2019-02-15 18:51:00","http://qianlong.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125831/"
 "125830","2019-02-15 18:50:58","http://qianlong.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125830/"
-"125829","2019-02-15 18:50:57","http://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125829/"
+"125829","2019-02-15 18:50:57","http://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125829/"
 "125828","2019-02-15 18:50:56","http://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125828/"
 "125827","2019-02-15 18:50:55","http://qianlong.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125827/"
 "125826","2019-02-15 18:50:54","http://qianlong.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125826/"
@@ -3421,11 +5267,11 @@
 "125817","2019-02-15 18:50:41","http://qianlong.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125817/"
 "125815","2019-02-15 18:50:40","http://qianlong.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125815/"
 "125814","2019-02-15 18:50:39","http://qianlong.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125814/"
-"125813","2019-02-15 18:50:38","http://qianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125813/"
+"125813","2019-02-15 18:50:38","http://qianlong.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125813/"
 "125812","2019-02-15 18:50:36","http://qianlong.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125812/"
 "125811","2019-02-15 18:50:34","http://qianlong.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125811/"
 "125810","2019-02-15 18:50:32","http://qianlong.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125810/"
-"125809","2019-02-15 18:50:31","http://qianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125809/"
+"125809","2019-02-15 18:50:31","http://qianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125809/"
 "125808","2019-02-15 18:50:28","https://computewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125808/"
 "125807","2019-02-15 18:50:24","https://computewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125807/"
 "125806","2019-02-15 18:50:18","https://computewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125806/"
@@ -3438,7 +5284,7 @@
 "125799","2019-02-15 18:49:54","https://computewww.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125799/"
 "125798","2019-02-15 18:49:52","https://computewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125798/"
 "125797","2019-02-15 18:49:49","https://computewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125797/"
-"125796","2019-02-15 18:49:46","https://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125796/"
+"125796","2019-02-15 18:49:46","https://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125796/"
 "125795","2019-02-15 18:49:43","https://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125795/"
 "125794","2019-02-15 18:49:41","https://computewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125794/"
 "125793","2019-02-15 18:49:38","https://computewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125793/"
@@ -3453,11 +5299,11 @@
 "125784","2019-02-15 18:49:16","https://computewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125784/"
 "125783","2019-02-15 18:49:15","https://computewww.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125783/"
 "125782","2019-02-15 18:49:13","https://computewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125782/"
-"125781","2019-02-15 18:49:10","https://computewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125781/"
+"125781","2019-02-15 18:49:10","https://computewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125781/"
 "125780","2019-02-15 18:49:08","https://computewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125780/"
 "125779","2019-02-15 18:49:04","https://computewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125779/"
 "125778","2019-02-15 18:49:01","https://computewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125778/"
-"125777","2019-02-15 18:48:59","https://computewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125777/"
+"125777","2019-02-15 18:48:59","https://computewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125777/"
 "125776","2019-02-15 18:48:56","http://computewww.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125776/"
 "125775","2019-02-15 18:48:55","http://computewww.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125775/"
 "125774","2019-02-15 18:48:52","http://computewww.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125774/"
@@ -3472,7 +5318,7 @@
 "125765","2019-02-15 18:48:39","http://computewww.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125765/"
 "125764","2019-02-15 18:48:38","http://computewww.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125764/"
 "125763","2019-02-15 18:48:37","http://computewww.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125763/"
-"125762","2019-02-15 18:48:36","http://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125762/"
+"125762","2019-02-15 18:48:36","http://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125762/"
 "125761","2019-02-15 18:48:35","http://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125761/"
 "125760","2019-02-15 18:48:34","http://computewww.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125760/"
 "125759","2019-02-15 18:48:33","http://computewww.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125759/"
@@ -3488,11 +5334,11 @@
 "125750","2019-02-15 18:48:22","http://computewww.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125750/"
 "125748","2019-02-15 18:48:21","http://computewww.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125748/"
 "125747","2019-02-15 18:48:19","http://computewww.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125747/"
-"125746","2019-02-15 18:48:18","http://computewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125746/"
+"125746","2019-02-15 18:48:18","http://computewww.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125746/"
 "125745","2019-02-15 18:48:17","http://computewww.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125745/"
 "125744","2019-02-15 18:48:15","http://computewww.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125744/"
 "125743","2019-02-15 18:48:14","http://computewww.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125743/"
-"125742","2019-02-15 18:48:12","http://computewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125742/"
+"125742","2019-02-15 18:48:12","http://computewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125742/"
 "125741","2019-02-15 18:48:09","https://doverenewables.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125741/"
 "125740","2019-02-15 18:48:07","https://doverenewables.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125740/"
 "125739","2019-02-15 18:48:03","https://doverenewables.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125739/"
@@ -3505,7 +5351,7 @@
 "125732","2019-02-15 18:47:44","https://doverenewables.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125732/"
 "125731","2019-02-15 18:47:41","https://doverenewables.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125731/"
 "125730","2019-02-15 18:47:39","https://doverenewables.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125730/"
-"125729","2019-02-15 18:47:36","https://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125729/"
+"125729","2019-02-15 18:47:36","https://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125729/"
 "125728","2019-02-15 18:47:34","https://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125728/"
 "125727","2019-02-15 18:47:31","https://doverenewables.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125727/"
 "125726","2019-02-15 18:47:29","https://doverenewables.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125726/"
@@ -3520,11 +5366,11 @@
 "125717","2019-02-15 18:47:07","https://doverenewables.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125717/"
 "125716","2019-02-15 18:47:06","https://doverenewables.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125716/"
 "125715","2019-02-15 18:47:03","https://doverenewables.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125715/"
-"125714","2019-02-15 18:47:01","https://doverenewables.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125714/"
+"125714","2019-02-15 18:47:01","https://doverenewables.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125714/"
 "125713","2019-02-15 18:46:58","https://doverenewables.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125713/"
 "125712","2019-02-15 18:46:55","https://doverenewables.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125712/"
 "125711","2019-02-15 18:46:52","https://doverenewables.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125711/"
-"125710","2019-02-15 18:46:49","https://doverenewables.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125710/"
+"125710","2019-02-15 18:46:49","https://doverenewables.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125710/"
 "125709","2019-02-15 18:46:47","http://doverenewables.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125709/"
 "125708","2019-02-15 18:46:46","http://doverenewables.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125708/"
 "125707","2019-02-15 18:46:44","http://doverenewables.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125707/"
@@ -3539,7 +5385,7 @@
 "125698","2019-02-15 18:46:30","http://doverenewables.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125698/"
 "125697","2019-02-15 18:46:29","http://doverenewables.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125697/"
 "125696","2019-02-15 18:46:27","http://doverenewables.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125696/"
-"125695","2019-02-15 18:46:26","http://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125695/"
+"125695","2019-02-15 18:46:26","http://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125695/"
 "125694","2019-02-15 18:46:25","http://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125694/"
 "125693","2019-02-15 18:46:24","http://doverenewables.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125693/"
 "125692","2019-02-15 18:46:23","http://doverenewables.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125692/"
@@ -3555,12 +5401,12 @@
 "125682","2019-02-15 18:46:08","http://doverenewables.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125682/"
 "125681","2019-02-15 18:46:07","http://doverenewables.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125681/"
 "125680","2019-02-15 18:46:06","http://doverenewables.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125680/"
-"125679","2019-02-15 18:46:05","http://doverenewables.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125679/"
+"125679","2019-02-15 18:46:05","http://doverenewables.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125679/"
 "125678","2019-02-15 18:46:03","http://211.238.147.196/@eaDir/info/hvKcX-ByyHe_lmc-ER1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125678/"
 "125677","2019-02-15 18:45:19","http://doverenewables.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125677/"
 "125676","2019-02-15 18:45:17","http://doverenewables.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125676/"
 "125675","2019-02-15 18:45:16","http://doverenewables.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125675/"
-"125674","2019-02-15 18:45:14","http://doverenewables.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125674/"
+"125674","2019-02-15 18:45:14","http://doverenewables.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125674/"
 "125673","2019-02-15 18:45:12","https://mirtv.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125673/"
 "125672","2019-02-15 18:45:09","https://mirtv.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125672/"
 "125671","2019-02-15 18:45:04","https://mirtv.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125671/"
@@ -3573,7 +5419,7 @@
 "125664","2019-02-15 18:44:45","https://mirtv.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125664/"
 "125663","2019-02-15 18:44:43","https://mirtv.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125663/"
 "125662","2019-02-15 18:44:40","https://mirtv.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125662/"
-"125661","2019-02-15 18:44:37","https://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125661/"
+"125661","2019-02-15 18:44:37","https://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125661/"
 "125660","2019-02-15 18:44:35","https://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125660/"
 "125659","2019-02-15 18:44:32","https://mirtv.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125659/"
 "125658","2019-02-15 18:44:29","https://mirtv.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125658/"
@@ -3588,11 +5434,11 @@
 "125649","2019-02-15 18:44:06","https://mirtv.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125649/"
 "125648","2019-02-15 18:44:04","https://mirtv.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125648/"
 "125647","2019-02-15 18:44:02","https://mirtv.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125647/"
-"125646","2019-02-15 18:43:59","https://mirtv.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125646/"
+"125646","2019-02-15 18:43:59","https://mirtv.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125646/"
 "125645","2019-02-15 18:43:57","https://mirtv.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125645/"
 "125644","2019-02-15 18:43:53","https://mirtv.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125644/"
 "125643","2019-02-15 18:43:51","https://mirtv.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125643/"
-"125642","2019-02-15 18:43:48","https://mirtv.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125642/"
+"125642","2019-02-15 18:43:48","https://mirtv.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125642/"
 "125641","2019-02-15 18:43:46","http://mirtv.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125641/"
 "125640","2019-02-15 18:43:45","http://mirtv.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125640/"
 "125639","2019-02-15 18:43:43","http://mirtv.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125639/"
@@ -3607,7 +5453,7 @@
 "125630","2019-02-15 18:43:30","http://mirtv.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125630/"
 "125629","2019-02-15 18:43:29","http://mirtv.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125629/"
 "125628","2019-02-15 18:43:28","http://mirtv.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125628/"
-"125627","2019-02-15 18:43:27","http://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125627/"
+"125627","2019-02-15 18:43:27","http://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125627/"
 "125626","2019-02-15 18:43:26","http://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125626/"
 "125625","2019-02-15 18:43:25","http://mirtv.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125625/"
 "125624","2019-02-15 18:43:24","http://mirtv.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125624/"
@@ -3623,11 +5469,11 @@
 "125614","2019-02-15 18:43:13","http://mirtv.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125614/"
 "125613","2019-02-15 18:43:12","http://mirtv.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125613/"
 "125612","2019-02-15 18:43:11","http://mirtv.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125612/"
-"125611","2019-02-15 18:43:10","http://mirtv.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125611/"
+"125611","2019-02-15 18:43:10","http://mirtv.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125611/"
 "125610","2019-02-15 18:43:09","http://mirtv.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125610/"
 "125609","2019-02-15 18:43:07","http://mirtv.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125609/"
 "125608","2019-02-15 18:43:06","http://mirtv.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125608/"
-"125607","2019-02-15 18:43:05","http://mirtv.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125607/"
+"125607","2019-02-15 18:43:05","http://mirtv.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125607/"
 "125606","2019-02-15 18:43:02","https://smart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125606/"
 "125605","2019-02-15 18:42:59","https://smart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125605/"
 "125604","2019-02-15 18:42:55","https://smart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125604/"
@@ -3640,7 +5486,7 @@
 "125597","2019-02-15 18:42:35","https://smart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125597/"
 "125596","2019-02-15 18:42:33","https://smart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125596/"
 "125595","2019-02-15 18:42:30","https://smart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125595/"
-"125594","2019-02-15 18:42:27","https://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125594/"
+"125594","2019-02-15 18:42:27","https://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125594/"
 "125593","2019-02-15 18:42:25","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125593/"
 "125592","2019-02-15 18:42:23","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125592/"
 "125591","2019-02-15 18:42:20","https://smart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125591/"
@@ -3655,11 +5501,11 @@
 "125582","2019-02-15 18:41:58","https://smart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125582/"
 "125581","2019-02-15 18:41:57","https://smart-testsolutions.watchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125581/"
 "125580","2019-02-15 18:41:55","https://smart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125580/"
-"125579","2019-02-15 18:41:52","https://smart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125579/"
+"125579","2019-02-15 18:41:52","https://smart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125579/"
 "125578","2019-02-15 18:41:50","https://smart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125578/"
 "125577","2019-02-15 18:41:46","https://smart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125577/"
 "125576","2019-02-15 18:41:44","https://smart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125576/"
-"125575","2019-02-15 18:41:41","https://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125575/"
+"125575","2019-02-15 18:41:41","https://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125575/"
 "125574","2019-02-15 18:41:39","http://smart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125574/"
 "125573","2019-02-15 18:41:38","http://smart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125573/"
 "125572","2019-02-15 18:41:35","http://smart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125572/"
@@ -3674,7 +5520,7 @@
 "125563","2019-02-15 18:41:23","http://smart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125563/"
 "125562","2019-02-15 18:41:21","http://smart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125562/"
 "125561","2019-02-15 18:41:20","http://smart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125561/"
-"125560","2019-02-15 18:41:19","http://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125560/"
+"125560","2019-02-15 18:41:19","http://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125560/"
 "125558","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125558/"
 "125559","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125559/"
 "125557","2019-02-15 18:41:16","http://smart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125557/"
@@ -3690,11 +5536,11 @@
 "125548","2019-02-15 18:41:06","http://smart-testsolutions.watchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125548/"
 "125546","2019-02-15 18:41:05","http://smart-testsolutions.watchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125546/"
 "125545","2019-02-15 18:41:04","http://smart-testsolutions.watchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125545/"
-"125544","2019-02-15 18:41:03","http://smart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125544/"
+"125544","2019-02-15 18:41:03","http://smart-testsolutions.watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125544/"
 "125543","2019-02-15 18:41:02","http://smart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125543/"
 "125542","2019-02-15 18:40:58","http://smart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125542/"
 "125541","2019-02-15 18:40:55","http://smart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125541/"
-"125540","2019-02-15 18:40:54","http://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125540/"
+"125540","2019-02-15 18:40:54","http://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125540/"
 "125539","2019-02-15 18:40:51","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125539/"
 "125538","2019-02-15 18:40:47","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125538/"
 "125537","2019-02-15 18:40:44","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125537/"
@@ -3707,7 +5553,7 @@
 "125530","2019-02-15 18:40:23","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125530/"
 "125529","2019-02-15 18:40:20","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125529/"
 "125528","2019-02-15 18:40:17","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125528/"
-"125527","2019-02-15 18:40:13","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125527/"
+"125527","2019-02-15 18:40:13","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125527/"
 "125526","2019-02-15 18:40:10","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125526/"
 "125525","2019-02-15 18:40:08","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125525/"
 "125524","2019-02-15 18:40:05","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125524/"
@@ -3722,11 +5568,11 @@
 "125515","2019-02-15 18:39:41","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/global/global.doc","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125515/"
 "125514","2019-02-15 18:39:40","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125514/"
 "125513","2019-02-15 18:39:36","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125513/"
-"125512","2019-02-15 18:39:33","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125512/"
+"125512","2019-02-15 18:39:33","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125512/"
 "125511","2019-02-15 18:39:27","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125511/"
 "125510","2019-02-15 18:39:18","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125510/"
 "125509","2019-02-15 18:39:15","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125509/"
-"125508","2019-02-15 18:39:12","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125508/"
+"125508","2019-02-15 18:39:12","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125508/"
 "125507","2019-02-15 18:39:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125507/"
 "125506","2019-02-15 18:39:03","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125506/"
 "125505","2019-02-15 18:38:46","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125505/"
@@ -3756,12 +5602,12 @@
 "125481","2019-02-15 18:35:07","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/invioce.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125481/"
 "125480","2019-02-15 18:35:01","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/Azeez%202.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125480/"
 "125479","2019-02-15 18:34:54","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/frank/AZEEZ.exe","online","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125479/"
-"125478","2019-02-15 18:34:48","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125478/"
+"125478","2019-02-15 18:34:48","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125478/"
 "125477","2019-02-15 18:34:41","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125477/"
 "125476","2019-02-15 18:34:22","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125476/"
 "125475","2019-02-15 18:34:16","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125475/"
-"125474","2019-02-15 18:34:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125474/"
-"125473","2019-02-15 18:33:06","http://chuthapdobg.org.vn/tmp/Invoice/hgjz-zS1_rC-tl3/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125473/"
+"125474","2019-02-15 18:34:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125474/"
+"125473","2019-02-15 18:33:06","http://chuthapdobg.org.vn/tmp/Invoice/hgjz-zS1_rC-tl3/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125473/"
 "125472","2019-02-15 18:32:41","http://pujjr-cs.oss-cn-hangzhou.aliyuncs.com/DocData/CUP3143001728570/A102170215124S2/AAAAAA/831505b5-bb9a-4ef8-b098-abc014e67d8a.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125472/"
 "125471","2019-02-15 18:29:03","http://empressxtensions.com/US_us/5667351314009/JiRt-TN_lBKR-r7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125471/"
 "125470","2019-02-15 18:26:04","http://demo1.parsnet.space/EN_en/document/New_invoice/LWhV-pN_UdPzMLn-Vc/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125470/"
@@ -3817,9 +5663,9 @@
 "125420","2019-02-15 17:17:02","https://watchdogdns.duckdns.org/world/office.doc","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125420/"
 "125419","2019-02-15 17:17:00","https://watchdogdns.duckdns.org/world/in.doc","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125419/"
 "125418","2019-02-15 17:16:57","https://watchdogdns.duckdns.org/world/dwm.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125418/"
-"125417","2019-02-15 17:16:52","https://watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125417/"
-"125416","2019-02-15 17:16:47","https://watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125416/"
-"125415","2019-02-15 17:16:42","https://watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125415/"
+"125417","2019-02-15 17:16:52","https://watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125417/"
+"125416","2019-02-15 17:16:47","https://watchdogdns.duckdns.org/admin.exe","online","malware_download","exe,LimeRAT,payload,stage2","https://urlhaus.abuse.ch/url/125416/"
+"125415","2019-02-15 17:16:42","https://watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125415/"
 "125414","2019-02-15 17:16:38","https://watchdogdns.duckdns.org/ace/vpn.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125414/"
 "125413","2019-02-15 17:16:31","https://watchdogdns.duckdns.org/ace/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125413/"
 "125412","2019-02-15 17:16:28","https://watchdogdns.duckdns.org/ace/ss.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125412/"
@@ -3880,9 +5726,9 @@
 "125357","2019-02-15 17:00:28","https://23.249.161.100/ace/vpn.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125357/"
 "125356","2019-02-15 17:00:23","https://23.249.161.100/ace/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125356/"
 "125355","2019-02-15 17:00:21","https://23.249.161.100/ace/ss.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125355/"
-"125354","2019-02-15 17:00:17","https://23.249.161.100/admin.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125354/"
-"125353","2019-02-15 17:00:14","https://23.249.161.100/IMM.EXE","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125353/"
-"125352","2019-02-15 17:00:11","https://23.249.161.100/mrd.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125352/"
+"125354","2019-02-15 17:00:17","https://23.249.161.100/admin.exe","online","malware_download","exe,LimeRAT,payload,stage2","https://urlhaus.abuse.ch/url/125354/"
+"125353","2019-02-15 17:00:14","https://23.249.161.100/IMM.EXE","online","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125353/"
+"125352","2019-02-15 17:00:11","https://23.249.161.100/mrd.exe","online","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125352/"
 "125351","2019-02-15 17:00:07","https://23.249.161.100/world/vcx.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125351/"
 "125350","2019-02-15 17:00:03","https://23.249.161.100/world/vbc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125350/"
 "125349","2019-02-15 16:59:57","https://23.249.161.100/world/pt.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125349/"
@@ -3924,17 +5770,17 @@
 "125313","2019-02-15 16:27:20","https://onedrive.live.com/download?cid=F7D3319EB4E00F92&resid=F7D3319EB4E00F92%21120&authkey=APV8gIMOzw2-JRA","online","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/125313/"
 "125312","2019-02-15 16:27:10","https://onedrive.live.com/download?cid=341DF7E18D513049&resid=341DF7E18D513049%21110&authkey=ACZqAh_FBkJu3AY","online","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/125312/"
 "125311","2019-02-15 16:26:07","http://35.232.73.116/New_invoice/11748266539/OQuWW-v33wt_atU-7iI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125311/"
-"125310","2019-02-15 16:25:14","http://18.222.169.76/AMAZON/Transaction_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125310/"
+"125310","2019-02-15 16:25:14","http://18.222.169.76/AMAZON/Transaction_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125310/"
 "125309","2019-02-15 16:25:07","http://178.236.210.22/Amazon/En/Payments_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125309/"
 "125308","2019-02-15 16:23:09","http://x-soft.tomsk.ru/EN_en/Invoice_Notice/Ujdw-re9LW_xd-qrV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125308/"
 "125307","2019-02-15 16:18:04","http://kynanggiaotiepungxu.edu.vn/info/PJrRM-qjS_LypV-giD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125307/"
 "125306","2019-02-15 16:15:10","http://118.25.176.38/US/file/pzNrj-UiBO_xho-hm/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125306/"
 "125305","2019-02-15 16:09:02","http://37.139.27.218/US/document/Inv/5014931055813/UmTFt-UY_BDJMDb-83Z/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125305/"
-"125304","2019-02-15 16:06:02","http://34.242.190.144/En/info/New_invoice/MJsM-ePI_g-pQS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125304/"
-"125303","2019-02-15 16:01:03","http://18.221.1.168/corporation/Invoice_number/19580066705/gzOGt-HXwZr_JkfdtFW-QN8/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125303/"
+"125304","2019-02-15 16:06:02","http://34.242.190.144/En/info/New_invoice/MJsM-ePI_g-pQS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125304/"
+"125303","2019-02-15 16:01:03","http://18.221.1.168/corporation/Invoice_number/19580066705/gzOGt-HXwZr_JkfdtFW-QN8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125303/"
 "125302","2019-02-15 15:59:31","http://18.217.211.183/wordpress/Amazon/Documents/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125302/"
 "125301","2019-02-15 15:59:30","http://13.112.69.225/wp-content/Amazon/En/Clients_Messages/02_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125301/"
-"125300","2019-02-15 15:59:27","http://18.218.56.72/wp-content/AMAZON/Clients/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125300/"
+"125300","2019-02-15 15:59:27","http://18.218.56.72/wp-content/AMAZON/Clients/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125300/"
 "125299","2019-02-15 15:59:26","http://104.198.73.104/Amazon/En/Transactions/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125299/"
 "125298","2019-02-15 15:59:25","http://128.199.187.124/Amazon/En/Documents/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125298/"
 "125297","2019-02-15 15:59:24","http://www.goworldmarketing.net/Amazon/En/Transactions/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125297/"
@@ -3968,7 +5814,7 @@
 "125269","2019-02-15 14:51:49","http://test.aimakinvest.kz/Amazon/Orders-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125269/"
 "125268","2019-02-15 14:51:43","http://stardenteurope.com/Amazon/EN/Payments_details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125268/"
 "125267","2019-02-15 14:51:39","http://shirtsforpatriots.com/Amazon/EN/Payments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125267/"
-"125266","2019-02-15 14:51:31","http://opcbgpharma.com/themes/Amazon/En/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125266/"
+"125266","2019-02-15 14:51:31","http://opcbgpharma.com/themes/Amazon/En/Details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125266/"
 "125265","2019-02-15 14:51:26","http://media-standard.ru/Amazon/Documents/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125265/"
 "125264","2019-02-15 14:51:16","http://heatherdawn.com/Amazon/Information/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125264/"
 "125263","2019-02-15 14:51:09","http://hardwareportugal.com/Amazon/En/Details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125263/"
@@ -3981,7 +5827,7 @@
 "125256","2019-02-15 14:44:24","http://13.233.183.227/EN_en/file/AJLoK-sa91z_Mfbpo-BCp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125256/"
 "125255","2019-02-15 14:44:02","http://helmaccountsco.uk/document/Copy_Invoice/chhjN-g8_W-kNO/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125255/"
 "125254","2019-02-15 14:42:07","http://helmaccounts.co.uk/document/Copy_Invoice/chhjN-g8_W-kNO/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125254/"
-"125253","2019-02-15 14:42:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125253/"
+"125253","2019-02-15 14:42:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125253/"
 "125252","2019-02-15 14:40:11","http://www.drberrinkarakuy.com/WbB9Y9w/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125252/"
 "125251","2019-02-15 14:40:10","http://farzandeshad.com/YJYFpfds/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125251/"
 "125250","2019-02-15 14:40:09","http://13.233.22.226/VbLAXz7/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125250/"
@@ -4001,7 +5847,7 @@
 "125236","2019-02-15 14:15:03","http://barabooseniorhigh.com/US/Invoice_Notice/kRIOU-DqB_ZsSqnJZFD-kfz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125236/"
 "125235","2019-02-15 14:09:01","http://xn----7sbhaobqpf0albbckrilel.xn--p1ai/New_invoice/2218786/Jshz-xJ_URFH-QA4/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125235/"
 "125234","2019-02-15 14:05:02","http://www.seksmag.nl/En_us/document/Invoice_number/SwMIY-3uko_iI-OJK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125234/"
-"125233","2019-02-15 13:59:06","http://wiki.ugix.ru/US_us/Invoice_Notice/jnRX-jj_FaayjRy-xY2/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125233/"
+"125233","2019-02-15 13:59:06","http://wiki.ugix.ru/US_us/Invoice_Notice/jnRX-jj_FaayjRy-xY2/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125233/"
 "125232","2019-02-15 13:55:06","http://sukien.aloduhoc.com/En_us/document/zNUN-vtLco_ELfsnAV-cg/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125232/"
 "125231","2019-02-15 13:50:06","http://test.38abc.ru/En/Invoice/052494575759824/NbVv-we_izUt-B3z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125231/"
 "125230","2019-02-15 13:46:07","http://tesonisitma.com/En_us/Copy_Invoice/4802432474/cNSaF-Y6W_sxqIx-7g/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125230/"
@@ -4056,9 +5902,9 @@
 "125181","2019-02-15 12:53:06","http://193.187.172.181/test.dat","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125181/"
 "125180","2019-02-15 12:50:16","http://128.199.68.28/QZp55xxC/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125180/"
 "125179","2019-02-15 12:50:15","http://noithatchungcudep.info/47urKpX3/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125179/"
-"125178","2019-02-15 12:50:13","http://54.224.240.34/L0PRmepe6/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125178/"
+"125178","2019-02-15 12:50:13","http://54.224.240.34/L0PRmepe6/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125178/"
 "125177","2019-02-15 12:50:12","http://54.165.253.1/4mBBNcsGYL/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125177/"
-"125176","2019-02-15 12:50:11","http://81.56.198.200/MrMAFWOk9/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125176/"
+"125176","2019-02-15 12:50:11","http://81.56.198.200/MrMAFWOk9/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125176/"
 "125175","2019-02-15 12:40:02","http://46.29.166.149/bins/daku.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125175/"
 "125174","2019-02-15 12:31:05","http://35.196.135.186/wordpress/de_DE/VFLMIFHU1523439/Rechnungs-docs/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125174/"
 "125173","2019-02-15 12:24:04","http://104.155.65.6/DE_de/WUBQWPKMTT2568902/Scan/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125173/"
@@ -4066,9 +5912,9 @@
 "125171","2019-02-15 12:18:06","http://gor-gorizont.ru/de_DE/SDTELNJPXU6007402/Bestellungen/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125171/"
 "125170","2019-02-15 12:13:02","http://85.171.136.37/@eaDir/DE/AYKPEIRGX3418789/DE_de/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125170/"
 "125169","2019-02-15 12:10:04","http://206.189.45.178/wp-content/uploads/De/BJBUZMEG0557084/de/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125169/"
-"125168","2019-02-15 12:06:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125168/"
-"125167","2019-02-15 12:02:06","http://52.66.236.210/de_DE/AUTMAGM5440478/Rechnungs/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125167/"
-"125166","2019-02-15 12:00:07","http://46.29.166.149:80/bins/daku.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125166/"
+"125168","2019-02-15 12:06:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125168/"
+"125167","2019-02-15 12:02:06","http://52.66.236.210/de_DE/AUTMAGM5440478/Rechnungs/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125167/"
+"125166","2019-02-15 12:00:07","http://46.29.166.149:80/bins/daku.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125166/"
 "125165","2019-02-15 12:00:05","http://46.29.166.149:80/bins/daku.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125165/"
 "125164","2019-02-15 12:00:03","http://46.29.166.149:80/bins/daku.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125164/"
 "125163","2019-02-15 11:59:11","http://email.rocricambi.com/c/eJxNjrEOgjAURb8GxoaAUjp0cJCYOKBh0LC99r2mKBRsCzF8vbqZ3Omc5OSizBWKEtNeNq_rObaDqO_zfLi8b81m_NLpp-GrwMaqq-GijVwM3bHbKv44wTPZZQqCYXoaUysp1yIDXmR7nldVYSADAViJkqhEQJUO0sY4J8UhyevvovVEIzlwCOO09vTr_LhfQmSg9bS4GFggh0z129ekXoZIBhyzYIwj_3fgA1QRQ7Q/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/125163/"
@@ -4076,11 +5922,11 @@
 "125161","2019-02-15 11:59:04","http://46.29.166.149:80/bins/daku.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125161/"
 "125160","2019-02-15 11:59:02","http://46.29.166.149:80/bins/daku.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125160/"
 "125159","2019-02-15 11:56:09","http://107.179.34.49/ys53a","online","malware_download","elf","https://urlhaus.abuse.ch/url/125159/"
-"125158","2019-02-15 11:55:07","http://54.146.46.168/DE/BGMHJYILP5652933/DE/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125158/"
+"125158","2019-02-15 11:55:07","http://54.146.46.168/DE/BGMHJYILP5652933/DE/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125158/"
 "125157","2019-02-15 11:53:34","http://67.209.114.215/Februar2019/IQWQYRNGPM7431933/DE_de/Rechnungsanschrift/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125157/"
 "125156","2019-02-15 11:53:32","http://34.208.141.93/AFWGBTAL9125778/de/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125156/"
 "125155","2019-02-15 11:42:03","http://35.247.37.148/De/XMFAFAOAZ4892552/GER/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125155/"
-"125154","2019-02-15 11:37:02","http://52.211.179.190/de_DE/ZVSSHBMVKT7067800/DE/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125154/"
+"125154","2019-02-15 11:37:02","http://52.211.179.190/de_DE/ZVSSHBMVKT7067800/DE/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125154/"
 "125153","2019-02-15 11:34:02","http://35.226.135.179/wp-content/uploads/KVNYWXAG6111046/gescanntes-Dokument/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125153/"
 "125152","2019-02-15 11:32:12","http://80.211.191.43/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125152/"
 "125151","2019-02-15 11:32:09","http://80.211.191.43/bins/kwari.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125151/"
@@ -4093,21 +5939,21 @@
 "125144","2019-02-15 11:30:10","http://80.211.191.43/bins/kwari.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125144/"
 "125143","2019-02-15 11:30:08","http://80.211.191.43/bins/kwari.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125143/"
 "125142","2019-02-15 11:30:06","http://80.211.191.43/bins/kwari.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125142/"
-"125141","2019-02-15 11:30:04","http://3.16.186.154/de_DE/JBNJVOTP7779410/Rechnung/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125141/"
+"125141","2019-02-15 11:30:04","http://3.16.186.154/de_DE/JBNJVOTP7779410/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125141/"
 "125140","2019-02-15 11:29:04","http://46.29.166.149/bins/daku.arc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125140/"
 "125139","2019-02-15 11:29:01","http://46.29.166.149/bins/daku.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125139/"
 "125138","2019-02-15 11:28:58","http://46.29.166.149/bins/daku.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125138/"
 "125137","2019-02-15 11:28:56","http://46.29.166.149/bins/daku.i586","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125137/"
 "125136","2019-02-15 11:28:54","http://46.29.166.149/bins/daku.i686","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125136/"
-"125135","2019-02-15 11:28:52","http://46.29.166.149/bins/daku.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125135/"
+"125135","2019-02-15 11:28:52","http://46.29.166.149/bins/daku.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125135/"
 "125134","2019-02-15 11:28:49","http://46.29.166.149/bins/daku.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125134/"
-"125133","2019-02-15 11:28:44","http://46.29.166.149/bins/daku.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125133/"
+"125133","2019-02-15 11:28:44","http://46.29.166.149/bins/daku.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125133/"
 "125132","2019-02-15 11:28:39","http://46.29.166.149/bins/daku.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125132/"
-"125131","2019-02-15 11:28:34","http://46.29.166.149/bins/daku.ppc440","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125131/"
+"125131","2019-02-15 11:28:34","http://46.29.166.149/bins/daku.ppc440","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125131/"
 "125130","2019-02-15 11:28:28","http://46.29.166.149/bins/daku.rm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125130/"
 "125129","2019-02-15 11:28:24","http://46.29.166.149/bins/daku.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125129/"
-"125128","2019-02-15 11:28:21","http://46.29.166.149/bins/daku.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125128/"
-"125127","2019-02-15 11:28:19","http://46.29.166.149/bins/daku.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125127/"
+"125128","2019-02-15 11:28:21","http://46.29.166.149/bins/daku.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125128/"
+"125127","2019-02-15 11:28:19","http://46.29.166.149/bins/daku.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125127/"
 "125126","2019-02-15 11:28:15","http://104.219.235.148/bins/yakuza.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125126/"
 "125125","2019-02-15 11:28:11","http://104.219.235.148/bins/yakuza.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125125/"
 "125124","2019-02-15 11:28:08","http://104.219.235.148/bins/yakuza.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125124/"
@@ -4125,7 +5971,7 @@
 "125111","2019-02-15 11:23:39","http://104.219.235.148/bins/dlr.arm","offline","malware_download","downloader,elf,mirai","https://urlhaus.abuse.ch/url/125111/"
 "125112","2019-02-15 11:23:39","http://104.219.235.148/bins/dlr.arm5","offline","malware_download","downloader,elf,mirai","https://urlhaus.abuse.ch/url/125112/"
 "125110","2019-02-15 11:23:38","http://176.32.32.140/De/IXFUDQVPX5493186/Rechnung/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125110/"
-"125109","2019-02-15 11:20:05","http://46.29.166.149:80/bins/daku.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125109/"
+"125109","2019-02-15 11:20:05","http://46.29.166.149:80/bins/daku.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125109/"
 "125108","2019-02-15 11:20:03","http://91.105.126.31:28395/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/125108/"
 "125107","2019-02-15 11:17:03","http://18.188.113.212/DE_de/UPNEDGNCRR5337942/de/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125107/"
 "125106","2019-02-15 11:16:03","http://www.iremart.es/farmautils/FarmaUtils.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125106/"
@@ -4229,7 +6075,7 @@
 "125007","2019-02-15 09:00:12","http://145.239.41.199/dead.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125007/"
 "125008","2019-02-15 09:00:12","http://145.239.41.199/dead.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125008/"
 "125006","2019-02-15 09:00:11","http://145.239.41.199/dead.arm","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125006/"
-"125005","2019-02-15 09:00:11","http://194.147.35.56/Okami.x86","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125005/"
+"125005","2019-02-15 09:00:11","http://194.147.35.56/Okami.x86","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125005/"
 "125004","2019-02-15 08:59:29","http://194.147.35.56/Okami.i686","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125004/"
 "125003","2019-02-15 08:58:12","http://194.147.35.56/Okami.i586","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125003/"
 "125001","2019-02-15 08:56:30","http://grupomedica.equipment/Ftfh7wZ3JuiVUFr/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125001/"
@@ -4251,11 +6097,11 @@
 "124986","2019-02-15 08:51:03","http://145.239.41.199/dead.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124986/"
 "124985","2019-02-15 08:51:02","http://145.239.41.199/dead.arm4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124985/"
 "124984","2019-02-15 08:49:31","http://185.244.25.237/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124984/"
-"124983","2019-02-15 08:49:27","http://194.147.35.56/Okami.sparc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124983/"
+"124983","2019-02-15 08:49:27","http://194.147.35.56/Okami.sparc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124983/"
 "124982","2019-02-15 08:49:02","http://194.147.35.56/Okami.okami","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124982/"
 "124981","2019-02-15 08:48:28","http://46.17.41.208/sshd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124981/"
 "124980","2019-02-15 08:48:27","http://145.239.41.199/dead.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124980/"
-"124978","2019-02-15 08:48:26","http://194.147.35.56/Okami.sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124978/"
+"124978","2019-02-15 08:48:26","http://194.147.35.56/Okami.sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124978/"
 "124979","2019-02-15 08:48:26","http://46.17.41.208/cron","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124979/"
 "124977","2019-02-15 08:48:09","http://cild.edu.vn/DE_de/VZFPYLAO2818712/gescanntes-Dokument/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124977/"
 "124976","2019-02-15 08:48:06","http://192.155.85.122/bins/xbox.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124976/"
@@ -4287,18 +6133,18 @@
 "124950","2019-02-15 08:18:02","http://185.244.25.237/i586","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124950/"
 "124949","2019-02-15 08:17:02","http://185.244.25.237/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124949/"
 "124948","2019-02-15 08:16:03","http://194.147.35.56/Okami.arm4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124948/"
-"124947","2019-02-15 08:16:03","http://194.147.35.56/Okami.ppc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124947/"
+"124947","2019-02-15 08:16:03","http://194.147.35.56/Okami.ppc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124947/"
 "124946","2019-02-15 08:16:02","http://185.244.30.151/Corona.sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124946/"
 "124945","2019-02-15 08:15:07","http://145.239.41.199/dead.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124945/"
-"124944","2019-02-15 08:14:07","http://194.147.35.56/Okami.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124944/"
-"124943","2019-02-15 08:14:03","http://194.147.35.56/Okami.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124943/"
+"124944","2019-02-15 08:14:07","http://194.147.35.56/Okami.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124944/"
+"124943","2019-02-15 08:14:03","http://194.147.35.56/Okami.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124943/"
 "124942","2019-02-15 08:13:07","http://185.244.25.237/sparc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124942/"
 "124941","2019-02-15 08:13:05","http://185.244.25.237/powerpc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124941/"
 "124940","2019-02-15 08:13:02","http://185.244.30.151/Corona.sparc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124940/"
 "124939","2019-02-15 08:11:05","http://46.17.41.208/tftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124939/"
-"124938","2019-02-15 08:10:06","http://194.147.35.56/Okami.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124938/"
+"124938","2019-02-15 08:10:06","http://194.147.35.56/Okami.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124938/"
 "124937","2019-02-15 08:10:04","http://145.239.41.199/dead.x32","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124937/"
-"124936","2019-02-15 08:08:04","http://194.147.35.56/Okami.mipsel","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124936/"
+"124936","2019-02-15 08:08:04","http://194.147.35.56/Okami.mipsel","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124936/"
 "124935","2019-02-15 08:07:03","http://185.244.25.237/armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124935/"
 "124934","2019-02-15 08:06:03","http://yzbek.co.ug/a/loader32.exe","online","malware_download","exe,tinynuke","https://urlhaus.abuse.ch/url/124934/"
 "124933","2019-02-15 07:59:02","http://misophoniatreatment.com/Telekom/Rechnungen/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/124933/"
@@ -4397,7 +6243,7 @@
 "124840","2019-02-15 00:13:06","https://onedrive.live.com/download?cid=EE4FAF07E1EBD8FB&resid=EE4FAF07E1EBD8FB%21129&authkey=AM1E2LFx_SiGYuk","online","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/124840/"
 "124839","2019-02-15 00:13:05","https://onedrive.live.com/download?cid=116E09956D59EFEF&resid=116E09956D59EFEF%21112&authkey=AI5rcuKbfn1GjCc","offline","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/124839/"
 "124838","2019-02-15 00:11:04","http://dzienniksport.pl/scan/Invoice_number/PTylj-cHLv_iz-Fw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124838/"
-"124837","2019-02-15 00:04:06","http://thucphamchucnanghanquoc.vn/En/download/mjTU-jBg_r-oV/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/124837/"
+"124837","2019-02-15 00:04:06","http://thucphamchucnanghanquoc.vn/En/download/mjTU-jBg_r-oV/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124837/"
 "124836","2019-02-15 00:04:05","https://www.dropbox.com/s/yzrovfha3mg0ftm/RFQ%200189977QTF.PDF.Z?dl=1","offline","malware_download","compressed,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/124836/"
 "124835","2019-02-15 00:03:43","https://www.mediafire.com/file/5s75x9o17s8y5qj/LPO_AND_FOB_13022019.rar/file","offline","malware_download","compressed,NetWire,payload,winrar","https://urlhaus.abuse.ch/url/124835/"
 "124834","2019-02-15 00:03:41","https://198.101.246.240/vk_wp/wp-includes/sec.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124834/"
@@ -4478,7 +6324,7 @@
 "124758","2019-02-14 22:16:08","http://gethdfit.com/En_us/llc/New_invoice/dQaZ-R2h_l-Or/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124758/"
 "124757","2019-02-14 22:12:04","http://fenceandgateco.com/document/Invoice_Notice/FFAkh-MoU_GSAmzo-66T/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124757/"
 "124756","2019-02-14 22:08:05","http://shrimalisonimahamandal.com/US/New_invoice/fsCMJ-xXK_VaHjOdXn-AOI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124756/"
-"124755","2019-02-14 22:04:08","http://www.crownrentals.net/US/doc/Invoice_number/UAIL-mF_Dm-iC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124755/"
+"124755","2019-02-14 22:04:08","http://www.crownrentals.net/US/doc/Invoice_number/UAIL-mF_Dm-iC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124755/"
 "124754","2019-02-14 22:00:10","http://rupbasanbandung.com/US/xerox/Invoice_number/nitY-LG6_vaiXe-RU0/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124754/"
 "124753","2019-02-14 21:56:04","http://www.blueelephantmassage.com.au/En/download/8243513533/ZsScr-fwQ_vfsKCVRz-TUA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124753/"
 "124752","2019-02-14 21:52:03","http://whitefarmhousestudio.com/corporation/Invoice_number/ZZwEc-WU_kbmpt-77/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124752/"
@@ -4489,7 +6335,7 @@
 "124747","2019-02-14 21:30:06","http://manualquickbooksespanol.com/scan/Inv/wIPR-wSA86_oKJzi-WVJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124747/"
 "124746","2019-02-14 21:26:04","http://bohobitches.co.uk/file/eEwY-IVlQT_uX-Jg7/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124746/"
 "124745","2019-02-14 21:25:04","http://deluvis.net/key/Quotation%20Order.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/124745/"
-"124744","2019-02-14 21:22:05","http://grapeness.mx/En/xerox/Invoice_number/pbhZ-cRPgP_zEmPCHin-7w/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124744/"
+"124744","2019-02-14 21:22:05","http://grapeness.mx/En/xerox/Invoice_number/pbhZ-cRPgP_zEmPCHin-7w/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124744/"
 "124743","2019-02-14 21:18:03","http://185.244.25.213/ftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124743/"
 "124742","2019-02-14 21:18:02","http://185.244.25.213/ntpd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124742/"
 "124741","2019-02-14 21:17:04","http://185.244.25.213/apache2","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124741/"
@@ -4498,11 +6344,11 @@
 "124738","2019-02-14 21:17:02","http://progettonottetorino.it/En/company/cPCN-4HvR_lnc-J47/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124738/"
 "124737","2019-02-14 21:16:04","http://185.244.25.213/pftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124737/"
 "124736","2019-02-14 21:16:03","http://185.244.25.213/[cpu]","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124736/"
-"124735","2019-02-14 21:16:02","http://185.244.25.230:80/bins/arm7","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124735/"
+"124735","2019-02-14 21:16:02","http://185.244.25.230:80/bins/arm7","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124735/"
 "124734","2019-02-14 21:15:06","http://185.244.25.213/cron","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124734/"
 "124733","2019-02-14 21:15:05","http://185.244.25.213/sshd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124733/"
 "124732","2019-02-14 21:15:04","http://185.244.25.213/openssh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124732/"
-"124731","2019-02-14 21:15:03","http://185.244.25.230:80/bins/arm","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124731/"
+"124731","2019-02-14 21:15:03","http://185.244.25.230:80/bins/arm","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124731/"
 "124730","2019-02-14 21:13:08","http://185.244.25.213/sh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124730/"
 "124729","2019-02-14 21:13:06","http://185.244.25.213/tftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124729/"
 "124728","2019-02-14 21:13:04","http://92.160.218.104:26631/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124728/"
@@ -4515,7 +6361,7 @@
 "124720","2019-02-14 21:03:57","http://yahyabahadir.com/sec.myacc.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124720/"
 "124719","2019-02-14 21:03:52","http://xn--12cs3ad5a6alt7c1a6cva8byhn4hnno.com/secure.myacc.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124719/"
 "124718","2019-02-14 21:03:50","http://www.youwatches.online/sec.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124718/"
-"124717","2019-02-14 21:03:43","http://www.tepeas.com/sec.accounts.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124717/"
+"124717","2019-02-14 21:03:43","http://www.tepeas.com/sec.accounts.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124717/"
 "124716","2019-02-14 21:03:41","http://speechwar.com/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124716/"
 "124715","2019-02-14 21:03:35","http://sapidestraining.com/secure.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124715/"
 "124714","2019-02-14 21:03:29","http://research.fph.tu.ac.th/wp-content/uploads/verif.accounts.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124714/"
@@ -4541,7 +6387,7 @@
 "124694","2019-02-14 20:28:12","http://trandinhtuan.vn/EN_en/download/Inv/DopUi-Wu5Tc_S-ZCn/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124694/"
 "124693","2019-02-14 20:24:09","http://l3financial.com/download/Invoice/awyF-MOx_quji-EZL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124693/"
 "124692","2019-02-14 20:20:13","http://desbloqueosuniversales.com/EN_en/corporation/Copy_Invoice/BalcZ-858_C-HIO/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124692/"
-"124691","2019-02-14 20:15:02","http://tsogomediakit.co.za/En_us/sVLmw-N5_hQQ-Gj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124691/"
+"124691","2019-02-14 20:15:02","http://tsogomediakit.co.za/En_us/sVLmw-N5_hQQ-Gj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124691/"
 "124690","2019-02-14 20:11:06","http://eosago99.com/US/company/Copy_Invoice/747050964813/okyK-Lk_pcUbpV-MSQ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124690/"
 "124689","2019-02-14 20:06:05","http://kynangdaotao.com/Invoice/GwpQh-2Re_lpTUlKn-mH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124689/"
 "124688","2019-02-14 20:02:08","http://barrycaputo.com/corporation/New_invoice/ReYB-KGBfF_btPUHMDOo-0wj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124688/"
@@ -4604,7 +6450,7 @@
 "124631","2019-02-14 18:50:04","http://vivekanandaeducation-armoor.org/corporation/Invoice_Notice/JhGpZ-bMVh_SpOYPCo-tf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124631/"
 "124630","2019-02-14 18:46:02","http://fortuneinfosys.com/En_us/info/Invoice_Notice/2986743250/lwYN-Y2_MUvIcLZ-Asr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124630/"
 "124629","2019-02-14 18:41:03","http://185.244.25.182/bins/arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124629/"
-"124628","2019-02-14 18:41:02","http://embrava.eu/EN_en/Copy_Invoice/TNXWS-e0tv_Pos-9xo/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124628/"
+"124628","2019-02-14 18:41:02","http://embrava.eu/EN_en/Copy_Invoice/TNXWS-e0tv_Pos-9xo/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124628/"
 "124627","2019-02-14 18:37:01","http://balooteabi.com/US_us/En_us/dxJTg-4x_QfxoqYr-GM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124627/"
 "124626","2019-02-14 18:33:06","http://66.42.58.126/8spc8","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124626/"
 "124625","2019-02-14 18:33:04","http://66.42.58.126/8m68k8","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124625/"
@@ -4636,7 +6482,7 @@
 "124599","2019-02-14 17:39:05","http://www.xhencheng.tk/test2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124599/"
 "124598","2019-02-14 17:36:08","http://fatrecipesdoc.com/xerox/New_invoice/IgNbB-73avx_c-Gs/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124598/"
 "124597","2019-02-14 17:35:03","http://a0277166.xsph.ru/bab/SysAudio.exe","offline","malware_download","exe,njRAT,rat","https://urlhaus.abuse.ch/url/124597/"
-"124596","2019-02-14 17:33:03","http://totaybarypyare.com/shit.exe","online","malware_download","exe,fareit,Pony","https://urlhaus.abuse.ch/url/124596/"
+"124596","2019-02-14 17:33:03","http://totaybarypyare.com/shit.exe","offline","malware_download","exe,fareit,Pony","https://urlhaus.abuse.ch/url/124596/"
 "124595","2019-02-14 17:32:06","http://esco.com.eg/yakuu/usgzonner.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124595/"
 "124594","2019-02-14 17:31:11","http://wp.berbahku.id.or.id/Inv/uzZA-w7_uM-TgW/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124594/"
 "124593","2019-02-14 17:27:05","http://bonex.it/US/Inv/2438647724/KpUgA-a9_xxNz-2G/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124593/"
@@ -4669,7 +6515,7 @@
 "124565","2019-02-14 16:16:05","http://msao.net/verif.accs.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124565/"
 "124564","2019-02-14 16:15:55","http://karkw.org/trust.myacc.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124564/"
 "124563","2019-02-14 16:15:46","http://jmbtrading.com.br/secure.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124563/"
-"124562","2019-02-14 16:15:37","http://botmechanic.io/secure.myacc.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124562/"
+"124562","2019-02-14 16:15:37","http://botmechanic.io/secure.myacc.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124562/"
 "124561","2019-02-14 16:15:29","http://atlas133.ir/trust.myaccount.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124561/"
 "124560","2019-02-14 16:15:24","http://agriafrika.co.za/trust.accounts.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124560/"
 "124559","2019-02-14 16:15:17","http://52.59.169.135/trust.accs.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124559/"
@@ -4677,8 +6523,8 @@
 "124557","2019-02-14 16:13:08","http://www.meggalistaconvenios.com.br/EN_en/download/Copy_Invoice/RIxJ-UjB_qRk-10Y/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124557/"
 "124556","2019-02-14 16:09:14","http://chowdownmarketing.com/EN_en/xerox/Inv/VLPX-GccM_itLJudwyF-5GI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124556/"
 "124555","2019-02-14 16:03:07","http://illa-berek.com/US/document/Invoice/QoACx-bj_YrUkJDFh-KP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124555/"
-"124554","2019-02-14 15:58:04","http://anhsangtuthien.com/US/company/RNIkZ-ldYb_hvovAD-Wx/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124554/"
-"124553","2019-02-14 15:51:02","http://54.85.253.114/EN_en/document/Invoice_Notice/xsMVK-BL_ugbhUUWX-zDa/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124553/"
+"124554","2019-02-14 15:58:04","http://anhsangtuthien.com/US/company/RNIkZ-ldYb_hvovAD-Wx/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124554/"
+"124553","2019-02-14 15:51:02","http://54.85.253.114/EN_en/document/Invoice_Notice/xsMVK-BL_ugbhUUWX-zDa/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124553/"
 "124552","2019-02-14 15:48:08","http://psychologyforyou.eu/1HdEdRb/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124552/"
 "124551","2019-02-14 15:48:05","http://uran-spb.ru/qzzXAyC/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124551/"
 "124550","2019-02-14 15:48:04","http://businessvideo.urbanhealth.com.ua/gk9LHla8/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124550/"
@@ -4726,12 +6572,12 @@
 "124507","2019-02-14 15:07:18","http://greenpaper.be/wp-admin/includes/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/124507/"
 "124508","2019-02-14 15:07:18","http://probeer-maar.nl/wp-content/uploads/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/124508/"
 "124506","2019-02-14 15:07:17","http://castleguardhomes.co.uk/wp-admin/includes/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/124506/"
-"124505","2019-02-14 15:07:16","http://gehause.ru/download/2","online","malware_download","None","https://urlhaus.abuse.ch/url/124505/"
+"124505","2019-02-14 15:07:16","http://gehause.ru/download/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/124505/"
 "124504","2019-02-14 15:07:15","http://imatrade.cz/wp-includes/widgets/2","online","malware_download","None","https://urlhaus.abuse.ch/url/124504/"
 "124503","2019-02-14 15:07:15","http://probeer-maar.nl/wp-content/uploads/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/124503/"
 "124501","2019-02-14 15:07:14","http://castleguardhomes.co.uk/wp-admin/includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/124501/"
 "124502","2019-02-14 15:07:14","http://greenpaper.be/wp-admin/includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/124502/"
-"124500","2019-02-14 15:07:13","http://gehause.ru/download/1","online","malware_download","None","https://urlhaus.abuse.ch/url/124500/"
+"124500","2019-02-14 15:07:13","http://gehause.ru/download/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/124500/"
 "124499","2019-02-14 15:07:12","http://imatrade.cz/wp-includes/widgets/1","online","malware_download","None","https://urlhaus.abuse.ch/url/124499/"
 "124498","2019-02-14 15:07:11","http://probeer-maar.nl/wp-content/uploads/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/124498/"
 "124497","2019-02-14 15:07:10","http://greenpaper.be/wp-admin/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/124497/"
@@ -4798,8 +6644,8 @@
 "124436","2019-02-14 13:33:48","http://globalshippinglinecft.jobpreneurship.com/Telekom/Rechnungen/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124436/"
 "124435","2019-02-14 13:33:46","http://cryptoseed.co.za/Telekom/Rechnung/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124435/"
 "124434","2019-02-14 13:33:42","http://54.154.144.172/Telekom/Rechnung/01_19/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124434/"
-"124433","2019-02-14 13:33:38","http://35.239.139.124/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124433/"
-"124432","2019-02-14 13:33:08","http://150.66.17.190/Telekom/Rechnung/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124432/"
+"124433","2019-02-14 13:33:38","http://35.239.139.124/Telekom/Transaktion/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124433/"
+"124432","2019-02-14 13:33:08","http://150.66.17.190/Telekom/Rechnung/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124432/"
 "124431","2019-02-14 13:33:04","http://13.239.63.5/Telekom/Rechnungen/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124431/"
 "124430","2019-02-14 13:30:09","http://www.fundacionesperanza.org.es/En_us/file/Wcwqs-Ht_qnY-Ii/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124430/"
 "124429","2019-02-14 13:27:07","http://wineswap.com.au/US_us/aNMn-Nb_A-ire/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124429/"
@@ -4895,7 +6741,7 @@
 "124339","2019-02-14 10:13:03","http://www.buyoldcars.com/de_DE/YCUVZDKWWP7551688/Rechnungs-Details/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124339/"
 "124338","2019-02-14 10:08:05","http://www.hospizkreis-senden.de/De/RWYRTY5984480/Rechnungs/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124338/"
 "124337","2019-02-14 09:52:06","http://birdiiz.com/De_de/LOZSGMCZB2877966/Rechnungskorrektur/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124337/"
-"124336","2019-02-14 09:41:08","http://185.244.25.230/bins/mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124336/"
+"124336","2019-02-14 09:41:08","http://185.244.25.230/bins/mips","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/124336/"
 "124335","2019-02-14 09:41:07","http://104.248.78.126/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124335/"
 "124334","2019-02-14 09:41:06","http://104.248.78.126/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124334/"
 "124333","2019-02-14 09:41:05","http://dzcorlandyu.band/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=sklimf8.harz","offline","malware_download","Gozi,ursnif,vawtrak","https://urlhaus.abuse.ch/url/124333/"
@@ -4945,7 +6791,7 @@
 "124288","2019-02-14 09:18:38","http://80.211.16.201/bins/kowai.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124288/"
 "124287","2019-02-14 09:18:36","http://80.211.16.201/bins/kowai.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124287/"
 "124286","2019-02-14 09:18:33","http://80.211.16.201/bins/kowai.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124286/"
-"124285","2019-02-14 09:18:31","http://54.208.237.58/de_DE/UCQZODIY8369826/Rechnungskorrektur/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124285/"
+"124285","2019-02-14 09:18:31","http://54.208.237.58/de_DE/UCQZODIY8369826/Rechnungskorrektur/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124285/"
 "124284","2019-02-14 09:17:05","http://northcityspb.ru/de_DE/AKUNRVPV5601935/Rechnungskorrektur/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124284/"
 "124283","2019-02-14 09:13:03","http://stemcoderacademy.com/De_de/XECTENIZU6230170/Rechnungs-docs/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124283/"
 "124282","2019-02-14 09:05:05","http://customsservices.xyz/dtprowarandloik.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/124282/"
@@ -5016,16 +6862,16 @@
 "124217","2019-02-14 07:28:03","http://dentistmomma.com/US_us/corporation/EKaok-mK_puUnx-zb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124217/"
 "124216","2019-02-14 07:25:13","http://mipec-city-view.com/Invoice/EeMOE-xzz3m_DmvMdrI-mXT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124216/"
 "124215","2019-02-14 07:23:06","http://fur-market.ru/Februar2019/RLSDYBEVFU3100419/Rech/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124215/"
-"124214","2019-02-14 07:21:10","http://fileservice.ga/POm.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/124214/"
+"124214","2019-02-14 07:21:10","http://fileservice.ga/POm.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/124214/"
 "124213","2019-02-14 07:19:13","http://180.245.36.233:55037/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124213/"
 "124212","2019-02-14 07:11:19","http://aiwaviagens.com/wJ4nhRtsPc/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124212/"
 "124211","2019-02-14 07:11:16","http://beautyandbrainsmagazine.site/oLFpu9m/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124211/"
 "124210","2019-02-14 07:11:13","http://clipestan.com/sciEWKg2/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124210/"
-"124209","2019-02-14 07:11:10","http://bazee365.com/reLlrcw2VJ/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124209/"
+"124209","2019-02-14 07:11:10","http://bazee365.com/reLlrcw2VJ/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124209/"
 "124208","2019-02-14 07:11:06","http://mediarox.com/7T1JXHHo7/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124208/"
 "124207","2019-02-14 06:52:02","http://108.174.198.173/bins/Unbound.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124207/"
 "124206","2019-02-14 06:49:03","http://68.183.41.254/armv6l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124206/"
-"124205","2019-02-14 06:49:02","http://35.231.216.11/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124205/"
+"124205","2019-02-14 06:49:02","http://35.231.216.11/AB4g5/Josho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124205/"
 "124204","2019-02-14 06:47:03","http://46.29.166.83/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124204/"
 "124203","2019-02-14 06:46:03","http://68.183.41.254/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124203/"
 "124202","2019-02-14 06:45:32","https://u.teknik.io/MeBDb.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124202/"
@@ -5157,7 +7003,7 @@
 "124076","2019-02-14 03:42:11","https://noithatshop.vn/US_us/xerox/Invoice/KsSCN-zUX_yk-T6D/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124076/"
 "124075","2019-02-14 03:42:06","http://softsale.ie/scan/tUECA-EFC_AXRVlr-lZM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124075/"
 "124074","2019-02-14 03:42:04","http://52.196.225.91/wordpress/corporation/Copy_Invoice/xveJ-E22p_TURm-pkB/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124074/"
-"124073","2019-02-14 03:41:05","http://18.184.16.5/US_us/llc/New_invoice/iCPK-udcxr_KAYpXyRLg-gU/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124073/"
+"124073","2019-02-14 03:41:05","http://18.184.16.5/US_us/llc/New_invoice/iCPK-udcxr_KAYpXyRLg-gU/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124073/"
 "124072","2019-02-14 03:37:06","https://my.mail.de/dl/16396560ccdf7536b3dde030d4b7e0e0/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124072/"
 "124071","2019-02-14 03:37:03","http://salesround.com/verif.accs.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124071/"
 "124070","2019-02-14 03:37:02","http://email.rocricambi.com/c/eJxVjUELgjAYhn-NHsecc-lhBwkrCKQCoeu2b0PTqW0Tq1-f0Cl4Lw8PPC9wIqFgEHe8asjZHO9NeVvZ0s6h02G92LpeK9qf6uSqR_byhoFIHz1-Nh-aZxHFYgzCaY_UZOOW72SWwA4YzkRaUJ3kVBVSSSw1YDBGxgNvQ5ijtIzIYRvBFNEckQQRXGzstVqcRvYtlEJbdlqc_8U3GTtegrBo34rBauf_3795-EDA/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124070/"
@@ -5234,16 +7080,16 @@
 "123999","2019-02-14 00:45:09","https://u.teknik.io/V9wPq.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123999/"
 "123998","2019-02-14 00:45:06","https://u.teknik.io/NGwO0.jpg","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/123998/"
 "123997","2019-02-14 00:41:06","http://navigatorpojizni.ru/company/Invoice/eAeJ-h7qna_py-Vw/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123997/"
-"123996","2019-02-14 00:41:05","http://horse-moskva.ru/En/Invoice/738908009963389/lWnS-H2Cu_Xbeezsrx-mMn/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123996/"
+"123996","2019-02-14 00:41:05","http://horse-moskva.ru/En/Invoice/738908009963389/lWnS-H2Cu_Xbeezsrx-mMn/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123996/"
 "123995","2019-02-14 00:41:02","http://clashofclansgems.nl/US_us/30186813/ztaT-1p4J3_W-lat/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123995/"
 "123994","2019-02-14 00:39:10","http://hvanli.com/verif.accs.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123994/"
 "123993","2019-02-14 00:39:09","http://further.tv/trust.myaccount.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123993/"
 "123992","2019-02-14 00:39:06","http://afshari.yazdvip.ir/sec.myacc.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123992/"
 "123991","2019-02-14 00:39:02","http://adbord.com/css/verif.accs.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123991/"
 "123990","2019-02-14 00:20:06","https://u.teknik.io/zfjr0.jpg","offline","malware_download","exe,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/123990/"
-"123989","2019-02-14 00:15:20","http://acropol.com.eg/pdf/sunny.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123989/"
-"123988","2019-02-14 00:15:16","http://acropol.com.eg/pdf/onos.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123988/"
-"123987","2019-02-14 00:15:13","http://acropol.com.eg/pdf/contact.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123987/"
+"123989","2019-02-14 00:15:20","http://acropol.com.eg/pdf/sunny.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123989/"
+"123988","2019-02-14 00:15:16","http://acropol.com.eg/pdf/onos.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123988/"
+"123987","2019-02-14 00:15:13","http://acropol.com.eg/pdf/contact.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123987/"
 "123986","2019-02-14 00:14:02","http://116.203.66.92/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123986/"
 "123985","2019-02-14 00:12:04","http://116.203.66.92/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123985/"
 "123983","2019-02-14 00:12:03","http://116.203.66.92/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123983/"
@@ -5274,7 +7120,7 @@
 "123959","2019-02-13 23:45:13","http://giancarloraso.com/US/download/qrZvo-Z3O04_bKRwVcLq-iJ/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123959/"
 "123958","2019-02-13 23:45:09","http://dizinler.site/En/scan/Invoice_number/Fxvm-USL_Jem-3S6/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123958/"
 "123957","2019-02-13 23:45:05","http://54.164.84.17/En_us/info/Copy_Invoice/632505435818/TCSp-Zj2_ND-gp/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123957/"
-"123956","2019-02-13 23:44:41","http://13.251.184.56/PeOI-pSLj_AlnHhVk-QDI/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123956/"
+"123956","2019-02-13 23:44:41","http://13.251.184.56/PeOI-pSLj_AlnHhVk-QDI/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123956/"
 "123955","2019-02-13 23:44:11","http://viticomvietnam.com/trust.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123955/"
 "123954","2019-02-13 23:44:07","http://shlifovka.by/secure.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123954/"
 "123953","2019-02-13 23:44:05","http://nightonline.ru/images/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123953/"
@@ -5340,8 +7186,8 @@
 "123893","2019-02-13 22:03:47","http://elshipping.com.br/sec.accounts.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123893/"
 "123892","2019-02-13 22:03:35","http://elaragones.mx/sec.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123892/"
 "123891","2019-02-13 22:03:23","http://caree.in/sec.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123891/"
-"123890","2019-02-13 22:03:12","http://104.248.66.24/secure.accounts.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123890/"
-"123889","2019-02-13 21:54:04","https://onedrive.live.com/download?cid=4F1737459E3F8C0A&resid=4F1737459E3F8C0A%21108&authkey=ANpirksTUiMHwHg","online","malware_download","compressed,HawkEye,keylogger,payload","https://urlhaus.abuse.ch/url/123889/"
+"123890","2019-02-13 22:03:12","http://104.248.66.24/secure.accounts.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123890/"
+"123889","2019-02-13 21:54:04","https://onedrive.live.com/download?cid=4F1737459E3F8C0A&resid=4F1737459E3F8C0A%21108&authkey=ANpirksTUiMHwHg","offline","malware_download","compressed,HawkEye,keylogger,payload","https://urlhaus.abuse.ch/url/123889/"
 "123888","2019-02-13 21:47:04","http://199.38.245.221/bins/yakuza.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123888/"
 "123887","2019-02-13 21:47:03","http://199.38.245.221:80/bins/yakuza.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123887/"
 "123886","2019-02-13 21:47:02","http://199.38.245.221/bins/yakuza.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123886/"
@@ -5360,7 +7206,7 @@
 "123873","2019-02-13 21:19:05","https://www.wcsrh.org/dns-update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123873/"
 "123872","2019-02-13 21:05:03","http://decorinfo.ru/En_us/document/Inv/kEqPV-E0nEH_Fehi-vC0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123872/"
 "123871","2019-02-13 21:03:39","http://162.243.254.239/quoteandbuy/CcSkzUOiUa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123871/"
-"123870","2019-02-13 21:03:38","http://18.217.96.49/z54U0nF/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123870/"
+"123870","2019-02-13 21:03:38","http://18.217.96.49/z54U0nF/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123870/"
 "123869","2019-02-13 21:03:08","http://103.11.22.51/wp-content/uploads/ZEgGVHJS/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123869/"
 "123868","2019-02-13 21:03:06","http://dominicanos.xyz/hujBocy/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123868/"
 "123867","2019-02-13 21:03:05","http://khobep.com/I2TSaRa/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123867/"
@@ -5409,7 +7255,7 @@
 "123824","2019-02-13 20:02:06","http://185.22.154.206:80/bins/trojan.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123824/"
 "123823","2019-02-13 20:02:05","http://211.204.165.173:41953/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/123823/"
 "123822","2019-02-13 20:02:02","http://dreams-innovations.com/wp-content/themes/ecommerce-solution/inc/metro.cash.and.carry.zakaz.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/123822/"
-"123820","2019-02-13 19:59:12","http://52.63.119.3/verif.accounts.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123820/"
+"123820","2019-02-13 19:59:12","http://52.63.119.3/verif.accounts.send.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123820/"
 "123821","2019-02-13 19:59:12","http://54.38.35.144/verif.accounts.docs.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123821/"
 "123819","2019-02-13 19:59:08","http://52.202.101.89/verif.myaccount.docs.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123819/"
 "123818","2019-02-13 19:59:07","http://54.153.245.124/verif.myacc.resourses.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123818/"
@@ -5432,7 +7278,7 @@
 "123801","2019-02-13 19:37:19","http://54.250.159.171/US/company/Invoice_number/123405918808120/nZdg-6se_PlUK-UQ/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123801/"
 "123800","2019-02-13 19:37:13","http://54.234.174.153/corporation/Invoice_number/IBPk-HDo_PwtXEj-4o/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123800/"
 "123799","2019-02-13 19:37:12","http://159.65.142.218/wp-admin/file/rlQCK-AEA_TOLYw-ti/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123799/"
-"123798","2019-02-13 19:37:09","http://104.248.140.207/EN_en/download/0234405946/ZDyA-U0FPh_dvfsnUKXu-CG/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123798/"
+"123798","2019-02-13 19:37:09","http://104.248.140.207/EN_en/download/0234405946/ZDyA-U0FPh_dvfsnUKXu-CG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123798/"
 "123797","2019-02-13 19:37:08","http://104.211.226.28/En/file/SgIS-4TUmZ_cTftxeU-xTR/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123797/"
 "123796","2019-02-13 19:37:06","http://104.155.134.95/EN_en/company/WgYd-cyY_mcgNPRnVf-E8/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123796/"
 "123795","2019-02-13 19:37:05","http://amirimh.ir/wp-content/90020980/MCHfF-Vv2Q_wh-jL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123795/"
@@ -5466,12 +7312,12 @@
 "123767","2019-02-13 19:15:09","http://itexpress.victoria-makeup.kz/corporation/qKcpb-62_aD-KnY/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123767/"
 "123766","2019-02-13 19:11:08","http://arayana.ir/llc/Invoice/EqxR-oS_fMyy-KSS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123766/"
 "123765","2019-02-13 19:02:10","http://ge.kreo.co.ke/En_us/llc/fthS-kiaO_DWj-Xf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123765/"
-"123764","2019-02-13 18:59:07","http://185.244.25.230/bins/mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123764/"
-"123762","2019-02-13 18:57:04","http://185.244.25.230/bins/arm","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123762/"
-"123763","2019-02-13 18:57:04","http://185.244.25.230/bins/x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123763/"
-"123761","2019-02-13 18:57:03","http://185.244.25.230/bins/sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123761/"
+"123764","2019-02-13 18:59:07","http://185.244.25.230/bins/mpsl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123764/"
+"123762","2019-02-13 18:57:04","http://185.244.25.230/bins/arm","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123762/"
+"123763","2019-02-13 18:57:04","http://185.244.25.230/bins/x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123763/"
+"123761","2019-02-13 18:57:03","http://185.244.25.230/bins/sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123761/"
 "123760","2019-02-13 18:57:02","http://cifal.pl/EN_en/xerox/Mvglf-Mie_SbwiR-k7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123760/"
-"123759","2019-02-13 18:56:11","http://185.244.25.230/bins/arm7","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123759/"
+"123759","2019-02-13 18:56:11","http://185.244.25.230/bins/arm7","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123759/"
 "123758","2019-02-13 18:56:10","http://gbconnection.vn/Invoice_number/HXxh-fLJ_tZ-mGT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123758/"
 "123757","2019-02-13 18:56:06","http://3.112.13.31/EN_en/llc/Inv/QbLAG-DMjut_T-Gt/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123757/"
 "123756","2019-02-13 18:56:03","http://155.138.195.197/bins/KowaiB3.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123756/"
@@ -5554,20 +7400,20 @@
 "123679","2019-02-13 17:36:03","https://cdn.discordapp.com/attachments/544605025998077953/545145463670702080/Crackfy.exe","online","malware_download","exe,NanoCore,rat","https://urlhaus.abuse.ch/url/123679/"
 "123678","2019-02-13 17:34:05","http://becker-tm.org/asxaad/floq.exe","online","malware_download","exe,NanoCore,rat","https://urlhaus.abuse.ch/url/123678/"
 "123677","2019-02-13 17:33:11","http://comsystem.ch/templates/orange/css/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/123677/"
-"123676","2019-02-13 17:30:06","http://35.231.216.11/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123676/"
+"123676","2019-02-13 17:30:06","http://35.231.216.11/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123676/"
 "123675","2019-02-13 17:26:04","http://alax.nexxtech.fr/images/dixi.grup.zakaz.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/123675/"
 "123674","2019-02-13 17:25:19","http://dreams-innovations.com/wp-content/themes/ecommerce-solution/inc/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/123674/"
 "123673","2019-02-13 17:24:27","http://waterfordcomputers.ie/wp-content/themes/WCv15/includes/css/massg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/123673/"
-"123672","2019-02-13 17:24:13","http://35.231.216.11/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123672/"
-"123671","2019-02-13 17:24:09","http://35.231.216.11/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123671/"
-"123670","2019-02-13 17:24:05","http://35.231.216.11/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123670/"
-"123669","2019-02-13 17:20:06","http://35.231.216.11/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123669/"
-"123668","2019-02-13 17:20:04","http://35.231.216.11/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123668/"
+"123672","2019-02-13 17:24:13","http://35.231.216.11/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123672/"
+"123671","2019-02-13 17:24:09","http://35.231.216.11/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123671/"
+"123670","2019-02-13 17:24:05","http://35.231.216.11/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123670/"
+"123669","2019-02-13 17:20:06","http://35.231.216.11/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123669/"
+"123668","2019-02-13 17:20:04","http://35.231.216.11/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123668/"
 "123667","2019-02-13 17:20:03","http://musicmeetshealth.net/wp-admin/includes/_output45BFA20.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/123667/"
 "123666","2019-02-13 17:18:02","http://92.63.197.153/work/w.exe","online","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/123666/"
 "123664","2019-02-13 17:17:02","http://92.63.197.153/work/1.exe","online","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/123664/"
 "123665","2019-02-13 17:17:02","http://92.63.197.153/work/2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/123665/"
-"123663","2019-02-13 17:16:03","http://35.231.216.11/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123663/"
+"123663","2019-02-13 17:16:03","http://35.231.216.11/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123663/"
 "123662","2019-02-13 17:14:09","http://customsservices.xyz/aii/bin_outputBD76DAF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/123662/"
 "123661","2019-02-13 17:13:20","http://13.125.133.209/8v3dAOp/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123661/"
 "123660","2019-02-13 17:13:17","http://52.63.71.120/jP7Bi6vPVK/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123660/"
@@ -5576,15 +7422,15 @@
 "123657","2019-02-13 17:13:05","http://www.prowidor.com/35hflpam3A/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123657/"
 "123656","2019-02-13 17:13:03","http://klotho.net/wp/wp-admin/css/colors/blue/ashan.russia.zakaz.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/123656/"
 "123655","2019-02-13 17:12:03","http://54.167.192.134/trust.myacc.docs.biz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123655/"
-"123654","2019-02-13 17:11:07","http://lehtoniemi.com/wp-admin/includes/SWIFT_INGBank_rechnung006822.jar","online","malware_download","Adwind,jar,java","https://urlhaus.abuse.ch/url/123654/"
+"123654","2019-02-13 17:11:07","http://lehtoniemi.com/wp-admin/includes/SWIFT_INGBank_rechnung006822.jar","offline","malware_download","Adwind,jar,java","https://urlhaus.abuse.ch/url/123654/"
 "123653","2019-02-13 17:02:37","http://varzeshpress.com/wp-admin/7W2CoXQJAHI_8PXLADey7/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123653/"
 "123652","2019-02-13 17:02:33","http://pro-iherb.ru/IeuJlgdj6_D/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123652/"
 "123651","2019-02-13 17:02:24","http://zhiko.ir/5lJEfpVX9e7_6Hm/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/123651/"
 "123650","2019-02-13 17:02:20","http://207.154.223.104/usgfmGl/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123650/"
 "123649","2019-02-13 17:02:14","http://159.89.153.180/PirPKmVSvCUrD_faC0bF8/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123649/"
-"123648","2019-02-13 16:55:03","http://35.231.216.11/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123648/"
-"123647","2019-02-13 16:54:02","http://35.231.216.11/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123647/"
-"123646","2019-02-13 16:53:04","http://presse.schmutzki.de/.well-known/acme-challenge/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/123646/"
+"123648","2019-02-13 16:55:03","http://35.231.216.11/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123648/"
+"123647","2019-02-13 16:54:02","http://35.231.216.11/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123647/"
+"123646","2019-02-13 16:53:04","http://presse.schmutzki.de/.well-known/acme-challenge/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/123646/"
 "123645","2019-02-13 16:52:03","http://155.138.195.197/bins/KowaiB3.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123645/"
 "123644","2019-02-13 16:52:02","http://155.138.195.197/bins/KowaiB3.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123644/"
 "123643","2019-02-13 16:50:15","http://155.138.195.197/bins/KowaiB3.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123643/"
@@ -5595,12 +7441,12 @@
 "123638","2019-02-13 16:50:05","http://155.138.195.197/bins/kowai.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123638/"
 "123637","2019-02-13 16:50:03","http://155.138.195.197/bins/kowai.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123637/"
 "123636","2019-02-13 16:49:03","https://onedrive.live.com/download?cid=A8D61F2F0A2618EA&resid=A8D61F2F0A2618EA%211330&authkey=AMwU4k_ZSRD2ssA","offline","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/123636/"
-"123635","2019-02-13 16:45:03","http://35.231.216.11:80/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123635/"
-"123633","2019-02-13 16:43:04","http://35.231.216.11:80/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123633/"
-"123634","2019-02-13 16:43:04","http://35.231.216.11:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123634/"
-"123632","2019-02-13 16:43:02","http://35.231.216.11:80/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123632/"
-"123630","2019-02-13 16:42:03","http://35.231.216.11:80/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123630/"
-"123631","2019-02-13 16:42:03","http://35.231.216.11:80/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123631/"
+"123635","2019-02-13 16:45:03","http://35.231.216.11:80/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123635/"
+"123633","2019-02-13 16:43:04","http://35.231.216.11:80/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123633/"
+"123634","2019-02-13 16:43:04","http://35.231.216.11:80/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123634/"
+"123632","2019-02-13 16:43:02","http://35.231.216.11:80/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123632/"
+"123630","2019-02-13 16:42:03","http://35.231.216.11:80/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123630/"
+"123631","2019-02-13 16:42:03","http://35.231.216.11:80/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123631/"
 "123629","2019-02-13 16:40:49","http://x-soft.tomsk.ru/EN_en/doc/Invoice/vdcb-8AvQ7_oxW-qr/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123629/"
 "123628","2019-02-13 16:40:48","http://prostranstvorosta.ru/EN_en/scan/TWGwh-nz_WT-Aok/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123628/"
 "123627","2019-02-13 16:40:46","http://nonfree.ru/company/Inv/975956727/NKErr-s90_fjVgbaUI-wVO/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123627/"
@@ -5614,7 +7460,7 @@
 "123618","2019-02-13 16:40:35","http://206.189.154.46/En_us/info/New_invoice/tPds-xIodr_VDgMFSO-s9d/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123618/"
 "123619","2019-02-13 16:40:35","http://3.120.147.8/download/9428618769/sary-0cZ_cEYzUU-2u/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123619/"
 "123617","2019-02-13 16:40:32","http://18.223.20.43/EN_en/xerox/Invoice_number/LaejY-Xt_sgrNPE-YD/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123617/"
-"123616","2019-02-13 16:40:30","http://18.221.1.168/corporation/Rthgy-VE_DqQJ-iP/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123616/"
+"123616","2019-02-13 16:40:30","http://18.221.1.168/corporation/Rthgy-VE_DqQJ-iP/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123616/"
 "123615","2019-02-13 16:40:28","http://18.218.56.72/wp-content/US/ZgjN-7JOe_B-u0A/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123615/"
 "123614","2019-02-13 16:40:26","http://18.217.211.183/wordpress/US/company/sbzb-NaBu_ZVKxdz-FrX/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123614/"
 "123613","2019-02-13 16:40:25","http://pro-iherb.u1296248.cp.regruhosting.ru/trust.myaccount.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123613/"
@@ -5631,16 +7477,16 @@
 "123602","2019-02-13 16:39:08","http://51.77.192.138/verif.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123602/"
 "123601","2019-02-13 16:39:06","http://37.139.27.218/secure.myaccount.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123601/"
 "123600","2019-02-13 16:39:04","http://35.202.250.4/sec.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123600/"
-"123599","2019-02-13 16:39:00","http://34.242.190.144/secure.accs.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123599/"
+"123599","2019-02-13 16:39:00","http://34.242.190.144/secure.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123599/"
 "123598","2019-02-13 16:38:56","http://3.92.174.100/sec.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123598/"
 "123597","2019-02-13 16:38:54","http://23.235.202.43/verif.myacc.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123597/"
 "123596","2019-02-13 16:38:50","http://207.148.31.160/sec.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123596/"
 "123595","2019-02-13 16:38:20","http://204.48.21.209/secure.myacc.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123595/"
 "123594","2019-02-13 16:38:17","http://192.241.145.236/verif.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123594/"
-"123593","2019-02-13 16:38:14","http://18.222.169.76/trust.accs.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123593/"
+"123593","2019-02-13 16:38:14","http://18.222.169.76/trust.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123593/"
 "123592","2019-02-13 16:38:09","http://178.236.210.22/secure.myaccount.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123592/"
 "123591","2019-02-13 16:38:05","http://128.199.172.4/sec.myaccount.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123591/"
-"123590","2019-02-13 16:31:06","http://35.231.216.11:80/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123590/"
+"123590","2019-02-13 16:31:06","http://35.231.216.11:80/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123590/"
 "123589","2019-02-13 16:22:06","https://www.dropbox.com/s/5pmfvp2owyt66cu/NEW%20ORDER.pdf.z?dl=1","offline","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/123589/"
 "123588","2019-02-13 16:16:39","http://crdpmaule.cl/wp-includes/customize/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/123588/"
 "123587","2019-02-13 16:16:35","http://sempet.com.tr/wp-content/themes/twentyfourteen/3","online","malware_download","None","https://urlhaus.abuse.ch/url/123587/"
@@ -5650,8 +7496,8 @@
 "123583","2019-02-13 16:16:16","http://crdpmaule.cl/wp-includes/customize/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/123583/"
 "123582","2019-02-13 16:16:11","http://sempet.com.tr/wp-content/themes/twentyfourteen/2","online","malware_download","None","https://urlhaus.abuse.ch/url/123582/"
 "123581","2019-02-13 16:16:06","http://stolarstvosimo.sk/wp-content/themes/sevenwonders/2","online","malware_download","None","https://urlhaus.abuse.ch/url/123581/"
-"123580","2019-02-13 16:13:44","http://35.231.216.11:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123580/"
-"123579","2019-02-13 16:13:39","http://35.231.216.11:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123579/"
+"123580","2019-02-13 16:13:44","http://35.231.216.11:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123580/"
+"123579","2019-02-13 16:13:39","http://35.231.216.11:80/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123579/"
 "123578","2019-02-13 16:13:34","http://redrockmedical.com/wp-content/plugins/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/123578/"
 "123577","2019-02-13 16:13:29","http://sekretbeauty.ru/wp-includes/pomo/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/123577/"
 "123576","2019-02-13 16:13:25","http://crdpmaule.cl/wp-includes/customize/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/123576/"
@@ -5720,10 +7566,10 @@
 "123513","2019-02-13 14:21:53","http://collagenspray1.com/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123513/"
 "123511","2019-02-13 14:21:51","http://adepan.frameweb.ro/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123511/"
 "123512","2019-02-13 14:21:51","http://anambrabrothers.org/secure.accs.resourses.com/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123512/"
-"123510","2019-02-13 14:21:49","http://54.224.240.34/Telekom/Rechnung/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123510/"
-"123509","2019-02-13 14:21:48","http://52.211.179.190/Telekom/RechnungOnline/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123509/"
+"123510","2019-02-13 14:21:49","http://54.224.240.34/Telekom/Rechnung/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123510/"
+"123509","2019-02-13 14:21:48","http://52.211.179.190/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123509/"
 "123508","2019-02-13 14:21:47","http://52.15.227.66/Telekom/Transaktion/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123508/"
-"123507","2019-02-13 14:21:46","http://35.200.161.87/Telekom/Rechnung/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123507/"
+"123507","2019-02-13 14:21:46","http://35.200.161.87/Telekom/Rechnung/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123507/"
 "123506","2019-02-13 14:21:43","http://35.196.135.186/wordpress/Telekom/RechnungOnline/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123506/"
 "123505","2019-02-13 14:21:42","http://35.184.197.183/Telekom/Transaktion/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123505/"
 "123504","2019-02-13 14:21:39","http://34.208.141.93/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123504/"
@@ -5804,7 +7650,7 @@
 "123429","2019-02-13 13:06:24","http://shihtzumapuppies.com/wp-content/themes/woof/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123429/"
 "123428","2019-02-13 13:06:13","http://shihtzumapuppies.com/wp-content/themes/woof/extendvc/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123428/"
 "123427","2019-02-13 13:05:10","http://www.shihtzumapuppies.com/wp-content/themes/woof/extendvc/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123427/"
-"123426","2019-02-13 13:02:08","http://technoscienceacademy.com/imd/sm.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/123426/"
+"123426","2019-02-13 13:02:08","http://technoscienceacademy.com/imd/sm.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/123426/"
 "123425","2019-02-13 12:50:56","http://plc24.u1296248.cp.regruhosting.ru/EN_en/Invoice/226211865611/TkeNs-Udm_AKS-fq/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123425/"
 "123424","2019-02-13 12:50:55","http://kirstenborum.com/De/YDPADIFC5848993/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123424/"
 "123423","2019-02-13 12:50:54","https://cdn.discordapp.com/attachments/538099848738504731/544283617493254174/mebarth_Protected.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/123423/"
@@ -5855,11 +7701,11 @@
 "123378","2019-02-13 11:38:17","http://eco-fun.ru/De_de/KPUGOF1777468/Rechnungs-docs/Rechnungszahlung//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123378/"
 "123377","2019-02-13 11:33:11","http://buwamat.com.pl/En/company/Inv/fZEt-jJR_dQ-n5c/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123377/"
 "123376","2019-02-13 11:32:12","http://horse-moskva.myjino.ru/De/EBFUFPHB5662487/Scan/Hilfestellung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123376/"
-"123375","2019-02-13 11:30:33","http://54.146.46.168/US_us/Copy_Invoice/hyiq-sVFoU_sZtalczx-DU/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123375/"
+"123375","2019-02-13 11:30:33","http://54.146.46.168/US_us/Copy_Invoice/hyiq-sVFoU_sZtalczx-DU/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123375/"
 "123374","2019-02-13 11:29:04","http://efdesign.ir/de_DE/KYSJLLCUS3016175/Rechnungs-Details/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123374/"
 "123373","2019-02-13 11:28:03","http://34.80.131.135:80/bins/telnet.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123373/"
 "123372","2019-02-13 11:24:04","http://54.165.253.1/En/download/yuNuR-hf4a_oiVfXYk-YY/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123372/"
-"123371","2019-02-13 11:24:02","http://52.66.236.210/Februar2019/XQLEZND7115793/Rechnungs-Details/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123371/"
+"123371","2019-02-13 11:24:02","http://52.66.236.210/Februar2019/XQLEZND7115793/Rechnungs-Details/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123371/"
 "123370","2019-02-13 11:19:07","http://67.209.114.215/US_us/New_invoice/WurVn-MoQ_KZruyHDR-kp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123370/"
 "123369","2019-02-13 11:19:06","http://52.89.55.218/wp-content/de_DE/TIJHADTEWZ0988890/DE/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123369/"
 "123368","2019-02-13 11:18:05","http://diputraders.com/okfiles.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123368/"
@@ -5875,11 +7721,11 @@
 "123355","2019-02-13 11:06:14","http://35.226.135.179/wp-content/uploads/US_us/corporation/Invoice/TZVZ-ISF0_HWTouY-G0N/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123355/"
 "123354","2019-02-13 11:06:07","http://www.car-partner.ru/DE/OFXKAA4727189/Rechnungs-Details/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123354/"
 "123353","2019-02-13 11:02:19","http://okna-csm.ru/DE/YWLSIIHXTL4996204/Scan/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123353/"
-"123352","2019-02-13 11:02:08","http://3.16.186.154/download/361415307/dWup-Mg_XPrcp-e5H/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123352/"
+"123352","2019-02-13 11:02:08","http://3.16.186.154/download/361415307/dWup-Mg_XPrcp-e5H/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123352/"
 "123351","2019-02-13 10:58:10","http://34.242.220.49/scan/Invoice_Notice/kwGY-KT_ApUI-Tl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123351/"
 "123350","2019-02-13 10:58:05","http://212.47.233.25/wordpress/wp-content/RWACHN5834441/gescanntes-Dokument/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123350/"
 "123349","2019-02-13 10:54:05","http://orionmarketing.ru/En/corporation/Copy_Invoice/WuRwl-HAJ90_xRTt-zpk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123349/"
-"123348","2019-02-13 10:53:03","http://176.32.32.140/ZZJHJIWWHC4541074/GER/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123348/"
+"123348","2019-02-13 10:53:03","http://176.32.32.140/ZZJHJIWWHC4541074/GER/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123348/"
 "123347","2019-02-13 10:50:02","http://139.59.130.73/KAAECAW0228023/DE/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123347/"
 "123346","2019-02-13 10:49:01","http://aulsystem.com/US_us/scan/Inv/bGyh-QnW_WLBwUcNkh-PZ/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123346/"
 "123345","2019-02-13 10:45:03","http://beta.compspb.ru/De_de/FFIZUMLUCI4809632/Dokumente/DETAILS/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123345/"
@@ -5899,17 +7745,17 @@
 "123330","2019-02-13 10:19:02","http://178.62.213.188/DE_de/POTJCPC8133291/Rech/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123330/"
 "123331","2019-02-13 10:19:02","http://napier.eu/corporation/Inv/toth-7zfm_JUUNfxq-5o3/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123331/"
 "123329","2019-02-13 10:15:04","http://secondmortgagerates.ca/EN_en/company/TURn-PY03_URCgOL-yTN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123329/"
-"123328","2019-02-13 10:14:06","http://68.183.157.144/bins/air.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123328/"
-"123327","2019-02-13 10:14:05","http://68.183.157.144/bins/air.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123327/"
-"123326","2019-02-13 10:14:04","http://68.183.157.144/bins/air.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123326/"
-"123324","2019-02-13 10:14:03","http://68.183.157.144/bins/air.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123324/"
-"123325","2019-02-13 10:14:03","http://68.183.157.144/bins/air.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123325/"
-"123323","2019-02-13 10:13:06","http://68.183.157.144/bins/air.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123323/"
-"123322","2019-02-13 10:13:05","http://68.183.157.144/bins/air.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123322/"
-"123320","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123320/"
-"123321","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123321/"
-"123319","2019-02-13 10:13:03","http://68.183.157.144/bins/air.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123319/"
-"123318","2019-02-13 10:13:02","http://68.183.157.144/bins/air.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123318/"
+"123328","2019-02-13 10:14:06","http://68.183.157.144/bins/air.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123328/"
+"123327","2019-02-13 10:14:05","http://68.183.157.144/bins/air.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123327/"
+"123326","2019-02-13 10:14:04","http://68.183.157.144/bins/air.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123326/"
+"123324","2019-02-13 10:14:03","http://68.183.157.144/bins/air.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123324/"
+"123325","2019-02-13 10:14:03","http://68.183.157.144/bins/air.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123325/"
+"123323","2019-02-13 10:13:06","http://68.183.157.144/bins/air.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123323/"
+"123322","2019-02-13 10:13:05","http://68.183.157.144/bins/air.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123322/"
+"123320","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123320/"
+"123321","2019-02-13 10:13:04","http://68.183.157.144/bins/air.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123321/"
+"123319","2019-02-13 10:13:03","http://68.183.157.144/bins/air.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123319/"
+"123318","2019-02-13 10:13:02","http://68.183.157.144/bins/air.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123318/"
 "123317","2019-02-13 10:13:01","http://45.63.59.67/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123317/"
 "123316","2019-02-13 10:13:00","http://45.63.59.67/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123316/"
 "123315","2019-02-13 10:12:59","http://45.63.59.67/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123315/"
@@ -6251,7 +8097,7 @@
 "122949","2019-02-13 03:21:10","http://www2.wlwv.k12.or.us/DistrictDepts/InformationServices/Connect-to-WLWV-Cloud.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/122949/"
 "122948","2019-02-13 03:21:06","http://www2.wlwv.k12.or.us/DistrictDepts/InformationServices/Fix-WINS-Name.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/122948/"
 "122947","2019-02-13 03:17:06","https://drive.google.com/uc?export=download&id=0B--fKo3sxQbHbTd6QWJOd2hMX2M","online","malware_download","compressed,exe,payload,zip","https://urlhaus.abuse.ch/url/122947/"
-"122946","2019-02-13 03:12:06","http://petexpertises.com/zuniga.exe","online","malware_download","exe,fareit,payload,Pony,stage2,trojan","https://urlhaus.abuse.ch/url/122946/"
+"122946","2019-02-13 03:12:06","http://petexpertises.com/zuniga.exe","online","malware_download","exe,fareit,Formbook,payload,Pony,stage2,trojan","https://urlhaus.abuse.ch/url/122946/"
 "122945","2019-02-13 03:09:05","http://diangovcomuiscia.com/Registraduria%20Nacional%20-%20Notificacion%20cancelacion%20cedula%20de%20ciudadania.doc","offline","malware_download","backdoor,doc,Imminent,Loader,rat,stage2","https://urlhaus.abuse.ch/url/122945/"
 "122944","2019-02-13 03:06:12","http://login.178stu.com/login/NewBuild.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122944/"
 "122943","2019-02-13 03:01:15","http://178stu.com/login/NewBuild.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122943/"
@@ -6265,17 +8111,17 @@
 "122935","2019-02-13 02:39:16","http://grenop-invest.cz/bin/messg.jpg","offline","malware_download","compressed,exe,javascript,Loader,payload,Ransomware,Shade,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/122935/"
 "122934","2019-02-13 02:39:04","http://1.velta.z8.ru/errordocs/style/slavneft.zakaz.zip","offline","malware_download","compressed,exe,javascript,Loader,payload,Ransomware,Shade,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/122934/"
 "122933","2019-02-13 02:24:02","http://178.128.0.216/bins/yakuza.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/122933/"
-"122932","2019-02-13 02:18:04","http://fileservice.ga/POb.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122932/"
+"122932","2019-02-13 02:18:04","http://fileservice.ga/POb.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122932/"
 "122931","2019-02-13 01:52:03","https://agilife.pl/sec.myaccount.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122931/"
 "122930","2019-02-13 01:33:03","http://35.197.66.211/mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/122930/"
 "122929","2019-02-13 00:59:04","https://carsibazar.com/verif.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122929/"
 "122928","2019-02-13 00:58:04","http://ulco.tv/Telekom/Rechnung/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122928/"
 "122927","2019-02-13 00:58:03","http://marasopel.com/sec.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122927/"
 "122926","2019-02-13 00:58:02","http://luckylibertarian.com/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122926/"
-"122925","2019-02-13 00:52:07","http://23.249.164.131/feb/sel/war/shed/t/m.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122925/"
-"122924","2019-02-13 00:52:06","http://23.249.164.131/feb/sel/war/shed/shed.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122924/"
-"122923","2019-02-13 00:52:05","http://23.249.164.131/feb/sel/war/cod/code.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122923/"
-"122922","2019-02-13 00:52:03","http://23.249.164.131/feb/sel/war/MYWAR.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122922/"
+"122925","2019-02-13 00:52:07","http://23.249.164.131/feb/sel/war/shed/t/m.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122925/"
+"122924","2019-02-13 00:52:06","http://23.249.164.131/feb/sel/war/shed/shed.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122924/"
+"122923","2019-02-13 00:52:05","http://23.249.164.131/feb/sel/war/cod/code.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122923/"
+"122922","2019-02-13 00:52:03","http://23.249.164.131/feb/sel/war/MYWAR.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/122922/"
 "122921","2019-02-13 00:36:03","http://technicalriaz.xyz/cgi-bin/Invoice/uYbP-nLW4_J-qC/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/122921/"
 "122920","2019-02-13 00:35:24","http://wp.lz-coeus.top/secure.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122920/"
 "122919","2019-02-13 00:35:16","http://weiweinote.com/verif.accounts.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122919/"
@@ -6642,7 +8488,7 @@
 "122558","2019-02-12 16:01:48","http://mpdpro.sk/oRHmNW7L9Gn299bh_6sGXddO84/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122558/"
 "122557","2019-02-12 16:01:45","http://lainaconsulting.co.za/r9iWvJAVkJ/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122557/"
 "122556","2019-02-12 16:01:36","http://52.59.169.135/AOVbhkKVMU2/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122556/"
-"122555","2019-02-12 16:01:05","http://54.85.253.114/WSI0rgK9_K1mC/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122555/"
+"122555","2019-02-12 16:01:05","http://54.85.253.114/WSI0rgK9_K1mC/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122555/"
 "122554","2019-02-12 15:59:09","http://ingramjapan.com/En_us/document/Inv/bahX-pvh_dDIg-wz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122554/"
 "122553","2019-02-12 15:55:10","http://sanxuathopcod.com/US_us/xerox/iRJbH-YV0_HaIxhp-TQY/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122553/"
 "122552","2019-02-12 15:53:07","http://www.hinterwaldfest.com/4Y1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122552/"
@@ -6674,7 +8520,7 @@
 "122526","2019-02-12 14:54:25","http://lipraco.cz/templates/lipraco/css/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/122526/"
 "122525","2019-02-12 14:52:14","http://hinterwaldfest.com/4Y1.exe","online","malware_download","exe,zeus","https://urlhaus.abuse.ch/url/122525/"
 "122524","2019-02-12 14:51:03","http://realdealhouse.eu/HAY/OSE.exe","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/122524/"
-"122523","2019-02-12 14:46:16","http://p2.lingpao8.com/Dragoon/20150711_5L.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/122523/"
+"122523","2019-02-12 14:46:16","http://p2.lingpao8.com/Dragoon/20150711_5L.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/122523/"
 "122522","2019-02-12 14:43:05","http://bkkbubblebar.com/trust.accounts.send.net/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122522/"
 "122521","2019-02-12 14:38:08","http://monkeyinferno.net/seledka.exe","online","malware_download","GandCrab,Ransomware","https://urlhaus.abuse.ch/url/122521/"
 "122520","2019-02-12 14:33:06","http://dev.go.bookingrobin.com/US/hIPYq-zTm_ZrflKdXwr-7s/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122520/"
@@ -6707,7 +8553,7 @@
 "122492","2019-02-12 14:00:08","http://aitechr.migallery.com/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122492/"
 "122493","2019-02-12 14:00:08","http://asmanjob.ir/wp-admin/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122493/"
 "122491","2019-02-12 14:00:05","http://jmbtrading.com.br/DLTyU-Ty_nZUwU-0TO/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122491/"
-"122490","2019-02-12 13:56:04","https://schmutzki.de/content/themes/schmutzki-child/img/devices/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/122490/"
+"122490","2019-02-12 13:56:04","https://schmutzki.de/content/themes/schmutzki-child/img/devices/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/122490/"
 "122489","2019-02-12 13:55:02","http://eroes.nl/Inv/kbwU-V0xXX_uDMdxque-lg//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122489/"
 "122488","2019-02-12 13:45:05","http://ewris.se/En_us/download/603426478776/BBNQs-Zsrvs_kwvJ-b7r/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122488/"
 "122487","2019-02-12 13:43:20","http://marywangari.co.ke/OWUFCo3wEBv9_nov6xLeK/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122487/"
@@ -6720,7 +8566,7 @@
 "122480","2019-02-12 13:33:11","http://cross.vn/US_us/info/New_invoice/JToV-8fK34_MnDNscvu-cT/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/122480/"
 "122479","2019-02-12 13:33:05","http://lsn.standard-om.net/lsn_data/uploads/data/cfp/cours17_400.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122479/"
 "122478","2019-02-12 13:31:11","http://lsn.standard-om.net/lsn_data/uploads/data/cfp/cours17_418.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122478/"
-"122477","2019-02-12 13:31:09","http://fileservice.ga/POm2.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122477/"
+"122477","2019-02-12 13:31:09","http://fileservice.ga/POm2.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122477/"
 "122476","2019-02-12 13:31:05","http://lsn.standard-om.net/lsn_data/uploads/data/cfp/cours17_642.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122476/"
 "122475","2019-02-12 13:31:03","http://sergiogio.com/US/llc/kuMWh-yD_ogLs-7y1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122475/"
 "122474","2019-02-12 13:30:04","http://192.210.146.45/doc/excel/vlc.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/122474/"
@@ -6814,7 +8660,7 @@
 "122381","2019-02-12 11:36:11","http://192.210.146.45/file/excel/itunes.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122381/"
 "122380","2019-02-12 11:36:04","http://imran.teckcorner.com/De_de/QCFMCY9853738/Rechnungs/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122380/"
 "122379","2019-02-12 11:34:02","https://clipestan.com/cwuyl_ur-xityuv/gl8/details/2019-02/","offline","malware_download","None","https://urlhaus.abuse.ch/url/122379/"
-"122378","2019-02-12 11:32:12","http://109.169.89.4/zynova/zynova.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122378/"
+"122378","2019-02-12 11:32:12","http://109.169.89.4/zynova/zynova.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122378/"
 "122377","2019-02-12 11:32:08","http://encontrodesolteiros.com.br/Februar2019/TTWTUEY4380127/Rechnung/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122377/"
 "122376","2019-02-12 11:31:11","http://192.210.146.45/file/word/vbc.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/122376/"
 "122375","2019-02-12 11:28:22","http://crcconnect.co.za/DE_de/PRJAVGXJ6447606/Bestellungen/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122375/"
@@ -6868,7 +8714,7 @@
 "122327","2019-02-12 10:32:38","http://www.fenismuratsitesi.com/Telekom/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122327/"
 "122326","2019-02-12 10:32:37","http://www.luckylibertarian.com/Telekom/Transaktion/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122326/"
 "122325","2019-02-12 10:32:33","http://baza-dekora.ru/Telekom/Rechnung/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122325/"
-"122324","2019-02-12 10:32:32","http://35.239.139.124/Telekom/Rechnung/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122324/"
+"122324","2019-02-12 10:32:32","http://35.239.139.124/Telekom/Rechnung/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122324/"
 "122323","2019-02-12 10:29:04","http://foodfithealthy.com/UVDLFV6662688/Bestellungen/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122323/"
 "122322","2019-02-12 10:27:12","http://192.210.146.45/microsoft/word/vbs.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/122322/"
 "122321","2019-02-12 10:25:13","http://192.210.146.45/microsoft/word/outlook.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/122321/"
@@ -6980,7 +8826,7 @@
 "122197","2019-02-12 07:38:06","https://www.oilrefineryline.com/De_de/MEOIBNMDH2613801/de/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122197/"
 "122196","2019-02-12 07:35:02","http://precounterbrand.com/de_DE/ZSLJDNYRI7013367/Rech/Hilfestellung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/122196/"
 "122195","2019-02-12 07:32:08","http://shop.theirishlinenstore.com/doc2192112.png","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/122195/"
-"122194","2019-02-12 07:30:12","http://54.208.237.58/yBnG6KTc_mRtKtntv/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122194/"
+"122194","2019-02-12 07:30:12","http://54.208.237.58/yBnG6KTc_mRtKtntv/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122194/"
 "122193","2019-02-12 07:30:10","http://kosh.ir/kYjmtMPSTqngAKWl_Cpbu/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122193/"
 "122192","2019-02-12 07:30:08","http://mojtabasedighi.tk/wp-admin/CuxC2wfrmfivh5_Yk5DvCs/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122192/"
 "122191","2019-02-12 07:30:06","http://mail.eexcel.ca/JChZqQzpUyYXlpD_5/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/122191/"
@@ -7077,7 +8923,7 @@
 "122100","2019-02-11 22:58:10","http://bynana.nl/US_us/scan/Copy_Invoice/95731481431/uTpS-lza_PGJHjEAIM-O1e/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122100/"
 "122099","2019-02-11 22:54:12","http://betal-urfo.ru/En/doc/New_invoice/6392833/DUzfI-eB5_TtHqt-Mu3/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122099/"
 "122098","2019-02-11 22:50:06","http://emrecengiz.com.tr/US/info/Invoice_number/IbLME-Ef_nReeMdyRQ-fKP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122098/"
-"122097","2019-02-11 22:45:33","http://bazee365.com/company/New_invoice/70094947/sbbKq-Ks_m-ba/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122097/"
+"122097","2019-02-11 22:45:33","http://bazee365.com/company/New_invoice/70094947/sbbKq-Ks_m-ba/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122097/"
 "122096","2019-02-11 22:43:06","http://files.red-starless.com/D/msf.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/122096/"
 "122095","2019-02-11 22:41:07","http://clipestan.com/En/llc/Invoice_Notice/FLDm-e4J92_VKodvsvY-gsD/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122095/"
 "122094","2019-02-11 22:38:10","http://ilo-drink.nl/EN_en/info/pWfOb-1qXcq_led-5HG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122094/"
@@ -7212,7 +9058,7 @@
 "121965","2019-02-11 20:49:12","https://a.coka.la/H9jLoL.jpg","offline","malware_download","exe,payload,Pony,stage2","https://urlhaus.abuse.ch/url/121965/"
 "121964","2019-02-11 20:49:06","https://a.coka.la/zAoJcC.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121964/"
 "121963","2019-02-11 20:46:11","http://nanya-tlm.half-straw.com/En_us/document/8250362786601/dKyvQ-l1s7_lAKNvE-EX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121963/"
-"121962","2019-02-11 20:44:22","http://104.248.66.24/bXkPxtnIYTR_yd7/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121962/"
+"121962","2019-02-11 20:44:22","http://104.248.66.24/bXkPxtnIYTR_yd7/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121962/"
 "121961","2019-02-11 20:44:17","http://13.58.52.117/BBvNV0vvgoectW/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121961/"
 "121960","2019-02-11 20:44:13","http://188.166.161.57/CBpZUIRi2j/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121960/"
 "121959","2019-02-11 20:44:10","http://45.32.82.29/G2UAYAIo5zKs4El4D/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121959/"
@@ -7364,7 +9210,7 @@
 "121806","2019-02-11 18:32:17","http://103.11.22.51/wp-content/uploads/trust.accs.send.biz/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/121806/"
 "121805","2019-02-11 18:32:15","http://104.155.134.95/verif.myacc.docs.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121805/"
 "121804","2019-02-11 18:32:12","http://95.177.143.55/wp-content/sec.myacc.docs.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121804/"
-"121803","2019-02-11 18:32:10","http://18.222.169.76/verif.myaccount.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121803/"
+"121803","2019-02-11 18:32:10","http://18.222.169.76/verif.myaccount.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121803/"
 "121802","2019-02-11 18:32:07","http://ec2-18-218-56-72.us-east-2.compute.amazonaws.com/wp-content/secure.myacc.send.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121802/"
 "121801","2019-02-11 18:32:05","http://37.139.27.218/sec.accs.resourses.net///","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121801/"
 "121800","2019-02-11 18:03:05","https://www.dropbox.com/s/dl/3anvvlpcrt4f7af/joddd.jpg?dl=1","offline","malware_download","exe,payload,rat,revenge,RevengeRAT","https://urlhaus.abuse.ch/url/121800/"
@@ -7385,17 +9231,17 @@
 "121785","2019-02-11 17:22:05","http://54.250.159.171/En_us/2446830/NqWP-TQObp_cgfZBBxnl-NP/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121785/"
 "121784","2019-02-11 17:22:01","http://54.153.245.124/En_us/Copy_Invoice/YhNNA-ZeEBY_ek-JfG/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121784/"
 "121783","2019-02-11 17:21:31","http://52.63.71.120/US_us/corporation/Invoice_number/45951863/OtwFS-R2FA_ZrXS-v72/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121783/"
-"121782","2019-02-11 17:21:00","http://52.63.119.3/En_us/doc/Invoice_Notice/1095987397054/IIPw-Eoa_M-au9/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121782/"
+"121782","2019-02-11 17:21:00","http://52.63.119.3/En_us/doc/Invoice_Notice/1095987397054/IIPw-Eoa_M-au9/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121782/"
 "121781","2019-02-11 17:20:57","http://40.117.254.165/llc/lLotL-gYw_VcoeSlLq-vv/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/121781/"
 "121780","2019-02-11 17:20:27","http://31.6.70.84/download/Inv/021844391348889/lldpM-cB_M-XWm/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121780/"
-"121779","2019-02-11 17:20:26","http://18.217.96.49/En/scan/Invoice_number/fbSY-qCQP7_FTpCVWEhg-ip/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121779/"
+"121779","2019-02-11 17:20:26","http://18.217.96.49/En/scan/Invoice_number/fbSY-qCQP7_FTpCVWEhg-ip/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121779/"
 "121778","2019-02-11 17:20:24","http://140.227.27.252/wp-content/file/Invoice_Notice/Maad-ZTqtr_r-sL/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121778/"
-"121777","2019-02-11 17:20:12","http://104.248.140.207/download/72250613818/TnHN-lj_Yzxg-V4/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121777/"
+"121777","2019-02-11 17:20:12","http://104.248.140.207/download/72250613818/TnHN-lj_Yzxg-V4/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121777/"
 "121776","2019-02-11 17:20:11","http://aca.natterbase.com/secure.accs.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121776/"
 "121775","2019-02-11 17:20:10","http://91.89.196.92/wordpress/sec.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121775/"
 "121773","2019-02-11 17:20:09","http://78.207.210.11/@eaDir/secure.myaccount.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121773/"
 "121774","2019-02-11 17:20:09","http://89.98.154.157/@eaDir/trust.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121774/"
-"121772","2019-02-11 17:20:07","http://73.114.227.141/verif.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121772/"
+"121772","2019-02-11 17:20:07","http://73.114.227.141/verif.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121772/"
 "121771","2019-02-11 17:20:05","http://54.234.174.153/sec.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121771/"
 "121770","2019-02-11 17:20:04","http://51.77.192.138/sec.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121770/"
 "121769","2019-02-11 17:20:03","http://188.131.164.117/trust.myacc.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121769/"
@@ -7414,7 +9260,7 @@
 "121756","2019-02-11 15:55:06","http://46.101.52.174/secure.accs.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121756/"
 "121755","2019-02-11 15:55:05","http://206.189.154.46/secure.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121755/"
 "121754","2019-02-11 15:55:04","http://www.dropbox.com/s/xfja85riokvg9xk/ORDER%20LIST.ace?dl=1","online","malware_download","ace,compressed,payload","https://urlhaus.abuse.ch/url/121754/"
-"121753","2019-02-11 15:54:32","http://18.184.16.5/EN_en/company/Invoice_number/34128416/Fdjmu-NQuzD_srNbU-G2p/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121753/"
+"121753","2019-02-11 15:54:32","http://18.184.16.5/EN_en/company/Invoice_number/34128416/Fdjmu-NQuzD_srNbU-G2p/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121753/"
 "121752","2019-02-11 15:50:06","http://94.177.233.190/wp/US/info/Invoice_Notice/3027157/EHLwm-zES_OWAjyir-lO//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121752/"
 "121751","2019-02-11 15:45:07","http://52.196.225.91/wordpress/US_us/document/aTUC-RQb_nAQiekDLJ-wbj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121751/"
 "121750","2019-02-11 15:40:05","http://34.201.148.147/download/Inv/rwUu-GoD8Y_YsGNacwnq-Wi1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121750/"
@@ -7452,16 +9298,16 @@
 "121718","2019-02-11 15:17:06","http://35.202.250.4/document/Invoice_Notice/pnDo-aHDN_HzaHfarw-RWS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121718/"
 "121717","2019-02-11 15:13:10","http://139.59.182.250/En_us/doc/921630112996/rgbuP-SSFaG_aL-Mz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121717/"
 "121716","2019-02-11 15:13:06","http://www.anvd.ne/wp-content/corporation/UwlGE-b50Lg_Kv-lj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121716/"
-"121715","2019-02-11 15:10:32","http://34.242.190.144/EN_en/download/Invoice_number/vHScR-n1_PNvfJN-qJs/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121715/"
+"121715","2019-02-11 15:10:32","http://34.242.190.144/EN_en/download/Invoice_number/vHScR-n1_PNvfJN-qJs/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121715/"
 "121714","2019-02-11 15:09:12","http://207.154.223.104/ooDtybmXDTDVP_Iv/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121714/"
 "121713","2019-02-11 15:09:11","http://138.197.72.9/vRoDcTOZS_qq4qSrbs/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121713/"
 "121712","2019-02-11 15:09:09","http://13.126.61.11/TTLDQc4Su4n/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121712/"
 "121711","2019-02-11 15:09:08","http://139.59.64.173/hSQpezoBAp/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121711/"
-"121710","2019-02-11 15:09:06","http://13.126.61.22/ZersFqNzy4Dr/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121710/"
+"121710","2019-02-11 15:09:06","http://13.126.61.22/ZersFqNzy4Dr/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121710/"
 "121709","2019-02-11 15:09:02","http://3.120.147.8/info/gLfY-53_Rjy-2Ms/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121709/"
 "121708","2019-02-11 15:07:03","http://158.69.135.116/scan/VGIy-LJJq_rtJTwGJ-loZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121708/"
 "121707","2019-02-11 15:05:15","http://34.243.4.98/document/Inv/whfgV-T5_OhosR-KjB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121707/"
-"121706","2019-02-11 15:03:05","http://13.251.184.56/EN_en/scan/Invoice_number/MAAB-ZMd_n-3p4/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121706/"
+"121706","2019-02-11 15:03:05","http://13.251.184.56/EN_en/scan/Invoice_number/MAAB-ZMd_n-3p4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121706/"
 "121705","2019-02-11 15:00:10","http://207.148.31.160/doc/Invoice_Notice/xJkcH-pXzw_ikv-yP/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121705/"
 "121704","2019-02-11 15:00:08","http://159.65.146.232/secure.myacc.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121704/"
 "121703","2019-02-11 15:00:07","http://139.180.213.48/En/company/MLSD-5n8_NW-aGk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121703/"
@@ -7474,7 +9320,7 @@
 "121696","2019-02-11 14:49:13","http://rexus.com.tr/wp-content/languages/plugins/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/121696/"
 "121695","2019-02-11 14:47:06","http://159.65.65.213/file/Ryzo-3h_qp-jAt/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121695/"
 "121694","2019-02-11 14:46:06","http://18.223.20.43/US/llc/Copy_Invoice/202956035/wyZr-NIkXO_dEpTjku-0i/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121694/"
-"121693","2019-02-11 14:43:12","http://18.221.1.168/En_us/Inv/70722042/TxlW-3bBd_Azwqu-AXb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121693/"
+"121693","2019-02-11 14:43:12","http://18.221.1.168/En_us/Inv/70722042/TxlW-3bBd_Azwqu-AXb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121693/"
 "121692","2019-02-11 14:43:06","http://192.241.145.236/US/New_invoice/ZoRXj-H1k08_v-ty/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121692/"
 "121691","2019-02-11 14:42:52","http://handofdoom.org/wordpress/wp-content/plugins/ubh/Sysstem.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121691/"
 "121690","2019-02-11 14:42:12","http://5.188.231.206/uploads/orbit.mp4","offline","malware_download","Encoded,Gozi,JPN,Task","https://urlhaus.abuse.ch/url/121690/"
@@ -7559,7 +9405,7 @@
 "121610","2019-02-11 13:41:02","http://lithi.io/file/a44bed.doc","offline","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121610/"
 "121609","2019-02-11 13:40:24","http://delaker.info/app/vc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/121609/"
 "121608","2019-02-11 13:38:31","http://handofdoom.org/wordpress/wp-content/plugins/ubh/systtem.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121608/"
-"121607","2019-02-11 13:29:02","http://109.169.89.4/better/better.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/121607/"
+"121607","2019-02-11 13:29:02","http://109.169.89.4/better/better.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/121607/"
 "121606","2019-02-11 13:17:09","http://kmu-kaluga.ru/assets/images/cnt/benefits/jiz8.exe","offline","malware_download","exe,megalodon,payload,stage2","https://urlhaus.abuse.ch/url/121606/"
 "121605","2019-02-11 13:16:47","http://xn----7sbabegkij8byaeq9c3hpc.xn--p1ai/verif.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121605/"
 "121604","2019-02-11 13:16:41","http://xn-----6kcaceef5cqa0cjf2aojdi1c8h.xn--p1ai/verif.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121604/"
@@ -7605,13 +9451,13 @@
 "121564","2019-02-11 12:50:21","http://67.209.114.215/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121564/"
 "121563","2019-02-11 12:50:17","http://54.165.253.1/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121563/"
 "121562","2019-02-11 12:50:12","http://52.89.55.218/wp-content/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121562/"
-"121561","2019-02-11 12:50:08","http://52.211.179.190/Telekom/Rechnungen/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121561/"
+"121561","2019-02-11 12:50:08","http://52.211.179.190/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121561/"
 "121560","2019-02-11 12:50:05","http://52.15.227.66/Telekom/RechnungOnline/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121560/"
 "121559","2019-02-11 12:50:00","http://35.247.37.148/Telekom/Transaktion/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121559/"
-"121558","2019-02-11 12:49:58","http://35.200.161.87/Telekom/RechnungOnline/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121558/"
+"121558","2019-02-11 12:49:58","http://35.200.161.87/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121558/"
 "121557","2019-02-11 12:49:52","http://35.196.135.186/wordpress/Telekom/Transaktion/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121557/"
 "121556","2019-02-11 12:49:48","http://35.184.197.183/Telekom/Rechnung/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121556/"
-"121555","2019-02-11 12:49:44","http://3.16.186.154/Telekom/Rechnungen/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121555/"
+"121555","2019-02-11 12:49:44","http://3.16.186.154/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121555/"
 "121554","2019-02-11 12:49:41","http://217.107.219.34/ms.microsoft.com/api/drm/fsfxcD5GKKd/fsfxcD5GKKd/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/121554/"
 "121553","2019-02-11 12:49:40","http://206.189.45.178/wp-content/uploads/Telekom/RechnungOnline/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121553/"
 "121552","2019-02-11 12:49:36","http://204.93.160.43/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121552/"
@@ -7636,7 +9482,7 @@
 "121533","2019-02-11 12:16:06","http://roman.yava.tech:9000/putty.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121533/"
 "121532","2019-02-11 12:13:03","http://modernitiveconstruction.palab.info/DE_de/CBHSVLM4774839/Rechnung/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121532/"
 "121531","2019-02-11 12:12:20","http://brigitte-family.com/wp-content/languages/plugins/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121531/"
-"121530","2019-02-11 12:12:09","http://geepaulcast.com/aas/DR.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/121530/"
+"121530","2019-02-11 12:12:09","http://geepaulcast.com/aas/DR.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/121530/"
 "121529","2019-02-11 12:09:03","http://nikastroi.ru/de_DE/OPFGKIYNOF9358268/Rechnungs/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121529/"
 "121527","2019-02-11 12:08:05","http://bluebook-cd.com/wp-content/languages/plugins/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121527/"
 "121528","2019-02-11 12:08:05","http://bluebook-cd.com/wp-snapshots/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121528/"
@@ -7686,10 +9532,10 @@
 "121483","2019-02-11 11:10:25","http://thielepape.de/wp-content/themes/fizz/css/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121483/"
 "121482","2019-02-11 11:10:21","http://immobilien-dresdner-land.de/wp-content/themes/fashionistas/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/121482/"
 "121481","2019-02-11 11:10:05","http://re-set.fr/wp-content/themes/theme1438/includes/images/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121481/"
-"121480","2019-02-11 11:07:03","http://54.224.240.34/Februar2019/FDJASWPO8400835/DE/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121480/"
+"121480","2019-02-11 11:07:03","http://54.224.240.34/Februar2019/FDJASWPO8400835/DE/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121480/"
 "121479","2019-02-11 11:03:09","http://agence.nucleus.odns.fr/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/121479/"
-"121478","2019-02-11 11:03:02","http://52.66.236.210/HQHGLKQXFF6297535/DE_de/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121478/"
-"121477","2019-02-11 11:01:32","http://54.146.46.168/Februar2019/JYZTXITFS1861033/DE_de/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121477/"
+"121478","2019-02-11 11:03:02","http://52.66.236.210/HQHGLKQXFF6297535/DE_de/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121478/"
+"121477","2019-02-11 11:01:32","http://54.146.46.168/Februar2019/JYZTXITFS1861033/DE_de/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121477/"
 "121476","2019-02-11 11:00:07","http://vektorex.com/source/Z/10874000.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121476/"
 "121475","2019-02-11 10:55:04","http://62.141.55.98/wp/DE_de/WLSEDHREWI0259028/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121475/"
 "121474","2019-02-11 10:53:52","https://dl.dropboxusercontent.com/s/2ox7zpjqunx904g/flashplayer_42.38_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/121474/"
@@ -7908,7 +9754,7 @@
 "121261","2019-02-11 01:02:11","http://www.dropbox.com/s/m0hysy8h6ngwffd/TTAdvise890002365358299.jar?dl=1","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121261/"
 "121260","2019-02-11 01:02:07","http://www.dropbox.com/s/dl/49ng39szam8hwqb/TT41000046542894211.jar?dl=1","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121260/"
 "121259","2019-02-11 00:56:15","http://doom-66.ga/iedf(1).zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/121259/"
-"121258","2019-02-11 00:47:15","http://cdn.file6.goodid.com/28758658/2018/04/28/c4284a2a6c1b60247944a03cbaf930c5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121258/"
+"121258","2019-02-11 00:47:15","http://cdn.file6.goodid.com/28758658/2018/04/28/c4284a2a6c1b60247944a03cbaf930c5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/121258/"
 "121257","2019-02-11 00:43:04","http://xlabsgaze.com/apps/News/Invoice_5241792.jar","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121257/"
 "121256","2019-02-11 00:43:03","http://johnbearross.com/payments/Invoice_870564.jar","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121256/"
 "121255","2019-02-11 00:14:13","http://members.iinet.net.au/~sambo75/usps/USPS-shipping(ecopy)22-3235-44-Labels.jar","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121255/"
@@ -7991,19 +9837,19 @@
 "121178","2019-02-10 21:28:09","https://i.postimg.cc/sjfbPNwh/big.jpg?dl=1","offline","malware_download","Gozi,https://otx.alienvault.com/pulse/5c5d5b477bf4ce2c5ff9cc72,steganography,stego,ursnif","https://urlhaus.abuse.ch/url/121178/"
 "121177","2019-02-10 21:28:07","https://i.postimg.cc/LmLydg9G/DSC-0665-Versione-2.jpg?dl=1","offline","malware_download","Gozi,https://otx.alienvault.com/pulse/5c5d5b477bf4ce2c5ff9cc72,steganography,stego,ursnif","https://urlhaus.abuse.ch/url/121177/"
 "121176","2019-02-10 21:28:03","https://i.postimg.cc/PH6QvFvF/mario.png?dl=1","offline","malware_download","Gozi,https://otx.alienvault.com/pulse/5c5d5b477bf4ce2c5ff9cc72,steganography,stego,ursnif","https://urlhaus.abuse.ch/url/121176/"
-"121175","2019-02-10 20:57:16","http://185.81.157.124/wget","online","malware_download","elf","https://urlhaus.abuse.ch/url/121175/"
-"121174","2019-02-10 20:57:14","http://185.81.157.124/tftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121174/"
-"121172","2019-02-10 20:57:08","http://185.81.157.124/sh","online","malware_download","elf","https://urlhaus.abuse.ch/url/121172/"
-"121173","2019-02-10 20:57:08","http://185.81.157.124/sshd","online","malware_download","elf","https://urlhaus.abuse.ch/url/121173/"
-"121170","2019-02-10 20:57:07","http://185.81.157.124/openssh","online","malware_download","elf","https://urlhaus.abuse.ch/url/121170/"
-"121171","2019-02-10 20:57:07","http://185.81.157.124/pftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121171/"
-"121169","2019-02-10 20:57:06","http://185.81.157.124/ntpd","online","malware_download","elf","https://urlhaus.abuse.ch/url/121169/"
-"121167","2019-02-10 20:57:05","http://185.81.157.124/cron","online","malware_download","elf","https://urlhaus.abuse.ch/url/121167/"
-"121168","2019-02-10 20:57:05","http://185.81.157.124/ftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121168/"
-"121166","2019-02-10 20:57:04","http://185.81.157.124/bins.sh","online","malware_download","elf","https://urlhaus.abuse.ch/url/121166/"
-"121164","2019-02-10 20:57:03","http://185.81.157.124/apache2","online","malware_download","elf","https://urlhaus.abuse.ch/url/121164/"
-"121165","2019-02-10 20:57:03","http://185.81.157.124/bash","online","malware_download","elf","https://urlhaus.abuse.ch/url/121165/"
-"121163","2019-02-10 20:57:02","http://185.81.157.124/LauncherSurvieMod.exe","online","malware_download","elf","https://urlhaus.abuse.ch/url/121163/"
+"121175","2019-02-10 20:57:16","http://185.81.157.124/wget","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121175/"
+"121174","2019-02-10 20:57:14","http://185.81.157.124/tftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121174/"
+"121172","2019-02-10 20:57:08","http://185.81.157.124/sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121172/"
+"121173","2019-02-10 20:57:08","http://185.81.157.124/sshd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121173/"
+"121170","2019-02-10 20:57:07","http://185.81.157.124/openssh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121170/"
+"121171","2019-02-10 20:57:07","http://185.81.157.124/pftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121171/"
+"121169","2019-02-10 20:57:06","http://185.81.157.124/ntpd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121169/"
+"121167","2019-02-10 20:57:05","http://185.81.157.124/cron","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121167/"
+"121168","2019-02-10 20:57:05","http://185.81.157.124/ftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121168/"
+"121166","2019-02-10 20:57:04","http://185.81.157.124/bins.sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121166/"
+"121164","2019-02-10 20:57:03","http://185.81.157.124/apache2","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121164/"
+"121165","2019-02-10 20:57:03","http://185.81.157.124/bash","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121165/"
+"121163","2019-02-10 20:57:02","http://185.81.157.124/LauncherSurvieMod.exe","offline","malware_download","elf","https://urlhaus.abuse.ch/url/121163/"
 "121162","2019-02-10 20:42:06","http://47.88.21.111/wget","online","malware_download","elf","https://urlhaus.abuse.ch/url/121162/"
 "121161","2019-02-10 20:42:04","http://47.88.21.111/tftp","online","malware_download","elf","https://urlhaus.abuse.ch/url/121161/"
 "121160","2019-02-10 20:41:34","http://47.88.21.111/sshd","online","malware_download","elf","https://urlhaus.abuse.ch/url/121160/"
@@ -8228,11 +10074,11 @@
 "120941","2019-02-10 10:47:05","http://45.32.213.194/bins/KowaiB3.arm6","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120941/"
 "120940","2019-02-10 10:47:04","http://45.32.213.194/bins/KowaiB3.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120940/"
 "120939","2019-02-10 10:47:03","http://45.32.213.194/bins/KowaiB3.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120939/"
-"120938","2019-02-10 10:44:10","http://35.235.102.123/bins/telnet.spc","online","malware_download","elf","https://urlhaus.abuse.ch/url/120938/"
-"120937","2019-02-10 10:44:09","http://35.235.102.123/bins/telnet.sh4","online","malware_download","elf","https://urlhaus.abuse.ch/url/120937/"
-"120936","2019-02-10 10:44:07","http://35.235.102.123/bins/telnet.mpsl","online","malware_download","elf","https://urlhaus.abuse.ch/url/120936/"
-"120935","2019-02-10 10:44:06","http://35.235.102.123/bins/telnet.m68k","online","malware_download","elf","https://urlhaus.abuse.ch/url/120935/"
-"120934","2019-02-10 10:44:05","http://35.235.102.123/bins/ARES.sh","online","malware_download","elf","https://urlhaus.abuse.ch/url/120934/"
+"120938","2019-02-10 10:44:10","http://35.235.102.123/bins/telnet.spc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120938/"
+"120937","2019-02-10 10:44:09","http://35.235.102.123/bins/telnet.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120937/"
+"120936","2019-02-10 10:44:07","http://35.235.102.123/bins/telnet.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120936/"
+"120935","2019-02-10 10:44:06","http://35.235.102.123/bins/telnet.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120935/"
+"120934","2019-02-10 10:44:05","http://35.235.102.123/bins/ARES.sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120934/"
 "120933","2019-02-10 10:44:05","http://40.121.158.163/bins.sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120933/"
 "120932","2019-02-10 10:44:04","http://194.147.35.118/bins.sh","offline","malware_download","elf","https://urlhaus.abuse.ch/url/120932/"
 "120931","2019-02-10 10:41:12","http://babzon.club/hy.jpg","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/120931/"
@@ -8290,7 +10136,7 @@
 "120879","2019-02-10 07:47:06","http://neon-sky.com/L-POInv.exe","offline","malware_download","AgentTesla,exe,payload,rat,stage2","https://urlhaus.abuse.ch/url/120879/"
 "120878","2019-02-10 07:35:06","http://samjhwanki.com/order/xbxx.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/120878/"
 "120877","2019-02-10 07:35:05","http://samjhwanki.com/order/nnnn.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/120877/"
-"120876","2019-02-10 07:35:04","http://samjhwanki.com/order/aaaa.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/120876/"
+"120876","2019-02-10 07:35:04","http://samjhwanki.com/order/aaaa.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/120876/"
 "120875","2019-02-10 07:18:08","http://www.oktoberfestoutfit.com/fkj_Protected.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/120875/"
 "120874","2019-02-10 07:11:02","http://www.ijweaver.com/wp-content/themes/f2/images/color-schemes/ashan.russia.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/120874/"
 "120873","2019-02-10 07:09:10","http://jonathantercero.com/wp-content/themes/sonata/admin/assets/css/ashan.russia.zakaz.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/120873/"
@@ -8375,7 +10221,7 @@
 "120792","2019-02-10 01:36:02","http://www.nexxtech.fr/css/fonts/font-awesome/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/120792/"
 "120791","2019-02-10 01:29:03","http://www.therollingshop.com/wp-content/themes/therollingshop_v2/css.old/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/120791/"
 "120790","2019-02-10 01:24:03","http://198.58.116.19/admin201506/uploadApkFile/rt/20181227/r2018122720.zip","offline","malware_download","android,apk ,backdoor,compressed,zip","https://urlhaus.abuse.ch/url/120790/"
-"120789","2019-02-10 01:23:21","https://docs.google.com/uc?export=&id=1P0boW2aSEFr_bJZ4GyUZjBji0ccL7UQQ&53751059","offline","malware_download","None","https://urlhaus.abuse.ch/url/120789/"
+"120789","2019-02-10 01:23:21","https://docs.google.com/uc?export=&id=1P0boW2aSEFr_bJZ4GyUZjBji0ccL7UQQ&53751059","online","malware_download","None","https://urlhaus.abuse.ch/url/120789/"
 "120788","2019-02-10 01:17:11","http://157.230.165.111/yakuza.mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/120788/"
 "120787","2019-02-10 01:17:08","http://157.230.165.111/yakuza.x32","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/120787/"
 "120786","2019-02-10 01:17:05","http://157.230.165.111/yakuza.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/120786/"
@@ -8788,7 +10634,7 @@
 "120375","2019-02-08 19:49:15","http://martinoag.com/zii/DU.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/120375/"
 "120374","2019-02-08 19:49:05","https://hmrc-tax.club/man.exe","offline","malware_download","GandCrab","https://urlhaus.abuse.ch/url/120374/"
 "120373","2019-02-08 19:17:03","http://quesndr.myddns.rocks/00121IMG/IMG_0125.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/120373/"
-"120372","2019-02-08 19:12:06","http://lbermudez.000webhostapp.com/wp-content/themes/shapely/layouts/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/120372/"
+"120372","2019-02-08 19:12:06","http://lbermudez.000webhostapp.com/wp-content/themes/shapely/layouts/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/120372/"
 "120371","2019-02-08 19:10:08","http://cubeuser.tk/UPLOAD_PICTURE/uploads/office14.exe","offline","malware_download","exe,QuasarRAT","https://urlhaus.abuse.ch/url/120371/"
 "120370","2019-02-08 19:10:07","http://cubeuser.tk/UPLOAD_PICTURE/uploads/second%20test.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/120370/"
 "120369","2019-02-08 19:10:05","http://aiwaviagens.com/company/TwHSy-Qq0l_RpLsZtt-wWq/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/120369/"
@@ -8821,7 +10667,7 @@
 "120341","2019-02-08 18:44:12","http://epl.tmweb.ru/US_us/company/Copy_Invoice/eInk-9ilH_DWxGe-S/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/120341/"
 "120340","2019-02-08 18:44:11","http://pupr.sulbarprov.go.id/EN_en/document/XzDOb-5dbbQ_M-rT9/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/120340/"
 "120339","2019-02-08 18:44:06","http://emrecengiz.com.tr/En_us/file/SXEFu-uxay_Bmcki-O0/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/120339/"
-"120338","2019-02-08 18:44:05","http://bazee365.com/En_us/xerox/New_invoice/eaGw-6r_eTiDgj-W7/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/120338/"
+"120338","2019-02-08 18:44:05","http://bazee365.com/En_us/xerox/New_invoice/eaGw-6r_eTiDgj-W7/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/120338/"
 "120337","2019-02-08 18:18:10","http://fatemehmahmoudi.com/wp-admin/ciGPVd7a0RBCqeu_ys/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/120337/"
 "120336","2019-02-08 18:18:08","http://kotou-online.net/5qySwIfPo/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/120336/"
 "120335","2019-02-08 18:18:07","http://206.189.68.184/0dUNriPAVHj6e/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/120335/"
@@ -9028,7 +10874,7 @@
 "120134","2019-02-08 11:15:07","http://hairpd.com/stat/sputik.exe","offline","malware_download","exe,gootkit","https://urlhaus.abuse.ch/url/120134/"
 "120133","2019-02-08 11:14:06","http://www.semra.com/US/file/New_invoice/fczm-Vcl_uj-URv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/120133/"
 "120132","2019-02-08 11:10:08","http://92.63.197.153/w/1.exe","offline","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/120132/"
-"120131","2019-02-08 11:10:07","http://smarttechnets.com/US/llc/Copy_Invoice/7829722302168/ziGDT-fsXc_kjuo-UG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/120131/"
+"120131","2019-02-08 11:10:07","http://smarttechnets.com/US/llc/Copy_Invoice/7829722302168/ziGDT-fsXc_kjuo-UG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/120131/"
 "120130","2019-02-08 11:05:45","http://salonmango.by/file/Invoice_number/GZEx-0a9t_K-BRu/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/120130/"
 "120129","2019-02-08 11:05:37","http://sergiogio.com/EN_en/info/Inv/THMO-V46_p-jrP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/120129/"
 "120128","2019-02-08 11:05:34","http://uit.suharev.top/US_us/info/New_invoice/QnpX-ao_EPnkOz-uWe/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/120128/"
@@ -9176,15 +11022,15 @@
 "119976","2019-02-08 08:24:02","https://docs.google.com/uc?export=&id=1WvFJxDgobd1BWqBiutcOqwpiUj6wC3_Q","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119976/"
 "119975","2019-02-08 08:24:01","https://docs.google.com/uc?export=&id=1w1R_c9wg3z3r83Ff-LNMp-ixmNXxBdpL","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119975/"
 "119974","2019-02-08 08:23:59","https://docs.google.com/uc?export=&id=1TmYPo3YE3lUzaYN5w20MfYX6YaMp_UwY","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119974/"
-"119973","2019-02-08 08:23:58","https://docs.google.com/uc?export=&id=1SYsejolXobV64Rc4rklsz4IK9_2csiq5","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119973/"
+"119973","2019-02-08 08:23:58","https://docs.google.com/uc?export=&id=1SYsejolXobV64Rc4rklsz4IK9_2csiq5","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119973/"
 "119972","2019-02-08 08:23:57","https://docs.google.com/uc?export=&id=1sOmbFYwzacO6ksh9phgLtPtnS8ls5cS2","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119972/"
 "119971","2019-02-08 08:23:55","https://docs.google.com/uc?export=&id=1RJe46hywJ5y581vef13ipXUOnj1m8DKm","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119971/"
 "119970","2019-02-08 08:23:54","https://docs.google.com/uc?export=&id=1oaofepPwcwtcQLRSwSXkzGm563A9p1ja","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119970/"
 "119969","2019-02-08 08:23:52","https://docs.google.com/uc?export=&id=1NPgY2Op3kPNjv60pbfAQ_zdmb7RVZnuG","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119969/"
 "119968","2019-02-08 08:23:51","https://docs.google.com/uc?export=&id=1kk6FzeAFH2ISLcxQ4OYPRPRNHsMCYeZw","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119968/"
-"119967","2019-02-08 08:23:49","https://docs.google.com/uc?export=&id=1jYXSlIlTQwiJlUSigRsn8f0xl_rbrVLb","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119967/"
+"119967","2019-02-08 08:23:49","https://docs.google.com/uc?export=&id=1jYXSlIlTQwiJlUSigRsn8f0xl_rbrVLb","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119967/"
 "119966","2019-02-08 08:23:48","https://docs.google.com/uc?export=&id=1jRItcnp4neS59fOyJFYBGFxJCP2uNMvQ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119966/"
-"119965","2019-02-08 08:23:46","https://docs.google.com/uc?export=&id=1j3uS2pkT1upWmAo6o_ICQd6kgAizdtva","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119965/"
+"119965","2019-02-08 08:23:46","https://docs.google.com/uc?export=&id=1j3uS2pkT1upWmAo6o_ICQd6kgAizdtva","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119965/"
 "119964","2019-02-08 08:23:16","https://docs.google.com/uc?export=&id=1fRvg4YvDGXn9XlxSM-P18Q025oAGeIt9","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119964/"
 "119963","2019-02-08 08:23:14","https://docs.google.com/uc?export=&id=1FmvO1GDj1Hhri-icUOgrTM2xQ1A5j4r2","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119963/"
 "119962","2019-02-08 08:23:13","https://docs.google.com/uc?export=&id=1FfZ73oe8B0P503xOL57H3k_X9qdKacAL","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119962/"
@@ -9193,7 +11039,7 @@
 "119959","2019-02-08 08:23:08","https://docs.google.com/uc?export=&id=1bEsYM_0_KJ8fYxfsUdToTQBls91GFyQO","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119959/"
 "119958","2019-02-08 08:23:07","https://docs.google.com/uc?export=&id=1aZ88AncMIhKMlKMXxepmvV5zusqTdX0Z","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119958/"
 "119957","2019-02-08 08:23:04","https://docs.google.com/uc?export=&id=1AdZklNdErUVKieHIj_17M4KA71fYFUgY","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119957/"
-"119956","2019-02-08 08:23:03","https://docs.google.com/uc?export=&id=1_l0iB7LGB-fWqToAazhfueLkiDWlGEXs","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119956/"
+"119956","2019-02-08 08:23:03","https://docs.google.com/uc?export=&id=1_l0iB7LGB-fWqToAazhfueLkiDWlGEXs","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119956/"
 "119955","2019-02-08 07:48:11","http://firemaplegames.com/NNtM6qj4fa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119955/"
 "119954","2019-02-08 07:48:10","http://www.sinbadvoyage.com/5V6LU9T/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119954/"
 "119953","2019-02-08 07:48:07","http://punjabanmutyaar.com/XMsjd1E1S6/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119953/"
@@ -9336,7 +11182,7 @@
 "119814","2019-02-08 03:28:04","http://vervedevelopments.com/fe6f81f.msi","offline","malware_download","msi,payload,stage2","https://urlhaus.abuse.ch/url/119814/"
 "119813","2019-02-08 03:25:20","http://home.webadmin.syscoinc.org/vYOvERlCtc.php","offline","malware_download","AUS,DanaBot,exe,geofenced,headersfenced,Sandiflux","https://urlhaus.abuse.ch/url/119813/"
 "119812","2019-02-08 03:22:15","https://docs.google.com/uc?export=&id=17jp89aXCEAzHfw4_slHL17aep0fpvGwZ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119812/"
-"119811","2019-02-08 03:22:14","https://docs.google.com/uc?export=&id=1iTOuiJRlOHfinlkANWGsHaS7taDMWxjy","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119811/"
+"119811","2019-02-08 03:22:14","https://docs.google.com/uc?export=&id=1iTOuiJRlOHfinlkANWGsHaS7taDMWxjy","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119811/"
 "119810","2019-02-08 03:22:12","https://docs.google.com/uc?export=&id=1fQ8g504YfIigneDb6PkPPZH28Hl--8A-","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119810/"
 "119809","2019-02-08 03:21:42","https://docs.google.com/uc?export=&id=1wqapdW8YblJoYnJiKgMZg2uiPX38QwEZ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119809/"
 "119808","2019-02-08 03:21:41","https://docs.google.com/uc?export=&id=1Haoaqr13jBdbVnbkujcxPk_Q9jTt4qGJ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119808/"
@@ -9423,7 +11269,7 @@
 "119727","2019-02-07 23:54:33","http://lar.biz/US/info/Invoice_number/CSdY-Kop_ckG-XD/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119727/"
 "119726","2019-02-07 23:54:26","http://laprima.se/llc/Invoice_number/vvYUI-R9z_JZAnRfofa-TsR/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119726/"
 "119725","2019-02-07 23:54:23","http://kinesiocoach.ae/scan/WZLfd-CL_nEqBbuu-p4Z/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119725/"
-"119724","2019-02-07 23:54:18","http://greencampus.uho.ac.id/wp-content/uploads/En_us/document/Copy_Invoice/8458628/JnzUb-RS5pf_BQHzE-iw/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119724/"
+"119724","2019-02-07 23:54:18","http://greencampus.uho.ac.id/wp-content/uploads/En_us/document/Copy_Invoice/8458628/JnzUb-RS5pf_BQHzE-iw/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119724/"
 "119723","2019-02-07 23:54:13","http://further.tv/EN_en/company/Invoice_Notice/76200356901883/QieXO-su_M-5C/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119723/"
 "119722","2019-02-07 23:54:07","http://freelancer.rs/En/document/Inv/WGEOs-eVev_zKVOmBrNx-C1K/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119722/"
 "119721","2019-02-07 23:54:03","http://fondtomafound.org/wvvw/download/Invoice_Notice/19820688122/RKMFU-cs2cY_uL-3G/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119721/"
@@ -9586,7 +11432,7 @@
 "119564","2019-02-07 18:05:15","http://e.alobuta.net/En_us/corporation/Invoice_number/ggGSN-Kkw_nSCK-II/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119564/"
 "119563","2019-02-07 18:05:10","http://dcmax.com.br/US/Invoice/20222324179391/udFLD-duyr_PJyDJ-IP/","offline","malware_download","None","https://urlhaus.abuse.ch/url/119563/"
 "119562","2019-02-07 18:05:06","http://freediving.jworks.io/wordpress/EN_en/Copy_Invoice/oSFPo-fbU_v-iFk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119562/"
-"119561","2019-02-07 17:48:15","http://ortotomsk.ru/En/doc/mEtZg-szcJi_spMjMviIP-sk/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119561/"
+"119561","2019-02-07 17:48:15","http://ortotomsk.ru/En/doc/mEtZg-szcJi_spMjMviIP-sk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119561/"
 "119560","2019-02-07 17:48:12","http://acenationalevent.ft.unand.ac.id/xerox/Copy_Invoice/sSRlR-iN_YbWrVnb-dn/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119560/"
 "119559","2019-02-07 17:48:09","http://3.dohodtut.ru/En_us/info/Invoice_number/WkUv-a7hj1_MsAdWAwD-sJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119559/"
 "119558","2019-02-07 17:48:06","http://mayphatrasua.com/US_us/document/Invoice_Notice/68527544761887/QrTKR-a97p_BcOTzhZL-p4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119558/"
@@ -10146,8 +11992,8 @@
 "118999","2019-02-07 03:02:07","http://185.244.25.194/nicetryspecial/beatmymalware.arm7","offline","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118999/"
 "118996","2019-02-07 03:02:06","http://185.244.25.194/nicetryspecial/beatmymalware.arm","offline","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118996/"
 "118997","2019-02-07 03:02:06","http://185.244.25.194/nicetryspecial/beatmymalware.arm5","offline","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118997/"
-"118995","2019-02-07 03:02:05","http://154.85.35.82/bins/sora.spc","online","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118995/"
-"118994","2019-02-07 03:02:04","http://154.85.35.82/bins/sora.mpsl","online","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118994/"
+"118995","2019-02-07 03:02:05","http://154.85.35.82/bins/sora.spc","offline","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118995/"
+"118994","2019-02-07 03:02:04","http://154.85.35.82/bins/sora.mpsl","offline","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118994/"
 "118993","2019-02-07 03:02:03","http://139.59.25.145/bins/infinity.sh","online","malware_download","elf,payload","https://urlhaus.abuse.ch/url/118993/"
 "118992","2019-02-07 02:59:03","http://185.101.105.167/gay.x86_64","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/118992/"
 "118991","2019-02-07 02:59:02","http://87.236.212.240/fuck.m68","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/118991/"
@@ -10566,7 +12412,7 @@
 "118565","2019-02-06 17:01:17","http://meuanus.000webhostapp.com/uzi.sparc","offline","malware_download","elf,tsunami","https://urlhaus.abuse.ch/url/118565/"
 "118564","2019-02-06 17:01:16","http://meuanus.000webhostapp.com/uzi.m68k","offline","malware_download","elf,tsunami","https://urlhaus.abuse.ch/url/118564/"
 "118563","2019-02-06 17:01:15","http://meuanus.000webhostapp.com/uzi.mips","offline","malware_download","elf,tsunami","https://urlhaus.abuse.ch/url/118563/"
-"118562","2019-02-06 17:01:14","http://bazee365.com/En/corporation/30382554661949/Nvvv-hu_vEbCn-T2/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118562/"
+"118562","2019-02-06 17:01:14","http://bazee365.com/En/corporation/30382554661949/Nvvv-hu_vEbCn-T2/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/118562/"
 "118561","2019-02-06 17:01:12","http://157.230.213.59/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/118561/"
 "118560","2019-02-06 17:01:11","http://157.230.213.59/bins/sora.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/118560/"
 "118559","2019-02-06 17:01:10","http://namirest.ir/llc/New_invoice/359678569216972/eCGQC-MVscR_mgbdT-u6r/","offline","malware_download","None","https://urlhaus.abuse.ch/url/118559/"
@@ -10986,7 +12832,7 @@
 "118144","2019-02-06 05:32:10","http://watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/118144/"
 "118143","2019-02-06 05:32:05","http://23.249.161.100/IMM.EXE","online","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/118143/"
 "118142","2019-02-06 05:29:03","http://carmelpublications.com/home/a64f2adc7910483688f2f09418e00365/flashplayer31_xa_install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/118142/"
-"118141","2019-02-06 05:23:03","http://ksolare.com/fb/jb.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/118141/"
+"118141","2019-02-06 05:23:03","http://ksolare.com/fb/jb.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/118141/"
 "118140","2019-02-06 05:22:03","http://shop.theirishlinenstore.com/gtftt.png","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/118140/"
 "118139","2019-02-06 05:19:09","https://mokals1.cf/new/msc0900000298374.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/118139/"
 "118138","2019-02-06 05:19:08","https://mokals1.cf/news/msc08000024353.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/118138/"
@@ -11194,7 +13040,7 @@
 "117932","2019-02-05 21:20:10","http://tcaircargo.com/fb_personalize/S8cVB2O0FQJxa_IYFMQ5lE/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117932/"
 "117931","2019-02-05 21:20:06","http://debestevakantiedeals.nl/smVjfzShY/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117931/"
 "117930","2019-02-05 21:19:16","http://disticaretpro.tinmedya.com/acmethemes/ifWwmIYow9hVD/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117930/"
-"117929","2019-02-05 21:19:13","http://somamradiator.com/DwyBr05HfEJ//","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117929/"
+"117929","2019-02-05 21:19:13","http://somamradiator.com/DwyBr05HfEJ//","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117929/"
 "117928","2019-02-05 21:19:12","http://dev.worldsofttech.com/TGToBTgXMgJxTL/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117928/"
 "117927","2019-02-05 21:19:07","http://doostankhodro.com/fK6qaMppa/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117927/"
 "117926","2019-02-05 21:19:05","http://benjaminmay.co.uk/EN_en/info/New_invoice/94686056820378/wrFt-Kf_htuyU-ZVX/index.php.suspected","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/117926/"
@@ -11245,7 +13091,7 @@
 "117879","2019-02-05 20:49:03","https://pnc-us.com/system.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117879/"
 "117878","2019-02-05 20:45:03","http://430development.com/blog/chung.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/117878/"
 "117877","2019-02-05 20:44:12","http://lifeshop.xyz/wp-content/plugins/background-image-cropper/36a.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/117877/"
-"117876","2019-02-05 20:44:08","http://cdn4.css361.com/bh1.2.9.dat","offline","malware_download","exe","https://urlhaus.abuse.ch/url/117876/"
+"117876","2019-02-05 20:44:08","http://cdn4.css361.com/bh1.2.9.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/117876/"
 "117875","2019-02-05 20:43:03","https://sousvidetogo.com/PO/zoho.exe","offline","malware_download","exe,megalodon,payload,stage2","https://urlhaus.abuse.ch/url/117875/"
 "117874","2019-02-05 20:40:07","https://fs28.fex.net/get/710818010416/1214299728/cd8564b2/POEA%20ADVISORY.exe","offline","malware_download","exe,payload,rat,remcos,stage2","https://urlhaus.abuse.ch/url/117874/"
 "117873","2019-02-05 20:40:05","http://www.carellaugustus.com/MbvKW_bqm-IG/L9Z/Clients_Messages/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117873/"
@@ -11374,7 +13220,7 @@
 "117749","2019-02-05 17:38:26","http://bezplatnebadania.martinschulz.sldc.pl/LXgS_828N-xNCkIj/DV/Payment_details/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/117749/"
 "117748","2019-02-05 17:38:23","http://acenationalevent.ft.unand.ac.id/KSArVphFPBTi17xl/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117748/"
 "117747","2019-02-05 17:38:19","http://acm.kbtu.kz/p1bgBMnqGoNkh/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117747/"
-"117746","2019-02-05 17:38:15","http://ortotomsk.ru/O1v4nfV216KwNX/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117746/"
+"117746","2019-02-05 17:38:15","http://ortotomsk.ru/O1v4nfV216KwNX/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117746/"
 "117745","2019-02-05 17:38:14","http://jornalirece.com.br/JvPlToR8s4jFukCW1/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117745/"
 "117744","2019-02-05 17:38:11","http://maheshlunchhomeratnagiri.com/H6NW1MVHjhy1lhTXP/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117744/"
 "117743","2019-02-05 17:35:17","http://dcmax.com.br/EN_en/xerox/9558962232308/fJoJ-8bTwS_YQ-nf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117743/"
@@ -11525,7 +13371,7 @@
 "117597","2019-02-05 15:18:06","http://powerfm.gr/WHATSAPP.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/117597/"
 "117596","2019-02-05 15:18:04","http://logowework.com.br/EN_en/llc/Inv/1598179903/oPzmz-nQ0Xt_wVyT-LVK/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/117596/"
 "117595","2019-02-05 15:17:01","http://xn--zlbhdoihrubehkj3aq0g.gr/SKPx_4oS-QoJlUN/E0r/Clients_transactions/02_19/","offline","malware_download","None","https://urlhaus.abuse.ch/url/117595/"
-"117594","2019-02-05 15:11:59","http://somamradiator.com/DwyBr05HfEJ/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117594/"
+"117594","2019-02-05 15:11:59","http://somamradiator.com/DwyBr05HfEJ/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117594/"
 "117593","2019-02-05 15:11:53","http://spb0969.ru/JGXqQwLErqw/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117593/"
 "117592","2019-02-05 15:11:48","http://puertascuesta.com/nN5xhDQABfx/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117592/"
 "117591","2019-02-05 15:11:42","http://nairianthemes.com/xaS3TLPVBURpB/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/117591/"
@@ -11797,10 +13643,10 @@
 "117325","2019-02-05 02:42:06","https://backpage-inc.com/twerk.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117325/"
 "117324","2019-02-05 02:37:04","http://reverserett.org/1a262e0.msi","offline","malware_download","exe,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/117324/"
 "117323","2019-02-05 02:26:11","http://elinkco-com.ga/file/chuks.jpg","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117323/"
-"117322","2019-02-05 02:23:11","http://acropol.com.eg/pdf/wealthy.exe","online","malware_download","exe,HawkEye,Loki,payload,stage2","https://urlhaus.abuse.ch/url/117322/"
-"117321","2019-02-05 02:23:08","http://acropol.com.eg/pdf/sales.exe","online","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117321/"
-"117320","2019-02-05 02:23:06","http://acropol.com.eg/pdf/info.exe","online","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117320/"
-"117319","2019-02-05 02:23:04","http://acropol.com.eg/pdf/admin.exe","online","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117319/"
+"117322","2019-02-05 02:23:11","http://acropol.com.eg/pdf/wealthy.exe","offline","malware_download","exe,HawkEye,Loki,payload,stage2","https://urlhaus.abuse.ch/url/117322/"
+"117321","2019-02-05 02:23:08","http://acropol.com.eg/pdf/sales.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117321/"
+"117320","2019-02-05 02:23:06","http://acropol.com.eg/pdf/info.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117320/"
+"117319","2019-02-05 02:23:04","http://acropol.com.eg/pdf/admin.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117319/"
 "117318","2019-02-05 02:20:03","http://vektorex.com/source/Z/5809132.exe","offline","malware_download","AZORult,exe,payload,stage2","https://urlhaus.abuse.ch/url/117318/"
 "117317","2019-02-05 02:00:07","https://www.asialinklogistics.com/mkmike.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/117317/"
 "117316","2019-02-05 01:52:03","http://shop.theirishlinenstore.com/gggg.png","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117316/"
@@ -12059,7 +13905,7 @@
 "117063","2019-02-04 19:42:09","http://vektorex.com/source/Z/bb3.png","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117063/"
 "117062","2019-02-04 19:34:02","http://alessiopaolelli.com/paneecirco.com/likeme.exe","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117062/"
 "117061","2019-02-04 19:33:10","https://share.dmca.gripe/PAkhAfFPeiB6ngwV.jpg","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117061/"
-"117060","2019-02-04 19:30:07","http://mobj.qp265.cn/appd/328401.apk","online","malware_download","android,apk ","https://urlhaus.abuse.ch/url/117060/"
+"117060","2019-02-04 19:30:07","http://mobj.qp265.cn/appd/328401.apk","offline","malware_download","android,apk ","https://urlhaus.abuse.ch/url/117060/"
 "117059","2019-02-04 19:29:03","http://vektorex.com/source/Z/1506778.png","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117059/"
 "117058","2019-02-04 19:25:11","http://oluyamachine.xyz/m/yaski.exe","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117058/"
 "117057","2019-02-04 19:23:07","http://oluyamachine.xyz/m/smart.exe","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117057/"
@@ -12441,7 +14287,7 @@
 "116678","2019-02-04 11:53:06","http://23.249.164.131/feb/jay/jay.exe","online","malware_download","avemaria,HawkEye","https://urlhaus.abuse.ch/url/116678/"
 "116676","2019-02-04 11:53:05","http://23.249.164.131/feb/apo/apo.exe","online","malware_download","avemaria","https://urlhaus.abuse.ch/url/116676/"
 "116675","2019-02-04 11:53:04","http://23.249.164.131/feb/apo/avia_output51A86E0.exe","offline","malware_download","avemaria,stealer","https://urlhaus.abuse.ch/url/116675/"
-"116674","2019-02-04 11:53:04","http://23.249.164.131/feb/sel/sel.exe","online","malware_download","avemaria,stealer","https://urlhaus.abuse.ch/url/116674/"
+"116674","2019-02-04 11:53:04","http://23.249.164.131/feb/sel/sel.exe","offline","malware_download","avemaria,stealer","https://urlhaus.abuse.ch/url/116674/"
 "116673","2019-02-04 11:22:09","http://185.101.105.163:80/bins/Solstice.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116673/"
 "116672","2019-02-04 11:22:08","http://179.99.181.225:21847/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116672/"
 "116671","2019-02-04 10:55:05","http://142.93.50.9/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116671/"
@@ -12781,26 +14627,26 @@
 "116337","2019-02-03 16:50:02","http://thales-las.cfdt-fgmm.fr/cgi-bin/xpga-NRvI_kkQovJftn-dL/INVOICE/En_us/Paid-Invoices","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116337/"
 "116336","2019-02-03 16:45:03","http://3kiloafvallen.nl/sWDlr-q5u_FsNMocV-3KF/invoices/41919/0909/En/Invoice-for-you","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116336/"
 "116335","2019-02-03 16:45:02","http://kymviet.vn/ANEHB-k3k6_flfNTqfNo-7v/INV/17688FORPO/5730691123/En_us/Invoice-Corrections-for-66/89","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116335/"
-"116334","2019-02-03 15:52:11","http://154.85.35.82/bins/sora.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116334/"
-"116333","2019-02-03 15:52:10","http://154.85.35.82/bins/sora.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116333/"
-"116332","2019-02-03 15:52:08","http://154.85.35.82/bins/sora.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116332/"
+"116334","2019-02-03 15:52:11","http://154.85.35.82/bins/sora.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116334/"
+"116333","2019-02-03 15:52:10","http://154.85.35.82/bins/sora.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116333/"
+"116332","2019-02-03 15:52:08","http://154.85.35.82/bins/sora.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116332/"
 "116331","2019-02-03 15:42:03","http://igsm.co/etep-3tF13_iy-6Ov/En_us/Past-Due-Invoices","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116331/"
-"116330","2019-02-03 15:34:03","http://154.85.35.82/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116330/"
+"116330","2019-02-03 15:34:03","http://154.85.35.82/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116330/"
 "116329","2019-02-03 15:30:12","http://ghostbirdmovie.com/A-z1-s5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116329/"
-"116328","2019-02-03 15:30:08","http://154.85.35.82/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116328/"
-"116327","2019-02-03 15:30:06","http://154.85.35.82/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116327/"
-"116326","2019-02-03 15:30:05","http://154.85.35.82/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116326/"
-"116325","2019-02-03 15:30:03","http://154.85.35.82/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116325/"
-"116324","2019-02-03 15:27:03","http://154.85.35.82/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116324/"
+"116328","2019-02-03 15:30:08","http://154.85.35.82/bins/sora.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116328/"
+"116327","2019-02-03 15:30:06","http://154.85.35.82/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116327/"
+"116326","2019-02-03 15:30:05","http://154.85.35.82/bins/sora.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116326/"
+"116325","2019-02-03 15:30:03","http://154.85.35.82/bins/sora.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116325/"
+"116324","2019-02-03 15:27:03","http://154.85.35.82/bins/sora.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116324/"
 "116323","2019-02-03 15:23:06","http://88.248.84.169:54777/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116323/"
 "116322","2019-02-03 15:23:03","http://104.174.110.58:10293/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116322/"
-"116321","2019-02-03 14:20:03","http://154.85.35.82:80/bins/sora.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116321/"
+"116321","2019-02-03 14:20:03","http://154.85.35.82:80/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116321/"
 "116320","2019-02-03 14:18:06","http://73.30.143.246:45663/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116320/"
-"116319","2019-02-03 14:18:04","http://154.85.35.82:80/bins/sora.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116319/"
-"116318","2019-02-03 14:18:03","http://154.85.35.82:80/bins/sora.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116318/"
-"116317","2019-02-03 14:17:04","http://154.85.35.82:80/bins/sora.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116317/"
-"116316","2019-02-03 14:17:03","http://154.85.35.82:80/bins/sora.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116316/"
-"116315","2019-02-03 14:16:03","http://154.85.35.82:80/bins/sora.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116315/"
+"116319","2019-02-03 14:18:04","http://154.85.35.82:80/bins/sora.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116319/"
+"116318","2019-02-03 14:18:03","http://154.85.35.82:80/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116318/"
+"116317","2019-02-03 14:17:04","http://154.85.35.82:80/bins/sora.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116317/"
+"116316","2019-02-03 14:17:03","http://154.85.35.82:80/bins/sora.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116316/"
+"116315","2019-02-03 14:16:03","http://154.85.35.82:80/bins/sora.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116315/"
 "116314","2019-02-03 13:24:04","http://helpingpawsrescueinc.org/wp-content/gallery/rwerwefrew/thumbs/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/116314/"
 "116313","2019-02-03 13:17:09","http://104.168.144.199/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116313/"
 "116312","2019-02-03 13:17:08","http://hostnamepxssy.club/bins/cock.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116312/"
@@ -12954,7 +14800,7 @@
 "116164","2019-02-03 06:15:07","http://138.197.153.211/jdabfsjkhfasl/jiren.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116164/"
 "116163","2019-02-03 06:15:04","http://128.199.96.104/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116163/"
 "116162","2019-02-03 06:09:13","http://1.52.29.71:58479/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116162/"
-"116161","2019-02-03 06:09:05","http://201.37.141.128:31742/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116161/"
+"116161","2019-02-03 06:09:05","http://201.37.141.128:31742/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116161/"
 "116160","2019-02-03 05:45:19","http://andreysharanov.info/app/updateprofile-0128.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116160/"
 "116159","2019-02-03 05:24:04","http://andreysharanov.info/app/winboxscan-1003-2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116159/"
 "116158","2019-02-03 05:17:26","http://andreysharanov.info/app/vc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116158/"
@@ -12968,10 +14814,10 @@
 "116150","2019-02-03 03:40:04","http://gedzac.com/ezine/Gedzac.Mitosis.Ezine.1.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/116150/"
 "116149","2019-02-03 01:35:11","http://174.128.239.250/csrse.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116149/"
 "116148","2019-02-03 00:15:06","http://99.62.142.44:35698/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116148/"
-"116147","2019-02-03 00:09:12","http://dx52.downyouxi.com/jingdianchongwulianliankan5.2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116147/"
-"116146","2019-02-02 23:41:13","http://dx55.downyouxi.com/jingdianchongwulianliankan5.2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116146/"
-"116145","2019-02-02 23:30:26","http://dx51.downyouxi.com/jingdianchongwulianliankan5.2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116145/"
-"116144","2019-02-02 22:18:39","http://dx84.downyouxi.com/dongkuwuyuwaichuanzhongwenban.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116144/"
+"116147","2019-02-03 00:09:12","http://dx52.downyouxi.com/jingdianchongwulianliankan5.2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116147/"
+"116146","2019-02-02 23:41:13","http://dx55.downyouxi.com/jingdianchongwulianliankan5.2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116146/"
+"116145","2019-02-02 23:30:26","http://dx51.downyouxi.com/jingdianchongwulianliankan5.2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116145/"
+"116144","2019-02-02 22:18:39","http://dx84.downyouxi.com/dongkuwuyuwaichuanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116144/"
 "116143","2019-02-02 21:06:05","http://www.wsgenius.com/install/a1/tgStats.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/116143/"
 "116142","2019-02-02 20:34:29","http://down8.downyouxi.com/dongkuwuyuwaichuanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116142/"
 "116141","2019-02-02 20:22:40","http://wt50.downyouxi.com/jingdianchongwulianliankan5.2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116141/"
@@ -13454,7 +15300,7 @@
 "115664","2019-02-01 23:20:08","http://marcin-wojtynek.pl/Wfbbk_UPY-SUPPphD/tW/Clients_transactions/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115664/"
 "115663","2019-02-01 23:20:06","http://longhauriverside.com.vn/xuSml_HO7-VLCro/HN/Clients_transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115663/"
 "115662","2019-02-01 23:20:03","http://aranda.u0418940.cp.regruhosting.ru/uGjv_ijCj-miosSwz/wqD/Payment_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115662/"
-"115661","2019-02-01 22:28:09","http://190.68.44.60:10253/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115661/"
+"115661","2019-02-01 22:28:09","http://190.68.44.60:10253/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115661/"
 "115660","2019-02-01 22:28:06","http://130.204.77.76:52159/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115660/"
 "115659","2019-02-01 22:28:03","http://205.185.120.227:80/Binarys/Owari.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115659/"
 "115658","2019-02-01 22:27:03","http://205.185.120.227:80/Binarys/Owari.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/115658/"
@@ -13613,7 +15459,7 @@
 "115505","2019-02-01 19:42:06","http://belyi.ug/eu.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/115505/"
 "115504","2019-02-01 18:34:03","http://www.moh.sk.gov.ng/files/treu.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/115504/"
 "115503","2019-02-01 18:23:09","http://steam-money.ru/load.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115503/"
-"115502","2019-02-01 18:23:07","http://183.99.140.11:20134/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115502/"
+"115502","2019-02-01 18:23:07","http://183.99.140.11:20134/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115502/"
 "115501","2019-02-01 18:23:04","http://46.249.127.224:7849/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115501/"
 "115500","2019-02-01 18:21:06","http://189.18.170.50:23583/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115500/"
 "115499","2019-02-01 18:11:06","http://7-chicken.multishop.co.id/US_us/llc/5534=905732028/qoIo-wyD_plk-4S/","offline","malware_download","doc,emotet,url","https://urlhaus.abuse.ch/url/115499/"
@@ -13872,7 +15718,7 @@
 "115247","2019-02-01 09:50:04","http://m22tamia62jorge.city/xap_102b-AZ1/704e.php?l=quarck3.gas","offline","malware_download","exe,geofenced,ursnif,USA","https://urlhaus.abuse.ch/url/115247/"
 "115245","2019-02-01 09:50:03","http://m22tamia62jorge.city/xap_102b-AZ1/704e.php?l=quarck1.gas","offline","malware_download","exe,geofenced,Gozi,ursnif,USA","https://urlhaus.abuse.ch/url/115245/"
 "115244","2019-02-01 09:36:04","http://pharmakinesis.ge/AT_T_Account/VEoeiLs8cd_L7SAZf_vioDWkkAs/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/115244/"
-"115243","2019-02-01 09:26:11","http://5.236.19.179:35555/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115243/"
+"115243","2019-02-01 09:26:11","http://5.236.19.179:35555/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115243/"
 "115242","2019-02-01 09:25:03","http://168.235.81.176:80/bins/kowai.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115242/"
 "115241","2019-02-01 09:24:03","http://168.235.81.176:80/bins/kowai.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115241/"
 "115240","2019-02-01 09:02:07","http://mildibsilgip.com/d.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115240/"
@@ -14178,7 +16024,7 @@
 "114926","2019-01-31 22:05:09","http://exploringviews.com/Orders_details/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114926/"
 "114925","2019-01-31 22:05:07","http://clipestan.com/AT_T_Account/LSRRjWhIv_5rWQKwktt_hZH5T/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114925/"
 "114924","2019-01-31 22:05:05","http://bcvolna.ru/AT_T/JO3JQAtDyHi_pxBR0EG_o2sg1/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114924/"
-"114923","2019-01-31 22:05:04","http://bazee365.com/ATT/0pT8k_DJg9mzye_olNiIzR/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114923/"
+"114923","2019-01-31 22:05:04","http://bazee365.com/ATT/0pT8k_DJg9mzye_olNiIzR/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114923/"
 "114922","2019-01-31 21:51:03","https://reconditeohouses.surge.sh/Payment_Summary_122118.xlsx","online","malware_download","excel,formbok,macros,spreadsheet,stage1","https://urlhaus.abuse.ch/url/114922/"
 "114921","2019-01-31 21:49:04","https://www.dropbox.com/s/3bxfp2z0z83u639/factura_f0830115570000000422D.uue?dl=1","offline","malware_download","compressed,exe,njRAT,payload,winrar","https://urlhaus.abuse.ch/url/114921/"
 "114920","2019-01-31 21:41:16","http://raj-tandooriwidnes.co.uk/En_us/document/New_invoice/eUMxS-wRbj_ehll-nSO/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114920/"
@@ -14382,16 +16228,16 @@
 "114714","2019-01-31 15:57:06","http://travel-advices.ru/uOGbU-WfrAT_qTVvZQyC-YG/Southwire/AAD588115110/US/Invoice-for-n/f-01/31/2019/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114714/"
 "114713","2019-01-31 15:57:05","http://shopping.solarforthai.com/wp-content/cache/wpfc-minified/BWLh-8cC_YJbiO-gs/INV/371816FORPO/342128572843/En/Invoice-219079/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/114713/"
 "114712","2019-01-31 15:53:09","https://my.mixtape.moe/xyvdrv.htaa","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/114712/"
-"114711","2019-01-31 15:51:13","http://rbgrouptech.000webhostapp.com/wp-content/themes/shapely/woocommerce/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114711/"
+"114711","2019-01-31 15:51:13","http://rbgrouptech.000webhostapp.com/wp-content/themes/shapely/woocommerce/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114711/"
 "114710","2019-01-31 15:51:11","http://qf.com.ve/NBOvm-NBJc_SVxzkjmw-svu/invoices/36473/57592/US/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114710/"
 "114708","2019-01-31 15:51:08","http://basisonderwijs.sr/myATT/sSb_4JjrWVC_FhodD9/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114708/"
 "114709","2019-01-31 15:51:08","http://u31863p27156.web0101.zxcs.nl/UQmk-iTghr_YkTRwXH-AN/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114709/"
 "114707","2019-01-31 15:51:03","http://kjndiagnosticcentre.com/AT_T_Online/Qne_joj0lC_7z3xh1DC/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114707/"
-"114706","2019-01-31 15:50:05","https://musojoe.com/wp-content/themes/Divi/css/tinymce-skin/fonts/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/114706/"
-"114705","2019-01-31 15:49:08","http://montolla.tk/templates/bymontolla/js/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114705/"
+"114706","2019-01-31 15:50:05","https://musojoe.com/wp-content/themes/Divi/css/tinymce-skin/fonts/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114706/"
+"114705","2019-01-31 15:49:08","http://montolla.tk/templates/bymontolla/js/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114705/"
 "114704","2019-01-31 15:49:04","http://xindetrading.000webhostapp.com/wp-content/themes/shapely/template-parts/layouts/mesg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114704/"
-"114703","2019-01-31 15:48:11","http://xindetrading.000webhostapp.com/wp-content/themes/shapely/template-parts/layouts/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114703/"
-"114702","2019-01-31 15:41:06","https://aialogisticsltd.com/wp-content/themes/erzen/css/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114702/"
+"114703","2019-01-31 15:48:11","http://xindetrading.000webhostapp.com/wp-content/themes/shapely/template-parts/layouts/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114703/"
+"114702","2019-01-31 15:41:06","https://aialogisticsltd.com/wp-content/themes/erzen/css/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114702/"
 "114701","2019-01-31 15:35:15","http://online-printing.c.api-central.net/ATTBusiness/bi8_e0nMBsnnu_EOrfiV61/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114701/"
 "114700","2019-01-31 15:35:10","http://staffkabattle.ru/myATT/4hjYbVkhRo_452JUjB_nOn8bhKx/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114700/"
 "114698","2019-01-31 15:35:05","http://xn--80adg3b.net/kE9_6iaxBF_WWLBR8Mxnu/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114698/"
@@ -14421,10 +16267,10 @@
 "114674","2019-01-31 15:19:07","http://72.52.243.16/pHSPU-bi0a_nsbUjtygy-HN/EXT/PaymentStatus/EN_en/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114674/"
 "114673","2019-01-31 15:19:05","http://arkan.cv.ua/document/Invoice/VkoJl-cD_i-S7/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114673/"
 "114672","2019-01-31 15:19:03","http://www.egind.ru/file/KNRGU-eX_TeTkeh-Fvv/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114672/"
-"114671","2019-01-31 15:13:13","http://supersnacks.rocks/OLD/wp-admin/css/colors/blue/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/114671/"
+"114671","2019-01-31 15:13:13","http://supersnacks.rocks/OLD/wp-admin/css/colors/blue/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114671/"
 "114670","2019-01-31 15:11:22","http://www.lawaaike.nl/wordpress/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114670/"
 "114669","2019-01-31 15:11:11","http://fayanscimustafa.com/wp-content/themes/bridge/includes/comment/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114669/"
-"114668","2019-01-31 15:10:14","http://www.sale-petit-bonhomme.com/wp-content/themes/twentythirteen/languages/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/114668/"
+"114668","2019-01-31 15:10:14","http://www.sale-petit-bonhomme.com/wp-content/themes/twentythirteen/languages/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114668/"
 "114667","2019-01-31 15:10:05","http://rescue8.org/images/JoeArroyo/Noticiass.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114667/"
 "114666","2019-01-31 15:08:36","http://danieljenkins2000.000webhostapp.com/wp-content/themes/shapely/languages/mesg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114666/"
 "114665","2019-01-31 15:08:13","http://kensei-kogyo.com/wpmain/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114665/"
@@ -14508,7 +16354,7 @@
 "114586","2019-01-31 13:00:08","https://share.dmca.gripe/1uyCdHGCBWOJumQM.png","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114586/"
 "114584","2019-01-31 12:56:36","https://autolikely.com/wp-content/themes/Divi/lang/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114584/"
 "114583","2019-01-31 12:56:32","http://www.dixo.se/templates/siteground-j15-34/images/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114583/"
-"114582","2019-01-31 12:56:25","http://orhangencebay.gen.tr/templates/rhuk_milkyway/css/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114582/"
+"114582","2019-01-31 12:56:25","http://orhangencebay.gen.tr/templates/rhuk_milkyway/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114582/"
 "114581","2019-01-31 12:56:22","http://caraccessonriesr9.com/aewiklm/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114581/"
 "114580","2019-01-31 12:56:18","http://nienkevanhijum.nl/wp-content/themes/elastico/includes/postformats/single/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114580/"
 "114579","2019-01-31 12:56:17","https://berkje.com/wp-content/themes/berkje/slider/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114579/"
@@ -14563,23 +16409,23 @@
 "114530","2019-01-31 12:50:56","https://www.shatki.info/templates/ld_benew/images/blue/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114530/"
 "114529","2019-01-31 12:50:54","http://rbgrouptech.000webhostapp.com/wp-content/themes/shapely/woocommerce/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114529/"
 "114528","2019-01-31 12:50:39","https://psychoactive-mentio.000webhostapp.com/wp-content/themes/envo-business/lib/customizer/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114528/"
-"114527","2019-01-31 11:46:03","http://gsscomputers.co.uk/templates/a4joomla/js/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114527/"
+"114527","2019-01-31 11:46:03","http://gsscomputers.co.uk/templates/a4joomla/js/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114527/"
 "114526","2019-01-31 11:44:05","http://mail.optiua.com/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114526/"
 "114525","2019-01-31 11:31:09","http://cozynetworks.com/templates/innovativelab/src/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114525/"
 "114524","2019-01-31 11:18:02","http://recopter.free.fr/m4567.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114524/"
 "114523","2019-01-31 10:22:03","http://159.65.79.227/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114523/"
 "114522","2019-01-31 10:21:03","http://stradious.com/wp-includes/ID3/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114522/"
-"114521","2019-01-31 10:20:09","http://mock.fpdev.xyz/ee/assets/css/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114521/"
+"114521","2019-01-31 10:20:09","http://mock.fpdev.xyz/ee/assets/css/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114521/"
 "114520","2019-01-31 10:20:07","http://stringletter.com/wp-content/themes/oneengine/fonts/messg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/114520/"
 "114519","2019-01-31 10:18:05","http://vektorex.com/source/Z/20659117.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114519/"
-"114518","2019-01-31 10:13:07","http://stringletter.com/wp-content/themes/oneengine/plugins/admin-core/assets/css/vendor/elusive-icons/font/massg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/114518/"
+"114518","2019-01-31 10:13:07","http://stringletter.com/wp-content/themes/oneengine/plugins/admin-core/assets/css/vendor/elusive-icons/font/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114518/"
 "114517","2019-01-31 10:10:04","http://synergyconsultantsindia.com/new/GST%20Payment%20Challan.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/114517/"
 "114516","2019-01-31 10:06:04","https://www.fibeex.com/wp-content/themes/businext/components/headers/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114516/"
 "114515","2019-01-31 10:04:12","http://paewaterfilter.com/administrator/cache/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114515/"
-"114514","2019-01-31 10:04:07","http://skincareshopbeauty.com/administrator/cache/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114514/"
+"114514","2019-01-31 10:04:07","http://skincareshopbeauty.com/administrator/cache/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114514/"
 "114513","2019-01-31 09:59:02","http://fibeex.com/wp-content/themes/businext/components/headers/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114513/"
 "114512","2019-01-31 09:57:06","https://www.fibeex.com/wp-content/themes/businext/framework/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114512/"
-"114511","2019-01-31 09:51:06","http://tekanova.com/templates/templategeo_26/css/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114511/"
+"114511","2019-01-31 09:51:06","http://tekanova.com/templates/templategeo_26/css/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114511/"
 "114510","2019-01-31 09:35:04","https://linkcomputers.co.in/1/a.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114510/"
 "114509","2019-01-31 09:34:26","http://innisfreesvn.com/wp-content/plugins/wordpress-seo/admin/views/tabs/metas/paper-content/post_type/admini.hta","online","malware_download","hta","https://urlhaus.abuse.ch/url/114509/"
 "114508","2019-01-31 09:34:25","http://innisfreesvn.com/wp-content/plugins/wordpress-seo/admin/views/tabs/metas/paper-content/post_type/Systtem.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114508/"
@@ -14977,7 +16823,7 @@
 "114037","2019-01-30 18:17:29","http://m0pedx9.ru/get-ip/ny2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114037/"
 "114036","2019-01-30 18:17:22","http://m0pedx9.ru/get-ip/awtup_game.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/114036/"
 "114035","2019-01-30 18:17:14","http://m0pedx9.ru/get-ip/sehost.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114035/"
-"114034","2019-01-30 18:16:14","http://yzbek.co.ug/l/loader.exe","offline","malware_download","exe,tinynuke","https://urlhaus.abuse.ch/url/114034/"
+"114034","2019-01-30 18:16:14","http://yzbek.co.ug/l/loader.exe","online","malware_download","exe,tinynuke","https://urlhaus.abuse.ch/url/114034/"
 "114033","2019-01-30 18:16:09","http://supergct.com/Orders_details/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/114033/"
 "114032","2019-01-30 18:15:08","http://84.38.133.155/vn/fb7e1a072f.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114032/"
 "114031","2019-01-30 18:09:14","http://moscow00.online/GetDataAVK.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114031/"
@@ -15044,8 +16890,8 @@
 "113969","2019-01-30 16:51:13","http://jaspinformatica.com/Transactions-details/01_19/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113969/"
 "113968","2019-01-30 16:51:08","http://demo.minecraft.edu.vn/Orders-details/2019-01/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113968/"
 "113967","2019-01-30 16:51:05","http://heizungsnotdienst-sofort.de/Clients_transactions/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/113967/"
-"113966","2019-01-30 16:40:37","http://joinjohndoeit.000webhostapp.com/wp-content/themes/shapely/inc/custom-controls/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113966/"
-"113965","2019-01-30 16:40:18","http://tontonfilms.com/wp-content/themes/garnish/admin/css/massg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113965/"
+"113966","2019-01-30 16:40:37","http://joinjohndoeit.000webhostapp.com/wp-content/themes/shapely/inc/custom-controls/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113966/"
+"113965","2019-01-30 16:40:18","http://tontonfilms.com/wp-content/themes/garnish/admin/css/massg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113965/"
 "113964","2019-01-30 16:35:19","https://influenceinasia.com/documentation/important.eml","offline","malware_download","exe,GBR,Gozi","https://urlhaus.abuse.ch/url/113964/"
 "113963","2019-01-30 16:35:11","https://gsncloud-my.sharepoint.com/:u:/g/personal/lpower_gsn_com_au/ESQIlQzDaD9KnDCE0qnDTYgBqDrFTzxNTx8qvRWFJg9l1w?e=wlUeWV&download=1","offline","malware_download","GBR,Gozi,zipped-VBS","https://urlhaus.abuse.ch/url/113963/"
 "113962","2019-01-30 16:25:23","http://thanhlapdoanhnghiephnh.com/dWwuk-QHH_H-rJ8/PaymentStatus/En/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113962/"
@@ -15059,7 +16905,7 @@
 "113954","2019-01-30 16:14:26","http://jawfin.net/jka/jkadmin.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113954/"
 "113953","2019-01-30 16:14:18","http://xmrcgpu.com/XMRCGPU.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113953/"
 "113952","2019-01-30 16:12:14","http://tree.sibcat.info/nik/steps/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113952/"
-"113951","2019-01-30 16:12:07","http://yzbek.co.ug/b/build.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113951/"
+"113951","2019-01-30 16:12:07","http://yzbek.co.ug/b/build.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113951/"
 "113950","2019-01-30 16:07:09","http://0qixri.thule.su/xCDUf-Ga_PgRWRt-2H/COMET/SIGNS/PAYMENT/NOTIFICATION/01/30/2019/US/Inv-74740-PO-6W488365/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113950/"
 "113949","2019-01-30 16:07:03","http://posadaelnogal.000webhostapp.com/wp-content/themes/shapely/page-templates/mesg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113949/"
 "113948","2019-01-30 16:06:19","http://bienhieutrongnha.com/forum/cache/mesg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113948/"
@@ -15389,7 +17235,7 @@
 "113615","2019-01-30 09:59:25","http://produccion.sanmartindelosandes.gov.ar/wp-content/uploads/Telekom/Rechnungen/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113615/"
 "113614","2019-01-30 09:59:19","http://187.133.216.180:61412/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113614/"
 "113613","2019-01-30 09:59:16","http://112.197.238.164:42349/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113613/"
-"113612","2019-01-30 09:59:08","http://79.182.34.229:55164/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113612/"
+"113612","2019-01-30 09:59:08","http://79.182.34.229:55164/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113612/"
 "113611","2019-01-30 09:59:06","http://1.53.211.23:20049/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113611/"
 "113610","2019-01-30 09:59:02","http://122.117.99.185:1691/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113610/"
 "113609","2019-01-30 09:58:58","http://80.211.89.26/bins/daku.arc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113609/"
@@ -15859,11 +17705,11 @@
 "113138","2019-01-29 18:22:04","http://165.227.36.38/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113138/"
 "113139","2019-01-29 18:22:04","http://165.227.36.38/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113139/"
 "113137","2019-01-29 18:22:03","http://165.227.36.38:80/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113137/"
-"113136","2019-01-29 18:12:11","http://109.169.89.4/good/good.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113136/"
+"113136","2019-01-29 18:12:11","http://109.169.89.4/good/good.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113136/"
 "113135","2019-01-29 18:11:27","http://125.137.120.54:56267/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113135/"
 "113134","2019-01-29 18:11:18","http://60.250.242.72:13230/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113134/"
 "113133","2019-01-29 18:11:08","http://185.244.25.194:80/nicetryspecial/kowaii.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113133/"
-"113132","2019-01-29 18:03:06","http://109.169.89.4/doc/bin_output35D3330.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113132/"
+"113132","2019-01-29 18:03:06","http://109.169.89.4/doc/bin_output35D3330.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113132/"
 "113131","2019-01-29 18:01:18","http://s3.eu-west-2.amazonaws.com/mardosim1/lado.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113131/"
 "113130","2019-01-29 18:00:03","http://185.244.25.194/nicetryspecial/kowaii.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/113130/"
 "113129","2019-01-29 17:48:10","http://belyi.ug/t2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113129/"
@@ -15897,7 +17743,7 @@
 "113099","2019-01-29 17:06:10","http://gjsdiscos.org.uk/xZAw-Rbzn0_CEig-dQ/INV/946819FORPO/65837795454/EN_en/Invoice-for-x/q-01/29/2019/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113099/"
 "113098","2019-01-29 17:06:09","http://maximcom.in/dtVSy-Sxf3D_pgLCAR-01U/OQ33/invoicing/En_us/Inv-02056-PO-5Q971975/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113098/"
 "113097","2019-01-29 17:06:05","http://markbit.io/VfSm-2nZz_s-jA/EXT/PaymentStatus/US/Invoice-6939803/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113097/"
-"113096","2019-01-29 17:03:03","http://109.169.89.4/job/job.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/113096/"
+"113096","2019-01-29 17:03:03","http://109.169.89.4/job/job.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/113096/"
 "113095","2019-01-29 17:02:02","http://salongolenarges.ir/urEO_Gj9-Ze/hsk/Clients_information/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113095/"
 "113094","2019-01-29 16:50:10","http://dawaphoto.co.kr/software/HANAPHOTO.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113094/"
 "113093","2019-01-29 16:49:09","http://dawaphoto.co.kr/software/DAWAPHOTOBB.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113093/"
@@ -16009,8 +17855,8 @@
 "112986","2019-01-29 14:46:03","https://uc59f2436825d3a31cdd9f379cca.dl.dropboxusercontent.com/cd/0/get/AaWOGe1hHj489ui5zIc8cHnButFq3H0YBlZyaveZ3kAO_QHOJK7-6jArVIWJIJQDDIIS07LZA17T74KdAi1qUvRqE1y6nUj09dFfVpAju7hA2Q/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112986/"
 "112985","2019-01-29 14:36:31","https://myboysand.me/wp-content/ai1wm-backups/messg.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112985/"
 "112984","2019-01-29 14:36:28","http://www.scotts-grotto.org/packages/asmiller_gallery/blocks/asmiller_gallery/templates/default/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112984/"
-"112983","2019-01-29 14:36:26","https://kasutwakai.com/admin/controller/catalog/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112983/"
-"112982","2019-01-29 14:36:21","https://the-bombay-summit.000webhostapp.com/wp-content/themes/llorix-one-lite/fonts/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112982/"
+"112983","2019-01-29 14:36:26","https://kasutwakai.com/admin/controller/catalog/messg.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/112983/"
+"112982","2019-01-29 14:36:21","https://the-bombay-summit.000webhostapp.com/wp-content/themes/llorix-one-lite/fonts/messg.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/112982/"
 "112981","2019-01-29 14:36:18","http://stonescrossing.com/wp-content/themes/stones-crossing/assets/css/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112981/"
 "112980","2019-01-29 14:36:15","https://kokoon.co.uk/wp-content/themes/kokoon/css/fonts/bebasneue/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112980/"
 "112979","2019-01-29 14:36:12","http://hugomaia.com/templates/agitato/images/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112979/"
@@ -16316,7 +18162,7 @@
 "112676","2019-01-29 07:14:06","http://185.244.25.98/AB4g5/Cult.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112676/"
 "112675","2019-01-29 07:14:05","http://185.244.25.98/AB4g5/Cult.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112675/"
 "112674","2019-01-29 07:14:04","http://185.244.25.98/AB4g5/Cult.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112674/"
-"112673","2019-01-29 06:57:06","http://212.150.222.45:8152/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112673/"
+"112673","2019-01-29 06:57:06","http://212.150.222.45:8152/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112673/"
 "112672","2019-01-29 06:57:02","http://185.244.25.194:80/dwabniduawdbwad/memhoncho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112672/"
 "112671","2019-01-29 06:56:02","http://185.244.25.194/dwabniduawdbwad/memhoncho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112671/"
 "112670","2019-01-29 06:56:01","http://185.244.25.194/dwabniduawdbwad/memhoncho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112670/"
@@ -17335,7 +19181,7 @@
 "111631","2019-01-27 21:58:42","http://97.125.231.53:20864/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111631/"
 "111630","2019-01-27 21:58:38","http://189.180.253.216:29339/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111630/"
 "111629","2019-01-27 21:58:34","http://177.68.147.145:1142/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111629/"
-"111628","2019-01-27 21:58:28","http://37.34.244.167:16848/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111628/"
+"111628","2019-01-27 21:58:28","http://37.34.244.167:16848/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111628/"
 "111627","2019-01-27 21:52:04","http://amd.alibuf.com:7723/dsc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111627/"
 "111626","2019-01-27 21:51:06","http://66.117.6.174/wpd.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/111626/"
 "111625","2019-01-27 21:08:06","http://moha-group.ir/nazy/PurchaseOrder.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/111625/"
@@ -17357,7 +19203,7 @@
 "111609","2019-01-27 19:22:11","http://amd.alibuf.com:7723/DSP12.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/111609/"
 "111608","2019-01-27 19:18:05","http://dns.fq520000.com:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111608/"
 "111607","2019-01-27 19:14:02","http://165.227.212.62/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111607/"
-"111606","2019-01-27 19:00:08","http://dns.alibuf.com:7723/dsc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111606/"
+"111606","2019-01-27 19:00:08","http://dns.alibuf.com:7723/dsc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111606/"
 "111605","2019-01-27 18:48:17","http://ca.fq520000.com:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111605/"
 "111604","2019-01-27 18:44:26","http://dns.alibuf.com:7723/dsp12.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111604/"
 "111603","2019-01-27 18:44:18","http://165.227.212.62/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111603/"
@@ -17515,7 +19361,7 @@
 "111451","2019-01-27 15:15:04","http://80.211.8.37/bins/sora.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111451/"
 "111449","2019-01-27 15:15:03","http://80.211.8.37/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111449/"
 "111450","2019-01-27 15:15:03","http://80.211.8.37/bins/sora.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111450/"
-"111448","2019-01-27 15:13:31","http://down.pdf.cqmjkjzx.com/setupgspdf_4410.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111448/"
+"111448","2019-01-27 15:13:31","http://down.pdf.cqmjkjzx.com/setupgspdf_4410.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111448/"
 "111447","2019-01-27 15:09:05","http://realdealhouse.eu/OBO/obi.exe","online","malware_download","exe,Formbook,NanoCore","https://urlhaus.abuse.ch/url/111447/"
 "111446","2019-01-27 15:08:07","http://www.majesticintltravel.com/web/ow.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/111446/"
 "111445","2019-01-27 15:00:03","http://92.63.197.153/m/1.exe","offline","malware_download","exe,GandCrab,Ransomware,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111445/"
@@ -17998,7 +19844,7 @@
 "110968","2019-01-27 00:07:05","http://185.244.25.145:80/x85143/Yowai.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110968/"
 "110967","2019-01-27 00:07:02","http://176.32.35.2/bins/Lanisha.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110967/"
 "110966","2019-01-27 00:06:05","http://176.32.35.2/bins/Lanisha.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110966/"
-"110965","2019-01-26 23:54:04","http://chefpromoter.com/wp-includes/ID3/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110965/"
+"110965","2019-01-26 23:54:04","http://chefpromoter.com/wp-includes/ID3/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110965/"
 "110964","2019-01-26 23:53:14","http://dx115.downyouxi.com/zhizaoye.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110964/"
 "110963","2019-01-26 23:50:34","http://dx115.downyouxi.com/qinruzhezuozhanxunlian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110963/"
 "110962","2019-01-26 23:41:30","http://dx63.downyouxi.com/huoqiangyingxiong.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110962/"
@@ -18099,9 +19945,9 @@
 "110867","2019-01-26 20:11:05","http://80.211.82.121/rozxw.mipsel","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110867/"
 "110866","2019-01-26 20:11:02","http://80.211.82.121/rozxw.i586","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/110866/"
 "110865","2019-01-26 19:33:05","http://191.250.236.164:57885/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110865/"
-"110864","2019-01-26 19:29:19","http://chefpromoter.com/wp-content/cache/supercache/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110864/"
+"110864","2019-01-26 19:29:19","http://chefpromoter.com/wp-content/cache/supercache/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110864/"
 "110863","2019-01-26 19:29:09","http://quoidevert.com/templates/shaper_newsplus/js/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110863/"
-"110862","2019-01-26 19:25:08","http://www.newxing.com/D4894DD65482/server.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110862/"
+"110862","2019-01-26 19:25:08","http://www.newxing.com/D4894DD65482/server.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110862/"
 "110861","2019-01-26 19:22:17","http://down11.downyouxi.com/gaojizhanzheng2heidongshengqizhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110861/"
 "110860","2019-01-26 19:07:17","http://dx115.downyouxi.com/saierdachuanshuosizhijianzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110860/"
 "110859","2019-01-26 19:06:01","http://dx115.downyouxi.com/fcrentiantanghongbaijizhongwenmoniqi500jingdianyouxidajihe.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110859/"
@@ -18113,13 +19959,13 @@
 "110853","2019-01-26 18:23:55","http://wt111.downyouxi.com/koudaiguaishoujingjichang.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110853/"
 "110852","2019-01-26 18:18:45","http://wt112.downyouxi.com/saierdachuanshuosizhijianzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110852/"
 "110851","2019-01-26 18:00:35","http://wt112.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110851/"
-"110850","2019-01-26 18:00:13","http://xzd.197946.com/winrar-x64.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/110850/"
+"110850","2019-01-26 18:00:13","http://xzd.197946.com/winrar-x64.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/110850/"
 "110849","2019-01-26 17:56:19","http://wt110.downyouxi.com/qiaobingkuaiaisijimoren.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110849/"
 "110848","2019-01-26 17:48:44","http://wt110.downyouxi.com/shumabaobeidouhunchuanshuo2danjiban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110848/"
 "110847","2019-01-26 17:45:08","http://rarejewelry.net/.well-known/acme-challenge/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110847/"
 "110846","2019-01-26 16:36:10","http://37.255.196.22:61857/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110846/"
 "110845","2019-01-26 16:36:05","http://98.116.131.34:10242/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110845/"
-"110844","2019-01-26 16:19:09","http://www.newxing.com/DE8BD3F2F296/QQ2009.exe","offline","malware_download","zip","https://urlhaus.abuse.ch/url/110844/"
+"110844","2019-01-26 16:19:09","http://www.newxing.com/DE8BD3F2F296/QQ2009.exe","online","malware_download","zip","https://urlhaus.abuse.ch/url/110844/"
 "110843","2019-01-26 16:04:05","http://resys.pt/n/winnilog.png","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/110843/"
 "110842","2019-01-26 16:02:08","http://imoustapha.me/M.exe","online","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/110842/"
 "110841","2019-01-26 15:54:30","http://159.65.155.170/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110841/"
@@ -18141,11 +19987,11 @@
 "110825","2019-01-26 15:54:06","http://142.93.211.141/kira1/kirai.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110825/"
 "110824","2019-01-26 15:54:04","http://142.93.211.141/kira1/kirai.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110824/"
 "110823","2019-01-26 15:54:03","http://142.93.211.141/kira1/kirai.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110823/"
-"110822","2019-01-26 15:50:06","http://www.newxing.com/d6c9a8a921847/prjfire.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110822/"
+"110822","2019-01-26 15:50:06","http://www.newxing.com/d6c9a8a921847/prjfire.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110822/"
 "110821","2019-01-26 15:13:06","http://imoustapha.me/N.exe","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/110821/"
 "110820","2019-01-26 14:30:05","http://rarejewelry.net/.well-known/acme-challenge/mxr.pdf","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110820/"
 "110819","2019-01-26 13:42:05","http://171.38.147.237:17462/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110819/"
-"110818","2019-01-26 13:31:17","http://www.newxing.com/DDB3AC763452/StandardPalette.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110818/"
+"110818","2019-01-26 13:31:17","http://www.newxing.com/DDB3AC763452/StandardPalette.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110818/"
 "110817","2019-01-26 13:18:12","http://gamblchange.club/update.rar","offline","malware_download","CAN,Encoded,Kpot,Task","https://urlhaus.abuse.ch/url/110817/"
 "110816","2019-01-26 13:18:05","https://globalinvoice.club/update.php","offline","malware_download","CAN,geofenced,Gozi","https://urlhaus.abuse.ch/url/110816/"
 "110815","2019-01-26 13:14:21","http://viswavsp.com/war/winepress.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/110815/"
@@ -18285,7 +20131,7 @@
 "110671","2019-01-25 22:52:06","http://06.bd-pcgame.xiazai24.com:8090/Patch/%E6%B8%B8%E8%BF%85%E7%BD%91_%E7%9C%8B%E9%97%A8%E7%8B%97%E5%85%8DUplay%E7%A0%B4%E8%A7%A3%E8%A1%A5%E4%B8%812.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110671/"
 "110670","2019-01-25 22:45:06","http://xn--5dbalbrcab0al1jnj.co.il/hd/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110670/"
 "110669","2019-01-25 22:43:10","http://yurayura.life/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110669/"
-"110668","2019-01-25 22:34:10","http://dvip.drvsky.com/network/NW_RTL8192E_1676.10.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110668/"
+"110668","2019-01-25 22:34:10","http://dvip.drvsky.com/network/NW_RTL8192E_1676.10.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110668/"
 "110667","2019-01-25 22:23:06","http://06.bd-pcgame.xiazai24.com:8090/Patch/%E6%B8%B8%E8%BF%85%E7%BD%91_%E7%9C%9F%E4%B8%89%E5%9B%BD%E6%97%A0%E5%8F%8C7%EF%BC%9A%E7%8C%9B%E5%B0%86%E4%BC%A0%E5%8D%87%E7%BA%A7%E6%A1%A31.0.0.1%E7%B9%81%E4%B8%AD%E7%89%88.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110667/"
 "110666","2019-01-25 22:22:21","http://dcfloraldecor.lt/RiU3O8FFMsM/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/110666/"
 "110665","2019-01-25 22:22:18","http://hoanglecompany.vn/EaGimpLKxVUr_eo/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/110665/"
@@ -18297,10 +20143,10 @@
 "110658","2019-01-25 22:18:05","http://www.tomorrow-foundation.com/fr/wp-content/uploads/xhgV-hGf6W_XVYZ-MUS/Southwire/MRR7854427356/US_us/Paid-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110658/"
 "110657","2019-01-25 22:14:09","http://tulipremodeling.com/.well-known/acme-challenge/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110657/"
 "110656","2019-01-25 22:12:08","http://acm.ee/wp-content/themes/acm/fonts/Nexa_Bold/fonts/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110656/"
-"110655","2019-01-25 22:02:10","http://dvip.drvsky.com/canon/CP720.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110655/"
+"110655","2019-01-25 22:02:10","http://dvip.drvsky.com/canon/CP720.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110655/"
 "110653","2019-01-25 22:01:06","http://kymviet.vn/RfGA-xxdb_UCGYltTD-uB/I807/invoicing/US_us/Invoice-Corrections-for-58/44/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110653/"
 "110652","2019-01-25 21:55:29","http://04.bd-pcgame.720582.com:8090/Patch/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%81%B6%E9%AD%94%E5%9F%8E%EF%BC%9A%E6%9A%97%E5%BD%B1%E4%B9%8B%E7%8E%8B2DLC%E7%A0%B4%E8%A7%A3%E8%A1%A5%E4%B8%81CODEX%E7%89%88.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110652/"
-"110651","2019-01-25 21:53:17","http://dvip.drvsky.com/canon/CP800.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110651/"
+"110651","2019-01-25 21:53:17","http://dvip.drvsky.com/canon/CP800.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110651/"
 "110650","2019-01-25 21:53:04","http://82.223.67.251/rgpd/wp-content/plugins/peters-login-redirect/UUgZg-eT_sZh-jPk/PaymentStatus/US_us/Invoice-Corrections-for-95/89/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110650/"
 "110649","2019-01-25 21:48:02","https://www.norsterra.cn/pExV-1g5_PTWUzf-1C/153922/SurveyQuestionsEn_us/Paid-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110649/"
 "110648","2019-01-25 21:47:57","https://www.ibpminstitute.org/JsdiN-Rbw_HEj-xS/INV/1560201FORPO/65082052326/En/Document-needed/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110648/"
@@ -18312,7 +20158,7 @@
 "110641","2019-01-25 21:47:08","http://bobors.se/TbPWU-AB_awzHdUXB-wUU/INVOICE/40635/OVERPAYMENT/En/Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110641/"
 "110640","2019-01-25 21:47:07","http://blogtintuc.tk/LMpnY-Y7U_rkfi-hWw/Invoice/44002916/En/ACH-form/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110640/"
 "110638","2019-01-25 21:47:02","http://207.180.213.67/wp-content/kRjwT-nfcQ_kiAUlf-J1/Ref/6309849882En_us/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110638/"
-"110637","2019-01-25 21:44:09","http://dvip.drvsky.com/Printer/Star_NX-500.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110637/"
+"110637","2019-01-25 21:44:09","http://dvip.drvsky.com/Printer/Star_NX-500.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110637/"
 "110636","2019-01-25 21:41:11","http://03.bd-pcgame.xiazai24.com:8090/Patch/%E6%B8%B8%E8%BF%85%E7%BD%91_%E9%BA%A6%E5%85%8B%E6%96%AF%EF%BC%9A%E5%85%84%E5%BC%9F%E9%AD%94%E5%92%92%E5%8D%95%E7%8B%AC%E7%A0%B4%E8%A7%A3%E8%A1%A5%E4%B8%81.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110636/"
 "110635","2019-01-25 21:40:57","http://lemonremodeling.com/myadmin/doc/html/_images/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110635/"
 "110634","2019-01-25 21:40:45","http://bunnynet.tk/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110634/"
@@ -18407,7 +20253,7 @@
 "110545","2019-01-25 21:07:08","http://19.bd-pcgame.xiazai24.com:8090/tools/gongju/%E6%B8%B8%E8%BF%85%E7%BD%91_%E5%9C%B0%E7%89%A2%E5%9B%B4%E6%94%BB3%EF%BC%9A%E5%A4%AA%E9%98%B3%E5%AE%9D%E8%97%8F%E5%85%AD%E9%A1%B9%E4%BF%AE%E6%94%B9%E5%99%A81.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110545/"
 "110544","2019-01-25 20:59:03","http://kobac-takayama.com/wp-admin/css/colors/blue/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110544/"
 "110543","2019-01-25 20:58:19","http://f915003w.beget.tech/Fauset.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110543/"
-"110542","2019-01-25 20:58:11","http://dvip.drvsky.com/Printer/HT-Star_AR-970.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110542/"
+"110542","2019-01-25 20:58:11","http://dvip.drvsky.com/Printer/HT-Star_AR-970.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110542/"
 "110541","2019-01-25 20:57:43","http://yostao.com/nYZC-oMW_TurVeik-wf/EXT/PaymentStatus/US/Service-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110541/"
 "110540","2019-01-25 20:57:38","http://www.traktorski-deli.si/RLnb-jdd_qMbWVpe-Bi/Invoice/0143040/En/Invoice-Corrections-for-53/67/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110540/"
 "110539","2019-01-25 20:57:36","http://www.retro11legendblue.com/lYSRR-NsaK_SJhhwez-N9/COMET/SIGNS/PAYMENT/NOTIFICATION/01/25/2019/EN_en/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110539/"
@@ -18420,10 +20266,10 @@
 "110532","2019-01-25 20:57:18","http://temptest123.reveance.nl/pZTiY-42Ph_Tm-sxN/INV/8092495FORPO/7356184607/En_us/Important-Please-Read/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110532/"
 "110531","2019-01-25 20:57:17","http://kardelenozelegitim.com/wp-content/IZgmq-ruI5F_Ck-4sj/COMET/SIGNS/PAYMENT/NOTIFICATION/01/26/2019/EN_en/Open-invoices/","online","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/110531/"
 "110530","2019-01-25 20:57:15","http://deltaviptemizlik.com/noaieugd/sotpie/xIvEa-JzJM_lUxtgCRiy-Gls/INVOICE/24047/OVERPAYMENT/EN_en/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110530/"
-"110529","2019-01-25 20:57:12","http://baixenoibai24h.com/wBNX-ee4_DLoyeljlC-usD/InvoiceCodeChanges/EN_en/ACH-form/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110529/"
+"110529","2019-01-25 20:57:12","http://baixenoibai24h.com/wBNX-ee4_DLoyeljlC-usD/InvoiceCodeChanges/EN_en/ACH-form/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110529/"
 "110528","2019-01-25 20:57:08","http://ayot.ir/QHKFa-2l6q_GMd-ljW/INVOICE/75844/OVERPAYMENT/EN_en/Past-Due-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110528/"
 "110527","2019-01-25 20:57:03","http://163.172.233.237/mzFL-88_LR-Zkn/ACH/PaymentInfo/En/Paid-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/110527/"
-"110526","2019-01-25 20:50:31","http://update-res.100public.com/rwx-init/init_bfb_yingxiaoqqfuzhu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110526/"
+"110526","2019-01-25 20:50:31","http://update-res.100public.com/rwx-init/init_bfb_yingxiaoqqfuzhu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110526/"
 "110525","2019-01-25 20:50:13","http://f915003w.beget.tech/GUNBOT.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110525/"
 "110524","2019-01-25 20:49:23","http://06.bd-pcgame.xiazai24.com/tools/gongju/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%96%87%E6%98%8E5%EF%BC%9A%E7%BE%8E%E4%B8%BD%E6%96%B0%E4%B8%96%E7%95%8C%E5%85%AD%E9%A1%B9%E4%BF%AE%E6%94%B9%E5%99%A8%E4%BF%AE%E6%AD%A3%E7%89%881.0.3.18.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110524/"
 "110523","2019-01-25 20:48:12","http://manoulaland.com/wp-content/themes/sydney/plugins/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110523/"
@@ -18806,7 +20652,7 @@
 "110139","2019-01-25 09:06:08","http://bugivena.club/RegFile228.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110139/"
 "110138","2019-01-25 09:05:08","http://wowepic.net/autopatch/newlight/clientfiles////autopatcher.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110138/"
 "110137","2019-01-25 09:05:05","http://wowepic.net/autopatch/modernnew/clientfiles////autopatcher.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110137/"
-"110136","2019-01-25 09:03:08","http://218.92.218.38/3103/InstallHP(8).exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110136/"
+"110136","2019-01-25 09:03:08","http://218.92.218.38/3103/InstallHP(8).exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110136/"
 "110135","2019-01-25 08:57:09","http://wowepic.net/Autopatch/FullClientModern/Installer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110135/"
 "110134","2019-01-25 08:54:08","http://926cs.com/test.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110134/"
 "110133","2019-01-25 08:53:23","http://wowepic.net/Autopatch/Classic/clientfiles/Autopatcher.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110133/"
@@ -18855,10 +20701,10 @@
 "110089","2019-01-25 05:57:10","http://fristpolychem.download/sysmgr/systemgr.exe","offline","malware_download","exe,stealer","https://urlhaus.abuse.ch/url/110089/"
 "110088","2019-01-25 05:57:08","http://fristpolychem.download/sysmgr/mons.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/110088/"
 "110087","2019-01-25 05:57:04","http://gmlsoftlabs.com/wp.png","offline","malware_download","exe,HawkEye,keylogger","https://urlhaus.abuse.ch/url/110087/"
-"110086","2019-01-25 05:55:08","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C_%E5%AD%A4%E5%B2%9B%E6%83%8A%E9%AD%823.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110086/"
+"110086","2019-01-25 05:55:08","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E6%88%91%E7%9A%84%E4%B8%96%E7%95%8C_%E5%AD%A4%E5%B2%9B%E6%83%8A%E9%AD%823.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110086/"
 "110085","2019-01-25 05:40:06","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/100321-1/ExamBible2015-5-13.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110085/"
-"110084","2019-01-25 05:22:07","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E9%AA%91%E9%A9%AC%E4%B8%8E%E7%A0%8D%E6%9D%80_%E6%88%98%E5%9B%A2%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E7%89%88.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110084/"
-"110083","2019-01-25 05:13:25","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E7%8B%99%E5%87%BB%E6%89%8B_%E5%B9%BD%E7%81%B5%E6%88%98%E5%A3%AB2%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E7%89%88.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110083/"
+"110084","2019-01-25 05:22:07","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E9%AA%91%E9%A9%AC%E4%B8%8E%E7%A0%8D%E6%9D%80_%E6%88%98%E5%9B%A2%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E7%89%88.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110084/"
+"110083","2019-01-25 05:13:25","http://pcgame.cdn0.hf-game.com/%E5%8D%95%E6%9C%BA/%E7%8B%99%E5%87%BB%E6%89%8B_%E5%B9%BD%E7%81%B5%E6%88%98%E5%A3%AB2%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%E7%89%88.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110083/"
 "110082","2019-01-25 04:15:41","https://tracking.cirrusinsight.com/2deed867-4646-4178-9eef-366a2536c746/duanmizukipark-com-nhgx-c14vl0mp8lbbo8f-ovyvagitm-jfx/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/110082/"
 "110081","2019-01-25 04:15:38","http://visitcounter.motoresygeneradores.com/gdtF-JSrrllBIE0FdUa_RfTYosqc-BH/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/110081/"
 "110080","2019-01-25 04:01:39","https://info.citibank.com/17cb1edbdlayfiusib76tcxiaaaaabfnkp2ahq6er4myaaaaa/C?V=emlwX2NvZGUBAWdfaW5kZXgBAVNPTUVfVVJMAQF1cmwBAVZJRVdfQUNDVAEBbF9pbmRleAEBcHJvZmlsZV9pZAEyNTEwOTc4Njg4AUNPTlRBQ1RfVVMBAV9QTElTVF9JRF8BMjE1NjE4MDgBX1dBVkVfSURfATg5MTg5MTM3MQFCUkFORF9JRAFDWgFQQVlfT05MSU5FAQFlbWFpbF9hZGRyAXJhdml2YXJtYW4ua2FuZGFzYW15QGNpdGkuY29tAV9TQ0hEX1RNXwEyMDE2MDMxNTE3MjQxNAFWSUVXX1NUTVQBAXByb2ZpbGVfa2V5ATEwMTE0NjQwMjI2&X+pEb/jtoOQotkvPOd9o8g","offline","malware_download","None","https://urlhaus.abuse.ch/url/110080/"
@@ -18954,7 +20800,7 @@
 "109976","2019-01-25 00:42:07","http://5techexplore.com/wp-content/themes/betheme/betheme/css/skins/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109976/"
 "109975","2019-01-25 00:42:04","http://empresasmudanzaszaragoza.com.es/fonts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109975/"
 "109974","2019-01-25 00:41:14","http://59.126.40.253:64130/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109974/"
-"109973","2019-01-25 00:41:09","http://82.166.24.224:4197/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109973/"
+"109973","2019-01-25 00:41:09","http://82.166.24.224:4197/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109973/"
 "109972","2019-01-25 00:41:05","http://220.70.183.53:56657/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109972/"
 "109971","2019-01-25 00:40:05","http://217.139.86.228:13546/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109971/"
 "109970","2019-01-25 00:40:03","http://barondigital.com/ketoultra/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109970/"
@@ -18964,7 +20810,7 @@
 "109966","2019-01-25 00:24:08","http://shly.fsygroup.com/wp-content/themes/whiteangel/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109966/"
 "109965","2019-01-25 00:24:04","http://rulamart.com/wp-content/plugins/akismet/_inc/img/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109965/"
 "109964","2019-01-25 00:22:38","http://barondigital.com/purefitketo/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109964/"
-"109963","2019-01-25 00:22:37","http://taichinhtrondoi.com/wp-includes/ID3/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109963/"
+"109963","2019-01-25 00:22:37","http://taichinhtrondoi.com/wp-includes/ID3/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109963/"
 "109962","2019-01-25 00:22:33","http://mnarat8.com/wp-content/themes/meditation/genericons/genericons/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109962/"
 "109961","2019-01-25 00:22:30","http://file.foxitreader.cn/www_file/PDFShrinkSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/109961/"
 "109960","2019-01-25 00:21:09","http://5techexplore.com/wp-content/themes/betheme/betheme/css/skins/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109960/"
@@ -19125,7 +20971,7 @@
 "109801","2019-01-24 20:06:08","http://famtripsandinspectionvisits.com/bLCb-lI9Wo_Bzf-yoy/ACH/PaymentInfo/US_us/Scan/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109801/"
 "109800","2019-01-24 20:06:04","http://eswardentalclinic.com/WCAU-xIi3F_WYV-yR/COMET/SIGNS/PAYMENT/NOTIFICATION/01/24/2019/US/Invoices-Overdue/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109800/"
 "109799","2019-01-24 20:05:08","http://adobedetails.cf/xfile/yaskream.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/109799/"
-"109798","2019-01-24 20:04:03","http://92.63.197.153/2.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/109798/"
+"109798","2019-01-24 20:04:03","http://92.63.197.153/2.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/109798/"
 "109797","2019-01-24 20:00:07","http://old.decani.ru/file/aspc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/109797/"
 "109796","2019-01-24 19:43:24","http://noscan.us/MAMp-2aWNR_vC-IGr/94136/SurveyQuestionsUS_us/Overdue-payment/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109796/"
 "109795","2019-01-24 19:43:21","http://numlian.com/nHGU-jAgoQ_a-GTN/Inv/04109288952/EN_en/Invoices-Overdue/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109795/"
@@ -19365,7 +21211,7 @@
 "109558","2019-01-24 19:02:21","https://www.una-studios.com/wp-content/themes/business-startup/assets/images/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109558/"
 "109557","2019-01-24 19:02:16","https://truongdayhoclaixe.edu.vn/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109557/"
 "109556","2019-01-24 19:02:10","http://redmag.by/language/en-GB/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109556/"
-"109555","2019-01-24 19:02:08","https://hamamelsalam.org/wp-content/themes/Template/assets/css/ssj.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109555/"
+"109555","2019-01-24 19:02:08","https://hamamelsalam.org/wp-content/themes/Template/assets/css/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109555/"
 "109554","2019-01-24 19:02:04","http://pocketcart.in/wp-content/ai1wm-backups/sserv.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109554/"
 "109553","2019-01-24 19:02:04","https://www.fcbpl110.com/wp-content/themes/Divi/core/admin/css/sserv.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109553/"
 "109552","2019-01-24 19:01:16","http://68.183.97.132/etherial.arm4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/109552/"
@@ -19731,7 +21577,7 @@
 "109185","2019-01-24 07:43:37","http://185.244.25.241/powerpc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109185/"
 "109184","2019-01-24 07:42:32","http://185.244.25.241/mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109184/"
 "109183","2019-01-24 07:41:20","http://185.244.25.241/armv5l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109183/"
-"109182","2019-01-24 07:40:32","http://185.244.25.176/bins/kwari.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109182/"
+"109182","2019-01-24 07:40:32","http://185.244.25.176/bins/kwari.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109182/"
 "109181","2019-01-24 07:38:03","http://185.244.25.241/sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109181/"
 "109180","2019-01-24 07:38:02","http://185.244.25.241/mipsel","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109180/"
 "109179","2019-01-24 07:37:02","http://185.244.25.241/i586","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109179/"
@@ -19755,13 +21601,13 @@
 "109135","2019-01-24 07:26:33","http://ccyqgdy.gq/wp-admin/VxpBz-vP_w-HmL/US_us/Scan/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109135/"
 "109134","2019-01-24 07:26:17","http://ceexpress.ca/Clients/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109134/"
 "109130","2019-01-24 07:26:06","http://autosarir.ir/qWFB-n4_xJMF-HYY/8930060/SurveyQuestionsUS_us/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109130/"
-"109129","2019-01-24 07:26:02","http://185.244.25.176/bins/kwari.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109129/"
-"109128","2019-01-24 07:24:16","http://185.244.25.176/bins/kwari.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109128/"
-"109127","2019-01-24 07:24:15","http://185.244.25.176/bins/kwari.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109127/"
-"109126","2019-01-24 07:24:14","http://185.244.25.176/bins/kwari.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109126/"
-"109125","2019-01-24 07:24:10","http://185.244.25.176/bins/kwari.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109125/"
-"109123","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109123/"
-"109124","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109124/"
+"109129","2019-01-24 07:26:02","http://185.244.25.176/bins/kwari.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109129/"
+"109128","2019-01-24 07:24:16","http://185.244.25.176/bins/kwari.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109128/"
+"109127","2019-01-24 07:24:15","http://185.244.25.176/bins/kwari.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109127/"
+"109126","2019-01-24 07:24:14","http://185.244.25.176/bins/kwari.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109126/"
+"109125","2019-01-24 07:24:10","http://185.244.25.176/bins/kwari.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109125/"
+"109123","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109123/"
+"109124","2019-01-24 07:24:02","http://185.244.25.176/bins/kwari.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109124/"
 "109122","2019-01-24 07:22:02","http://mohammadishmam.com/wp-includes/AvCJonsPUZBl4k/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109122/"
 "109121","2019-01-24 07:17:23","http://synesius17.com/lCLTTSU/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109121/"
 "109120","2019-01-24 07:17:18","http://trumpfalls.com/xwNBy6o4Dt/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109120/"
@@ -19769,14 +21615,14 @@
 "109118","2019-01-24 07:17:11","http://underkits.com/TNVqFVZlX/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109118/"
 "109117","2019-01-24 07:17:07","http://tpulmano.com/l19wwjS/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/109117/"
 "109116","2019-01-24 07:15:06","http://takenpaybd.com/Messages/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/109116/"
-"109115","2019-01-24 06:58:03","http://185.244.25.176/bins/kwari.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109115/"
+"109115","2019-01-24 06:58:03","http://185.244.25.176/bins/kwari.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109115/"
 "109114","2019-01-24 06:56:11","http://185.244.25.241/armv7l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109114/"
 "109113","2019-01-24 06:56:10","http://157.230.60.248/lnkfmx","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/109113/"
 "109112","2019-01-24 06:56:07","http://157.230.60.248/nvitpj","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/109112/"
 "109111","2019-01-24 06:56:04","http://185.244.25.241/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109111/"
-"109110","2019-01-24 06:55:09","http://185.244.25.176/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109110/"
+"109110","2019-01-24 06:55:09","http://185.244.25.176/bins/kwari.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109110/"
 "109109","2019-01-24 06:55:08","http://157.230.60.248/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/109109/"
-"109108","2019-01-24 06:53:04","http://185.244.25.176/bins/kwari.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109108/"
+"109108","2019-01-24 06:53:04","http://185.244.25.176/bins/kwari.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109108/"
 "109107","2019-01-24 06:53:02","http://185.244.25.241/armv6l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109107/"
 "109105","2019-01-24 06:52:08","http://185.244.25.241/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109105/"
 "109106","2019-01-24 06:52:08","http://185.244.25.241/sparc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/109106/"
@@ -20033,7 +21879,7 @@
 "108849","2019-01-23 20:36:09","http://nijverdalsmannenkoor.nl/rate/Nepal_Rasta_bnk_Interest_rate_Deposits_docx.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/108849/"
 "108848","2019-01-23 20:24:19","http://kardelenozelegitim.com/SekpEmJ/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108848/"
 "108847","2019-01-23 20:24:13","http://artdigo.punyahajat.com/dain1Zn/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108847/"
-"108846","2019-01-23 20:24:10","http://baixenoibai24h.com/YGKkPAqClX/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108846/"
+"108846","2019-01-23 20:24:10","http://baixenoibai24h.com/YGKkPAqClX/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108846/"
 "108845","2019-01-23 20:24:07","http://deltaviptemizlik.com/Bh1g79BEEK/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108845/"
 "108844","2019-01-23 20:24:05","http://saabhouse.com/8KDHUg6NT/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108844/"
 "108843","2019-01-23 20:21:12","http://mobile.tourism.poltava.ua/rates1/Nepal_Rasta_bnk_Interest_rate_Deposits_docx.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/108843/"
@@ -20103,7 +21949,7 @@
 "108777","2019-01-23 19:22:16","http://www.smefood.com/muON-7y_QChNJCfv-D8A/InvoiceCodeChanges/En_us/Invoice-receipt/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108777/"
 "108776","2019-01-23 19:22:04","http://satstore.kz/KXLC-6VZ_r-IyL/EXT/PaymentStatus/En/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108776/"
 "108775","2019-01-23 19:06:33","http://earnbdt.com/wp-content/themes/martfury/wc-vendors/front/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108775/"
-"108774","2019-01-23 19:06:26","http://xzc.198424.com/wrar56b5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108774/"
+"108774","2019-01-23 19:06:26","http://xzc.198424.com/wrar56b5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108774/"
 "108773","2019-01-23 19:01:16","http://microsoftpro.dns-report.com/host/162.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108773/"
 "108772","2019-01-23 19:01:08","http://139.180.195.93/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108772/"
 "108771","2019-01-23 19:01:04","http://139.180.195.93/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108771/"
@@ -20128,7 +21974,7 @@
 "108752","2019-01-23 18:59:55","http://206.189.229.119/yakuza.sh4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108752/"
 "108751","2019-01-23 18:59:52","http://206.189.229.119/yakuza.mpsl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108751/"
 "108750","2019-01-23 18:59:44","http://206.189.229.119/yakuza.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108750/"
-"108749","2019-01-23 18:59:41","http://jeponautoparts.ru/opuba/unit.exe","offline","malware_download","smokeloader","https://urlhaus.abuse.ch/url/108749/"
+"108749","2019-01-23 18:59:41","http://jeponautoparts.ru/opuba/unit.exe","online","malware_download","smokeloader","https://urlhaus.abuse.ch/url/108749/"
 "108748","2019-01-23 18:59:33","https://kobac-shizuoka01.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/108748/"
 "108747","2019-01-23 18:59:22","http://grupoasesoria.coazgt.com/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/108747/"
 "108746","2019-01-23 18:59:12","http://semestr.by/cache/mod_sp_smart_slider/ssj.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/108746/"
@@ -20593,13 +22439,13 @@
 "108274","2019-01-23 11:12:50","http://dwsobi.qhigh.com:80/inst.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108274/"
 "108273","2019-01-23 11:12:49","http://dwsobi.qhigh.com:80/nsab.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108273/"
 "108272","2019-01-23 11:12:41","http://107.172.196.165:7217/mn.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108272/"
-"108268","2019-01-23 11:12:11","http://cloud.kryptonia.fr/launcher/bin/libraries/jna-platform-4.5.0.jar","offline","malware_download","jar","https://urlhaus.abuse.ch/url/108268/"
+"108268","2019-01-23 11:12:11","http://cloud.kryptonia.fr/launcher/bin/libraries/jna-platform-4.5.0.jar","online","malware_download","jar","https://urlhaus.abuse.ch/url/108268/"
 "108270","2019-01-23 11:12:11","http://comfort-software.info/e107_files/public/reg.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108270/"
 "108269","2019-01-23 11:12:11","http://macecraft.site/modules/geoip/dorevo.sql","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108269/"
 "108271","2019-01-23 11:12:11","http://macecraft.site/modules/geoip/geofile/can/cex.db","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108271/"
-"108267","2019-01-23 11:12:09","http://cloud.kryptonia.fr/launcher/bin/versions/kryptonia/natives/libmfxsw64.dll","offline","malware_download","None","https://urlhaus.abuse.ch/url/108267/"
+"108267","2019-01-23 11:12:09","http://cloud.kryptonia.fr/launcher/bin/versions/kryptonia/natives/libmfxsw64.dll","online","malware_download","None","https://urlhaus.abuse.ch/url/108267/"
 "108266","2019-01-23 11:12:00","http://cloud.kryptonia.fr/launcher/bin/versions/kryptonia/natives/libmp3lame-ttv.dll","online","malware_download","None","https://urlhaus.abuse.ch/url/108266/"
-"108265","2019-01-23 11:11:59","http://cloud.kryptonia.fr/launcher/bin/libraries/jna-4.5.0.jar","offline","malware_download","jar","https://urlhaus.abuse.ch/url/108265/"
+"108265","2019-01-23 11:11:59","http://cloud.kryptonia.fr/launcher/bin/libraries/jna-4.5.0.jar","online","malware_download","jar","https://urlhaus.abuse.ch/url/108265/"
 "108263","2019-01-23 11:11:57","http://treterhef.download/softwarepub/ChromeSetup.exe","offline","malware_download","adware","https://urlhaus.abuse.ch/url/108263/"
 "108264","2019-01-23 11:11:57","http://treterhef.download/softwarepub/GoogleEarthSetup.exe","offline","malware_download","adware","https://urlhaus.abuse.ch/url/108264/"
 "108262","2019-01-23 11:11:56","http://bitbucket.org/Ameren2323/files/downloads/xmrig.exe","offline","malware_download","exe,miner","https://urlhaus.abuse.ch/url/108262/"
@@ -20746,7 +22592,7 @@
 "108113","2019-01-23 08:29:03","http://kantova.com/DWTr10bVVLjs5r/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/108113/"
 "108112","2019-01-23 08:23:02","http://loygf-99.gq/tools.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108112/"
 "108111","2019-01-23 08:22:02","http://27.120.86.87/fi/shample_fixed1227.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108111/"
-"108110","2019-01-23 08:20:06","http://185.22.153.191/ankit/jno.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108110/"
+"108110","2019-01-23 08:20:06","http://185.22.153.191/ankit/jno.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108110/"
 "108109","2019-01-23 08:20:05","http://trafficpullz.co.in/q.exe","online","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/108109/"
 "108108","2019-01-23 08:20:02","http://198.98.53.130/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108108/"
 "108107","2019-01-23 08:19:07","http://ruwiin.gdn/resume.exe","offline","malware_download","DEU,GandCrab,Ransomware","https://urlhaus.abuse.ch/url/108107/"
@@ -20876,20 +22722,20 @@
 "107983","2019-01-23 06:39:11","http://46.17.46.22/eoxmkb","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/107983/"
 "107982","2019-01-23 06:38:41","http://46.101.80.191/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107982/"
 "107981","2019-01-23 06:38:39","http://167.99.186.234/x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107981/"
-"107980","2019-01-23 06:38:37","http://185.22.153.191/ankit/x86hua","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107980/"
-"107979","2019-01-23 06:38:36","http://185.22.153.191/ankit/mpsl.fgt","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107979/"
-"107978","2019-01-23 06:38:34","http://185.22.153.191/ankit/jno.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107978/"
-"107977","2019-01-23 06:38:33","http://185.22.153.191/ankit/jno.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107977/"
-"107976","2019-01-23 06:38:32","http://185.22.153.191/ankit/jno.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107976/"
-"107975","2019-01-23 06:38:30","http://185.22.153.191/ankit/jno.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107975/"
-"107974","2019-01-23 06:38:29","http://185.22.153.191/ankit/jno.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107974/"
-"107973","2019-01-23 06:38:28","http://185.22.153.191/ankit/jno.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107973/"
-"107972","2019-01-23 06:38:26","http://185.22.153.191/ankit/jno.arm7","online","malware_download","None","https://urlhaus.abuse.ch/url/107972/"
-"107971","2019-01-23 06:38:23","http://185.22.153.191/ankit/jno.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107971/"
-"107970","2019-01-23 06:38:22","http://185.22.153.191/ankit/jno.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107970/"
-"107969","2019-01-23 06:38:21","http://185.22.153.191/ankit/fff","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107969/"
-"107968","2019-01-23 06:38:20","http://185.22.153.191/ankit/arm7.fgt","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107968/"
-"107967","2019-01-23 06:38:18","http://185.22.153.191/ankit/arm5.fgt","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107967/"
+"107980","2019-01-23 06:38:37","http://185.22.153.191/ankit/x86hua","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107980/"
+"107979","2019-01-23 06:38:36","http://185.22.153.191/ankit/mpsl.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107979/"
+"107978","2019-01-23 06:38:34","http://185.22.153.191/ankit/jno.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107978/"
+"107977","2019-01-23 06:38:33","http://185.22.153.191/ankit/jno.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107977/"
+"107976","2019-01-23 06:38:32","http://185.22.153.191/ankit/jno.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107976/"
+"107975","2019-01-23 06:38:30","http://185.22.153.191/ankit/jno.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107975/"
+"107974","2019-01-23 06:38:29","http://185.22.153.191/ankit/jno.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107974/"
+"107973","2019-01-23 06:38:28","http://185.22.153.191/ankit/jno.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107973/"
+"107972","2019-01-23 06:38:26","http://185.22.153.191/ankit/jno.arm7","offline","malware_download","None","https://urlhaus.abuse.ch/url/107972/"
+"107971","2019-01-23 06:38:23","http://185.22.153.191/ankit/jno.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107971/"
+"107970","2019-01-23 06:38:22","http://185.22.153.191/ankit/jno.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107970/"
+"107969","2019-01-23 06:38:21","http://185.22.153.191/ankit/fff","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107969/"
+"107968","2019-01-23 06:38:20","http://185.22.153.191/ankit/arm7.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107968/"
+"107967","2019-01-23 06:38:18","http://185.22.153.191/ankit/arm5.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107967/"
 "107966","2019-01-23 06:38:17","http://185.22.153.191/ankit/os.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/107966/"
 "107965","2019-01-23 06:38:17","http://80.211.82.121/bins/owari.x86","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107965/"
 "107964","2019-01-23 06:38:16","http://80.211.82.121/bins/owari.spc","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/107964/"
@@ -21136,7 +22982,7 @@
 "107704","2019-01-22 21:35:04","http://ahmetcanbektas.com/dMylR-rAOG_OIOQNLyJ-FxZ/Invoice/341990756/En_us/Paid-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107704/"
 "107703","2019-01-22 21:35:03","http://3.dohodtut.ru/lHdS-QLH_aNimt-qzT/ACH/PaymentInfo/En/Important-Please-Read/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107703/"
 "107702","2019-01-22 20:56:06","http://senda.bmt.city/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107702/"
-"107701","2019-01-22 20:56:04","http://jambanswers.org/.well-known/pki-validation/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107701/"
+"107701","2019-01-22 20:56:04","http://jambanswers.org/.well-known/pki-validation/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107701/"
 "107700","2019-01-22 20:55:07","http://myschoolmarket.com.ng/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107700/"
 "107699","2019-01-22 20:55:04","http://greathealthworld.com/wp-content/themes/magazine-point/template-parts/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107699/"
 "107698","2019-01-22 20:53:08","http://greathealthworld.com/wp-content/themes/magazine-point/images/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107698/"
@@ -22742,7 +24588,7 @@
 "106086","2019-01-20 14:06:04","http://fxtraderlog.com/downloads/fxtraderlog_upgrade.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106086/"
 "106085","2019-01-20 13:41:05","http://files.hrloo.com/bbs/data/attachment/forum/201212/20/10301044ex3m3s62emr1r7.doc?n=weyvuwtgv3lkzjlt6xln7norq3nrqhnkiblilbluqyuzg9j","online","malware_download","doc","https://urlhaus.abuse.ch/url/106085/"
 "106084","2019-01-20 13:37:17","http://download.fahpvdxw.cn/xbpic/fmt/v1.0.1.17/fmt_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106084/"
-"106083","2019-01-20 13:37:08","http://down.xrpdf.com/softdownloadol/xrpdfol5024.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106083/"
+"106083","2019-01-20 13:37:08","http://down.xrpdf.com/softdownloadol/xrpdfol5024.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106083/"
 "106082","2019-01-20 13:12:42","http://45.62.249.171/d/xd.spc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106082/"
 "106081","2019-01-20 13:12:41","http://45.62.249.171/d/xd.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106081/"
 "106080","2019-01-20 13:12:40","http://167.114.186.21/i686","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106080/"
@@ -22799,7 +24645,7 @@
 "106028","2019-01-20 03:50:04","http://r.chaoxin.com/d29889e/2018-10-19_14/9ebbc/7e408/1539931621_225246.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106028/"
 "106027","2019-01-20 02:46:14","http://upgrade.shihuizhu.net/wgz174/%E5%BE%AE%E8%B4%AD%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106027/"
 "106026","2019-01-20 02:41:50","http://update.yalian1000.com/updatefiles/client.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106026/"
-"106025","2019-01-20 02:26:32","http://dl.hzkfgs.com/djiejie.20171123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106025/"
+"106025","2019-01-20 02:26:32","http://dl.hzkfgs.com/djiejie.20171123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106025/"
 "106024","2019-01-20 02:22:06","http://img54.hbzhan.com/5/20121217/634913135817656250813.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106024/"
 "106023","2019-01-20 01:27:13","http://sgm.pc6.com/xiao4/baiwangfuweng_70563.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106023/"
 "106022","2019-01-20 01:16:30","http://upgrade.shihuizhu.net/102015/%E5%AE%9E%E6%83%A0%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106022/"
@@ -22807,13 +24653,13 @@
 "106020","2019-01-20 00:33:36","http://201.42.23.66:23423/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106020/"
 "106019","2019-01-20 00:20:06","http://d2.udashi.com/soft/25956/cs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106019/"
 "106018","2019-01-20 00:19:32","http://ah.download.cycore.cn/rrt/c3cd4f987c6a3cde42d9115e83f24ca0/46080855/5e28b83e42d0acb1659d2df5be51faa0.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/106018/"
-"106017","2019-01-20 00:03:12","http://config.wulishow.top/bug/LightningZip/sub/LightningZipEx.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106017/"
-"106016","2019-01-20 00:03:10","http://config.wulishow.top/bug/LightningZip/sub/LightningZipPage.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106016/"
+"106017","2019-01-20 00:03:12","http://config.wulishow.top/bug/LightningZip/sub/LightningZipEx.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106017/"
+"106016","2019-01-20 00:03:10","http://config.wulishow.top/bug/LightningZip/sub/LightningZipPage.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106016/"
 "106015","2019-01-20 00:02:07","http://d2.udashi.com/soft/27947/Yourzyxf.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106015/"
-"106014","2019-01-19 23:50:05","http://d2.udashi.com/soft/24536/sina2.5.1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106014/"
+"106014","2019-01-19 23:50:05","http://d2.udashi.com/soft/24536/sina2.5.1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106014/"
 "106013","2019-01-19 23:38:09","http://down.soft.hyzmbz.com/xjbqsetup_4308.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106013/"
 "106012","2019-01-19 23:30:07","http://d2.udashi.com/soft/29691/ICOshengchengqi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106012/"
-"106011","2019-01-19 23:24:19","http://d2.udashi.com/soft/27957/dqeswds1.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106011/"
+"106011","2019-01-19 23:24:19","http://d2.udashi.com/soft/27957/dqeswds1.0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106011/"
 "106010","2019-01-19 23:20:59","http://down.soft.hyzmbz.com/setup4308.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106010/"
 "106009","2019-01-19 23:07:05","http://listmyfloor.com/file.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106009/"
 "106008","2019-01-19 22:27:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin135.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106008/"
@@ -23559,7 +25405,7 @@
 "105240","2019-01-18 00:51:09","http://fhclinica.com.br/DBhN-lVqao_nErXwPzxA-R4Q/EN_en/Document-needed/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105240/"
 "105239","2019-01-18 00:51:05","http://billfritzjr.com/qPym-LnC3_JbrjwrVOo-11A/PaymentStatus/EN_en/Companies-Invoice-4907735/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105239/"
 "105238","2019-01-18 00:51:03","http://airshot.ir/assets/images/tHDnG-rl7v_kG-mrc/COMET/SIGNS/PAYMENT/NOTIFICATION/01/18/2019/En_us/0-Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105238/"
-"105237","2019-01-18 00:50:48","http://zbancuri.ro/AMAZON/Transaction_details/2019-01/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105237/"
+"105237","2019-01-18 00:50:48","http://zbancuri.ro/AMAZON/Transaction_details/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105237/"
 "105236","2019-01-18 00:50:47","http://www.3dyazicimarket.com.tr/Amazon/En/Documents/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105236/"
 "105235","2019-01-18 00:50:46","http://takeiteasy.live/Amazon/EN/Clients_transactions/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105235/"
 "105234","2019-01-18 00:50:45","http://radintrader.com/Amazon/Transactions-details/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105234/"
@@ -25167,7 +27013,7 @@
 "103565","2019-01-15 13:54:08","http://mcjm.me/legacy/legacy.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/103565/"
 "103564","2019-01-15 13:54:05","http://variantmag.com/.well-known/acme-challenge/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/103564/"
 "103563","2019-01-15 13:39:05","https://www.braecarautos.com/Payment-Confirmation.exe.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/103563/"
-"103562","2019-01-15 13:38:22","http://ssmmbed.com/wp-content/themes/betheme/bbpress/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/103562/"
+"103562","2019-01-15 13:38:22","http://ssmmbed.com/wp-content/themes/betheme/bbpress/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103562/"
 "103561","2019-01-15 13:38:16","http://despa.com.tr/templates/rt_ximenia_responsive/css-compiled/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103561/"
 "103560","2019-01-15 13:38:14","http://redpoloska.com/libraries/cms/application/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103560/"
 "103559","2019-01-15 13:38:11","http://backuptest.tomward.org.uk/.well-known/pki-validation/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103559/"
@@ -25915,15 +27761,15 @@
 "102808","2019-01-14 06:50:03","http://185.246.154.139/bins/sora.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102808/"
 "102807","2019-01-14 06:50:02","http://185.246.154.139/bins/sora.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102807/"
 "102806","2019-01-14 06:30:17","http://89.46.223.247/AB4g5/Josho.arm4","offline","malware_download","None","https://urlhaus.abuse.ch/url/102806/"
-"102805","2019-01-14 06:30:17","http://89.46.223.247/AB4g5/Josho.mpsl","online","malware_download","None","https://urlhaus.abuse.ch/url/102805/"
-"102804","2019-01-14 06:30:11","http://89.46.223.247/AB4g5/Josho.mips","online","malware_download","None","https://urlhaus.abuse.ch/url/102804/"
-"102803","2019-01-14 06:30:03","http://89.46.223.247/AB4g5/Josho.x86","online","malware_download","None","https://urlhaus.abuse.ch/url/102803/"
-"102801","2019-01-14 06:29:16","http://89.46.223.247/AB4g5/Josho.m68k","online","malware_download","None","https://urlhaus.abuse.ch/url/102801/"
-"102802","2019-01-14 06:29:16","http://89.46.223.247/AB4g5/Josho.sh4","online","malware_download","None","https://urlhaus.abuse.ch/url/102802/"
-"102800","2019-01-14 06:29:15","http://89.46.223.247/AB4g5/Josho.ppc","online","malware_download","None","https://urlhaus.abuse.ch/url/102800/"
-"102798","2019-01-14 06:29:03","http://89.46.223.247/AB4g5/Josho.arm6","online","malware_download","None","https://urlhaus.abuse.ch/url/102798/"
-"102799","2019-01-14 06:29:03","http://89.46.223.247/AB4g5/Josho.arm7","online","malware_download","None","https://urlhaus.abuse.ch/url/102799/"
-"102797","2019-01-14 06:29:02","http://89.46.223.247/AB4g5/Josho.arm5","online","malware_download","None","https://urlhaus.abuse.ch/url/102797/"
+"102805","2019-01-14 06:30:17","http://89.46.223.247/AB4g5/Josho.mpsl","offline","malware_download","None","https://urlhaus.abuse.ch/url/102805/"
+"102804","2019-01-14 06:30:11","http://89.46.223.247/AB4g5/Josho.mips","offline","malware_download","None","https://urlhaus.abuse.ch/url/102804/"
+"102803","2019-01-14 06:30:03","http://89.46.223.247/AB4g5/Josho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/102803/"
+"102801","2019-01-14 06:29:16","http://89.46.223.247/AB4g5/Josho.m68k","offline","malware_download","None","https://urlhaus.abuse.ch/url/102801/"
+"102802","2019-01-14 06:29:16","http://89.46.223.247/AB4g5/Josho.sh4","offline","malware_download","None","https://urlhaus.abuse.ch/url/102802/"
+"102800","2019-01-14 06:29:15","http://89.46.223.247/AB4g5/Josho.ppc","offline","malware_download","None","https://urlhaus.abuse.ch/url/102800/"
+"102798","2019-01-14 06:29:03","http://89.46.223.247/AB4g5/Josho.arm6","offline","malware_download","None","https://urlhaus.abuse.ch/url/102798/"
+"102799","2019-01-14 06:29:03","http://89.46.223.247/AB4g5/Josho.arm7","offline","malware_download","None","https://urlhaus.abuse.ch/url/102799/"
+"102797","2019-01-14 06:29:02","http://89.46.223.247/AB4g5/Josho.arm5","offline","malware_download","None","https://urlhaus.abuse.ch/url/102797/"
 "102796","2019-01-14 06:12:25","http://tarssdsfdfsdr23.ru/13/_output190B860rr.exe","offline","malware_download","AZORult,BetaBot,exe,powershell,ps1,Ransomware","https://urlhaus.abuse.ch/url/102796/"
 "102795","2019-01-14 06:12:19","http://tarssdsfdfsdr23.ru/13/rr_Protected.exe","offline","malware_download","AZORult,BetaBot,exe,powershell,ps1,Ransomware","https://urlhaus.abuse.ch/url/102795/"
 "102794","2019-01-14 06:12:05","http://185.246.154.139/bins/sora.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/102794/"
@@ -26154,12 +28000,12 @@
 "102568","2019-01-11 21:13:03","http://oebuplo.000webhostapp.com/uploads/logger123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102568/"
 "102566","2019-01-11 21:11:02","http://oebuplo.000webhostapp.com/uploads/file1z.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/102566/"
 "102565","2019-01-11 21:10:06","http://oebuplo.000webhostapp.com/uploads/btcone.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102565/"
-"102564","2019-01-11 20:26:07","http://down.soft.6789.net/packet/Kankan_Latest.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102564/"
-"102563","2019-01-11 20:24:17","https://down.soft.6789.net/channel/Zip/6789Zip_121.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102563/"
-"102562","2019-01-11 20:24:10","http://down.soft.6789.net/channel/Zip/6789Zip_125.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102562/"
-"102561","2019-01-11 20:21:09","https://down.soft.6789.net/channel/Zip/6789Zip_126.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102561/"
+"102564","2019-01-11 20:26:07","http://down.soft.6789.net/packet/Kankan_Latest.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102564/"
+"102563","2019-01-11 20:24:17","https://down.soft.6789.net/channel/Zip/6789Zip_121.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102563/"
+"102562","2019-01-11 20:24:10","http://down.soft.6789.net/channel/Zip/6789Zip_125.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102562/"
+"102561","2019-01-11 20:21:09","https://down.soft.6789.net/channel/Zip/6789Zip_126.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102561/"
 "102560","2019-01-11 20:19:24","http://puffsncakes.com/wp-content/themes/pridmag/Application_cancellation_request_form.doc","offline","malware_download","doc,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/102560/"
-"102559","2019-01-11 20:19:23","http://down.soft.6789.net/channel/News/6789News_49.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102559/"
+"102559","2019-01-11 20:19:23","http://down.soft.6789.net/channel/News/6789News_49.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102559/"
 "102558","2019-01-11 20:12:08","http://img.martatovaglieri.com/index?10956","offline","malware_download","andromeda,exe,gootkit,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/102558/"
 "102557","2019-01-11 20:12:07","http://morgem.ru/xxx/39.exe","offline","malware_download","exe,rat","https://urlhaus.abuse.ch/url/102557/"
 "102555","2019-01-11 20:12:04","http://morgem.ru/xxx/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102555/"
@@ -27008,7 +28854,7 @@
 "101712","2019-01-06 07:16:04","http://142.11.219.20/bins/katana.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101712/"
 "101711","2019-01-06 07:16:03","http://142.11.219.20/bins/katana.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101711/"
 "101710","2019-01-06 07:15:03","http://104.168.171.186/cron","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101710/"
-"101709","2019-01-06 05:42:18","http://c.pieshua.com/exe/Setup_402.gif","offline","malware_download","exe","https://urlhaus.abuse.ch/url/101709/"
+"101709","2019-01-06 05:42:18","http://c.pieshua.com/exe/Setup_402.gif","online","malware_download","exe","https://urlhaus.abuse.ch/url/101709/"
 "101708","2019-01-06 04:10:05","http://209.141.57.94/Josho.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101708/"
 "101707","2019-01-06 04:09:06","http://209.141.57.94/Josho.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101707/"
 "101706","2019-01-06 04:09:04","http://209.141.57.94/Josho.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101706/"
@@ -28607,7 +30453,7 @@
 "100107","2018-12-28 06:08:04","http://o24o.ru/interes.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100107/"
 "100106","2018-12-28 06:08:03","http://o24o.ru/dg.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100106/"
 "100105","2018-12-28 05:54:05","http://o24o.ru/bies.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100105/"
-"100104","2018-12-28 05:53:10","http://p2.lingpao8.com/Dragoon/20150218_L.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/100104/"
+"100104","2018-12-28 05:53:10","http://p2.lingpao8.com/Dragoon/20150218_L.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/100104/"
 "100103","2018-12-28 05:32:03","https://uploadexe.com/uploads/5c0eea9d8b1caunimat.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/100103/"
 "100102","2018-12-28 05:28:03","https://uploadexe.com/uploads/5c130869bde72mshta.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/100102/"
 "100101","2018-12-28 05:27:03","http://upload-exe.me/lT3CWbUKQj.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100101/"
@@ -28847,7 +30693,7 @@
 "99866","2018-12-26 11:29:27","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/Trojan-Dropper.Win32.ZomJoiner.25.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99866/"
 "99865","2018-12-26 11:29:26","http://dx111.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99865/"
 "99864","2018-12-26 11:29:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2016%20Hacking%20Webservers/webdav-gui/webdav-gui.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99864/"
-"99863","2018-12-26 11:27:07","http://www.softhy.net/softhy.net_down/cs4softhy.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99863/"
+"99863","2018-12-26 11:27:07","http://www.softhy.net/softhy.net_down/cs4softhy.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99863/"
 "99861","2018-12-26 11:26:29","http://dx111.downyouxi.com/ailisizhisi3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99861/"
 "99862","2018-12-26 11:26:29","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Tiny%20TCP%20Firewall/afxfw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99862/"
 "99860","2018-12-26 11:25:33","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/netbus17/NetBus.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99860/"
@@ -28865,7 +30711,7 @@
 "99848","2018-12-26 10:20:31","http://www.softhy.net/softhy.net_down/cs6softhy.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/99848/"
 "99847","2018-12-26 10:20:20","http://tantarantantan23.ru/24/a_Protected.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/99847/"
 "99846","2018-12-26 10:18:29","http://www.softhy.net/softhy.net_down/dedesupertabs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99846/"
-"99845","2018-12-26 10:09:15","http://www.softhy.net/softhy.net_down/5qq0free.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99845/"
+"99845","2018-12-26 10:09:15","http://www.softhy.net/softhy.net_down/5qq0free.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99845/"
 "99844","2018-12-26 10:07:00","http://tantarantantan23.ru/24/_output55A1800ars.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/99844/"
 "99843","2018-12-26 10:06:30","http://tantarantantan23.ru/24/ajhvguygjhl_signed.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99843/"
 "99842","2018-12-26 10:01:07","http://tantarantantan23.ru/24/r2_Protected.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/99842/"
@@ -29189,10 +31035,10 @@
 "99524","2018-12-25 04:00:04","http://tendep.com/hinhanh/thuvienanh/sad.exe","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/99524/"
 "99523","2018-12-25 03:58:10","http://tendep.com/hinhanh/rosinject.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99523/"
 "99522","2018-12-25 03:42:04","http://tendep.com/hinhanh/payload.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99522/"
-"99521","2018-12-25 03:39:32","http://mv360.net/MV360_ACTIVEX_2.5.2.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99521/"
+"99521","2018-12-25 03:39:32","http://mv360.net/MV360_ACTIVEX_2.5.2.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/99521/"
 "99520","2018-12-25 03:27:07","http://newbiecontest.org/epreuves/stega/stega11.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99520/"
 "99519","2018-12-25 03:27:05","https://www.newbiecontest.org/epreuves/stega/stega11.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99519/"
-"99518","2018-12-25 03:16:28","http://mv360.net/mv360_activex.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99518/"
+"99518","2018-12-25 03:16:28","http://mv360.net/mv360_activex.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99518/"
 "99517","2018-12-25 03:06:04","http://81.133.236.83:13241/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/99517/"
 "99516","2018-12-25 02:46:04","http://inscribesignage.com/wp-admin/js/mt.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99516/"
 "99515","2018-12-25 02:45:05","http://inscribesignage.com/wp-admin/images/upload.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99515/"
@@ -29565,7 +31411,7 @@
 "99135","2018-12-22 20:18:04","http://139.59.94.9/bins/sector.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99135/"
 "99134","2018-12-22 20:18:02","http://139.59.94.9/vb/sector.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99134/"
 "99133","2018-12-22 19:09:03","http://interciencia.es/tTAO-X0O_XQqG-Kj/PaymentStatus/En_us/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","doc","https://urlhaus.abuse.ch/url/99133/"
-"99132","2018-12-22 17:44:16","http://nanhoo.com/DOWNLOAD/IPSETUP.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99132/"
+"99132","2018-12-22 17:44:16","http://nanhoo.com/DOWNLOAD/IPSETUP.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/99132/"
 "99131","2018-12-22 17:43:02","http://nanhoo.com/oo/downloadlist.asp?id=12&FilePath=/download/pso.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99131/"
 "99130","2018-12-22 17:40:06","http://nanhoo.com/download/email.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99130/"
 "99129","2018-12-22 17:35:04","http://nanhoo.com/oo/downloadlist.asp?id=30&FilePath=/download/so.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99129/"
@@ -29788,7 +31634,7 @@
 "98912","2018-12-21 20:01:33","http://wt120.downyouxi.com/dadaopengke.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98912/"
 "98911","2018-12-21 20:01:18","http://wt120.downyouxi.com/wujinmaoxianzhilv.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98911/"
 "98910","2018-12-21 19:57:23","http://wt120.downyouxi.com/xiangsuqishi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98910/"
-"98909","2018-12-21 19:56:11","http://patch3.51mag.com/2011/FarCry2v1.03T9.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98909/"
+"98909","2018-12-21 19:56:11","http://patch3.51mag.com/2011/FarCry2v1.03T9.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98909/"
 "98908","2018-12-21 19:54:05","http://wt120.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98908/"
 "98907","2018-12-21 19:45:09","https://uc0345930e4753c66fb4311de6e2.dl.dropboxusercontent.com/cd/0/get/AX7Ju47fNMElBkXjaWpfl2WoRpvjphrT4Js8QH9lrIb3hhrmwkc_PTjO2g6o7r3Tj8wDGgEnJbSY9n5oY3658r_GD2i3ppabDH6BTAVI_JEdQqo-M6s2Sgx9DexK34CiT16Cxk5i2Ic6OQ6Hkf1uD7Q2yyQaLRaDqOGozvxozSJrwXKVb9po_Aaq7UX2TwMvlTE/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98907/"
 "98906","2018-12-21 19:44:10","http://suporteatendimentorh.com/web?NBOXamp;xc75362dad4a9da06941b7dc3d6915ac64selectedfolderINBOX","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98906/"
@@ -29798,7 +31644,7 @@
 "98902","2018-12-21 19:42:29","http://wt120.downyouxi.com/22loujialidibeiju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98902/"
 "98901","2018-12-21 19:41:24","http://patch3.51mag.com/2013/ali213-alienscolonialmarine.8_aobeta_fixed.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98901/"
 "98900","2018-12-21 19:41:15","http://wt120.downyouxi.com/tankedajuezhan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98900/"
-"98899","2018-12-21 19:36:51","http://patch3.51mag.com/2013/ali213-mp3+11tr-lng_v1.0.0.114.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98899/"
+"98899","2018-12-21 19:36:51","http://patch3.51mag.com/2013/ali213-mp3+11tr-lng_v1.0.0.114.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98899/"
 "98898","2018-12-21 19:36:29","http://patch3.51mag.com/2012/cry2me+7tr-lng.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98898/"
 "98897","2018-12-21 19:35:23","http://wt120.downyouxi.com/gumuliying2huangjinbanhuangjinmianju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98897/"
 "98896","2018-12-21 19:10:04","http://ajaygoyal.in/doc/aby/bouyt.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/98896/"
@@ -30059,10 +31905,10 @@
 "98631","2018-12-21 06:01:17","http://wikaconsulting.com/js/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98631/"
 "98630","2018-12-21 06:01:08","https://fastimmo.fr/wp-includes/ID3/sserv.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98630/"
 "98629","2018-12-21 06:01:04","http://jenniferdouglasliterarypublicist.com/wp-content/themes/superfast/languages/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/98629/"
-"98628","2018-12-21 06:01:03","https://www.hostingcloud.science/6NQq.js","offline","malware_download","None","https://urlhaus.abuse.ch/url/98628/"
+"98628","2018-12-21 06:01:03","https://www.hostingcloud.science/6NQq.js","online","malware_download","None","https://urlhaus.abuse.ch/url/98628/"
 "98627","2018-12-21 06:00:11","https://tagmanager.vn//wp-content/themes/pridmag/sup.exe","offline","malware_download","exe,Retefe","https://urlhaus.abuse.ch/url/98627/"
 "98626","2018-12-21 05:52:04","http://dianneholman.com/R4YEKTW.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98626/"
-"98625","2018-12-21 05:51:13","http://patch3.51mag.com/newpatch21/ss4trn.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98625/"
+"98625","2018-12-21 05:51:13","http://patch3.51mag.com/newpatch21/ss4trn.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98625/"
 "98624","2018-12-21 05:51:08","http://influentialparenting.org/blog/wp-content/plugins/Theme-Crystal/FlashPlayer_Update.cpl","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98624/"
 "98623","2018-12-21 05:51:02","http://tiras.org/ordine.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98623/"
 "98622","2018-12-21 05:26:02","http://uploadexe.com/uploads/5c1ac26d5a3ba025580784.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98622/"
@@ -30231,7 +32077,7 @@
 "98459","2018-12-20 20:40:29","http://www.farmasiteam.com/Amazon/En_us/Payments_details/2018-12/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98459/"
 "98458","2018-12-20 20:40:28","http://meine-gartenstadt.at/Amazon/Clients_transactions/122018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98458/"
 "98457","2018-12-20 20:40:27","http://shimono.ymie.org/OXOi-2aW_nTbXYF-Bu/InvoiceCodeChanges/En_us/Past-Due-Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98457/"
-"98456","2018-12-20 20:40:24","http://wavemusicstore.com/AMAZON/Information/12_18/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98456/"
+"98456","2018-12-20 20:40:24","http://wavemusicstore.com/AMAZON/Information/12_18/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98456/"
 "98455","2018-12-20 20:40:22","http://astrodeepakdubey.in/CXBWJMYMB2610489/Rechnung/FORM/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98455/"
 "98454","2018-12-20 20:40:21","http://smartmoneylife.com/Dezember2018/NBECPBME9543598/Scan/Hilfestellung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98454/"
 "98453","2018-12-20 20:40:19","http://pntsite.ir/de_DE/ODTFME8868196/Bestellungen/RECH/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/98453/"
@@ -30879,7 +32725,7 @@
 "97805","2018-12-19 14:42:04","http://voapros.com/isPGE-e8cp4EJMV_YOwHSrSvT-i3U/ACH/PaymentInfo/newsletter/US/Invoices-attached/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97805/"
 "97804","2018-12-19 14:41:29","http://totalcommunicationinc.com/wp-content/uploads/2016/De_de/DBATYGF1305567/Bestellungen/RECHNUNG/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97804/"
 "97803","2018-12-19 14:41:27","http://thefanembassy.com/CrnCb-7a6PAiKE2_DYSD-gpq/COMET/SIGNS/PAYMENT/NOTIFICATION/12/19/2018/FILE/En_us/Invoices-attached/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97803/"
-"97802","2018-12-19 14:41:25","http://thedopplershift.co.uk/aOefH-SQEf03g2_C-s3/ACH/PaymentAdvice/INFO/En_us/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97802/"
+"97802","2018-12-19 14:41:25","http://thedopplershift.co.uk/aOefH-SQEf03g2_C-s3/ACH/PaymentAdvice/INFO/En_us/Need-to-send-the-attachment/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97802/"
 "97801","2018-12-19 14:41:24","http://street-fashion-guide.ru/De/XFBMFU6227781/Rechnung/Hilfestellung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97801/"
 "97800","2018-12-19 14:41:22","http://sosh47.citycheb.ru/DE_de/NNXSNNL8323484/Rechnungskorrektur/DETAILS/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97800/"
 "97799","2018-12-19 14:41:21","http://segmentsolutions.com/tjnDE-FuBQhD6b_my-P6N/INVOICE/xerox/En_us/Past-Due-Invoices/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97799/"
@@ -31078,7 +32924,7 @@
 "97601","2018-12-19 05:51:04","http://bingge168.com/Ref/087650903263FILE/En/Open-invoices","offline","malware_download","doc","https://urlhaus.abuse.ch/url/97601/"
 "97600","2018-12-19 05:29:05","http://mirabaimusic.com/kyzPg-V163ASyExgk2DTF_mhNhGmeNN-sUr/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/97600/"
 "97599","2018-12-19 05:28:34","http://riskrock.com/Amazon/Clients_Messages/2018-12","offline","malware_download","None","https://urlhaus.abuse.ch/url/97599/"
-"97598","2018-12-19 05:28:32","http://skytechretail.co.uk/kMKOQ-D8sSbMcRvbCeY0Q_dMLpEgUvM-IcU/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/97598/"
+"97598","2018-12-19 05:28:32","http://skytechretail.co.uk/kMKOQ-D8sSbMcRvbCeY0Q_dMLpEgUvM-IcU/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/97598/"
 "97597","2018-12-19 05:08:38","http://googletime.ac.ug/17b/_output55FD3D0r1.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/97597/"
 "97596","2018-12-19 05:08:07","http://beldverkom.ru/jIhjm-S0zApiA1AwwLFcv_soJZqWYK-wJ/INV/0482150FORPO/9365821083/LLC/EN_en/Past-Due-Invoice","offline","malware_download","doc","https://urlhaus.abuse.ch/url/97596/"
 "97595","2018-12-19 05:08:02","http://23.254.201.234/vb/xxx.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/97595/"
@@ -32867,7 +34713,7 @@
 "95759","2018-12-15 21:55:04","http://tecnologiatech.com/wp-content/themes/poseidon/images/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95759/"
 "95758","2018-12-15 21:54:48","https://immobiliere-olivier.com/wp-includes/ID3/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95758/"
 "95757","2018-12-15 21:54:45","http://obseques-conseils.com/wp-content/cache/busting/sserv.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95757/"
-"95756","2018-12-15 21:54:44","http://cesan-yuni.com/templates/protostar/less/sserv.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95756/"
+"95756","2018-12-15 21:54:44","http://cesan-yuni.com/templates/protostar/less/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95756/"
 "95755","2018-12-15 21:54:41","http://phukienmayphatdien.xyz/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95755/"
 "95754","2018-12-15 21:54:33","http://spicenday.com/wp-content/themes/advance-portfolio/template-parts/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95754/"
 "95753","2018-12-15 21:54:29","http://dash.simplybackers.com/api/css/images/sserv.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95753/"
@@ -33758,9 +35604,9 @@
 "94858","2018-12-14 05:49:10","http://46.29.167.53/hakai.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/94858/"
 "94857","2018-12-14 05:49:10","http://ini.58qz.com/soft/58wangwei/anhui-000010.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94857/"
 "94856","2018-12-14 05:48:02","http://spth.virii.lu/monad.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94856/"
-"94855","2018-12-14 05:47:11","http://ini.egkj.com/soft/58wangwei/musicclub.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94855/"
+"94855","2018-12-14 05:47:11","http://ini.egkj.com/soft/58wangwei/musicclub.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94855/"
 "94854","2018-12-14 05:47:10","http://s.51shijuan.com/cz09/51cz200908105172se.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/94854/"
-"94853","2018-12-14 05:47:05","http://ini.egkj.com/soft/58wangwei/merlin.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94853/"
+"94853","2018-12-14 05:47:05","http://ini.egkj.com/soft/58wangwei/merlin.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94853/"
 "94852","2018-12-14 05:46:07","http://teamfluegel.com/WU_Receipt01.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94852/"
 "94851","2018-12-14 05:46:04","https://sites.google.com/a/cvcatholic.org/middle-school-reading/home/participation-discussion-rubric/participation:discussionrubric.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/94851/"
 "94850","2018-12-14 05:46:03","http://www.itwss.com/wp-content/themes/sydney/bolu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/94850/"
@@ -34479,14 +36325,14 @@
 "94058","2018-12-13 04:23:03","http://mgupta.me/EXT/PaymentStatus/Corporation/US_us/Service-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94058/"
 "94057","2018-12-13 04:01:06","http://skycnxz2.wy119.com/2/ccmfly_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94057/"
 "94056","2018-12-13 04:01:02","http://ulco.tv/IRS/Tax-Account-Transcript","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94056/"
-"94055","2018-12-13 04:00:44","http://skycnxz2.wy119.com/dgjbkm_fr.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94055/"
+"94055","2018-12-13 04:00:44","http://skycnxz2.wy119.com/dgjbkm_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94055/"
 "94054","2018-12-13 04:00:31","http://skycnxz2.wy119.com/3/xkfyz84xxxq_fr.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94054/"
-"94053","2018-12-13 03:59:10","http://skycnxz2.wy119.com/2/qqkjspcj_fr.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94053/"
+"94053","2018-12-13 03:59:10","http://skycnxz2.wy119.com/2/qqkjspcj_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94053/"
 "94052","2018-12-13 03:59:01","http://31.207.35.116/wordpress/doc/US_us/Invoices-Overdue","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94052/"
 "94051","2018-12-13 03:58:02","http://31.207.35.116/wordpress/PaymentStatus/LLC/En_us/Invoice-for-b/k-12/10/2018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94051/"
-"94050","2018-12-13 03:40:08","http://skycnxz2.wy119.com/2/jxwzgj_fr.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94050/"
+"94050","2018-12-13 03:40:08","http://skycnxz2.wy119.com/2/jxwzgj_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94050/"
 "94049","2018-12-13 03:39:02","http://travelcentreny.com/Inv/5547289622/Corporation/En_us/Invoices-attached","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94049/"
-"94048","2018-12-13 03:22:12","http://skycnxz2.wy119.com/yuegft_fr.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94048/"
+"94048","2018-12-13 03:22:12","http://skycnxz2.wy119.com/yuegft_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94048/"
 "94047","2018-12-13 03:07:11","http://wxbsc.hzgjp.com/fz2/setup/silverlight5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/94047/"
 "94046","2018-12-13 01:24:48","http://185.162.88.237:96/inv.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/94046/"
 "94045","2018-12-13 01:23:02","http://www.progettopersianas.com.br/INVOICE/sites/EN_en/Invoice-9290167","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94045/"
@@ -34701,7 +36547,7 @@
 "93829","2018-12-12 19:37:07","http://spina.pl/wordpress/EN_US/Clients_information/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/93829/"
 "93828","2018-12-12 19:37:06","http://shopguru365.com/En_us/Transactions-details/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/93828/"
 "93827","2018-12-12 19:37:04","http://stomper.ml/EN_US/Clients/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/93827/"
-"93826","2018-12-12 19:21:35","http://htxl.cn/WordTracker/WordTracker.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/93826/"
+"93826","2018-12-12 19:21:35","http://htxl.cn/WordTracker/WordTracker.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/93826/"
 "93825","2018-12-12 19:20:02","https://minfln.ru/gov/arbitrage/povestka_12.12.docx","offline","malware_download","exe","https://urlhaus.abuse.ch/url/93825/"
 "93824","2018-12-12 19:19:03","http://62.162.127.182:40797/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/93824/"
 "93823","2018-12-12 19:16:09","http://www.construccioneslumag.es/INVOICE/scan/En_us/Paid-Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93823/"
@@ -38180,7 +40026,7 @@
 "90260","2018-12-06 16:12:07","http://minterburn.co.uk/newsletter/En_us/Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90260/"
 "90259","2018-12-06 16:12:05","http://mtaconsulting.com/newsletter/EN_en/Invoice-for-o/k-12/06/2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90259/"
 "90258","2018-12-06 16:12:03","http://kolny.cz/IRS.GOV/IRS-Transcript-treasury-gov/Verification-of-Non-filing-Letter/December-06-2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90258/"
-"90257","2018-12-06 16:04:21","http://tcy.198424.com/12YKGYY.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/90257/"
+"90257","2018-12-06 16:04:21","http://tcy.198424.com/12YKGYY.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/90257/"
 "90256","2018-12-06 15:55:26","http://arreyhotels.com.br/wp-admin/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90256/"
 "90255","2018-12-06 15:55:25","http://seasonsfamilymedicine.com/wp-includes/pomo/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90255/"
 "90254","2018-12-06 15:55:23","http://silverstoltsen.com/wp-content/plugins/facebook-comments-plugin/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90254/"
@@ -39386,7 +41232,7 @@
 "89037","2018-12-05 00:12:07","http://iberias.ge/PFGbVX0Nl","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89037/"
 "89036","2018-12-05 00:12:05","http://fortifi.com/bECoyZ4dr","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89036/"
 "89035","2018-12-05 00:12:03","http://kosses.nl/s7U7gvF","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89035/"
-"89034","2018-12-04 23:21:13","http://tcy.198424.com/SUIJICHOUQIANCX.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/89034/"
+"89034","2018-12-04 23:21:13","http://tcy.198424.com/SUIJICHOUQIANCX.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/89034/"
 "89033","2018-12-04 23:21:09","http://46.17.47.73/vodity.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/89033/"
 "89032","2018-12-04 22:46:09","http://websitedesigngarden.com/k7Xp","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/89032/"
 "89031","2018-12-04 22:46:06","http://itbparnamirim.org/fj","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/89031/"
@@ -39966,7 +41812,7 @@
 "88452","2018-12-04 00:33:05","http://tom-steed.com/pYP5mhsWm/SEP/PrivateBanking","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88452/"
 "88451","2018-12-04 00:33:05","http://venusnevele.be/LLC/En/Outstanding-Invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88451/"
 "88450","2018-12-04 00:33:03","http://adsmith.in/9zPcEumvy1","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88450/"
-"88449","2018-12-04 00:30:14","http://tcy.198424.com/FOLDERENCRYPTORPJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88449/"
+"88449","2018-12-04 00:30:14","http://tcy.198424.com/FOLDERENCRYPTORPJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88449/"
 "88448","2018-12-04 00:19:03","http://carminewarren.com/AwanSite/newsletter/En/Invoices-Overdue","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88448/"
 "88447","2018-12-03 23:52:06","https://a.doko.moe/tkencn.jpg","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/88447/"
 "88446","2018-12-03 23:24:06","http://laparomag.ru/9113BKSMFTUQ/identity/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88446/"
@@ -40199,7 +42045,7 @@
 "88213","2018-12-03 11:54:02","http://yancommato.com/KHZ/diuyz.php?l=leaz2.tkn","offline","malware_download","exe,geofenced,headersfenced,ursnif,USA","https://urlhaus.abuse.ch/url/88213/"
 "88214","2018-12-03 11:54:02","http://yancommato.com/KHZ/diuyz.php?l=leaz3.tkn","offline","malware_download","exe,geofenced,headersfenced,ursnif,USA","https://urlhaus.abuse.ch/url/88214/"
 "88215","2018-12-03 11:54:02","http://yancommato.com/KHZ/diuyz.php?l=leaz4.tkn","offline","malware_download","exe,geofenced,headersfenced,ursnif,USA","https://urlhaus.abuse.ch/url/88215/"
-"88198","2018-12-03 11:19:05","http://test.taichinhtrondoi.com/wp-content/cache/et/3/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/88198/"
+"88198","2018-12-03 11:19:05","http://test.taichinhtrondoi.com/wp-content/cache/et/3/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/88198/"
 "88197","2018-12-03 11:19:04","http://www.newreport.info/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/88197/"
 "88196","2018-12-03 11:10:03","https://robertmerola.com/search/rent.php2","offline","malware_download","AUS,exe,Gozi,ursnif","https://urlhaus.abuse.ch/url/88196/"
 "88195","2018-12-03 11:00:04","http://181.174.57.207:43920/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/88195/"
@@ -40310,8 +42156,8 @@
 "88090","2018-12-03 02:28:05","http://142.93.163.62/armv6l","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88090/"
 "88089","2018-12-03 02:28:04","http://142.93.243.137/bins/hoho.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88089/"
 "88088","2018-12-03 02:28:03","http://142.93.243.137/bins/hoho.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88088/"
-"88087","2018-12-03 02:18:31","http://tcy.198424.com/ZDZWMMSDW.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88087/"
-"88086","2018-12-03 02:17:35","http://tcy.198424.com/CFXCBSFYJWSBMDGJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88086/"
+"88087","2018-12-03 02:18:31","http://tcy.198424.com/ZDZWMMSDW.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88087/"
+"88086","2018-12-03 02:17:35","http://tcy.198424.com/CFXCBSFYJWSBMDGJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88086/"
 "88085","2018-12-03 02:17:04","http://205.209.176.202:2018/999","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88085/"
 "88084","2018-12-03 02:10:09","http://tcy.198424.com/FYP2PZZSSQ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88084/"
 "88083","2018-12-03 02:09:06","http://owwwc.com/mm/BX.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88083/"
@@ -41413,7 +43259,7 @@
 "86983","2018-11-29 15:15:03","http://radiotaxilaguna.com/files/En/Need-to-send-the-attachment/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/86983/"
 "86982","2018-11-29 15:08:05","http://nasdacoin.ru/xmrig.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86982/"
 "86981","2018-11-29 14:50:07","http://update-prog.com/update.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/86981/"
-"86980","2018-11-29 14:49:40","http://tcy.198424.com/WINSOCKZBGJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86980/"
+"86980","2018-11-29 14:49:40","http://tcy.198424.com/WINSOCKZBGJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86980/"
 "86979","2018-11-29 14:38:50","http://en.avtoprommarket.ru/Document/En_us/Open-Past-Due-Orders","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86979/"
 "86978","2018-11-29 14:38:48","http://terrats.biz/default/US_us/ACH-form","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86978/"
 "86977","2018-11-29 14:38:46","http://venturemeets.com/wp-content/sites/US/Service-Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86977/"
@@ -41439,13 +43285,13 @@
 "86957","2018-11-29 14:20:00","http://31.214.240.105/florid/darkrat/plugins/miner/gpuamd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86957/"
 "86956","2018-11-29 14:19:58","http://31.214.240.105/florid/darkrat/plugins/updater/system.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86956/"
 "86955","2018-11-29 14:19:57","http://31.214.240.105/florid/darkrat/plugins/miner/cpu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86955/"
-"86954","2018-11-29 14:19:54","http://tcy.198424.com/YIJIANJUYUWANGWENJIANGXRJ.RAR","online","malware_download","rar","https://urlhaus.abuse.ch/url/86954/"
+"86954","2018-11-29 14:19:54","http://tcy.198424.com/YIJIANJUYUWANGWENJIANGXRJ.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/86954/"
 "86953","2018-11-29 14:17:06","http://symbisystems.com/PL9qSNRM6","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86953/"
 "86952","2018-11-29 14:17:03","http://sevensites.es/NhG0JMO","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86952/"
 "86951","2018-11-29 14:17:01","http://tccrennes.fr/n7KoD5DB5W","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86951/"
 "86950","2018-11-29 14:17:00","http://reflectionpress.com/mm7GGS7ie","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86950/"
 "86949","2018-11-29 14:16:58","http://rabinovicionline.com/GWBhWrqx0","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86949/"
-"86948","2018-11-29 14:16:55","http://tcy.198424.com/GTQQKJSSCQQ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86948/"
+"86948","2018-11-29 14:16:55","http://tcy.198424.com/GTQQKJSSCQQ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86948/"
 "86947","2018-11-29 14:14:04","http://sjpowersolution.com/wp-content/themes/store/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86947/"
 "86946","2018-11-29 14:11:12","http://shannonmolloy.com/En/CyberMonday2018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86946/"
 "86945","2018-11-29 14:11:10","http://siteme.com/En/Clients_CM_Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86945/"
@@ -42049,7 +43895,7 @@
 "86340","2018-11-28 14:50:05","http://201.68.165.46:26272/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86340/"
 "86339","2018-11-28 14:49:08","http://175.151.123.42:27756/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86339/"
 "86338","2018-11-28 14:38:12","http://gonorthhalifax.com/ffmoJjv8/de_DE/IhreSparkasse","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86338/"
-"86337","2018-11-28 14:29:09","http://tcy.198424.com/JIUYUANQQALICEFREE.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86337/"
+"86337","2018-11-28 14:29:09","http://tcy.198424.com/JIUYUANQQALICEFREE.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86337/"
 "86336","2018-11-28 14:28:04","https://omalleyco-my.sharepoint.com/:u:/g/personal/emma_sho_co_nz/EbQRIY4HsDlHhnMvJxGtgwoB9UgiLMLTNvyfdl5CFWqSbw?e=GftPPW&download=1","offline","malware_download","Gozi,vbs,zip","https://urlhaus.abuse.ch/url/86336/"
 "86335","2018-11-28 14:27:11","http://borich.ru/dkYtO2YM","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86335/"
 "86334","2018-11-28 14:27:09","http://shreeconstructions.co.in/737ZDAS/SEP/S6rjgxh","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86334/"
@@ -42614,7 +44460,7 @@
 "85770","2018-11-27 15:54:44","http://thacci.com.br/En/CM2018-COUPONS/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/85770/"
 "85769","2018-11-27 15:54:42","http://s18501.p519.sites.pressdns.com/EN/CM2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/85769/"
 "85768","2018-11-27 15:54:40","http://neilakessler.com/En/CyberMonday2018/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/85768/"
-"85767","2018-11-27 15:54:39","http://mdc-chain.com/En/Coupons/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/85767/"
+"85767","2018-11-27 15:54:39","http://mdc-chain.com/En/Coupons/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/85767/"
 "85766","2018-11-27 15:54:38","http://imabrifilms.com/En/Clients_CyberMonday_Coupons/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/85766/"
 "85765","2018-11-27 15:54:37","http://en.avtoprommarket.ru/EN/CyberMonday/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/85765/"
 "85764","2018-11-27 15:54:36","http://bladefitness.in/En/CM2018-COUPONS/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/85764/"
@@ -45085,7 +46931,7 @@
 "83255","2018-11-20 22:44:03","http://telechargini.com/last/update/UpdateJava8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/83255/"
 "83254","2018-11-20 22:43:05","http://178.128.202.253/bins/onryo.arm6","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83254/"
 "83253","2018-11-20 22:43:04","http://178.128.202.253/bins/onryo.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83253/"
-"83252","2018-11-20 22:43:03","http://201.168.151.182:61146/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/83252/"
+"83252","2018-11-20 22:43:03","http://201.168.151.182:61146/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83252/"
 "83251","2018-11-20 22:34:06","http://www.xeggufhxmczp.tw/ooqnlm/20272_889200.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/83251/"
 "83250","2018-11-20 22:34:03","http://www.yxuwxpqjtdmj.tw/jqcyeo/180212_403464.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/83250/"
 "83249","2018-11-20 22:24:05","http://rutesil.com/US/Payments/112018/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/83249/"
@@ -47137,7 +48983,7 @@
 "81154","2018-11-15 20:44:10","http://thenewerabeauty.com/En_us/Clients_information/112018","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/81154/"
 "81153","2018-11-15 20:44:09","http://web.smakristen1sltg.sch.id/En_us/Clients/112018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81153/"
 "81152","2018-11-15 20:44:08","http://ulukantasarim.com/wp-admin/EN_US/Documents/2018-11","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81152/"
-"81151","2018-11-15 20:44:07","http://anyes.com.cn/En_us/Clients/11_18","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81151/"
+"81151","2018-11-15 20:44:07","http://anyes.com.cn/En_us/Clients/11_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81151/"
 "81150","2018-11-15 20:44:05","http://interieurbouwburgum.nl/EN_US/Clients_transactions/11_18","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/81150/"
 "81149","2018-11-15 20:44:04","https://mandrillapp.com/track/click/30970997/leparadisresorts.com?p=eyJzIjoiSjB3b3JtVUsycXo0RXJhcUpMd3VfZFBFdERNIiwidiI6MSwicCI6IntcInVcIjozMDk3MDk5NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvbGVwYXJhZGlzcmVzb3J0cy5jb21cXFwvRW5fdXNcXFwvUGF5bWVudHNcXFwvMTFfMThcIixcImlkXCI6XCIzZjU1NTYzZDkzOGY0MjcxOWYyZDMwNjZmOWM4ZmVjN1wiLFwidXJsX2lkc1wiOltcImExOTA4ZDNiNmI4NTU5MzhmZDU1YWQ3MjhhMDBlMzljOTZkYTdjZDJcIl19In0","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/81149/"
 "81148","2018-11-15 20:30:05","https://spacepropertyestatecomau-my.sharepoint.com/:u:/g/personal/admin_spacepropertyestate_com_au/ESro3e-7K-NFg4EjQPhVmBwBw5pBrKYNLJgScHLqKP0hkw?e=A9dDMB&download=1","offline","malware_download","AUS,ursnif,zipped-VBS","https://urlhaus.abuse.ch/url/81148/"
@@ -49272,7 +51118,7 @@
 "78957","2018-11-12 23:14:04","http://dzunnuroin.org/eXWGz2nzw4/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78957/"
 "78956","2018-11-12 23:13:08","http://clubcoras.com/649BRQJNXK/SEP/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78956/"
 "78955","2018-11-12 23:13:07","http://arbaniwisata.com/wp-admin/DKKBEUPW/de/IhreSparkasse/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78955/"
-"78954","2018-11-12 23:13:05","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78954/"
+"78954","2018-11-12 23:13:05","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78954/"
 "78953","2018-11-12 23:13:03","http://altaredlife.com/954675G/com/US/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78953/"
 "78952","2018-11-12 23:13:02","http://184.154.53.181/chatlocaly_live/8824H/WIRE/Commercial/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/78952/"
 "78951","2018-11-12 23:12:05","http://sanchezgacha.com/FUD1111.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/78951/"
@@ -49283,7 +51129,7 @@
 "78946","2018-11-12 23:11:04","http://iclikoftesiparisalinir.com/AiF52tK6sNenhTpK/SEP/PrivateBanking","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78946/"
 "78945","2018-11-12 23:11:03","http://zerenprofessional.com/4408FKJYPIRL/SEP/Business","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78945/"
 "78944","2018-11-12 23:11:02","http://fire42.com/4327973OZXPQOK/SEP/Personal","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78944/"
-"78943","2018-11-12 23:11:00","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78943/"
+"78943","2018-11-12 23:11:00","http://anyes.com.cn/28UKARLIFN/PAY/Smallbusiness","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78943/"
 "78942","2018-11-12 23:10:53","http://emilyxu.com/cxDjtxJd/DE/Privatkunden","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78942/"
 "78941","2018-11-12 23:10:49","http://tempodecelebrar.org.br/54120MIAYQL/SWIFT/US","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/78941/"
 "78940","2018-11-12 23:10:46","http://u2434969.ct.sendgrid.net/wf/click?upn=WD6m8SjAakLxmIWnIo-2Bhx28pOEn7kpWTh16DjNMnBiRHrm-2B-2FIa2rYjV8DOgZNp6r_uX-2B-2FOWVk0wQO-2FiLAN-2FRXf4GdZ40wtMzyBkhASagjL9D5FcYhIkjq3YH7jPizD6wnjNDf8tOowyhY4CuijpI-2Bq3qQa1jiifRbj-2F2vfqwupVGQA5tYyQPKQOSDHJOh7WwIUs7S6p5esx-2BNv-2FyIg1dj5YRP1Tm9wbsG8F5DuO-2FrkAJ1Ib1u0QF9rfZvPcxp8zF9K7Na-2BDFCIsOxe-2BYMzlVRmppUjrKWN7Rxp2WDzunTYaE-3D","offline","malware_download","emotet","https://urlhaus.abuse.ch/url/78940/"
@@ -52091,10 +53937,10 @@
 "76038","2018-11-07 16:07:16","http://thenutnofastflix2.com/38Kjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76038/"
 "76036","2018-11-07 16:07:15","http://thenutnofastflix2.com/123KKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76036/"
 "76037","2018-11-07 16:07:15","http://thenutnofastflix2.com/226Kjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76037/"
-"76035","2018-11-07 16:07:14","http://thenutnofastflix2.com/viviKjddnnsa.exe","offline","malware_download","exe,Neutrino,Smoke Loader","https://urlhaus.abuse.ch/url/76035/"
+"76035","2018-11-07 16:07:14","http://thenutnofastflix2.com/viviKjddnnsa.exe","online","malware_download","exe,Neutrino,Smoke Loader","https://urlhaus.abuse.ch/url/76035/"
 "76034","2018-11-07 16:07:13","http://thenutnofastflix2.com/74Kjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76034/"
 "76033","2018-11-07 16:07:12","http://thenutnofastflix2.com/17KKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76033/"
-"76032","2018-11-07 16:07:11","http://thenutnofastflix2.com/85aKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76032/"
+"76032","2018-11-07 16:07:11","http://thenutnofastflix2.com/85aKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76032/"
 "76031","2018-11-07 16:07:10","http://thenutnofastflix2.com/156aKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76031/"
 "76030","2018-11-07 16:07:08","https://teal.download.pdfforge.org/op/op.exe","online","malware_download","adware,exe,lavasoft","https://urlhaus.abuse.ch/url/76030/"
 "76029","2018-11-07 16:07:05","https://a.doko.moe/xkqogu.jpg","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/76029/"
@@ -56485,7 +58331,7 @@
 "71610","2018-10-27 23:55:03","http://138.197.99.186/Demon.i686","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71610/"
 "71609","2018-10-27 23:55:02","http://138.197.99.186/Demon.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71609/"
 "71608","2018-10-27 22:40:04","http://site.2zzz.ru/stat/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71608/"
-"71607","2018-10-27 22:28:21","http://xzc.197746.com/superdebug.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/71607/"
+"71607","2018-10-27 22:28:21","http://xzc.197746.com/superdebug.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/71607/"
 "71606","2018-10-27 22:21:02","http://site.2zzz.ru/stat/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71606/"
 "71605","2018-10-27 22:08:32","http://hnphqvlmtdcihkk.usa.cc/YrVpRnnsqwq8oEt.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/71605/"
 "71604","2018-10-27 20:57:06","http://balwelstores.com/templates/enmasse_18/html/com_users/login/chrome.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71604/"
@@ -59368,7 +61214,7 @@
 "68692","2018-10-17 12:38:06","https://c-elysee.joonik.com/dateup.exe","offline","malware_download","HawkEye,Troldesh","https://urlhaus.abuse.ch/url/68692/"
 "68691","2018-10-17 12:30:03","http://idealse.com.br/images/paym/paymentinformation.php","online","malware_download","zip","https://urlhaus.abuse.ch/url/68691/"
 "68689","2018-10-17 12:07:07","http://trotarhub.com/.well-known/pki-validation/chrome.exe","offline","malware_download","Ransomware,RUS,Troldesh","https://urlhaus.abuse.ch/url/68689/"
-"68688","2018-10-17 12:07:03","http://theshoremalacca.com/wp-content/themes/albist-wp/js/oplata.zip","offline","malware_download","RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/68688/"
+"68688","2018-10-17 12:07:03","http://theshoremalacca.com/wp-content/themes/albist-wp/js/oplata.zip","online","malware_download","RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/68688/"
 "68687","2018-10-17 11:53:06","http://faivini.com/build.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/68687/"
 "68686","2018-10-17 11:47:03","http://farsokim.de/pim/vipp.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/68686/"
 "68685","2018-10-17 11:41:15","http://faivini.com/server.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/68685/"
@@ -60006,7 +61852,7 @@
 "68050","2018-10-15 09:34:03","http://w3.153.yhlg.com/UPLOADFILE/2010-7/201000569.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/68050/"
 "68049","2018-10-15 09:33:06","http://marasgezikulubu.com/wp-content/themes/twentyseventeen/inc/chrome.exe","offline","malware_download","HawkEye,Ransomware,RUS,Troldesh","https://urlhaus.abuse.ch/url/68049/"
 "68048","2018-10-15 09:33:04","http://w3.153.yhlg.com/UPLOADFILE/2007-5/ULOCK.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/68048/"
-"68047","2018-10-15 09:33:03","http://thaidocdaitrang.com/wp-includes/ID3/oplata.zip","offline","malware_download","RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/68047/"
+"68047","2018-10-15 09:33:03","http://thaidocdaitrang.com/wp-includes/ID3/oplata.zip","online","malware_download","RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/68047/"
 "68046","2018-10-15 09:32:05","http://w3.153.yhlg.com/UPLOADFILE/2010-3/SMTPMAIL.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/68046/"
 "68045","2018-10-15 09:15:03","https://d.coka.la/0y69SI.jpg","offline","malware_download","AgentTesla,exe,rtfkit","https://urlhaus.abuse.ch/url/68045/"
 "68044","2018-10-15 09:13:02","http://142.93.138.130/ajoomk","offline","malware_download","elf","https://urlhaus.abuse.ch/url/68044/"
@@ -60398,7 +62244,7 @@
 "67646","2018-10-13 18:08:23","http://yulv.net/down/WarZxx163.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/67646/"
 "67645","2018-10-13 18:01:04","http://yulv.net/down/WarMH11.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/67645/"
 "67644","2018-10-13 17:59:06","http://yulv.net/down/VSxRoom40.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/67644/"
-"67643","2018-10-13 17:52:05","http://hookerdeepseafishing.com/pututfi.exe","online","malware_download","exe,Locky","https://urlhaus.abuse.ch/url/67643/"
+"67643","2018-10-13 17:52:05","http://hookerdeepseafishing.com/pututfi.exe","offline","malware_download","exe,Locky","https://urlhaus.abuse.ch/url/67643/"
 "67642","2018-10-13 17:28:17","http://server28.onlineappupdater.com/ww-Online.IO-installer-ic.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67642/"
 "67641","2018-10-13 17:28:14","http://tm-adv.host/tmaster/TweakMASTER.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67641/"
 "67640","2018-10-13 17:28:05","http://randburk.beget.tech/VasaBU123.exe","offline","malware_download","AZORult,exe,rat","https://urlhaus.abuse.ch/url/67640/"
@@ -60582,7 +62428,7 @@
 "67461","2018-10-12 15:27:03","http://geosteelbd.com/PO.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/67461/"
 "67460","2018-10-12 15:26:05","http://geosteelbd.com/PurchaseOrders.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/67460/"
 "67459","2018-10-12 15:26:04","http://geosteelbd.com/bovs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67459/"
-"67458","2018-10-12 15:19:02","http://appliano.com/zscaler/Zscaler-3.2-USA-Win7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/67458/"
+"67458","2018-10-12 15:19:02","http://appliano.com/zscaler/Zscaler-3.2-USA-Win7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67458/"
 "67457","2018-10-12 14:59:02","https://uce9d36d073048f4ee4890be2ac5.dl.dropboxusercontent.com/cd/0/get/AS260TE0Kl2w8LeO7rYtOFf7-8Xk4Bf4ktXvnsmVFzXl8K6sikI8Gn7634vrh6FVI4jR1QOu11ezEM_8hOMTkeAhi9w5X1ubIx5aeX3BGC1ISfEpP-vcdaZwVaAa-R7yUKg1U7r3J8BVfLwZcK0Ohmcprt5e8jxc9fy7n-A4M8YD7AhN32FmMOv50LEuv-_0qD0/file?dl=1","offline","malware_download","exe","https://urlhaus.abuse.ch/url/67457/"
 "67456","2018-10-12 14:39:03","https://www.dropbox.com/s/4fn8ilfyy5c3dti/Contract%20Agreement%20pdf.zip?dl=0","offline","malware_download","NanoCore,rat","https://urlhaus.abuse.ch/url/67456/"
 "67455","2018-10-12 14:28:03","http://geosteelbd.com/PO.exe","offline","malware_download","exe,ImminentRAT,rat","https://urlhaus.abuse.ch/url/67455/"
@@ -61266,11 +63112,11 @@
 "66776","2018-10-11 11:22:03","https://d.coka.la/mD8KuC.jpg","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/66776/"
 "66775","2018-10-11 11:01:03","http://akznqw.com/classa.doc","offline","malware_download","Formbook,RTF","https://urlhaus.abuse.ch/url/66775/"
 "66774","2018-10-11 11:01:02","http://akznqw.com/marlboro.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/66774/"
-"66773","2018-10-11 10:54:24","http://dxdown.2cto.com/ware/201306/0607QQgzzBsq.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/66773/"
+"66773","2018-10-11 10:54:24","http://dxdown.2cto.com/ware/201306/0607QQgzzBsq.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66773/"
 "66772","2018-10-11 10:54:10","http://www.bygoldi.com/wp-content/themes/wipi/includes/chrome.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66772/"
 "66771","2018-10-11 10:54:05","http://ashifrifat.com/wp-content/themes/agama/includes/chrome.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/66771/"
 "66770","2018-10-11 10:52:02","http://104.244.76.210/bins/dark.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66770/"
-"66769","2018-10-11 10:45:18","http://dxdown.2cto.com/ware/201307/0719qqzcrqckq.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66769/"
+"66769","2018-10-11 10:45:18","http://dxdown.2cto.com/ware/201307/0719qqzcrqckq.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/66769/"
 "66768","2018-10-11 10:43:03","http://dxdown.2cto.com/ware/0739/macdzsmq.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/66768/"
 "66767","2018-10-11 10:42:18","http://dxdown.2cto.com/ware/774710/netbox.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66767/"
 "66766","2018-10-11 10:36:11","http://dxdown.2cto.com/ware/9/skiller3.6.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/66766/"
@@ -66378,14 +68224,14 @@
 "61580","2018-09-27 22:45:14","http://pixelcrush.net/En_us/Documents/092018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61580/"
 "61579","2018-09-27 22:35:07","http://palfx.info/Document/En/Invoices-attached","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61579/"
 "61578","2018-09-27 22:25:05","http://177.132.77.115:17590/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/61578/"
-"61577","2018-09-27 22:14:06","http://uxz.didiwl.com/PC/NMCQBTFZ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61577/"
-"61576","2018-09-27 22:13:11","http://uxz.didiwl.com/pc/dsgjrja.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/61576/"
+"61577","2018-09-27 22:14:06","http://uxz.didiwl.com/PC/NMCQBTFZ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61577/"
+"61576","2018-09-27 22:13:11","http://uxz.didiwl.com/pc/dsgjrja.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61576/"
 "61575","2018-09-27 22:13:06","http://baatzconsulting.com/487390VLLB/BIZ/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61575/"
-"61574","2018-09-27 22:04:21","http://uxz.didiwl.com/PC/YSDXYQNFZ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61574/"
-"61573","2018-09-27 22:03:08","http://uxz.didiwl.com/PC/KEKOUKYKCJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61573/"
+"61574","2018-09-27 22:04:21","http://uxz.didiwl.com/PC/YSDXYQNFZ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61574/"
+"61573","2018-09-27 22:03:08","http://uxz.didiwl.com/PC/KEKOUKYKCJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61573/"
 "61572","2018-09-27 22:03:04","http://ruforum.uonbi.ac.ke/wp-content/uploads/En_us/Payments/092018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61572/"
 "61571","2018-09-27 22:02:05","http://kantauri.com/Document/En/Past-Due-Invoices","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61571/"
-"61570","2018-09-27 22:01:06","http://uxz.didiwl.com/PC/LNBCZCJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/61570/"
+"61570","2018-09-27 22:01:06","http://uxz.didiwl.com/PC/LNBCZCJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/61570/"
 "61569","2018-09-27 21:42:45","http://egomall.net/US/Payments/092018","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/61569/"
 "61568","2018-09-27 21:33:08","http://www.dobre-instalacje.pl/logs/recu.exe","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/61568/"
 "61567","2018-09-27 21:33:07","http://49.71.118.101:62734/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/61567/"
@@ -67277,7 +69123,7 @@
 "60669","2018-09-26 01:25:04","https://salesolutn.gdn/KeepAfloat/SysHook32Bits64Batch.exe","offline","malware_download","exe,orcusrat","https://urlhaus.abuse.ch/url/60669/"
 "60668","2018-09-26 01:10:06","http://bestbestbags.com/269720XZTOF/PAYMENT/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60668/"
 "60667","2018-09-26 00:33:23","http://prova.upyourfile.net/8848HDKLCSIB/SWIFT/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60667/"
-"60666","2018-09-26 00:33:19","http://www.cnzjmsa.gov.cn/zj/ggfw/sjfw/cbxx/rdtj/201802/p020180213342400593995.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/60666/"
+"60666","2018-09-26 00:33:19","http://www.cnzjmsa.gov.cn/zj/ggfw/sjfw/cbxx/rdtj/201802/p020180213342400593995.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/60666/"
 "60665","2018-09-26 00:26:05","http://92.63.197.48/vv.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/60665/"
 "60664","2018-09-26 00:00:11","http://gueben.es/539ZDZTBH/BIZ/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60664/"
 "60663","2018-09-25 23:59:05","http://priscawrites.com/Corporation/US/Invoice-for-you","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60663/"
@@ -67934,12 +69780,12 @@
 "60002","2018-09-24 21:42:03","http://pbt-demo.web2de.com/LLC/US_us/Invoices-attached","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60002/"
 "60001","2018-09-24 21:41:04","http://mbr.kill0604.ru/upsnew2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60001/"
 "60000","2018-09-24 21:26:06","http://67.21.81.79/dtacard.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/60000/"
-"59999","2018-09-24 21:25:35","http://soft.duote.com.cn/sycpdf_1.0.0.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59999/"
+"59999","2018-09-24 21:25:35","http://soft.duote.com.cn/sycpdf_1.0.0.0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59999/"
 "59998","2018-09-24 21:25:09","http://dc.amegt.com/wp-content/sites/En/New-Order-Upcoming/Invoice","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59998/"
 "59997","2018-09-24 21:24:10","http://hotellaspalmashmo.com/92WKNDMR/PAYMENT/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59997/"
 "59996","2018-09-24 21:24:05","http://67.21.81.79/datacard.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/59996/"
 "59995","2018-09-24 21:23:53","http://www.skayweb.com/rr.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/59995/"
-"59994","2018-09-24 21:23:42","http://soft.duote.com.cn/wyzdjk_7.2.0.2.exe","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/59994/"
+"59994","2018-09-24 21:23:42","http://soft.duote.com.cn/wyzdjk_7.2.0.2.exe","online","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/59994/"
 "59993","2018-09-24 21:21:15","http://manatour.cl/pdf/EN_en/Invoice-for-sent/Invoice-92978","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59993/"
 "59992","2018-09-24 21:21:04","http://manatour.cl/DOC/New-Invoice-EI1978-AT-5653","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59992/"
 "59991","2018-09-24 21:20:07","http://hd.pe/470076SC/ACH/Smallbusiness/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/59991/"
@@ -67952,7 +69798,7 @@
 "59984","2018-09-24 21:09:17","http://hukuki.site/LLC/US/Paid-Invoice","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59984/"
 "59983","2018-09-24 21:09:12","http://weinraub.net/helpdesk/default/En/Outstanding-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59983/"
 "59982","2018-09-24 21:09:05","http://diainc.com/Document/EN_en/Past-Due-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59982/"
-"59980","2018-09-24 21:07:09","http://soft.duote.com.cn/ddmfwifi_1.1.5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59980/"
+"59980","2018-09-24 21:07:09","http://soft.duote.com.cn/ddmfwifi_1.1.5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59980/"
 "59979","2018-09-24 21:02:03","http://aluigi.altervista.org/poc/dirtysky.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59979/"
 "59978","2018-09-24 21:00:11","http://aluigi.altervista.org/poc/ut2004null.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59978/"
 "59977","2018-09-24 20:48:58","http://ossi4.51cto.com/attachment/201203/4594712_1333015433.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/59977/"
@@ -68392,7 +70238,7 @@
 "59539","2018-09-24 06:48:40","http://optics-line.com/vUUp9ygDE","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/59539/"
 "59538","2018-09-24 06:48:37","http://montegrappa.com.pa/OkyoMANm","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/59538/"
 "59537","2018-09-24 06:48:34","http://kulikovonn.ru/l5vT7q19U","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/59537/"
-"59536","2018-09-24 06:48:32","http://dh.3ayl.cn/dh_pz/sjhitgnd_005.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59536/"
+"59536","2018-09-24 06:48:32","http://dh.3ayl.cn/dh_pz/sjhitgnd_005.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59536/"
 "59535","2018-09-24 06:45:09","http://atlet72.ru/Windows.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59535/"
 "59534","2018-09-24 06:38:06","http://myblogforyou.is/1/v/aghgE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59534/"
 "59533","2018-09-24 06:37:10","https://u.lewd.se/l5ogCo_RQbUTBOG.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59533/"
@@ -68636,7 +70482,7 @@
 "59295","2018-09-23 20:41:17","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/inf.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59295/"
 "59294","2018-09-23 20:41:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/car.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59294/"
 "59293","2018-09-23 20:41:02","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/jiz.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59293/"
-"59292","2018-09-23 20:40:49","http://soft.duote.com.cn/baohusan_1.4.3.3.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/59292/"
+"59292","2018-09-23 20:40:49","http://soft.duote.com.cn/baohusan_1.4.3.3.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/59292/"
 "59291","2018-09-23 20:25:12","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/joo.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59291/"
 "59290","2018-09-23 20:25:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/jizz.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59290/"
 "59289","2018-09-23 20:25:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/md.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59289/"
@@ -77299,7 +79145,7 @@
 "50477","2018-09-01 05:29:12","http://jppygfot.sha58.me/d239ec5a21e71059cb8106851869b7a6/LkV8/9NAbz/eitczeqhbw10054.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50477/"
 "50476","2018-09-01 05:29:10","http://umzdjymq.sha58.me/3cbbc9e91d9d5571823ef933a357f371/SVb3/h953p/catsannubl10080.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50476/"
 "50475","2018-09-01 05:29:06","http://caferaa.com/CcCaDi.html","offline","malware_download","None","https://urlhaus.abuse.ch/url/50475/"
-"50474","2018-09-01 05:29:01","http://down10b.zol.com.cn/zoldownload/rdvideo8.2at81_327255.exe","online","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/50474/"
+"50474","2018-09-01 05:29:01","http://down10b.zol.com.cn/zoldownload/rdvideo8.2at81_327255.exe","offline","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/50474/"
 "50473","2018-09-01 05:28:51","http://180.153.105.169/dlied6.qq.com/invc/conn_android/drivers/PhoneDockInstaller_5.8.0.6.exe?mkey=5b70c60f0219b226&f=a122&c=0&p=.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/50473/"
 "50472","2018-09-01 05:28:36","http://6ip.us/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50472/"
 "50471","2018-09-01 05:28:29","http://down.wlds.net/mtv_setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/50471/"
@@ -77312,10 +79158,10 @@
 "50463","2018-09-01 05:27:04","http://tnjlgs.loan/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50463/"
 "50462","2018-09-01 05:27:02","http://robotop.cn/v3G158/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/50462/"
 "50461","2018-09-01 05:26:58","http://uebhyhxw.afgktv.cn/1/44278-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50461/"
-"50460","2018-09-01 05:26:50","http://iuwrwcvz.applekid.cn/1/44217-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50460/"
+"50460","2018-09-01 05:26:50","http://iuwrwcvz.applekid.cn/1/44217-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50460/"
 "50459","2018-09-01 05:26:44","http://aimmvqsf.ahhxdl.cn/1/42062-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50459/"
-"50458","2018-09-01 05:26:37","http://xblbnlws.appdoit.cn/1/42046-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50458/"
-"50457","2018-09-01 05:26:23","http://aygwzxqa.applekid.cn/1/42046-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50457/"
+"50458","2018-09-01 05:26:37","http://xblbnlws.appdoit.cn/1/42046-C01","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50458/"
+"50457","2018-09-01 05:26:23","http://aygwzxqa.applekid.cn/1/42046-C01","online","malware_download","zip","https://urlhaus.abuse.ch/url/50457/"
 "50456","2018-09-01 05:26:10","http://tpjsgq.loan/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50456/"
 "50455","2018-09-01 05:26:06","http://one.wing138.info/glib","offline","malware_download","None","https://urlhaus.abuse.ch/url/50455/"
 "50454","2018-09-01 05:26:01","http://r06.yunshangduan.cn/sg_p465761.psd","offline","malware_download","None","https://urlhaus.abuse.ch/url/50454/"
@@ -85334,8 +87180,8 @@
 "42379","2018-08-14 04:27:57","http://profsouz55.ru/187TEQCorporation/GU414658JP/6889361/UT-BJFB/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42379/"
 "42378","2018-08-14 04:27:56","http://portraitworkshop.com/7YLLC/PT89473QKBDR/Aug-10-2018-418457584/TF-RVZCN/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42378/"
 "42377","2018-08-14 04:27:54","http://platgesdetossa.com/9MVPAY/PM7479962OYV/13317/BDR-SZVGQ-Aug-10-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42377/"
-"42376","2018-08-14 04:27:53","http://pink99.com/logsite/694JDOC/OLKZ41786YBM/Aug-09-2018-90671945734/SBS-ZOMVI-Aug-09-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42376/"
-"42375","2018-08-14 04:27:04","http://pink99.com/logsite/0LDDOC/TKA1833163913SOXCJH/Aug-11-2018-06005952849/NVS-VJXV/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42375/"
+"42376","2018-08-14 04:27:53","http://pink99.com/logsite/694JDOC/OLKZ41786YBM/Aug-09-2018-90671945734/SBS-ZOMVI-Aug-09-2018/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42376/"
+"42375","2018-08-14 04:27:04","http://pink99.com/logsite/0LDDOC/TKA1833163913SOXCJH/Aug-11-2018-06005952849/NVS-VJXV/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42375/"
 "42374","2018-08-14 04:26:51","http://piksel-studio.pl/007TIRACH/QUD25084044VDMPQ/Aug-10-2018-174081/HW-WKS/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42374/"
 "42373","2018-08-14 04:26:49","http://pfbadminton.com.au/1UIIFILE/GY5467080510LEGO/Aug-10-2018-90553567917/PZO-INY/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42373/"
 "42372","2018-08-14 04:26:48","http://petertretter.com/65ZCICorporation/UOJC64092DCTETK/053537/CYEK-JBUA-Aug-11-2018/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/42372/"
@@ -87209,7 +89055,7 @@
 "40493","2018-08-09 06:49:13","http://jobarba.com/wp-content/Download/VJ320265TIMWFE/804310/XCWN-MXIM","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/40493/"
 "40492","2018-08-09 06:49:09","http://cqfsbj.cn/PAYMENT/ECB78486182JUX/Aug-08-2018-9457218/JJW-ZUCAX-Aug-08-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/40492/"
 "40491","2018-08-09 05:54:20","http://www.duanvinhomeshanoi.net/PAYMENT/ZQJ03392864209AWGMLN/Aug-07-2018-6867675/LOE-AYFXW-Aug-07-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40491/"
-"40490","2018-08-09 05:54:17","http://uycqawua.applekid.cn/1/42065-C01","offline","malware_download","None","https://urlhaus.abuse.ch/url/40490/"
+"40490","2018-08-09 05:54:17","http://uycqawua.applekid.cn/1/42065-C01","online","malware_download","None","https://urlhaus.abuse.ch/url/40490/"
 "40489","2018-08-09 05:54:08","http://down.263209.com/cx/180619/36/setup@_121641.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/40489/"
 "40488","2018-08-09 05:53:50","http://bike-nomad.com/wp-content/29NPAYMENT/CQ1091905FEP/89182511/BMF-FKC-Aug-08-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40488/"
 "40487","2018-08-09 05:53:49","http://brunotalledo.com/57DEWLLC/UE49079GG/0592048577/ZRYX-CDMM/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/40487/"
@@ -87633,7 +89479,7 @@
 "40067","2018-08-08 13:02:04","http://futureproofsolutions.nl/236QSRFILE/SA2709841437NST/3333234739/OONK-CTLZ-Aug-08-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/40067/"
 "40066","2018-08-08 12:47:08","https://ikhlasaqiqah.com/main/1/outputa211bff.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/40066/"
 "40065","2018-08-08 12:45:02","http://94.250.251.134/build_startup_2018-08-07_23-51.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/40065/"
-"40064","2018-08-08 12:34:08","http://jigneshjhaveri.com/INFO/JB21160UDEMK/719973186/BNCI-NLQ/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40064/"
+"40064","2018-08-08 12:34:08","http://jigneshjhaveri.com/INFO/JB21160UDEMK/719973186/BNCI-NLQ/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/40064/"
 "40063","2018-08-08 12:34:06","http://dc.amegt.com/wp-content/PAY/DTO15075LJ/419146/THPD-ZPDVM/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40063/"
 "40062","2018-08-08 12:34:05","http://leodruker.com/wp-content/uploads/2014/sites/US/Address-and-payment-info/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40062/"
 "40061","2018-08-08 12:34:03","http://frankdeleeuw.com/DOC/OVTL71553846120CWRE/86957/VED-UREYC-Aug-06-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/40061/"
@@ -87898,7 +89744,7 @@
 "39802","2018-08-08 05:09:26","http://closhlab.com/LLC/ADAQ9479229646WYACW/3838658/FV-STJL-Aug-06-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/39802/"
 "39801","2018-08-08 05:09:25","http://somethingslightlydifferent.co.uk/PAY/CX6948436GPTYIW/Aug-07-2018-21669730/GAAG-EEXW/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/39801/"
 "39800","2018-08-08 05:09:24","http://redepsicanalise.com.br/CARD/HD706116258ZSDCYP/893932702/NKGL-PMJH/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/39800/"
-"39799","2018-08-08 05:09:22","http://aiwhevye.applekid.cn/1/44217-C01","offline","malware_download","None","https://urlhaus.abuse.ch/url/39799/"
+"39799","2018-08-08 05:09:22","http://aiwhevye.applekid.cn/1/44217-C01","online","malware_download","None","https://urlhaus.abuse.ch/url/39799/"
 "39798","2018-08-08 05:09:10","http://stolpenconsulting.com/CARD/WTKZ279939SMS/Aug-07-2018-95105/ILW-YQM/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/39798/"
 "39797","2018-08-08 05:09:09","http://st212.com/6sqe24l1virusdie/FILE/DEED19219NWF/Aug-07-2018-3407080755/ZYO-GXVCO-Aug-07-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/39797/"
 "39796","2018-08-08 05:09:08","http://baerbl-volz.de/hvnc.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/39796/"
@@ -88425,7 +90271,7 @@
 "39250","2018-08-07 02:51:59","http://lonestarcustompainting.com/CARD/FEQB144877ICJ/Aug-03-2018-0597999/OQF-WPEEY-Aug-03-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39250/"
 "39249","2018-08-07 02:51:57","http://kulikovonn.ru/PAY/HEY1872516JK/Aug-06-2018-28507440338/IDRT-BGIQ","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39249/"
 "39248","2018-08-07 02:51:56","http://kristianmarlow.com/LLC/HNJ20152919WUYRE/206028/CZB-TWQ/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39248/"
-"39247","2018-08-07 02:51:54","http://jigneshjhaveri.com/newsletter/US/Bill-address-change/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39247/"
+"39247","2018-08-07 02:51:54","http://jigneshjhaveri.com/newsletter/US/Bill-address-change/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39247/"
 "39246","2018-08-07 02:51:52","http://hudsonmartialarts.com.au/Corporation/BDI88478S/Aug-03-2018-58989544/JU-YZDX-Aug-03-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39246/"
 "39245","2018-08-07 02:51:48","http://hk5d.com/@eaDir/doc/GER/RECHNUNG/RechnungsDetails-WX-21-40739","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39245/"
 "39244","2018-08-07 02:51:46","http://geocoal.co.za/INFO/UZ86805770015O/303134438/PZV-WBYD-Aug-03-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/39244/"
@@ -91612,7 +93458,7 @@
 "36018","2018-07-26 03:53:40","http://dekormc.pl/js/sites/US_us/OVERDUE-ACCOUNT/Invoice-931714/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36018/"
 "36017","2018-07-26 03:53:39","http://decoflow.com.ar/DHL-Tracking/En/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36017/"
 "36016","2018-07-26 03:53:34","http://dcmacik.sk/files/EN_en/Statement/Invoice-475551/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36016/"
-"36015","2018-07-26 03:53:33","http://datingassistent.nl/DHL/EN_en/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36015/"
+"36015","2018-07-26 03:53:33","http://datingassistent.nl/DHL/EN_en/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36015/"
 "36014","2018-07-26 03:53:31","http://danielneto.com.br/DHL-Express/US/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36014/"
 "36013","2018-07-26 03:53:30","http://daisudai.it/doc/US_us/Statement/Account-91040/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36013/"
 "36012","2018-07-26 03:53:28","http://d3n.com/DHL-number/EN_en/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/36012/"
@@ -91921,7 +93767,7 @@
 "35706","2018-07-25 03:58:38","http://joynt.net/tank/default/Rechnung/DOC-Dokument/Unsere-Rechnung-vom-24-Juli-NN-77-56202/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35706/"
 "35705","2018-07-25 03:58:36","http://johnnipe.com/newsletter/EN_en/Statement/HRI-Monthly-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35705/"
 "35704","2018-07-25 03:58:33","http://jimmyjohansson.net/files/EN_en/Past-Due-Invoices/invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35704/"
-"35703","2018-07-25 03:58:31","http://jigneshjhaveri.com/default/Rechnungs/Rechnungsanschrift/Ihre-Rechnung-AJW-87-91079/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35703/"
+"35703","2018-07-25 03:58:31","http://jigneshjhaveri.com/default/Rechnungs/Rechnungsanschrift/Ihre-Rechnung-AJW-87-91079/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35703/"
 "35702","2018-07-25 03:58:30","http://jdmsport.com.au/newsletter/En_us/Jul2018/ACCOUNT3426911/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35702/"
 "35701","2018-07-25 03:58:26","http://jacobyodesign.com/doc/Rechnung/Zahlung/Rechnungsanschrift-korrigiert-PN-54-83319/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/35701/"
 "35700","2018-07-25 03:58:25","http://irontech.com.tr/DHL-Express/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/35700/"
@@ -103943,7 +105789,7 @@
 "23430","2018-06-25 18:32:08","http://iconholidays.com.bd/PHzC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23430/"
 "23428","2018-06-25 18:32:03","http://167.99.35.101/bins/yasaku.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/23428/"
 "23429","2018-06-25 18:32:03","http://argedalatpars.ir/Payment-and-address/INV2387130","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23429/"
-"23427","2018-06-25 18:18:02","http://media.atwaar.com/Documentos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/23427/"
+"23427","2018-06-25 18:18:02","http://media.atwaar.com/Documentos/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/23427/"
 "23426","2018-06-25 18:03:17","http://argedalatpars.ir/Payment-and-address/INV2387130/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23426/"
 "23425","2018-06-25 18:03:17","http://blogs.vidiaspot.com/Payment-and-address/Order-46667948248/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23425/"
 "23424","2018-06-25 18:03:15","http://familiekoning.net/Facturas-pendientes/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23424/"
@@ -105459,7 +107305,7 @@
 "21877","2018-06-21 04:48:25","http://202.63.105.86/AjIOoP/","offline","malware_download","None","https://urlhaus.abuse.ch/url/21877/"
 "21876","2018-06-21 04:48:23","http://www.congnghevienthong.com/x9hf0FvE/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21876/"
 "21875","2018-06-21 04:48:19","http://tpbdsrqf.com/dZEq3qR/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21875/"
-"21874","2018-06-21 04:48:16","http://media.atwaar.com/mGFGAin/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21874/"
+"21874","2018-06-21 04:48:16","http://media.atwaar.com/mGFGAin/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/21874/"
 "21873","2018-06-21 04:48:15","http://griffgraff.net/8e0yi3/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21873/"
 "21872","2018-06-21 04:48:14","http://diendan238.net/DOC/Payment/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21872/"
 "21871","2018-06-21 04:48:05","http://www.finkeyhangszer.hu/yr9z10p","offline","malware_download","None","https://urlhaus.abuse.ch/url/21871/"
@@ -107499,7 +109345,7 @@
 "19779","2018-06-15 15:41:13","http://rushmediacommunications.com/lirmeMPGO/","offline","malware_download","None","https://urlhaus.abuse.ch/url/19779/"
 "19778","2018-06-15 15:41:11","http://rootednetworks.com/Your-Christmas-Gift-Card/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19778/"
 "19777","2018-06-15 15:41:04","http://robpepper.co.uk/Holidays-eCard/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19777/"
-"19776","2018-06-15 15:40:38","http://richardcarvalho.com/Christmas-eCard/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19776/"
+"19776","2018-06-15 15:40:38","http://richardcarvalho.com/Christmas-eCard/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19776/"
 "19775","2018-06-15 15:40:37","http://reviewzaap.azurewebsites.net/oMgoZ/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19775/"
 "19774","2018-06-15 15:40:34","http://resourceforge.com/xstandard/RGGWG28195/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19774/"
 "19773","2018-06-15 15:40:31","http://resortmasters.com/LLCQ981553/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19773/"
diff --git a/urlhaus-filter.txt b/urlhaus-filter.txt
index ae17837b..8acb1efd 100644
--- a/urlhaus-filter.txt
+++ b/urlhaus-filter.txt
@@ -1,5 +1,5 @@
 ! Title: abuse.ch URLhaus Malicious URL Blocklist
-! Updated: Sun, 17 Feb 2019 12:23:16 UTC
+! Updated: Mon, 18 Feb 2019 00:24:58 UTC
 ! Expires: 1 day (update frequency)
 ! Repo: https://gitlab.com/curben/urlhaus-filter
 ! License: https://creativecommons.org/publicdomain/zero/1.0/
@@ -8,11 +8,13 @@
 0nedrevefile.com
 1.247.157.184
 1.254.80.184
+1.32.43.40
 1.34.159.106
 1.34.159.137
 1.34.220.200
 1.34.238.15
 1.34.72.99
+1.9.124.131
 1.almaz13.z8.ru
 101.200.214.249
 101.254.225.145
@@ -27,14 +29,12 @@
 104.198.73.104
 104.203.170.198
 104.219.235.147
-104.219.235.157
 104.223.40.40
 104.248.140.207
 104.248.173.249
 104.248.181.42
 104.248.187.115
 104.248.229.149
-104.248.66.24
 104.32.48.59
 106.105.197.111
 107.179.34.49
@@ -46,6 +46,7 @@
 108.58.16.83
 108.74.200.87
 109.121.195.237
+109.169.89.4
 109.205.143.207
 109.74.64.155
 11.gxdx2.crsky.com
@@ -74,6 +75,7 @@
 116.100.5.168
 11651.wang
 118.163.0.229
+118.233.43.29
 118.25.176.38
 118.99.239.217
 119.254.12.142
@@ -91,6 +93,7 @@
 122.49.66.39
 123.194.235.37
 125.135.185.152
+125.136.94.85
 125.137.120.54
 125.138.144.118
 125.254.53.45
@@ -109,7 +112,6 @@
 13.233.183.227
 13.233.31.203
 13.239.63.5
-13.251.184.56
 130.211.205.139
 132.145.153.89
 132.147.40.112
@@ -141,11 +143,9 @@
 142.129.111.185
 142.93.211.141
 142.93.219.170
-150.66.17.190
 150.co.il
 151.236.38.234
 151.80.8.17
-154.85.35.82
 15666.online
 157.230.1.71
 157.230.164.74
@@ -158,6 +158,7 @@
 157.230.84.68
 159.203.101.9
 159.65.101.80
+159.65.12.8
 159.65.142.218
 159.65.146.232
 159.65.147.40
@@ -203,13 +204,9 @@
 179.220.125.55
 179.98.240.107
 179.99.203.85
-18.184.16.5
 18.188.218.228
-18.217.96.49
 18.218.56.72
 18.220.183.143
-18.221.1.168
-18.222.169.76
 180.153.105.169
 180.245.36.233
 180.66.68.39
@@ -218,9 +215,8 @@
 182.235.29.89
 183.110.79.42
 183.234.11.91
-183.99.140.11
 184.11.126.250
-185.101.105.168
+185.101.105.130
 185.11.146.84
 185.154.15.36
 185.172.110.203
@@ -229,7 +225,6 @@
 185.191.229.180
 185.195.236.165
 185.22.152.122
-185.22.153.191
 185.222.202.118
 185.234.217.21
 185.244.25.133
@@ -238,15 +233,16 @@
 185.244.25.148
 185.244.25.173
 185.244.25.174
+185.244.25.176
 185.244.25.182
 185.244.25.194
 185.244.25.199
 185.244.25.229
+185.244.25.230
 185.244.25.234
 185.244.25.249
 185.244.30.151
 185.26.31.94
-185.81.157.124
 185.94.33.22
 185.96.235.210
 186.149.12.84
@@ -270,11 +266,13 @@
 189.198.67.249
 189.32.232.54
 190.164.186.104
+190.194.44.136
+190.250.124.10
+190.68.44.60
 190.69.81.172
 190.7.27.69
 190.88.184.137
 191.184.241.71
-191.193.51.34
 191.92.234.159
 192.210.146.45
 192.99.142.235
@@ -306,9 +304,7 @@
 200.38.79.134
 200.63.45.101
 200.63.45.123
-201.168.151.182
 201.26.11.173
-201.37.141.128
 202.55.178.35
 202.75.223.155
 203.146.208.208
@@ -332,11 +328,13 @@
 211.193.86.151
 211.194.183.51
 211.204.165.173
+211.21.205.207
 211.48.208.144
 211.55.144.196
 211.73.73.2
 211.73.73.3
 212.150.200.21
+212.150.222.45
 212.36.31.215
 212.77.144.84
 213.183.60.7
@@ -392,8 +390,8 @@
 27.2.138.189
 2cbio.com
 2d73.ru
+2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 3.112.13.31
-3.16.186.154
 3.92.174.100
 3.dohodtut.ru
 30-by-30.com
@@ -407,20 +405,17 @@
 31.184.198.158
 31.211.138.227
 31.211.159.149
-34.242.190.144
 34.80.131.135
 35.176.197.139
 35.184.197.183
 35.190.186.53
 35.196.135.186
-35.200.161.87
 35.202.250.4
 35.204.88.6
 35.227.184.106
 35.229.123.217
-35.231.216.11
 35.232.73.116
-35.235.102.123
+35.239.139.124
 35.247.37.148
 36.39.80.218
 36.67.206.31
@@ -428,6 +423,7 @@
 37.191.82.202
 37.252.74.43
 37.255.196.22
+37.34.244.167
 37.34.247.30
 37.44.212.223
 37.48.125.107
@@ -471,7 +467,6 @@
 4pointinspection.net
 5.201.128.15
 5.201.130.81
-5.236.19.179
 5.29.137.12
 5.fjwt1.crsky.com
 50.240.88.162
@@ -480,20 +475,15 @@
 52.15.227.66
 52.196.225.91
 52.202.101.89
-52.211.179.190
-52.66.236.210
-54.146.46.168
+52.63.119.3
 54.153.245.124
 54.164.84.17
 54.167.192.134
 54.175.140.118
 54.202.85.204
-54.208.237.58
-54.224.240.34
 54.234.174.153
 54.250.159.171
 54.38.35.144
-54.85.253.114
 579custom.space
 58.230.89.42
 59.124.90.231
@@ -502,9 +492,11 @@
 59.29.178.187
 59.31.110.106
 59.31.164.189
+59.98.44.226
 60.248.141.87
 60.250.242.72
 61.219.41.50
+61.222.95.43
 61.73.81.11
 61.75.73.190
 61.81.183.116
@@ -519,21 +511,26 @@
 64.62.250.41
 66.117.2.182
 66.117.6.174
+68.183.157.144
 68.183.41.164
 68.235.84.140
 69.202.198.255
+69.90.132.160
 70.164.206.71
 70.177.14.165
 72.186.139.38
 72.208.129.238
 72.224.106.247
+73.114.227.141
 73.138.179.173
 73.159.230.89
 73.237.175.222
 73.57.94.1
+73.73.137.64
 73.91.254.184
 75.149.247.114
 75.3.196.154
+75.55.248.20
 76.126.236.91
 76.182.156.147
 77.139.74.206
@@ -545,7 +542,6 @@
 78.39.232.91
 78.96.20.79
 78.96.28.99
-79.182.34.229
 79.2.211.133
 79.39.88.20
 80.11.38.244
@@ -559,7 +555,6 @@
 81.43.101.247
 81.56.198.200
 82.137.216.202
-82.166.24.224
 82.166.27.140
 82.253.156.136
 82.80.143.205
@@ -591,9 +586,9 @@
 89.144.174.153
 89.165.4.105
 89.34.26.100
+89.35.39.78
 89.46.223.114
 89.46.223.195
-89.46.223.247
 8dx.pc6.com
 91.105.126.31
 91.152.139.27
@@ -639,7 +634,6 @@ achat-or-rennes.fr
 acm.ee
 acnexplained.com
 acquainaria.com
-acropol.com.eg
 acsentials.com
 actionfraud.coqianlong.watchdogdns.duckdns.org
 adambenny.org
@@ -667,6 +661,7 @@ air-team-service.com
 airmasterbh.com
 airmod.com.br
 aiwaviagens.com
+aiwhevye.applekid.cn
 ajaa.ru
 ajansred.com
 ajexin.com
@@ -714,6 +709,7 @@ andam3in1.com
 andonia.com
 andreysharanov.info
 angelageorgesphotography.com
+anhsangtuthien.com
 ankarabeads.com
 ankaraliderlikzirvesi.com
 anket.kalthefest.org
@@ -727,7 +723,6 @@ apk05.appcms.3xiazai.com
 aplacc-my.sharepoint.com
 apoolcondo.com
 app.myresource.center
-appliano.com
 application.cravingsgroup.com
 aprendercomputacion.com
 aptigence.com.au
@@ -768,6 +763,7 @@ aulist.com
 aussietruffles.com
 ausvest-my.sharepoint.com
 authenticity.id
+auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org
 ava-group.us
 avazturizm.com
 aviationradio.plus.com
@@ -780,11 +776,13 @@ axisplumbingptyltd-my.sharepoint.com
 axx.bulehero.in
 aycauyanik.com
 aygunlersigorta.000webhostapp.com
+aygwzxqa.applekid.cn
 azaelindia.com
 azraglobalnetwork.com.my
 b7center.com
 babaunangdong.com
 babyparrots.it
+baixenoibai24h.com
 balkaniks.de
 balkanteam.ba
 balooteabi.com
@@ -802,6 +800,7 @@ base.n24rostov.ru
 batdongsan3b.com
 batdongsanphonoi.vn
 baza-dekora.ru
+bazee365.com
 bbs.sundance.com.cn
 bbs.sunwy.org
 bd1.52lishi.com
@@ -816,7 +815,6 @@ bdcarezone.com
 bdtube.pl
 becker-tm.org
 bedroomcritic.com
-befirstclub.org
 beforeuwander.com
 behdanehgolestan.com
 behomespa.com
@@ -838,7 +836,6 @@ bethrow.co.uk
 better-1win.com
 beurse.nl
 bhplazatravel.com
-bi.netmonks.org
 biennhoquan.com
 big.5072610.ru
 binaryrep.loan
@@ -857,8 +854,8 @@ blinkblink.eu
 blog.healthyactivewellness.com
 blog.powersoft.net.ec
 blogs.cricskill.com
-blueelephantmassage.com.au
 bluehammerproperties.com
+bmstu-iu9.github.io
 bobvr.com
 bohobitches.co.uk
 bonex.it
@@ -884,6 +881,7 @@ buonbantenmien.com
 buralistesdugard.fr
 burasiaksaray.com
 bynana.nl
+c.pieshua.com
 c2c.webprojemiz.com
 ca.fq520000.com
 ca.hashpost.org
@@ -914,7 +912,6 @@ carsonbiz.com
 casadasquintas.com
 casanbenito.com
 casfetaudsm.org
-cash-lovers.com
 cash888.net
 cashin.ca
 cathome.org.tw
@@ -925,8 +922,10 @@ ccbaike.cn
 cccb-dz.org
 ccowan.com
 cdn-10049480.file.myqcloud.com
+cdn.file6.goodid.com
 cdn.fixio.com
 cdn.fullpccare.com
+cdn4.css361.com
 cds.w2w3w6q4.hwcdn.net
 cech.gdansk.pl
 cedartreegroup.com
@@ -936,7 +935,6 @@ ceo.org.my
 ceoseguros.com
 cerebro-coaching.fr
 cerotex.webprojemiz.com
-cesan-yuni.com
 ceu-hosting.upload.de
 cf.uuu9.com
 cfs11.planet.daum.net
@@ -947,6 +945,7 @@ cgameres.game.yy.com
 cgt.gandolfighislain.fr
 chadikaysora.com
 chalesmontanha.com
+champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org
 championsportspune.com
 changematterscounselling.com
 changemindbusiness.com
@@ -954,9 +953,7 @@ chanvribloc.com
 charavoilebzh.org
 charihome.com
 charm.bizfxr.com
-charms.com.co
 cheats4gaming.com
-chefpromoter.com
 chenhaitian.com
 chilenoscroatas.cl
 chinhdropfile.myvnc.com
@@ -967,7 +964,6 @@ chrstiansagainstpoverty-my.sharepoint.com
 chuletas.fr
 chungkhoannews.com
 churchofgod.team
-chuthapdobg.org.vn
 chuyensacdep.com
 cicekciilhan.com
 cild.edu.vn
@@ -981,6 +977,7 @@ citylawab.com
 ckd.org.uk
 ckobcameroun.com
 cl.ssouy.com
+claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 clarte-thailand.com
 clashofclansgems.nl
 classishinejewelry.com
@@ -995,6 +992,7 @@ cliniqueelmenzah.com
 clipestan.com
 cloud.kryptonia.fr
 cloudme.com
+cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 cmnmember.coachmohdnoor.com
 cn.download.ichengyun.net
 cngda.tw
@@ -1024,6 +1022,7 @@ conciliodeprincipedepazusa.org
 conectacontualma.com
 coneymedia.com
 config.cqhbkjzx.com
+config.wulishow.top
 config.wwmhdq.com
 config.ymw200.com
 config.younoteba.top
@@ -1036,15 +1035,16 @@ coqianlong.watchdogdns.duckdns.org
 coronadodirectory.com
 corporaciondelsur.com.pe
 cortijodebornos.es
+costartechnology.com
 craftmartonline.com
 craftyz.shop
 crittersbythebay.com
 croesetranslations.com
+crownrentals.net
 cryptovoip.in
 crystalmind.ru
 csetv.net
 csnsoft.com
-csvina.vn
 ctwabenefits.com
 cuahangstore.com
 currencyavenue.com
@@ -1060,7 +1060,9 @@ d1.udashi.com
 d1.w26.cn
 d2.udashi.com
 d4.smzy.com
+d8.driver.160.com
 d9.99ddd.com
+d9.driver.160.com
 da.alibuf.com
 dadieubavithuyphuong.vn
 dailywaiz.com
@@ -1076,6 +1078,7 @@ data.over-blog-kiwi.com
 datacenter.rwebhinda.com
 datarecovery.chat.ru
 datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org
+datingassistent.nl
 datos.com.tw
 dawaphoto.co.kr
 dawgpoundinc.com
@@ -1093,10 +1096,8 @@ deluvis.net
 demicolon.com
 demo.dsistemas.net
 demo.esoluz.com
-demo.hoatuoinhuy.vn
 demo.liuzhixiong.top
 demo.minecraft.edu.vn
-demo.supegift.com
 demo1.parsnet.space
 demosthene.org
 denizyildizikresi.com
@@ -1113,7 +1114,6 @@ dfzm.91756.cn
 dgecolesdepolice.bf
 dgnj.cn
 dgpratomo.com
-dh.3ayl.cn
 dhoffmanfan.chat.ru
 dhpos.com
 diamondking.co
@@ -1132,6 +1132,7 @@ dijitalthink.com
 dinero-online.club
 dirc-madagascar.ru
 distribuidorajb.com.ar
+distro.attaqwapreneur.com
 diversitycityin.com
 dixe.online
 dixo.se
@@ -1140,6 +1141,7 @@ dkstudy.com
 dl-gameplayer.dmm.com
 dl.008.net
 dl.bypass.network
+dl.hzkfgs.com
 dl.teeqee.com
 dl1.mqego.com
 dlainzyniera.pl
@@ -1147,6 +1149,7 @@ dld.jxwan.com
 dlqz4.oss-cn-hangzhou.aliyuncs.com
 dmsta.com
 dnn.alibuf.com
+dns.alibuf.com
 dns.fq520000.com
 docteurga.com
 doctorjuliandiaz.com
@@ -1172,8 +1175,10 @@ down.haote.com
 down.kuwo.cn
 down.leyoucoc.cn
 down.pcclear.com
+down.pdf.cqmjkjzx.com
 down.pdflist.cqhbkjzx.com
 down.qm188.com
+down.soft.6789.net
 down.soft.hyzmbz.com
 down.soft.yypdf.cn
 down.softlist.hyzmbz.com
@@ -1182,11 +1187,11 @@ down.topsadon.com
 down.travma.site
 down.webbora.com
 down.wifigx.com
+down.xrpdf.com
 down.zynet.pw
 down1.arpun.com
 down1.greenxf.com
 down1.topsadon1.com
-down10b.zol.com.cn
 down11.downyouxi.com
 down5.mqego.com
 down7.downyouxi.com
@@ -1224,13 +1229,13 @@ dsdfgdfshfgh.ru
 dua-anggrek.net
 duandojiland-sapphire.com
 duannamvanphong.com
+dumblaws.com
 dunveganbrewing.ca
 duoliprudential.com.watchdogdns.duckdns.org
 duratransgroup.com
 dutraspedras.com.br
 dvb-upload.com
 dverliga.ru
-dvip.drvsky.com
 dw.58wangdun.com
 dwonload.frrykt.cn
 dx.9ht.com
@@ -1243,13 +1248,17 @@ dx112.downyouxi.com
 dx114.downyouxi.com
 dx115.downyouxi.com
 dx2.qqtn.com
+dx51.downyouxi.com
+dx52.downyouxi.com
 dx53.downyouxi.com
+dx55.downyouxi.com
 dx62.downyouxi.com
 dx63.downyouxi.com
 dx65.downyouxi.com
 dx71.downyouxi.com
 dx73.downyouxi.com
 dx74.downyouxi.com
+dx84.downyouxi.com
 dx93.downyouxi.com
 dxdown.2cto.com
 e-basvur.com
@@ -1357,7 +1366,6 @@ files.hrloo.com
 files.red-starless.com
 files.zzattack.org
 files6.uludagbilisim.com
-fileservice.ga
 filowserve.com
 finndev.net
 firephonesex.com
@@ -1369,7 +1377,6 @@ flasharts.de
 flechabusretiro.com.ar
 flek1.free.fr
 flemingtonosteopathy-my.sharepoint.com
-fluzz.ga
 flycourierservice.com
 flz.keygen.ru
 folkbjnrwwww.watchdogdns.duckdns.org
@@ -1425,8 +1432,6 @@ gd-consultants.com
 gd2.greenxf.com
 gdn.segera.live
 geckochairs.com
-geepaulcast.com
-gehause.ru
 gemaber.com
 gemriverside-datxanh.xyz
 general.it
@@ -1454,15 +1459,17 @@ golfadventuretours.com
 golihi.com
 gomovies.cl
 gops2.home.pl
+gov.rsmart-testsolutions.watchdogdns.duckdns.org
 goworldmarketing.net
 gowriensw-my.sharepoint.com
+grapeness.mx
 graphee.cafe24.com
 gratisgiftcards.com
 greatescapesworkshop.com
-greatis.com
 greatissoftware.com
 greattechnical.com
 greeksoft.gr
+greencampus.uho.ac.id
 greenwhitegranit.com
 greyradical.com
 ground-africa.com
@@ -1483,7 +1490,6 @@ hairandshoes.com
 hairbyalexis.co.uk
 hakim.ws
 hakronteknoloji.com
-hamamelsalam.org
 hamanakoen.com
 hanaphoto.co.kr
 handshelpingpawsrescueinc.org
@@ -1496,7 +1502,6 @@ harmonyinternationalschools.com
 hashkorea.com
 hashtagvietnam.com
 hataydaskebap.com
-haunnhyundaibacninh.com
 hbr0.icu
 hcchanpin.com
 headbuild.info
@@ -1526,7 +1531,6 @@ hipecard.yazdvip.ir
 hjsanders.nl
 hldschool.com
 hnsyxf.com
-hoatuoitoancau.com
 hocviensangtaotomoe.edu.vn
 hoelscher1.com
 holladayphotography.tantumservices.com
@@ -1535,17 +1539,18 @@ homecaregurgaon.com
 homedeco.com.ua
 hondaparadise.co.th
 hongcheng.org.hk
-hookerdeepseafishing.com
 hopperfinishes.com
 horizont.az
-horse-moskva.ru
+hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 host.gomencom.website
 hoteleseconomicosacapulco.com
 hotelikswidwin.pl
 hotelplayaelagua.com
 hotshot.com.tr
 hourofcode.cn
+htxl.cn
 hubertpascal.org
+huc-hkh.orciprudential.com.watchdogdns.duckdns.org
 huhuhu.cf
 huyushop.com
 hvacofportland.com
@@ -1563,6 +1568,7 @@ iar.webprojemiz.com
 icases.pro
 icmcce.net
 idealse.com.br
+ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 ighighschool.edu.bd
 ignaciocasado.com
 igra123.com
@@ -1587,6 +1593,7 @@ infornos.com
 ingramjapan.com
 ingridkaslik.com
 ini.588b.com
+ini.egkj.com
 innisfreesvn.com
 insideljpc.com
 instaforexmas.com
@@ -1629,12 +1636,14 @@ it-accent.ru
 itcomputernarsingdi.com
 itimius.com
 itray.co.kr
+iuwrwcvz.applekid.cn
 ivydental.vn
 iwsgct18.in
 iww6.com
 izeussolutions.com
 j610033.myjino.ru
 jackservice.com.pl
+jambanswers.org
 jannah.web.id
 japax.co.jp
 jaspinformatica.com
@@ -1643,11 +1652,13 @@ javcoservices.com
 jayc-productions.com
 jbcc.asia
 jbnortonandco.com
+jeponautoparts.ru
 jessicalinden.net
 jetwaysairlines.us
 jghorse.com
 jhandiecohut.com
 jifendownload.2345.cn
+jigneshjhaveri.com
 jijiquan.net
 jimbagnola.ro
 jitkla.com
@@ -1709,12 +1720,11 @@ kientrucviet24h.com
 kimberly5esthetique.com
 kimono-kor.com
 kimyen.net
-king.myapp.com
-kinhbacchemical.com
 kirtifoods.com
 kittipakdee.com
 klotho.net
 kmet.us
+kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 kn-paradise.net.vn
 knaufdanoline.cf
 kndesign.com.br
@@ -1735,7 +1745,7 @@ kpccontracting.ca
 kr1s.ru
 krazyfin.com
 krei.pw
-kriso.ru
+ksolare.com
 ksumnole.org
 kuaizip.com
 kudteplo.ru
@@ -1753,6 +1763,7 @@ lakematheson.com
 lakornhot.com
 lakshmicollege.org
 lalie-bioty.fr
+lam.cz
 lameguard.ru
 lamesadelossenores.com
 lanco-flower.ir
@@ -1776,10 +1787,10 @@ leeth.org
 lefurle.by
 legalserv.in
 legalth.com
-lehtoniemi.com
 lelcrb.by
 lemonremodeling.com
 lemurapparel.cl
+letgov.rsmart-testsolutions.watchdogdns.duckdns.org
 letmehack.com
 letoilerestaurant.com
 letspartyharrisburg.com
@@ -1839,6 +1850,7 @@ mackleyn.com
 macsoft.shop
 maf-orleans.fr
 magicienalacarte.com
+mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 mail.amandakayjohnson.com
 mail.optiua.com
 maionline.co.uk
@@ -1868,11 +1880,13 @@ marisel.com.ua
 market.optiua.com
 marketingonline.vn
 markkellylive.com.au
+marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 martinoag.com
 mary-shops.ru
 masjedkong.ir
 masjidsolar.nl
 mask.studio
+maskproduction.ru
 master-of-bitcoin.net
 matel.p.lodz.pl
 materiacomfor.com
@@ -1888,10 +1902,10 @@ mcdanielconrjsrwaco.watchdogdns.duckdns.org
 mcdel.chat.ru
 mcfp.felk.cvut.cz
 mclplumbing.com
-mdc-chain.com
 meandoli.com
 medgen.pl
 media-standard.ru
+media.atwaar.com
 media0.jex.cz
 media0.mypage.cz
 media0.webgarden.name
@@ -1924,6 +1938,7 @@ millennialsberkarya.com
 mimiabner.com
 mincoindia.com
 mine.zarabotaibitok.ru
+minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org
 mingroups.vn
 miniboone.com
 minifiles.net
@@ -1951,11 +1966,9 @@ mmmnasdjhqweqwe.com
 mmmooma.zz.am
 mnarat8.com
 mobile.tourism.poltava.ua
-mobj.qp265.cn
 mod.sibcat.info
 modexcommunications.eu
 moha-group.com
-mohinhgohandmadedtoys.com
 molministries.org
 monkeyinferno.net
 monumentcleaning.co.uk
@@ -1978,6 +1991,7 @@ muapromotion.com
 mukhtaraindonesiawisata.com
 musicmeetshealth.net
 musojoe.com
+mv360.net
 mxd-1253507133.file.myqcloud.com
 my-health-guide.org
 myboysand.me
@@ -2017,6 +2031,7 @@ newbiecontest.org
 newsmediainvestigasi.com
 newwater-my.sharepoint.com
 newwayit.vn
+newxing.com
 nexclick.ir
 next-vision.ro
 nextsearch.co.kr
@@ -2081,13 +2096,12 @@ ongac.org
 onggiodieuhoa.com
 onlinedown.down.123ch.cn
 onlinekushshop.com
-opcbgpharma.com
 opticalexpressbd.com
 optimasaludmental.com
 optionscity.com
+orciprudential.com.watchdogdns.duckdns.org
 orderauto.es
 orglux.site
-orhangencebay.gen.tr
 orion.kim
 orishinecarwash.com
 ortotomsk.ru
@@ -2098,6 +2112,7 @@ ostyle-shop.net
 otosude.com
 otterloo.nl
 ouie.studio
+outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 owczarnialefevre.com
 owwwa.com
 oxatools.de
@@ -2124,17 +2139,18 @@ pattani.mcu.ac.th
 paul.falcogames.com
 pay.aqiu6.com
 pc6.down.123ch.cn
-pcgame.cdn0.hf-game.com
 pcr1.pc6.com
 pcsoft.down.123ch.cn
 pds36.cafe.daum.net
 penfocus.com
 pesei.it
+pestguard.com.bd
 petexpertises.com
 phantasy-ent.com
 phattrienviet.com.vn
 photographers-my.sharepoint.com
 pickmycamp.com
+pink99.com
 pinturaartisticas.com
 pis.grajewo.pl
 pjbuys.co.za
@@ -2142,6 +2158,8 @@ placarepiatra.ro
 playhard.ru
 pleasureingold.de
 plum.joburg
+pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org
+pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 pocketmate.com
 pontotocdistrictba.com
 porn-games.tv
@@ -2162,7 +2180,6 @@ precounterbrand.com
 preladoprisa.com
 premier-pavers.com
 prenak.com
-presse.schmutzki.de
 prfancy-th.com
 primeeast.net
 princetonsuppliers.co.uk
@@ -2176,6 +2193,7 @@ propolisterbaik.com
 prosmotr-bot.eu
 prosoft-industry.eu
 prostranstvorosta.ru
+protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 psakpk.com
 psychod.chat.ru
 ptmskonuco.me.gob.ve
@@ -2189,7 +2207,6 @@ qianlong.watchdogdns.duckdns.org
 qppl.angiang.gov.vn
 qqenglish.com.cn
 qsongchihotel.com
-quadriconexiones.info
 quarenta.eu
 quatanggiaminh.com
 quebrangulo.al.gov.br
@@ -2233,7 +2250,6 @@ reviewzaap.azurewebsites.net
 rexus.com.tr
 rhlnetwork.com
 riaztex.com
-richardcarvalho.com
 rightsense.in
 rjsrwaco.watchdogdns.duckdns.org
 rkverify.securestudies.com
@@ -2264,6 +2280,7 @@ rouvamusta.fi
 royalskyworld.com
 rrbyupdata.renrenbuyu.com
 rrrradkqwdojnqwd.com
+rsmart-testsolutions.watchdogdns.duckdns.org
 rsquareandco.com
 rt001v5r.eresmas.net
 rtcfruit.com
@@ -2294,7 +2311,6 @@ saleswork.nl
 samar.media
 saminvestmentsbv.com
 samix-num.com
-samjhwanki.com
 samjonesrepairs.co.uk
 samuelkageche.co.ke
 sanliurfakarsiyakataksi.com
@@ -2303,7 +2319,6 @@ satsantafe.com.ar
 savethechildren.xyz
 sbe.sa
 scafandro.com.br
-schmutzki.de
 schrott-stuttgart.com
 schuurs.net
 scjelah.com
@@ -2371,6 +2386,7 @@ shrikailashlogicity.in
 shrimahaveerinfrastate.in
 shrimalisonimahamandal.com
 sibcat.info
+siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 sight-admissions.com
 signcutpro.com
 significadoswords.com
@@ -2389,6 +2405,7 @@ sister2sister.today
 sisweb.info
 sitwww.watchdogdns.duckdns.org
 sjbnet.net
+sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 sketchywireframes.com
 skexportsdelhi.com
 skippydeals.com.au
@@ -2406,18 +2423,22 @@ small.962.net
 smart-testsolutions.watchdogdns.duckdns.org
 smartdogsshop.com
 smarteraccounts365-my.sharepoint.com
+smarttechnets.com
 smpadvance.com
 smpleisure.co.uk
 smplmods-ru.1gb.ru
 smtfmb.com
+snopsd.duckdns.org
 snyderprime.com
 soberandbright.co.uk
 soccer4peaceacademy.com
 socialworkacademy.in
 sofrehgard.com
 soft.114lk.com
+soft.duote.com.cn
 soft.mgyun.com
 soft2.mgyun.com
+softhy.net
 software.rasekhoon.net
 sohaans.com
 sohointeriors.org
@@ -2426,6 +2447,7 @@ solahartmentari.com
 solarium.energy
 soloenganche.com
 solvermedia.com.es
+somamradiator.com
 somelie.jp
 songspksongspk.top
 sonshinecelebrations.com
@@ -2458,7 +2480,6 @@ ss.kuai-go.com
 ssc2.kuai-go.com
 ssgarments.pk
 sshousingnproperties.com
-ssmmbed.com
 sssgf.in
 st-medical.pl
 stairnaheireann.ie
@@ -2474,6 +2495,7 @@ statewidehomesavings.com
 static.3001.net
 static.error-soft.net
 static.ilclock.com
+staybigsarash.tcoqianlong.watchdogdns.duckdns.org
 stbarnabasps.edu.na
 steeldoorscuirass.com
 stemcoderacademy.com
@@ -2485,6 +2507,7 @@ stomnsco.com
 storageadda.com
 storetoscore.com
 strikeforce.one
+stringletter.com
 stroim-dom45.ru
 stroppysheilas.com.au
 stroyexpertiza.org
@@ -2511,6 +2534,7 @@ sv.muobjetiva.com
 sv.pvroe.com
 svadebka.by
 svai-nkt.ru
+svmdabwali.com
 svn.cc.jyu.fi
 swanescranes.com.au
 sweethusky.com
@@ -2526,7 +2550,6 @@ ta107s3.watchdogdns.duckdns.org
 tabaslotbpress.com
 tadilatmadilat.com
 tahmincik.webprojemiz.com
-taichinhtrondoi.com
 tamagocin.com
 tantrung.com
 taoday.net
@@ -2542,12 +2565,10 @@ tb.ostroleka.pl
 tc-jaureguiberry.fr
 tck136.com
 tcoqianlong.watchdogdns.duckdns.org
-tcy.198424.com
 td111.com
 teambored.co.uk
 teamfluegel.com
 techidra.com.br
-technoscienceacademy.com
 techrecyclers.info
 tecnologiaz.com
 teelam9.com
@@ -2555,19 +2576,18 @@ tekacars.com
 tekirmak.com.tr
 telegram-tools.ru
 tendep.com
-tepeas.com
 terifischer.com
 terrible.wine
 tesonisitma.com
 test.aimakinvest.kz
 test.sies.uz
-test.taichinhtrondoi.com
 testcrowd.nl
 teste111.hi2.ro
 tewsusa.co
 texeem.com
 tfile.7to.cn
 thaibbqculver.com
+thaidocdaitrang.com
 thales-las.cfdt-fgmm.fr
 thammydiemquynh.com
 thanhtungtanluoc.com
@@ -2576,6 +2596,7 @@ thatoilchick.com
 thebagforum.com
 theboltchick.com
 thecostatranphu.com
+thedopplershift.co.uk
 theengineersguild.com
 thegiddystitcher.com
 thegioicongdungcu.com
@@ -2594,6 +2615,7 @@ thenutnofastflix2.com
 theposh-rack.com
 thepresentationstage.com
 theronnieshow.com
+theshoremalacca.com
 theshowzone.com
 theslimyjay.ml
 thewaysistemas.com.br
@@ -2628,7 +2650,6 @@ toprecipe.co.uk
 topwinnerglobal.com
 topwintips.com
 torontoluxuryrealestatelistings.com
-totaybarypyare.com
 tours-fantastictravel.com
 trafficpullz.co.in
 traktor.parsnet.space
@@ -2649,6 +2670,7 @@ trinidadnorth.com
 triozon.net
 troysumpter.com
 truenorthtimber.com
+tsogomediakit.co.za
 tsport88.com
 tuananhhotel.com
 tuandecal.net
@@ -2692,7 +2714,7 @@ useraccount.co
 usmantea.com
 ussrback.com
 uuuuu.com.tw
-uxz.didiwl.com
+uycqawua.applekid.cn
 uzopeanspecialisthospital.com
 uzri.net
 vaatzit.autoever.com
@@ -2736,6 +2758,7 @@ wasasamfi.com
 watchdogdns.duckdns.org
 watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 watwotunumili.co.ke
+wavemusicstore.com
 wbd.5636.com
 wcf-old.sibcat.info
 wcy.xiaoshikd.com
@@ -2791,7 +2814,6 @@ wxbsc.hzgjp.com
 wxw.jackservice.com.pl
 wyptk.com
 xavietime.com
-xblbnlws.appdoit.cn
 xeroxyaziciservisi.istanbul
 xethugomrac.com.vn
 xfit.kz
@@ -2821,7 +2843,9 @@ xn--h1agffkv.xn--p1ai
 xri4pork.s3.amazonaws.com
 xtproduction.free.fr
 xzb.198424.com
+xzc.197746.com
 xzc.198424.com
+xzd.197946.com
 y31uv4ra1.vo.llnwd.net
 yahyabahadir.com
 yaokuaile.info
@@ -2847,7 +2871,6 @@ yulv.net
 yushifandb.co.th
 yuxue-1251598079.cossh.myqcloud.com
 yzbek.co.ug
-zbancuri.ro
 zdy.17110.com
 zh0379.com
 zh100.xzstatic.com