From 34ecb23d8d5c9b314b917d7a22afe59476812a0f Mon Sep 17 00:00:00 2001
From: curben-bot <curben-bot@users.noreply.gitlab.com>
Date: Thu, 21 Feb 2019 12:25:19 +0000
Subject: [PATCH] Filter updated: Thu, 21 Feb 2019 12:25:18 UTC

---
 src/URLhaus.csv    | 3897 +++++++++++++++++++++++++-------------------
 urlhaus-filter.txt |  622 ++++---
 2 files changed, 2578 insertions(+), 1941 deletions(-)

diff --git a/src/URLhaus.csv b/src/URLhaus.csv
index ad526a6b..365205a6 100644
--- a/src/URLhaus.csv
+++ b/src/URLhaus.csv
@@ -1,62 +1,613 @@
 ################################################################
 # abuse.ch URLhaus Database Dump (CSV)                         #
-# Last updated: 2019-02-21 00:18:17 (UTC)                      #
+# Last updated: 2019-02-21 12:14:55 (UTC)                      #
 #                                                              #
 # Terms Of Use: https://urlhaus.abuse.ch/api/                  #
 # For questions please contact urlhaus [at] abuse.ch           #
 ################################################################
 #
 # id,dateadded,url,url_status,threat,tags,urlhaus_link
-"141249","2019-02-21 00:18:17","http://13.57.29.183/doc/Invoice_number/nNovH-2li_FlkxCNrjt-8e/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141249/"
-"141248","2019-02-21 00:18:06","https://captipic.com/Invoice_number/zDyWf-TXK_hMsKz-sd/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141248/"
+"141802","2019-02-21 12:14:55","http://daroart.eu/De_de/QGUXAECR9949724/Bestellungen/Rechnungsanschrift/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141802/"
+"141801","2019-02-21 12:14:44","http://hindislogan.com/De/OWIQNN6626986/Bestellungen/Zahlung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141801/"
+"141800","2019-02-21 12:14:22","http://35.203.116.213/wordpress/DE/EBFCVJZAEL8485365/DE_de/Fakturierung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141800/"
+"141799","2019-02-21 12:14:10","http://kinhbacchemical.com/TOJKQB6689314/Rechnungs-docs/RECH/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141799/"
+"141798","2019-02-21 12:13:51","http://haunnhyundaibacninh.com/DE/FBXNJU6927043/Rechnungskorrektur/RECHNUNG/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141798/"
+"141797","2019-02-21 12:13:33","http://crypto-strategy.ru/De/VZTTOKH8096938/Scan/FORM/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141797/"
+"141796","2019-02-21 12:13:18","http://mohinhgohandmadedtoys.com/De/DKBNLFVAM9134708/de/Rechnungszahlung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141796/"
+"141795","2019-02-21 12:12:59","http://powervalves.com.ar/DE/TDBUKPA4382389/Rech/RECHNUNG/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141795/"
+"141794","2019-02-21 12:12:40","http://54.172.85.221/KHHIBW1641608/GER/Zahlung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141794/"
+"141793","2019-02-21 12:12:20","http://13.55.221.15/wp-content/de_DE/LRNDSYPFT6585983/Rechnungs/Zahlungserinnerung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141793/"
+"141792","2019-02-21 12:11:58","http://3.87.40.220/DE/CCXVOODB6153566/Rechnung/Rechnungszahlung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141792/"
+"141791","2019-02-21 12:11:38","http://thaithiennam.vn/De/CGAMRKVQ9965014/Rechnung/Fakturierung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141791/"
+"141790","2019-02-21 12:11:20","http://35.247.112.235/De/ZCVTFIJ0800509/Rechnungs-docs/DOC-Dokument/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141790/"
+"141789","2019-02-21 12:09:22","http://aufaazkia.com/wp-includes/de_DE/JLZMMG7815673/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141789/"
+"141788","2019-02-21 12:05:21","http://52.204.186.102/de_DE/CPFNRNIW0961547/","online","malware_download","None","https://urlhaus.abuse.ch/url/141788/"
+"141787","2019-02-21 12:01:23","http://flapcon.com/De/JDWIES2590578/DE_de/BHZMQAD0156374/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141787/"
+"141786","2019-02-21 11:57:17","http://35.245.131.38/wp-admin/DE_de/FCGBMSYZC9096529/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141786/"
+"141785","2019-02-21 11:52:21","http://9casino.net/De_de/TYPRETLCO7440472/","online","malware_download","None","https://urlhaus.abuse.ch/url/141785/"
+"141784","2019-02-21 11:52:12","http://183.179.198.165/DE_de/UUSVKK4236423/","online","malware_download","None","https://urlhaus.abuse.ch/url/141784/"
+"141783","2019-02-21 11:51:38","http://185.101.105.211/bins/yakuza.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141783/"
+"141782","2019-02-21 11:51:30","http://185.101.105.211/bins/yakuza.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141782/"
+"141781","2019-02-21 11:50:59","http://185.101.105.211/bins/yakuza.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141781/"
+"141780","2019-02-21 11:50:52","http://185.101.105.211/bins/yakuza.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141780/"
+"141779","2019-02-21 11:50:44","http://185.101.105.211/bins/yakuza.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141779/"
+"141778","2019-02-21 11:50:30","http://185.101.105.211/bins/yakuza.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141778/"
+"141777","2019-02-21 11:50:20","http://185.101.105.211/bins/yakuza.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141777/"
+"141776","2019-02-21 11:49:26","http://185.101.105.211/bins/yakuza.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141776/"
+"141775","2019-02-21 11:49:01","http://185.101.105.211/bins/yakuza.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141775/"
+"141774","2019-02-21 11:48:32","http://185.101.105.211/bins/yakuza.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141774/"
+"141773","2019-02-21 11:48:02","http://185.101.105.211/bins/yakuza.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141773/"
+"141772","2019-02-21 11:47:32","http://185.101.105.211/bins/x","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141772/"
+"141770","2019-02-21 11:44:09","http://185.101.105.211/bins/dlr.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141770/"
+"141771","2019-02-21 11:44:09","http://185.101.105.211/bins/thinkphp","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141771/"
+"141769","2019-02-21 11:44:08","http://185.101.105.211/bins/dlr.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141769/"
+"141767","2019-02-21 11:44:07","http://185.101.105.211/bins/dlr.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141767/"
+"141768","2019-02-21 11:44:07","http://185.101.105.211/bins/dlr.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141768/"
+"141766","2019-02-21 11:44:06","http://185.101.105.211/bins/dlr.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141766/"
+"141765","2019-02-21 11:44:06","http://54.83.117.78/DE_de/CRFPKDIYLB1388563/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141765/"
+"141764","2019-02-21 11:44:05","http://185.101.105.211/bins/dlr.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141764/"
+"141762","2019-02-21 11:44:04","http://185.101.105.211/bins/dlr.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141762/"
+"141763","2019-02-21 11:44:04","http://185.101.105.211/bins/dlr.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141763/"
+"141761","2019-02-21 11:44:03","http://185.101.105.211/bins/dlr.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141761/"
+"141759","2019-02-21 11:44:02","http://185.101.105.211/bins/dlr.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141759/"
+"141760","2019-02-21 11:44:02","http://185.101.105.211/bins/dlr.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141760/"
+"141758","2019-02-21 11:41:32","http://fb.saltermitchell.com/avily05/de_DE/UGLOKZC3857777/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141758/"
+"141757","2019-02-21 11:40:30","http://all4dl.ir/wp-content/themes/modernfile/images/msg.jpg","online","malware_download","Shade,Troldesh","https://urlhaus.abuse.ch/url/141757/"
+"141756","2019-02-21 11:40:28","http://actinix.com/wp-content/themes/ultra/images/msg.jpg","online","malware_download","Shade,Troldesh","https://urlhaus.abuse.ch/url/141756/"
+"141755","2019-02-21 11:40:23","http://accessilife.org/wp-content/plugins/akismet/_inc/img/msg.jpg","offline","malware_download","Shade,Troldesh","https://urlhaus.abuse.ch/url/141755/"
+"141754","2019-02-21 11:40:20","http://abccomics.com.br/templates/abccomicstheme/css/msg.jpg","online","malware_download","Shade,Troldesh","https://urlhaus.abuse.ch/url/141754/"
+"141753","2019-02-21 11:36:15","http://87.241.135.139:47745/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141753/"
+"141752","2019-02-21 11:36:14","http://177.139.94.79:65321/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141752/"
+"141751","2019-02-21 11:36:11","http://185.101.105.211:80/bins/yakuza.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141751/"
+"141750","2019-02-21 11:36:10","http://ihatehimsomuch.com/Februar2019/HNEOLZYF0641796/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141750/"
+"141749","2019-02-21 11:32:03","http://nonton.myvidio.site/DE/KZYJVKAKK9205612/DE/JKZFRAZE6345889/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141749/"
+"141748","2019-02-21 11:31:33","http://iltopdeltop.com/de_DE/IANJTUAEE4785475/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141748/"
+"141747","2019-02-21 11:28:04","http://khoangsanbg.com.vn/themes/De_de/JAKPOL2671693/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141747/"
+"141746","2019-02-21 11:25:50","http://kamagra4uk.com/tadmin/ff/zic.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141746/"
+"141745","2019-02-21 11:25:43","http://granportale.com.br/bros/22.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141745/"
+"141744","2019-02-21 11:25:09","http://hyper.gaminggo.website/DE/DE/MGCRMUHE2025190/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141744/"
+"141743","2019-02-21 11:24:06","http://granportale.com.br/bros/14.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141743/"
+"141742","2019-02-21 11:23:48","http://granportale.com.br/img/nel.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141742/"
+"141741","2019-02-21 11:23:30","http://37.228.119.107/tin.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141741/"
+"141740","2019-02-21 11:23:22","http://37.228.119.107/win.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141740/"
+"141739","2019-02-21 11:23:13","http://37.228.119.107/sin.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141739/"
+"141738","2019-02-21 11:23:02","http://37.228.119.107/toler.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141738/"
+"141737","2019-02-21 11:22:52","http://37.228.119.107/worming.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141737/"
+"141736","2019-02-21 11:22:41","http://37.228.119.107/table.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141736/"
+"141735","2019-02-21 11:22:28","http://37.228.119.107/radiance.png","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/141735/"
+"141734","2019-02-21 11:22:15","http://kamagra4uk.com/tadmin/kik/vbt.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141734/"
+"141733","2019-02-21 11:19:29","http://185.244.30.147/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141733/"
+"141732","2019-02-21 11:19:22","http://185.244.30.147/bins/hoho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141732/"
+"141731","2019-02-21 11:19:13","http://185.244.30.147/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141731/"
+"141730","2019-02-21 11:19:05","http://185.244.30.147/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141730/"
+"141729","2019-02-21 11:18:59","http://185.244.30.147/bins/hoho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141729/"
+"141728","2019-02-21 11:18:53","http://185.244.30.147/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141728/"
+"141727","2019-02-21 11:18:42","http://185.244.30.147/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141727/"
+"141726","2019-02-21 11:18:32","http://185.244.30.147/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141726/"
+"141725","2019-02-21 11:18:21","http://185.244.30.147/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141725/"
+"141724","2019-02-21 11:18:10","http://185.244.30.147/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141724/"
+"141723","2019-02-21 11:15:19","http://art.sample.smartgalaxy.org/VMwhthSiBx.php","offline","malware_download","AUS,DanaBot,exe,geofenced,headersfenced,Sandiflux","https://urlhaus.abuse.ch/url/141723/"
+"141722","2019-02-21 11:15:04","http://anedma.com/DE/GNYIIPKF5603792/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141722/"
+"141721","2019-02-21 11:13:02","http://b.top4top.net/p_1042pycd51.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141721/"
+"141720","2019-02-21 11:13:01","http://b.top4top.net/p_4150lzvz1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141720/"
+"141719","2019-02-21 11:11:08","http://taiyo-gr.info/images/_notes/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141719/"
+"141717","2019-02-21 11:11:04","http://csvina.vn/de_DE/INEEXZ5854989/","online","malware_download","None","https://urlhaus.abuse.ch/url/141717/"
+"141718","2019-02-21 11:11:04","http://kamagra4uk.com/images/gee/ab/abb.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141718/"
+"141716","2019-02-21 11:07:07","http://amatis.in/de_DE/BWECPOHZO0143535/","online","malware_download","None","https://urlhaus.abuse.ch/url/141716/"
+"141715","2019-02-21 11:04:19","http://www.myselfasanother.net/wp-admin/css/colors/blue/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141715/"
+"141714","2019-02-21 11:03:19","http://35.221.42.220/DE/TNAPIDRBFS9083544/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141714/"
+"141713","2019-02-21 10:58:07","http://119.9.136.146/DE_de/FHCJMNDJSV1109237/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141713/"
+"141712","2019-02-21 10:55:07","https://www.kamagra4uk.com/images/gee/obn/obn.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141712/"
+"141711","2019-02-21 10:54:09","http://b.top4top.net/p_394ed2c11.jpg","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/141711/"
+"141710","2019-02-21 10:54:08","http://owa.wpmunetwork.com/Invalid_Swift_Code_jpg.zip","offline","malware_download","vbs,zip","https://urlhaus.abuse.ch/url/141710/"
+"141709","2019-02-21 10:54:06","http://ec2-18-130-79-113.eu-west-2.compute.amazonaws.com/wp-content/De_de/VKBSYTCEJW3284904/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141709/"
+"141708","2019-02-21 10:50:02","http://a4o.pl/Februar2019/HQEXOJERQG6192106/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141708/"
+"141707","2019-02-21 10:46:06","http://authenticity.id/De/CDZBKC8917266/","online","malware_download","None","https://urlhaus.abuse.ch/url/141707/"
+"141706","2019-02-21 10:44:10","http://files.anjian.com/forum/201307/24/194027tt7gtjutf89fjpfj.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141706/"
+"141705","2019-02-21 10:44:03","http://b.top4top.net/p_1113zezwp1.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141705/"
+"141704","2019-02-21 10:44:03","http://kamagra4uk.com/tadmin/mor/nmor.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141704/"
+"141703","2019-02-21 10:43:07","http://granportale.com.br/img/prince.jpg","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/141703/"
+"141702","2019-02-21 10:41:02","http://34.229.7.66/Februar2019/DAHDDBMJW2146584/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141702/"
+"141701","2019-02-21 10:39:08","http://185.120.58.196/leag.bin","online","malware_download","exe,stealer,Vidar","https://urlhaus.abuse.ch/url/141701/"
+"141700","2019-02-21 10:37:08","http://ngkidshop.com/DE/CWIRDUAYAA0892717/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141700/"
+"141699","2019-02-21 10:34:31","http://13.250.36.131/luDCfRPwaD/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141699/"
+"141698","2019-02-21 10:34:28","http://178.128.238.130/lgbLuD18/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141698/"
+"141697","2019-02-21 10:34:26","http://13.211.153.58/zLoop5rD/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141697/"
+"141696","2019-02-21 10:34:21","http://mediarox.com/6wcdQDCe/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141696/"
+"141695","2019-02-21 10:34:17","http://tony-shoes.com/7JzXexTmCI/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141695/"
+"141694","2019-02-21 10:34:11","http://www.wiramelayu.com/DE_de/SFYRPSBT4193902/","online","malware_download","None","https://urlhaus.abuse.ch/url/141694/"
+"141693","2019-02-21 10:33:55","http://thammydiemquynh.com/De/CFOULKFZ8281757/GER/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141693/"
+"141692","2019-02-21 10:33:49","http://brisson-taxidermiste.fr/De/JMCJXDLJVB6221669/Scan/Zahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141692/"
+"141691","2019-02-21 10:33:45","http://13.59.135.197/De/ICEDHBQZA5558282/Rechnung/Zahlungserinnerung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141691/"
+"141690","2019-02-21 10:33:35","http://35.192.67.231/De/MUEERPW2483146/Rechnung/Rechnungsanschrift/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141690/"
+"141689","2019-02-21 10:33:31","http://acdhon.com/DE_de/ZWORMBOSOP2547152/Bestellungen/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141689/"
+"141688","2019-02-21 10:33:26","http://13.114.47.124/DE/PLBXLZNHH3616069/Rechnungs/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141688/"
+"141687","2019-02-21 10:33:20","http://aquilastudios.se/De_de/XTZULCD9531673/Rechnungs/Rechnungszahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141687/"
+"141686","2019-02-21 10:33:14","http://lar.biz/De_de/JODYKZVGFS3208530/Rechnung/Zahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141686/"
+"141685","2019-02-21 10:33:01","http://13.251.144.86/DE/MXYOEWEXAZ2393991/Bestellungen/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141685/"
+"141684","2019-02-21 10:32:56","http://kn-paradise.net.vn/SKQIEFFQUX0064509/Rechnungs/RECHNUNG/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141684/"
+"141683","2019-02-21 10:32:42","https://crestailiaca.com/PHXQOU0845448/de/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141683/"
+"141682","2019-02-21 10:32:38","http://18.207.109.124/Februar2019/WQPDVBZH5734905/DE_de/DETAILS/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141682/"
+"141681","2019-02-21 10:32:32","http://3.121.44.244/wp-content/secure/online/thrust/list/aWAmsiXqfMWfMQ7OEnPOc/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141681/"
+"141680","2019-02-21 10:32:24","http://canhocaocap24h.info/de_DE/UIVPAXRRES7413316/Rechnungs/Fakturierung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141680/"
+"141679","2019-02-21 10:32:09","http://samettanriverdi.com/DE/LUUAKEX2140183/Dokumente/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141679/"
+"141678","2019-02-21 10:32:05","http://www.cbmagency.com/QQGBITWVL2410153/Rechnungs-docs/DOC-Dokument/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141678/"
+"141677","2019-02-21 10:31:59","http://deverlop.familyhospital.vn/ZUCSWKJMO9174326/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141677/"
+"141676","2019-02-21 10:31:46","http://lds.in.ua/VQMHAY6331329/Rechnungs-Details/Zahlungserinnerung/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141676/"
+"141675","2019-02-21 10:31:38","http://tongdailyson.com/De_de/YRGVFHUPF7308238/Rechnungs-Details/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141675/"
+"141674","2019-02-21 10:31:26","http://www.cateringbangkok.in.th/wp-content/DE/KWJKVKW7732846/GER/DETAILS/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141674/"
+"141673","2019-02-21 10:31:18","http://78.207.210.11/@eaDir/De_de/EUXFSLYLHK8552945/gescanntes-Dokument/Rechnungsanschrift/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141673/"
+"141672","2019-02-21 10:31:12","http://18.130.106.226/De_de/MMTOIGD6534124/Bestellungen/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141672/"
+"141671","2019-02-21 10:31:05","http://206.189.181.0/De/JFNNQGBB9249994/Rechnungs-Details/DOC-Dokument/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141671/"
+"141670","2019-02-21 10:29:02","http://kamagra4uk.com/tadmin/ok/oki.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141670/"
+"141669","2019-02-21 10:28:07","http://alabarderomadrid.es/DE/JSFVSAFMT2784134/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141669/"
+"141668","2019-02-21 10:24:02","http://lionestateturkey.com/LSWAGCST5581606//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141668/"
+"141666","2019-02-21 10:21:09","http://54.37.155.75/tftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141666/"
+"141667","2019-02-21 10:21:09","http://54.37.155.75/wget","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141667/"
+"141664","2019-02-21 10:21:08","http://54.37.155.75/sh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141664/"
+"141665","2019-02-21 10:21:08","http://54.37.155.75/sshd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141665/"
+"141662","2019-02-21 10:21:07","http://54.37.155.75/openssh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141662/"
+"141663","2019-02-21 10:21:07","http://54.37.155.75/pftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141663/"
+"141661","2019-02-21 10:21:06","http://54.37.155.75/ntpd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141661/"
+"141660","2019-02-21 10:21:05","http://54.37.155.75/ftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141660/"
+"141658","2019-02-21 10:21:04","http://54.37.155.75/bash","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141658/"
+"141659","2019-02-21 10:21:04","http://54.37.155.75/cron","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141659/"
+"141657","2019-02-21 10:21:03","http://54.37.155.75/apache2","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141657/"
+"141656","2019-02-21 10:21:02","http://54.37.155.75/[cpu]","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141656/"
+"141655","2019-02-21 10:20:02","http://35.240.15.202/DE_de/WBNSWBWRBD6757520/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141655/"
+"141654","2019-02-21 10:16:05","http://alabarderomadrid.es/De_de/TSJDXHDXKV4126027/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","None","https://urlhaus.abuse.ch/url/141654/"
+"141653","2019-02-21 10:13:07","http://34.199.99.97/De/NAZVZXEI6813517/Scan/DOC//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141653/"
+"141652","2019-02-21 10:12:08","http://34.199.99.97/De/NAZVZXEI6813517/Scan/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141652/"
+"141651","2019-02-21 10:08:08","http://13.125.71.19/wordpress/DE/TCUFDVAH6061065/gescanntes-Dokument/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141651/"
+"141650","2019-02-21 10:03:03","http://miennamoto.com/De/AHYWAWWKO5529630/Bestellungen/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141650/"
+"141649","2019-02-21 10:00:04","http://206.189.200.115/telnet.x32","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141649/"
+"141648","2019-02-21 10:00:02","http://206.189.200.115/telnet.spc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141648/"
+"141647","2019-02-21 09:59:06","http://13.234.1.52/De_de/ZDZIHUC0334335/Scan/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141647/"
+"141646","2019-02-21 09:59:04","http://185.244.25.198/bins/m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141646/"
+"141644","2019-02-21 09:59:03","http://185.244.25.198/bins/ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141644/"
+"141645","2019-02-21 09:59:03","http://185.244.25.198/bins/spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141645/"
+"141642","2019-02-21 09:59:02","http://185.244.25.198/bins/mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141642/"
+"141643","2019-02-21 09:59:02","http://185.244.25.198/bins/mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141643/"
+"141641","2019-02-21 09:59:01","http://185.244.25.198/bins/sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141641/"
+"141640","2019-02-21 09:58:02","http://206.189.200.115/telnet.arm4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141640/"
+"141639","2019-02-21 09:57:03","http://206.189.200.115/telnet.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141639/"
+"141638","2019-02-21 09:56:02","http://46.101.213.240/yakuza.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141638/"
+"141637","2019-02-21 09:55:03","http://lazell.pl/wp-includes/de_DE/FBLWXUCY2886002/Rechnungs/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141637/"
+"141636","2019-02-21 09:54:04","http://185.244.25.198/bins/x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141636/"
+"141635","2019-02-21 09:54:03","http://185.244.25.198/bins/arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141635/"
+"141634","2019-02-21 09:54:03","http://185.244.25.198/bins/arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141634/"
+"141633","2019-02-21 09:54:02","http://185.244.25.198/bins/arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141633/"
+"141632","2019-02-21 09:51:02","http://www.flapcon.com/Februar2019/YAKEKVU9414009/de/RECH//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141632/"
+"141631","2019-02-21 09:47:05","http://185.244.25.198/bins/arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/141631/"
+"141630","2019-02-21 09:47:04","http://13.229.109.5/Februar2019/TBVZJCNS9637058/Bestellungen/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141630/"
+"141629","2019-02-21 09:42:33","http://llhd.jp/1641/1/llkick.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/141629/"
+"141628","2019-02-21 09:42:04","http://lubraperfis.com.br/Februar2019/BNHFDHJ3055032/Scan/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141628/"
+"141627","2019-02-21 09:37:03","http://farshzagros.com/DE_de/LLVNER2168947/Bestellungen/RECHNUNG//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141627/"
+"141626","2019-02-21 09:33:06","http://13.229.172.62/de_DE/KDXAYPYK3367149/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141626/"
+"141625","2019-02-21 09:29:06","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid13.jam","offline","malware_download","Dreambot,Gozi,ursnif","https://urlhaus.abuse.ch/url/141625/"
+"141624","2019-02-21 09:29:05","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php","offline","malware_download","Dreambot,Gozi,ursnif","https://urlhaus.abuse.ch/url/141624/"
+"141623","2019-02-21 09:29:05","http://www.envi1.com/De/IDBTFZOCC5628343/Rechnungs/RECH/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141623/"
+"141621","2019-02-21 09:27:11","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid8.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141621/"
+"141622","2019-02-21 09:27:11","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid9.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141622/"
+"141618","2019-02-21 09:27:10","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid5.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141618/"
+"141619","2019-02-21 09:27:10","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid6.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141619/"
+"141620","2019-02-21 09:27:10","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid7.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141620/"
+"141614","2019-02-21 09:27:09","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid1.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141614/"
+"141615","2019-02-21 09:27:09","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid2.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141615/"
+"141616","2019-02-21 09:27:09","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid3.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141616/"
+"141617","2019-02-21 09:27:09","http://89.223.28.184/xn102sp10zk/m10ps1-slx.php?l=ledid4.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141617/"
+"141611","2019-02-21 09:27:08","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid7.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141611/"
+"141612","2019-02-21 09:27:08","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid8.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141612/"
+"141613","2019-02-21 09:27:08","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid9.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141613/"
+"141608","2019-02-21 09:27:07","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid4.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141608/"
+"141609","2019-02-21 09:27:07","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid5.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141609/"
+"141610","2019-02-21 09:27:07","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid6.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141610/"
+"141605","2019-02-21 09:27:06","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid1.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141605/"
+"141606","2019-02-21 09:27:06","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid2.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141606/"
+"141607","2019-02-21 09:27:06","http://fmarquisecale.com/xn102sp10zk/m10ps1-slx.php?l=ledid3.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141607/"
+"141603","2019-02-21 09:27:05","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid8.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141603/"
+"141604","2019-02-21 09:27:05","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid9.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141604/"
+"141600","2019-02-21 09:27:04","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid5.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141600/"
+"141601","2019-02-21 09:27:04","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid6.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141601/"
+"141602","2019-02-21 09:27:04","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid7.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141602/"
+"141597","2019-02-21 09:27:03","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid2.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141597/"
+"141598","2019-02-21 09:27:03","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid3.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141598/"
+"141599","2019-02-21 09:27:03","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid4.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141599/"
+"141596","2019-02-21 09:27:02","http://nuavclq20tony.com/xn102sp10zk/m10ps1-slx.php?l=ledid1.jam","offline","malware_download","ursnif italy","https://urlhaus.abuse.ch/url/141596/"
+"141595","2019-02-21 09:25:03","http://13.127.110.92/Februar2019/LEUAIIEJAL8408929/Rechnungs/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141595/"
+"141594","2019-02-21 09:22:03","http://iqhomeyapi.com/DE/QTJUMYYBF7855310/DE_de/Rechnungszahlung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141594/"
+"141593","2019-02-21 09:16:03","http://13.127.212.245/Februar2019/ZNMKNCMPM3005827/DE/FORM//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141593/"
+"141592","2019-02-21 09:13:03","http://13.73.162.155/De/IGGIYNZKGL8673935/Rechnung/Rechnungszahlung//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141592/"
+"141591","2019-02-21 09:11:45","http://206.189.131.31/adcvds","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141591/"
+"141590","2019-02-21 09:11:42","http://206.189.131.31/qtmzbn","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141590/"
+"141589","2019-02-21 09:11:36","http://206.189.200.115/telnet.x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141589/"
+"141588","2019-02-21 09:11:32","http://206.189.131.31/fwdfvf","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141588/"
+"141587","2019-02-21 09:11:27","http://206.189.131.31/qvmxvl","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141587/"
+"141586","2019-02-21 09:11:23","http://206.189.131.31/lnkfmx","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141586/"
+"141585","2019-02-21 09:11:20","http://206.189.131.31/razdzn","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141585/"
+"141584","2019-02-21 09:11:17","http://206.189.131.31/nvitpj","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141584/"
+"141583","2019-02-21 09:11:14","http://206.189.131.31/vvglma","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141583/"
+"141582","2019-02-21 09:11:11","http://206.189.131.31/vtyhat","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141582/"
+"141581","2019-02-21 09:11:08","http://206.189.131.31/cemtop","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141581/"
+"141580","2019-02-21 09:11:05","http://206.189.131.31/earyzq","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141580/"
+"141579","2019-02-21 09:09:32","http://54.37.17.252/earyzq","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141579/"
+"141578","2019-02-21 09:09:29","http://54.37.17.252/cemtop","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141578/"
+"141577","2019-02-21 09:09:26","http://54.37.17.252/vtyhat","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141577/"
+"141576","2019-02-21 09:09:24","http://54.37.17.252/vvglma","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141576/"
+"141575","2019-02-21 09:09:21","http://54.37.17.252/nvitpj","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141575/"
+"141574","2019-02-21 09:09:18","http://54.37.17.252/lnkfmx","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141574/"
+"141573","2019-02-21 09:09:16","http://54.37.17.252/qvmxvl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141573/"
+"141572","2019-02-21 09:09:13","http://kynangthuyettrinh.edu.vn/MWEMJN5994446/Rechnung/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141572/"
+"141571","2019-02-21 09:09:05","http://54.37.17.252/ajoomk","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141571/"
+"141570","2019-02-21 09:08:22","https://mjmazza.com/solutions/management.hlp","offline","malware_download","AUS,BITS,exe,geofenced,Gozi,headersfenced","https://urlhaus.abuse.ch/url/141570/"
+"141569","2019-02-21 09:08:18","http://54.37.17.252/atxhua","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141569/"
+"141568","2019-02-21 09:08:13","http://54.37.17.252/qtmzbn","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141568/"
+"141567","2019-02-21 09:08:08","http://54.37.17.252/adcvds","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141567/"
+"141566","2019-02-21 09:08:04","http://185.135.82.116/pl0xsh4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141566/"
+"141565","2019-02-21 09:07:58","http://185.135.82.116/pl0xx64","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141565/"
+"141564","2019-02-21 09:07:51","http://185.135.82.116/kittyphones","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141564/"
+"141563","2019-02-21 09:07:46","http://185.135.82.116/pl0xi686","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141563/"
+"141562","2019-02-21 09:07:25","http://185.135.82.116/pl0xppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141562/"
+"141561","2019-02-21 09:07:08","http://185.135.82.116/ftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141561/"
+"141560","2019-02-21 09:06:09","http://206.189.200.115/telnet.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141560/"
+"141559","2019-02-21 09:05:51","http://54.37.17.252/fwdfvf","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141559/"
+"141558","2019-02-21 09:05:46","http://206.189.200.115/telnet.x64","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141558/"
+"141557","2019-02-21 09:05:39","http://206.189.131.31/ajoomk","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141557/"
+"141556","2019-02-21 09:05:32","http://185.135.82.116/pftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141556/"
+"141555","2019-02-21 09:05:27","http://185.135.82.116/pl0xsparc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141555/"
+"141554","2019-02-21 09:05:22","http://185.135.82.116/apache2","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141554/"
+"141553","2019-02-21 09:05:16","http://185.135.82.116/telnetd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141553/"
+"141552","2019-02-21 09:05:10","http://46.101.213.240/yakuza.sh4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141552/"
+"141551","2019-02-21 09:04:03","http://18.130.111.206/wp/De/IKRKKME7312351/Rechnungs-docs/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141551/"
+"141550","2019-02-21 09:03:18","http://206.189.131.31/atxhua","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141550/"
+"141549","2019-02-21 09:03:16","http://54.37.17.252/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141549/"
+"141548","2019-02-21 09:03:14","http://206.189.200.115/telnet.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141548/"
+"141547","2019-02-21 09:03:13","http://46.101.213.240/yakuza.mpsl","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141547/"
+"141546","2019-02-21 09:03:11","http://46.101.213.240/yakuza.mips","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141546/"
+"141545","2019-02-21 09:03:09","http://46.101.213.240/yakuza.m68k","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141545/"
+"141544","2019-02-21 09:03:07","http://46.101.213.240/yakuza.ppc","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141544/"
+"141543","2019-02-21 09:03:05","http://46.101.213.240/yakuza.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141543/"
+"141542","2019-02-21 09:03:03","http://46.101.213.240/yakuza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/141542/"
+"141541","2019-02-21 09:02:02","http://206.189.200.115/telnet.ppc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141541/"
+"141539","2019-02-21 09:01:03","http://206.189.200.115/telnet.arm7","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141539/"
+"141538","2019-02-21 09:00:15","http://46.101.213.240/yakuza.x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141538/"
+"141537","2019-02-21 09:00:14","http://206.189.200.115/telnet.mipsel","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141537/"
+"141536","2019-02-21 09:00:13","http://46.101.220.88/bins/Solstice.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141536/"
+"141535","2019-02-21 09:00:12","http://46.101.220.88/bins/Solstice.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141535/"
+"141534","2019-02-21 09:00:11","http://ylgcelik.site/DE_de/DHUYMDQ8753701/Rechnungs-Details/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141534/"
+"141533","2019-02-21 09:00:10","http://46.101.220.88/bins/Solstice.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141533/"
+"141532","2019-02-21 09:00:09","http://46.101.220.88/bins/Solstice.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141532/"
+"141531","2019-02-21 09:00:08","http://46.101.220.88/bins/Solstice.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141531/"
+"141530","2019-02-21 09:00:07","http://46.101.220.88/bins/Solstice.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141530/"
+"141528","2019-02-21 09:00:06","http://46.101.220.88/bins/Solstice.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141528/"
+"141529","2019-02-21 09:00:06","http://46.101.220.88/bins/Solstice.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141529/"
+"141527","2019-02-21 09:00:05","http://46.101.220.88/bins/Solstice.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141527/"
+"141526","2019-02-21 09:00:04","http://46.101.220.88/bins/Solstice.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141526/"
+"141525","2019-02-21 09:00:03","http://46.101.220.88/bins/Solstice.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141525/"
+"141524","2019-02-21 08:59:03","http://46.101.213.240/yakuza.x32","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141524/"
+"141523","2019-02-21 08:59:02","http://206.189.200.115/telnet.sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141523/"
+"141522","2019-02-21 08:58:03","http://206.189.200.115/telnet.arm5","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141522/"
+"141521","2019-02-21 08:56:06","https://onedrive.live.com/download?cid=64DE6B3FCA356C05&resid=64DE6B3FCA356C05%211284&authkey=APDonrm4qUrpCqk","online","malware_download","None","https://urlhaus.abuse.ch/url/141521/"
+"141520","2019-02-21 08:56:04","http://update.5v.pl/a1.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/141520/"
+"141519","2019-02-21 08:56:02","http://kamajankowska.com/DE_de/TRXOWRYINA1097305/Rechnungs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141519/"
+"141518","2019-02-21 08:52:02","http://latuagrottaferrata.it/De_de/HYIMFYPDR7720398/gescanntes-Dokument/DETAILS/","online","malware_download","None","https://urlhaus.abuse.ch/url/141518/"
+"141517","2019-02-21 08:49:02","http://mypayanam.com/exp/a1.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/141517/"
+"141516","2019-02-21 08:48:07","https://www.matematik365.com/wp-content/themes/eduma/page-templates/pik.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/141516/"
+"141515","2019-02-21 08:48:04","http://46.101.213.240/yakuza.i586","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141515/"
+"141514","2019-02-21 08:48:03","http://secondmortgagerates.ca/DE_de/HEYWXUF5339793/Rech/Fakturierung/","online","malware_download","None","https://urlhaus.abuse.ch/url/141514/"
+"141513","2019-02-21 08:44:24","http://www.sweethusky.com/Februar2019/ELUKSM1691772/Rechnungs/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141513/"
+"141512","2019-02-21 08:41:10","http://clipestan.com/Februar2019/GUNCNBMTIZ7662057/Dokumente/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141512/"
+"141511","2019-02-21 08:36:12","http://daroart.eu/De_de/QGUXAECR9949724/Bestellungen/Rechnungsanschrift//","offline","malware_download","None","https://urlhaus.abuse.ch/url/141511/"
+"141510","2019-02-21 08:34:15","http://cryptoholders.org/de_DE/TUTPSG5968355/Scan/DETAILS/","online","malware_download","None","https://urlhaus.abuse.ch/url/141510/"
+"141509","2019-02-21 08:27:04","http://fenapro.org.br/templates/ja_edenite/admin/msg.jpg","online","malware_download","exe,Ransomware,Troldesh","https://urlhaus.abuse.ch/url/141509/"
+"141508","2019-02-21 08:20:15","http://mox-sped.pl/pYfGcvvnDu/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141508/"
+"141507","2019-02-21 08:20:15","http://www.51-iblog.com/wp-content/uploads/gPmnfbWc9Z9i/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141507/"
+"141506","2019-02-21 08:20:09","http://bornkickers.kounterdev.com/wp-content/uploads/gUQNEoir/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141506/"
+"141505","2019-02-21 08:20:08","http://lojamariadenazare.com/ERoa6umx53Ycv0HN_jhVO7N/","online","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/141505/"
+"141504","2019-02-21 08:20:03","http://188.192.104.226/wordpress/WLc3L83MPzz0b_Y5/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141504/"
+"141503","2019-02-21 08:15:05","https://uccea5e316cd14ad1ec0a2084d92.dl.dropboxusercontent.com/cd/0/get/Abu2XJyXhuO7ahLGSkLWm2vvvrZkszcwfEC37Lmli-R4WBGoro7aZ7h8zDTwYYAIoewdKMNUmYArLAirRGI18-p0DYaZQBMhfPolpZru69v1EQ/file?dl=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/141503/"
+"141502","2019-02-21 08:12:27","http://granportale.com.br/imagens/dek.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141502/"
+"141501","2019-02-21 08:06:10","http://36.78.126.219:33095/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141501/"
+"141500","2019-02-21 08:06:02","http://185.244.25.198:80/bins/arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/141500/"
+"141499","2019-02-21 08:05:06","http://116.109.202.44:58728/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141499/"
+"141498","2019-02-21 08:05:03","http://gemphotographynj.com/wp-content/themes/kreativa/woocommerce/cart/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141498/"
+"141497","2019-02-21 08:03:05","http://virtualrally.eu/poradnik/files/RBRTM088Inst.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141497/"
+"141496","2019-02-21 08:03:02","http://159.89.231.237/bins/tmp.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141496/"
+"141495","2019-02-21 07:54:17","https://www.kamagra4uk.com/images/gee/ab/abb.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141495/"
+"141494","2019-02-21 07:54:08","https://www.kamagra4uk.com/tadmin/ok/oki.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141494/"
+"141493","2019-02-21 07:46:05","http://gemphotographynj.com/wp-content/themes/kreativa/woocommerce/cart/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141493/"
+"141492","2019-02-21 07:44:08","http://mantoerika.yazdvip.ir/xerox/Copy_Invoice/BLvZd-boDwE_vmYCwE-kP8/?","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/141492/"
+"141491","2019-02-21 07:44:05","http://kensei-kogyo.com/wpmain/wp-admin/css/colors/blue/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141491/"
+"141490","2019-02-21 07:43:13","https://www.kamagra4uk.com/tadmin/mor/nmor.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141490/"
+"141489","2019-02-21 07:43:07","http://cdn.top4top.net/i_98e280bcdf1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141489/"
+"141488","2019-02-21 07:43:07","http://koharu2007.com/images/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141488/"
+"141487","2019-02-21 07:41:02","http://arsenel-bg.com/eb.jpg","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/141487/"
+"141486","2019-02-21 07:34:06","http://cdn.top4top.net/i_9ba42a19891.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141486/"
+"141485","2019-02-21 07:34:06","https://drive.google.com/uc?export=download&id=12Pfk4Aae_AGmHUQoYmac_kZTqz4jFnew","online","malware_download","compressed,Gozi,payload,zip","https://urlhaus.abuse.ch/url/141485/"
+"141484","2019-02-21 07:34:03","https://docs.google.com/uc?id=12Pfk4Aae_AGmHUQoYmac_kZTqz4jFnew","online","malware_download","compressed,Gozi,payload,zip","https://urlhaus.abuse.ch/url/141484/"
+"141483","2019-02-21 07:33:06","https://www.kamagra4uk.com/tadmin/ff/zic.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141483/"
+"141481","2019-02-21 07:31:03","http://35.183.245.54/jet/sucerrents2.txt","online","malware_download","Loader,script,stage1","https://urlhaus.abuse.ch/url/141481/"
+"141482","2019-02-21 07:31:03","http://premereinvio.eu/AutoUpdate/AAA-RegistryBackup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141482/"
+"141480","2019-02-21 07:31:02","http://35.183.245.54/jet/sucerrents1.txt","online","malware_download","Loader,script,stage1","https://urlhaus.abuse.ch/url/141480/"
+"141479","2019-02-21 07:30:36","http://35.183.245.54/jet/sucerrents.zip","online","malware_download","compressed,payload,script,stage1,stage2,zip","https://urlhaus.abuse.ch/url/141479/"
+"141478","2019-02-21 07:30:18","http://35.183.245.54/jet/sucerrents.txt","online","malware_download","compressed,payload,script,stage1,stage2,zip","https://urlhaus.abuse.ch/url/141478/"
+"141477","2019-02-21 07:30:14","http://nondollarreport.com/wp-content/cache/frnx.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141477/"
+"141476","2019-02-21 07:25:20","http://diaocthiennam.vn/tcD61klP/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141476/"
+"141475","2019-02-21 07:25:00","http://fit-school.ru/zCBKJesoEs/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141475/"
+"141474","2019-02-21 07:24:46","http://thptngochoi.edu.vn/3X1Gc99SU/","online","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141474/"
+"141473","2019-02-21 07:24:39","http://sosh47.citycheb.ru/Epe9RyrbX/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141473/"
+"141472","2019-02-21 07:24:31","http://81.56.198.200/vzDYQ0vT/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141472/"
+"141471","2019-02-21 07:23:10","https://cdn-10.anonfile.com/KcSc1bu5bb/dbf80f30-1550733758/InstagramChecker2019.exe","offline","malware_download","exe,payload,quasar,rat","https://urlhaus.abuse.ch/url/141471/"
+"141470","2019-02-21 07:22:20","https://www.kamagra4uk.com/tadmin/kik/vbt.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141470/"
+"141469","2019-02-21 07:21:09","http://update.joinbr.com/lmupdate/brpi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141469/"
+"141468","2019-02-21 07:20:05","http://134.209.48.14/bins/DEMONS.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141468/"
+"141467","2019-02-21 07:19:03","http://virtualrally.eu/poradnik/files/RBRTM087EInst.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141467/"
+"141466","2019-02-21 07:18:02","http://www.pesei.it/old/licr.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141466/"
+"141465","2019-02-21 07:17:07","http://tku-shorinjikempo.com/WP/wp-admin/css/colors/blue/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141465/"
+"141464","2019-02-21 07:17:02","http://cdn.top4top.net/i_c0ea84891d1.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141464/"
+"141463","2019-02-21 07:15:06","https://uca66c682d9153085263b4671df5.dl.dropboxusercontent.com/cd/0/get/AbsuZKP1mY0yCSgNuePB6kBAuF_sMIpFmhwqUANLmrF9MFiJ5EfMlJj7xOfi4BEuo5YnQe7vE_OATk3n-exP6RRPh0CMs0utG6gNlIjF5goWnQ/file?dl=1#","offline","malware_download","exe,iso","https://urlhaus.abuse.ch/url/141463/"
+"141462","2019-02-21 07:09:03","http://185.244.25.242/bins/sh4.light","online","malware_download","elf","https://urlhaus.abuse.ch/url/141462/"
+"141461","2019-02-21 07:09:02","http://159.89.231.237/bins/tmp.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141461/"
+"141459","2019-02-21 07:07:08","http://185.244.25.242/bins/arm5.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141459/"
+"141460","2019-02-21 07:07:08","http://185.244.25.242/bins/arm7.light","online","malware_download","elf","https://urlhaus.abuse.ch/url/141460/"
+"141458","2019-02-21 07:07:07","http://159.89.231.237/bins/tmp.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141458/"
+"141457","2019-02-21 07:06:03","http://159.89.231.237/bins/tmp.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141457/"
+"141456","2019-02-21 07:06:02","http://159.89.231.237/bins/tmp.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141456/"
+"141455","2019-02-21 07:04:04","http://185.244.30.141/Okami.i586","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141455/"
+"141454","2019-02-21 07:04:03","http://185.244.30.141/Okami.arm4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141454/"
+"141452","2019-02-21 07:04:02","http://185.244.30.141/Okami.arm5","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141452/"
+"141453","2019-02-21 07:04:02","http://185.244.30.141/Okami.arm7","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141453/"
+"141451","2019-02-21 07:03:16","http://wonderbooth.com.my/zxc.jpg","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/141451/"
+"141450","2019-02-21 07:03:03","http://185.244.25.242/bins/spc.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141450/"
+"141448","2019-02-21 07:03:02","http://185.244.25.242/bins/ppc.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141448/"
+"141449","2019-02-21 07:03:02","http://185.244.30.141/Okami.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141449/"
+"141447","2019-02-21 07:02:08","http://185.244.30.141/Okami.mpsl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141447/"
+"141446","2019-02-21 07:02:07","http://185.244.25.242/bins/mpsl.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141446/"
+"141445","2019-02-21 07:02:02","http://185.244.25.242/bins/x86.light","online","malware_download","elf","https://urlhaus.abuse.ch/url/141445/"
+"141444","2019-02-21 07:01:05","http://159.89.231.237/bins/tmp.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141444/"
+"141443","2019-02-21 07:01:04","http://159.89.231.237/bins/tmp.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141443/"
+"141442","2019-02-21 07:01:03","http://185.244.30.141/Okami.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141442/"
+"141441","2019-02-21 07:01:02","http://185.244.30.141/Okami.x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141441/"
+"141440","2019-02-21 06:59:03","http://185.244.25.242/bins/arm6.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141440/"
+"141439","2019-02-21 06:59:03","http://185.244.30.141/Okami.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141439/"
+"141438","2019-02-21 06:59:02","http://185.244.30.141/Okami.sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141438/"
+"141437","2019-02-21 06:59:01","http://185.244.30.141/Okami.i686","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141437/"
+"141436","2019-02-21 06:58:08","http://185.244.30.141/Okami.sparc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141436/"
+"141435","2019-02-21 06:58:06","http://185.244.25.242/bins/arm.light","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141435/"
+"141434","2019-02-21 06:58:05","http://159.89.231.237/bins/tmp.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141434/"
+"141433","2019-02-21 06:58:03","http://159.89.231.237/bins/tmp.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141433/"
+"141432","2019-02-21 06:56:06","http://159.89.231.237/bins/tmp.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141432/"
+"141431","2019-02-21 06:50:15","http://www.act-mag.com/wp/klzb.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/141431/"
+"141430","2019-02-21 06:48:11","http://www.act-mag.com/wp/liwx.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141430/"
+"141428","2019-02-21 06:45:08","https://share.dmca.gripe/AvRc6bm7CLFWa6Pe.jpg","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/141428/"
+"141427","2019-02-21 06:35:17","http://ummydownload.com/sweet_cli.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141427/"
+"141426","2019-02-21 06:21:19","http://www.greatissoftware.com/unhackmeb.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/141426/"
+"141425","2019-02-21 06:21:05","http://159.89.231.237/Kuso69/Akiru.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141425/"
+"141424","2019-02-21 06:21:04","http://134.209.48.14/bins/DEMONS.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141424/"
+"141423","2019-02-21 06:20:34","http://134.209.48.14/bins/DEMONS.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141423/"
+"141422","2019-02-21 06:20:24","http://134.209.48.14/bins/DEMONS.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141422/"
+"141421","2019-02-21 06:20:15","http://83.166.247.73/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141421/"
+"141420","2019-02-21 06:20:09","http://159.89.231.237/Kuso69/Akiru.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141420/"
+"141419","2019-02-21 06:19:02","https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6e2f6c8c5aduP2Yiwx/basejefin.txt","offline","malware_download","base64","https://urlhaus.abuse.ch/url/141419/"
+"141418","2019-02-21 06:18:53","http://vidalaviva.com/novo/Base64.txt","offline","malware_download","base64","https://urlhaus.abuse.ch/url/141418/"
+"141417","2019-02-21 06:18:40","http://vidalaviva.com/base.txt","offline","malware_download","base64","https://urlhaus.abuse.ch/url/141417/"
+"141416","2019-02-21 06:18:31","http://vidalaviva.com/gomes/base.txt","offline","malware_download","base64","https://urlhaus.abuse.ch/url/141416/"
+"141415","2019-02-21 06:18:16","https://storage.googleapis.com/wzukusers/user-34654398/documents/5c6e2cbda22efXk3T7X2/base64.txt","offline","malware_download","base64","https://urlhaus.abuse.ch/url/141415/"
+"141414","2019-02-21 06:15:27","http://134.209.48.14/bins/DEMONS.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141414/"
+"141413","2019-02-21 06:15:16","http://159.89.231.237/Kuso69/Akiru.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141413/"
+"141412","2019-02-21 06:14:38","http://83.166.247.73/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141412/"
+"141411","2019-02-21 06:14:28","http://134.209.48.14/bins/DEMONS.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141411/"
+"141410","2019-02-21 06:14:17","http://159.89.231.237/Kuso69/Akiru.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141410/"
+"141409","2019-02-21 06:14:10","http://83.166.247.73/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141409/"
+"141408","2019-02-21 06:10:34","http://159.89.231.237/Kuso69/Akiru.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141408/"
+"141407","2019-02-21 06:10:24","http://83.166.247.73/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141407/"
+"141406","2019-02-21 06:10:11","http://83.166.247.73/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141406/"
+"141405","2019-02-21 06:09:32","http://159.89.231.237/Kuso69/Akiru.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141405/"
+"141404","2019-02-21 06:09:27","http://159.89.231.237/Kuso69/Akiru.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141404/"
+"141403","2019-02-21 06:09:22","http://83.166.247.73/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141403/"
+"141402","2019-02-21 06:09:16","http://134.209.48.14/bins/DEMONS.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141402/"
+"141401","2019-02-21 06:09:09","http://134.209.48.14/bins/DEMONS.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141401/"
+"141400","2019-02-21 06:05:02","http://134.209.48.14/bins/DEMONS.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141400/"
+"141399","2019-02-21 06:04:04","http://159.89.231.237/Kuso69/Akiru.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141399/"
+"141397","2019-02-21 06:04:03","http://159.89.231.237/Kuso69/Akiru.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141397/"
+"141398","2019-02-21 06:04:03","http://83.166.247.73/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141398/"
+"141396","2019-02-21 05:57:08","http://95.179.214.247/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141396/"
+"141395","2019-02-21 05:57:07","http://95.179.214.247/bins/hoho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141395/"
+"141393","2019-02-21 05:57:06","http://95.179.214.247/bins/hoho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141393/"
+"141394","2019-02-21 05:57:06","http://95.179.214.247/bins/hoho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141394/"
+"141392","2019-02-21 05:57:05","http://95.179.214.247/bins/hoho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141392/"
+"141390","2019-02-21 05:57:04","http://95.179.214.247/bins/hoho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141390/"
+"141391","2019-02-21 05:57:04","http://95.179.214.247/bins/hoho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141391/"
+"141388","2019-02-21 05:57:03","http://95.179.214.247/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141388/"
+"141389","2019-02-21 05:57:03","http://95.179.214.247/bins/hoho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141389/"
+"141387","2019-02-21 05:57:02","http://95.179.214.247/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141387/"
+"141386","2019-02-21 05:56:18","http://95.179.214.247/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141386/"
+"141385","2019-02-21 05:56:17","http://34.80.131.135/bins/telnet.mips64","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141385/"
+"141384","2019-02-21 05:56:15","http://185.135.82.116/pl0xmips","online","malware_download","elf","https://urlhaus.abuse.ch/url/141384/"
+"141383","2019-02-21 05:56:14","http://185.135.82.116/pl0xmipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/141383/"
+"141382","2019-02-21 05:56:12","http://185.244.25.199/brother/arm5.bot","online","malware_download","elf","https://urlhaus.abuse.ch/url/141382/"
+"141381","2019-02-21 05:56:11","http://185.222.202.118/bins/arm7","online","malware_download","elf","https://urlhaus.abuse.ch/url/141381/"
+"141380","2019-02-21 05:56:10","http://185.222.202.118/bins/arm5","online","malware_download","elf","https://urlhaus.abuse.ch/url/141380/"
+"141379","2019-02-21 05:56:09","http://185.222.202.118/bins/arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/141379/"
+"141378","2019-02-21 05:56:08","http://185.222.202.118/bins/mpsl","online","malware_download","elf","https://urlhaus.abuse.ch/url/141378/"
+"141377","2019-02-21 05:56:02","http://185.222.202.118/bins/mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/141377/"
+"141376","2019-02-21 05:26:03","http://83.166.247.73/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141376/"
+"141375","2019-02-21 05:26:03","http://83.166.247.73/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141375/"
+"141372","2019-02-21 05:07:01","http://168.235.82.199/MavDDzxY/maddy.arm4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141372/"
+"141373","2019-02-21 05:07:01","http://168.235.82.199/MavDDzxY/maddy.sparc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141373/"
+"141374","2019-02-21 05:07:01","http://168.235.82.199/MavDDzxY/maddy.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141374/"
+"141370","2019-02-21 05:05:04","http://168.235.82.199/MavDDzxY/maddy.arm5","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141370/"
+"141371","2019-02-21 05:05:04","http://168.235.82.199/MavDDzxY/maddy.i686","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141371/"
+"141369","2019-02-21 05:05:03","http://168.235.82.199/MavDDzxY/maddy.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141369/"
+"141368","2019-02-21 05:05:01","http://168.235.82.199/MavDDzxY/maddy.arm7","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141368/"
+"141367","2019-02-21 05:04:03","http://168.235.82.199/MavDDzxY/maddy.sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141367/"
+"141366","2019-02-21 05:04:02","http://159.89.231.237:80/Kuso69/Akiru.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141366/"
+"141365","2019-02-21 05:03:06","http://66.23.231.102/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141365/"
+"141364","2019-02-21 05:03:05","http://205.185.113.127/Arbiter.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141364/"
+"141363","2019-02-21 05:03:03","http://66.23.231.102/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141363/"
+"141362","2019-02-21 05:03:02","http://66.23.231.102/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141362/"
+"141361","2019-02-21 05:02:07","http://205.185.113.127/Arbiter.sparc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141361/"
+"141360","2019-02-21 05:02:06","http://66.23.231.102/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141360/"
+"141359","2019-02-21 05:02:04","http://66.23.231.102/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141359/"
+"141358","2019-02-21 05:02:03","http://205.185.113.127/Arbiter.i686","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141358/"
+"141357","2019-02-21 05:00:10","http://205.185.113.127/Arbiter.arm5","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141357/"
+"141356","2019-02-21 05:00:08","http://205.185.113.127/Arbiter.mpsl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141356/"
+"141355","2019-02-21 05:00:06","http://205.185.113.127/Arbiter.x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141355/"
+"141354","2019-02-21 05:00:04","http://205.185.113.127/Arbiter.arm4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141354/"
+"141353","2019-02-21 04:59:10","http://205.185.113.127/Arbiter.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141353/"
+"141352","2019-02-21 04:59:07","http://66.23.231.102/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141352/"
+"141351","2019-02-21 04:59:05","http://66.23.231.102/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141351/"
+"141350","2019-02-21 04:59:03","http://205.185.113.127/Arbiter.ppc","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141350/"
+"141349","2019-02-21 04:58:07","http://205.185.113.127/Arbiter.sh4","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141349/"
+"141348","2019-02-21 04:58:04","http://205.185.113.127/Arbiter.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141348/"
+"141347","2019-02-21 04:57:11","http://66.23.231.102/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141347/"
+"141346","2019-02-21 04:57:10","http://66.23.231.102/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141346/"
+"141345","2019-02-21 04:57:08","http://205.185.113.127/Arbiter.i586","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141345/"
+"141344","2019-02-21 04:57:05","http://205.185.113.127/Arbiter.arm7","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141344/"
+"141343","2019-02-21 04:55:07","http://134.209.48.14:80/bins/DEMONS.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141343/"
+"141342","2019-02-21 04:55:03","http://159.89.231.237:80/Kuso69/Akiru.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141342/"
+"141341","2019-02-21 04:54:18","http://134.209.48.14:80/bins/DEMONS.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141341/"
+"141340","2019-02-21 04:54:13","http://159.89.231.237:80/Kuso69/Akiru.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141340/"
+"141339","2019-02-21 04:54:07","http://83.166.247.73:80/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141339/"
+"141338","2019-02-21 04:54:02","http://95.214.113.14:80/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141338/"
+"141337","2019-02-21 04:52:13","http://83.166.247.73:80/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141337/"
+"141336","2019-02-21 04:52:11","http://159.89.231.237:80/Kuso69/Akiru.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141336/"
+"141335","2019-02-21 04:52:09","http://159.89.231.237:80/Kuso69/Akiru.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141335/"
+"141334","2019-02-21 04:52:03","http://95.214.113.14/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141334/"
+"141333","2019-02-21 04:51:06","http://95.214.113.14:80/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141333/"
+"141332","2019-02-21 04:51:05","http://95.214.113.14:80/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141332/"
+"141331","2019-02-21 04:51:04","http://83.166.247.73:80/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141331/"
+"141330","2019-02-21 04:51:03","http://159.89.231.237:80/Kuso69/Akiru.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141330/"
+"141329","2019-02-21 04:50:06","http://134.209.48.14:80/bins/DEMONS.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141329/"
+"141328","2019-02-21 04:50:04","http://95.214.113.14:80/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141328/"
+"141327","2019-02-21 04:50:03","http://159.89.231.237:80/Kuso69/Akiru.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141327/"
+"141326","2019-02-21 04:50:02","http://83.166.247.73:80/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141326/"
+"141325","2019-02-21 04:49:06","http://134.209.48.14:80/bins/DEMONS.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141325/"
+"141324","2019-02-21 04:49:04","http://83.166.247.73:80/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141324/"
+"141323","2019-02-21 04:49:03","http://134.209.48.14:80/bins/DEMONS.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141323/"
+"141322","2019-02-21 04:49:02","http://134.209.48.14:80/bins/DEMONS.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141322/"
+"141320","2019-02-21 04:47:04","http://134.209.48.14:80/bins/DEMONS.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141320/"
+"141321","2019-02-21 04:47:04","http://83.166.247.73:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141321/"
+"141319","2019-02-21 04:47:03","http://95.214.113.14/bins/hoho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141319/"
+"141318","2019-02-21 04:47:02","http://159.89.231.237:80/Kuso69/Akiru.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141318/"
+"141317","2019-02-21 04:46:04","http://159.89.231.237:80/Kuso69/Akiru.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141317/"
+"141316","2019-02-21 04:46:03","http://66.23.231.102/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141316/"
+"141315","2019-02-21 04:45:05","http://134.209.48.14:80/bins/DEMONS.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141315/"
+"141314","2019-02-21 04:45:04","http://83.166.247.73:80/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141314/"
+"141313","2019-02-21 04:44:01","http://95.214.113.14:80/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141313/"
+"141312","2019-02-21 04:22:07","http://nondollarreport.com/wp-content/cache/jiz6.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/141312/"
+"141311","2019-02-21 04:22:06","http://kamagra4uk.com/radmin/mor/botti.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141311/"
+"141310","2019-02-21 04:22:06","http://steeveriano.com/.well-known/pki-validation/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141310/"
+"141309","2019-02-21 04:20:06","http://95.214.113.14/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141309/"
+"141308","2019-02-21 04:20:04","http://modexcommunications.eu/petercody/petercody.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141308/"
+"141306","2019-02-21 04:19:05","http://14.200.128.35:64161/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141306/"
+"141307","2019-02-21 04:19:05","http://mantoerika.yazdvip.ir/xerox/Copy_Invoice/BLvZd-boDwE_vmYCwE-kP8?","offline","malware_download","doc","https://urlhaus.abuse.ch/url/141307/"
+"141305","2019-02-21 04:19:02","http://168.235.82.199/MavDDzxY/maddy.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141305/"
+"141303","2019-02-21 04:18:08","http://220.125.225.251:4980/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141303/"
+"141304","2019-02-21 04:18:08","http://83.166.247.73:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141304/"
+"141302","2019-02-21 04:18:05","http://61.172.11.252:12244/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141302/"
+"141301","2019-02-21 04:17:02","http://168.235.82.199/MavDDzxY/maddy.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141301/"
+"141300","2019-02-21 04:16:03","http://168.235.82.199/MavDDzxY/maddy.mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141300/"
+"141299","2019-02-21 04:16:02","http://168.235.82.199/MavDDzxY/maddy.ppc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141299/"
+"141298","2019-02-21 04:15:03","http://168.235.82.199/MavDDzxY/maddy.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141298/"
+"141297","2019-02-21 04:15:02","http://83.166.247.73:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141297/"
+"141296","2019-02-21 04:05:45","http://cygnus.su/Februar2019/RYHZBJIY6105374/GER/Hilfestellung/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141296/"
+"141295","2019-02-21 04:05:36","http://alabarderomadrid.es/Februar2019/NSWKHW6075602/gescanntes-Dokument/FORM/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141295/"
+"141294","2019-02-21 04:05:29","http://aghigh.yazdvip.ir/Februar2019/JOPLIPVY9456492/Bestellungen/DOC-Dokument/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141294/"
+"141293","2019-02-21 04:05:22","http://66.55.80.140/US/document/8646081883974/Auds-RZcqu_hChQDwKaA-sjD/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141293/"
+"141292","2019-02-21 04:05:17","http://3.17.143.166/US/scan/Inv/JiWqX-CjVV_h-BmB/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141292/"
+"141291","2019-02-21 04:05:10","http://204.48.21.209/DE_de/AYWMUWRYA8677459/Dokumente/DOC/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141291/"
+"141290","2019-02-21 04:04:40","http://18.179.213.128/wp_sat/wp-content/En_us/company/Copy_Invoice/WcoO-OM_nzCOJYNM-zW/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141290/"
+"141289","2019-02-21 04:04:30","http://18.136.103.27/EN_en/download/MwCAn-EsmkO_LxlaPO-tQF/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141289/"
+"141288","2019-02-21 04:04:20","http://13.232.226.208/corporation/New_invoice/gzFB-Gxkj_hHxE-uP/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141288/"
+"141287","2019-02-21 04:04:10","http://13.209.88.110/wordpress/En/document/Invoice/XUjZ-Jh9_AY-FN/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141287/"
+"141286","2019-02-21 04:00:16","http://phongthuyanlac.com/wp-content/languages/plugins/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141286/"
+"141285","2019-02-21 04:00:01","http://lanco-flower.ir/De/HEJIYI5444191/Rechnungs/FORM/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141285/"
+"141284","2019-02-21 03:59:57","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung)/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141284/"
+"141283","2019-02-21 03:59:48","http://cncprocess.fr/secure/account/sec/view/AqB3VzOOEpg0vKnwdQzzOa/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141283/"
+"141282","2019-02-21 03:59:39","http://apartamentyeuropa.pl/company/online/sec/view/BtLRIjX59vLoYlIaup7YYwMx/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141282/"
+"141281","2019-02-21 03:59:31","http://18.130.138.223/organization/online_billing/billing/secur/list/C7w9UKnp5b9s43J/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141281/"
+"141280","2019-02-21 03:59:21","http://13.52.104.41/organization/accounts/secur/list/UxlDZa81gSq1kH1PC/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141280/"
+"141279","2019-02-21 03:59:14","http://13.250.96.71/company/business/thrust/file/LI6HIkWgFvFRY4TzIRm9W0U/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141279/"
+"141278","2019-02-21 03:59:07","http://104.130.211.29/wp-admin/de_DE/BKUJRIV5425410/Rechnungskorrektur/DOC-Dokument/index.php.suspected/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141278/"
+"141277","2019-02-21 03:58:08","https://www.kamagra4uk.com/radmin/mor/botti.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141277/"
+"141276","2019-02-21 03:41:00","http://palermosleepcheap.com/wp-content/themes/starhotel/css/colors/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141276/"
+"141275","2019-02-21 03:39:09","http://modexcommunications.eu/petit/petit.exe","online","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/141275/"
+"141274","2019-02-21 03:25:08","https://www.kamagra4uk.com/images/gee/mn/mnn.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141274/"
+"141273","2019-02-21 03:25:03","http://modexcommunications.eu/ugopounds/ugopounds.exe","online","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/141273/"
+"141271","2019-02-21 03:23:01","http://95.214.113.14/bins/hoho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141271/"
+"141272","2019-02-21 03:23:01","http://95.214.113.14/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141272/"
+"141270","2019-02-21 03:13:35","http://update.joinbr.com/LMUpdate/BRmhttp.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141270/"
+"141269","2019-02-21 03:12:08","http://95.214.113.14/bins/hoho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141269/"
+"141268","2019-02-21 03:02:07","http://www.premereinvio.eu/AutoUpdate/AAA-RegistryBackup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141268/"
+"141267","2019-02-21 03:01:01","http://kamagra4uk.com/images/gee/mn/mnn.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141267/"
+"141266","2019-02-21 02:50:09","http://nondollarreport.com/wp-content/cache/elb1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141266/"
+"141265","2019-02-21 02:48:10","http://gemphotographynj.com/wp-content/themes/kreativa/languages/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141265/"
+"141264","2019-02-21 02:30:03","http://grupporidolfo.com/images/image003.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141264/"
+"141263","2019-02-21 02:30:02","http://palermosleepcheap.com/wp-content/themes/starhotel/admin/redux-extensions/extensions/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141263/"
+"141262","2019-02-21 00:24:30","http://letrassoltas.pt/download/Invoice_number/rGCOx-tO51_spRlsIR-c3/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141262/"
+"141261","2019-02-21 00:24:29","http://labterpadu.ulm.ac.id/Invoice/592658297670775/hNXOG-POtZR_sGhNuen-i5/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141261/"
+"141260","2019-02-21 00:24:26","http://kussow.net/EN_en/download/KNxl-RkpX_Xsa-vC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141260/"
+"141259","2019-02-21 00:24:21","http://kultur-im-oberland.de/En_us/corporation/yzoO-9Ro_VKDKQY-ts/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141259/"
+"141258","2019-02-21 00:24:20","http://kriziachiesa.it/US/xerox/Invoice_number/08345135522/AtyIj-hORf_AWcEv-85/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141258/"
+"141257","2019-02-21 00:24:19","http://koszulenawymiar.pl/En/company/NhGY-fGQpc_BZmSyQiOp-cC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141257/"
+"141256","2019-02-21 00:24:17","http://knapsacks.info/file/Invoice/woKI-cv2_KyFtjOFAK-Z9/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141256/"
+"141255","2019-02-21 00:24:15","http://luxeradiator.com/company/account/secur/list/NLkjEPZryNW2VxI/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141255/"
+"141254","2019-02-21 00:24:12","http://hangkhogiavi.com/EN_en/New_invoice/Ejox-dhwi_fNdTnoA-k4y/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141254/"
+"141253","2019-02-21 00:24:09","http://link-4.eu/secure/business/secur/file/DV7iwHgXFA8i6dsYQKDLZ/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141253/"
+"141252","2019-02-21 00:24:06","http://labourmonitor.org/wp-content/secure/business/open/file/YY4tK8LUHD04pi9yHBkR5aZ7xNqV/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141252/"
+"141251","2019-02-21 00:24:05","http://kyxnispb.ru/company/account/sec/view/vTSyEL3QYFvFCie44qcfaUWue2b/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141251/"
+"141250","2019-02-21 00:24:03","http://designenergy24.ru/US/download/Inv/szDXD-YZbW_tYtDRwaeh-b6u/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141250/"
+"141249","2019-02-21 00:18:17","http://13.57.29.183/doc/Invoice_number/nNovH-2li_FlkxCNrjt-8e/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141249/"
+"141248","2019-02-21 00:18:06","https://captipic.com/Invoice_number/zDyWf-TXK_hMsKz-sd/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141248/"
 "141247","2019-02-21 00:17:56","http://mantoerika.yazdvip.ir/xerox/Copy_Invoice/BLvZd-boDwE_vmYCwE-kP8?/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141247/"
 "141246","2019-02-21 00:17:46","http://mantoerika.yazdvip.ir/xerox/Copy_Invoice/BLvZd-boDwE_vmYCwE-kP8/?/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141246/"
-"141245","2019-02-21 00:17:39","http://tischer.ro/En_us/company/Invoice_Notice/fqNB-r9n_XkDb-Z8/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141245/"
+"141245","2019-02-21 00:17:39","http://tischer.ro/En_us/company/Invoice_Notice/fqNB-r9n_XkDb-Z8/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141245/"
 "141244","2019-02-21 00:17:27","http://mhills.fr/En_us/llc/Invoice/kSnU-Mid_bQPY-OW/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141244/"
-"141243","2019-02-21 00:17:22","http://18.130.198.164/En_us/info/grrW-nn_oOOSf-90/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141243/"
-"141242","2019-02-21 00:17:10","http://13.57.175.119/document/228535969033/fffeM-DMo_uaDUk-rS/","online","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141242/"
-"141241","2019-02-21 00:16:51","http://lesprivatzenith.com/company/business/sec/list/iB5r2ZewBbKf1V0zkVBcWTS6/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141241/"
+"141243","2019-02-21 00:17:22","http://18.130.198.164/En_us/info/grrW-nn_oOOSf-90/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141243/"
+"141242","2019-02-21 00:17:10","http://13.57.175.119/document/228535969033/fffeM-DMo_uaDUk-rS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141242/"
+"141241","2019-02-21 00:16:51","http://lesprivatzenith.com/company/business/sec/list/iB5r2ZewBbKf1V0zkVBcWTS6/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141241/"
 "141240","2019-02-21 00:16:38","https://view52.com/xWR3nltYA/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141240/"
-"141239","2019-02-21 00:16:30","http://grupoouroplan.com.br/company/online/thrust/read/RwGsZtFd5Y4AR6QYcN0lAv2kfYvL/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141239/"
-"141238","2019-02-21 00:16:14","http://et-education.ru/organization/online/open/view/JZS32xdKtySzfRvbrYz/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141238/"
-"141237","2019-02-21 00:15:59","http://contabilidadecontacerta.com.br/secure/online_billing/billing/open/list/udINp9Y0HlpSePtu3CLMMIQgxKx/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141237/"
-"141236","2019-02-21 00:15:44","http://179.191.88.69/secure/accounts/open/view/6NblyCQcV4d8Ncg0lPC/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141236/"
+"141239","2019-02-21 00:16:30","http://grupoouroplan.com.br/company/online/thrust/read/RwGsZtFd5Y4AR6QYcN0lAv2kfYvL/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141239/"
+"141238","2019-02-21 00:16:14","http://et-education.ru/organization/online/open/view/JZS32xdKtySzfRvbrYz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141238/"
+"141237","2019-02-21 00:15:59","http://contabilidadecontacerta.com.br/secure/online_billing/billing/open/list/udINp9Y0HlpSePtu3CLMMIQgxKx/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141237/"
+"141236","2019-02-21 00:15:44","http://179.191.88.69/secure/accounts/open/view/6NblyCQcV4d8Ncg0lPC/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141236/"
 "141235","2019-02-21 00:15:29","http://lun.otrweb.ru/organization/account/sec/view/1A81e7zIVINlNCMBLu54y/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141235/"
-"141234","2019-02-21 00:15:20","http://13.127.175.101/secure/online_billing/billing/secur/list/r92jDYjix3ARFoKzzd2P5Ai/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141234/"
-"141233","2019-02-21 00:15:06","http://82.196.1.74/company/business/open/view/K1DaR9McM8zVVPE/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141233/"
-"141232","2019-02-21 00:14:43","http://13.56.105.158/organization/online/secur/read/ESzgS7fMwMeFgmIhg4CCZWlVda/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141232/"
-"141231","2019-02-21 00:14:14","http://13.229.189.170/organization/online/thrust/file/QePzMhBhBxApaTh/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141231/"
-"141230","2019-02-21 00:13:48","http://18.179.166.252/secure/business/sec/read/dSiJQXTERxJurLGrA5dG57/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141230/"
-"141229","2019-02-21 00:13:30","http://expatnations.org/organization/online_billing/billing/thrust/view/obwtcf6YXxrT53WN0LR0Y26E2trA/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141229/"
-"141228","2019-02-21 00:13:10","http://xn--21-dlc6asabnik.xn--p1ai/company/business/sec/view/gKhtseAWVxNfWbTtOczzVHnC6zI/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141228/"
-"141227","2019-02-21 00:12:53","http://labtalk.ir/secure/account/sec/list/HBTQNbegYIOHZ7AtiaiLqtz4/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141227/"
-"141226","2019-02-21 00:12:37","http://13.229.71.182/company/online/sec/file/2PL1fUwQWPQmsevNddb0KdG/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141226/"
-"141225","2019-02-21 00:12:25","http://3.16.101.139/secure/accounts/sec/read/cbjIhrbGL3lQHMvsAIv/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141225/"
-"141224","2019-02-21 00:12:13","http://13.251.187.227/organization/online_billing/billing/secur/list/eAJdMGuCbgxu54lzYQ8vuzHCvl/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141224/"
-"141223","2019-02-21 00:11:56","http://132.145.153.89/De_de/QTNKRZLH5339461/Rech/Zahlung/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141223/"
-"141222","2019-02-21 00:11:45","http://13.114.230.250/secure/account/secur/file/YyyvBevhpHODt6F/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141222/"
-"141221","2019-02-21 00:11:26","http://100.26.203.42/secure/online/thrust/file/tKNTl6AjHTtVxgAjVFl4TCA/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141221/"
-"141220","2019-02-21 00:11:12","http://13.127.49.76/demo/company/accounts/sec/file/WYQaEqhHxdq2uGrp3hEUblmxz2/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141220/"
+"141234","2019-02-21 00:15:20","http://13.127.175.101/secure/online_billing/billing/secur/list/r92jDYjix3ARFoKzzd2P5Ai/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141234/"
+"141233","2019-02-21 00:15:06","http://82.196.1.74/company/business/open/view/K1DaR9McM8zVVPE/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141233/"
+"141232","2019-02-21 00:14:43","http://13.56.105.158/organization/online/secur/read/ESzgS7fMwMeFgmIhg4CCZWlVda/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141232/"
+"141231","2019-02-21 00:14:14","http://13.229.189.170/organization/online/thrust/file/QePzMhBhBxApaTh/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141231/"
+"141230","2019-02-21 00:13:48","http://18.179.166.252/secure/business/sec/read/dSiJQXTERxJurLGrA5dG57/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141230/"
+"141229","2019-02-21 00:13:30","http://expatnations.org/organization/online_billing/billing/thrust/view/obwtcf6YXxrT53WN0LR0Y26E2trA/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141229/"
+"141228","2019-02-21 00:13:10","http://xn--21-dlc6asabnik.xn--p1ai/company/business/sec/view/gKhtseAWVxNfWbTtOczzVHnC6zI/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/141228/"
+"141227","2019-02-21 00:12:53","http://labtalk.ir/secure/account/sec/list/HBTQNbegYIOHZ7AtiaiLqtz4/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141227/"
+"141226","2019-02-21 00:12:37","http://13.229.71.182/company/online/sec/file/2PL1fUwQWPQmsevNddb0KdG/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141226/"
+"141225","2019-02-21 00:12:25","http://3.16.101.139/secure/accounts/sec/read/cbjIhrbGL3lQHMvsAIv/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141225/"
+"141224","2019-02-21 00:12:13","http://13.251.187.227/organization/online_billing/billing/secur/list/eAJdMGuCbgxu54lzYQ8vuzHCvl/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141224/"
+"141223","2019-02-21 00:11:56","http://132.145.153.89/De_de/QTNKRZLH5339461/Rech/Zahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141223/"
+"141222","2019-02-21 00:11:45","http://13.114.230.250/secure/account/secur/file/YyyvBevhpHODt6F/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141222/"
+"141221","2019-02-21 00:11:26","http://100.26.203.42/secure/online/thrust/file/tKNTl6AjHTtVxgAjVFl4TCA/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141221/"
+"141220","2019-02-21 00:11:12","http://13.127.49.76/demo/company/accounts/sec/file/WYQaEqhHxdq2uGrp3hEUblmxz2/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141220/"
 "141219","2019-02-20 23:17:40","http://www.51-iblog.com/wp-content/uploads/secure/accounts/sec/view/6mZFjl9C3pqp3RAeNStjBLNQtFC/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141219/"
-"141218","2019-02-20 23:17:26","http://healthyenergydaily.party/EN_en/Invoice_number/urMCd-87Vby_dwYESii-II/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141218/"
-"141217","2019-02-20 23:17:17","http://fonopar.com.br/wp-admin/ZGqL-Oa_DxSunp-2qG/","online","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141217/"
-"141216","2019-02-20 23:17:05","http://fatinyaroma.com/En_us/Invoice_Notice/3513663040254/FoOI-ywZm_heDaedACD-ML/","online","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141216/"
-"141215","2019-02-20 23:16:58","http://fantasyforeigner.com/corporation/Invoice_Notice/vwhUM-SX_c-1P7/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141215/"
-"141214","2019-02-20 23:16:50","http://expertsufa.ru/EN_en/doc/TLpO-5e2w_EkqwmH-Nuc/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141214/"
-"141213","2019-02-20 23:16:42","http://dafia.org/dafia/wp-content/uploads/document/Invoice_Notice/zDzek-TW_Awh-X9E/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141213/"
-"141212","2019-02-20 23:16:33","http://bezambici.com/US_us/xerox/MlHcP-hCn_DRtk-zn/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141212/"
-"141211","2019-02-20 23:16:23","http://andrees.com.es/En/scan/ovPr-tq_hRZaIcP-At/","online","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/141211/"
-"141210","2019-02-20 23:16:16","http://keshtafzoon.com/secure/online/thrust/file/B370nV9rJKUvIBryUCl/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141210/"
-"141209","2019-02-20 23:16:04","http://hardworkingmarketing.com/wp-content/cache/organization/account/secur/read/tYyqu7t3isXPZTGUr/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141209/"
+"141218","2019-02-20 23:17:26","http://healthyenergydaily.party/EN_en/Invoice_number/urMCd-87Vby_dwYESii-II/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141218/"
+"141217","2019-02-20 23:17:17","http://fonopar.com.br/wp-admin/ZGqL-Oa_DxSunp-2qG/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141217/"
+"141216","2019-02-20 23:17:05","http://fatinyaroma.com/En_us/Invoice_Notice/3513663040254/FoOI-ywZm_heDaedACD-ML/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141216/"
+"141215","2019-02-20 23:16:58","http://fantasyforeigner.com/corporation/Invoice_Notice/vwhUM-SX_c-1P7/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141215/"
+"141214","2019-02-20 23:16:50","http://expertsufa.ru/EN_en/doc/TLpO-5e2w_EkqwmH-Nuc/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141214/"
+"141213","2019-02-20 23:16:42","http://dafia.org/dafia/wp-content/uploads/document/Invoice_Notice/zDzek-TW_Awh-X9E/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141213/"
+"141212","2019-02-20 23:16:33","http://bezambici.com/US_us/xerox/MlHcP-hCn_DRtk-zn/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141212/"
+"141211","2019-02-20 23:16:23","http://andrees.com.es/En/scan/ovPr-tq_hRZaIcP-At/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141211/"
+"141210","2019-02-20 23:16:16","http://keshtafzoon.com/secure/online/thrust/file/B370nV9rJKUvIBryUCl/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141210/"
+"141209","2019-02-20 23:16:04","http://hardworkingmarketing.com/wp-content/cache/organization/account/secur/read/tYyqu7t3isXPZTGUr/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141209/"
 "141208","2019-02-20 23:15:52","http://doctor-vaskov.ru/company/accounts/open/list/mt2LjZv3SqAIw3LKAadR/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141208/"
-"141207","2019-02-20 23:15:41","http://dialloaliou.fr/organization/online_billing/billing/thrust/read/C80nFrXys7VplGSTg/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141207/"
-"141206","2019-02-20 23:15:32","http://alfacerimonial.com/secure/account/sec/read/QeaTQqiwqjtAAXXrWV7Y/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141206/"
-"141205","2019-02-20 23:15:19","http://akaneito.com/secure/business/sec/file/xMlC7mWhg1mTLpi/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141205/"
-"141204","2019-02-20 22:59:29","http://aktivstroi-dv.ru/sIs2eNw5Woa0_fc/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141204/"
-"141203","2019-02-20 22:59:24","http://mausha.ru/PQt3QofoXj/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141203/"
+"141207","2019-02-20 23:15:41","http://dialloaliou.fr/organization/online_billing/billing/thrust/read/C80nFrXys7VplGSTg/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141207/"
+"141206","2019-02-20 23:15:32","http://alfacerimonial.com/secure/account/sec/read/QeaTQqiwqjtAAXXrWV7Y/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141206/"
+"141205","2019-02-20 23:15:19","http://akaneito.com/secure/business/sec/file/xMlC7mWhg1mTLpi/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141205/"
+"141204","2019-02-20 22:59:29","http://aktivstroi-dv.ru/sIs2eNw5Woa0_fc/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141204/"
+"141203","2019-02-20 22:59:24","http://mausha.ru/PQt3QofoXj/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141203/"
 "141202","2019-02-20 22:59:20","http://apkelectrical.com.au/wp-content/3MdEhYTTHULOUo/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141202/"
 "141201","2019-02-20 22:59:12","http://ifpc.ru/eKKi6q5YUC_WyPjVNX/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141201/"
-"141200","2019-02-20 22:59:05","http://3.8.150.35/N1Beht0JmWT_60/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141200/"
+"141200","2019-02-20 22:59:05","http://3.8.150.35/N1Beht0JmWT_60/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/141200/"
 "141199","2019-02-20 22:23:03","http://194.147.35.186/op.m68","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141199/"
 "141198","2019-02-20 22:23:02","http://194.147.35.186/op.arm6","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141198/"
 "141196","2019-02-20 22:22:03","http://194.147.35.186/op.arm4tl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141196/"
@@ -71,31 +622,31 @@
 "141188","2019-02-20 22:09:04","http://194.147.35.186/op.x86_64","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141188/"
 "141187","2019-02-20 22:09:03","http://194.147.35.186/op.arm5","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141187/"
 "141186","2019-02-20 22:09:02","http://194.147.35.186/op.mips64","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/141186/"
-"141185","2019-02-20 21:57:02","http://3.16.30.213/En/download/Invoice_number/cyNX-tRv_hpzT-Gp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141185/"
-"141184","2019-02-20 21:51:11","http://13.250.191.134/En_us/document/Copy_Invoice/iABJE-qVg_ANOiAUOi-SCy/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141184/"
+"141185","2019-02-20 21:57:02","http://3.16.30.213/En/download/Invoice_number/cyNX-tRv_hpzT-Gp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141185/"
+"141184","2019-02-20 21:51:11","http://13.250.191.134/En_us/document/Copy_Invoice/iABJE-qVg_ANOiAUOi-SCy/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141184/"
 "141183","2019-02-20 21:47:17","https://www.dropbox.com/s/yk7m01jp5xq67bz/CONFIRM_INVOICE.zip?dl=1","online","malware_download","compressed,exe,payload,zip","https://urlhaus.abuse.ch/url/141183/"
-"141182","2019-02-20 21:46:11","http://3.16.25.162/document/New_invoice/04648757567/UYHnN-sD_AvPTJUgG-wV8/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141182/"
-"141181","2019-02-20 21:43:11","http://13.231.169.127/US_us/scan/75269047/gVeJK-XXGbK_yJhvpqB-r44/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141181/"
-"141180","2019-02-20 21:40:05","http://13.231.226.136/EN_en/doc/78637475607/UfaU-O7_nL-zuE/","online","malware_download","None","https://urlhaus.abuse.ch/url/141180/"
+"141182","2019-02-20 21:46:11","http://3.16.25.162/document/New_invoice/04648757567/UYHnN-sD_AvPTJUgG-wV8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141182/"
+"141181","2019-02-20 21:43:11","http://13.231.169.127/US_us/scan/75269047/gVeJK-XXGbK_yJhvpqB-r44/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141181/"
+"141180","2019-02-20 21:40:05","http://13.231.226.136/EN_en/doc/78637475607/UfaU-O7_nL-zuE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141180/"
 "141179","2019-02-20 21:39:34","https://www.chungchi.edu.vn:443/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141179/"
 "141178","2019-02-20 21:39:20","https://chungchi.edu.vn:443/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141178/"
 "141177","2019-02-20 21:39:05","https://www.chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141177/"
 "141176","2019-02-20 21:38:50","https://chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141176/"
-"141175","2019-02-20 21:38:35","http://www.chungchi.edu.vn:80/wp-content/themes/robusta/css/browser.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141175/"
-"141174","2019-02-20 21:38:05","http://chungchi.edu.vn:80/wp-content/themes/robusta/css/browser.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141174/"
-"141173","2019-02-20 21:37:32","http://www.chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141173/"
-"141172","2019-02-20 21:34:04","http://13.229.153.169/doc/Invoice_Notice/IHqZ-6Dy_QU-0W/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141172/"
-"141171","2019-02-20 21:29:03","http://13.58.150.48/info/New_invoice/78057217891820/KZiM-CDa9_e-XEx/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141171/"
+"141175","2019-02-20 21:38:35","http://www.chungchi.edu.vn:80/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141175/"
+"141174","2019-02-20 21:38:05","http://chungchi.edu.vn:80/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141174/"
+"141173","2019-02-20 21:37:32","http://www.chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141173/"
+"141172","2019-02-20 21:34:04","http://13.229.153.169/doc/Invoice_Notice/IHqZ-6Dy_QU-0W/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141172/"
+"141171","2019-02-20 21:29:03","http://13.58.150.48/info/New_invoice/78057217891820/KZiM-CDa9_e-XEx/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141171/"
 "141170","2019-02-20 21:26:08","http://bvxk.vatphamtamlinh.net/IVcDxFb/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/141170/"
 "141169","2019-02-20 21:26:06","http://view52.com/xWR3nltYA/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/141169/"
 "141168","2019-02-20 21:26:05","http://bk-brandstory.mdscreative.com/aEPEdU126g/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/141168/"
 "141167","2019-02-20 21:26:04","http://developerparrot.com/od58PWJHeK/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/141167/"
 "141166","2019-02-20 21:26:03","http://portriverhotel.com/wlaSpzROD/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/141166/"
-"141165","2019-02-20 21:25:03","http://13.59.241.74/EN_en/corporation/Invoice_number/gYVIw-8MsrS_JhWSAGqXg-dM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141165/"
+"141165","2019-02-20 21:25:03","http://13.59.241.74/EN_en/corporation/Invoice_number/gYVIw-8MsrS_JhWSAGqXg-dM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141165/"
 "141164","2019-02-20 21:24:05","http://bobvr.com/secure/online/open/read/kvXVf97Yc8my5UbQYTdVJpp9L","offline","malware_download","doc","https://urlhaus.abuse.ch/url/141164/"
 "141163","2019-02-20 21:20:37","http://trandinhtuan.vn/secure/online/sec/file/IiyCkishsUYILCeJS7aOnYMcfk/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141163/"
 "141162","2019-02-20 21:20:27","http://gfe.co.th/company/account/thrust/read/DxAr3aKzcwRQBvIN1/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141162/"
-"141161","2019-02-20 21:20:14","http://3.8.39.112/US/company/rjyBX-8Y_JgxuBZ-gbP/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141161/"
+"141161","2019-02-20 21:20:14","http://3.8.39.112/US/company/rjyBX-8Y_JgxuBZ-gbP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141161/"
 "141160","2019-02-20 21:18:31","https://stablecoinswar.com:443/aebb25f.msi","online","malware_download","exe,lokibot,msi,payload,stage2","https://urlhaus.abuse.ch/url/141160/"
 "141159","2019-02-20 21:18:18","https://www.stablecoinswar.com:443/aebb25f.msi","online","malware_download","exe,lokibot,msi,payload,stage2","https://urlhaus.abuse.ch/url/141159/"
 "141158","2019-02-20 21:18:08","http://stablecoinswar.com:80/aebb25f.msi","offline","malware_download","exe,lokibot,msi,payload,stage2","https://urlhaus.abuse.ch/url/141158/"
@@ -103,35 +654,35 @@
 "141156","2019-02-20 21:17:17","https://stablecoinswar.com/aebb25f.msi","online","malware_download","exe,lokibot,msi,payload,stage2","https://urlhaus.abuse.ch/url/141156/"
 "141155","2019-02-20 21:17:04","https://www.stablecoinswar.com/aebb25f.msi","online","malware_download","exe,lokibot,msi,payload,stage2","https://urlhaus.abuse.ch/url/141155/"
 "141154","2019-02-20 21:16:42","http://stablecoinswar.com/aebb25f.msi","offline","malware_download","exe,lokibot,msi,payload,stage2","https://urlhaus.abuse.ch/url/141154/"
-"141153","2019-02-20 21:16:32","http://3.8.8.24/wp-content/uploads/EN_en/info/Copy_Invoice/02453766/uLqom-BmP8_pwQJBRrPu-LHz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141153/"
+"141153","2019-02-20 21:16:32","http://3.8.8.24/wp-content/uploads/EN_en/info/Copy_Invoice/02453766/uLqom-BmP8_pwQJBRrPu-LHz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141153/"
 "141152","2019-02-20 21:15:12","http://www.posicionamientowebcadiz.es/secure/online_billing/billing/thrust/list/fottmahfLHrDyX6IEoDNcDBapOPn/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141152/"
 "141151","2019-02-20 21:14:57","http://vcpesaas.com/secure/business/open/read/6eJW2YLNjOS64gujbzYd/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141151/"
 "141150","2019-02-20 21:14:36","http://latinos-latins.online/organization/online/secur/view/BaFJAhSshde9WokVem9m9FhyD0q/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141150/"
 "141149","2019-02-20 21:14:20","http://korfezendustriyel.com/organization/online/thrust/read/1bCX1mzY5vnulmaaYq7GywWDBz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141149/"
 "141148","2019-02-20 21:14:01","http://kimchatham.com/company/account/open/file/D68pEpTz334PLKtsd/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141148/"
 "141147","2019-02-20 21:13:41","http://ibakery.tungwahcsd.org/media/secure/online_billing/billing/thrust/read/KSWTGFK7KORsaxyNMYHZ0rtE33/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141147/"
-"141146","2019-02-20 21:13:20","http://claudiandelarosa.com/secure/accounts/secur/read/FGIgbpuqQhdfg45oe/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141146/"
+"141146","2019-02-20 21:13:20","http://claudiandelarosa.com/secure/accounts/secur/read/FGIgbpuqQhdfg45oe/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141146/"
 "141145","2019-02-20 21:11:13","http://18.209.86.90/US/Copy_Invoice/cRGX-88IQs_tLmuKGeRs-3Y/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141145/"
-"141144","2019-02-20 21:07:02","http://28kdigital.com/wp-content/En/file/HcbvI-q8_BI-CNw/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141144/"
-"141143","2019-02-20 21:04:02","http://3.122.143.225/Invoice/RojyQ-leD_eTPpIjiJe-xYK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141143/"
+"141144","2019-02-20 21:07:02","http://28kdigital.com/wp-content/En/file/HcbvI-q8_BI-CNw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141144/"
+"141143","2019-02-20 21:04:02","http://3.122.143.225/Invoice/RojyQ-leD_eTPpIjiJe-xYK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141143/"
 "141142","2019-02-20 21:01:29","http://modexcommunications.eu/arinze/arinze.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141142/"
 "141141","2019-02-20 21:01:14","http://modexcommunications.eu/ikenna/ikenna.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141141/"
-"141140","2019-02-20 21:00:04","http://www.yonetim.yonpf.com:80/Rem5.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141140/"
-"141139","2019-02-20 20:59:53","http://yonetim.yonpf.com:80/Rem5.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141139/"
-"141138","2019-02-20 20:59:43","https://www.yonetim.yonpf.com:443/Rem5.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141138/"
-"141137","2019-02-20 20:59:35","https://yonetim.yonpf.com:443/Rem5.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141137/"
-"141136","2019-02-20 20:59:26","https://www.yonetim.yonpf.com/Rem5.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141136/"
-"141135","2019-02-20 20:59:17","https://yonetim.yonpf.com/Rem5.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141135/"
-"141134","2019-02-20 20:59:10","http://xn----7sbfmn8apdll7h.xn--p1ai/company/4516034385/MmGX-oZuw_dpclEQ-Hu/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141134/"
+"141140","2019-02-20 21:00:04","http://www.yonetim.yonpf.com:80/Rem5.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141140/"
+"141139","2019-02-20 20:59:53","http://yonetim.yonpf.com:80/Rem5.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141139/"
+"141138","2019-02-20 20:59:43","https://www.yonetim.yonpf.com:443/Rem5.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141138/"
+"141137","2019-02-20 20:59:35","https://yonetim.yonpf.com:443/Rem5.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141137/"
+"141136","2019-02-20 20:59:26","https://www.yonetim.yonpf.com/Rem5.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141136/"
+"141135","2019-02-20 20:59:17","https://yonetim.yonpf.com/Rem5.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141135/"
+"141134","2019-02-20 20:59:10","http://xn----7sbfmn8apdll7h.xn--p1ai/company/4516034385/MmGX-oZuw_dpclEQ-Hu/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141134/"
 "141133","2019-02-20 20:56:09","http://hoanganhvunguyen.com/US/Invoice_number/wXbDp-6J4o_Xa-XY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141133/"
 "141132","2019-02-20 20:52:02","http://smartfit.com.pk/l/updates.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/141132/"
-"141131","2019-02-20 20:51:03","http://laresperanca.com/En_us/xerox/Inv/OFOcG-hh_HuJZ-nH/","online","malware_download","None","https://urlhaus.abuse.ch/url/141131/"
+"141131","2019-02-20 20:51:03","http://laresperanca.com/En_us/xerox/Inv/OFOcG-hh_HuJZ-nH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141131/"
 "141130","2019-02-20 20:50:05","https://onedrive.live.com/download?cid=A69489E9918E0BE4&resid=A69489E9918E0BE4%21192&authkey=AE4ZQSQcZuP9Cnk","online","malware_download","compressed,dropper,javascript,NanoCore,rat,zip","https://urlhaus.abuse.ch/url/141130/"
-"141129","2019-02-20 20:47:13","http://library.uib.ac.id/En/Invoice/985592504/QyKt-sC_NXzHM-eAJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141129/"
+"141129","2019-02-20 20:47:13","http://library.uib.ac.id/En/Invoice/985592504/QyKt-sC_NXzHM-eAJ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141129/"
 "141128","2019-02-20 20:44:10","https://pirotecniazaragozana.live/newV/fine.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141128/"
-"141127","2019-02-20 20:43:32","http://111.172.205.125:3153/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141127/"
+"141127","2019-02-20 20:43:32","http://111.172.205.125:3153/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141127/"
 "141126","2019-02-20 20:43:25","http://122.116.198.34:9606/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141126/"
-"141125","2019-02-20 20:43:19","http://5.12.208.100:32532/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141125/"
+"141125","2019-02-20 20:43:19","http://5.12.208.100:32532/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/141125/"
 "141124","2019-02-20 20:43:13","http://95.214.113.14:80/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/141124/"
 "141123","2019-02-20 20:43:09","http://ldiprojects.com/En_us/Invoice/ohsJ-UICyu_zScMJeLP-kHq/","offline","malware_download","None","https://urlhaus.abuse.ch/url/141123/"
 "141122","2019-02-20 20:42:16","https://hakerman.de/Key/Test.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141122/"
@@ -150,7 +701,7 @@
 "141109","2019-02-20 20:41:17","https://www.hakerman.de/Key/NetWi.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141109/"
 "141108","2019-02-20 20:41:11","http://www.hakerman.de/Key/NetWi.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141108/"
 "141107","2019-02-20 20:41:05","http://www.hakerman.de/Key/Test.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141107/"
-"141106","2019-02-20 20:39:07","http://lehavregenealogie2017.fr/En/3018543/fgXQ-Dd0g_bltnrtgNJ-vHT/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141106/"
+"141106","2019-02-20 20:39:07","http://lehavregenealogie2017.fr/En/3018543/fgXQ-Dd0g_bltnrtgNJ-vHT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141106/"
 "141105","2019-02-20 20:35:06","https://www.kamagra4uk.com/radmin/ok/okit.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141105/"
 "141104","2019-02-20 20:33:06","http://ghazalconcert.com/scan/Invoice_number/OzATE-luN5H_MTykzmSt-32/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141104/"
 "141103","2019-02-20 20:30:34","http://nondollarreport.com/wp-content/cache/ioa.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141103/"
@@ -166,21 +717,21 @@
 "141093","2019-02-20 20:25:08","http://139.59.64.173/US_us/scan/Invoice/FLUxi-tOKFC_fKTRi-FwZ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141093/"
 "141092","2019-02-20 20:21:08","http://www.tecno-pack.net/taker.exe","online","malware_download","exe,NanoCore,payload,rat,stage2","https://urlhaus.abuse.ch/url/141092/"
 "141091","2019-02-20 20:21:05","http://yduocthanhoa.info/En/Invoice/PhhUW-q93_PwlmSH-o5O/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141091/"
-"141090","2019-02-20 20:20:08","http://chuko-r.com/wp/wp-admin/css/colors/blue/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141090/"
+"141090","2019-02-20 20:20:08","http://chuko-r.com/wp/wp-admin/css/colors/blue/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/141090/"
 "141089","2019-02-20 20:20:03","http://nondollarreport.com/wp-content/cache/elb6.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141089/"
-"141088","2019-02-20 20:19:03","http://dsdfgdfsdegdf.ru/18/_outputCF08F3Fr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141088/"
+"141088","2019-02-20 20:19:03","http://dsdfgdfsdegdf.ru/18/_outputCF08F3Fr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141088/"
 "141087","2019-02-20 20:17:07","http://yduoclaocai.info/US/download/Invoice_number/SoDgn-ky_uHWnL-z6X/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141087/"
-"141086","2019-02-20 20:14:22","http://185.234.216.167/file.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141086/"
+"141086","2019-02-20 20:14:22","http://185.234.216.167/file.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/141086/"
 "141085","2019-02-20 20:14:14","http://kamagra4uk.com/images/gce/ofe/gio.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141085/"
 "141084","2019-02-20 20:14:10","http://posicionamientowebcadiz.es/En_us/Copy_Invoice/XOQbI-OGKB_aIx-2JJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141084/"
 "141083","2019-02-20 20:13:44","https://agilife.pl/En_us/Inv/ZcdZ-F81E_AiSEQrVi-dv/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141083/"
 "141082","2019-02-20 20:13:33","http://further.tv/download/hDJwz-09_ZUUeTiI-NIC/?/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/141082/"
-"141081","2019-02-20 20:13:23","http://prostranstvorosta.ru/De_de/SECTBU5779123/Rechnungs-docs/DOC-Dokument/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141081/"
+"141081","2019-02-20 20:13:23","http://prostranstvorosta.ru/De_de/SECTBU5779123/Rechnungs-docs/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141081/"
 "141080","2019-02-20 20:13:10","https://noithatshop.vn/Copy_Invoice/HpqFe-fT_poRQRHyZP-DRM/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/141080/"
 "141079","2019-02-20 20:12:52","http://yduoclongan.info/secure/account/secur/list/eKSp9f7jyQhjQmyFtZufUBwAu/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141079/"
 "141078","2019-02-20 20:12:44","http://peru2011.cba.pl/secure/account/thrust/list/l0LGgKVwXaSvMDcuXrFKo3ib/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141078/"
 "141077","2019-02-20 20:12:37","http://bobvr.com/secure/online/open/read/kvXVf97Yc8my5UbQYTdVJpp9L/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141077/"
-"141076","2019-02-20 20:12:28","http://aressecurity.com.co/secure/accounts/open/view/EyABhpDUbLpVOB95mQ/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141076/"
+"141076","2019-02-20 20:12:28","http://aressecurity.com.co/secure/accounts/open/view/EyABhpDUbLpVOB95mQ/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141076/"
 "141075","2019-02-20 20:12:17","http://kienthuctrimun.com/organization/accounts/sec/read/SL92iANsxS4yRmmsff6caqcfz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141075/"
 "141074","2019-02-20 20:12:05","http://trandinhtuan.edu.vn/company/online_billing/billing/sec/view/6qPv4nsl7PZMfguYI7Nmkw/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141074/"
 "141073","2019-02-20 20:11:53","http://144.76.14.182/organization/accounts/open/view/Sb0CWvQF2Lra0s98eTtA/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141073/"
@@ -188,19 +739,19 @@
 "141071","2019-02-20 20:11:16","http://xn----7sbbdfeovrgh2b6al.xn--p1ai/organization/business/open/view/l4RvYgM1pcGB2UU/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141071/"
 "141070","2019-02-20 20:10:09","https://www.kamagra4uk.com/images/gce/ofe/gio.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141070/"
 "141069","2019-02-20 20:08:08","http://sts-hk.com/edjf-jUsEj_le-FD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141069/"
-"141068","2019-02-20 20:03:03","http://13.127.154.242/US_us/doc/dnXyq-sF_uandwfXN-HR/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141068/"
+"141068","2019-02-20 20:03:03","http://13.127.154.242/US_us/doc/dnXyq-sF_uandwfXN-HR/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141068/"
 "141067","2019-02-20 20:02:19","http://23.249.163.126/vat/output72D8BB0.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/141067/"
 "141066","2019-02-20 20:00:10","http://www.pesei.it/old/lisb.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/141066/"
-"141065","2019-02-20 19:59:07","http://13.58.169.48/__MACOSX/US_us/file/Copy_Invoice/PNyD-QDEDv_oBIkdge-3g/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141065/"
-"141064","2019-02-20 19:55:06","http://13.58.149.51/wp-content/US/llc/gOGuD-dW_WT-1I/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141064/"
-"141063","2019-02-20 19:52:16","http://kelvingee.hys.cz/kev4.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/141063/"
+"141065","2019-02-20 19:59:07","http://13.58.169.48/__MACOSX/US_us/file/Copy_Invoice/PNyD-QDEDv_oBIkdge-3g/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141065/"
+"141064","2019-02-20 19:55:06","http://13.58.149.51/wp-content/US/llc/gOGuD-dW_WT-1I/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141064/"
+"141063","2019-02-20 19:52:16","http://kelvingee.hys.cz/kev4.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/141063/"
 "141062","2019-02-20 19:52:06","http://modexcommunications.eu/frankjoe/frankjoe.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141062/"
 "141061","2019-02-20 19:52:03","http://21robo.com/fr/21Robo_BlackJackBot.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141061/"
-"141060","2019-02-20 19:51:05","http://fashion-world.ga/download/JTpY-UArPK_ZLtP-srr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141060/"
-"141059","2019-02-20 19:47:02","http://18.184.158.108/xerox/aXJh-1ai_j-KSK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141059/"
+"141060","2019-02-20 19:51:05","http://fashion-world.ga/download/JTpY-UArPK_ZLtP-srr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141060/"
+"141059","2019-02-20 19:47:02","http://18.184.158.108/xerox/aXJh-1ai_j-KSK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141059/"
 "141058","2019-02-20 19:45:04","http://ielectro.live/yrokit/buigone.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141058/"
 "141057","2019-02-20 19:42:02","http://xn--j1acicidh1e0b.xn--p1ai/US/company/Invoice_Notice/yYLMG-hmOX_I-lP/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141057/"
-"141056","2019-02-20 19:38:12","http://185.234.216.167/xcha.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141056/"
+"141056","2019-02-20 19:38:12","http://185.234.216.167/xcha.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/141056/"
 "141055","2019-02-20 19:38:11","http://www.cybikbase.com/wp-content/themes/custom-community/registration/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/141055/"
 "141054","2019-02-20 19:38:08","http://shovot27-m.uz/US/scan/New_invoice/bGmAK-rbvfu_gTdafih-soY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141054/"
 "141053","2019-02-20 19:35:03","http://www.play4fitness.co.uk/US_us/corporation/Copy_Invoice/ECCp-M72g_lIUDwz-Y1H/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141053/"
@@ -219,26 +770,26 @@
 "141040","2019-02-20 19:25:39","http://tcl-japan.ru/organization/business/thrust/file/X2Xs3s9e0dSv3QbXjfEzz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141040/"
 "141039","2019-02-20 19:25:37","http://sem-ingegneria.com/company/account/thrust/view/oin57gS8YhBkbyU2Bla/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141039/"
 "141038","2019-02-20 19:25:35","http://sanajob.ir/organization/business/thrust/view/1GVdyD4sUdDUxwwTC4Ek3gvJpOiH/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141038/"
-"141037","2019-02-20 19:25:29","http://pmvc.pt/secure/business/secur/read/7rK5jo1fduP2t0uwUsg/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141037/"
+"141037","2019-02-20 19:25:29","http://pmvc.pt/secure/business/secur/read/7rK5jo1fduP2t0uwUsg/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141037/"
 "141036","2019-02-20 19:25:27","http://patient7.com/secure/accounts/open/view/oa3ZgdPGtrJFpHPhRKJMR8X48pVT/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141036/"
 "141035","2019-02-20 19:25:24","http://onisadieta.ru/company/account/secur/view/lSeqiIU8xUbRMp5gCwg0ljx6wq/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141035/"
-"141034","2019-02-20 19:25:20","http://marinavinhomes.vn/company/accounts/thrust/list/Whw5cheiwqbyMVoPieiaH/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141034/"
+"141034","2019-02-20 19:25:20","http://marinavinhomes.vn/company/accounts/thrust/list/Whw5cheiwqbyMVoPieiaH/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141034/"
 "141033","2019-02-20 19:25:17","http://londonmarathon2019.kevinmiller66.co.uk/secure/account/secur/view/YiqdMv6kdEvuuimCClYjEUPhp/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141033/"
-"141032","2019-02-20 19:25:15","http://liketop.tk/company/online/secur/read/MXVUpt1SRKX6jzuMs6fhMRpF2w/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141032/"
-"141031","2019-02-20 19:25:09","http://libdcorp.com/secure/account/sec/read/ZEyOfTsBBRurXI7zS0X1n/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141031/"
+"141032","2019-02-20 19:25:15","http://liketop.tk/company/online/secur/read/MXVUpt1SRKX6jzuMs6fhMRpF2w/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141032/"
+"141031","2019-02-20 19:25:09","http://libdcorp.com/secure/account/sec/read/ZEyOfTsBBRurXI7zS0X1n/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141031/"
 "141030","2019-02-20 19:25:05","http://kingcoffeetni.com/company/account/secur/view/n8cLmmlNgppoWt3Cg/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141030/"
 "141029","2019-02-20 19:25:01","http://khobep.com/company/accounts/sec/read/E9IStvFItXpJvdZ05WZP/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141029/"
 "141028","2019-02-20 19:24:57","http://justbikebcn.com/organization/online/open/file/BpRLzzy131FgFdWxOHDAGxatRcHo/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141028/"
 "141027","2019-02-20 19:24:55","http://ihsan152.ru/organization/online_billing/billing/sec/read/O3swsypBJA9Zz33nw/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141027/"
 "141026","2019-02-20 19:24:53","http://hipecard.yazdvip.ir/organization/online_billing/billing/secur/list/btad9PryMrEKipfFUJVXL/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141026/"
-"141025","2019-02-20 19:24:50","http://hillmann.ru/company/online_billing/billing/open/view/ptcE7DoGkS0HzazvR/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141025/"
+"141025","2019-02-20 19:24:50","http://hillmann.ru/company/online_billing/billing/open/view/ptcE7DoGkS0HzazvR/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141025/"
 "141024","2019-02-20 19:24:47","http://greatkenyatours.com/secure/business/secur/list/0QjhMgaj0oZkLd6QNVKBUWY/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141024/"
 "141023","2019-02-20 19:24:35","http://ff52.ru/secure/account/secur/list/mdTBDCmgmxtE9hAcLPW/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141023/"
 "141022","2019-02-20 19:24:31","http://drbothaina.com/secure/accounts/thrust/file/FMlNo2RtHIXb58As/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/141022/"
 "141021","2019-02-20 19:24:28","http://dorsapanel.com/secure/online/open/read/tp299ND2Vi4JJX2xkplo/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141021/"
 "141020","2019-02-20 19:23:58","http://cngda.tw/company/online/secur/read/WZIARwRNzO2JxU5Li4j4/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141020/"
 "141019","2019-02-20 19:23:53","http://bvs-sas.com/company/accounts/open/view/X5UBTomGuy7uuwOE/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141019/"
-"141018","2019-02-20 19:23:51","http://bksecurity.sk/organization/account/thrust/file/Me7hdLUQIb5laC4e5tddRWRL/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141018/"
+"141018","2019-02-20 19:23:51","http://bksecurity.sk/organization/account/thrust/file/Me7hdLUQIb5laC4e5tddRWRL/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141018/"
 "141017","2019-02-20 19:23:21","http://awcq60100.com/company/online/sec/file/Fajq2at44D9LxeZ0WmKGkOnYf1XY/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141017/"
 "141016","2019-02-20 19:23:18","http://amare-spa.ru/secure/business/open/view/f4t5ZkzoSOQ83rUaf/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141016/"
 "141015","2019-02-20 19:23:17","http://allaboutpoolsnbuilder.com/secure/online/secur/view/RSAbw2HCkErl7cWXU/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/141015/"
@@ -251,7 +802,7 @@
 "141008","2019-02-20 19:11:21","http://alert-finanse.pl/templates/beez3/bin/web.jpg","offline","malware_download","AgentTesla,exe,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/141008/"
 "141007","2019-02-20 19:10:32","http://109.169.89.4/Ali/job.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/141007/"
 "141006","2019-02-20 19:09:16","http://demo.liuzhixiong.top/US/lfjP-5nJfJ_JVLGfa-tXM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141006/"
-"141005","2019-02-20 19:04:15","https://a.rokket.space/t_N4eczK.jpg","online","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/141005/"
+"141005","2019-02-20 19:04:15","https://a.rokket.space/t_N4eczK.jpg","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/141005/"
 "141004","2019-02-20 19:04:11","http://a.rokket.space/t_N4eczK.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/141004/"
 "141003","2019-02-20 19:04:07","http://hongcheng.org.hk/US/download/MEHB-Juibl_ygk-sz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141003/"
 "141002","2019-02-20 19:00:15","http://noithatchungcudep.info/wp-content/doc/hpyFR-gY_NQ-xv/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/141002/"
@@ -281,25 +832,25 @@
 "140978","2019-02-20 18:52:08","http://techboy.vn/En_us/Copy_Invoice/LUFS-yg_dbUUibF-Je1/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140978/"
 "140977","2019-02-20 18:50:08","http://thinhphatstore.com/xerox/KjsEB-f4T_uTWKfAO-Zr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140977/"
 "140976","2019-02-20 18:40:14","http://missionautosalesinc.com/document/Invoice_number/3251088/OGod-ayjn_KZvovLhU-0F1/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140976/"
-"140975","2019-02-20 18:38:27","http://emregunaydin.com.tr/US/file/Invoice/CoxEu-SQRFC_sfFjt-sV/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140975/"
-"140974","2019-02-20 18:37:48","http://www.acropol.com.eg:80/pdf/admin.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140974/"
-"140973","2019-02-20 18:37:22","http://acropol.com.eg:80/pdf/admin.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140973/"
-"140972","2019-02-20 18:37:04","http://acropol.com.eg:80/pdf/contact.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140972/"
-"140971","2019-02-20 18:36:39","http://www.acropol.com.eg:80/pdf/contact.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140971/"
-"140970","2019-02-20 18:36:20","http://acropol.com.eg:80/pdf/sales.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140970/"
-"140969","2019-02-20 18:36:07","http://www.acropol.com.eg:80/pdf/sales.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140969/"
-"140968","2019-02-20 18:35:50","http://acropol.com.eg:80/pdf/sunny.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140968/"
-"140967","2019-02-20 18:35:40","http://www.acropol.com.eg:80/pdf/sunny.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140967/"
-"140966","2019-02-20 18:35:28","http://acropol.com.eg:80/pdf/wealthy.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140966/"
-"140965","2019-02-20 18:35:25","http://www.acropol.com.eg:80/pdf/wealthy.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140965/"
-"140963","2019-02-20 18:35:19","http://acropol.com.eg:80/pdf/Order_P0018374.docx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140963/"
-"140964","2019-02-20 18:35:19","http://www.acropol.com.eg:80/pdf/Order_P0018374.docx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140964/"
-"140962","2019-02-20 18:35:18","http://acropol.com.eg:80/pdf/jeff.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140962/"
-"140961","2019-02-20 18:35:07","http://www.acropol.com.eg:80/pdf/jeff.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140961/"
-"140960","2019-02-20 18:35:05","http://www.acropol.com.eg:80/pdf/Fortune_Inquiry.xlsx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140960/"
-"140959","2019-02-20 18:35:04","http://acropol.com.eg:80/pdf/Fortune_Inquiry.xlsx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140959/"
-"140958","2019-02-20 18:35:03","http://www.acropol.com.eg/pdf/Fortune_Inquiry.xlsx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140958/"
-"140957","2019-02-20 18:35:02","http://acropol.com.eg/pdf/Fortune_Inquiry.xlsx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140957/"
+"140975","2019-02-20 18:38:27","http://emregunaydin.com.tr/US/file/Invoice/CoxEu-SQRFC_sfFjt-sV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140975/"
+"140974","2019-02-20 18:37:48","http://www.acropol.com.eg:80/pdf/admin.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140974/"
+"140973","2019-02-20 18:37:22","http://acropol.com.eg:80/pdf/admin.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140973/"
+"140972","2019-02-20 18:37:04","http://acropol.com.eg:80/pdf/contact.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140972/"
+"140971","2019-02-20 18:36:39","http://www.acropol.com.eg:80/pdf/contact.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140971/"
+"140970","2019-02-20 18:36:20","http://acropol.com.eg:80/pdf/sales.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140970/"
+"140969","2019-02-20 18:36:07","http://www.acropol.com.eg:80/pdf/sales.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140969/"
+"140968","2019-02-20 18:35:50","http://acropol.com.eg:80/pdf/sunny.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140968/"
+"140967","2019-02-20 18:35:40","http://www.acropol.com.eg:80/pdf/sunny.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140967/"
+"140966","2019-02-20 18:35:28","http://acropol.com.eg:80/pdf/wealthy.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140966/"
+"140965","2019-02-20 18:35:25","http://www.acropol.com.eg:80/pdf/wealthy.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140965/"
+"140963","2019-02-20 18:35:19","http://acropol.com.eg:80/pdf/Order_P0018374.docx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140963/"
+"140964","2019-02-20 18:35:19","http://www.acropol.com.eg:80/pdf/Order_P0018374.docx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140964/"
+"140962","2019-02-20 18:35:18","http://acropol.com.eg:80/pdf/jeff.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140962/"
+"140961","2019-02-20 18:35:07","http://www.acropol.com.eg:80/pdf/jeff.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140961/"
+"140960","2019-02-20 18:35:05","http://www.acropol.com.eg:80/pdf/Fortune_Inquiry.xlsx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140960/"
+"140959","2019-02-20 18:35:04","http://acropol.com.eg:80/pdf/Fortune_Inquiry.xlsx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140959/"
+"140958","2019-02-20 18:35:03","http://www.acropol.com.eg/pdf/Fortune_Inquiry.xlsx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140958/"
+"140957","2019-02-20 18:35:02","http://acropol.com.eg/pdf/Fortune_Inquiry.xlsx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140957/"
 "140956","2019-02-20 18:33:08","http://phamthudesigner.com/US_us/doc/Copy_Invoice/wNHb-YzG_YbSbGu-Zj//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140956/"
 "140955","2019-02-20 18:33:03","http://tranhoangvn.com/wp-includes/js/tinymce/US_us/scan/New_invoice/nxFT-3JFRz_EBuGYa-jj/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140955/"
 "140954","2019-02-20 18:32:44","http://phamthudesigner.com/US_us/doc/Copy_Invoice/wNHb-YzG_YbSbGu-Zj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140954/"
@@ -316,26 +867,26 @@
 "140943","2019-02-20 18:32:16","http://208.89.211.38/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140943/"
 "140942","2019-02-20 18:32:15","http://208.89.211.38/bins/hoho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140942/"
 "140941","2019-02-20 18:32:14","http://208.89.211.38/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140941/"
-"140939","2019-02-20 18:32:12","http://82.146.49.59/bins/mirai.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140939/"
-"140940","2019-02-20 18:32:12","http://82.146.49.59/bins/mirai.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140940/"
-"140938","2019-02-20 18:32:11","http://82.146.49.59/bins/miraint.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140938/"
-"140937","2019-02-20 18:32:10","http://82.146.49.59/bins/miraint.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140937/"
-"140936","2019-02-20 18:32:10","http://82.146.49.59/bins/miraint.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140936/"
-"140935","2019-02-20 18:32:09","http://82.146.49.59/bins/miraint.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140935/"
-"140934","2019-02-20 18:32:08","http://82.146.49.59/bins/mirai.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140934/"
-"140932","2019-02-20 18:32:07","http://82.146.49.59/bins/mirai.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140932/"
-"140933","2019-02-20 18:32:07","http://82.146.49.59/bins/mirai.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140933/"
-"140931","2019-02-20 18:32:06","http://82.146.49.59/bins/miraint.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140931/"
-"140930","2019-02-20 18:32:05","http://82.146.49.59/bins/miraint.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140930/"
-"140929","2019-02-20 18:32:05","http://82.146.49.59/bins/miraint.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140929/"
-"140928","2019-02-20 18:32:04","http://82.146.49.59/bins/miraint.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140928/"
-"140927","2019-02-20 18:32:03","http://82.146.49.59/bins/mirai.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140927/"
-"140926","2019-02-20 18:32:03","http://82.146.49.59/bins/miraint.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140926/"
+"140939","2019-02-20 18:32:12","http://82.146.49.59/bins/mirai.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140939/"
+"140940","2019-02-20 18:32:12","http://82.146.49.59/bins/mirai.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140940/"
+"140938","2019-02-20 18:32:11","http://82.146.49.59/bins/miraint.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140938/"
+"140937","2019-02-20 18:32:10","http://82.146.49.59/bins/miraint.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140937/"
+"140936","2019-02-20 18:32:10","http://82.146.49.59/bins/miraint.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140936/"
+"140935","2019-02-20 18:32:09","http://82.146.49.59/bins/miraint.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140935/"
+"140934","2019-02-20 18:32:08","http://82.146.49.59/bins/mirai.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140934/"
+"140932","2019-02-20 18:32:07","http://82.146.49.59/bins/mirai.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140932/"
+"140933","2019-02-20 18:32:07","http://82.146.49.59/bins/mirai.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140933/"
+"140931","2019-02-20 18:32:06","http://82.146.49.59/bins/miraint.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140931/"
+"140930","2019-02-20 18:32:05","http://82.146.49.59/bins/miraint.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140930/"
+"140929","2019-02-20 18:32:05","http://82.146.49.59/bins/miraint.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140929/"
+"140928","2019-02-20 18:32:04","http://82.146.49.59/bins/miraint.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140928/"
+"140927","2019-02-20 18:32:03","http://82.146.49.59/bins/mirai.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140927/"
+"140926","2019-02-20 18:32:03","http://82.146.49.59/bins/miraint.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140926/"
 "140925","2019-02-20 18:24:17","http://huyushop.com/doc/Invoice/ppQlC-1hzuX_OXIpKCI-gJi/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140925/"
 "140924","2019-02-20 18:20:13","http://www.aerdtc.gov.mm/wp-content/uploads/En_us/scan/Inv/QPkH-xYMz0_rf-gU/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140924/"
 "140923","2019-02-20 18:16:18","http://aqualand-chalets.com/info/Copy_Invoice/SKGQF-c0jS_WqICNh-hOX/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140923/"
 "140922","2019-02-20 18:11:02","https://celbelhabiben66.com/US_us/Inv/smKM-XdKw_KmwynzQ-BcC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140922/"
-"140921","2019-02-20 18:09:12","https://a.rokket.space/t_6SSnIi.jpg","online","malware_download","exe,HawkEye,keylogger,payload,stage2","https://urlhaus.abuse.ch/url/140921/"
+"140921","2019-02-20 18:09:12","https://a.rokket.space/t_6SSnIi.jpg","offline","malware_download","exe,HawkEye,keylogger,payload,stage2","https://urlhaus.abuse.ch/url/140921/"
 "140920","2019-02-20 18:07:18","http://talk-academy.vn/En/Invoice_Notice/ygaB-bQF3_BLMQjp-2S/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140920/"
 "140919","2019-02-20 18:07:09","http://marasopel.com/administrator/US_us/download/New_invoice/oaQy-9p_tcrMIFe-7M/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140919/"
 "140918","2019-02-20 18:07:01","https://102.165.32.158:443/dash/ttm.hta","online","malware_download","exe,hta,Loader,payload,stage2,stage3","https://urlhaus.abuse.ch/url/140918/"
@@ -368,14 +919,14 @@
 "140891","2019-02-20 18:02:16","http://102.165.32.158/dash/doc.exe","online","malware_download","exe,hta,Loader,payload,stage2,stage3","https://urlhaus.abuse.ch/url/140891/"
 "140890","2019-02-20 17:58:09","http://salahealthy.ir/file/Invoice_Notice/DDKGV-C0_Hfa-8EG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140890/"
 "140889","2019-02-20 17:56:04","http://dichvuit.tk/corporation/Invoice/vCQN-O8_y-6r3/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140889/"
-"140888","2019-02-20 17:54:12","http://www.kokopellz.4fan.cz:80/koko4.exe","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140888/"
-"140887","2019-02-20 17:54:10","http://kokopellz.4fan.cz:80/koko4.exe","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140887/"
-"140886","2019-02-20 17:54:09","http://www.kokopellz.4fan.cz/koko4.exe","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140886/"
-"140885","2019-02-20 17:54:07","http://kokopellz.4fan.cz/koko4.exe","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140885/"
-"140884","2019-02-20 17:54:06","http://www.kokopellz.4fan.cz:80/koko4.hta","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140884/"
-"140883","2019-02-20 17:54:05","http://kokopellz.4fan.cz:80/koko4.hta","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140883/"
-"140882","2019-02-20 17:54:05","http://www.kokopellz.4fan.cz/koko4.hta","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140882/"
-"140881","2019-02-20 17:54:04","http://kokopellz.4fan.cz/koko4.hta","online","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140881/"
+"140888","2019-02-20 17:54:12","http://www.kokopellz.4fan.cz:80/koko4.exe","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140888/"
+"140887","2019-02-20 17:54:10","http://kokopellz.4fan.cz:80/koko4.exe","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140887/"
+"140886","2019-02-20 17:54:09","http://www.kokopellz.4fan.cz/koko4.exe","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140886/"
+"140885","2019-02-20 17:54:07","http://kokopellz.4fan.cz/koko4.exe","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140885/"
+"140884","2019-02-20 17:54:06","http://www.kokopellz.4fan.cz:80/koko4.hta","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140884/"
+"140883","2019-02-20 17:54:05","http://kokopellz.4fan.cz:80/koko4.hta","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140883/"
+"140882","2019-02-20 17:54:05","http://www.kokopellz.4fan.cz/koko4.hta","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140882/"
+"140881","2019-02-20 17:54:04","http://kokopellz.4fan.cz/koko4.hta","offline","malware_download","exe,hta,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/140881/"
 "140880","2019-02-20 17:49:24","http://wangyamotor.com/drfts.exe","offline","malware_download","exe,rat,remcos,RemcosRAT","https://urlhaus.abuse.ch/url/140880/"
 "140879","2019-02-20 17:49:23","https://www.kamagra4uk.com:443/radmin/jam/dj.exe","online","malware_download","exe,HawkEye,keylogger,payload,stage2","https://urlhaus.abuse.ch/url/140879/"
 "140878","2019-02-20 17:49:19","https://kamagra4uk.com:443/radmin/jam/dj.exe","offline","malware_download","exe,HawkEye,keylogger,payload,stage2","https://urlhaus.abuse.ch/url/140878/"
@@ -388,7 +939,7 @@
 "140871","2019-02-20 17:49:11","http://ecohome.ua/organization/accounts/secur/read/xICjmtG8IaGYUTX9Lycp3ZVB/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/140871/"
 "140870","2019-02-20 17:49:10","http://haglfurniture.vn/templates/dogo/html/com_contact/contact/msg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/140870/"
 "140869","2019-02-20 17:49:04","http://gvmadvogados.com.br/US/corporation/Inv/TAyZj-6v13c_icdziU-0kT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140869/"
-"140868","2019-02-20 17:48:03","http://185.234.216.167/fgf.exe","online","malware_download","exe,rat,remcos,RemcosRAT","https://urlhaus.abuse.ch/url/140868/"
+"140868","2019-02-20 17:48:03","http://185.234.216.167/fgf.exe","offline","malware_download","exe,rat,remcos,RemcosRAT","https://urlhaus.abuse.ch/url/140868/"
 "140867","2019-02-20 17:47:06","http://nondollarreport.com/wp-content/cache/ale1.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/140867/"
 "140866","2019-02-20 17:47:04","http://185.252.144.58/radiance.png","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140866/"
 "140865","2019-02-20 17:46:19","https://www.motorsksa.com/wp-content/themes/spacious/languages/pik.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/140865/"
@@ -408,9 +959,9 @@
 "140851","2019-02-20 17:41:03","http://213.183.63.242/control","online","malware_download","exe-to-msi","https://urlhaus.abuse.ch/url/140851/"
 "140850","2019-02-20 17:41:02","http://vaws.nl/US/346743887801/VNQR-V3N3Z_y-6G5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140850/"
 "140849","2019-02-20 17:37:05","http://mos-advokat.msk.ru/US_us/Invoice/dLAYy-8d8Ja_LL-uXQ/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140849/"
-"140848","2019-02-20 17:33:09","http://motor-service.by/EN_en/corporation/Invoice_Notice/eWtGq-x0HMC_LTSiGjpK-JUv/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140848/"
+"140848","2019-02-20 17:33:09","http://motor-service.by/EN_en/corporation/Invoice_Notice/eWtGq-x0HMC_LTSiGjpK-JUv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140848/"
 "140847","2019-02-20 17:31:10","http://sanatarti.com/prott.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140847/"
-"140846","2019-02-20 17:28:08","http://initiative-hpc-pme.org/EN_en/corporation/UCsUv-PUO_UHh-XZA/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140846/"
+"140846","2019-02-20 17:28:08","http://initiative-hpc-pme.org/EN_en/corporation/UCsUv-PUO_UHh-XZA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140846/"
 "140845","2019-02-20 17:26:03","http://tcl-japan.ru/organization/business/thrust/file/X2Xs3s9e0dSv3QbXjfEzz","offline","malware_download","doc","https://urlhaus.abuse.ch/url/140845/"
 "140844","2019-02-20 17:26:02","http://ecohome.ua/organization/accounts/secur/read/xICjmtG8IaGYUTX9Lycp3ZVB","offline","malware_download","doc","https://urlhaus.abuse.ch/url/140844/"
 "140843","2019-02-20 17:24:02","http://drivespa.ru/company/Copy_Invoice/iwyyt-sH_ZhfN-Csv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140843/"
@@ -424,11 +975,11 @@
 "140835","2019-02-20 17:13:06","https://www.dropbox.com/s/ller8osmb9v43w0/Scan00223.xls.z?dl=1","online","malware_download","compressed,exe,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/140835/"
 "140834","2019-02-20 17:11:06","https://www.dropbox.com/s/rhac5ee50bd9t4n/02202019.pdf.z?dl=1","online","malware_download","compressed,exe,payload","https://urlhaus.abuse.ch/url/140834/"
 "140833","2019-02-20 17:11:03","https://onedrive.live.com/download?cid=3D01D1EE9F6B1B84&resid=3D01D1EE9F6B1B84%21112&authkey=ACxoSojN3XPnRGc","online","malware_download","compressed,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/140833/"
-"140832","2019-02-20 17:09:03","http://dekorant.com.tr/EN_en/doc/Inv/ELmY-DUrCU_vsdR-JaN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140832/"
+"140832","2019-02-20 17:09:03","http://dekorant.com.tr/EN_en/doc/Inv/ELmY-DUrCU_vsdR-JaN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140832/"
 "140831","2019-02-20 17:07:04","http://www.stablecoinswar.com/aebb25f.msi","offline","malware_download","downloader,lokibot,msi","https://urlhaus.abuse.ch/url/140831/"
 "140830","2019-02-20 17:05:03","http://mantoerika.yazdvip.ir/xerox/Copy_Invoice/BLvZd-boDwE_vmYCwE-kP8/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140830/"
 "140829","2019-02-20 17:00:05","http://demeidenchocolaensnoep.nl/En/doc/WRfS-GIVg_mJNyemHnP-pHY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140829/"
-"140828","2019-02-20 16:56:06","http://prostranstvorosta.ru/download/Invoice_Notice/6009410/hbCL-rjeU_gFGH-COO/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140828/"
+"140828","2019-02-20 16:56:06","http://prostranstvorosta.ru/download/Invoice_Notice/6009410/hbCL-rjeU_gFGH-COO/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140828/"
 "140827","2019-02-20 16:52:03","http://okna-csm.ru/corporation/wBZEO-O5_kYPva-fGY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140827/"
 "140826","2019-02-20 16:49:06","http://kursiuklinika.lt/language/US_us/download/rwkFB-XM_vUjnFSn-LB0/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140826/"
 "140825","2019-02-20 16:44:04","http://cityofpossibilities.org/US/Invoice_Notice/KrvpZ-IJ_YozYPjRiI-DpX/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140825/"
@@ -441,26 +992,26 @@
 "140818","2019-02-20 16:28:06","http://wp.berbahku.id.or.id/EN_en/doc/Invoice_number/uTNRo-EjIQ_zZMriw-1H/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140818/"
 "140817","2019-02-20 16:20:06","https://drive.google.com/uc?export=download&id=13OC3zDE4w3OylPyezbU0nNBv067hCVR6","online","malware_download","compressed,exe,payload,zip","https://urlhaus.abuse.ch/url/140817/"
 "140816","2019-02-20 16:20:03","http://mir-perevozok.com.ua/company/Inv/JdaNK-E0IW_urnLFmwhE-uB/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140816/"
-"140815","2019-02-20 16:16:09","http://dsdfgdfsdegdf.ru/20/RASF32DS2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140815/"
-"140814","2019-02-20 16:16:08","http://dsdfgdfsdegdf.ru/20/SD231.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140814/"
-"140813","2019-02-20 16:16:06","http://dsdfgdfsdegdf.ru/20/_outputA19506FRR.exe","online","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/140813/"
+"140815","2019-02-20 16:16:09","http://dsdfgdfsdegdf.ru/20/RASF32DS2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140815/"
+"140814","2019-02-20 16:16:08","http://dsdfgdfsdegdf.ru/20/SD231.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140814/"
+"140813","2019-02-20 16:16:06","http://dsdfgdfsdegdf.ru/20/_outputA19506FRR.exe","offline","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/140813/"
 "140812","2019-02-20 16:16:02","http://weiweinote.com/En_us/llc/UqauL-EI_v-gz//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140812/"
 "140811","2019-02-20 16:11:16","https://onedrive.live.com/download?cid=B767450D4EDCB6FB&resid=B767450D4EDCB6FB%21603&authkey=AFlrsuZuxWc5R7A","online","malware_download","ace,compressed,payload","https://urlhaus.abuse.ch/url/140811/"
 "140810","2019-02-20 16:11:13","http://chiltern.org/secure/online_billing/billing/sec/view/UxpYYrvnx8VoHYJn/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140810/"
 "140809","2019-02-20 16:11:10","http://en.sun-sen.com/wp-content/fhkO-dzTk_UGZuZ-Cg/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140809/"
 "140808","2019-02-20 16:07:07","http://acmemetal.com.hk/En/llc/Invoice_number/6993952/bBWI-yT7_UrAeDYI-dXs/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140808/"
-"140807","2019-02-20 16:04:09","http://dentistmomma.com/US/scan/Copy_Invoice/polmH-Jhr3A_TgR-EL/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140807/"
+"140807","2019-02-20 16:04:09","http://dentistmomma.com/US/scan/Copy_Invoice/polmH-Jhr3A_TgR-EL/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140807/"
 "140806","2019-02-20 16:03:40","http://zprb.ru/organization/accounts/sec/read/vmMtuX8KM9rw9CUO3Y9xDO5VL8/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140806/"
 "140805","2019-02-20 16:03:36","http://spb0969.ru/secure/account/secur/read/vpyyqAH0Rwy0WTyc6/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140805/"
-"140804","2019-02-20 16:03:32","http://navigatorpojizni.ru/organization/online_billing/billing/sec/list/4z8XhZAO6ytWCsdrYcC/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140804/"
+"140804","2019-02-20 16:03:32","http://navigatorpojizni.ru/organization/online_billing/billing/sec/list/4z8XhZAO6ytWCsdrYcC/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140804/"
 "140803","2019-02-20 16:03:30","http://mrm.lt/organization/account/open/view/tXZ4wRdBRDn7cFYjScnoaDsi34Z1/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140803/"
 "140802","2019-02-20 16:03:27","http://kostrzewapr.pl/css/organization/online_billing/billing/secur/view/hKWKk56SJmIoylKQn1KT7/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140802/"
 "140801","2019-02-20 16:03:24","http://frog.cl/organization/accounts/thrust/list/jc481ssWZagkOOaps5cZqptoi67x/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140801/"
 "140800","2019-02-20 16:03:18","http://ejder.com.tr/secure/business/sec/view/JKCBAZFjdtIsVtTUI/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140800/"
 "140799","2019-02-20 16:03:14","http://burodetuin.nl/cgi-bin/company/account/thrust/view/DTE7sKc37irpDMeqW2hCRd/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140799/"
 "140798","2019-02-20 16:03:11","http://bolumutluturizm.com/secure/online/thrust/read/WCXjBTC0O349NomU0bu/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140798/"
-"140797","2019-02-20 16:03:07","http://audicof.com/secure/online/sec/file/1pHa21DjX6goiOFAFCH4A/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140797/"
-"140796","2019-02-20 16:02:06","http://tolstyakitut.ru/En_us/corporation/HWnKG-HU3L_qyyex-aB/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140796/"
+"140797","2019-02-20 16:03:07","http://audicof.com/secure/online/sec/file/1pHa21DjX6goiOFAFCH4A/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140797/"
+"140796","2019-02-20 16:02:06","http://tolstyakitut.ru/En_us/corporation/HWnKG-HU3L_qyyex-aB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140796/"
 "140795","2019-02-20 16:00:13","http://35.200.146.198/9lnhtAATPAA9Zu5F5_cFLuQlT/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140795/"
 "140794","2019-02-20 16:00:11","http://sadyba.trade/WSndFC7G_5tGH/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/140794/"
 "140793","2019-02-20 16:00:09","http://viento.pro/JggAt4n_6jVK6/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140793/"
@@ -469,10 +1020,10 @@
 "140790","2019-02-20 15:58:03","http://dverliga.ru/US_us/scan/Inv/477272093/BPStw-BEF_vR-xR5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140790/"
 "140789","2019-02-20 15:55:11","http://further.tv/download/hDJwz-09_ZUUeTiI-NIC?/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/140789/"
 "140788","2019-02-20 15:55:09","http://wpdemo.wctravel.com.au/En/file/wJZbG-k2I_Cw-am//","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140788/"
-"140787","2019-02-20 15:54:07","http://dentistmomma.com/US/scan/Copy_Invoice/polmH-Jhr3A_TgR-EL//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140787/"
-"140786","2019-02-20 15:50:12","http://fenichka.ru/En_us/info/Invoice/FvMz-1fS_y-e0/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140786/"
-"140785","2019-02-20 15:46:05","http://sgl.kz/EN_en/info/New_invoice/XIkh-Qcrt_NkKIbOBV-Cp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140785/"
-"140784","2019-02-20 15:41:04","http://barabooseniorhigh.com/EN_en/Invoice_Notice/wrEW-a7sDO_ltcEVxb-xz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140784/"
+"140787","2019-02-20 15:54:07","http://dentistmomma.com/US/scan/Copy_Invoice/polmH-Jhr3A_TgR-EL//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140787/"
+"140786","2019-02-20 15:50:12","http://fenichka.ru/En_us/info/Invoice/FvMz-1fS_y-e0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140786/"
+"140785","2019-02-20 15:46:05","http://sgl.kz/EN_en/info/New_invoice/XIkh-Qcrt_NkKIbOBV-Cp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140785/"
+"140784","2019-02-20 15:41:04","http://barabooseniorhigh.com/EN_en/Invoice_Notice/wrEW-a7sDO_ltcEVxb-xz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140784/"
 "140783","2019-02-20 15:39:19","http://yushifandb.co.th/company/online/sec/view/agJzJZZM4QIg1DknBpKfGEnJvcPF/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140783/"
 "140782","2019-02-20 15:39:14","http://lesastucesdemilie.fr/secure/accounts/open/read/26Ist02B2khvTix/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140782/"
 "140781","2019-02-20 15:39:13","http://itechzone.ml/company/online_billing/billing/thrust/file/LrZhWthRMbK9vrId8icdF6rjfbL/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140781/"
@@ -490,10 +1041,10 @@
 "140769","2019-02-20 15:29:05","http://www.porteous.ch/llc/Invoice_number/pyVl-y6_Z-kJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140769/"
 "140768","2019-02-20 15:26:07","http://further.tv/download/hDJwz-09_ZUUeTiI-NIC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140768/"
 "140767","2019-02-20 15:20:32","http://www.birminghampcc.com/scan/Invoice/BEaz-hnqXV_wU-9t/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140767/"
-"140766","2019-02-20 15:16:02","http://ghidmamaia.ro/EN_en/xerox/Copy_Invoice/VqXno-4hVh_IW-wuB/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140766/"
+"140766","2019-02-20 15:16:02","http://ghidmamaia.ro/EN_en/xerox/Copy_Invoice/VqXno-4hVh_IW-wuB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140766/"
 "140765","2019-02-20 15:14:06","http://106.104.115.213:18434/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/140765/"
 "140764","2019-02-20 15:12:11","http://construccionesrm.com.ar/EN_en/frIUN-DtIK_REx-xbW/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140764/"
-"140763","2019-02-20 15:08:05","http://13.233.31.203/llc/Invoice/OvZN-kyyq_JV-bB/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140763/"
+"140763","2019-02-20 15:08:05","http://13.233.31.203/llc/Invoice/OvZN-kyyq_JV-bB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140763/"
 "140762","2019-02-20 15:06:12","http://kubud.pl/wp-content/themes/integral/js/messg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140762/"
 "140761","2019-02-20 15:05:08","http://23.249.163.126/link/putD06B91F.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140761/"
 "140760","2019-02-20 15:04:03","http://noithatshop.vn/Copy_Invoice/HpqFe-fT_poRQRHyZP-DRM/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140760/"
@@ -508,11 +1059,11 @@
 "140751","2019-02-20 14:53:04","http://coinspottechrem.ru/lpro/12.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140751/"
 "140750","2019-02-20 14:52:04","https://c4h0qa.bn.files.1drv.com/y4mKYz6bgLHSJYF08ENkkhmNS_AIBev-IWpuFi9jahuFXDh2cddRgINZokexXKF0HPAm8cmFfpLjFXyi6kBT1mWpM44gNvquK0wvt0tUayqq_8ecM0nR0X980Rwg4E2HAVzg_NoVFBNoemnsWqaxbQzz7CuJ3D7jBwe8PsGeIGqsqnBTdAf-nKOP8ih4iUIi_ht5hQDG0zxRVKQ1FHCnH790w/RFQ_pn%208TJ85GCG2-condOHC%2CPDF.gz?download&psid=1","offline","malware_download","exe,gz","https://urlhaus.abuse.ch/url/140750/"
 "140749","2019-02-20 14:52:03","http://weresolve.ca/file/Invoice/vKVR-lro_frym-X62/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140749/"
-"140748","2019-02-20 14:48:04","http://118.25.176.38/New_invoice/6899245/Ptdeu-frCPH_trcwBO-QwZ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140748/"
+"140748","2019-02-20 14:48:04","http://118.25.176.38/New_invoice/6899245/Ptdeu-frCPH_trcwBO-QwZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140748/"
 "140747","2019-02-20 14:47:02","http://nadisportsclub.com/assets/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140747/"
 "140746","2019-02-20 14:44:04","http://allens.youcheckit.ca/US/llc/Invoice_Notice/Bhaz-1LPbd_aqlUAKe-bCY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140746/"
 "140745","2019-02-20 14:39:09","http://huongnghiep.ictu.edu.vn/doc/Invoice_number/pbwEC-5XI2y_TqASK-lsY/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140745/"
-"140744","2019-02-20 14:38:05","https://www.peccapics.com/wp-content/themes/peccadillo/img/carousel/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140744/"
+"140744","2019-02-20 14:38:05","https://www.peccapics.com/wp-content/themes/peccadillo/img/carousel/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140744/"
 "140743","2019-02-20 14:35:03","http://ducasco.gr/En_us/Copy_Invoice/VcjdI-Ua_ch-GTB/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140743/"
 "140742","2019-02-20 14:31:03","http://ex-bestgroup.com/scan/mefN-KJ_mKBshDXz-RV/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140742/"
 "140741","2019-02-20 14:27:04","http://mehmoodtrust.com/US/llc/Copy_Invoice/dLWS-i9_apV-GM1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140741/"
@@ -524,47 +1075,47 @@
 "140735","2019-02-20 14:22:57","http://satellit-group.ru/company/business/thrust/read/zFWu8wcftNp4oRXcggHhm/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140735/"
 "140734","2019-02-20 14:22:56","http://mersin-organizasyon.com/secure/online/open/file/9PaxbsJqGhA1NtAA9AB3TcYvjjN/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140734/"
 "140733","2019-02-20 14:22:55","http://kynanggiaotiepungxu.edu.vn/secure/business/secur/list/sj4saG6UwhuqdOPZmJyj4d8H/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140733/"
-"140732","2019-02-20 14:22:24","http://distro.attaqwapreneur.com/company/online_billing/billing/sec/read/P7jaJ8zg2TNXNyaOP3iIyWg9YTD/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140732/"
-"140731","2019-02-20 14:22:11","http://cedricvuarnoz.ch/secure/online/thrust/list/kofTptN1vaClVfxB/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140731/"
-"140730","2019-02-20 14:22:10","http://160.16.198.220/company/accounts/sec/file/w99hasGYZCnUEgB2QqQC3Dq/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140730/"
+"140732","2019-02-20 14:22:24","http://distro.attaqwapreneur.com/company/online_billing/billing/sec/read/P7jaJ8zg2TNXNyaOP3iIyWg9YTD/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140732/"
+"140731","2019-02-20 14:22:11","http://cedricvuarnoz.ch/secure/online/thrust/list/kofTptN1vaClVfxB/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140731/"
+"140730","2019-02-20 14:22:10","http://160.16.198.220/company/accounts/sec/file/w99hasGYZCnUEgB2QqQC3Dq/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140730/"
 "140729","2019-02-20 14:22:08","http://159.65.142.218/wp-admin/organization/business/sec/read/j897y6FqeNTxGOMJcFaS/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140729/"
 "140728","2019-02-20 14:22:05","http://13.126.28.98/company/online_billing/billing/sec/list/iyXe3rYZusAeUxl/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140728/"
 "140727","2019-02-20 14:22:04","http://128.199.68.28/company/online/secur/list/1aLZfrXvaJ5qUvvrM/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140727/"
 "140726","2019-02-20 14:19:04","http://bkm-adwokaci.pl/res/EN_en/llc/New_invoice/Yypxo-mu_wq-ubK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140726/"
 "140725","2019-02-20 14:15:04","http://restaurantejorgedopeixe.com/info/IUwk-QofN_pVBP-Nr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140725/"
-"140724","2019-02-20 14:14:05","http://smartfit.com.pk/l/hqrwpd.msi","online","malware_download","Formbook,msi","https://urlhaus.abuse.ch/url/140724/"
+"140724","2019-02-20 14:14:05","http://smartfit.com.pk/l/hqrwpd.msi","offline","malware_download","Formbook,msi","https://urlhaus.abuse.ch/url/140724/"
 "140723","2019-02-20 14:11:02","http://old.braylland.com/En_us/Invoice_number/6362231/kNsz-AxStI_NTYZYqEYB-Sq5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140723/"
 "140722","2019-02-20 14:07:33","http://haustechnology.com.br/xerox/Invoice_number/fPXLC-09_gzNxGZ-Nf/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140722/"
 "140721","2019-02-20 14:03:02","http://energy63.ru/llc/PYMn-4tz_muL-R1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140721/"
 "140720","2019-02-20 13:59:07","http://schoolaredu.com/wp-content/uploads/file/Purchase.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140720/"
 "140719","2019-02-20 13:59:06","http://coinspottechrem.ru/lmon/ytSetupEU.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140719/"
 "140718","2019-02-20 13:59:03","http://pravprihod.ru/US_us/corporation/New_invoice/AldCH-P7_Nyq-MO/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140718/"
-"140717","2019-02-20 13:55:05","http://venta72.ru/En/document/New_invoice/955679680/SaSBw-7bAE_QDpiP-OgV/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140717/"
+"140717","2019-02-20 13:55:05","http://venta72.ru/En/document/New_invoice/955679680/SaSBw-7bAE_QDpiP-OgV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140717/"
 "140716","2019-02-20 13:51:06","http://eyestopper.ru/doc/HLCe-m0CB1_bot-2b/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140716/"
 "140715","2019-02-20 13:46:16","http://istratrans.ru/corporation/Invoice_number/351917407428730/FizH-5Bnoj_RdcpQHiVU-AOF/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140715/"
-"140714","2019-02-20 13:41:02","http://detsad-kr.ru/download/6179417/iRlyT-yY_hltAXhs-YK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140714/"
-"140713","2019-02-20 13:39:02","http://smartfit.com.pk/l/may.msi","online","malware_download","Formbook,msi","https://urlhaus.abuse.ch/url/140713/"
+"140714","2019-02-20 13:41:02","http://detsad-kr.ru/download/6179417/iRlyT-yY_hltAXhs-YK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140714/"
+"140713","2019-02-20 13:39:02","http://smartfit.com.pk/l/may.msi","offline","malware_download","Formbook,msi","https://urlhaus.abuse.ch/url/140713/"
 "140712","2019-02-20 13:37:05","http://wpdemo.wctravel.com.au/En/file/wJZbG-k2I_Cw-am/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140712/"
-"140711","2019-02-20 13:36:03","http://smartfit.com.pk/l/chi.msi","online","malware_download","Formbook,msi","https://urlhaus.abuse.ch/url/140711/"
+"140711","2019-02-20 13:36:03","http://smartfit.com.pk/l/chi.msi","offline","malware_download","Formbook,msi","https://urlhaus.abuse.ch/url/140711/"
 "140710","2019-02-20 13:33:02","http://karkw.org/Invoice_Notice/09096076783983/hjDvn-6ptt_qCEx-2gr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140710/"
 "140709","2019-02-20 13:32:07","http://almira.pro/company/business/open/read/uSRgfCdkX33nAPkK9FkRYX1i/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/140709/"
 "140708","2019-02-20 13:32:06","https://docs.google.com/uc?export=&id=1CL2jyCDOpsrANWQnzhujcD3wxD8FMyw9","online","malware_download","downloader,vbs","https://urlhaus.abuse.ch/url/140708/"
 "140707","2019-02-20 13:32:04","https://docs.google.com/uc?export=&id=1Rn6miZhuQtYIDg58YUfoO0vxU5td2LFy","online","malware_download","downloader,vbs","https://urlhaus.abuse.ch/url/140707/"
-"140706","2019-02-20 13:32:03","https://leogrande.club/epp500_0651.exe","online","malware_download","malware","https://urlhaus.abuse.ch/url/140706/"
+"140706","2019-02-20 13:32:03","https://leogrande.club/epp500_0651.exe","offline","malware_download","malware","https://urlhaus.abuse.ch/url/140706/"
 "140705","2019-02-20 13:29:03","http://103.11.22.51/wp-content/uploads/EN_en/info/Invoice_Notice/KgpkN-KH_jUtzCA-HiC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140705/"
 "140704","2019-02-20 13:28:07","http://students.washington.edu/alove4/Stage_Dublino.pdf.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140704/"
 "140703","2019-02-20 13:25:03","http://104.155.134.95/En/WwovG-58A_KSOQHnUxj-QMq/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140703/"
 "140702","2019-02-20 13:21:02","http://romanvolk.ru/En/company/tXZVB-TroJw_CsryMdsJ-DVZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140702/"
-"140701","2019-02-20 13:17:08","http://8.29.139.221/llc/New_invoice/JJeFF-1u_GjlYOVJKW-5Eg/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140701/"
-"140700","2019-02-20 13:16:12","http://207.154.223.104/1UcvZyZsF/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140700/"
+"140701","2019-02-20 13:17:08","http://8.29.139.221/llc/New_invoice/JJeFF-1u_GjlYOVJKW-5Eg/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140701/"
+"140700","2019-02-20 13:16:12","http://207.154.223.104/1UcvZyZsF/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140700/"
 "140699","2019-02-20 13:16:11","http://115.66.127.67/3ioVsDXkX/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140699/"
-"140698","2019-02-20 13:16:08","http://178.62.102.110/arpEV6rChy/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140698/"
-"140697","2019-02-20 13:16:06","http://104.223.40.40/Sn0vcAys/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140697/"
-"140696","2019-02-20 13:16:04","http://128.199.187.124/ibtfjA1/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140696/"
+"140698","2019-02-20 13:16:08","http://178.62.102.110/arpEV6rChy/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140698/"
+"140697","2019-02-20 13:16:06","http://104.223.40.40/Sn0vcAys/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140697/"
+"140696","2019-02-20 13:16:04","http://128.199.187.124/ibtfjA1/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140696/"
 "140695","2019-02-20 13:13:32","http://bonex.it/En_us/file/Invoice/xMafx-l3q_XvQGG-FqA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140695/"
 "140694","2019-02-20 13:11:13","http://162.243.254.239/Addon/company/business/secur/read/eru8ZKnwC3JTM8N/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140694/"
 "140693","2019-02-20 13:11:12","http://romantis.penghasilan.website/organization/business/secur/view/8driChEn8bOs5y5zz2/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140693/"
-"140692","2019-02-20 13:11:10","http://104.198.73.104/corporation/Invoice_Notice/UyKVp-c9d_fFOAmV-Z5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140692/"
+"140692","2019-02-20 13:11:10","http://104.198.73.104/corporation/Invoice_Notice/UyKVp-c9d_fFOAmV-Z5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140692/"
 "140690","2019-02-20 13:10:06","http://sealonbd.com/De/XOTJGYZH3053108/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140690/"
 "140691","2019-02-20 13:10:06","http://zolotoykluch69.ru/WTWXML8536793/Bestellungen/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140691/"
 "140689","2019-02-20 13:10:03","http://proffessia.ru/de_DE/KESXLI6319185/Rechnungs-Details/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140689/"
@@ -576,35 +1127,35 @@
 "140683","2019-02-20 13:09:52","http://clientes.jamesdecastro.com.br/DE/PAPMBAGXW4483987/Rechnungs-docs/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140683/"
 "140682","2019-02-20 13:09:50","http://bluesw2014.synology.me/@eaDir/Februar2019/KGBHAQ3523488/Rechnung/DETAILS/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140682/"
 "140681","2019-02-20 13:09:49","http://bagimsizarabuluculukmerkezi.com/OXBTNEU1938646/Rechnung/Zahlung/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140681/"
-"140680","2019-02-20 13:09:48","http://35.232.73.116/HZFHFM8935030/Rechnung/DOC-Dokument/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140680/"
+"140680","2019-02-20 13:09:48","http://35.232.73.116/HZFHFM8935030/Rechnung/DOC-Dokument/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140680/"
 "140679","2019-02-20 13:09:46","http://35.202.250.4/GMYUJPKR3110509/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/140679/"
-"140678","2019-02-20 13:09:16","http://206.189.154.46/De_de/YOXXXLCT4382765/gescanntes-Dokument/RECH/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140678/"
-"140677","2019-02-20 13:09:13","http://188.131.164.117/company/account/thrust/view/5VWHaO1Osd0FqU6QHr9t4dx3O/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140677/"
-"140676","2019-02-20 13:09:05","http://167.99.10.129/DE_de/JKDLBRYCK2211402/Rech/Fakturierung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140676/"
-"140675","2019-02-20 13:09:02","http://139.59.182.250/DE_de/IRJJOQRL8236206/de/Zahlungserinnerung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140675/"
+"140678","2019-02-20 13:09:16","http://206.189.154.46/De_de/YOXXXLCT4382765/gescanntes-Dokument/RECH/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140678/"
+"140677","2019-02-20 13:09:13","http://188.131.164.117/company/account/thrust/view/5VWHaO1Osd0FqU6QHr9t4dx3O/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140677/"
+"140676","2019-02-20 13:09:05","http://167.99.10.129/DE_de/JKDLBRYCK2211402/Rech/Fakturierung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140676/"
+"140675","2019-02-20 13:09:02","http://139.59.182.250/DE_de/IRJJOQRL8236206/de/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140675/"
 "140674","2019-02-20 13:04:41","http://35.244.2.82/1sqwnVupMcFHi/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140674/"
 "140673","2019-02-20 13:04:37","http://laylalanemusic.com/ZYn33EV8HB3mN_I8xn/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140673/"
 "140672","2019-02-20 13:04:35","http://gando24.com/akACCpMfqwHCN/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140672/"
 "140671","2019-02-20 13:04:32","http://ketanggungan.desabrebes.id/PYDKI4f4dEx/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/140671/"
-"140670","2019-02-20 13:04:03","http://159.89.153.180/jbgdP2PAlac/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140670/"
+"140670","2019-02-20 13:04:03","http://159.89.153.180/jbgdP2PAlac/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140670/"
 "140669","2019-02-20 13:03:02","http://giancarloraso.com/En_us/ETVc-RuzBL_ar-1Ze/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140669/"
-"140668","2019-02-20 12:59:09","http://35.247.37.148/GCCNTMVXUV9631051/GER/Zahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140668/"
+"140668","2019-02-20 12:59:09","http://35.247.37.148/GCCNTMVXUV9631051/GER/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140668/"
 "140667","2019-02-20 12:59:04","http://13.233.173.191/wp-content/DE/GXZYHHJHF4115902/DE/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140667/"
 "140666","2019-02-20 12:55:11","http://juliecahillphotography.com/wp-content/themes/rebecca/contactpage/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140666/"
-"140665","2019-02-20 12:54:16","http://kapuaskampung.com/templates/protostar/css/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140665/"
+"140665","2019-02-20 12:54:16","http://kapuaskampung.com/templates/protostar/css/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/140665/"
 "140664","2019-02-20 12:48:10","http://brameda.com/wp-content/themes/visia/font/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140664/"
 "140663","2019-02-20 12:47:16","http://darbartech.com/wp-content/themes/shopper/woocommerce/global/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140663/"
 "140662","2019-02-20 12:47:11","http://go-technical.com/modules/php/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140662/"
 "140661","2019-02-20 12:47:08","http://computrend.net/wp-content/themes/total/js/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140661/"
 "140660","2019-02-20 12:47:05","http://business.driverclub.co/.well-known/pki-validation/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140660/"
 "140659","2019-02-20 12:46:15","http://bullerwelsh.com/templates/templatename/sass/bootstrap/tests/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140659/"
-"140658","2019-02-20 12:46:13","http://titusrealestate.com.fj/.well-known/pki-validation/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140658/"
-"140656","2019-02-20 12:46:09","http://lien-hair.jp/wp-content/themes/twentyeleven/languages/msg.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140656/"
+"140658","2019-02-20 12:46:13","http://titusrealestate.com.fj/.well-known/pki-validation/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/140658/"
+"140656","2019-02-20 12:46:09","http://lien-hair.jp/wp-content/themes/twentyeleven/languages/msg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/140656/"
 "140657","2019-02-20 12:46:09","http://peccapics.com/wp-content/themes/peccadillo/img/carousel/msg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140657/"
 "140655","2019-02-20 12:38:03","http://23.249.163.126/link/output6A23060.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140655/"
-"140654","2019-02-20 12:32:07","https://chicagorawcakes.com/voice/call.hlp","offline","malware_download","BITS,exe,GBR,geofenced,Gozi,headersfenced","https://urlhaus.abuse.ch/url/140654/"
+"140654","2019-02-20 12:32:07","https://chicagorawcakes.com/voice/call.hlp","online","malware_download","BITS,exe,GBR,geofenced,Gozi,headersfenced","https://urlhaus.abuse.ch/url/140654/"
 "140653","2019-02-20 12:32:06","https://lymphcare-my.sharepoint.com/:u:/g/personal/jtaylor_lymphcare_co_uk/ERNWo8CTY5RIsS9s7POgUqEBTthcq_CJ20HOkrMivXsYQg?e=MAAODw&download=1","online","malware_download","GBR,Gozi,zipped-VBS","https://urlhaus.abuse.ch/url/140653/"
-"140652","2019-02-20 12:28:09","http://54.250.159.171/DE/IZAXDEQEJ0217606/Rechnungs-docs/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140652/"
+"140652","2019-02-20 12:28:09","http://54.250.159.171/DE/IZAXDEQEJ0217606/Rechnungs-docs/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140652/"
 "140651","2019-02-20 12:23:05","http://lachanson.online/DE/YYHFIJPODZ5345526/DE_de/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140651/"
 "140650","2019-02-20 12:20:04","http://tradecomunicaciones.com/TDRGDYBFST6641425/Rechnung/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140650/"
 "140649","2019-02-20 12:17:03","http://159.203.101.9/XGUSNYM6927233/Rechnungs-Details/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140649/"
@@ -622,24 +1173,24 @@
 "140637","2019-02-20 12:12:05","http://frisurideenneue.club/DE_de/AMHPTRILK2331220/DE/Rechnungszahlung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/140637/"
 "140636","2019-02-20 12:12:04","http://allstarsareshiningdreams.com/DE_de/SABIFZJ2282539/Rechnung/Fakturierung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/140636/"
 "140635","2019-02-20 12:12:01","http://178.128.54.239/DE_de/AAIYSM6783073/Rechnungs-Details/RECHNUNG/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140635/"
-"140634","2019-02-20 12:11:59","http://138.197.72.9/Februar2019/NSUDJSBMA3141751/GER/Zahlungserinnerung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140634/"
-"140633","2019-02-20 12:11:57","http://128.199.207.179/DTNFQWP6109971/Rechnungs-docs/Hilfestellung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140633/"
+"140634","2019-02-20 12:11:59","http://138.197.72.9/Februar2019/NSUDJSBMA3141751/GER/Zahlungserinnerung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140634/"
+"140633","2019-02-20 12:11:57","http://128.199.207.179/DTNFQWP6109971/Rechnungs-docs/Hilfestellung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140633/"
 "140632","2019-02-20 12:11:55","http://kynangbanhang.edu.vn/De/XSGZJXSA2044874/DE_de/DETAILS/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140632/"
-"140631","2019-02-20 12:11:51","http://37.139.27.218/De_de/CGIBNBZ2927341/Rechnungs/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140631/"
+"140631","2019-02-20 12:11:51","http://37.139.27.218/De_de/CGIBNBZ2927341/Rechnungs/DOC/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140631/"
 "140630","2019-02-20 12:11:48","http://school6.chernyahovsk.ru/De_de/RFVTKTI2685196/Scan/Zahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140630/"
-"140629","2019-02-20 12:11:42","http://anadolu.tv.tr/de_DE/GNEATBIS5707045/Rechnungs-Details/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140629/"
-"140628","2019-02-20 12:11:39","http://omidsalamat.ir/news1/DE/IECQEBD9453814/de/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140628/"
+"140629","2019-02-20 12:11:42","http://anadolu.tv.tr/de_DE/GNEATBIS5707045/Rechnungs-Details/DOC/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140629/"
+"140628","2019-02-20 12:11:39","http://omidsalamat.ir/news1/DE/IECQEBD9453814/de/RECH/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140628/"
 "140627","2019-02-20 12:11:31","http://arcpine.com/NNMLGU6236452/Rechnung/RECHNUNG/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140627/"
 "140626","2019-02-20 12:11:24","http://crmz.su/De/QZUXVJYFP0221950/DE/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140626/"
-"140625","2019-02-20 12:11:23","http://159.65.65.213/DE/ESHJXCSAEP2094785/de/DETAILS/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140625/"
+"140625","2019-02-20 12:11:23","http://159.65.65.213/DE/ESHJXCSAEP2094785/de/DETAILS/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140625/"
 "140623","2019-02-20 12:11:21","http://178.62.213.188/De/MTOQIU7473435/Rechnung/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140623/"
-"140624","2019-02-20 12:11:21","http://178.62.233.192/DE/YDJXIHNUTZ3915693/GER/DOC-Dokument/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140624/"
-"140622","2019-02-20 12:09:05","http://35.247.37.148/GCCNTMVXUV9631051/GER/Zahlung//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140622/"
+"140624","2019-02-20 12:11:21","http://178.62.233.192/DE/YDJXIHNUTZ3915693/GER/DOC-Dokument/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140624/"
+"140622","2019-02-20 12:09:05","http://35.247.37.148/GCCNTMVXUV9631051/GER/Zahlung//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140622/"
 "140621","2019-02-20 12:04:02","http://krisen.ca/Februar2019/PTRALS0157200/Dokumente/Fakturierung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140621/"
 "140620","2019-02-20 11:59:09","http://zebra9100.com/De/EDYYJRJ3904167/Rechnung/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140620/"
 "140619","2019-02-20 11:59:05","http://mincoindia.com/wp-content/zzz.exe","offline","malware_download","lokibot","https://urlhaus.abuse.ch/url/140619/"
-"140618","2019-02-20 11:55:03","http://35.190.186.53/DE_de/YSIVAMT2243026/gescanntes-Dokument/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140618/"
-"140617","2019-02-20 11:51:03","http://3.92.174.100/De/MCEYAR6293515/Rechnungs-docs/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140617/"
+"140618","2019-02-20 11:55:03","http://35.190.186.53/DE_de/YSIVAMT2243026/gescanntes-Dokument/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140618/"
+"140617","2019-02-20 11:51:03","http://3.92.174.100/De/MCEYAR6293515/Rechnungs-docs/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140617/"
 "140616","2019-02-20 11:47:03","http://193.77.216.20/De_de/EKXNHOUOB9032443/Rechnungs/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140616/"
 "140615","2019-02-20 11:42:06","http://35.204.88.6/De/CYGXBSEJ4369423/de/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140615/"
 "140614","2019-02-20 11:39:05","http://mtrans-rf.net/KJUEWAWWU8301868/DE_de/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140614/"
@@ -648,19 +1199,19 @@
 "140611","2019-02-20 11:30:03","http://dentistaoliveriblog.it/DE/VNXRWGZMYW4277681/Scan/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140611/"
 "140610","2019-02-20 11:26:03","http://grani-uspeha.ru/Februar2019/IKLPVQDX3736928/gescanntes-Dokument/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140610/"
 "140609","2019-02-20 11:22:05","http://komandor.by/DE/FURWQHD9760345/DE_de/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140609/"
-"140608","2019-02-20 11:18:05","http://159.65.146.232/de_DE/XQHLYZB9953698/Rechnungs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140608/"
-"140607","2019-02-20 11:14:04","http://159.89.167.92/de_DE/HHBWOJ1262645/Scan/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140607/"
+"140608","2019-02-20 11:18:05","http://159.65.146.232/de_DE/XQHLYZB9953698/Rechnungs/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140608/"
+"140607","2019-02-20 11:14:04","http://159.89.167.92/de_DE/HHBWOJ1262645/Scan/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140607/"
 "140606","2019-02-20 11:11:06","http://www.palermosleepcheap.com/wp-content/themes/starhotel/languages/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140606/"
-"140604","2019-02-20 11:11:03","http://128.199.172.4/de_DE/JUZVXAOSFC7139869/Dokumente/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140604/"
+"140604","2019-02-20 11:11:03","http://128.199.172.4/de_DE/JUZVXAOSFC7139869/Dokumente/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140604/"
 "140605","2019-02-20 11:11:03","http://palermosleepcheap.com/wp-content/themes/starhotel/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140605/"
 "140603","2019-02-20 11:09:05","http://14.48.81.108:55012/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/140603/"
 "140602","2019-02-20 11:09:02","http://31.187.80.46:65505/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/140602/"
 "140601","2019-02-20 11:08:02","http://13.233.173.191/wp-content/DE/GXZYHHJHF4115902/DE/DETAILS//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140601/"
-"140600","2019-02-20 11:02:03","http://159.65.147.40/ARLPXQNOQI2008400/Scan/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140600/"
-"140599","2019-02-20 11:00:32","http://13.233.183.227/De/LNGUKM2012920/Bestellungen/Zahlung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140599/"
+"140600","2019-02-20 11:02:03","http://159.65.147.40/ARLPXQNOQI2008400/Scan/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140600/"
+"140599","2019-02-20 11:00:32","http://13.233.183.227/De/LNGUKM2012920/Bestellungen/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140599/"
 "140598","2019-02-20 10:58:04","http://178.236.210.22/De_de/DYLNWFHXW8366104/Rechnungs-Details/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140598/"
 "140597","2019-02-20 10:56:08","http://www.palermosleepcheap.com/wp-content/themes/starhotel/admin/redux-extensions/extensions/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140597/"
-"140596","2019-02-20 10:55:02","http://159.65.83.246/Februar2019/AENRLSUE0288658/Rechnungskorrektur/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140596/"
+"140596","2019-02-20 10:55:02","http://159.65.83.246/Februar2019/AENRLSUE0288658/Rechnungskorrektur/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140596/"
 "140595","2019-02-20 10:50:02","http://altroquotidiano.it/wp-content/themes/mh-magazine/woocommerce/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140595/"
 "140594","2019-02-20 10:45:04","http://cild.edu.vn/De/KHJTVCIZWI8168573/GER/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140594/"
 "140593","2019-02-20 10:44:12","http://karditsa.org/ohCJotRf8F/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140593/"
@@ -673,14 +1224,14 @@
 "140586","2019-02-20 10:40:25","http://ulrikhtm.ru/DE/MKXOERS0349141/Bestellungen/DOC/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140586/"
 "140585","2019-02-20 10:40:24","http://stihiproigrushki.ru/AURTFK8163337/Bestellungen/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140585/"
 "140584","2019-02-20 10:40:23","http://nesbit.xyz/UMCQKYINZI9113913/Rechnungs/FORM/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140584/"
-"140583","2019-02-20 10:40:21","http://envi1.com/DE_de/XQASSZ4467969/Rech/FORM/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140583/"
+"140583","2019-02-20 10:40:21","http://envi1.com/DE_de/XQASSZ4467969/Rech/FORM/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140583/"
 "140582","2019-02-20 10:40:19","http://hangphimtheky21.com/DE_de/SLJDNYRIDA1336747/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140582/"
 "140581","2019-02-20 10:40:12","http://carolechabrand.it/De/SQJJQXZ6176899/Rechnungs-Details/Zahlung>/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140581/"
 "140580","2019-02-20 10:40:10","https://carolechabrand.it/De/SQJJQXZ6176899/Rechnungs-Details/Zahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140580/"
 "140578","2019-02-20 10:40:08","http://alainghazal.com/DE_de/JAIWXFTCV5712097/Rechnung/DETAILS/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140578/"
-"140579","2019-02-20 10:40:08","http://www.ermapictures.com/wp-content/De/IJYEBKWF5648107/Scan/DOC-Dokument/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140579/"
+"140579","2019-02-20 10:40:08","http://www.ermapictures.com/wp-content/De/IJYEBKWF5648107/Scan/DOC-Dokument/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140579/"
 "140577","2019-02-20 10:40:06","http://bbdangar.com/KLTBZWF4069006/Rechnungs-Details/Fakturierung/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140577/"
-"140576","2019-02-20 10:40:04","http://104.130.211.29/wp-admin/de_DE/BKUJRIV5425410/Rechnungskorrektur/DOC-Dokument/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140576/"
+"140576","2019-02-20 10:40:04","http://104.130.211.29/wp-admin/de_DE/BKUJRIV5425410/Rechnungskorrektur/DOC-Dokument/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140576/"
 "140575","2019-02-20 10:40:02","http://jonaspavao.com/De_de/TIMSZYQ1954112/Rechnungs-Details/DOC/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140575/"
 "140574","2019-02-20 10:40:01","http://matongcaocap.vn/De/CXERFI6111988/Rechnung/DETAILS/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140574/"
 "140573","2019-02-20 10:39:57","http://xn----7sbb4abj9beddh.xn--p1ai/QWSBMD0109629/Dokumente/Fakturierung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140573/"
@@ -690,33 +1241,33 @@
 "140569","2019-02-20 10:39:50","http://frisurideen2019.club/QAXVDA4427700/Rechnungskorrektur/Fakturierung/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140569/"
 "140568","2019-02-20 10:39:50","http://www.annual.fph.tu.ac.th/wp-content/uploads/De/ILFUWJCY5333684/Rechnungs-Details/Zahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140568/"
 "140567","2019-02-20 10:39:39","http://54.242.75.153/Februar2019/HYMWEGZZEV3444736/GER/DOC-Dokument/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140567/"
-"140566","2019-02-20 10:39:09","http://domanieccy.pl/De_de/AATQLBXHT5976414/gescanntes-Dokument/DETAILS/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140566/"
+"140566","2019-02-20 10:39:09","http://domanieccy.pl/De_de/AATQLBXHT5976414/gescanntes-Dokument/DETAILS/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140566/"
 "140565","2019-02-20 10:39:08","http://35.201.228.154/De_de/MJFRJDYVD6578556/DE/FORM/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140565/"
 "140564","2019-02-20 10:39:07","http://atlasfanavaran.com/De/UHTZMI5082317/Rechnungs-docs/RECH/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140564/"
 "140563","2019-02-20 10:39:06","http://esagarautomobiles.com/De_de/YLMRUB2478477/de/Zahlungserinnerung/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140563/"
 "140562","2019-02-20 10:39:04","http://boilerplate-elementor.mdamasceno.com/Februar2019/ODLDUL5291394/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140562/"
 "140561","2019-02-20 10:38:06","http://clinicacorporea.com/DE_de/WADUEER6903157/DE/DETAILS/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/140561/"
-"140560","2019-02-20 10:35:03","http://dockrover.com/Februar2019/VTHDYM7453619/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140560/"
+"140560","2019-02-20 10:35:03","http://dockrover.com/Februar2019/VTHDYM7453619/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140560/"
 "140559","2019-02-20 10:30:12","http://dctrcdd.davaocity.gov.ph/wp-content/DE/TUTPXZSGXW4275167/Rechnungs-Details/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140559/"
 "140558","2019-02-20 10:27:21","http://178.128.60.85/miori.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140558/"
 "140557","2019-02-20 10:27:18","http://www.palermosleepcheap.com/wp-content/themes/starhotel/vc_templates/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/140557/"
 "140556","2019-02-20 10:27:04","http://domainnamefinder.org/LEQWJSLZG0178044/Rechnungs/DETAILS/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/140556/"
-"140555","2019-02-20 10:26:06","http://139.59.130.73/De/MOKFDLDK6166341/gescanntes-Dokument/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140555/"
+"140555","2019-02-20 10:26:06","http://139.59.130.73/De/MOKFDLDK6166341/gescanntes-Dokument/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140555/"
 "140554","2019-02-20 10:23:04","http://blog.elefantuldodo.ro/Februar2019/FNJBTKZF9902001/Rechnungs-docs/Zahlungserinnerung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/140554/"
-"140553","2019-02-20 10:22:11","http://wordpress-219768-716732.cloudwaysapps.com/DE/JVLSBULU8619030/Scan/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140553/"
+"140553","2019-02-20 10:22:11","http://wordpress-219768-716732.cloudwaysapps.com/DE/JVLSBULU8619030/Scan/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140553/"
 "140552","2019-02-20 10:22:07","http://franchising.cnm.com.pt/DE_de/VGUDDKC6411605/Rechnungs/DOC-Dokument/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/140552/"
 "140551","2019-02-20 10:17:01","http://rewitek.nl/De/RGMMICHDXI5739335/DE_de/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140551/"
 "140550","2019-02-20 10:16:01","http://palermosleepcheap.com/wp-content/themes/starhotel/vc_templates/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140550/"
 "140549","2019-02-20 10:13:03","http://pravinpoudel.com.np/XCUIJOS1487926/gescanntes-Dokument/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140549/"
 "140548","2019-02-20 10:09:05","http://multishop.ga/MQMWGGO6503348/Rechnungs-Details/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140548/"
-"140547","2019-02-20 10:05:04","http://icpnt.org/wp-content/uploads/DE/JZFQRDEM8153455/Scan/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140547/"
+"140547","2019-02-20 10:05:04","http://icpnt.org/wp-content/uploads/DE/JZFQRDEM8153455/Scan/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140547/"
 "140546","2019-02-20 10:00:34","http://fhdesigen.com/De/INZIJY8575423/Rechnungs/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140546/"
 "140545","2019-02-20 09:56:08","http://keytosupply.ru/De/IOGOQFP5881476/DE/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140545/"
 "140544","2019-02-20 09:54:09","http://teendeveloperz.org/wp-content/themes/Avada/eexploit/admin1@office3.doc","offline","malware_download","AgentTesla,RTF","https://urlhaus.abuse.ch/url/140544/"
 "140543","2019-02-20 09:53:03","http://lifecampaign2017.fmeli.org/DE/JKMGMCOGT2021057/Dokumente/Hilfestellung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140543/"
 "140542","2019-02-20 09:49:02","http://da3.jihaose.cn/De_de/TZJWRWGPF7376298/gescanntes-Dokument/DOC/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140542/"
 "140541","2019-02-20 09:43:02","http://kubud.pl/de_DE/XHZZIRIBL4571056/Rechnungs/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140541/"
-"140540","2019-02-20 09:39:03","http://groundswellfilms.org/DE_de/MTBVKYPIBS2189566/Dokumente/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140540/"
+"140540","2019-02-20 09:39:03","http://groundswellfilms.org/DE_de/MTBVKYPIBS2189566/Dokumente/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140540/"
 "140539","2019-02-20 09:35:09","http://1lorawicz.pl/plan/DE/IGICREHGO8589279/Rechnung/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140539/"
 "140538","2019-02-20 09:31:18","http://teendeveloperz.org/wp-content/themes/Avada/eexploit/admin1@office3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140538/"
 "140537","2019-02-20 09:29:08","http://buonbantenmien.com/DE/OMYWJIITPX2609624/Rechnungskorrektur/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140537/"
@@ -959,7 +1510,7 @@
 "140300","2019-02-20 00:11:19","http://mandirnj.com/gMwvAxiL/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140300/"
 "140299","2019-02-20 00:11:15","http://cashcow.ai/getMitraApp/Organization/Accounts/open/list/d5wDMtzOMTudYLOG/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/140299/"
 "140298","2019-02-20 00:11:12","http://yeniportakalcicegi.com/company/business/open/file/jkmMXG840vF21a1P/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140298/"
-"140297","2019-02-20 00:11:06","http://protecaoportal.com.br/secure/online_billing/billing/sec/list/tVaHgKyB5hoq5S9/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140297/"
+"140297","2019-02-20 00:11:06","http://protecaoportal.com.br/secure/online_billing/billing/sec/list/tVaHgKyB5hoq5S9/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140297/"
 "140296","2019-02-19 23:48:05","http://thecomicsburger.com.br/wp-1/11104783.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140296/"
 "140295","2019-02-19 23:43:00","http://thecomicsburger.com.br/wp-1/05197.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140295/"
 "140294","2019-02-19 23:42:51","http://thecomicsburger.com.br/wp-1/7844013.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140294/"
@@ -975,7 +1526,7 @@
 "140285","2019-02-19 23:15:24","http://www.latuagrottaferrata.it/secure/account/open/list/lNuqanRNSK8VV9Ujb7oF5zHl/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140285/"
 "140283","2019-02-19 23:15:14","http://www.gam-jesus-machaca.com/company/business/thrust/list/dmgTNiWf3PcGUV0kcEMfqJosk/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140283/"
 "140282","2019-02-19 23:15:12","http://vastuanalyst.com/company/online_billing/billing/sec/file/6a63plBirzitOOFkbu/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140282/"
-"140281","2019-02-19 23:15:09","http://tricountydentalsociety.com/organization/accounts/sec/read/dOSuotyDkWxEgNHZK77UUGb/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140281/"
+"140281","2019-02-19 23:15:09","http://tricountydentalsociety.com/organization/accounts/sec/read/dOSuotyDkWxEgNHZK77UUGb/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140281/"
 "140280","2019-02-19 23:15:07","http://simawa.stikessarimulia.ac.id/company/accounts/sec/read/ewupS6Vz0jPn6gl7B/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140280/"
 "140279","2019-02-19 23:15:03","http://onenesschina.net/secure/accounts/sec/read/OlPIJsgZ21eDp17b/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140279/"
 "140278","2019-02-19 22:46:03","http://vivekavirtual.seoautorobot.com/En/doc/UCKnI-bVh_qBbIxFxU-8c/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140278/"
@@ -990,7 +1541,7 @@
 "140270","2019-02-19 22:41:45","http://tomiremonty.pl/wp-content/themes/customify/organization/accounts/sec/view/qHTNSFzDjEpL4YYdBY6/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140270/"
 "140268","2019-02-19 22:41:42","http://sundesigns.xp3.biz/blog/wp-content/secure/online_billing/billing/open/view/TlbZw9RrSLxnZgg0TBhqx/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140268/"
 "140267","2019-02-19 22:41:40","http://stickweld.cl/organization/online/thrust/file/ClTtOdLLllxMRpzvAbyK8vwGYPw/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140267/"
-"140266","2019-02-19 22:41:38","http://spbllc.yelpix.work/company/accounts/secur/read/M6Gm5Wvt0bWGiAbJSL7Vz2bHRT9R/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140266/"
+"140266","2019-02-19 22:41:38","http://spbllc.yelpix.work/company/accounts/secur/read/M6Gm5Wvt0bWGiAbJSL7Vz2bHRT9R/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140266/"
 "140265","2019-02-19 22:41:37","http://palmer-llc.kz/secure/account/secur/view/EXtilFk5tmb5wPNnV/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140265/"
 "140264","2019-02-19 22:41:35","http://noscan.us/company/business/thrust/list/Sj7uEchUEiPJdolOEU/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140264/"
 "140263","2019-02-19 22:41:33","http://mustbihar.in/secure/online_billing/billing/sec/read/Dd5knyRfXShP5PK5lz1ig2G/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140263/"
@@ -998,12 +1549,12 @@
 "140261","2019-02-19 22:41:26","http://menawanshop.online/organization/online/open/view/dPrgqYpQV2BC8e9nnAXyIaGa87/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140261/"
 "140260","2019-02-19 22:41:24","http://kebunrayabaturraden.id/organization/online_billing/billing/secur/list/oUWTB6zLPm3L1kMTvKKKIS/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140260/"
 "140259","2019-02-19 22:41:22","http://gapkiandalasforum.com/organization/online_billing/billing/thrust/list/nj46IrJ7fbLLhJ3T/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140259/"
-"140258","2019-02-19 22:41:20","http://frispa.usm.md/wp-content/uploads/organization/business/sec/file/zHhVAoVYE7iDTcQyHQrf/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140258/"
+"140258","2019-02-19 22:41:20","http://frispa.usm.md/wp-content/uploads/organization/business/sec/file/zHhVAoVYE7iDTcQyHQrf/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140258/"
 "140257","2019-02-19 22:41:18","http://canhogiaresaigon.net/secure/online/sec/view/Z1XWizZaERPdX4A0YWBmI7/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140257/"
 "140256","2019-02-19 22:41:14","http://ameen-brothers.com/secure/online_billing/billing/open/list/l2WGRE7IXUCA4Qgvms7T6/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140256/"
 "140255","2019-02-19 22:41:06","http://23.251.128.89/Company/Accounts/thrust/list/4XslX2DgP5w5Xea6zRVk0/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140255/"
 "140254","2019-02-19 22:41:05","http://18.233.163.194/company/online_billing/billing/thrust/list/NPPV5oDggedwA7Yu/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140254/"
-"140253","2019-02-19 22:41:04","http://www.lizmoneyweb.com/US_us/file/Invoice_Notice/zziF-EX_qIgTmX-zK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140253/"
+"140253","2019-02-19 22:41:04","http://www.lizmoneyweb.com/US_us/file/Invoice_Notice/zziF-EX_qIgTmX-zK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140253/"
 "140252","2019-02-19 22:38:08","http://acdhon.com/DE/XEJQLUEERE0488131/DE/Zahlung/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140252/"
 "140251","2019-02-19 22:38:05","http://52tuwei.com/US/info/TgXLW-mhhs_wbasnTpE-Xy1/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140251/"
 "140250","2019-02-19 22:38:02","http://35.239.114.129/En_us/file/Invoice_number/792125224933936/lrxR-HH32D_KHTe-oGp//","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140250/"
@@ -1028,7 +1579,7 @@
 "140231","2019-02-19 21:26:07","http://nondollarreport.com/wp-content/cache/whe1.exe","online","malware_download","exe,megalodon,payload,stage2","https://urlhaus.abuse.ch/url/140231/"
 "140230","2019-02-19 21:26:06","http://mmelite.ir/mpawori233/US_us/company/zZRJ-0j5b_JpK-HAf/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140230/"
 "140229","2019-02-19 21:18:14","http://alonhadat24h.vn/.well-known/acme-challenge/update_2018_02.browser-components.zip","online","malware_download","downloader,javascript,zip","https://urlhaus.abuse.ch/url/140229/"
-"140228","2019-02-19 21:18:10","http://www.phetphoomtour.com/EN_en/info/984190525818425/yQNa-X8c3z_f-aet/","offline","malware_download","None","https://urlhaus.abuse.ch/url/140228/"
+"140228","2019-02-19 21:18:10","http://www.phetphoomtour.com/EN_en/info/984190525818425/yQNa-X8c3z_f-aet/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140228/"
 "140227","2019-02-19 21:17:20","http://thecomicsburger.com.br/wp-1/nne.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140227/"
 "140226","2019-02-19 21:17:13","http://thecomicsburger.com.br/wp-1/hubmaketyh.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140226/"
 "140225","2019-02-19 21:17:08","http://thecomicsburger.com.br/wp-1/File_12060.jpg","offline","malware_download","AZORult,exe,payload,stage2","https://urlhaus.abuse.ch/url/140225/"
@@ -1075,7 +1626,7 @@
 "140184","2019-02-19 20:51:07","http://139.99.186.18:80/2.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/140184/"
 "140183","2019-02-19 20:51:05","http://139.99.186.18:80/1.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/140183/"
 "140182","2019-02-19 20:50:04","https://xfundzonline.com/wp-content/themes/certify/header/pic.zip","offline","malware_download","javascript,Ransomware,Shade,Troldesh,zip","https://urlhaus.abuse.ch/url/140182/"
-"140181","2019-02-19 20:48:03","http://www.topreach.com.br/En_us/document/Copy_Invoice/udylZ-kaWO_uHAlfUBM-KN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140181/"
+"140181","2019-02-19 20:48:03","http://www.topreach.com.br/En_us/document/Copy_Invoice/udylZ-kaWO_uHAlfUBM-KN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140181/"
 "140180","2019-02-19 20:46:11","http://91.239.233.236/eRR8zYJVDDEXiR/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140180/"
 "140179","2019-02-19 20:46:09","http://bietthunghiduong24h.info/fxTYTjQ4B_X5/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140179/"
 "140178","2019-02-19 20:46:05","http://ortotomsk.ru/XmaxodB/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140178/"
@@ -1091,7 +1642,7 @@
 "140168","2019-02-19 20:39:09","http://51.15.113.220/2sT3beRO4/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/140168/"
 "140167","2019-02-19 20:39:08","http://trialgrouparquitectos.com/wp-content/uploads/Invoice_number/CNqU-501_BvSKJ-n3c/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140167/"
 "140166","2019-02-19 20:36:06","http://www.pattani.mcu.ac.th/wp-content/uploads/secure/online/thrust/file/LwV24zPKaLQnRHsiI/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140166/"
-"140165","2019-02-19 20:36:02","http://lsaca-nigeria.org/company/online_billing/billing/sec/file/On8nXkPknBuFTv0vVnPwW2ro/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140165/"
+"140165","2019-02-19 20:36:02","http://lsaca-nigeria.org/company/online_billing/billing/sec/file/On8nXkPknBuFTv0vVnPwW2ro/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140165/"
 "140164","2019-02-19 20:34:05","http://research.fph.tu.ac.th/wp-content/uploads/En/corporation/Invoice/VRtDa-f1H_QK-Bws/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140164/"
 "140163","2019-02-19 20:32:12","http://gbconnection.vn/7kgp8jqp7M5_SiF/En_us/Inv/CGPk-cNXp4_Ir-1KO/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140163/"
 "140162","2019-02-19 20:31:03","http://lisasdesignstudio.com/wp-content/themes/whisper/images/pic.zip","online","malware_download","javascript,Ransomware,Shade,Troldesh,zip","https://urlhaus.abuse.ch/url/140162/"
@@ -1117,7 +1668,7 @@
 "140142","2019-02-19 20:16:07","http://206.189.200.115:80/Kuso69/Akiru.x86","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/140142/"
 "140141","2019-02-19 20:16:06","http://1.34.19.87:56402/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/140141/"
 "140140","2019-02-19 20:13:05","http://dztech.ind.br/wp-content/uploads/llc/YPlN-nb_nJyHFRn-Ncq/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140140/"
-"140139","2019-02-19 20:09:04","http://buseguzellikmerkezi.com/download/Invoice/ZoNN-I2N_mRJEysRVK-YT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140139/"
+"140139","2019-02-19 20:09:04","http://buseguzellikmerkezi.com/download/Invoice/ZoNN-I2N_mRJEysRVK-YT/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140139/"
 "140138","2019-02-19 20:05:03","https://www.sendspace.com/pro/dl/25i4i4","offline","malware_download","compressed,exe,img,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/140138/"
 "140137","2019-02-19 20:04:07","https://www.kamagra4uk.com/sa/ef/deck.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140137/"
 "140136","2019-02-19 20:04:03","http://kamagra4uk.com/sa/ef/deck.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/140136/"
@@ -1130,10 +1681,10 @@
 "140129","2019-02-19 19:59:06","https://onedrive.live.com/download?cid=809F316B561D99CA&resid=809F316B561D99CA%21111&authkey=AIdKVDQS85-n0Fs","online","malware_download","NanoCore,payload,rat","https://urlhaus.abuse.ch/url/140129/"
 "140128","2019-02-19 19:59:04","http://hashtagvietnam.com/En/company/Copy_Invoice/43657578281/njAr-PNXG_sX-Jr/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140128/"
 "140127","2019-02-19 19:58:04","https://www.dropbox.com/s/22hur48uo43ecf4/Scan0001234345676.iso?dl=1","offline","malware_download","compressed,iso,NanoCore,payload,rat","https://urlhaus.abuse.ch/url/140127/"
-"140126","2019-02-19 19:56:13","http://www.acropol.com.eg/pdf/jeff.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140126/"
-"140125","2019-02-19 19:56:11","http://acropol.com.eg/pdf/jeff.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140125/"
-"140124","2019-02-19 19:56:08","http://www.acropol.com.eg/pdf/Order_P0018374.docx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140124/"
-"140123","2019-02-19 19:56:07","http://acropol.com.eg/pdf/Order_P0018374.docx","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140123/"
+"140126","2019-02-19 19:56:13","http://www.acropol.com.eg/pdf/jeff.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140126/"
+"140125","2019-02-19 19:56:11","http://acropol.com.eg/pdf/jeff.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140125/"
+"140124","2019-02-19 19:56:08","http://www.acropol.com.eg/pdf/Order_P0018374.docx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140124/"
+"140123","2019-02-19 19:56:07","http://acropol.com.eg/pdf/Order_P0018374.docx","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/140123/"
 "140122","2019-02-19 19:56:07","http://yduocsonla.info/En_us/Invoice_Notice/XHvns-XgHwE_uva-co/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140122/"
 "140121","2019-02-19 19:52:07","http://www.mediafire.com/file/yxuc6o3kuucx8ck/TT_Payment_TK76432678.rar/file","offline","malware_download","compressed,NetWire,payload,winrar","https://urlhaus.abuse.ch/url/140121/"
 "140120","2019-02-19 19:52:06","http://up2m.politanisamarinda.ac.id/wp-content/EN_en/Inv/qPAcd-lFq_ulcyeK-XY/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140120/"
@@ -1142,11 +1693,11 @@
 "140117","2019-02-19 19:46:04","http://saigonthinhvuong.net/download/Invoice_number/sSzf-pQWm_qV-KMT/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140117/"
 "140116","2019-02-19 19:42:04","http://tisoft.vn/public/US/Inv/IORP-mY_ZeuMiOMxN-QL/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140116/"
 "140115","2019-02-19 19:39:02","https://mega.nz/#!FRMgXSSR!Y1SAGfLr1n_qYxhQYp67A577AKNcqQn8gAp7TYLzGUk","offline","malware_download","dark comet,rat","https://urlhaus.abuse.ch/url/140115/"
-"140114","2019-02-19 19:38:04","http://iventurecard.co.uk/EN_en/corporation/Copy_Invoice/Scfbx-olSD4_ZWOix-y7E/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140114/"
+"140114","2019-02-19 19:38:04","http://iventurecard.co.uk/EN_en/corporation/Copy_Invoice/Scfbx-olSD4_ZWOix-y7E/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140114/"
 "140113","2019-02-19 19:37:32","http://viticomvietnam.com/file/KznQ-08qJw_LhSfktv-MH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140113/"
 "140112","2019-02-19 19:33:04","http://www.darsab.se/wp-content/themes/zerif-lite/languages/msg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/140112/"
 "140111","2019-02-19 19:25:06","https://www.dkstudy.com/Februar2019/VTDXDMEZW2724842/Dokumente/DOC/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140111/"
-"140110","2019-02-19 19:24:05","http://lubraperfis.com.br/PMSYGWLX5305438/de/Hilfestellung/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/140110/"
+"140110","2019-02-19 19:24:05","http://lubraperfis.com.br/PMSYGWLX5305438/de/Hilfestellung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/140110/"
 "140109","2019-02-19 19:22:32","http://www.stb-haaglanden.nl/Secure/Account/secur/view/2Ym2YN2NHwWluh3gaUmy/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140109/"
 "140108","2019-02-19 19:22:31","http://miennamoto.com/de_DE/URYEJS7618765/Rechnungs/RECHNUNG/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140108/"
 "140107","2019-02-19 19:22:28","http://isabellagimenez.isabellatransescort.com/DE_de/MFHUFEM7154227/Rechnung/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140107/"
@@ -1155,7 +1706,7 @@
 "140104","2019-02-19 19:22:09","http://bloqueador-ar.com.br/De_de/YTIVQUIPX4596277/Rechnungs-Details/DOC/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140104/"
 "140103","2019-02-19 19:22:05","http://35.226.12.246/company/account/open/read/CpMumEcjz22ZB4h/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140103/"
 "140102","2019-02-19 19:22:03","http://107.23.200.84/Company/Online/secur/list/ujiByeGF5RoEEyegzwZoK/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140102/"
-"140101","2019-02-19 18:50:05","http://13.251.184.56/corporation/Copy_Invoice/hQDNa-re_NgrM-mXb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140101/"
+"140101","2019-02-19 18:50:05","http://13.251.184.56/corporation/Copy_Invoice/hQDNa-re_NgrM-mXb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140101/"
 "140100","2019-02-19 18:46:03","http://100.24.104.187/wp-content/US_us/file/New_invoice/sIeU-4gCmt_zvWjW-qNd/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140100/"
 "140099","2019-02-19 18:41:11","http://34.227.190.147/info/Invoice_Notice/isXM-2ZP_KpXZ-BB1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140099/"
 "140098","2019-02-19 18:37:05","http://probost.cz/olex.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/140098/"
@@ -1164,7 +1715,7 @@
 "140095","2019-02-19 18:36:06","http://18.207.109.124/nfTGNfwMAJLvvJx_3WXmfOqfk/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140095/"
 "140094","2019-02-19 18:36:05","http://178.128.238.130/NTz1JiCB7Vy_z/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140094/"
 "140093","2019-02-19 18:36:04","http://206.189.181.0/NuSbeo2mclSK_e/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140093/"
-"140092","2019-02-19 18:36:02","http://34.207.166.101/hNKLRWbxdnMi/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140092/"
+"140092","2019-02-19 18:36:02","http://34.207.166.101/hNKLRWbxdnMi/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/140092/"
 "140091","2019-02-19 18:33:03","http://35.221.232.175/En/doc/Copy_Invoice/otPaV-1zZ_OZz-3dc/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140091/"
 "140090","2019-02-19 18:28:04","http://54.88.70.151/US_us/New_invoice/63286832/LZOnt-KN_uvHjR-ir/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140090/"
 "140089","2019-02-19 18:24:03","http://35.225.175.153/En/Invoice_number/1428103/DiYag-jGAi_Adzq-G6m/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140089/"
@@ -1212,10 +1763,10 @@
 "140047","2019-02-19 18:14:47","http://104.248.149.170/EQ13xNzS1/","offline","malware_download","emotet,epoch1,exe,Gozi,heodo","https://urlhaus.abuse.ch/url/140047/"
 "140046","2019-02-19 18:14:46","http://www.garagedoorcompanylosgatos.com/0CEJYae/","offline","malware_download","emotet,epoch1,exe,Gozi","https://urlhaus.abuse.ch/url/140046/"
 "140045","2019-02-19 18:14:43","http://34.226.152.22/En_us/Copy_Invoice/GrPD-ML8MC_Dp-6v/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140045/"
-"140044","2019-02-19 18:14:42","http://flapcon.com/verif.accs.resourses.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140044/"
+"140044","2019-02-19 18:14:42","http://flapcon.com/verif.accs.resourses.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140044/"
 "140043","2019-02-19 18:14:41","http://35.228.72.235/wordpress/Organization/Online/secur/file/9cNXeslr6tfxsHvXgArlrqppg/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140043/"
 "140042","2019-02-19 18:14:40","http://dmachina.cn/DE/TDTNKK1712878/Rechnung/Rechnungszahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140042/"
-"140041","2019-02-19 18:14:37","http://carlpalmer.readeranswer.com/sec.accs.send.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140041/"
+"140041","2019-02-19 18:14:37","http://carlpalmer.readeranswer.com/sec.accs.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140041/"
 "140040","2019-02-19 18:14:36","http://glamox.pl/Secure/Online_billing/Billing/thrust/view/mrocmtQRzuPMkY8bB/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140040/"
 "140039","2019-02-19 18:14:35","http://authenticity.id/DE_de/ZCPKJRL1373298/Rechnungs-Details/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140039/"
 "140038","2019-02-19 18:14:32","http://54.236.34.129/Organization/Business/secur/file/F6S3dssWhqdvfItOyF4t8CevO/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/140038/"
@@ -1230,19 +1781,19 @@
 "140029","2019-02-19 18:14:18","http://34.207.179.222/scan/Copy_Invoice/3898708/RnYq-WNJ_CXjfTiwrj-Ur/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140029/"
 "140028","2019-02-19 18:14:17","http://216.170.114.120/easy.exe","offline","malware_download","exe,rat,RevengeRAT","https://urlhaus.abuse.ch/url/140028/"
 "140027","2019-02-19 18:14:14","http://3.82.177.144/wp-content/uploads/En/company/wHFx-qc_aWJIHIuh-Di/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140027/"
-"140026","2019-02-19 18:14:13","http://185.101.105.208/OwO/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140026/"
+"140026","2019-02-19 18:14:13","http://185.101.105.208/OwO/Tsunami.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140026/"
 "140025","2019-02-19 18:14:12","http://blossomtel.com/~mgarrett456/loges/uvsqxow.php","offline","malware_download","None","https://urlhaus.abuse.ch/url/140025/"
-"140023","2019-02-19 18:14:11","http://185.101.105.208/OwO/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140023/"
+"140023","2019-02-19 18:14:11","http://185.101.105.208/OwO/Tsunami.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140023/"
 "140024","2019-02-19 18:14:11","http://blossomtel.com/~mgarrett456/loges/ugjxsbn.php","offline","malware_download","None","https://urlhaus.abuse.ch/url/140024/"
 "140022","2019-02-19 18:14:10","http://blossomtel.com/~mgarrett456/loggers/from_126.php","offline","malware_download","None","https://urlhaus.abuse.ch/url/140022/"
 "140021","2019-02-19 18:14:09","http://blossomtel.com/~mgarrett456/loggers/obfuscated2.php","offline","malware_download","None","https://urlhaus.abuse.ch/url/140021/"
 "140020","2019-02-19 18:14:08","http://blossomtel.com/~mgarrett456/loggers/wpdd.php","offline","malware_download","None","https://urlhaus.abuse.ch/url/140020/"
-"140019","2019-02-19 18:14:06","http://185.101.105.208/OwO/Tsunami.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140019/"
+"140019","2019-02-19 18:14:06","http://185.101.105.208/OwO/Tsunami.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/140019/"
 "140018","2019-02-19 18:14:06","http://3.89.91.237/oYen-ii0u_WkLaQiA-yG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140018/"
 "140017","2019-02-19 18:14:04","http://34.224.99.185/download/New_invoice/isVoN-TMCYY_fgcu-Ic/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140017/"
 "140016","2019-02-19 18:14:03","http://34.205.58.207/wp-admin/EN_en/llc/XhVVE-9E0aJ_aL-TE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/140016/"
 "140015","2019-02-19 18:13:43","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/140015/"
-"140014","2019-02-19 18:13:12","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/140014/"
+"140014","2019-02-19 18:13:12","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/140014/"
 "140013","2019-02-19 18:12:39","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/140013/"
 "140010","2019-02-19 18:12:38","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/140010/"
 "140011","2019-02-19 18:12:38","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/140011/"
@@ -1268,7 +1819,7 @@
 "139991","2019-02-19 18:06:06","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139991/"
 "139990","2019-02-19 18:05:36","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139990/"
 "139989","2019-02-19 18:05:06","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139989/"
-"139988","2019-02-19 18:04:36","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139988/"
+"139988","2019-02-19 18:04:36","http://amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139988/"
 "139987","2019-02-19 18:04:05","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139987/"
 "139986","2019-02-19 18:03:35","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139986/"
 "139985","2019-02-19 18:03:05","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139985/"
@@ -1289,7 +1840,7 @@
 "139970","2019-02-19 17:54:32","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139970/"
 "139969","2019-02-19 17:53:01","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139969/"
 "139968","2019-02-19 17:52:30","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139968/"
-"139967","2019-02-19 17:52:00","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139967/"
+"139967","2019-02-19 17:52:00","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139967/"
 "139966","2019-02-19 17:51:30","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139966/"
 "139965","2019-02-19 17:50:59","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139965/"
 "139964","2019-02-19 17:50:29","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139964/"
@@ -1314,7 +1865,7 @@
 "139945","2019-02-19 17:40:54","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139945/"
 "139944","2019-02-19 17:40:24","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139944/"
 "139943","2019-02-19 17:39:53","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139943/"
-"139942","2019-02-19 17:39:23","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139942/"
+"139942","2019-02-19 17:39:23","http://aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139942/"
 "139941","2019-02-19 17:38:53","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139941/"
 "139940","2019-02-19 17:38:22","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139940/"
 "139939","2019-02-19 17:37:52","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139939/"
@@ -1336,7 +1887,7 @@
 "139923","2019-02-19 17:30:16","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139923/"
 "139922","2019-02-19 17:29:46","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139922/"
 "139921","2019-02-19 17:29:16","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139921/"
-"139920","2019-02-19 17:28:46","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139920/"
+"139920","2019-02-19 17:28:46","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139920/"
 "139919","2019-02-19 17:28:13","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139919/"
 "139918","2019-02-19 17:27:43","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139918/"
 "139917","2019-02-19 17:27:13","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139917/"
@@ -1361,7 +1912,7 @@
 "139898","2019-02-19 17:17:33","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139898/"
 "139897","2019-02-19 17:17:03","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139897/"
 "139896","2019-02-19 17:16:33","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139896/"
-"139895","2019-02-19 17:16:03","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139895/"
+"139895","2019-02-19 17:16:03","http://aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139895/"
 "139894","2019-02-19 17:15:32","http://blossomtel.com/~mgarrett456/logo","offline","malware_download","exe","https://urlhaus.abuse.ch/url/139894/"
 "139893","2019-02-19 17:15:30","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139893/"
 "139892","2019-02-19 17:14:59","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139892/"
@@ -1383,7 +1934,7 @@
 "139876","2019-02-19 17:06:55","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139876/"
 "139875","2019-02-19 17:06:25","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139875/"
 "139874","2019-02-19 17:05:55","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139874/"
-"139873","2019-02-19 17:05:24","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139873/"
+"139873","2019-02-19 17:05:24","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139873/"
 "139872","2019-02-19 17:04:54","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139872/"
 "139871","2019-02-19 17:04:24","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139871/"
 "139870","2019-02-19 17:03:54","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139870/"
@@ -1408,7 +1959,7 @@
 "139851","2019-02-19 16:54:17","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139851/"
 "139850","2019-02-19 16:53:47","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139850/"
 "139849","2019-02-19 16:53:16","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139849/"
-"139848","2019-02-19 16:52:46","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139848/"
+"139848","2019-02-19 16:52:46","http://76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139848/"
 "139847","2019-02-19 16:52:16","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139847/"
 "139846","2019-02-19 16:51:46","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139846/"
 "139845","2019-02-19 16:51:15","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139845/"
@@ -1429,7 +1980,7 @@
 "139830","2019-02-19 16:43:41","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139830/"
 "139829","2019-02-19 16:43:11","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139829/"
 "139828","2019-02-19 16:42:40","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139828/"
-"139827","2019-02-19 16:42:10","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139827/"
+"139827","2019-02-19 16:42:10","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139827/"
 "139826","2019-02-19 16:41:40","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139826/"
 "139825","2019-02-19 16:41:10","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139825/"
 "139824","2019-02-19 16:40:39","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139824/"
@@ -1455,7 +2006,7 @@
 "139804","2019-02-19 16:30:33","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139804/"
 "139803","2019-02-19 16:30:03","http://13.73.162.155/US_us/xerox/pTlV-KGU7_KavS-Hr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/139803/"
 "139802","2019-02-19 16:29:24","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139802/"
-"139801","2019-02-19 16:28:53","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139801/"
+"139801","2019-02-19 16:28:53","http://5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139801/"
 "139800","2019-02-19 16:28:23","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139800/"
 "139799","2019-02-19 16:27:53","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139799/"
 "139798","2019-02-19 16:27:23","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139798/"
@@ -1492,7 +2043,7 @@
 "139767","2019-02-19 16:19:43","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139767/"
 "139766","2019-02-19 16:19:12","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139766/"
 "139765","2019-02-19 16:18:42","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139765/"
-"139764","2019-02-19 16:18:12","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139764/"
+"139764","2019-02-19 16:18:12","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139764/"
 "139763","2019-02-19 16:17:42","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139763/"
 "139762","2019-02-19 16:17:11","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139762/"
 "139761","2019-02-19 16:16:41","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139761/"
@@ -1517,7 +2068,7 @@
 "139742","2019-02-19 16:07:02","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139742/"
 "139741","2019-02-19 16:06:32","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139741/"
 "139740","2019-02-19 16:06:02","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139740/"
-"139739","2019-02-19 16:05:32","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139739/"
+"139739","2019-02-19 16:05:32","http://203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139739/"
 "139738","2019-02-19 16:02:06","http://92.63.197.153/www/1.exe","offline","malware_download","GandCrab","https://urlhaus.abuse.ch/url/139738/"
 "139737","2019-02-19 16:02:05","http://radioviverbem.com.br/download/Copy_Invoice/uzJJ-1qMu_CUdmQR-WBG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/139737/"
 "139736","2019-02-19 15:57:03","http://18.232.11.96/corporation/uGPD-3bb_AoOvHA-iHc/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/139736/"
@@ -1547,7 +2098,7 @@
 "139712","2019-02-19 15:16:37","http://104.248.187.115:80/ankit/storm.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139712/"
 "139711","2019-02-19 15:16:06","http://www.bocaratongaragedoorrepair.net/company/WKOOD-Asu_VLK-4en/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/139711/"
 "139710","2019-02-19 15:15:11","http://104.248.187.115:80/ankit/storm.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139710/"
-"139709","2019-02-19 15:14:41","http://103.210.236.96/mm/nvidia.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/139709/"
+"139709","2019-02-19 15:14:41","http://103.210.236.96/mm/nvidia.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/139709/"
 "139708","2019-02-19 15:14:23","http://103.210.236.96/mm/cpu64.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/139708/"
 "139707","2019-02-19 15:14:21","http://103.210.236.96/mm/cpu32.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/139707/"
 "139706","2019-02-19 15:14:18","http://103.210.236.96/mm/amd64.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/139706/"
@@ -1590,7 +2141,7 @@
 "139669","2019-02-19 14:53:40","http://wyszx.jihaose.cn/MUHUFBCK9289820/Rechnungs-Details/DOC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139669/"
 "139667","2019-02-19 14:53:38","http://topsango.net/DE/UJVGIP5822519/de/FORM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139667/"
 "139668","2019-02-19 14:53:38","http://www.ingrossostock.it/De_de/EVVKTQ3712970/Rechnungs-Details/Zahlung/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139668/"
-"139666","2019-02-19 14:53:32","http://test.bhavishyagyan.com/Februar2019/UQYWSZY0506729/Rech/DOC-Dokument/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139666/"
+"139666","2019-02-19 14:53:32","http://test.bhavishyagyan.com/Februar2019/UQYWSZY0506729/Rech/DOC-Dokument/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139666/"
 "139665","2019-02-19 14:53:30","http://stbarnabasps.edu.na/De_de/HXGDETGGO4650592/Rechnungs-docs/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139665/"
 "139664","2019-02-19 14:53:28","http://site.38abc.ru/Februar2019/GUVCEOTM0045508/Rech/FORM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139664/"
 "139663","2019-02-19 14:53:27","http://ourvictoriousdigitallifestyle.co.events/KBDVQIPTGJ6545138/Scan/Fakturierung/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/139663/"
@@ -1652,7 +2203,7 @@
 "139607","2019-02-19 14:11:03","http://104.248.187.115/ankit/storm.arm","offline","malware_download","elf,hajime,mirai","https://urlhaus.abuse.ch/url/139607/"
 "139606","2019-02-19 14:10:15","http://edvanta.com/wp-content/rDaOutqPT8a/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/139606/"
 "139605","2019-02-19 14:10:06","http://sanaitgroup.ir/nF8XNmV4jNttCj/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/139605/"
-"139604","2019-02-19 14:10:05","http://postvirale.com/88IIx8tsZCiqB/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/139604/"
+"139604","2019-02-19 14:10:05","http://postvirale.com/88IIx8tsZCiqB/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/139604/"
 "139603","2019-02-19 14:10:04","http://fondtomafound.org/wvvw/unKeiHfM4yykPTCnP/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/139603/"
 "139602","2019-02-19 14:10:02","http://35.204.251.94/xqhubRX1Phu0/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/139602/"
 "139601","2019-02-19 14:01:31","http://p.dropmy.nl/qtcek.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/139601/"
@@ -1662,18 +2213,18 @@
 "139597","2019-02-19 13:18:10","http://xn--777-9cdpxv4b3g4a.xn--p1ai/DE/GJUFFDBPG3836764/Rechnungs-docs/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139597/"
 "139596","2019-02-19 13:18:08","http://www.tasarlagelsin.net/De/KUDWDOT7075463/gescanntes-Dokument/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139596/"
 "139595","2019-02-19 13:18:07","http://xn--80aaldkhjg6a9c.xn--p1ai/De/RANVWTKBN4296383/Rechnung/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139595/"
-"139594","2019-02-19 13:18:06","http://big.5072610.ru/DE_de/LNYWOPI8833216/de/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139594/"
-"139593","2019-02-19 13:18:03","http://sgl.kz/de_DE/SALATNFUD9922282/Scan/Zahlungserinnerung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139593/"
+"139594","2019-02-19 13:18:06","http://big.5072610.ru/DE_de/LNYWOPI8833216/de/DOC-Dokument/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139594/"
+"139593","2019-02-19 13:18:03","http://sgl.kz/de_DE/SALATNFUD9922282/Scan/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139593/"
 "139592","2019-02-19 13:18:01","http://fashionspace.in/de_DE/JRLMVJR3779547/DE_de/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139592/"
 "139591","2019-02-19 13:18:01","http://test.38abc.ru/De_de/TVHAIKM6164145/Rechnungs/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139591/"
 "139590","2019-02-19 13:17:59","http://ayothayathailand.com/Februar2019/QCSIAHFER4272711/de/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139590/"
-"139589","2019-02-19 13:17:54","http://enviedepices.fr/de_DE/BXATPZW0542549/Rechnungs/FORM/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139589/"
+"139589","2019-02-19 13:17:54","http://enviedepices.fr/de_DE/BXATPZW0542549/Rechnungs/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139589/"
 "139588","2019-02-19 13:17:53","http://schoolshare.hicomputing.com.na/de_DE/OSOTOC7895236/Rechnung/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139588/"
 "139587","2019-02-19 13:17:51","http://vipspa.bbcall.biz/de_DE/YMZINPB8888030/Scan/RECH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139587/"
 "139586","2019-02-19 13:17:49","http://opcbgpharma.com/Februar2019/XREHDBTW2563262/Rechnungs-Details/DETAILS/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139586/"
-"139585","2019-02-19 13:17:45","http://fb.saltermitchell.com/Februar2019/FVSCUWBHMY3334648/Bestellungen/FORM/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139585/"
+"139585","2019-02-19 13:17:45","http://fb.saltermitchell.com/Februar2019/FVSCUWBHMY3334648/Bestellungen/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139585/"
 "139584","2019-02-19 13:17:43","http://pinturaartisticas.com/WMJZMH4414122/Rechnungs-Details/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139584/"
-"139583","2019-02-19 13:17:40","http://ihatehimsomuch.com/de_DE/HIHGFYCBMO1373082/Rechnung/RECHNUNG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139583/"
+"139583","2019-02-19 13:17:40","http://ihatehimsomuch.com/de_DE/HIHGFYCBMO1373082/Rechnung/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139583/"
 "139582","2019-02-19 13:17:38","http://ishqekamil.com/DE_de/IMIUPJAOXC7429636/Scan/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139582/"
 "139581","2019-02-19 13:17:35","http://haunnhyundaibacninh.com/DE_de/SBUOGDTO9022293/gescanntes-Dokument/RECH/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139581/"
 "139579","2019-02-19 13:17:30","http://brisson-taxidermiste.fr/XCCFSRQ9473513/gescanntes-Dokument/RECHNUNG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139579/"
@@ -1681,18 +2232,18 @@
 "139577","2019-02-19 13:17:28","http://www.omegalublin.pl/de_DE/CELWTXHRXF2819297/DE_de/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139577/"
 "139578","2019-02-19 13:17:28","http://www.sweethusky.com/De/QOEYOC7374386/Rechnungs/DOC/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139578/"
 "139576","2019-02-19 13:17:26","http://mohinhgohandmadedtoys.com/BPXDIHONR6937382/DE/Zahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139576/"
-"139575","2019-02-19 13:17:22","http://atreticandlawns.com.au/CDVQRWK8354111/Rechnungs/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139575/"
+"139575","2019-02-19 13:17:22","http://atreticandlawns.com.au/CDVQRWK8354111/Rechnungs/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139575/"
 "139574","2019-02-19 13:17:18","http://ajaa.ru/de_DE/RKBCMOMJT5473503/DE/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139574/"
 "139573","2019-02-19 13:17:17","http://cof.org.uk/De/WTIGOHD9881120/Rechnungskorrektur/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139573/"
 "139572","2019-02-19 13:17:15","http://giamcannhanhslimfast.com/DE_de/XFRBUDJDV9988805/DE_de/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139572/"
 "139571","2019-02-19 13:17:12","http://csvina.vn/DE_de/UTPBGOOVCR8220419/Scan/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139571/"
 "139570","2019-02-19 13:17:07","http://www.iqminds.me/DE_de/ZDJJOIOY9257331/Rechnungs/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139570/"
 "139569","2019-02-19 13:17:04","http://babaunangdong.com/De/MZAHDBQSDI1507401/DE/RECHNUNG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139569/"
-"139568","2019-02-19 13:16:57","http://www.flapcon.com/De/JDWIES2590578/Rechnungs/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139568/"
+"139568","2019-02-19 13:16:57","http://www.flapcon.com/De/JDWIES2590578/Rechnungs/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139568/"
 "139567","2019-02-19 13:16:56","http://xn----7sbabhunvce3a4ezb.xn--p1ai/De_de/HYSNTRZRSP7632106/DE_de/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139567/"
-"139566","2019-02-19 13:16:55","http://deverlop.familyhospital.vn/De/AAINDN6592125/Rechnungs-Details/DOC-Dokument/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139566/"
+"139566","2019-02-19 13:16:55","http://deverlop.familyhospital.vn/De/AAINDN6592125/Rechnungs-Details/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139566/"
 "139565","2019-02-19 13:16:51","http://mpdpro.sk/US/scan/Invoice/covJ-uar_eBkYBIHYg-7e/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139565/"
-"139564","2019-02-19 13:16:49","http://farshzagros.com/Februar2019/BPUNEU5071700/Dokumente/DOC-Dokument/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139564/"
+"139564","2019-02-19 13:16:49","http://farshzagros.com/Februar2019/BPUNEU5071700/Dokumente/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139564/"
 "139563","2019-02-19 13:16:48","http://marinavinhomes.vn/DE/CFHOADDHK4148336/DE_de/RECH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139563/"
 "139562","2019-02-19 13:16:45","http://www.drberrinkarakuy.com/DE_de/BRWXXXMWP1424162/Dokumente/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139562/"
 "139561","2019-02-19 13:16:43","http://hapoo.pet/De/VXPACJBW7392599/GER/Hilfestellung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139561/"
@@ -1712,7 +2263,7 @@
 "139547","2019-02-19 12:41:14","http://www.webdigitechs.com/IeIln2Q/","offline","malware_download","emotet,epoch1,exe,GandCrab","https://urlhaus.abuse.ch/url/139547/"
 "139546","2019-02-19 12:41:05","http://www.uzmanportal.com/6YgWpoHfD4/","offline","malware_download","emotet,epoch1,exe,GandCrab,heodo","https://urlhaus.abuse.ch/url/139546/"
 "139545","2019-02-19 12:40:46","http://kienthucphukhoa.net/de_DE/XADRPNAPRS0327152/gescanntes-Dokument/FORM/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139545/"
-"139544","2019-02-19 12:40:38","http://hnhwkq.com/De_de/QLKQRD6985559/Scan/Fakturierung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139544/"
+"139544","2019-02-19 12:40:38","http://hnhwkq.com/De_de/QLKQRD6985559/Scan/Fakturierung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139544/"
 "139543","2019-02-19 12:40:34","http://nonton.myvidio.site/DE/KZYJVKAKK9205612/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139543/"
 "139542","2019-02-19 12:40:30","http://greeksoft.gr/QSDWMJ9494414/Rechnungs/Zahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139542/"
 "139541","2019-02-19 12:40:27","http://thaithiennam.vn/De_de/GOWKKAIQ4938925/Bestellungen/Zahlungserinnerung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139541/"
@@ -1721,11 +2272,11 @@
 "139538","2019-02-19 12:40:18","http://kinhbacchemical.com/De/IPPZWP0089632/Rechnungs-Details/Rechnungszahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139538/"
 "139537","2019-02-19 12:40:13","http://xn----7sbhaobqpf0albbckrilel.xn--p1ai/De/RQGZYSL9880814/Rechnungs-docs/RECHNUNG/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139537/"
 "139536","2019-02-19 12:40:11","http://rohelineelu.lemmikutoit.ee/RLXVBU1299175/Rechnung/RECH/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139536/"
-"139535","2019-02-19 12:40:10","http://aquilastudios.se/DE_de/XBDMYK1531187/Rechnung/Hilfestellung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139535/"
+"139535","2019-02-19 12:40:10","http://aquilastudios.se/DE_de/XBDMYK1531187/Rechnung/Hilfestellung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139535/"
 "139534","2019-02-19 12:40:07","http://xn--116-eddot8cge.xn--p1ai/Februar2019/QKFOEZ1799732/Rechnungs-Details/Fakturierung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139534/"
-"139533","2019-02-19 12:40:06","http://iltopdeltop.com/De_de/UISNZHLXNH4502632/Rechnungs/Fakturierung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139533/"
+"139533","2019-02-19 12:40:06","http://iltopdeltop.com/De_de/UISNZHLXNH4502632/Rechnungs/Fakturierung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139533/"
 "139532","2019-02-19 12:40:05","http://www.dmachina.cn/DE/TDTNKK1712878/Rechnung/Rechnungszahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139532/"
-"139531","2019-02-19 12:40:00","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139531/"
+"139531","2019-02-19 12:40:00","http://intranet.neointelligence.com.br/De_de/GWFZGZBLS1093970/Rechnung/Zahlungserinnerung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139531/"
 "139530","2019-02-19 12:39:54","http://powervalves.com.ar/DE_de/NCJZTR3766628/Rechnungs/RECH/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139530/"
 "139529","2019-02-19 12:39:48","http://tinpanalley.com/de_DE/KVLYQI0209944/Rechnungs-Details/Fakturierung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139529/"
 "139528","2019-02-19 12:39:42","http://www.wiramelayu.com/GTQBFONOY5544204/GER/Zahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139528/"
@@ -1737,7 +2288,7 @@
 "139522","2019-02-19 12:39:04","http://saba.tokyo/DE_de/LEXSCTTQA1279986/Scan/DETAILS/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139522/"
 "139521","2019-02-19 12:38:59","http://www.distribuidorajb.com.ar/JFQHQSUC4587789/DE_de/DOC-Dokument/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139521/"
 "139520","2019-02-19 12:38:54","http://naturescapescostabrava.com/Februar2019/KKEGZAZ2920787/DE_de/FORM/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139520/"
-"139519","2019-02-19 12:38:50","http://www.envi1.com/HKHDFLCGDO6500442/Dokumente/Rechnungszahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139519/"
+"139519","2019-02-19 12:38:50","http://www.envi1.com/HKHDFLCGDO6500442/Dokumente/Rechnungszahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139519/"
 "139518","2019-02-19 12:38:45","http://kn-paradise.net.vn/DE_de/NADSNECSDI0757366/Rechnungskorrektur/Fakturierung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139518/"
 "139517","2019-02-19 12:38:32","http://okna-csm.ru/De/IPARIG5902339/Rechnungs/DOC/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139517/"
 "139516","2019-02-19 12:34:16","https://docs.google.com/uc?export=&id=113cLWCggJKm0zORtSl0hBIK587S4NzdL","online","malware_download","zipped-VBS","https://urlhaus.abuse.ch/url/139516/"
@@ -1751,7 +2302,7 @@
 "139508","2019-02-19 12:34:05","https://docs.google.com/uc?export=&id=1_M-zrJY7w6bZlCmBNKzL5pwSLujwPb_7","online","malware_download","zipped-VBS","https://urlhaus.abuse.ch/url/139508/"
 "139507","2019-02-19 12:34:03","https://docs.google.com/uc?export=&id=1_I_kYZ82LI_Q2GXNPMddYIqUJxIw5V2G","online","malware_download","zipped-VBS","https://urlhaus.abuse.ch/url/139507/"
 "139506","2019-02-19 12:34:02","https://fretboarddojo.com/outbound/platform.torrent","offline","malware_download","geofenced,Gozi","https://urlhaus.abuse.ch/url/139506/"
-"139505","2019-02-19 12:33:06","http://cash-lovers.com/Februar2019/VUHECD3698305/Dokumente/Rechnungsanschrift/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139505/"
+"139505","2019-02-19 12:33:06","http://cash-lovers.com/Februar2019/VUHECD3698305/Dokumente/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139505/"
 "139504","2019-02-19 12:23:12","http://mincoindia.com/wp-content/legal.jpg","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/139504/"
 "139503","2019-02-19 12:13:21","http://art.sample.smartgalaxy.org/JNLBDQHUGI.php","offline","malware_download","AUS,DanaBot,geofenced","https://urlhaus.abuse.ch/url/139503/"
 "139502","2019-02-19 12:11:22","http://178.128.38.235/powerpc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139502/"
@@ -1832,8 +2383,8 @@
 "139427","2019-02-19 09:18:07","http://31.214.157.206/Arbiter.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139427/"
 "139426","2019-02-19 09:18:04","http://31.214.157.206/Arbiter.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139426/"
 "139425","2019-02-19 09:17:21","http://crestailiaca.com/DE_de/MDWNLCGEB2511352/de/Rechnungsanschrift/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/139425/"
-"139424","2019-02-19 09:17:20","http://dev.familyhospital.vn/Februar2019/EOLESPTW4462255/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139424/"
-"139423","2019-02-19 09:17:13","http://iqhomeyapi.com/Februar2019/VDENGPAAT6768906/DE_de/Zahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139423/"
+"139424","2019-02-19 09:17:20","http://dev.familyhospital.vn/Februar2019/EOLESPTW4462255/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139424/"
+"139423","2019-02-19 09:17:13","http://iqhomeyapi.com/Februar2019/VDENGPAAT6768906/DE_de/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139423/"
 "139422","2019-02-19 09:17:09","http://dermosaglik.com.tr/Februar2019/HNGMPIHQ5552452/Rechnungs/RECH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139422/"
 "139421","2019-02-19 09:17:04","http://hostbit.tech/De_de/NPEYSIWYYC9385614/Scan/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139421/"
 "139420","2019-02-19 09:17:01","http://thinhphatstore.com/DE/LPOKWSMQQ3846052/DE/Fakturierung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139420/"
@@ -1931,34 +2482,34 @@
 "139328","2019-02-19 06:14:13","http://185.244.25.123/824982536/gpon80803","online","malware_download","elf","https://urlhaus.abuse.ch/url/139328/"
 "139327","2019-02-19 06:14:09","http://185.244.25.123/824982536/tr064","online","malware_download","elf","https://urlhaus.abuse.ch/url/139327/"
 "139326","2019-02-19 06:14:06","http://185.244.25.123/824982536/huawei","online","malware_download","elf","https://urlhaus.abuse.ch/url/139326/"
-"139325","2019-02-19 06:14:03","http://104.168.149.180/bins.sh","online","malware_download","None","https://urlhaus.abuse.ch/url/139325/"
-"139324","2019-02-19 05:45:05","http://185.101.105.208:80/OwO/Tsunami.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139324/"
-"139323","2019-02-19 05:43:07","http://185.101.105.208:80/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139323/"
+"139325","2019-02-19 06:14:03","http://104.168.149.180/bins.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/139325/"
+"139324","2019-02-19 05:45:05","http://185.101.105.208:80/OwO/Tsunami.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139324/"
+"139323","2019-02-19 05:43:07","http://185.101.105.208:80/OwO/Tsunami.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139323/"
 "139322","2019-02-19 05:36:09","http://93.170.112.206:18221/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/139322/"
-"139321","2019-02-19 05:35:26","http://185.101.105.208:80/OwO/Tsunami.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139321/"
-"139320","2019-02-19 05:35:20","http://185.101.105.208:80/OwO/Tsunami.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/139320/"
-"139319","2019-02-19 05:35:13","http://185.101.105.208:80/OwO/Tsunami.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/139319/"
-"139318","2019-02-19 05:35:07","http://185.101.105.208:80/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139318/"
-"139317","2019-02-19 05:33:08","http://185.101.105.208:80/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139317/"
-"139316","2019-02-19 05:33:03","http://185.101.105.208:80/OwO/Tsunami.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139316/"
+"139321","2019-02-19 05:35:26","http://185.101.105.208:80/OwO/Tsunami.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139321/"
+"139320","2019-02-19 05:35:20","http://185.101.105.208:80/OwO/Tsunami.ppc","online","malware_download","elf","https://urlhaus.abuse.ch/url/139320/"
+"139319","2019-02-19 05:35:13","http://185.101.105.208:80/OwO/Tsunami.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/139319/"
+"139318","2019-02-19 05:35:07","http://185.101.105.208:80/OwO/Tsunami.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139318/"
+"139317","2019-02-19 05:33:08","http://185.101.105.208:80/OwO/Tsunami.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139317/"
+"139316","2019-02-19 05:33:03","http://185.101.105.208:80/OwO/Tsunami.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139316/"
 "139315","2019-02-19 05:29:05","http://167.114.3.119:80/AB4g5/HeFoundMyBinsKYS.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139315/"
 "139314","2019-02-19 05:28:21","http://104.161.92.244:80/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139314/"
 "139313","2019-02-19 05:28:15","http://167.114.3.119:80/AB4g5/HeFoundMyBinsKYS.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/139313/"
 "139312","2019-02-19 05:28:08","http://24.96.119.52:32858/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/139312/"
-"139311","2019-02-19 04:48:03","http://yonetim.yonpf.com/Rem5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/139311/"
+"139311","2019-02-19 04:48:03","http://yonetim.yonpf.com/Rem5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/139311/"
 "139310","2019-02-19 04:25:50","http://u1.innerpeer.com/YABANETADMIN4.0F.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/139310/"
-"139309","2019-02-19 02:01:09","http://185.244.25.149/nvitpj","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139309/"
-"139308","2019-02-19 02:01:07","http://185.244.25.149/fwdfvf","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139308/"
-"139307","2019-02-19 02:01:04","http://185.244.25.149/vtyhat","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139307/"
-"139306","2019-02-19 02:00:31","http://185.244.25.149/ajoomk","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139306/"
-"139305","2019-02-19 02:00:30","http://185.244.25.149/lnkfmx","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139305/"
-"139304","2019-02-19 02:00:29","http://185.244.25.149/earyzq","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139304/"
-"139303","2019-02-19 02:00:28","http://185.244.25.149/razdzn","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139303/"
-"139302","2019-02-19 02:00:26","http://185.244.25.149/atxhua","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139302/"
-"139301","2019-02-19 02:00:25","http://185.244.25.149/cemtop","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139301/"
-"139300","2019-02-19 02:00:23","http://185.244.25.149/qvmxvl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139300/"
-"139299","2019-02-19 02:00:20","http://185.244.25.149/qtmzbn","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139299/"
-"139298","2019-02-19 02:00:17","http://185.244.25.149/vvglma","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139298/"
+"139309","2019-02-19 02:01:09","http://185.244.25.149/nvitpj","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139309/"
+"139308","2019-02-19 02:01:07","http://185.244.25.149/fwdfvf","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139308/"
+"139307","2019-02-19 02:01:04","http://185.244.25.149/vtyhat","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139307/"
+"139306","2019-02-19 02:00:31","http://185.244.25.149/ajoomk","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139306/"
+"139305","2019-02-19 02:00:30","http://185.244.25.149/lnkfmx","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139305/"
+"139304","2019-02-19 02:00:29","http://185.244.25.149/earyzq","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139304/"
+"139303","2019-02-19 02:00:28","http://185.244.25.149/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139303/"
+"139302","2019-02-19 02:00:26","http://185.244.25.149/atxhua","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139302/"
+"139301","2019-02-19 02:00:25","http://185.244.25.149/cemtop","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139301/"
+"139300","2019-02-19 02:00:23","http://185.244.25.149/qvmxvl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139300/"
+"139299","2019-02-19 02:00:20","http://185.244.25.149/qtmzbn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139299/"
+"139298","2019-02-19 02:00:17","http://185.244.25.149/vvglma","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/139298/"
 "139297","2019-02-19 02:00:14","http://chenhaitian.com/company/uqGa-CWN_WOuk-ER0/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/139297/"
 "139296","2019-02-19 02:00:00","http://noithatchungcudep.info/secure.myaccount.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/139296/"
 "139295","2019-02-19 01:59:50","https://rudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139295/"
@@ -1973,7 +2524,7 @@
 "139286","2019-02-19 01:59:14","https://rudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139286/"
 "139285","2019-02-19 01:59:09","https://rudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139285/"
 "139284","2019-02-19 01:59:04","https://rudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139284/"
-"139283","2019-02-19 01:59:00","https://rudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139283/"
+"139283","2019-02-19 01:59:00","https://rudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139283/"
 "139282","2019-02-19 01:58:57","https://rudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139282/"
 "139281","2019-02-19 01:58:54","https://rudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139281/"
 "139280","2019-02-19 01:58:51","https://rudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139280/"
@@ -1992,7 +2543,7 @@
 "139267","2019-02-19 01:56:53","https://rudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139267/"
 "139266","2019-02-19 01:56:47","https://rudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139266/"
 "139265","2019-02-19 01:56:42","https://rudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139265/"
-"139264","2019-02-19 01:56:38","https://rudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139264/"
+"139264","2019-02-19 01:56:38","https://rudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139264/"
 "139263","2019-02-19 01:56:33","http://rudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139263/"
 "139262","2019-02-19 01:56:23","http://rudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139262/"
 "139261","2019-02-19 01:56:14","http://rudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139261/"
@@ -2013,7 +2564,7 @@
 "139246","2019-02-19 01:55:45","http://rudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139246/"
 "139245","2019-02-19 01:55:43","http://rudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139245/"
 "139244","2019-02-19 01:55:42","http://rudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139244/"
-"139243","2019-02-19 01:55:41","http://rudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139243/"
+"139243","2019-02-19 01:55:41","http://rudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139243/"
 "139242","2019-02-19 01:55:40","http://rudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139242/"
 "139239","2019-02-19 01:55:39","http://rudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139239/"
 "139240","2019-02-19 01:55:39","http://rudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139240/"
@@ -2038,7 +2589,7 @@
 "139221","2019-02-19 01:55:11","http://rudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139221/"
 "139220","2019-02-19 01:55:04","http://rudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139220/"
 "139219","2019-02-19 01:54:59","http://rudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139219/"
-"139218","2019-02-19 01:54:57","http://rudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139218/"
+"139218","2019-02-19 01:54:57","http://rudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139218/"
 "139217","2019-02-19 01:54:50","https://liprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139217/"
 "139216","2019-02-19 01:54:45","https://liprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139216/"
 "139215","2019-02-19 01:54:37","https://liprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139215/"
@@ -2051,7 +2602,7 @@
 "139208","2019-02-19 01:53:50","https://liprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139208/"
 "139207","2019-02-19 01:53:45","https://liprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139207/"
 "139206","2019-02-19 01:53:40","https://liprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139206/"
-"139205","2019-02-19 01:53:35","https://liprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139205/"
+"139205","2019-02-19 01:53:35","https://liprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139205/"
 "139204","2019-02-19 01:53:31","https://liprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139204/"
 "139203","2019-02-19 01:53:28","https://liprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139203/"
 "139202","2019-02-19 01:53:22","https://liprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139202/"
@@ -2070,7 +2621,7 @@
 "139189","2019-02-19 01:52:12","https://liprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139189/"
 "139188","2019-02-19 01:52:05","https://liprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139188/"
 "139187","2019-02-19 01:51:59","https://liprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139187/"
-"139186","2019-02-19 01:51:54","https://liprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139186/"
+"139186","2019-02-19 01:51:54","https://liprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139186/"
 "139185","2019-02-19 01:51:49","http://liprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139185/"
 "139184","2019-02-19 01:51:40","http://liprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139184/"
 "139183","2019-02-19 01:51:27","http://liprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139183/"
@@ -2091,7 +2642,7 @@
 "139168","2019-02-19 01:50:51","http://liprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139168/"
 "139167","2019-02-19 01:50:50","http://liprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139167/"
 "139166","2019-02-19 01:50:49","http://liprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139166/"
-"139165","2019-02-19 01:50:48","http://liprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139165/"
+"139165","2019-02-19 01:50:48","http://liprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139165/"
 "139163","2019-02-19 01:50:47","http://liprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139163/"
 "139164","2019-02-19 01:50:47","http://liprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139164/"
 "139160","2019-02-19 01:50:46","http://liprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139160/"
@@ -2116,7 +2667,7 @@
 "139144","2019-02-19 01:50:19","http://liprudential.com.watchdogdns.duckdns.org/admin.exe","offline","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139144/"
 "139142","2019-02-19 01:50:11","http://liprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139142/"
 "139141","2019-02-19 01:50:10","http://liprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139141/"
-"139140","2019-02-19 01:50:07","http://liprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139140/"
+"139140","2019-02-19 01:50:07","http://liprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139140/"
 "139139","2019-02-19 01:49:57","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139139/"
 "139138","2019-02-19 01:49:52","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139138/"
 "139137","2019-02-19 01:49:45","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139137/"
@@ -2129,7 +2680,7 @@
 "139130","2019-02-19 01:49:17","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139130/"
 "139129","2019-02-19 01:49:10","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139129/"
 "139128","2019-02-19 01:49:05","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139128/"
-"139127","2019-02-19 01:49:01","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139127/"
+"139127","2019-02-19 01:49:01","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139127/"
 "139126","2019-02-19 01:48:58","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139126/"
 "139125","2019-02-19 01:48:54","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139125/"
 "139124","2019-02-19 01:48:51","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139124/"
@@ -2148,7 +2699,7 @@
 "139111","2019-02-19 01:47:55","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139111/"
 "139112","2019-02-19 01:47:55","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/admin.exe","offline","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/139112/"
 "139109","2019-02-19 01:47:41","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139109/"
-"139108","2019-02-19 01:47:31","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139108/"
+"139108","2019-02-19 01:47:31","https://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139108/"
 "139107","2019-02-19 01:47:20","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139107/"
 "139106","2019-02-19 01:47:18","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139106/"
 "139105","2019-02-19 01:47:16","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139105/"
@@ -2168,7 +2719,7 @@
 "139091","2019-02-19 01:45:58","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139091/"
 "139090","2019-02-19 01:45:56","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139090/"
 "139089","2019-02-19 01:45:54","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139089/"
-"139087","2019-02-19 01:45:53","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139087/"
+"139087","2019-02-19 01:45:53","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139087/"
 "139088","2019-02-19 01:45:53","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139088/"
 "139086","2019-02-19 01:45:51","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139086/"
 "139085","2019-02-19 01:45:50","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139085/"
@@ -2194,7 +2745,7 @@
 "139067","2019-02-19 01:45:36","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/frank/AZEEZ.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139067/"
 "139063","2019-02-19 01:45:35","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139063/"
 "139064","2019-02-19 01:45:35","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139064/"
-"139062","2019-02-19 01:45:35","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139062/"
+"139062","2019-02-19 01:45:35","http://tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139062/"
 "139061","2019-02-19 01:45:32","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139061/"
 "139060","2019-02-19 01:45:28","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139060/"
 "139059","2019-02-19 01:45:23","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139059/"
@@ -2207,7 +2758,7 @@
 "139052","2019-02-19 01:44:56","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139052/"
 "139051","2019-02-19 01:44:49","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139051/"
 "139050","2019-02-19 01:44:45","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139050/"
-"139049","2019-02-19 01:44:42","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139049/"
+"139049","2019-02-19 01:44:42","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139049/"
 "139048","2019-02-19 01:44:39","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139048/"
 "139047","2019-02-19 01:44:36","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139047/"
 "139046","2019-02-19 01:44:32","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/139046/"
@@ -2226,7 +2777,7 @@
 "139033","2019-02-19 01:43:35","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139033/"
 "139032","2019-02-19 01:43:27","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139032/"
 "139031","2019-02-19 01:43:19","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139031/"
-"139030","2019-02-19 01:43:13","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139030/"
+"139030","2019-02-19 01:43:13","https://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139030/"
 "139029","2019-02-19 01:43:09","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139029/"
 "139028","2019-02-19 01:43:07","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139028/"
 "139027","2019-02-19 01:43:02","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139027/"
@@ -2246,7 +2797,7 @@
 "139013","2019-02-19 01:42:48","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139013/"
 "139012","2019-02-19 01:42:47","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139012/"
 "139011","2019-02-19 01:42:46","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139011/"
-"139009","2019-02-19 01:42:45","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139009/"
+"139009","2019-02-19 01:42:45","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/139009/"
 "139010","2019-02-19 01:42:45","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139010/"
 "139005","2019-02-19 01:42:43","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139005/"
 "139006","2019-02-19 01:42:43","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/139006/"
@@ -2272,7 +2823,7 @@
 "138987","2019-02-19 01:42:26","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138987/"
 "138986","2019-02-19 01:42:24","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138986/"
 "138985","2019-02-19 01:42:23","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138985/"
-"138984","2019-02-19 01:42:22","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138984/"
+"138984","2019-02-19 01:42:22","http://measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138984/"
 "138983","2019-02-19 01:42:19","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138983/"
 "138982","2019-02-19 01:42:17","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138982/"
 "138981","2019-02-19 01:42:13","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138981/"
@@ -2285,7 +2836,7 @@
 "138974","2019-02-19 01:41:51","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138974/"
 "138973","2019-02-19 01:41:48","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138973/"
 "138972","2019-02-19 01:41:44","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138972/"
-"138971","2019-02-19 01:41:41","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138971/"
+"138971","2019-02-19 01:41:41","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138971/"
 "138970","2019-02-19 01:41:38","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138970/"
 "138969","2019-02-19 01:41:34","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138969/"
 "138968","2019-02-19 01:41:32","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138968/"
@@ -2304,7 +2855,7 @@
 "138955","2019-02-19 01:40:57","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138955/"
 "138954","2019-02-19 01:40:53","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138954/"
 "138953","2019-02-19 01:40:51","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138953/"
-"138952","2019-02-19 01:40:47","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138952/"
+"138952","2019-02-19 01:40:47","https://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138952/"
 "138951","2019-02-19 01:40:44","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138951/"
 "138950","2019-02-19 01:40:43","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138950/"
 "138949","2019-02-19 01:40:39","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138949/"
@@ -2324,7 +2875,7 @@
 "138935","2019-02-19 01:40:21","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138935/"
 "138934","2019-02-19 01:40:20","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138934/"
 "138933","2019-02-19 01:40:18","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138933/"
-"138931","2019-02-19 01:40:17","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138931/"
+"138931","2019-02-19 01:40:17","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138931/"
 "138932","2019-02-19 01:40:17","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138932/"
 "138929","2019-02-19 01:40:15","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138929/"
 "138930","2019-02-19 01:40:15","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138930/"
@@ -2350,7 +2901,7 @@
 "138909","2019-02-19 01:39:52","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138909/"
 "138908","2019-02-19 01:39:49","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138908/"
 "138907","2019-02-19 01:39:48","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138907/"
-"138906","2019-02-19 01:39:47","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138906/"
+"138906","2019-02-19 01:39:47","http://mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138906/"
 "138905","2019-02-19 01:39:44","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138905/"
 "138904","2019-02-19 01:39:41","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138904/"
 "138903","2019-02-19 01:39:38","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138903/"
@@ -2363,7 +2914,7 @@
 "138896","2019-02-19 01:39:10","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138896/"
 "138895","2019-02-19 01:39:07","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138895/"
 "138894","2019-02-19 01:39:05","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138894/"
-"138893","2019-02-19 01:39:02","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138893/"
+"138893","2019-02-19 01:39:02","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138893/"
 "138892","2019-02-19 01:38:59","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138892/"
 "138891","2019-02-19 01:38:57","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138891/"
 "138890","2019-02-19 01:38:55","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138890/"
@@ -2382,7 +2933,7 @@
 "138877","2019-02-19 01:38:20","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138877/"
 "138876","2019-02-19 01:38:16","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138876/"
 "138875","2019-02-19 01:38:13","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138875/"
-"138874","2019-02-19 01:38:11","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138874/"
+"138874","2019-02-19 01:38:11","https://solvefolkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138874/"
 "138873","2019-02-19 01:38:08","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138873/"
 "138872","2019-02-19 01:38:07","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138872/"
 "138871","2019-02-19 01:38:04","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138871/"
@@ -2402,7 +2953,7 @@
 "138857","2019-02-19 01:37:44","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138857/"
 "138856","2019-02-19 01:37:43","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138856/"
 "138855","2019-02-19 01:37:41","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138855/"
-"138853","2019-02-19 01:37:40","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138853/"
+"138853","2019-02-19 01:37:40","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138853/"
 "138854","2019-02-19 01:37:40","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138854/"
 "138851","2019-02-19 01:37:39","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138851/"
 "138852","2019-02-19 01:37:39","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138852/"
@@ -2428,7 +2979,7 @@
 "138831","2019-02-19 01:37:20","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138831/"
 "138830","2019-02-19 01:37:18","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138830/"
 "138829","2019-02-19 01:37:17","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138829/"
-"138828","2019-02-19 01:37:16","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138828/"
+"138828","2019-02-19 01:37:16","http://solvefolkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138828/"
 "138827","2019-02-19 01:37:14","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138827/"
 "138826","2019-02-19 01:37:11","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138826/"
 "138825","2019-02-19 01:37:07","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138825/"
@@ -2441,7 +2992,7 @@
 "138818","2019-02-19 01:36:46","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138818/"
 "138817","2019-02-19 01:36:44","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138817/"
 "138816","2019-02-19 01:36:41","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138816/"
-"138815","2019-02-19 01:36:38","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138815/"
+"138815","2019-02-19 01:36:38","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138815/"
 "138814","2019-02-19 01:36:35","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138814/"
 "138813","2019-02-19 01:36:33","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138813/"
 "138812","2019-02-19 01:36:30","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138812/"
@@ -2460,7 +3011,7 @@
 "138799","2019-02-19 01:35:51","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138799/"
 "138798","2019-02-19 01:35:47","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138798/"
 "138797","2019-02-19 01:35:45","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138797/"
-"138796","2019-02-19 01:35:42","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138796/"
+"138796","2019-02-19 01:35:42","https://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138796/"
 "138795","2019-02-19 01:35:40","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138795/"
 "138794","2019-02-19 01:35:38","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138794/"
 "138793","2019-02-19 01:35:36","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138793/"
@@ -2480,7 +3031,7 @@
 "138779","2019-02-19 01:35:03","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138779/"
 "138778","2019-02-19 01:35:00","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138778/"
 "138777","2019-02-19 01:34:57","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138777/"
-"138775","2019-02-19 01:34:55","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138775/"
+"138775","2019-02-19 01:34:55","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138775/"
 "138776","2019-02-19 01:34:55","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138776/"
 "138773","2019-02-19 01:34:52","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138773/"
 "138774","2019-02-19 01:34:52","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138774/"
@@ -2506,7 +3057,7 @@
 "138753","2019-02-19 01:34:22","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138753/"
 "138752","2019-02-19 01:34:20","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138752/"
 "138751","2019-02-19 01:34:19","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138751/"
-"138750","2019-02-19 01:34:18","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138750/"
+"138750","2019-02-19 01:34:18","http://gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138750/"
 "138749","2019-02-19 01:34:14","https://ml.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138749/"
 "138748","2019-02-19 01:34:11","https://ml.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138748/"
 "138747","2019-02-19 01:34:07","https://ml.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138747/"
@@ -2519,7 +3070,7 @@
 "138740","2019-02-19 01:33:47","https://ml.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138740/"
 "138739","2019-02-19 01:33:44","https://ml.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138739/"
 "138738","2019-02-19 01:33:40","https://ml.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138738/"
-"138737","2019-02-19 01:33:37","https://ml.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138737/"
+"138737","2019-02-19 01:33:37","https://ml.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138737/"
 "138736","2019-02-19 01:33:34","https://ml.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138736/"
 "138735","2019-02-19 01:33:31","https://ml.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138735/"
 "138734","2019-02-19 01:33:28","https://ml.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138734/"
@@ -2538,7 +3089,7 @@
 "138721","2019-02-19 01:32:56","https://ml.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138721/"
 "138720","2019-02-19 01:32:52","https://ml.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138720/"
 "138719","2019-02-19 01:32:49","https://ml.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138719/"
-"138718","2019-02-19 01:32:46","https://ml.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138718/"
+"138718","2019-02-19 01:32:46","https://ml.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138718/"
 "138717","2019-02-19 01:32:43","http://ml.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138717/"
 "138716","2019-02-19 01:32:39","http://ml.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138716/"
 "138715","2019-02-19 01:32:31","http://ml.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138715/"
@@ -2558,7 +3109,7 @@
 "138701","2019-02-19 01:31:49","http://ml.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138701/"
 "138700","2019-02-19 01:31:46","http://ml.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138700/"
 "138699","2019-02-19 01:31:42","http://ml.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138699/"
-"138697","2019-02-19 01:31:40","http://ml.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138697/"
+"138697","2019-02-19 01:31:40","http://ml.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138697/"
 "138698","2019-02-19 01:31:40","http://ml.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138698/"
 "138695","2019-02-19 01:31:37","http://ml.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138695/"
 "138696","2019-02-19 01:31:37","http://ml.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138696/"
@@ -2584,7 +3135,7 @@
 "138675","2019-02-19 01:30:48","http://ml.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138675/"
 "138674","2019-02-19 01:30:45","http://ml.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138674/"
 "138673","2019-02-19 01:30:44","http://ml.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138673/"
-"138672","2019-02-19 01:30:42","http://ml.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138672/"
+"138672","2019-02-19 01:30:42","http://ml.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138672/"
 "138671","2019-02-19 01:30:37","https://ruresonance-pub.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138671/"
 "138670","2019-02-19 01:30:34","https://ruresonance-pub.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138670/"
 "138669","2019-02-19 01:30:29","https://ruresonance-pub.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138669/"
@@ -2597,7 +3148,7 @@
 "138662","2019-02-19 01:30:02","https://ruresonance-pub.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138662/"
 "138661","2019-02-19 01:29:59","https://ruresonance-pub.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138661/"
 "138660","2019-02-19 01:29:56","https://ruresonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138660/"
-"138659","2019-02-19 01:29:53","https://ruresonance-pub.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138659/"
+"138659","2019-02-19 01:29:53","https://ruresonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138659/"
 "138658","2019-02-19 01:29:48","https://ruresonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138658/"
 "138657","2019-02-19 01:29:46","https://ruresonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138657/"
 "138656","2019-02-19 01:29:43","https://ruresonance-pub.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138656/"
@@ -2616,7 +3167,7 @@
 "138643","2019-02-19 01:29:10","https://ruresonance-pub.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138643/"
 "138642","2019-02-19 01:29:06","https://ruresonance-pub.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138642/"
 "138641","2019-02-19 01:29:04","https://ruresonance-pub.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138641/"
-"138640","2019-02-19 01:29:02","https://ruresonance-pub.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138640/"
+"138640","2019-02-19 01:29:02","https://ruresonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138640/"
 "138639","2019-02-19 01:28:59","http://ruresonance-pub.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138639/"
 "138638","2019-02-19 01:28:58","http://ruresonance-pub.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138638/"
 "138637","2019-02-19 01:28:55","http://ruresonance-pub.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138637/"
@@ -2637,7 +3188,7 @@
 "138622","2019-02-19 01:28:33","http://ruresonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138622/"
 "138621","2019-02-19 01:28:32","http://ruresonance-pub.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138621/"
 "138620","2019-02-19 01:28:31","http://ruresonance-pub.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138620/"
-"138619","2019-02-19 01:28:30","http://ruresonance-pub.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138619/"
+"138619","2019-02-19 01:28:30","http://ruresonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138619/"
 "138616","2019-02-19 01:28:29","http://ruresonance-pub.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138616/"
 "138617","2019-02-19 01:28:29","http://ruresonance-pub.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138617/"
 "138618","2019-02-19 01:28:29","http://ruresonance-pub.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138618/"
@@ -2662,7 +3213,7 @@
 "138597","2019-02-19 01:28:08","http://ruresonance-pub.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138597/"
 "138596","2019-02-19 01:28:05","http://ruresonance-pub.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138596/"
 "138595","2019-02-19 01:28:04","http://ruresonance-pub.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138595/"
-"138594","2019-02-19 01:28:03","http://ruresonance-pub.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138594/"
+"138594","2019-02-19 01:28:03","http://ruresonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138594/"
 "138593","2019-02-19 01:27:57","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138593/"
 "138592","2019-02-19 01:27:55","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138592/"
 "138591","2019-02-19 01:27:49","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138591/"
@@ -2675,7 +3226,7 @@
 "138584","2019-02-19 01:27:27","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138584/"
 "138583","2019-02-19 01:27:24","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138583/"
 "138582","2019-02-19 01:27:22","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138582/"
-"138581","2019-02-19 01:27:19","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138581/"
+"138581","2019-02-19 01:27:19","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138581/"
 "138580","2019-02-19 01:27:17","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138580/"
 "138579","2019-02-19 01:27:14","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138579/"
 "138578","2019-02-19 01:27:11","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138578/"
@@ -2694,7 +3245,7 @@
 "138565","2019-02-19 01:26:19","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138565/"
 "138564","2019-02-19 01:26:13","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138564/"
 "138563","2019-02-19 01:26:10","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138563/"
-"138562","2019-02-19 01:26:07","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138562/"
+"138562","2019-02-19 01:26:07","https://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138562/"
 "138561","2019-02-19 01:26:02","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138561/"
 "138560","2019-02-19 01:25:57","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138560/"
 "138559","2019-02-19 01:25:52","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138559/"
@@ -2714,7 +3265,7 @@
 "138545","2019-02-19 01:25:31","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138545/"
 "138544","2019-02-19 01:25:30","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138544/"
 "138543","2019-02-19 01:25:28","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138543/"
-"138541","2019-02-19 01:25:27","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138541/"
+"138541","2019-02-19 01:25:27","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138541/"
 "138542","2019-02-19 01:25:27","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138542/"
 "138538","2019-02-19 01:25:25","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138538/"
 "138539","2019-02-19 01:25:25","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138539/"
@@ -2740,7 +3291,7 @@
 "138519","2019-02-19 01:25:01","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138519/"
 "138518","2019-02-19 01:24:58","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138518/"
 "138517","2019-02-19 01:24:57","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138517/"
-"138516","2019-02-19 01:24:56","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138516/"
+"138516","2019-02-19 01:24:56","http://pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138516/"
 "138515","2019-02-19 01:24:53","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138515/"
 "138514","2019-02-19 01:24:49","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138514/"
 "138513","2019-02-19 01:24:43","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138513/"
@@ -2753,7 +3304,7 @@
 "138506","2019-02-19 01:24:16","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138506/"
 "138505","2019-02-19 01:24:12","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138505/"
 "138504","2019-02-19 01:24:09","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138504/"
-"138503","2019-02-19 01:24:06","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138503/"
+"138503","2019-02-19 01:24:06","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138503/"
 "138502","2019-02-19 01:24:03","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138502/"
 "138501","2019-02-19 01:24:00","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138501/"
 "138500","2019-02-19 01:23:55","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138500/"
@@ -2772,7 +3323,7 @@
 "138487","2019-02-19 01:23:10","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138487/"
 "138486","2019-02-19 01:23:06","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138486/"
 "138485","2019-02-19 01:23:04","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138485/"
-"138484","2019-02-19 01:23:01","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138484/"
+"138484","2019-02-19 01:23:01","https://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138484/"
 "138483","2019-02-19 01:22:57","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138483/"
 "138482","2019-02-19 01:22:54","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138482/"
 "138481","2019-02-19 01:22:50","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138481/"
@@ -2793,7 +3344,7 @@
 "138466","2019-02-19 01:22:32","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138466/"
 "138465","2019-02-19 01:22:31","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138465/"
 "138464","2019-02-19 01:22:30","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138464/"
-"138463","2019-02-19 01:22:29","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138463/"
+"138463","2019-02-19 01:22:29","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138463/"
 "138460","2019-02-19 01:22:28","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138460/"
 "138461","2019-02-19 01:22:28","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138461/"
 "138462","2019-02-19 01:22:28","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138462/"
@@ -2818,7 +3369,7 @@
 "138441","2019-02-19 01:22:02","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138441/"
 "138440","2019-02-19 01:21:57","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138440/"
 "138439","2019-02-19 01:21:56","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138439/"
-"138438","2019-02-19 01:21:55","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138438/"
+"138438","2019-02-19 01:21:55","http://www.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138438/"
 "138437","2019-02-19 01:21:51","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138437/"
 "138436","2019-02-19 01:21:48","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138436/"
 "138435","2019-02-19 01:21:40","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138435/"
@@ -2831,7 +3382,7 @@
 "138428","2019-02-19 01:21:09","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138428/"
 "138427","2019-02-19 01:21:05","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138427/"
 "138426","2019-02-19 01:20:43","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138426/"
-"138425","2019-02-19 01:20:41","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138425/"
+"138425","2019-02-19 01:20:41","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138425/"
 "138424","2019-02-19 01:20:36","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138424/"
 "138423","2019-02-19 01:20:33","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138423/"
 "138422","2019-02-19 01:20:28","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138422/"
@@ -2850,7 +3401,7 @@
 "138409","2019-02-19 01:19:48","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138409/"
 "138408","2019-02-19 01:19:43","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138408/"
 "138407","2019-02-19 01:19:37","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138407/"
-"138406","2019-02-19 01:19:31","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138406/"
+"138406","2019-02-19 01:19:31","https://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138406/"
 "138405","2019-02-19 01:19:27","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138405/"
 "138404","2019-02-19 01:19:25","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138404/"
 "138403","2019-02-19 01:19:22","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138403/"
@@ -2870,7 +3421,7 @@
 "138389","2019-02-19 01:18:52","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138389/"
 "138388","2019-02-19 01:18:50","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138388/"
 "138387","2019-02-19 01:18:49","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138387/"
-"138385","2019-02-19 01:18:48","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138385/"
+"138385","2019-02-19 01:18:48","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138385/"
 "138386","2019-02-19 01:18:48","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138386/"
 "138382","2019-02-19 01:18:46","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138382/"
 "138383","2019-02-19 01:18:46","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138383/"
@@ -2896,7 +3447,7 @@
 "138363","2019-02-19 01:18:07","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138363/"
 "138362","2019-02-19 01:18:02","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138362/"
 "138361","2019-02-19 01:18:00","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138361/"
-"138360","2019-02-19 01:17:57","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138360/"
+"138360","2019-02-19 01:17:57","http://siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138360/"
 "138359","2019-02-19 01:17:52","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138359/"
 "138358","2019-02-19 01:17:49","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138358/"
 "138357","2019-02-19 01:17:44","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138357/"
@@ -2909,7 +3460,7 @@
 "138350","2019-02-19 01:17:13","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138350/"
 "138349","2019-02-19 01:17:01","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138349/"
 "138348","2019-02-19 01:16:58","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138348/"
-"138347","2019-02-19 01:16:54","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138347/"
+"138347","2019-02-19 01:16:54","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138347/"
 "138346","2019-02-19 01:16:50","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138346/"
 "138345","2019-02-19 01:16:45","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138345/"
 "138344","2019-02-19 01:16:41","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138344/"
@@ -2928,7 +3479,7 @@
 "138331","2019-02-19 01:15:24","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138331/"
 "138330","2019-02-19 01:15:16","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138330/"
 "138329","2019-02-19 01:15:12","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138329/"
-"138328","2019-02-19 01:15:05","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138328/"
+"138328","2019-02-19 01:15:05","https://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138328/"
 "138327","2019-02-19 01:15:02","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138327/"
 "138326","2019-02-19 01:15:00","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138326/"
 "138325","2019-02-19 01:14:55","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138325/"
@@ -2948,7 +3499,7 @@
 "138311","2019-02-19 01:14:36","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138311/"
 "138310","2019-02-19 01:14:33","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138310/"
 "138309","2019-02-19 01:14:31","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138309/"
-"138307","2019-02-19 01:14:30","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138307/"
+"138307","2019-02-19 01:14:30","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138307/"
 "138308","2019-02-19 01:14:30","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138308/"
 "138305","2019-02-19 01:14:29","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138305/"
 "138306","2019-02-19 01:14:29","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138306/"
@@ -2974,7 +3525,7 @@
 "138285","2019-02-19 01:13:57","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138285/"
 "138284","2019-02-19 01:13:46","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138284/"
 "138283","2019-02-19 01:13:42","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138283/"
-"138282","2019-02-19 01:13:41","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138282/"
+"138282","2019-02-19 01:13:41","http://marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138282/"
 "138281","2019-02-19 01:13:31","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138281/"
 "138280","2019-02-19 01:13:24","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138280/"
 "138279","2019-02-19 01:13:15","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138279/"
@@ -2987,7 +3538,7 @@
 "138272","2019-02-19 01:12:36","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138272/"
 "138271","2019-02-19 01:12:32","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138271/"
 "138270","2019-02-19 01:12:20","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138270/"
-"138269","2019-02-19 01:12:15","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138269/"
+"138269","2019-02-19 01:12:15","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138269/"
 "138268","2019-02-19 01:12:09","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138268/"
 "138267","2019-02-19 01:12:04","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138267/"
 "138266","2019-02-19 01:12:02","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138266/"
@@ -3006,7 +3557,7 @@
 "138253","2019-02-19 01:11:30","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138253/"
 "138252","2019-02-19 01:11:26","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138252/"
 "138251","2019-02-19 01:11:24","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138251/"
-"138250","2019-02-19 01:11:21","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138250/"
+"138250","2019-02-19 01:11:21","https://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138250/"
 "138249","2019-02-19 01:11:18","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138249/"
 "138248","2019-02-19 01:11:16","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138248/"
 "138247","2019-02-19 01:11:14","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138247/"
@@ -3026,7 +3577,7 @@
 "138233","2019-02-19 01:10:59","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138233/"
 "138232","2019-02-19 01:10:57","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138232/"
 "138231","2019-02-19 01:10:56","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138231/"
-"138229","2019-02-19 01:10:55","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138229/"
+"138229","2019-02-19 01:10:55","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138229/"
 "138230","2019-02-19 01:10:55","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138230/"
 "138227","2019-02-19 01:10:53","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138227/"
 "138228","2019-02-19 01:10:53","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138228/"
@@ -3052,7 +3603,7 @@
 "138207","2019-02-19 01:10:24","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138207/"
 "138206","2019-02-19 01:10:22","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138206/"
 "138205","2019-02-19 01:10:21","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138205/"
-"138204","2019-02-19 01:10:20","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138204/"
+"138204","2019-02-19 01:10:20","http://coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138204/"
 "138203","2019-02-19 01:10:16","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138203/"
 "138202","2019-02-19 01:10:13","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138202/"
 "138201","2019-02-19 01:10:09","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138201/"
@@ -3065,7 +3616,7 @@
 "138194","2019-02-19 01:09:45","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138194/"
 "138193","2019-02-19 01:09:42","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138193/"
 "138192","2019-02-19 01:09:39","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138192/"
-"138191","2019-02-19 01:09:36","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138191/"
+"138191","2019-02-19 01:09:36","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138191/"
 "138190","2019-02-19 01:09:33","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138190/"
 "138189","2019-02-19 01:09:31","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138189/"
 "138188","2019-02-19 01:09:29","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138188/"
@@ -3084,7 +3635,7 @@
 "138175","2019-02-19 01:08:55","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138175/"
 "138174","2019-02-19 01:08:51","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138174/"
 "138173","2019-02-19 01:08:48","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138173/"
-"138172","2019-02-19 01:08:46","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138172/"
+"138172","2019-02-19 01:08:46","https://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138172/"
 "138171","2019-02-19 01:08:44","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138171/"
 "138170","2019-02-19 01:08:42","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138170/"
 "138169","2019-02-19 01:08:41","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138169/"
@@ -3104,7 +3655,7 @@
 "138155","2019-02-19 01:08:27","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138155/"
 "138154","2019-02-19 01:08:26","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138154/"
 "138153","2019-02-19 01:08:25","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138153/"
-"138151","2019-02-19 01:08:24","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138151/"
+"138151","2019-02-19 01:08:24","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138151/"
 "138152","2019-02-19 01:08:24","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138152/"
 "138150","2019-02-19 01:08:23","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138150/"
 "138147","2019-02-19 01:08:22","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138147/"
@@ -3130,7 +3681,7 @@
 "138129","2019-02-19 01:08:04","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138129/"
 "138128","2019-02-19 01:08:01","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138128/"
 "138127","2019-02-19 01:08:00","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138127/"
-"138126","2019-02-19 01:07:59","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138126/"
+"138126","2019-02-19 01:07:59","http://tchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138126/"
 "138125","2019-02-19 01:07:56","https://om.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138125/"
 "138124","2019-02-19 01:07:54","https://om.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138124/"
 "138123","2019-02-19 01:07:50","https://om.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138123/"
@@ -3143,7 +3694,7 @@
 "138116","2019-02-19 01:07:30","https://om.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138116/"
 "138115","2019-02-19 01:07:28","https://om.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138115/"
 "138114","2019-02-19 01:07:25","https://om.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138114/"
-"138113","2019-02-19 01:07:22","https://om.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138113/"
+"138113","2019-02-19 01:07:22","https://om.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138113/"
 "138112","2019-02-19 01:07:19","https://om.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138112/"
 "138111","2019-02-19 01:07:16","https://om.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138111/"
 "138110","2019-02-19 01:07:14","https://om.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138110/"
@@ -3162,7 +3713,7 @@
 "138097","2019-02-19 01:06:43","https://om.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138097/"
 "138096","2019-02-19 01:06:38","https://om.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138096/"
 "138095","2019-02-19 01:06:35","https://om.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138095/"
-"138094","2019-02-19 01:06:33","https://om.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138094/"
+"138094","2019-02-19 01:06:33","https://om.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138094/"
 "138093","2019-02-19 01:06:29","http://om.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138093/"
 "138092","2019-02-19 01:06:28","http://om.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138092/"
 "138091","2019-02-19 01:06:26","http://om.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138091/"
@@ -3183,7 +3734,7 @@
 "138076","2019-02-19 01:05:13","http://om.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138076/"
 "138075","2019-02-19 01:05:06","http://om.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138075/"
 "138074","2019-02-19 01:05:03","http://om.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138074/"
-"138073","2019-02-19 01:05:02","http://om.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138073/"
+"138073","2019-02-19 01:05:02","http://om.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138073/"
 "138072","2019-02-19 01:04:56","http://om.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138072/"
 "138070","2019-02-19 01:04:55","http://om.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138070/"
 "138071","2019-02-19 01:04:55","http://om.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138071/"
@@ -3208,7 +3759,7 @@
 "138051","2019-02-19 01:02:47","http://om.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138051/"
 "138050","2019-02-19 01:02:45","http://om.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138050/"
 "138049","2019-02-19 01:02:43","http://om.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138049/"
-"138048","2019-02-19 01:02:35","http://om.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138048/"
+"138048","2019-02-19 01:02:35","http://om.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138048/"
 "138047","2019-02-19 01:02:28","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138047/"
 "138046","2019-02-19 01:02:24","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138046/"
 "138045","2019-02-19 01:02:16","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138045/"
@@ -3221,7 +3772,7 @@
 "138038","2019-02-19 01:01:43","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138038/"
 "138037","2019-02-19 01:01:39","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138037/"
 "138036","2019-02-19 01:01:35","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138036/"
-"138035","2019-02-19 01:01:31","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138035/"
+"138035","2019-02-19 01:01:31","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138035/"
 "138034","2019-02-19 01:01:26","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138034/"
 "138033","2019-02-19 01:01:22","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138033/"
 "138032","2019-02-19 01:01:18","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/138032/"
@@ -3240,7 +3791,7 @@
 "138019","2019-02-19 01:00:22","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138019/"
 "138018","2019-02-19 01:00:14","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138018/"
 "138017","2019-02-19 01:00:09","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138017/"
-"138016","2019-02-19 01:00:02","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138016/"
+"138016","2019-02-19 01:00:02","https://ir-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/138016/"
 "138015","2019-02-19 00:59:56","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138015/"
 "138014","2019-02-19 00:59:44","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138014/"
 "138013","2019-02-19 00:59:23","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/138013/"
@@ -3261,7 +3812,7 @@
 "137998","2019-02-19 00:56:56","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137998/"
 "137997","2019-02-19 00:56:46","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137997/"
 "137996","2019-02-19 00:56:41","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137996/"
-"137995","2019-02-19 00:56:40","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137995/"
+"137995","2019-02-19 00:56:40","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137995/"
 "137994","2019-02-19 00:56:33","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137994/"
 "137992","2019-02-19 00:56:32","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137992/"
 "137993","2019-02-19 00:56:32","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137993/"
@@ -3286,36 +3837,36 @@
 "137973","2019-02-19 00:54:50","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137973/"
 "137972","2019-02-19 00:54:46","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137972/"
 "137971","2019-02-19 00:54:43","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137971/"
-"137970","2019-02-19 00:54:39","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137970/"
-"137969","2019-02-19 00:54:36","http://185.101.105.208/OwO/Tsunami.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137969/"
-"137967","2019-02-19 00:54:35","http://104.168.149.180/atxhua","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137967/"
-"137968","2019-02-19 00:54:35","http://185.101.105.208/OwO/Tsunami.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137968/"
+"137970","2019-02-19 00:54:39","http://ir-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137970/"
+"137969","2019-02-19 00:54:36","http://185.101.105.208/OwO/Tsunami.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137969/"
+"137967","2019-02-19 00:54:35","http://104.168.149.180/atxhua","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137967/"
+"137968","2019-02-19 00:54:35","http://185.101.105.208/OwO/Tsunami.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137968/"
 "137966","2019-02-19 00:54:33","http://157.230.208.209/ntpd","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137966/"
 "137965","2019-02-19 00:54:32","http://157.230.208.209/cron","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137965/"
 "137964","2019-02-19 00:54:31","http://157.230.208.209/wget","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137964/"
-"137962","2019-02-19 00:54:30","http://104.168.149.180/nvitpj","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137962/"
-"137963","2019-02-19 00:54:30","http://185.101.105.208/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137963/"
-"137961","2019-02-19 00:54:28","http://104.168.149.180/earyzq","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137961/"
+"137962","2019-02-19 00:54:30","http://104.168.149.180/nvitpj","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137962/"
+"137963","2019-02-19 00:54:30","http://185.101.105.208/OwO/Tsunami.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137963/"
+"137961","2019-02-19 00:54:28","http://104.168.149.180/earyzq","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137961/"
 "137960","2019-02-19 00:54:26","http://157.230.208.209/apache2","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137960/"
 "137959","2019-02-19 00:54:25","http://157.230.208.209/tftp","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137959/"
 "137958","2019-02-19 00:54:23","http://157.230.208.209/pftp","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137958/"
-"137957","2019-02-19 00:54:22","http://185.101.105.208/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137957/"
+"137957","2019-02-19 00:54:22","http://185.101.105.208/OwO/Tsunami.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137957/"
 "137956","2019-02-19 00:54:21","http://157.230.208.209/sshd","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137956/"
-"137955","2019-02-19 00:54:20","http://104.168.149.180/qtmzbn","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137955/"
-"137954","2019-02-19 00:54:18","http://104.168.149.180/qvmxvl","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137954/"
-"137953","2019-02-19 00:54:17","http://104.168.149.180/ajoomk","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137953/"
-"137952","2019-02-19 00:54:16","http://185.101.105.208/OwO/Tsunami.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/137952/"
-"137951","2019-02-19 00:54:15","http://104.168.149.180/cemtop","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137951/"
+"137955","2019-02-19 00:54:20","http://104.168.149.180/qtmzbn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137955/"
+"137954","2019-02-19 00:54:18","http://104.168.149.180/qvmxvl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137954/"
+"137953","2019-02-19 00:54:17","http://104.168.149.180/ajoomk","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137953/"
+"137952","2019-02-19 00:54:16","http://185.101.105.208/OwO/Tsunami.ppc","online","malware_download","elf","https://urlhaus.abuse.ch/url/137952/"
+"137951","2019-02-19 00:54:15","http://104.168.149.180/cemtop","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137951/"
 "137950","2019-02-19 00:54:13","http://157.230.208.209/bash","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137950/"
-"137949","2019-02-19 00:54:12","http://185.101.105.208/OwO/Tsunami.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137949/"
-"137948","2019-02-19 00:54:11","http://104.168.149.180/vvglma","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137948/"
+"137949","2019-02-19 00:54:12","http://185.101.105.208/OwO/Tsunami.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137949/"
+"137948","2019-02-19 00:54:11","http://104.168.149.180/vvglma","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137948/"
 "137947","2019-02-19 00:54:10","http://157.230.208.209/sh","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137947/"
-"137946","2019-02-19 00:54:08","http://104.168.149.180/vtyhat","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137946/"
-"137945","2019-02-19 00:54:07","http://185.101.105.208/OwO/Tsunami.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137945/"
-"137944","2019-02-19 00:54:06","http://104.168.149.180/lnkfmx","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137944/"
-"137943","2019-02-19 00:54:05","http://185.101.105.208/OwO/Tsunami.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137943/"
-"137942","2019-02-19 00:54:04","http://104.168.149.180/fwdfvf","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137942/"
-"137941","2019-02-19 00:54:03","http://104.168.149.180/razdzn","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137941/"
+"137946","2019-02-19 00:54:08","http://104.168.149.180/vtyhat","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137946/"
+"137945","2019-02-19 00:54:07","http://185.101.105.208/OwO/Tsunami.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137945/"
+"137944","2019-02-19 00:54:06","http://104.168.149.180/lnkfmx","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137944/"
+"137943","2019-02-19 00:54:05","http://185.101.105.208/OwO/Tsunami.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/137943/"
+"137942","2019-02-19 00:54:04","http://104.168.149.180/fwdfvf","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137942/"
+"137941","2019-02-19 00:54:03","http://104.168.149.180/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/137941/"
 "137940","2019-02-19 00:53:58","https://takarekinfococomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137940/"
 "137939","2019-02-19 00:53:55","https://takarekinfococomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137939/"
 "137938","2019-02-19 00:53:51","https://takarekinfococomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137938/"
@@ -3328,7 +3879,7 @@
 "137931","2019-02-19 00:53:21","https://takarekinfococomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137931/"
 "137930","2019-02-19 00:53:16","https://takarekinfococomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137930/"
 "137929","2019-02-19 00:53:11","https://takarekinfococomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137929/"
-"137928","2019-02-19 00:53:06","https://takarekinfococomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137928/"
+"137928","2019-02-19 00:53:06","https://takarekinfococomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137928/"
 "137927","2019-02-19 00:53:00","https://takarekinfococomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137927/"
 "137926","2019-02-19 00:52:55","https://takarekinfococomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137926/"
 "137925","2019-02-19 00:52:49","https://takarekinfococomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137925/"
@@ -3347,7 +3898,7 @@
 "137912","2019-02-19 00:51:59","https://takarekinfococomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137912/"
 "137911","2019-02-19 00:51:51","https://takarekinfococomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137911/"
 "137910","2019-02-19 00:51:48","https://takarekinfococomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137910/"
-"137909","2019-02-19 00:51:39","https://takarekinfococomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137909/"
+"137909","2019-02-19 00:51:39","https://takarekinfococomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137909/"
 "137908","2019-02-19 00:51:36","http://takarekinfococomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137908/"
 "137907","2019-02-19 00:51:30","http://takarekinfococomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137907/"
 "137906","2019-02-19 00:51:23","http://takarekinfococomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137906/"
@@ -3368,7 +3919,7 @@
 "137891","2019-02-19 00:49:59","http://takarekinfococomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137891/"
 "137890","2019-02-19 00:49:50","http://takarekinfococomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137890/"
 "137889","2019-02-19 00:49:44","http://takarekinfococomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137889/"
-"137888","2019-02-19 00:49:41","http://takarekinfococomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137888/"
+"137888","2019-02-19 00:49:41","http://takarekinfococomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137888/"
 "137887","2019-02-19 00:49:36","http://takarekinfococomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137887/"
 "137886","2019-02-19 00:49:35","http://takarekinfococomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137886/"
 "137885","2019-02-19 00:49:34","http://takarekinfococomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137885/"
@@ -3393,7 +3944,7 @@
 "137866","2019-02-19 00:47:47","http://takarekinfococomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137866/"
 "137865","2019-02-19 00:47:33","http://takarekinfococomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137865/"
 "137864","2019-02-19 00:47:30","http://takarekinfococomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137864/"
-"137863","2019-02-19 00:47:25","http://takarekinfococomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137863/"
+"137863","2019-02-19 00:47:25","http://takarekinfococomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137863/"
 "137862","2019-02-19 00:47:19","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137862/"
 "137861","2019-02-19 00:47:16","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137861/"
 "137860","2019-02-19 00:47:09","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137860/"
@@ -3406,7 +3957,7 @@
 "137853","2019-02-19 00:46:36","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137853/"
 "137852","2019-02-19 00:46:33","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137852/"
 "137851","2019-02-19 00:46:30","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137851/"
-"137850","2019-02-19 00:46:26","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137850/"
+"137850","2019-02-19 00:46:26","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137850/"
 "137849","2019-02-19 00:46:21","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137849/"
 "137848","2019-02-19 00:46:14","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137848/"
 "137847","2019-02-19 00:46:06","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137847/"
@@ -3425,7 +3976,7 @@
 "137834","2019-02-19 00:44:52","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137834/"
 "137833","2019-02-19 00:44:45","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137833/"
 "137832","2019-02-19 00:44:43","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137832/"
-"137831","2019-02-19 00:44:40","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137831/"
+"137831","2019-02-19 00:44:40","https://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137831/"
 "137830","2019-02-19 00:44:36","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137830/"
 "137829","2019-02-19 00:44:35","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137829/"
 "137828","2019-02-19 00:44:32","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137828/"
@@ -3445,7 +3996,7 @@
 "137814","2019-02-19 00:44:10","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137814/"
 "137813","2019-02-19 00:44:08","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137813/"
 "137812","2019-02-19 00:44:06","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137812/"
-"137810","2019-02-19 00:44:05","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137810/"
+"137810","2019-02-19 00:44:05","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137810/"
 "137811","2019-02-19 00:44:05","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137811/"
 "137809","2019-02-19 00:44:03","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137809/"
 "137806","2019-02-19 00:44:02","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137806/"
@@ -3471,7 +4022,7 @@
 "137788","2019-02-19 00:43:03","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137788/"
 "137787","2019-02-19 00:43:00","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137787/"
 "137786","2019-02-19 00:42:59","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137786/"
-"137785","2019-02-19 00:42:57","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137785/"
+"137785","2019-02-19 00:42:57","http://stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137785/"
 "137784","2019-02-19 00:42:54","https://cociprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137784/"
 "137783","2019-02-19 00:42:51","https://cociprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137783/"
 "137782","2019-02-19 00:42:47","https://cociprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137782/"
@@ -3484,7 +4035,7 @@
 "137775","2019-02-19 00:42:27","https://cociprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137775/"
 "137774","2019-02-19 00:42:25","https://cociprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137774/"
 "137773","2019-02-19 00:42:22","https://cociprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137773/"
-"137772","2019-02-19 00:42:19","https://cociprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137772/"
+"137772","2019-02-19 00:42:19","https://cociprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137772/"
 "137771","2019-02-19 00:42:17","https://cociprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137771/"
 "137770","2019-02-19 00:42:15","https://cociprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137770/"
 "137769","2019-02-19 00:42:12","https://cociprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137769/"
@@ -3503,7 +4054,7 @@
 "137756","2019-02-19 00:41:41","https://cociprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137756/"
 "137755","2019-02-19 00:41:36","https://cociprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137755/"
 "137754","2019-02-19 00:41:34","https://cociprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137754/"
-"137753","2019-02-19 00:41:31","https://cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137753/"
+"137753","2019-02-19 00:41:31","https://cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137753/"
 "137752","2019-02-19 00:41:29","http://cociprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137752/"
 "137751","2019-02-19 00:41:27","http://cociprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137751/"
 "137750","2019-02-19 00:41:25","http://cociprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137750/"
@@ -3524,7 +4075,7 @@
 "137735","2019-02-19 00:41:07","http://cociprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137735/"
 "137734","2019-02-19 00:41:06","http://cociprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137734/"
 "137733","2019-02-19 00:41:05","http://cociprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137733/"
-"137732","2019-02-19 00:41:04","http://cociprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137732/"
+"137732","2019-02-19 00:41:04","http://cociprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137732/"
 "137730","2019-02-19 00:41:03","http://cociprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137730/"
 "137731","2019-02-19 00:41:03","http://cociprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137731/"
 "137727","2019-02-19 00:41:02","http://cociprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137727/"
@@ -3549,7 +4100,7 @@
 "137710","2019-02-19 00:40:25","http://cociprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137710/"
 "137709","2019-02-19 00:40:01","http://cociprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137709/"
 "137708","2019-02-19 00:39:55","http://cociprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137708/"
-"137707","2019-02-19 00:39:48","http://cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137707/"
+"137707","2019-02-19 00:39:48","http://cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137707/"
 "137706","2019-02-19 00:39:41","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137706/"
 "137705","2019-02-19 00:39:38","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137705/"
 "137704","2019-02-19 00:39:31","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137704/"
@@ -3562,7 +4113,7 @@
 "137697","2019-02-19 00:39:00","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137697/"
 "137696","2019-02-19 00:38:56","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137696/"
 "137695","2019-02-19 00:38:53","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137695/"
-"137694","2019-02-19 00:38:49","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137694/"
+"137694","2019-02-19 00:38:49","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137694/"
 "137693","2019-02-19 00:38:44","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137693/"
 "137692","2019-02-19 00:38:40","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137692/"
 "137691","2019-02-19 00:38:34","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137691/"
@@ -3581,7 +4132,7 @@
 "137678","2019-02-19 00:37:52","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137678/"
 "137677","2019-02-19 00:37:47","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137677/"
 "137676","2019-02-19 00:37:44","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137676/"
-"137675","2019-02-19 00:37:41","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137675/"
+"137675","2019-02-19 00:37:41","https://bookfair.cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137675/"
 "137674","2019-02-19 00:37:36","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137674/"
 "137673","2019-02-19 00:37:28","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137673/"
 "137672","2019-02-19 00:37:08","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137672/"
@@ -3602,7 +4153,7 @@
 "137657","2019-02-19 00:35:22","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137657/"
 "137656","2019-02-19 00:35:12","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137656/"
 "137655","2019-02-19 00:35:08","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137655/"
-"137654","2019-02-19 00:35:06","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137654/"
+"137654","2019-02-19 00:35:06","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137654/"
 "137653","2019-02-19 00:34:58","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137653/"
 "137652","2019-02-19 00:34:56","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137652/"
 "137651","2019-02-19 00:34:53","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137651/"
@@ -3627,7 +4178,7 @@
 "137632","2019-02-19 00:32:22","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137632/"
 "137631","2019-02-19 00:32:02","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137631/"
 "137630","2019-02-19 00:31:53","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137630/"
-"137629","2019-02-19 00:31:42","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137629/"
+"137629","2019-02-19 00:31:42","http://bookfair.cociprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137629/"
 "137628","2019-02-19 00:31:33","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137628/"
 "137627","2019-02-19 00:31:26","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137627/"
 "137626","2019-02-19 00:31:16","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137626/"
@@ -3640,7 +4191,7 @@
 "137619","2019-02-19 00:30:32","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137619/"
 "137618","2019-02-19 00:30:28","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137618/"
 "137617","2019-02-19 00:30:24","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137617/"
-"137616","2019-02-19 00:30:17","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137616/"
+"137616","2019-02-19 00:30:17","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137616/"
 "137615","2019-02-19 00:30:12","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137615/"
 "137614","2019-02-19 00:30:06","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137614/"
 "137613","2019-02-19 00:30:02","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137613/"
@@ -3659,7 +4210,7 @@
 "137600","2019-02-19 00:29:18","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137600/"
 "137599","2019-02-19 00:29:13","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137599/"
 "137598","2019-02-19 00:29:10","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137598/"
-"137597","2019-02-19 00:29:07","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137597/"
+"137597","2019-02-19 00:29:07","https://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137597/"
 "137596","2019-02-19 00:29:04","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137596/"
 "137595","2019-02-19 00:29:00","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137595/"
 "137594","2019-02-19 00:28:54","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137594/"
@@ -3680,7 +4231,7 @@
 "137579","2019-02-19 00:28:12","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137579/"
 "137578","2019-02-19 00:28:09","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137578/"
 "137577","2019-02-19 00:28:08","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137577/"
-"137576","2019-02-19 00:28:07","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137576/"
+"137576","2019-02-19 00:28:07","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137576/"
 "137574","2019-02-19 00:28:05","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137574/"
 "137575","2019-02-19 00:28:05","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137575/"
 "137572","2019-02-19 00:28:04","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137572/"
@@ -3705,7 +4256,7 @@
 "137554","2019-02-19 00:27:26","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137554/"
 "137553","2019-02-19 00:27:23","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137553/"
 "137552","2019-02-19 00:27:22","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137552/"
-"137551","2019-02-19 00:27:20","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137551/"
+"137551","2019-02-19 00:27:20","http://cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137551/"
 "137550","2019-02-19 00:27:13","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137550/"
 "137549","2019-02-19 00:27:05","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137549/"
 "137548","2019-02-19 00:26:52","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137548/"
@@ -3718,7 +4269,7 @@
 "137541","2019-02-19 00:26:09","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137541/"
 "137540","2019-02-19 00:26:04","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137540/"
 "137539","2019-02-19 00:25:59","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137539/"
-"137538","2019-02-19 00:25:47","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137538/"
+"137538","2019-02-19 00:25:47","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137538/"
 "137537","2019-02-19 00:25:41","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137537/"
 "137536","2019-02-19 00:25:38","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137536/"
 "137535","2019-02-19 00:25:32","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137535/"
@@ -3737,7 +4288,7 @@
 "137522","2019-02-19 00:24:15","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137522/"
 "137521","2019-02-19 00:24:11","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137521/"
 "137520","2019-02-19 00:24:07","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137520/"
-"137519","2019-02-19 00:24:04","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137519/"
+"137519","2019-02-19 00:24:04","https://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137519/"
 "137518","2019-02-19 00:23:59","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137518/"
 "137517","2019-02-19 00:23:58","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137517/"
 "137516","2019-02-19 00:23:53","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137516/"
@@ -3758,7 +4309,7 @@
 "137501","2019-02-19 00:22:22","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137501/"
 "137500","2019-02-19 00:22:10","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137500/"
 "137499","2019-02-19 00:22:04","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137499/"
-"137498","2019-02-19 00:22:01","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137498/"
+"137498","2019-02-19 00:22:01","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137498/"
 "137497","2019-02-19 00:21:53","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137497/"
 "137496","2019-02-19 00:21:52","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137496/"
 "137495","2019-02-19 00:21:50","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137495/"
@@ -3783,7 +4334,7 @@
 "137476","2019-02-19 00:19:27","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137476/"
 "137475","2019-02-19 00:19:07","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137475/"
 "137474","2019-02-19 00:18:58","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137474/"
-"137473","2019-02-19 00:18:47","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137473/"
+"137473","2019-02-19 00:18:47","http://pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137473/"
 "137472","2019-02-19 00:18:28","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137472/"
 "137471","2019-02-19 00:18:22","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137471/"
 "137470","2019-02-19 00:18:12","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137470/"
@@ -3796,7 +4347,7 @@
 "137463","2019-02-19 00:17:29","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137463/"
 "137462","2019-02-19 00:17:25","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137462/"
 "137461","2019-02-19 00:17:21","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137461/"
-"137460","2019-02-19 00:17:16","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137460/"
+"137460","2019-02-19 00:17:16","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137460/"
 "137459","2019-02-19 00:17:12","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137459/"
 "137458","2019-02-19 00:17:06","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137458/"
 "137457","2019-02-19 00:17:01","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137457/"
@@ -3815,7 +4366,7 @@
 "137444","2019-02-19 00:16:07","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137444/"
 "137443","2019-02-19 00:15:55","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137443/"
 "137442","2019-02-19 00:15:52","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137442/"
-"137441","2019-02-19 00:15:49","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137441/"
+"137441","2019-02-19 00:15:49","https://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137441/"
 "137440","2019-02-19 00:15:47","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137440/"
 "137439","2019-02-19 00:15:46","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137439/"
 "137438","2019-02-19 00:15:43","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137438/"
@@ -3835,7 +4386,7 @@
 "137424","2019-02-19 00:15:29","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137424/"
 "137423","2019-02-19 00:15:27","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137423/"
 "137422","2019-02-19 00:15:26","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137422/"
-"137420","2019-02-19 00:15:25","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137420/"
+"137420","2019-02-19 00:15:25","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137420/"
 "137421","2019-02-19 00:15:25","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137421/"
 "137419","2019-02-19 00:15:24","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137419/"
 "137416","2019-02-19 00:15:23","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137416/"
@@ -3861,7 +4412,7 @@
 "137398","2019-02-19 00:15:03","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137398/"
 "137397","2019-02-19 00:15:01","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137397/"
 "137396","2019-02-19 00:15:00","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137396/"
-"137395","2019-02-19 00:14:59","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137395/"
+"137395","2019-02-19 00:14:59","http://cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137395/"
 "137394","2019-02-19 00:14:54","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137394/"
 "137393","2019-02-19 00:14:52","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137393/"
 "137392","2019-02-19 00:14:48","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137392/"
@@ -3874,7 +4425,7 @@
 "137385","2019-02-19 00:14:28","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137385/"
 "137384","2019-02-19 00:14:26","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137384/"
 "137383","2019-02-19 00:14:24","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137383/"
-"137382","2019-02-19 00:14:20","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137382/"
+"137382","2019-02-19 00:14:20","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137382/"
 "137381","2019-02-19 00:14:18","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137381/"
 "137380","2019-02-19 00:14:15","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137380/"
 "137379","2019-02-19 00:14:13","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137379/"
@@ -3893,7 +4444,7 @@
 "137366","2019-02-19 00:13:41","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137366/"
 "137365","2019-02-19 00:13:37","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137365/"
 "137364","2019-02-19 00:13:35","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137364/"
-"137363","2019-02-19 00:13:32","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137363/"
+"137363","2019-02-19 00:13:32","https://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137363/"
 "137362","2019-02-19 00:13:30","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137362/"
 "137361","2019-02-19 00:13:29","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137361/"
 "137360","2019-02-19 00:13:27","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137360/"
@@ -3913,7 +4464,7 @@
 "137346","2019-02-19 00:13:13","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137346/"
 "137345","2019-02-19 00:13:12","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137345/"
 "137344","2019-02-19 00:13:11","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137344/"
-"137342","2019-02-19 00:13:10","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137342/"
+"137342","2019-02-19 00:13:10","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137342/"
 "137343","2019-02-19 00:13:10","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137343/"
 "137340","2019-02-19 00:13:09","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137340/"
 "137341","2019-02-19 00:13:09","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137341/"
@@ -3939,7 +4490,7 @@
 "137320","2019-02-19 00:12:51","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137320/"
 "137319","2019-02-19 00:12:48","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137319/"
 "137318","2019-02-19 00:12:47","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137318/"
-"137317","2019-02-19 00:12:46","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137317/"
+"137317","2019-02-19 00:12:46","http://flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137317/"
 "137316","2019-02-19 00:12:43","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137316/"
 "137315","2019-02-19 00:12:40","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137315/"
 "137314","2019-02-19 00:12:36","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137314/"
@@ -3952,7 +4503,7 @@
 "137307","2019-02-19 00:12:17","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137307/"
 "137306","2019-02-19 00:12:15","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137306/"
 "137305","2019-02-19 00:12:12","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137305/"
-"137304","2019-02-19 00:12:09","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137304/"
+"137304","2019-02-19 00:12:09","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137304/"
 "137303","2019-02-19 00:12:07","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137303/"
 "137302","2019-02-19 00:12:04","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137302/"
 "137301","2019-02-19 00:12:02","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137301/"
@@ -3971,7 +4522,7 @@
 "137288","2019-02-19 00:11:28","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137288/"
 "137287","2019-02-19 00:11:25","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137287/"
 "137286","2019-02-19 00:11:22","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137286/"
-"137285","2019-02-19 00:11:19","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137285/"
+"137285","2019-02-19 00:11:19","https://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137285/"
 "137284","2019-02-19 00:11:17","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137284/"
 "137283","2019-02-19 00:11:16","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137283/"
 "137282","2019-02-19 00:11:14","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137282/"
@@ -3992,7 +4543,7 @@
 "137267","2019-02-19 00:10:57","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137267/"
 "137266","2019-02-19 00:10:55","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137266/"
 "137265","2019-02-19 00:10:54","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137265/"
-"137264","2019-02-19 00:10:53","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137264/"
+"137264","2019-02-19 00:10:53","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137264/"
 "137261","2019-02-19 00:10:52","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137261/"
 "137262","2019-02-19 00:10:52","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137262/"
 "137263","2019-02-19 00:10:52","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137263/"
@@ -4017,7 +4568,7 @@
 "137242","2019-02-19 00:10:09","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137242/"
 "137241","2019-02-19 00:09:51","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137241/"
 "137240","2019-02-19 00:09:46","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137240/"
-"137239","2019-02-19 00:09:38","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137239/"
+"137239","2019-02-19 00:09:38","http://aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137239/"
 "137238","2019-02-19 00:09:29","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137238/"
 "137237","2019-02-19 00:09:23","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137237/"
 "137236","2019-02-19 00:09:15","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137236/"
@@ -4030,7 +4581,7 @@
 "137229","2019-02-19 00:08:20","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137229/"
 "137228","2019-02-19 00:08:12","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137228/"
 "137227","2019-02-19 00:08:04","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137227/"
-"137226","2019-02-19 00:07:55","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137226/"
+"137226","2019-02-19 00:07:55","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137226/"
 "137225","2019-02-19 00:07:48","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137225/"
 "137224","2019-02-19 00:07:41","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137224/"
 "137223","2019-02-19 00:07:35","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137223/"
@@ -4049,7 +4600,7 @@
 "137210","2019-02-19 00:06:38","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137210/"
 "137209","2019-02-19 00:06:32","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137209/"
 "137208","2019-02-19 00:06:26","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137208/"
-"137207","2019-02-19 00:06:21","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137207/"
+"137207","2019-02-19 00:06:21","https://netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137207/"
 "137206","2019-02-19 00:06:14","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137206/"
 "137205","2019-02-19 00:06:05","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137205/"
 "137204","2019-02-19 00:05:42","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137204/"
@@ -4070,7 +4621,7 @@
 "137189","2019-02-19 00:02:54","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137189/"
 "137188","2019-02-19 00:02:22","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137188/"
 "137187","2019-02-19 00:02:15","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137187/"
-"137186","2019-02-19 00:02:07","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137186/"
+"137186","2019-02-19 00:02:07","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137186/"
 "137185","2019-02-19 00:01:56","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137185/"
 "137184","2019-02-19 00:01:51","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137184/"
 "137183","2019-02-19 00:01:45","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137183/"
@@ -4095,7 +4646,7 @@
 "137164","2019-02-18 23:57:35","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137164/"
 "137163","2019-02-18 23:57:14","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137163/"
 "137162","2019-02-18 23:57:08","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137162/"
-"137161","2019-02-18 23:57:01","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137161/"
+"137161","2019-02-18 23:57:01","http://netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137161/"
 "137160","2019-02-18 23:56:48","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137160/"
 "137159","2019-02-18 23:56:37","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137159/"
 "137158","2019-02-18 23:56:32","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137158/"
@@ -4108,7 +4659,7 @@
 "137151","2019-02-18 23:56:05","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137151/"
 "137150","2019-02-18 23:56:02","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137150/"
 "137149","2019-02-18 23:55:57","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137149/"
-"137148","2019-02-18 23:55:51","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137148/"
+"137148","2019-02-18 23:55:51","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137148/"
 "137147","2019-02-18 23:55:47","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137147/"
 "137146","2019-02-18 23:55:44","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137146/"
 "137145","2019-02-18 23:55:41","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137145/"
@@ -4127,7 +4678,7 @@
 "137132","2019-02-18 23:55:02","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137132/"
 "137131","2019-02-18 23:54:57","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137131/"
 "137130","2019-02-18 23:54:53","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137130/"
-"137129","2019-02-18 23:54:50","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137129/"
+"137129","2019-02-18 23:54:50","https://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137129/"
 "137128","2019-02-18 23:54:48","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137128/"
 "137127","2019-02-18 23:54:44","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137127/"
 "137126","2019-02-18 23:54:41","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137126/"
@@ -4148,7 +4699,7 @@
 "137111","2019-02-18 23:53:21","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137111/"
 "137110","2019-02-18 23:53:13","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137110/"
 "137109","2019-02-18 23:53:09","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137109/"
-"137108","2019-02-18 23:53:07","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137108/"
+"137108","2019-02-18 23:53:07","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137108/"
 "137107","2019-02-18 23:53:00","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137107/"
 "137106","2019-02-18 23:52:59","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137106/"
 "137105","2019-02-18 23:52:58","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137105/"
@@ -4173,7 +4724,7 @@
 "137086","2019-02-18 23:51:17","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137086/"
 "137085","2019-02-18 23:51:00","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137085/"
 "137084","2019-02-18 23:50:59","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137084/"
-"137083","2019-02-18 23:50:57","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137083/"
+"137083","2019-02-18 23:50:57","http://comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137083/"
 "137082","2019-02-18 23:50:44","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137082/"
 "137081","2019-02-18 23:50:41","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137081/"
 "137080","2019-02-18 23:50:37","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137080/"
@@ -4186,7 +4737,7 @@
 "137073","2019-02-18 23:50:01","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137073/"
 "137072","2019-02-18 23:49:55","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137072/"
 "137071","2019-02-18 23:49:50","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137071/"
-"137070","2019-02-18 23:49:46","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137070/"
+"137070","2019-02-18 23:49:46","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137070/"
 "137069","2019-02-18 23:49:42","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137069/"
 "137068","2019-02-18 23:49:40","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137068/"
 "137067","2019-02-18 23:49:37","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/137067/"
@@ -4205,7 +4756,7 @@
 "137054","2019-02-18 23:48:52","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137054/"
 "137053","2019-02-18 23:48:47","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137053/"
 "137052","2019-02-18 23:48:41","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137052/"
-"137051","2019-02-18 23:48:36","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137051/"
+"137051","2019-02-18 23:48:36","https://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137051/"
 "137050","2019-02-18 23:48:33","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137050/"
 "137049","2019-02-18 23:48:31","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137049/"
 "137048","2019-02-18 23:48:27","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137048/"
@@ -4226,7 +4777,7 @@
 "137033","2019-02-18 23:47:55","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137033/"
 "137032","2019-02-18 23:47:50","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137032/"
 "137031","2019-02-18 23:47:48","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137031/"
-"137030","2019-02-18 23:47:47","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137030/"
+"137030","2019-02-18 23:47:47","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137030/"
 "137029","2019-02-18 23:47:42","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137029/"
 "137026","2019-02-18 23:47:41","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137026/"
 "137027","2019-02-18 23:47:41","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137027/"
@@ -4251,7 +4802,7 @@
 "137008","2019-02-18 23:46:53","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137008/"
 "137007","2019-02-18 23:46:49","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137007/"
 "137006","2019-02-18 23:46:48","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137006/"
-"137005","2019-02-18 23:46:45","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137005/"
+"137005","2019-02-18 23:46:45","http://coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/137005/"
 "137004","2019-02-18 23:46:36","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137004/"
 "137003","2019-02-18 23:46:33","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137003/"
 "137002","2019-02-18 23:46:28","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/137002/"
@@ -4264,7 +4815,7 @@
 "136995","2019-02-18 23:45:42","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136995/"
 "136994","2019-02-18 23:45:39","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136994/"
 "136993","2019-02-18 23:45:35","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136993/"
-"136992","2019-02-18 23:45:30","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136992/"
+"136992","2019-02-18 23:45:30","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136992/"
 "136991","2019-02-18 23:45:26","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136991/"
 "136990","2019-02-18 23:45:20","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136990/"
 "136989","2019-02-18 23:45:14","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136989/"
@@ -4283,7 +4834,7 @@
 "136976","2019-02-18 23:44:23","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136976/"
 "136975","2019-02-18 23:44:18","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136975/"
 "136974","2019-02-18 23:44:11","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136974/"
-"136973","2019-02-18 23:44:04","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136973/"
+"136973","2019-02-18 23:44:04","https://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136973/"
 "136972","2019-02-18 23:44:02","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136972/"
 "136971","2019-02-18 23:44:01","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136971/"
 "136970","2019-02-18 23:43:58","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136970/"
@@ -4303,7 +4854,7 @@
 "136956","2019-02-18 23:43:43","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136956/"
 "136955","2019-02-18 23:43:41","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136955/"
 "136954","2019-02-18 23:43:40","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136954/"
-"136952","2019-02-18 23:43:39","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136952/"
+"136952","2019-02-18 23:43:39","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136952/"
 "136953","2019-02-18 23:43:39","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136953/"
 "136950","2019-02-18 23:43:38","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136950/"
 "136951","2019-02-18 23:43:38","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136951/"
@@ -4329,7 +4880,7 @@
 "136930","2019-02-18 23:43:15","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136930/"
 "136929","2019-02-18 23:43:12","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136929/"
 "136928","2019-02-18 23:43:11","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136928/"
-"136927","2019-02-18 23:43:09","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136927/"
+"136927","2019-02-18 23:43:09","http://coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136927/"
 "136926","2019-02-18 23:43:05","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136926/"
 "136925","2019-02-18 23:43:01","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136925/"
 "136924","2019-02-18 23:42:47","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136924/"
@@ -4343,7 +4894,7 @@
 "136916","2019-02-18 23:42:19","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136916/"
 "136915","2019-02-18 23:42:15","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136915/"
 "136914","2019-02-18 23:42:11","http://www.dkstudy.com/Februar2019/VTDXDMEZW2724842/Dokumente/DOC/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/136914/"
-"136913","2019-02-18 23:42:07","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136913/"
+"136913","2019-02-18 23:42:07","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136913/"
 "136912","2019-02-18 23:42:04","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136912/"
 "136911","2019-02-18 23:41:59","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136911/"
 "136910","2019-02-18 23:41:55","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136910/"
@@ -4362,7 +4913,7 @@
 "136897","2019-02-18 23:41:10","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136897/"
 "136896","2019-02-18 23:41:05","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136896/"
 "136895","2019-02-18 23:41:01","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136895/"
-"136894","2019-02-18 23:40:55","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136894/"
+"136894","2019-02-18 23:40:55","https://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136894/"
 "136893","2019-02-18 23:40:50","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136893/"
 "136892","2019-02-18 23:40:40","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136892/"
 "136891","2019-02-18 23:40:23","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136891/"
@@ -4383,7 +4934,7 @@
 "136876","2019-02-18 23:37:27","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136876/"
 "136875","2019-02-18 23:37:09","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136875/"
 "136874","2019-02-18 23:37:00","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136874/"
-"136873","2019-02-18 23:36:56","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136873/"
+"136873","2019-02-18 23:36:56","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136873/"
 "136872","2019-02-18 23:36:42","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136872/"
 "136871","2019-02-18 23:36:35","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136871/"
 "136870","2019-02-18 23:36:27","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136870/"
@@ -4408,7 +4959,7 @@
 "136851","2019-02-18 23:32:12","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136851/"
 "136850","2019-02-18 23:31:35","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136850/"
 "136849","2019-02-18 23:31:26","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136849/"
-"136848","2019-02-18 23:31:12","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136848/"
+"136848","2019-02-18 23:31:12","http://soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136848/"
 "136847","2019-02-18 23:31:00","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136847/"
 "136846","2019-02-18 23:30:49","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136846/"
 "136845","2019-02-18 23:30:37","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136845/"
@@ -4421,7 +4972,7 @@
 "136838","2019-02-18 23:29:15","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136838/"
 "136837","2019-02-18 23:29:07","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136837/"
 "136836","2019-02-18 23:28:57","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136836/"
-"136835","2019-02-18 23:28:45","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136835/"
+"136835","2019-02-18 23:28:45","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136835/"
 "136834","2019-02-18 23:28:37","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136834/"
 "136833","2019-02-18 23:28:29","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136833/"
 "136832","2019-02-18 23:28:21","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136832/"
@@ -4440,7 +4991,7 @@
 "136819","2019-02-18 23:27:06","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136819/"
 "136818","2019-02-18 23:27:02","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136818/"
 "136817","2019-02-18 23:26:55","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136817/"
-"136816","2019-02-18 23:26:44","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136816/"
+"136816","2019-02-18 23:26:44","https://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136816/"
 "136815","2019-02-18 23:26:35","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136815/"
 "136814","2019-02-18 23:26:25","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136814/"
 "136813","2019-02-18 23:26:05","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136813/"
@@ -4461,7 +5012,7 @@
 "136798","2019-02-18 23:24:18","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136798/"
 "136797","2019-02-18 23:24:17","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136797/"
 "136796","2019-02-18 23:24:16","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136796/"
-"136795","2019-02-18 23:24:14","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136795/"
+"136795","2019-02-18 23:24:14","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136795/"
 "136794","2019-02-18 23:24:10","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136794/"
 "136793","2019-02-18 23:24:08","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136793/"
 "136792","2019-02-18 23:24:05","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136792/"
@@ -4486,7 +5037,7 @@
 "136773","2019-02-18 23:21:59","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136773/"
 "136772","2019-02-18 23:21:26","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136772/"
 "136771","2019-02-18 23:21:11","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136771/"
-"136770","2019-02-18 23:20:55","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136770/"
+"136770","2019-02-18 23:20:55","http://www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136770/"
 "136769","2019-02-18 23:20:40","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136769/"
 "136768","2019-02-18 23:20:31","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136768/"
 "136767","2019-02-18 23:20:08","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136767/"
@@ -4499,7 +5050,7 @@
 "136760","2019-02-18 23:18:50","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136760/"
 "136759","2019-02-18 23:18:39","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136759/"
 "136758","2019-02-18 23:18:28","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136758/"
-"136757","2019-02-18 23:18:18","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136757/"
+"136757","2019-02-18 23:18:18","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136757/"
 "136756","2019-02-18 23:18:09","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136756/"
 "136755","2019-02-18 23:18:05","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136755/"
 "136754","2019-02-18 23:18:00","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136754/"
@@ -4518,7 +5069,7 @@
 "136741","2019-02-18 23:17:03","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136741/"
 "136740","2019-02-18 23:16:58","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136740/"
 "136739","2019-02-18 23:16:56","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136739/"
-"136738","2019-02-18 23:16:53","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136738/"
+"136738","2019-02-18 23:16:53","https://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136738/"
 "136737","2019-02-18 23:16:49","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136737/"
 "136736","2019-02-18 23:16:37","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136736/"
 "136735","2019-02-18 23:16:29","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136735/"
@@ -4538,7 +5089,7 @@
 "136721","2019-02-18 23:15:28","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136721/"
 "136720","2019-02-18 23:15:26","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136720/"
 "136719","2019-02-18 23:15:24","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136719/"
-"136717","2019-02-18 23:15:23","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136717/"
+"136717","2019-02-18 23:15:23","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136717/"
 "136718","2019-02-18 23:15:23","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136718/"
 "136716","2019-02-18 23:15:21","http://tych.pe/MXKHPBKMDT1868929/Rechnungs-Details/DOC/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/136716/"
 "136714","2019-02-18 23:15:19","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136714/"
@@ -4566,7 +5117,7 @@
 "136693","2019-02-18 23:14:09","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136693/"
 "136692","2019-02-18 23:13:51","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136692/"
 "136691","2019-02-18 23:13:43","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136691/"
-"136690","2019-02-18 23:13:36","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136690/"
+"136690","2019-02-18 23:13:36","http://azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136690/"
 "136689","2019-02-18 23:13:28","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136689/"
 "136688","2019-02-18 23:13:24","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136688/"
 "136687","2019-02-18 23:13:19","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136687/"
@@ -4579,7 +5130,7 @@
 "136680","2019-02-18 23:12:53","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136680/"
 "136679","2019-02-18 23:12:50","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136679/"
 "136678","2019-02-18 23:12:48","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136678/"
-"136677","2019-02-18 23:12:45","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136677/"
+"136677","2019-02-18 23:12:45","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136677/"
 "136676","2019-02-18 23:12:43","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136676/"
 "136675","2019-02-18 23:12:39","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136675/"
 "136674","2019-02-18 23:12:37","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136674/"
@@ -4598,7 +5149,7 @@
 "136661","2019-02-18 23:12:06","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136661/"
 "136660","2019-02-18 23:12:01","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136660/"
 "136659","2019-02-18 23:11:58","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136659/"
-"136658","2019-02-18 23:11:54","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136658/"
+"136658","2019-02-18 23:11:54","https://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136658/"
 "136657","2019-02-18 23:11:52","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136657/"
 "136656","2019-02-18 23:11:51","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136656/"
 "136655","2019-02-18 23:11:46","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136655/"
@@ -4619,7 +5170,7 @@
 "136640","2019-02-18 23:11:28","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136640/"
 "136639","2019-02-18 23:11:27","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136639/"
 "136638","2019-02-18 23:11:26","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136638/"
-"136637","2019-02-18 23:11:25","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136637/"
+"136637","2019-02-18 23:11:25","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136637/"
 "136635","2019-02-18 23:11:24","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136635/"
 "136636","2019-02-18 23:11:24","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136636/"
 "136632","2019-02-18 23:11:23","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136632/"
@@ -4644,7 +5195,7 @@
 "136615","2019-02-18 23:11:03","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136615/"
 "136614","2019-02-18 23:11:00","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136614/"
 "136613","2019-02-18 23:10:58","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136613/"
-"136612","2019-02-18 23:10:57","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136612/"
+"136612","2019-02-18 23:10:57","http://mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136612/"
 "136611","2019-02-18 23:10:53","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136611/"
 "136610","2019-02-18 23:10:50","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136610/"
 "136609","2019-02-18 23:10:45","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136609/"
@@ -4657,7 +5208,7 @@
 "136602","2019-02-18 23:10:25","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136602/"
 "136601","2019-02-18 23:10:22","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136601/"
 "136600","2019-02-18 23:10:19","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136600/"
-"136599","2019-02-18 23:10:16","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136599/"
+"136599","2019-02-18 23:10:16","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136599/"
 "136598","2019-02-18 23:10:13","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136598/"
 "136597","2019-02-18 23:10:10","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136597/"
 "136596","2019-02-18 23:10:07","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136596/"
@@ -4676,7 +5227,7 @@
 "136583","2019-02-18 23:09:35","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136583/"
 "136582","2019-02-18 23:09:31","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136582/"
 "136581","2019-02-18 23:09:28","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136581/"
-"136580","2019-02-18 23:09:26","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136580/"
+"136580","2019-02-18 23:09:26","https://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136580/"
 "136579","2019-02-18 23:09:24","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136579/"
 "136578","2019-02-18 23:09:20","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136578/"
 "136577","2019-02-18 23:09:17","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136577/"
@@ -4697,7 +5248,7 @@
 "136562","2019-02-18 23:08:56","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136562/"
 "136561","2019-02-18 23:08:55","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136561/"
 "136560","2019-02-18 23:08:54","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136560/"
-"136559","2019-02-18 23:08:53","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136559/"
+"136559","2019-02-18 23:08:53","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136559/"
 "136557","2019-02-18 23:08:52","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136557/"
 "136558","2019-02-18 23:08:52","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136558/"
 "136554","2019-02-18 23:08:51","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136554/"
@@ -4722,7 +5273,7 @@
 "136537","2019-02-18 23:08:26","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136537/"
 "136536","2019-02-18 23:08:23","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136536/"
 "136535","2019-02-18 23:08:22","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136535/"
-"136534","2019-02-18 23:08:21","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136534/"
+"136534","2019-02-18 23:08:21","http://protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136534/"
 "136533","2019-02-18 23:08:18","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136533/"
 "136532","2019-02-18 23:08:15","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136532/"
 "136531","2019-02-18 23:08:11","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136531/"
@@ -4735,7 +5286,7 @@
 "136524","2019-02-18 23:07:52","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136524/"
 "136523","2019-02-18 23:07:49","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136523/"
 "136522","2019-02-18 23:07:46","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136522/"
-"136521","2019-02-18 23:07:43","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136521/"
+"136521","2019-02-18 23:07:43","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136521/"
 "136520","2019-02-18 23:07:39","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136520/"
 "136519","2019-02-18 23:07:36","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136519/"
 "136518","2019-02-18 23:07:33","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136518/"
@@ -4754,7 +5305,7 @@
 "136505","2019-02-18 23:07:02","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136505/"
 "136504","2019-02-18 23:06:58","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136504/"
 "136503","2019-02-18 23:06:56","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136503/"
-"136502","2019-02-18 23:06:53","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136502/"
+"136502","2019-02-18 23:06:53","https://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136502/"
 "136501","2019-02-18 23:06:51","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136501/"
 "136500","2019-02-18 23:06:50","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136500/"
 "136499","2019-02-18 23:06:48","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136499/"
@@ -4775,7 +5326,7 @@
 "136484","2019-02-18 23:06:29","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136484/"
 "136483","2019-02-18 23:06:25","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136483/"
 "136482","2019-02-18 23:06:24","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136482/"
-"136481","2019-02-18 23:06:23","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136481/"
+"136481","2019-02-18 23:06:23","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136481/"
 "136480","2019-02-18 23:06:18","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136480/"
 "136479","2019-02-18 23:06:17","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136479/"
 "136478","2019-02-18 23:06:16","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136478/"
@@ -4800,7 +5351,7 @@
 "136459","2019-02-18 23:04:34","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136459/"
 "136458","2019-02-18 23:04:19","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136458/"
 "136457","2019-02-18 23:04:13","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136457/"
-"136456","2019-02-18 23:04:06","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136456/"
+"136456","2019-02-18 23:04:06","http://outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136456/"
 "136455","2019-02-18 23:03:58","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136455/"
 "136454","2019-02-18 23:03:55","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136454/"
 "136453","2019-02-18 23:03:49","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136453/"
@@ -4813,7 +5364,7 @@
 "136446","2019-02-18 23:03:26","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136446/"
 "136445","2019-02-18 23:03:23","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136445/"
 "136444","2019-02-18 23:03:20","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136444/"
-"136443","2019-02-18 23:03:15","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136443/"
+"136443","2019-02-18 23:03:15","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136443/"
 "136442","2019-02-18 23:03:12","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136442/"
 "136441","2019-02-18 23:03:09","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136441/"
 "136440","2019-02-18 23:03:06","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136440/"
@@ -4832,7 +5383,7 @@
 "136427","2019-02-18 23:02:22","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136427/"
 "136426","2019-02-18 23:02:17","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136426/"
 "136425","2019-02-18 23:02:13","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136425/"
-"136424","2019-02-18 23:02:10","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136424/"
+"136424","2019-02-18 23:02:10","https://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136424/"
 "136423","2019-02-18 23:02:06","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136423/"
 "136422","2019-02-18 23:01:59","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136422/"
 "136421","2019-02-18 23:01:38","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136421/"
@@ -4853,7 +5404,7 @@
 "136406","2019-02-18 22:59:51","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136406/"
 "136405","2019-02-18 22:59:43","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136405/"
 "136404","2019-02-18 22:59:39","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136404/"
-"136403","2019-02-18 22:59:36","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136403/"
+"136403","2019-02-18 22:59:36","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136403/"
 "136401","2019-02-18 22:59:29","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136401/"
 "136402","2019-02-18 22:59:29","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136402/"
 "136400","2019-02-18 22:59:28","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136400/"
@@ -4878,7 +5429,7 @@
 "136381","2019-02-18 22:57:28","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136381/"
 "136380","2019-02-18 22:57:10","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136380/"
 "136379","2019-02-18 22:57:04","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136379/"
-"136378","2019-02-18 22:56:58","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136378/"
+"136378","2019-02-18 22:56:58","http://ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136378/"
 "136376","2019-02-18 22:56:40","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136376/"
 "136377","2019-02-18 22:56:40","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136377/"
 "136374","2019-02-18 22:56:39","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/world/vcx.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136374/"
@@ -4891,7 +5442,7 @@
 "136368","2019-02-18 22:56:21","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136368/"
 "136367","2019-02-18 22:56:18","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136367/"
 "136366","2019-02-18 22:56:15","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136366/"
-"136365","2019-02-18 22:56:10","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136365/"
+"136365","2019-02-18 22:56:10","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136365/"
 "136364","2019-02-18 22:56:07","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136364/"
 "136363","2019-02-18 22:56:04","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136363/"
 "136362","2019-02-18 22:56:01","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136362/"
@@ -4910,7 +5461,7 @@
 "136349","2019-02-18 22:55:21","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136349/"
 "136348","2019-02-18 22:55:17","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136348/"
 "136347","2019-02-18 22:55:14","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136347/"
-"136346","2019-02-18 22:55:12","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136346/"
+"136346","2019-02-18 22:55:12","https://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136346/"
 "136345","2019-02-18 22:55:09","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136345/"
 "136344","2019-02-18 22:55:05","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136344/"
 "136343","2019-02-18 22:54:49","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136343/"
@@ -4930,7 +5481,7 @@
 "136329","2019-02-18 22:53:28","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136329/"
 "136328","2019-02-18 22:53:27","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136328/"
 "136327","2019-02-18 22:53:25","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136327/"
-"136325","2019-02-18 22:53:24","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136325/"
+"136325","2019-02-18 22:53:24","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136325/"
 "136326","2019-02-18 22:53:24","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136326/"
 "136324","2019-02-18 22:53:23","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136324/"
 "136321","2019-02-18 22:53:22","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136321/"
@@ -4956,7 +5507,7 @@
 "136303","2019-02-18 22:52:03","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136303/"
 "136302","2019-02-18 22:51:57","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136302/"
 "136301","2019-02-18 22:51:55","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136301/"
-"136300","2019-02-18 22:51:50","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136300/"
+"136300","2019-02-18 22:51:50","http://hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136300/"
 "136299","2019-02-18 22:51:42","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136299/"
 "136298","2019-02-18 22:51:38","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136298/"
 "136297","2019-02-18 22:51:33","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136297/"
@@ -4969,7 +5520,7 @@
 "136290","2019-02-18 22:50:59","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136290/"
 "136289","2019-02-18 22:50:53","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136289/"
 "136288","2019-02-18 22:50:47","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136288/"
-"136287","2019-02-18 22:50:43","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136287/"
+"136287","2019-02-18 22:50:43","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136287/"
 "136286","2019-02-18 22:50:40","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136286/"
 "136285","2019-02-18 22:50:37","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136285/"
 "136284","2019-02-18 22:50:33","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136284/"
@@ -4988,7 +5539,7 @@
 "136271","2019-02-18 22:49:26","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136271/"
 "136270","2019-02-18 22:49:22","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136270/"
 "136269","2019-02-18 22:49:20","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136269/"
-"136268","2019-02-18 22:49:17","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136268/"
+"136268","2019-02-18 22:49:17","https://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136268/"
 "136267","2019-02-18 22:49:15","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136267/"
 "136266","2019-02-18 22:49:13","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136266/"
 "136265","2019-02-18 22:49:01","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136265/"
@@ -5009,7 +5560,7 @@
 "136250","2019-02-18 22:47:43","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136250/"
 "136249","2019-02-18 22:47:33","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136249/"
 "136248","2019-02-18 22:47:31","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136248/"
-"136247","2019-02-18 22:47:30","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136247/"
+"136247","2019-02-18 22:47:30","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136247/"
 "136244","2019-02-18 22:47:27","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136244/"
 "136245","2019-02-18 22:47:27","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136245/"
 "136246","2019-02-18 22:47:27","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136246/"
@@ -5034,7 +5585,7 @@
 "136225","2019-02-18 22:46:48","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136225/"
 "136224","2019-02-18 22:46:45","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136224/"
 "136223","2019-02-18 22:46:43","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136223/"
-"136222","2019-02-18 22:46:39","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136222/"
+"136222","2019-02-18 22:46:39","http://co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136222/"
 "136221","2019-02-18 22:46:31","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136221/"
 "136220","2019-02-18 22:46:27","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136220/"
 "136219","2019-02-18 22:46:22","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136219/"
@@ -5047,7 +5598,7 @@
 "136212","2019-02-18 22:45:56","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136212/"
 "136211","2019-02-18 22:45:52","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136211/"
 "136210","2019-02-18 22:45:50","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136210/"
-"136209","2019-02-18 22:45:47","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136209/"
+"136209","2019-02-18 22:45:47","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136209/"
 "136208","2019-02-18 22:45:45","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136208/"
 "136207","2019-02-18 22:45:43","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136207/"
 "136206","2019-02-18 22:45:40","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136206/"
@@ -5066,7 +5617,7 @@
 "136193","2019-02-18 22:45:04","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136193/"
 "136192","2019-02-18 22:45:01","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136192/"
 "136191","2019-02-18 22:44:58","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136191/"
-"136190","2019-02-18 22:44:56","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136190/"
+"136190","2019-02-18 22:44:56","https://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136190/"
 "136189","2019-02-18 22:44:53","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136189/"
 "136188","2019-02-18 22:44:51","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136188/"
 "136187","2019-02-18 22:44:48","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136187/"
@@ -5087,7 +5638,7 @@
 "136172","2019-02-18 22:44:29","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136172/"
 "136171","2019-02-18 22:44:28","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136171/"
 "136170","2019-02-18 22:44:27","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136170/"
-"136169","2019-02-18 22:44:26","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136169/"
+"136169","2019-02-18 22:44:26","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136169/"
 "136166","2019-02-18 22:44:25","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136166/"
 "136167","2019-02-18 22:44:25","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136167/"
 "136168","2019-02-18 22:44:25","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136168/"
@@ -5112,7 +5663,7 @@
 "136147","2019-02-18 22:43:57","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136147/"
 "136146","2019-02-18 22:43:54","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136146/"
 "136145","2019-02-18 22:43:53","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136145/"
-"136144","2019-02-18 22:43:52","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136144/"
+"136144","2019-02-18 22:43:52","http://zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136144/"
 "136143","2019-02-18 22:43:49","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136143/"
 "136142","2019-02-18 22:43:46","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136142/"
 "136141","2019-02-18 22:43:41","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136141/"
@@ -5125,7 +5676,7 @@
 "136134","2019-02-18 22:43:21","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136134/"
 "136133","2019-02-18 22:43:19","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136133/"
 "136132","2019-02-18 22:43:16","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136132/"
-"136131","2019-02-18 22:43:14","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136131/"
+"136131","2019-02-18 22:43:14","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136131/"
 "136130","2019-02-18 22:43:11","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136130/"
 "136129","2019-02-18 22:43:09","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136129/"
 "136128","2019-02-18 22:43:06","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136128/"
@@ -5144,7 +5695,7 @@
 "136115","2019-02-18 22:42:35","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136115/"
 "136114","2019-02-18 22:42:32","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136114/"
 "136113","2019-02-18 22:42:29","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136113/"
-"136112","2019-02-18 22:42:27","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136112/"
+"136112","2019-02-18 22:42:27","https://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136112/"
 "136111","2019-02-18 22:42:25","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136111/"
 "136110","2019-02-18 22:42:23","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136110/"
 "136109","2019-02-18 22:42:21","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136109/"
@@ -5164,7 +5715,7 @@
 "136095","2019-02-18 22:42:05","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136095/"
 "136094","2019-02-18 22:42:03","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136094/"
 "136093","2019-02-18 22:42:02","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136093/"
-"136091","2019-02-18 22:42:01","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136091/"
+"136091","2019-02-18 22:42:01","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136091/"
 "136092","2019-02-18 22:42:01","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136092/"
 "136088","2019-02-18 22:41:59","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136088/"
 "136089","2019-02-18 22:41:59","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136089/"
@@ -5190,7 +5741,7 @@
 "136069","2019-02-18 22:41:42","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136069/"
 "136068","2019-02-18 22:41:40","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136068/"
 "136067","2019-02-18 22:41:39","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136067/"
-"136066","2019-02-18 22:41:38","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136066/"
+"136066","2019-02-18 22:41:38","http://coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136066/"
 "136065","2019-02-18 22:41:34","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136065/"
 "136064","2019-02-18 22:41:32","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136064/"
 "136063","2019-02-18 22:41:27","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136063/"
@@ -5203,7 +5754,7 @@
 "136056","2019-02-18 22:41:04","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136056/"
 "136055","2019-02-18 22:41:01","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136055/"
 "136054","2019-02-18 22:40:59","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136054/"
-"136053","2019-02-18 22:40:56","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136053/"
+"136053","2019-02-18 22:40:56","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136053/"
 "136052","2019-02-18 22:40:54","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136052/"
 "136051","2019-02-18 22:40:51","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136051/"
 "136050","2019-02-18 22:40:49","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/136050/"
@@ -5222,7 +5773,7 @@
 "136037","2019-02-18 22:40:10","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136037/"
 "136036","2019-02-18 22:40:05","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136036/"
 "136035","2019-02-18 22:40:03","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136035/"
-"136034","2019-02-18 22:40:00","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136034/"
+"136034","2019-02-18 22:40:00","https://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136034/"
 "136033","2019-02-18 22:39:57","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136033/"
 "136032","2019-02-18 22:39:56","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136032/"
 "136031","2019-02-18 22:39:53","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136031/"
@@ -5242,7 +5793,7 @@
 "136017","2019-02-18 22:39:37","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136017/"
 "136016","2019-02-18 22:39:36","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136016/"
 "136015","2019-02-18 22:39:34","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136015/"
-"136014","2019-02-18 22:39:33","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136014/"
+"136014","2019-02-18 22:39:33","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/136014/"
 "136011","2019-02-18 22:39:31","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136011/"
 "136012","2019-02-18 22:39:31","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136012/"
 "136013","2019-02-18 22:39:31","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/136013/"
@@ -5268,7 +5819,7 @@
 "135991","2019-02-18 22:37:49","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135991/"
 "135990","2019-02-18 22:37:32","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135990/"
 "135989","2019-02-18 22:37:27","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135989/"
-"135988","2019-02-18 22:37:20","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135988/"
+"135988","2019-02-18 22:37:20","http://roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135988/"
 "135987","2019-02-18 22:37:12","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135987/"
 "135986","2019-02-18 22:37:09","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135986/"
 "135985","2019-02-18 22:37:03","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135985/"
@@ -5281,7 +5832,7 @@
 "135978","2019-02-18 22:36:37","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135978/"
 "135977","2019-02-18 22:36:33","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135977/"
 "135976","2019-02-18 22:36:30","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135976/"
-"135975","2019-02-18 22:36:27","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135975/"
+"135975","2019-02-18 22:36:27","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135975/"
 "135974","2019-02-18 22:36:23","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135974/"
 "135973","2019-02-18 22:36:20","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135973/"
 "135972","2019-02-18 22:36:17","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135972/"
@@ -5300,7 +5851,7 @@
 "135959","2019-02-18 22:35:31","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135959/"
 "135958","2019-02-18 22:35:25","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135958/"
 "135957","2019-02-18 22:35:21","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135957/"
-"135956","2019-02-18 22:35:18","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135956/"
+"135956","2019-02-18 22:35:18","https://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135956/"
 "135955","2019-02-18 22:35:14","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135955/"
 "135954","2019-02-18 22:35:05","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135954/"
 "135953","2019-02-18 22:34:41","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135953/"
@@ -5321,7 +5872,7 @@
 "135938","2019-02-18 22:32:38","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135938/"
 "135937","2019-02-18 22:32:26","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135937/"
 "135936","2019-02-18 22:32:20","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135936/"
-"135935","2019-02-18 22:32:16","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135935/"
+"135935","2019-02-18 22:32:16","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135935/"
 "135934","2019-02-18 22:32:07","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135934/"
 "135933","2019-02-18 22:32:03","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135933/"
 "135932","2019-02-18 22:32:01","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135932/"
@@ -5346,7 +5897,7 @@
 "135913","2019-02-18 22:29:18","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135913/"
 "135912","2019-02-18 22:29:03","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135912/"
 "135911","2019-02-18 22:28:58","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135911/"
-"135910","2019-02-18 22:28:52","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135910/"
+"135910","2019-02-18 22:28:52","http://easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135910/"
 "135909","2019-02-18 22:28:47","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135909/"
 "135908","2019-02-18 22:28:43","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135908/"
 "135907","2019-02-18 22:28:37","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135907/"
@@ -5359,7 +5910,7 @@
 "135900","2019-02-18 22:28:04","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135900/"
 "135899","2019-02-18 22:28:01","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135899/"
 "135898","2019-02-18 22:27:58","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135898/"
-"135897","2019-02-18 22:27:55","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135897/"
+"135897","2019-02-18 22:27:55","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135897/"
 "135896","2019-02-18 22:27:52","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135896/"
 "135895","2019-02-18 22:27:49","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135895/"
 "135894","2019-02-18 22:27:46","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135894/"
@@ -5378,7 +5929,7 @@
 "135881","2019-02-18 22:27:13","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135881/"
 "135880","2019-02-18 22:27:09","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135880/"
 "135879","2019-02-18 22:27:06","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135879/"
-"135878","2019-02-18 22:27:02","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135878/"
+"135878","2019-02-18 22:27:02","https://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135878/"
 "135877","2019-02-18 22:26:56","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135877/"
 "135876","2019-02-18 22:26:53","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135876/"
 "135875","2019-02-18 22:26:51","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135875/"
@@ -5398,7 +5949,7 @@
 "135861","2019-02-18 22:25:15","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135861/"
 "135860","2019-02-18 22:25:05","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135860/"
 "135859","2019-02-18 22:24:54","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135859/"
-"135857","2019-02-18 22:24:45","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135857/"
+"135857","2019-02-18 22:24:45","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135857/"
 "135858","2019-02-18 22:24:45","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135858/"
 "135856","2019-02-18 22:24:40","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135856/"
 "135855","2019-02-18 22:24:38","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135855/"
@@ -5424,7 +5975,7 @@
 "135835","2019-02-18 22:23:13","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135835/"
 "135834","2019-02-18 22:23:10","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135834/"
 "135833","2019-02-18 22:23:09","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135833/"
-"135832","2019-02-18 22:23:06","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135832/"
+"135832","2019-02-18 22:23:06","http://ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135832/"
 "135831","2019-02-18 22:22:55","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135831/"
 "135830","2019-02-18 22:22:49","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135830/"
 "135829","2019-02-18 22:22:44","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135829/"
@@ -5437,7 +5988,7 @@
 "135822","2019-02-18 22:22:15","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135822/"
 "135821","2019-02-18 22:22:10","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135821/"
 "135820","2019-02-18 22:22:05","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135820/"
-"135819","2019-02-18 22:21:59","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135819/"
+"135819","2019-02-18 22:21:59","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135819/"
 "135818","2019-02-18 22:21:55","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135818/"
 "135817","2019-02-18 22:21:52","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135817/"
 "135816","2019-02-18 22:21:49","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135816/"
@@ -5456,7 +6007,7 @@
 "135803","2019-02-18 22:20:55","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135803/"
 "135802","2019-02-18 22:20:45","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135802/"
 "135801","2019-02-18 22:20:41","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135801/"
-"135800","2019-02-18 22:20:36","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135800/"
+"135800","2019-02-18 22:20:36","https://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135800/"
 "135799","2019-02-18 22:20:32","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135799/"
 "135798","2019-02-18 22:20:25","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135798/"
 "135797","2019-02-18 22:20:18","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135797/"
@@ -5477,7 +6028,7 @@
 "135782","2019-02-18 22:19:07","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135782/"
 "135781","2019-02-18 22:19:05","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135781/"
 "135780","2019-02-18 22:18:22","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135780/"
-"135779","2019-02-18 22:18:21","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135779/"
+"135779","2019-02-18 22:18:21","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135779/"
 "135778","2019-02-18 22:18:15","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135778/"
 "135777","2019-02-18 22:18:14","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135777/"
 "135776","2019-02-18 22:18:12","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135776/"
@@ -5502,7 +6053,7 @@
 "135757","2019-02-18 22:17:43","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135757/"
 "135756","2019-02-18 22:17:41","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135756/"
 "135755","2019-02-18 22:17:40","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135755/"
-"135754","2019-02-18 22:17:38","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135754/"
+"135754","2019-02-18 22:17:38","http://infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135754/"
 "135753","2019-02-18 22:17:35","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135753/"
 "135752","2019-02-18 22:17:33","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135752/"
 "135751","2019-02-18 22:17:29","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135751/"
@@ -5515,7 +6066,7 @@
 "135744","2019-02-18 22:17:10","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135744/"
 "135743","2019-02-18 22:17:07","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135743/"
 "135742","2019-02-18 22:17:05","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135742/"
-"135741","2019-02-18 22:17:02","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135741/"
+"135741","2019-02-18 22:17:02","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135741/"
 "135740","2019-02-18 22:16:59","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135740/"
 "135739","2019-02-18 22:16:57","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135739/"
 "135738","2019-02-18 22:16:54","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135738/"
@@ -5534,7 +6085,7 @@
 "135725","2019-02-18 22:16:24","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135725/"
 "135724","2019-02-18 22:16:20","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135724/"
 "135723","2019-02-18 22:16:18","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135723/"
-"135722","2019-02-18 22:16:15","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135722/"
+"135722","2019-02-18 22:16:15","https://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135722/"
 "135721","2019-02-18 22:16:12","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135721/"
 "135720","2019-02-18 22:16:10","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135720/"
 "135719","2019-02-18 22:16:07","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135719/"
@@ -5554,7 +6105,7 @@
 "135705","2019-02-18 22:15:49","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135705/"
 "135704","2019-02-18 22:15:47","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135704/"
 "135703","2019-02-18 22:15:46","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135703/"
-"135701","2019-02-18 22:15:45","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135701/"
+"135701","2019-02-18 22:15:45","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135701/"
 "135702","2019-02-18 22:15:45","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135702/"
 "135699","2019-02-18 22:15:43","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135699/"
 "135700","2019-02-18 22:15:43","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135700/"
@@ -5580,7 +6131,7 @@
 "135679","2019-02-18 22:15:20","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135679/"
 "135678","2019-02-18 22:15:17","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135678/"
 "135677","2019-02-18 22:15:15","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135677/"
-"135676","2019-02-18 22:15:13","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135676/"
+"135676","2019-02-18 22:15:13","http://brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135676/"
 "135675","2019-02-18 22:15:10","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135675/"
 "135674","2019-02-18 22:15:07","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135674/"
 "135673","2019-02-18 22:15:03","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135673/"
@@ -5593,7 +6144,7 @@
 "135666","2019-02-18 22:14:43","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135666/"
 "135665","2019-02-18 22:14:40","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135665/"
 "135664","2019-02-18 22:14:38","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135664/"
-"135663","2019-02-18 22:14:35","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135663/"
+"135663","2019-02-18 22:14:35","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135663/"
 "135662","2019-02-18 22:14:33","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135662/"
 "135661","2019-02-18 22:14:30","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135661/"
 "135660","2019-02-18 22:14:28","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135660/"
@@ -5612,7 +6163,7 @@
 "135647","2019-02-18 22:13:56","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135647/"
 "135646","2019-02-18 22:13:52","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135646/"
 "135645","2019-02-18 22:13:49","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135645/"
-"135644","2019-02-18 22:13:47","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135644/"
+"135644","2019-02-18 22:13:47","https://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135644/"
 "135643","2019-02-18 22:13:45","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135643/"
 "135642","2019-02-18 22:13:43","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135642/"
 "135641","2019-02-18 22:13:41","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135641/"
@@ -5633,7 +6184,7 @@
 "135626","2019-02-18 22:13:23","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135626/"
 "135625","2019-02-18 22:13:22","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135625/"
 "135624","2019-02-18 22:13:21","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135624/"
-"135623","2019-02-18 22:13:20","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135623/"
+"135623","2019-02-18 22:13:20","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135623/"
 "135620","2019-02-18 22:13:19","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135620/"
 "135621","2019-02-18 22:13:19","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135621/"
 "135622","2019-02-18 22:13:19","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135622/"
@@ -5658,7 +6209,7 @@
 "135601","2019-02-18 22:12:55","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135601/"
 "135600","2019-02-18 22:12:38","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135600/"
 "135599","2019-02-18 22:12:26","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135599/"
-"135598","2019-02-18 22:12:17","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135598/"
+"135598","2019-02-18 22:12:17","http://www.lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135598/"
 "135597","2019-02-18 22:12:09","https://www.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135597/"
 "135596","2019-02-18 22:12:03","https://www.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135596/"
 "135595","2019-02-18 22:11:56","https://www.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135595/"
@@ -5671,7 +6222,7 @@
 "135588","2019-02-18 22:11:24","https://www.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135588/"
 "135587","2019-02-18 22:11:20","https://www.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135587/"
 "135586","2019-02-18 22:11:14","https://www.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135586/"
-"135585","2019-02-18 22:11:07","https://www.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135585/"
+"135585","2019-02-18 22:11:07","https://www.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135585/"
 "135584","2019-02-18 22:11:01","https://www.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135584/"
 "135583","2019-02-18 22:10:57","https://www.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135583/"
 "135582","2019-02-18 22:10:52","https://www.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135582/"
@@ -5690,7 +6241,7 @@
 "135569","2019-02-18 22:09:37","https://www.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135569/"
 "135568","2019-02-18 22:09:30","https://www.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135568/"
 "135567","2019-02-18 22:09:27","https://www.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135567/"
-"135566","2019-02-18 22:09:23","https://www.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135566/"
+"135566","2019-02-18 22:09:23","https://www.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135566/"
 "135565","2019-02-18 22:09:20","http://www.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135565/"
 "135564","2019-02-18 22:09:11","http://www.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135564/"
 "135563","2019-02-18 22:08:49","http://www.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135563/"
@@ -5711,7 +6262,7 @@
 "135548","2019-02-18 22:06:30","http://www.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135548/"
 "135547","2019-02-18 22:06:19","http://www.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135547/"
 "135546","2019-02-18 22:06:14","http://www.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135546/"
-"135545","2019-02-18 22:06:12","http://www.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135545/"
+"135545","2019-02-18 22:06:12","http://www.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135545/"
 "135544","2019-02-18 22:06:03","http://www.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135544/"
 "135543","2019-02-18 22:06:01","http://www.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135543/"
 "135542","2019-02-18 22:05:58","http://www.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135542/"
@@ -5736,7 +6287,7 @@
 "135523","2019-02-18 22:03:01","http://www.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135523/"
 "135522","2019-02-18 22:02:36","http://www.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135522/"
 "135521","2019-02-18 22:02:29","http://www.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135521/"
-"135520","2019-02-18 22:02:20","http://www.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135520/"
+"135520","2019-02-18 22:02:20","http://www.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135520/"
 "135519","2019-02-18 22:02:11","https://tial.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135519/"
 "135518","2019-02-18 22:02:05","https://tial.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135518/"
 "135517","2019-02-18 22:01:58","https://tial.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135517/"
@@ -5749,7 +6300,7 @@
 "135510","2019-02-18 22:01:26","https://tial.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135510/"
 "135509","2019-02-18 22:01:23","https://tial.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135509/"
 "135508","2019-02-18 22:01:20","https://tial.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135508/"
-"135507","2019-02-18 22:01:15","https://tial.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135507/"
+"135507","2019-02-18 22:01:15","https://tial.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135507/"
 "135506","2019-02-18 22:01:11","https://tial.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135506/"
 "135505","2019-02-18 22:01:07","https://tial.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135505/"
 "135504","2019-02-18 22:01:03","https://tial.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135504/"
@@ -5768,7 +6319,7 @@
 "135491","2019-02-18 22:00:21","https://tial.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135491/"
 "135490","2019-02-18 22:00:07","https://tial.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135490/"
 "135489","2019-02-18 22:00:05","https://tial.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135489/"
-"135488","2019-02-18 22:00:02","https://tial.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135488/"
+"135488","2019-02-18 22:00:02","https://tial.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135488/"
 "135487","2019-02-18 21:59:57","http://tial.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135487/"
 "135486","2019-02-18 21:59:55","http://tial.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135486/"
 "135485","2019-02-18 21:59:52","http://tial.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135485/"
@@ -5789,7 +6340,7 @@
 "135470","2019-02-18 21:59:31","http://tial.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135470/"
 "135469","2019-02-18 21:59:25","http://tial.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135469/"
 "135468","2019-02-18 21:59:20","http://tial.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135468/"
-"135467","2019-02-18 21:59:19","http://tial.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135467/"
+"135467","2019-02-18 21:59:19","http://tial.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135467/"
 "135466","2019-02-18 21:59:12","http://tial.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135466/"
 "135465","2019-02-18 21:59:11","http://tial.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135465/"
 "135464","2019-02-18 21:59:10","http://tial.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135464/"
@@ -5814,7 +6365,7 @@
 "135445","2019-02-18 21:57:09","http://tial.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135445/"
 "135444","2019-02-18 21:56:52","http://tial.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135444/"
 "135443","2019-02-18 21:56:47","http://tial.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135443/"
-"135442","2019-02-18 21:56:40","http://tial.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135442/"
+"135442","2019-02-18 21:56:40","http://tial.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135442/"
 "135441","2019-02-18 21:56:34","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135441/"
 "135440","2019-02-18 21:56:27","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135440/"
 "135439","2019-02-18 21:56:21","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135439/"
@@ -5827,7 +6378,7 @@
 "135432","2019-02-18 21:55:39","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135432/"
 "135431","2019-02-18 21:55:34","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135431/"
 "135430","2019-02-18 21:55:22","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135430/"
-"135429","2019-02-18 21:55:18","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135429/"
+"135429","2019-02-18 21:55:18","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135429/"
 "135428","2019-02-18 21:55:14","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135428/"
 "135427","2019-02-18 21:55:07","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135427/"
 "135426","2019-02-18 21:54:56","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135426/"
@@ -5846,7 +6397,7 @@
 "135413","2019-02-18 21:53:39","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135413/"
 "135412","2019-02-18 21:53:32","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135412/"
 "135411","2019-02-18 21:53:28","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135411/"
-"135410","2019-02-18 21:53:23","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135410/"
+"135410","2019-02-18 21:53:23","https://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135410/"
 "135409","2019-02-18 21:53:20","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135409/"
 "135408","2019-02-18 21:53:12","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135408/"
 "135407","2019-02-18 21:53:03","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135407/"
@@ -5867,7 +6418,7 @@
 "135392","2019-02-18 21:52:17","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135392/"
 "135391","2019-02-18 21:52:07","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135391/"
 "135390","2019-02-18 21:51:39","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135390/"
-"135389","2019-02-18 21:51:36","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135389/"
+"135389","2019-02-18 21:51:36","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135389/"
 "135387","2019-02-18 21:51:30","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135387/"
 "135388","2019-02-18 21:51:30","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135388/"
 "135386","2019-02-18 21:51:29","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135386/"
@@ -5892,7 +6443,7 @@
 "135367","2019-02-18 21:50:15","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135367/"
 "135366","2019-02-18 21:50:11","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135366/"
 "135365","2019-02-18 21:50:06","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135365/"
-"135364","2019-02-18 21:50:04","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135364/"
+"135364","2019-02-18 21:50:04","http://qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135364/"
 "135363","2019-02-18 21:49:56","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135363/"
 "135362","2019-02-18 21:49:54","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135362/"
 "135361","2019-02-18 21:49:50","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135361/"
@@ -5905,7 +6456,7 @@
 "135354","2019-02-18 21:49:31","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135354/"
 "135353","2019-02-18 21:49:26","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135353/"
 "135352","2019-02-18 21:49:24","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135352/"
-"135351","2019-02-18 21:49:21","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135351/"
+"135351","2019-02-18 21:49:21","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135351/"
 "135350","2019-02-18 21:49:18","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135350/"
 "135349","2019-02-18 21:49:16","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135349/"
 "135348","2019-02-18 21:49:14","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135348/"
@@ -5924,7 +6475,7 @@
 "135335","2019-02-18 21:48:43","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135335/"
 "135334","2019-02-18 21:48:39","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135334/"
 "135333","2019-02-18 21:48:37","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135333/"
-"135332","2019-02-18 21:48:34","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135332/"
+"135332","2019-02-18 21:48:34","https://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135332/"
 "135331","2019-02-18 21:48:32","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135331/"
 "135330","2019-02-18 21:48:31","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135330/"
 "135329","2019-02-18 21:48:28","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135329/"
@@ -5944,7 +6495,7 @@
 "135315","2019-02-18 21:48:12","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135315/"
 "135314","2019-02-18 21:48:10","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135314/"
 "135313","2019-02-18 21:48:09","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135313/"
-"135311","2019-02-18 21:48:08","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135311/"
+"135311","2019-02-18 21:48:08","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135311/"
 "135312","2019-02-18 21:48:08","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135312/"
 "135308","2019-02-18 21:48:06","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135308/"
 "135309","2019-02-18 21:48:06","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135309/"
@@ -5970,7 +6521,7 @@
 "135289","2019-02-18 21:47:47","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135289/"
 "135288","2019-02-18 21:47:45","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135288/"
 "135287","2019-02-18 21:47:44","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135287/"
-"135286","2019-02-18 21:47:42","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135286/"
+"135286","2019-02-18 21:47:42","http://hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135286/"
 "135285","2019-02-18 21:47:39","https://m.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135285/"
 "135284","2019-02-18 21:47:37","https://m.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135284/"
 "135283","2019-02-18 21:47:33","https://m.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135283/"
@@ -5983,7 +6534,7 @@
 "135276","2019-02-18 21:47:15","https://m.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135276/"
 "135275","2019-02-18 21:47:12","https://m.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135275/"
 "135274","2019-02-18 21:47:07","https://m.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135274/"
-"135273","2019-02-18 21:47:03","https://m.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135273/"
+"135273","2019-02-18 21:47:03","https://m.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135273/"
 "135272","2019-02-18 21:46:59","https://m.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135272/"
 "135271","2019-02-18 21:46:57","https://m.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135271/"
 "135270","2019-02-18 21:46:55","https://m.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135270/"
@@ -6002,7 +6553,7 @@
 "135257","2019-02-18 21:46:25","https://m.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135257/"
 "135256","2019-02-18 21:46:21","https://m.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135256/"
 "135255","2019-02-18 21:46:19","https://m.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135255/"
-"135254","2019-02-18 21:46:16","https://m.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135254/"
+"135254","2019-02-18 21:46:16","https://m.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135254/"
 "135253","2019-02-18 21:46:13","http://m.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135253/"
 "135252","2019-02-18 21:46:12","http://m.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135252/"
 "135251","2019-02-18 21:46:10","http://m.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135251/"
@@ -6022,7 +6573,7 @@
 "135237","2019-02-18 21:44:58","http://m.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135237/"
 "135236","2019-02-18 21:44:57","http://m.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135236/"
 "135235","2019-02-18 21:44:55","http://m.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135235/"
-"135233","2019-02-18 21:44:54","http://m.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135233/"
+"135233","2019-02-18 21:44:54","http://m.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135233/"
 "135234","2019-02-18 21:44:54","http://m.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135234/"
 "135231","2019-02-18 21:44:52","http://m.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135231/"
 "135232","2019-02-18 21:44:52","http://m.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135232/"
@@ -6048,10 +6599,10 @@
 "135211","2019-02-18 21:44:12","http://m.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135211/"
 "135210","2019-02-18 21:44:09","http://m.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135210/"
 "135209","2019-02-18 21:44:08","http://m.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135209/"
-"135208","2019-02-18 21:44:06","http://m.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135208/"
+"135208","2019-02-18 21:44:06","http://m.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135208/"
 "135207","2019-02-18 21:39:13","http://123.195.112.125:31793/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/135207/"
 "135206","2019-02-18 21:39:05","http://168.121.41.205:9081/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/135206/"
-"135205","2019-02-18 21:38:13","http://185.101.105.208:80/OwO/Tsunami.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/135205/"
+"135205","2019-02-18 21:38:13","http://185.101.105.208:80/OwO/Tsunami.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/135205/"
 "135204","2019-02-18 21:38:12","http://201.43.231.16:28324/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/135204/"
 "135203","2019-02-18 21:38:08","http://189.158.48.204:10980/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/135203/"
 "135202","2019-02-18 21:38:04","http://34.80.131.135:80/bins/yakuza.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/135202/"
@@ -6084,7 +6635,7 @@
 "135175","2019-02-18 18:53:25","http://mak-sports.kz/NhsgZulkV4l2Xmd9/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/135175/"
 "135174","2019-02-18 18:53:20","http://serhatevren.godohosting.com/postureview/5Dh6609/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/135174/"
 "135173","2019-02-18 18:50:05","http://kanyambu35.co.ke/De/CLWCXLVHSR8056391/Dokumente/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/135173/"
-"135172","2019-02-18 18:47:03","http://185.101.105.208/wget.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/135172/"
+"135172","2019-02-18 18:47:03","http://185.101.105.208/wget.sh","online","malware_download","None","https://urlhaus.abuse.ch/url/135172/"
 "135171","2019-02-18 18:15:55","https://doc-0c-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/cugqjmdbrdpevm5s29e8ahiv6uji4vch/1550505600000/09100922564250845248/*/1jJCQ-eDkrkIzQU4BBP2_nl-o6-tByUXI","offline","malware_download","exe","https://urlhaus.abuse.ch/url/135171/"
 "135170","2019-02-18 18:15:53","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135170/"
 "135169","2019-02-18 18:15:51","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135169/"
@@ -6098,7 +6649,7 @@
 "135161","2019-02-18 18:15:27","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135161/"
 "135160","2019-02-18 18:15:25","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135160/"
 "135159","2019-02-18 18:15:20","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135159/"
-"135158","2019-02-18 18:15:14","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135158/"
+"135158","2019-02-18 18:15:14","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135158/"
 "135157","2019-02-18 18:15:12","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135157/"
 "135156","2019-02-18 18:15:09","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135156/"
 "135155","2019-02-18 18:15:03","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135155/"
@@ -6117,7 +6668,7 @@
 "135142","2019-02-18 18:14:28","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135142/"
 "135141","2019-02-18 18:14:24","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135141/"
 "135140","2019-02-18 18:14:22","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135140/"
-"135139","2019-02-18 18:14:19","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135139/"
+"135139","2019-02-18 18:14:19","https://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135139/"
 "135138","2019-02-18 18:14:17","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135138/"
 "135137","2019-02-18 18:14:15","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135137/"
 "135136","2019-02-18 18:14:12","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135136/"
@@ -6138,7 +6689,7 @@
 "135121","2019-02-18 18:12:38","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135121/"
 "135120","2019-02-18 18:12:28","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135120/"
 "135119","2019-02-18 18:12:21","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135119/"
-"135118","2019-02-18 18:12:17","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135118/"
+"135118","2019-02-18 18:12:17","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135118/"
 "135117","2019-02-18 18:12:07","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135117/"
 "135116","2019-02-18 18:12:02","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135116/"
 "135115","2019-02-18 18:11:59","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135115/"
@@ -6163,7 +6714,7 @@
 "135096","2019-02-18 18:09:13","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135096/"
 "135095","2019-02-18 18:08:47","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135095/"
 "135094","2019-02-18 18:08:38","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135094/"
-"135093","2019-02-18 18:08:26","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135093/"
+"135093","2019-02-18 18:08:26","http://galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135093/"
 "135092","2019-02-18 18:08:14","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135092/"
 "135091","2019-02-18 18:08:06","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135091/"
 "135090","2019-02-18 18:07:59","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135090/"
@@ -6176,7 +6727,7 @@
 "135083","2019-02-18 18:07:26","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135083/"
 "135082","2019-02-18 18:07:23","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135082/"
 "135081","2019-02-18 18:07:19","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135081/"
-"135080","2019-02-18 18:07:15","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135080/"
+"135080","2019-02-18 18:07:15","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135080/"
 "135079","2019-02-18 18:07:11","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135079/"
 "135078","2019-02-18 18:07:08","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135078/"
 "135077","2019-02-18 18:07:04","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135077/"
@@ -6195,7 +6746,7 @@
 "135064","2019-02-18 18:06:08","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135064/"
 "135063","2019-02-18 18:06:00","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135063/"
 "135062","2019-02-18 18:05:55","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135062/"
-"135061","2019-02-18 18:05:50","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135061/"
+"135061","2019-02-18 18:05:50","https://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135061/"
 "135060","2019-02-18 18:05:44","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135060/"
 "135059","2019-02-18 18:05:34","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135059/"
 "135058","2019-02-18 18:05:11","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135058/"
@@ -6216,7 +6767,7 @@
 "135043","2019-02-18 18:02:51","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135043/"
 "135042","2019-02-18 18:02:42","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135042/"
 "135041","2019-02-18 18:02:39","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135041/"
-"135040","2019-02-18 18:02:38","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135040/"
+"135040","2019-02-18 18:02:38","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135040/"
 "135039","2019-02-18 18:02:34","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135039/"
 "135037","2019-02-18 18:02:33","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135037/"
 "135038","2019-02-18 18:02:33","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135038/"
@@ -6241,7 +6792,7 @@
 "135018","2019-02-18 18:00:18","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135018/"
 "135017","2019-02-18 18:00:08","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135017/"
 "135016","2019-02-18 18:00:04","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135016/"
-"135015","2019-02-18 17:59:58","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135015/"
+"135015","2019-02-18 17:59:58","http://comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135015/"
 "135014","2019-02-18 17:59:51","https://dential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135014/"
 "135013","2019-02-18 17:59:48","https://dential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135013/"
 "135012","2019-02-18 17:59:43","https://dential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135012/"
@@ -6254,7 +6805,7 @@
 "135005","2019-02-18 17:59:20","https://dential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135005/"
 "135004","2019-02-18 17:59:16","https://dential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135004/"
 "135003","2019-02-18 17:59:13","https://dential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135003/"
-"135002","2019-02-18 17:59:08","https://dential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135002/"
+"135002","2019-02-18 17:59:08","https://dential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/135002/"
 "135001","2019-02-18 17:59:03","https://dential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/135001/"
 "135000","2019-02-18 17:58:57","https://dential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/135000/"
 "134999","2019-02-18 17:58:52","https://dential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134999/"
@@ -6273,7 +6824,7 @@
 "134986","2019-02-18 17:57:31","https://dential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134986/"
 "134985","2019-02-18 17:57:24","https://dential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134985/"
 "134984","2019-02-18 17:57:20","https://dential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134984/"
-"134983","2019-02-18 17:57:14","https://dential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134983/"
+"134983","2019-02-18 17:57:14","https://dential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134983/"
 "134982","2019-02-18 17:57:08","http://dential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134982/"
 "134981","2019-02-18 17:56:59","http://dential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134981/"
 "134980","2019-02-18 17:56:36","http://dential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134980/"
@@ -6294,7 +6845,7 @@
 "134965","2019-02-18 17:54:57","http://dential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134965/"
 "134964","2019-02-18 17:54:48","http://dential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134964/"
 "134963","2019-02-18 17:54:44","http://dential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134963/"
-"134962","2019-02-18 17:54:43","http://dential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134962/"
+"134962","2019-02-18 17:54:43","http://dential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134962/"
 "134961","2019-02-18 17:54:36","http://dential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134961/"
 "134959","2019-02-18 17:54:35","http://dential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134959/"
 "134960","2019-02-18 17:54:35","http://dential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134960/"
@@ -6319,7 +6870,7 @@
 "134940","2019-02-18 17:52:05","http://dential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134940/"
 "134939","2019-02-18 17:51:46","http://dential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134939/"
 "134938","2019-02-18 17:51:40","http://dential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134938/"
-"134937","2019-02-18 17:51:26","http://dential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134937/"
+"134937","2019-02-18 17:51:26","http://dential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134937/"
 "134936","2019-02-18 17:51:13","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134936/"
 "134935","2019-02-18 17:51:05","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134935/"
 "134934","2019-02-18 17:50:55","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134934/"
@@ -6332,7 +6883,7 @@
 "134927","2019-02-18 17:49:37","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134927/"
 "134926","2019-02-18 17:49:31","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134926/"
 "134925","2019-02-18 17:49:24","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134925/"
-"134924","2019-02-18 17:49:19","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134924/"
+"134924","2019-02-18 17:49:19","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134924/"
 "134923","2019-02-18 17:49:15","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134923/"
 "134922","2019-02-18 17:49:07","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134922/"
 "134921","2019-02-18 17:49:03","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134921/"
@@ -6351,7 +6902,7 @@
 "134908","2019-02-18 17:48:04","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134908/"
 "134907","2019-02-18 17:48:01","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134907/"
 "134906","2019-02-18 17:47:58","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134906/"
-"134905","2019-02-18 17:47:55","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134905/"
+"134905","2019-02-18 17:47:55","https://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134905/"
 "134904","2019-02-18 17:47:53","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134904/"
 "134903","2019-02-18 17:47:52","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134903/"
 "134902","2019-02-18 17:47:50","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134902/"
@@ -6372,7 +6923,7 @@
 "134887","2019-02-18 17:47:35","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134887/"
 "134886","2019-02-18 17:47:34","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134886/"
 "134885","2019-02-18 17:47:33","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134885/"
-"134884","2019-02-18 17:47:32","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134884/"
+"134884","2019-02-18 17:47:32","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134884/"
 "134881","2019-02-18 17:47:31","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134881/"
 "134882","2019-02-18 17:47:31","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134882/"
 "134883","2019-02-18 17:47:31","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134883/"
@@ -6397,7 +6948,7 @@
 "134862","2019-02-18 17:47:12","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134862/"
 "134861","2019-02-18 17:47:10","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134861/"
 "134860","2019-02-18 17:47:09","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134860/"
-"134859","2019-02-18 17:47:08","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134859/"
+"134859","2019-02-18 17:47:08","http://royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134859/"
 "134858","2019-02-18 17:47:03","https://azubita107s3.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134858/"
 "134857","2019-02-18 17:47:01","https://azubita107s3.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134857/"
 "134856","2019-02-18 17:46:57","https://azubita107s3.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134856/"
@@ -6410,7 +6961,7 @@
 "134849","2019-02-18 17:46:37","https://azubita107s3.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134849/"
 "134848","2019-02-18 17:46:35","https://azubita107s3.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134848/"
 "134847","2019-02-18 17:46:32","https://azubita107s3.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134847/"
-"134846","2019-02-18 17:46:30","https://azubita107s3.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134846/"
+"134846","2019-02-18 17:46:30","https://azubita107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134846/"
 "134845","2019-02-18 17:46:22","https://azubita107s3.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134845/"
 "134844","2019-02-18 17:46:19","https://azubita107s3.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134844/"
 "134843","2019-02-18 17:46:17","https://azubita107s3.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134843/"
@@ -6429,7 +6980,7 @@
 "134830","2019-02-18 17:45:46","https://azubita107s3.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134830/"
 "134829","2019-02-18 17:45:42","https://azubita107s3.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134829/"
 "134828","2019-02-18 17:45:39","https://azubita107s3.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134828/"
-"134827","2019-02-18 17:45:37","https://azubita107s3.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134827/"
+"134827","2019-02-18 17:45:37","https://azubita107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134827/"
 "134826","2019-02-18 17:45:34","http://azubita107s3.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134826/"
 "134825","2019-02-18 17:45:33","http://azubita107s3.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134825/"
 "134824","2019-02-18 17:45:30","http://azubita107s3.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134824/"
@@ -6449,7 +7000,7 @@
 "134810","2019-02-18 17:45:11","http://azubita107s3.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134810/"
 "134809","2019-02-18 17:45:10","http://azubita107s3.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134809/"
 "134808","2019-02-18 17:45:09","http://azubita107s3.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134808/"
-"134806","2019-02-18 17:45:08","http://azubita107s3.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134806/"
+"134806","2019-02-18 17:45:08","http://azubita107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134806/"
 "134807","2019-02-18 17:45:08","http://azubita107s3.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134807/"
 "134805","2019-02-18 17:45:07","http://azubita107s3.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134805/"
 "134802","2019-02-18 17:45:06","http://azubita107s3.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134802/"
@@ -6475,7 +7026,7 @@
 "134784","2019-02-18 17:44:47","http://azubita107s3.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134784/"
 "134783","2019-02-18 17:44:45","http://azubita107s3.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134783/"
 "134782","2019-02-18 17:44:43","http://azubita107s3.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134782/"
-"134781","2019-02-18 17:44:42","http://azubita107s3.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134781/"
+"134781","2019-02-18 17:44:42","http://azubita107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134781/"
 "134780","2019-02-18 17:44:40","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134780/"
 "134779","2019-02-18 17:44:37","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134779/"
 "134778","2019-02-18 17:44:33","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134778/"
@@ -6488,7 +7039,7 @@
 "134771","2019-02-18 17:44:14","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134771/"
 "134770","2019-02-18 17:44:11","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134770/"
 "134769","2019-02-18 17:44:08","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134769/"
-"134768","2019-02-18 17:44:05","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134768/"
+"134768","2019-02-18 17:44:05","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134768/"
 "134767","2019-02-18 17:44:02","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134767/"
 "134766","2019-02-18 17:44:00","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134766/"
 "134765","2019-02-18 17:43:57","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134765/"
@@ -6507,7 +7058,7 @@
 "134752","2019-02-18 17:43:05","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134752/"
 "134751","2019-02-18 17:42:56","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134751/"
 "134750","2019-02-18 17:42:51","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134750/"
-"134749","2019-02-18 17:42:45","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134749/"
+"134749","2019-02-18 17:42:45","https://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134749/"
 "134748","2019-02-18 17:42:40","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134748/"
 "134747","2019-02-18 17:42:31","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134747/"
 "134746","2019-02-18 17:42:08","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134746/"
@@ -6527,7 +7078,7 @@
 "134732","2019-02-18 17:40:27","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134732/"
 "134731","2019-02-18 17:40:20","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134731/"
 "134730","2019-02-18 17:40:12","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134730/"
-"134728","2019-02-18 17:40:08","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134728/"
+"134728","2019-02-18 17:40:08","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134728/"
 "134729","2019-02-18 17:40:08","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134729/"
 "134727","2019-02-18 17:39:26","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134727/"
 "134726","2019-02-18 17:39:25","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134726/"
@@ -6553,11 +7104,11 @@
 "134706","2019-02-18 17:36:48","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134706/"
 "134705","2019-02-18 17:36:27","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134705/"
 "134704","2019-02-18 17:36:19","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134704/"
-"134703","2019-02-18 17:36:10","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134703/"
+"134703","2019-02-18 17:36:10","http://liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134703/"
 "134702","2019-02-18 17:20:13","http://www.m8life.by/img/8/doc.jar","offline","malware_download","Adwind,java,jrat","https://urlhaus.abuse.ch/url/134702/"
 "134701","2019-02-18 17:16:58","http://ewan-eg.com/de_DE/HIUDFO6011424/Rech/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134701/"
 "134700","2019-02-18 17:16:53","http://stemcoderacademy.com/DE/VQUILFX0406115/Dokumente/Fakturierung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134700/"
-"134699","2019-02-18 17:16:49","http://hifucancertreatment.com/wp-content/uploads/de_DE/BSRXYIQAH6181297/Rechnungs/FORM/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134699/"
+"134699","2019-02-18 17:16:49","http://hifucancertreatment.com/wp-content/uploads/de_DE/BSRXYIQAH6181297/Rechnungs/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134699/"
 "134698","2019-02-18 17:16:45","http://khobep.com/de_DE/DDJRDCWEP8029756/DE/Rechnungsanschrift/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134698/"
 "134697","2019-02-18 17:16:38","https://lun.otrweb.ru/De/ZXNGMWN0894915/Rechnungskorrektur/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134697/"
 "134696","2019-02-18 17:16:34","http://carolechabrand.it/de_DE/GSEPXGJ2403092/Rechnungs-Details/DOC)/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/134696/"
@@ -6565,11 +7116,11 @@
 "134694","2019-02-18 17:16:30","http://galinakulesh.ru/De/ANKKROCDIT2353710/Rechnung/DOC/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134694/"
 "134693","2019-02-18 17:16:29","http://allaboutpoolsnbuilder.com/Februar2019/PKATHTY6838758/Rechnung/Zahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134693/"
 "134692","2019-02-18 17:16:21","http://tekirmak.com.tr/De/KCRBCU2888095/Bestellungen/RECH/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134692/"
-"134691","2019-02-18 17:16:20","http://barabooseniorhigh.com/DE_de/LUECCPG5866963/Rechnungskorrektur/Hilfestellung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134691/"
+"134691","2019-02-18 17:16:20","http://barabooseniorhigh.com/DE_de/LUECCPG5866963/Rechnungskorrektur/Hilfestellung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134691/"
 "134690","2019-02-18 17:16:11","http://galeriakolash.com.ve/De/PECCOV0210662/DE/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134690/"
-"134689","2019-02-18 17:16:08","http://liketop.tk/de_DE/WGWLYMN2720375/Rechnungskorrektur/DETAILS/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134689/"
+"134689","2019-02-18 17:16:08","http://liketop.tk/de_DE/WGWLYMN2720375/Rechnungskorrektur/DETAILS/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/134689/"
 "134688","2019-02-18 17:15:07","http://mrm.lt/De_de/YLOAYY5488013/Rechnung/Rechnungszahlung/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134688/"
-"134687","2019-02-18 17:15:06","http://179.191.88.69/WJTTRDL1480899/gescanntes-Dokument/FORM/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134687/"
+"134687","2019-02-18 17:15:06","http://179.191.88.69/WJTTRDL1480899/gescanntes-Dokument/FORM/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134687/"
 "134686","2019-02-18 17:15:03","http://nexusinfor.com/De_de/SBBHOFYW9696888/Bestellungen/Hilfestellung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134686/"
 "134685","2019-02-18 17:15:01","http://ejder.com.tr/DE/ZQNHKR1331264/Dokumente/RECHNUNG/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134685/"
 "134683","2019-02-18 17:14:59","http://supportabc.xyz/De/RKJYJMUOS8480718/Dokumente/Zahlung/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134683/"
@@ -6587,7 +7138,7 @@
 "134672","2019-02-18 17:14:29","http://mincoindia.com/wp-content/bbi.jpg","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/134672/"
 "134671","2019-02-18 17:14:23","http://newsmediainvestigasi.com/DE_de/MAXFHCKAR7348726/Rech/DETAILS/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134671/"
 "134670","2019-02-18 17:14:21","http://hipecard.yazdvip.ir/DE/SMLBOT6236729/Scan/FORM/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134670/"
-"134669","2019-02-18 17:14:19","http://fwpanels.com/de_DE/XTCQHGI2765105/gescanntes-Dokument/Hilfestellung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134669/"
+"134669","2019-02-18 17:14:19","http://fwpanels.com/de_DE/XTCQHGI2765105/gescanntes-Dokument/Hilfestellung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134669/"
 "134668","2019-02-18 17:14:18","http://frog.cl/DE/TKOQRFP7767529/Rechnungskorrektur/RECHNUNG/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134668/"
 "134667","2019-02-18 17:14:13","http://fiat-fullback.ru/DE/BBTYHM4047363/Rechnung/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134667/"
 "134666","2019-02-18 17:14:12","http://dverliga.ru/De/AICQOQUE6714139/Rechnungskorrektur/Zahlung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/134666/"
@@ -6608,7 +7159,7 @@
 "134651","2019-02-18 17:12:55","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134651/"
 "134650","2019-02-18 17:12:52","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134650/"
 "134649","2019-02-18 17:12:50","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134649/"
-"134648","2019-02-18 17:12:47","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134648/"
+"134648","2019-02-18 17:12:47","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134648/"
 "134647","2019-02-18 17:12:44","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134647/"
 "134646","2019-02-18 17:12:42","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134646/"
 "134645","2019-02-18 17:12:40","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134645/"
@@ -6627,7 +7178,7 @@
 "134632","2019-02-18 17:12:09","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134632/"
 "134631","2019-02-18 17:12:04","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134631/"
 "134630","2019-02-18 17:12:02","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134630/"
-"134629","2019-02-18 17:11:59","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134629/"
+"134629","2019-02-18 17:11:59","https://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134629/"
 "134628","2019-02-18 17:11:56","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134628/"
 "134627","2019-02-18 17:11:55","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134627/"
 "134626","2019-02-18 17:11:53","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134626/"
@@ -6648,7 +7199,7 @@
 "134611","2019-02-18 17:11:36","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134611/"
 "134610","2019-02-18 17:11:35","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134610/"
 "134609","2019-02-18 17:11:34","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134609/"
-"134608","2019-02-18 17:11:33","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134608/"
+"134608","2019-02-18 17:11:33","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134608/"
 "134605","2019-02-18 17:11:32","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134605/"
 "134606","2019-02-18 17:11:32","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134606/"
 "134607","2019-02-18 17:11:32","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134607/"
@@ -6673,7 +7224,7 @@
 "134586","2019-02-18 17:11:13","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134586/"
 "134585","2019-02-18 17:11:09","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134585/"
 "134584","2019-02-18 17:11:08","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134584/"
-"134583","2019-02-18 17:11:07","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134583/"
+"134583","2019-02-18 17:11:07","http://norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134583/"
 "134582","2019-02-18 17:11:03","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134582/"
 "134581","2019-02-18 17:11:00","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134581/"
 "134580","2019-02-18 17:10:55","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134580/"
@@ -6686,7 +7237,7 @@
 "134573","2019-02-18 17:10:35","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134573/"
 "134572","2019-02-18 17:10:33","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134572/"
 "134571","2019-02-18 17:10:30","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134571/"
-"134570","2019-02-18 17:10:27","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134570/"
+"134570","2019-02-18 17:10:27","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134570/"
 "134569","2019-02-18 17:10:25","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134569/"
 "134568","2019-02-18 17:10:23","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134568/"
 "134567","2019-02-18 17:10:19","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134567/"
@@ -6705,7 +7256,7 @@
 "134554","2019-02-18 17:09:40","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134554/"
 "134553","2019-02-18 17:09:37","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134553/"
 "134552","2019-02-18 17:09:34","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134552/"
-"134551","2019-02-18 17:09:30","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134551/"
+"134551","2019-02-18 17:09:30","https://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134551/"
 "134550","2019-02-18 17:09:27","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134550/"
 "134549","2019-02-18 17:09:16","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134549/"
 "134548","2019-02-18 17:09:09","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134548/"
@@ -6725,7 +7276,7 @@
 "134534","2019-02-18 17:07:55","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134534/"
 "134533","2019-02-18 17:07:49","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134533/"
 "134532","2019-02-18 17:07:43","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134532/"
-"134530","2019-02-18 17:07:42","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134530/"
+"134530","2019-02-18 17:07:42","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134530/"
 "134531","2019-02-18 17:07:42","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134531/"
 "134527","2019-02-18 17:07:38","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134527/"
 "134528","2019-02-18 17:07:38","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134528/"
@@ -6751,7 +7302,7 @@
 "134508","2019-02-18 17:06:37","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134508/"
 "134507","2019-02-18 17:06:21","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134507/"
 "134506","2019-02-18 17:06:17","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134506/"
-"134505","2019-02-18 17:06:12","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134505/"
+"134505","2019-02-18 17:06:12","http://cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134505/"
 "134504","2019-02-18 17:06:06","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134504/"
 "134503","2019-02-18 17:06:03","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134503/"
 "134502","2019-02-18 17:05:58","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134502/"
@@ -6764,7 +7315,7 @@
 "134495","2019-02-18 17:05:32","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134495/"
 "134494","2019-02-18 17:05:29","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134494/"
 "134493","2019-02-18 17:05:25","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134493/"
-"134492","2019-02-18 17:05:22","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134492/"
+"134492","2019-02-18 17:05:22","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134492/"
 "134491","2019-02-18 17:05:19","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134491/"
 "134490","2019-02-18 17:05:16","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134490/"
 "134489","2019-02-18 17:05:11","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134489/"
@@ -6783,7 +7334,7 @@
 "134476","2019-02-18 17:04:26","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134476/"
 "134475","2019-02-18 17:04:20","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134475/"
 "134474","2019-02-18 17:04:17","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134474/"
-"134473","2019-02-18 17:04:14","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134473/"
+"134473","2019-02-18 17:04:14","https://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134473/"
 "134472","2019-02-18 17:04:10","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134472/"
 "134471","2019-02-18 17:04:06","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134471/"
 "134470","2019-02-18 17:03:52","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134470/"
@@ -6803,7 +7354,7 @@
 "134456","2019-02-18 17:02:38","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134456/"
 "134455","2019-02-18 17:02:29","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134455/"
 "134454","2019-02-18 17:02:21","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134454/"
-"134452","2019-02-18 17:02:17","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134452/"
+"134452","2019-02-18 17:02:17","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134452/"
 "134453","2019-02-18 17:02:17","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134453/"
 "134450","2019-02-18 17:02:11","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134450/"
 "134451","2019-02-18 17:02:11","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134451/"
@@ -6829,7 +7380,7 @@
 "134430","2019-02-18 17:00:12","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134430/"
 "134429","2019-02-18 17:00:00","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134429/"
 "134428","2019-02-18 16:59:59","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134428/"
-"134427","2019-02-18 16:59:57","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134427/"
+"134427","2019-02-18 16:59:57","http://ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134427/"
 "134426","2019-02-18 16:59:53","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134426/"
 "134425","2019-02-18 16:59:50","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134425/"
 "134424","2019-02-18 16:59:45","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134424/"
@@ -6842,7 +7393,7 @@
 "134417","2019-02-18 16:59:20","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134417/"
 "134416","2019-02-18 16:59:17","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134416/"
 "134415","2019-02-18 16:59:14","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134415/"
-"134414","2019-02-18 16:59:07","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134414/"
+"134414","2019-02-18 16:59:07","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134414/"
 "134413","2019-02-18 16:59:04","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134413/"
 "134412","2019-02-18 16:59:02","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134412/"
 "134411","2019-02-18 16:59:00","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134411/"
@@ -6861,7 +7412,7 @@
 "134398","2019-02-18 16:58:14","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134398/"
 "134397","2019-02-18 16:58:07","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134397/"
 "134396","2019-02-18 16:58:04","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134396/"
-"134395","2019-02-18 16:57:57","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134395/"
+"134395","2019-02-18 16:57:57","https://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134395/"
 "134394","2019-02-18 16:57:51","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134394/"
 "134393","2019-02-18 16:57:46","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134393/"
 "134392","2019-02-18 16:57:42","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134392/"
@@ -6882,7 +7433,7 @@
 "134377","2019-02-18 16:56:40","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134377/"
 "134376","2019-02-18 16:56:38","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134376/"
 "134375","2019-02-18 16:56:37","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134375/"
-"134374","2019-02-18 16:56:36","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134374/"
+"134374","2019-02-18 16:56:36","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134374/"
 "134373","2019-02-18 16:56:35","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134373/"
 "134369","2019-02-18 16:56:34","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134369/"
 "134370","2019-02-18 16:56:34","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134370/"
@@ -6907,7 +7458,7 @@
 "134352","2019-02-18 16:55:55","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134352/"
 "134351","2019-02-18 16:55:43","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134351/"
 "134350","2019-02-18 16:55:41","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134350/"
-"134349","2019-02-18 16:55:36","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134349/"
+"134349","2019-02-18 16:55:36","http://park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134349/"
 "134348","2019-02-18 16:55:28","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134348/"
 "134347","2019-02-18 16:55:25","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134347/"
 "134346","2019-02-18 16:55:19","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134346/"
@@ -6920,7 +7471,7 @@
 "134339","2019-02-18 16:54:37","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134339/"
 "134338","2019-02-18 16:54:32","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134338/"
 "134337","2019-02-18 16:54:28","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134337/"
-"134336","2019-02-18 16:54:18","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134336/"
+"134336","2019-02-18 16:54:18","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134336/"
 "134335","2019-02-18 16:54:12","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134335/"
 "134334","2019-02-18 16:54:05","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134334/"
 "134333","2019-02-18 16:54:00","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134333/"
@@ -6939,7 +7490,7 @@
 "134320","2019-02-18 16:53:09","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134320/"
 "134319","2019-02-18 16:53:04","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134319/"
 "134318","2019-02-18 16:52:59","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134318/"
-"134317","2019-02-18 16:52:51","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134317/"
+"134317","2019-02-18 16:52:51","https://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134317/"
 "134316","2019-02-18 16:52:45","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134316/"
 "134315","2019-02-18 16:52:44","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134315/"
 "134314","2019-02-18 16:52:41","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134314/"
@@ -6960,7 +7511,7 @@
 "134299","2019-02-18 16:51:59","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134299/"
 "134298","2019-02-18 16:51:53","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134298/"
 "134297","2019-02-18 16:51:52","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134297/"
-"134296","2019-02-18 16:51:51","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134296/"
+"134296","2019-02-18 16:51:51","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134296/"
 "134294","2019-02-18 16:51:50","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134294/"
 "134295","2019-02-18 16:51:50","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134295/"
 "134291","2019-02-18 16:51:49","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134291/"
@@ -6985,7 +7536,7 @@
 "134274","2019-02-18 16:50:59","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134274/"
 "134273","2019-02-18 16:50:57","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134273/"
 "134272","2019-02-18 16:50:56","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134272/"
-"134271","2019-02-18 16:50:54","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134271/"
+"134271","2019-02-18 16:50:54","http://mnkprombusinessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134271/"
 "134270","2019-02-18 16:50:50","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134270/"
 "134269","2019-02-18 16:50:47","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134269/"
 "134268","2019-02-18 16:50:44","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134268/"
@@ -6998,7 +7549,7 @@
 "134261","2019-02-18 16:50:24","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134261/"
 "134260","2019-02-18 16:50:20","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134260/"
 "134259","2019-02-18 16:50:17","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134259/"
-"134258","2019-02-18 16:50:15","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134258/"
+"134258","2019-02-18 16:50:15","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134258/"
 "134257","2019-02-18 16:50:12","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134257/"
 "134256","2019-02-18 16:50:09","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134256/"
 "134255","2019-02-18 16:50:07","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134255/"
@@ -7017,7 +7568,7 @@
 "134242","2019-02-18 16:49:37","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134242/"
 "134241","2019-02-18 16:49:33","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134241/"
 "134240","2019-02-18 16:49:31","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134240/"
-"134239","2019-02-18 16:49:29","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134239/"
+"134239","2019-02-18 16:49:29","https://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134239/"
 "134238","2019-02-18 16:49:26","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134238/"
 "134237","2019-02-18 16:49:25","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134237/"
 "134236","2019-02-18 16:49:22","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134236/"
@@ -7038,7 +7589,7 @@
 "134221","2019-02-18 16:49:07","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134221/"
 "134220","2019-02-18 16:49:05","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134220/"
 "134219","2019-02-18 16:49:04","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134219/"
-"134218","2019-02-18 16:49:03","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134218/"
+"134218","2019-02-18 16:49:03","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134218/"
 "134217","2019-02-18 16:49:02","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134217/"
 "134214","2019-02-18 16:49:01","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134214/"
 "134215","2019-02-18 16:49:01","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134215/"
@@ -7063,7 +7614,7 @@
 "134196","2019-02-18 16:48:42","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134196/"
 "134195","2019-02-18 16:48:39","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134195/"
 "134194","2019-02-18 16:48:38","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134194/"
-"134193","2019-02-18 16:48:37","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134193/"
+"134193","2019-02-18 16:48:37","http://datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134193/"
 "134192","2019-02-18 16:48:34","https://watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134192/"
 "134191","2019-02-18 16:48:32","https://watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134191/"
 "134190","2019-02-18 16:48:28","https://watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134190/"
@@ -7076,7 +7627,7 @@
 "134183","2019-02-18 16:47:56","https://watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134183/"
 "134182","2019-02-18 16:47:53","https://watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134182/"
 "134181","2019-02-18 16:47:49","https://watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134181/"
-"134180","2019-02-18 16:47:47","https://watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134180/"
+"134180","2019-02-18 16:47:47","https://watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134180/"
 "134179","2019-02-18 16:47:44","https://watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134179/"
 "134178","2019-02-18 16:47:42","https://watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134178/"
 "134177","2019-02-18 16:47:40","https://watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134177/"
@@ -7095,7 +7646,7 @@
 "134164","2019-02-18 16:47:10","https://watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134164/"
 "134163","2019-02-18 16:47:06","https://watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134163/"
 "134162","2019-02-18 16:47:04","https://watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134162/"
-"134161","2019-02-18 16:47:00","https://watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134161/"
+"134161","2019-02-18 16:47:00","https://watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134161/"
 "134160","2019-02-18 16:46:58","http://watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134160/"
 "134159","2019-02-18 16:46:56","http://watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134159/"
 "134158","2019-02-18 16:46:54","http://watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134158/"
@@ -7115,7 +7666,7 @@
 "134144","2019-02-18 16:46:39","http://watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134144/"
 "134143","2019-02-18 16:46:38","http://watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134143/"
 "134142","2019-02-18 16:46:37","http://watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134142/"
-"134140","2019-02-18 16:46:36","http://watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134140/"
+"134140","2019-02-18 16:46:36","http://watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134140/"
 "134141","2019-02-18 16:46:36","http://watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134141/"
 "134137","2019-02-18 16:46:34","http://watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134137/"
 "134138","2019-02-18 16:46:34","http://watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134138/"
@@ -7141,7 +7692,7 @@
 "134118","2019-02-18 16:46:13","http://watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134118/"
 "134117","2019-02-18 16:46:10","http://watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134117/"
 "134116","2019-02-18 16:46:04","http://watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134116/"
-"134115","2019-02-18 16:46:02","http://watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134115/"
+"134115","2019-02-18 16:46:02","http://watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134115/"
 "134114","2019-02-18 16:45:59","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134114/"
 "134113","2019-02-18 16:45:56","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134113/"
 "134112","2019-02-18 16:45:52","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134112/"
@@ -7154,7 +7705,7 @@
 "134105","2019-02-18 16:45:26","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134105/"
 "134104","2019-02-18 16:45:24","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134104/"
 "134103","2019-02-18 16:45:21","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134103/"
-"134102","2019-02-18 16:45:18","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134102/"
+"134102","2019-02-18 16:45:18","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134102/"
 "134101","2019-02-18 16:45:16","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134101/"
 "134100","2019-02-18 16:45:13","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134100/"
 "134099","2019-02-18 16:45:11","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134099/"
@@ -7173,7 +7724,7 @@
 "134086","2019-02-18 16:44:39","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134086/"
 "134085","2019-02-18 16:44:34","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134085/"
 "134084","2019-02-18 16:44:32","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134084/"
-"134083","2019-02-18 16:44:29","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134083/"
+"134083","2019-02-18 16:44:29","https://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134083/"
 "134082","2019-02-18 16:44:27","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134082/"
 "134081","2019-02-18 16:44:26","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134081/"
 "134080","2019-02-18 16:44:23","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134080/"
@@ -7193,7 +7744,7 @@
 "134066","2019-02-18 16:44:09","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134066/"
 "134065","2019-02-18 16:44:08","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134065/"
 "134064","2019-02-18 16:44:07","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134064/"
-"134062","2019-02-18 16:44:06","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134062/"
+"134062","2019-02-18 16:44:06","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134062/"
 "134063","2019-02-18 16:44:06","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134063/"
 "134061","2019-02-18 16:44:04","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134061/"
 "134058","2019-02-18 16:44:03","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134058/"
@@ -7219,7 +7770,7 @@
 "134040","2019-02-18 16:43:15","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134040/"
 "134039","2019-02-18 16:43:08","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134039/"
 "134038","2019-02-18 16:43:05","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134038/"
-"134037","2019-02-18 16:43:01","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134037/"
+"134037","2019-02-18 16:43:01","http://inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134037/"
 "134036","2019-02-18 16:42:56","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134036/"
 "134035","2019-02-18 16:42:53","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134035/"
 "134034","2019-02-18 16:42:49","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134034/"
@@ -7232,7 +7783,7 @@
 "134027","2019-02-18 16:42:28","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134027/"
 "134026","2019-02-18 16:42:26","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134026/"
 "134025","2019-02-18 16:42:23","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134025/"
-"134024","2019-02-18 16:42:20","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134024/"
+"134024","2019-02-18 16:42:20","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134024/"
 "134023","2019-02-18 16:42:17","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134023/"
 "134022","2019-02-18 16:42:14","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134022/"
 "134021","2019-02-18 16:42:12","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/134021/"
@@ -7251,7 +7802,7 @@
 "134008","2019-02-18 16:41:32","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134008/"
 "134007","2019-02-18 16:41:28","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134007/"
 "134006","2019-02-18 16:41:25","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134006/"
-"134005","2019-02-18 16:41:21","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134005/"
+"134005","2019-02-18 16:41:21","https://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/134005/"
 "134004","2019-02-18 16:41:18","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134004/"
 "134003","2019-02-18 16:41:12","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134003/"
 "134002","2019-02-18 16:40:53","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/134002/"
@@ -7272,7 +7823,7 @@
 "133987","2019-02-18 16:39:29","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133987/"
 "133986","2019-02-18 16:39:20","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133986/"
 "133985","2019-02-18 16:39:17","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133985/"
-"133984","2019-02-18 16:39:16","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133984/"
+"133984","2019-02-18 16:39:16","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133984/"
 "133983","2019-02-18 16:39:11","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133983/"
 "133981","2019-02-18 16:39:10","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133981/"
 "133982","2019-02-18 16:39:10","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133982/"
@@ -7297,7 +7848,7 @@
 "133962","2019-02-18 16:37:34","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133962/"
 "133961","2019-02-18 16:37:14","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133961/"
 "133960","2019-02-18 16:37:08","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133960/"
-"133959","2019-02-18 16:37:00","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133959/"
+"133959","2019-02-18 16:37:00","http://bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133959/"
 "133958","2019-02-18 16:36:53","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133958/"
 "133957","2019-02-18 16:36:49","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133957/"
 "133956","2019-02-18 16:36:43","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133956/"
@@ -7310,7 +7861,7 @@
 "133949","2019-02-18 16:36:14","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133949/"
 "133948","2019-02-18 16:36:11","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133948/"
 "133947","2019-02-18 16:36:05","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133947/"
-"133946","2019-02-18 16:36:00","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133946/"
+"133946","2019-02-18 16:36:00","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133946/"
 "133945","2019-02-18 16:35:57","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133945/"
 "133944","2019-02-18 16:35:54","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133944/"
 "133943","2019-02-18 16:35:50","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133943/"
@@ -7329,7 +7880,7 @@
 "133930","2019-02-18 16:35:09","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133930/"
 "133929","2019-02-18 16:34:14","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133929/"
 "133928","2019-02-18 16:34:09","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133928/"
-"133927","2019-02-18 16:34:06","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133927/"
+"133927","2019-02-18 16:34:06","https://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133927/"
 "133926","2019-02-18 16:34:03","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133926/"
 "133925","2019-02-18 16:33:57","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133925/"
 "133924","2019-02-18 16:33:44","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133924/"
@@ -7349,7 +7900,7 @@
 "133910","2019-02-18 16:33:06","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133910/"
 "133909","2019-02-18 16:33:05","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133909/"
 "133908","2019-02-18 16:33:04","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133908/"
-"133906","2019-02-18 16:33:03","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133906/"
+"133906","2019-02-18 16:33:03","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133906/"
 "133907","2019-02-18 16:33:03","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133907/"
 "133904","2019-02-18 16:33:02","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133904/"
 "133905","2019-02-18 16:33:02","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133905/"
@@ -7375,7 +7926,7 @@
 "133884","2019-02-18 16:32:23","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133884/"
 "133883","2019-02-18 16:32:09","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133883/"
 "133882","2019-02-18 16:32:03","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133882/"
-"133881","2019-02-18 16:31:57","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133881/"
+"133881","2019-02-18 16:31:57","http://com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133881/"
 "133880","2019-02-18 16:31:51","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133880/"
 "133879","2019-02-18 16:31:44","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133879/"
 "133878","2019-02-18 16:31:40","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133878/"
@@ -7388,7 +7939,7 @@
 "133871","2019-02-18 16:31:14","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133871/"
 "133870","2019-02-18 16:31:10","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133870/"
 "133869","2019-02-18 16:31:07","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133869/"
-"133868","2019-02-18 16:31:03","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133868/"
+"133868","2019-02-18 16:31:03","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133868/"
 "133867","2019-02-18 16:30:56","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133867/"
 "133866","2019-02-18 16:30:40","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133866/"
 "133865","2019-02-18 16:30:32","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133865/"
@@ -7407,7 +7958,7 @@
 "133852","2019-02-18 16:29:14","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133852/"
 "133851","2019-02-18 16:29:09","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133851/"
 "133850","2019-02-18 16:29:05","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133850/"
-"133849","2019-02-18 16:29:02","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133849/"
+"133849","2019-02-18 16:29:02","https://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133849/"
 "133848","2019-02-18 16:28:58","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133848/"
 "133847","2019-02-18 16:28:55","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133847/"
 "133846","2019-02-18 16:28:45","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133846/"
@@ -7428,7 +7979,7 @@
 "133831","2019-02-18 16:28:21","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133831/"
 "133830","2019-02-18 16:28:20","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133830/"
 "133829","2019-02-18 16:28:17","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133829/"
-"133828","2019-02-18 16:28:15","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133828/"
+"133828","2019-02-18 16:28:15","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133828/"
 "133827","2019-02-18 16:28:12","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133827/"
 "133826","2019-02-18 16:28:11","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133826/"
 "133825","2019-02-18 16:28:09","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133825/"
@@ -7453,7 +8004,7 @@
 "133806","2019-02-18 16:26:52","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133806/"
 "133805","2019-02-18 16:26:39","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133805/"
 "133804","2019-02-18 16:26:34","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133804/"
-"133803","2019-02-18 16:26:30","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133803/"
+"133803","2019-02-18 16:26:30","http://smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133803/"
 "133802","2019-02-18 16:26:25","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133802/"
 "133801","2019-02-18 16:26:22","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133801/"
 "133800","2019-02-18 16:26:18","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133800/"
@@ -7466,7 +8017,7 @@
 "133793","2019-02-18 16:25:47","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133793/"
 "133792","2019-02-18 16:25:43","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133792/"
 "133791","2019-02-18 16:25:39","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133791/"
-"133790","2019-02-18 16:25:35","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133790/"
+"133790","2019-02-18 16:25:35","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133790/"
 "133789","2019-02-18 16:25:31","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133789/"
 "133788","2019-02-18 16:25:28","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133788/"
 "133787","2019-02-18 16:25:25","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133787/"
@@ -7485,7 +8036,7 @@
 "133774","2019-02-18 16:24:46","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133774/"
 "133773","2019-02-18 16:24:43","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133773/"
 "133772","2019-02-18 16:24:40","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133772/"
-"133771","2019-02-18 16:24:38","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133771/"
+"133771","2019-02-18 16:24:38","https://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133771/"
 "133770","2019-02-18 16:24:35","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133770/"
 "133769","2019-02-18 16:24:34","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133769/"
 "133768","2019-02-18 16:24:30","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133768/"
@@ -7505,7 +8056,7 @@
 "133754","2019-02-18 16:24:10","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133754/"
 "133753","2019-02-18 16:24:07","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133753/"
 "133752","2019-02-18 16:24:01","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133752/"
-"133750","2019-02-18 16:23:57","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133750/"
+"133750","2019-02-18 16:23:57","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133750/"
 "133751","2019-02-18 16:23:57","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133751/"
 "133747","2019-02-18 16:23:55","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133747/"
 "133748","2019-02-18 16:23:55","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133748/"
@@ -7531,7 +8082,7 @@
 "133728","2019-02-18 16:23:36","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133728/"
 "133727","2019-02-18 16:23:33","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133727/"
 "133726","2019-02-18 16:23:32","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133726/"
-"133725","2019-02-18 16:23:31","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133725/"
+"133725","2019-02-18 16:23:31","http://co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133725/"
 "133724","2019-02-18 16:23:27","https://brjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133724/"
 "133723","2019-02-18 16:23:25","https://brjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133723/"
 "133722","2019-02-18 16:23:21","https://brjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133722/"
@@ -7544,7 +8095,7 @@
 "133715","2019-02-18 16:23:02","https://brjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133715/"
 "133714","2019-02-18 16:22:59","https://brjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133714/"
 "133713","2019-02-18 16:22:57","https://brjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133713/"
-"133712","2019-02-18 16:22:54","https://brjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133712/"
+"133712","2019-02-18 16:22:54","https://brjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133712/"
 "133711","2019-02-18 16:22:52","https://brjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133711/"
 "133710","2019-02-18 16:22:50","https://brjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133710/"
 "133709","2019-02-18 16:22:48","https://brjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133709/"
@@ -7563,7 +8114,7 @@
 "133696","2019-02-18 16:22:17","https://brjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133696/"
 "133695","2019-02-18 16:22:13","https://brjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133695/"
 "133694","2019-02-18 16:22:10","https://brjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133694/"
-"133693","2019-02-18 16:22:08","https://brjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133693/"
+"133693","2019-02-18 16:22:08","https://brjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133693/"
 "133692","2019-02-18 16:22:05","http://brjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133692/"
 "133691","2019-02-18 16:22:04","http://brjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133691/"
 "133690","2019-02-18 16:22:02","http://brjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133690/"
@@ -7584,7 +8135,7 @@
 "133675","2019-02-18 16:21:46","http://brjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133675/"
 "133673","2019-02-18 16:21:44","http://brjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133673/"
 "133674","2019-02-18 16:21:44","http://brjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133674/"
-"133672","2019-02-18 16:21:43","http://brjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133672/"
+"133672","2019-02-18 16:21:43","http://brjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133672/"
 "133668","2019-02-18 16:21:42","http://brjsrwaco.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133668/"
 "133669","2019-02-18 16:21:42","http://brjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133669/"
 "133670","2019-02-18 16:21:42","http://brjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133670/"
@@ -7609,7 +8160,7 @@
 "133650","2019-02-18 16:21:25","http://brjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133650/"
 "133649","2019-02-18 16:21:23","http://brjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133649/"
 "133648","2019-02-18 16:21:22","http://brjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133648/"
-"133647","2019-02-18 16:21:21","http://brjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133647/"
+"133647","2019-02-18 16:21:21","http://brjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133647/"
 "133646","2019-02-18 16:21:18","https://l.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133646/"
 "133645","2019-02-18 16:21:16","https://l.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133645/"
 "133644","2019-02-18 16:21:12","https://l.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133644/"
@@ -7622,7 +8173,7 @@
 "133637","2019-02-18 16:20:54","https://l.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133637/"
 "133636","2019-02-18 16:20:51","https://l.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133636/"
 "133635","2019-02-18 16:20:48","https://l.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133635/"
-"133634","2019-02-18 16:20:46","https://l.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133634/"
+"133634","2019-02-18 16:20:46","https://l.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133634/"
 "133633","2019-02-18 16:20:43","https://l.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133633/"
 "133632","2019-02-18 16:20:41","https://l.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133632/"
 "133631","2019-02-18 16:20:39","https://l.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133631/"
@@ -7641,7 +8192,7 @@
 "133618","2019-02-18 16:20:09","https://l.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133618/"
 "133617","2019-02-18 16:20:00","https://l.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133617/"
 "133616","2019-02-18 16:19:58","https://l.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133616/"
-"133615","2019-02-18 16:19:56","https://l.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133615/"
+"133615","2019-02-18 16:19:56","https://l.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133615/"
 "133614","2019-02-18 16:19:53","http://l.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133614/"
 "133613","2019-02-18 16:19:52","http://l.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133613/"
 "133612","2019-02-18 16:19:50","http://l.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133612/"
@@ -7663,7 +8214,7 @@
 "133596","2019-02-18 16:19:35","http://l.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133596/"
 "133595","2019-02-18 16:19:34","http://l.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133595/"
 "133593","2019-02-18 16:19:33","http://l.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133593/"
-"133594","2019-02-18 16:19:33","http://l.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133594/"
+"133594","2019-02-18 16:19:33","http://l.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133594/"
 "133590","2019-02-18 16:19:32","http://l.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133590/"
 "133591","2019-02-18 16:19:32","http://l.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133591/"
 "133592","2019-02-18 16:19:32","http://l.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133592/"
@@ -7687,7 +8238,7 @@
 "133572","2019-02-18 16:19:06","http://l.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133572/"
 "133571","2019-02-18 16:19:04","http://l.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133571/"
 "133570","2019-02-18 16:19:03","http://l.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133570/"
-"133569","2019-02-18 16:19:02","http://l.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133569/"
+"133569","2019-02-18 16:19:02","http://l.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133569/"
 "133568","2019-02-18 16:19:00","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133568/"
 "133567","2019-02-18 16:18:57","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133567/"
 "133566","2019-02-18 16:18:54","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133566/"
@@ -7700,7 +8251,7 @@
 "133559","2019-02-18 16:18:36","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133559/"
 "133558","2019-02-18 16:18:34","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133558/"
 "133557","2019-02-18 16:18:31","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133557/"
-"133556","2019-02-18 16:18:29","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133556/"
+"133556","2019-02-18 16:18:29","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133556/"
 "133555","2019-02-18 16:18:26","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133555/"
 "133554","2019-02-18 16:18:24","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133554/"
 "133553","2019-02-18 16:18:21","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133553/"
@@ -7719,7 +8270,7 @@
 "133540","2019-02-18 16:17:49","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133540/"
 "133539","2019-02-18 16:17:45","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133539/"
 "133538","2019-02-18 16:17:43","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133538/"
-"133537","2019-02-18 16:17:41","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133537/"
+"133537","2019-02-18 16:17:41","https://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133537/"
 "133536","2019-02-18 16:17:38","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133536/"
 "133535","2019-02-18 16:17:37","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133535/"
 "133534","2019-02-18 16:17:35","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133534/"
@@ -7740,7 +8291,7 @@
 "133519","2019-02-18 16:17:21","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133519/"
 "133517","2019-02-18 16:17:20","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133517/"
 "133518","2019-02-18 16:17:20","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133518/"
-"133516","2019-02-18 16:17:19","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133516/"
+"133516","2019-02-18 16:17:19","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133516/"
 "133513","2019-02-18 16:17:18","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133513/"
 "133514","2019-02-18 16:17:18","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133514/"
 "133515","2019-02-18 16:17:18","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133515/"
@@ -7765,7 +8316,7 @@
 "133494","2019-02-18 16:17:01","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133494/"
 "133493","2019-02-18 16:16:59","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133493/"
 "133492","2019-02-18 16:16:58","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133492/"
-"133491","2019-02-18 16:16:57","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133491/"
+"133491","2019-02-18 16:16:57","http://pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133491/"
 "133490","2019-02-18 16:16:54","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133490/"
 "133489","2019-02-18 16:16:52","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133489/"
 "133488","2019-02-18 16:16:48","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133488/"
@@ -7778,7 +8329,7 @@
 "133481","2019-02-18 16:16:30","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133481/"
 "133480","2019-02-18 16:16:28","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133480/"
 "133479","2019-02-18 16:16:25","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133479/"
-"133478","2019-02-18 16:16:23","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133478/"
+"133478","2019-02-18 16:16:23","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133478/"
 "133477","2019-02-18 16:16:20","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133477/"
 "133476","2019-02-18 16:16:18","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133476/"
 "133475","2019-02-18 16:16:16","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133475/"
@@ -7797,7 +8348,7 @@
 "133462","2019-02-18 16:15:00","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133462/"
 "133461","2019-02-18 16:14:56","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133461/"
 "133460","2019-02-18 16:14:54","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133460/"
-"133459","2019-02-18 16:14:51","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133459/"
+"133459","2019-02-18 16:14:51","https://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133459/"
 "133458","2019-02-18 16:14:49","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133458/"
 "133457","2019-02-18 16:14:48","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133457/"
 "133456","2019-02-18 16:14:46","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133456/"
@@ -7817,7 +8368,7 @@
 "133442","2019-02-18 16:14:32","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133442/"
 "133441","2019-02-18 16:14:30","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133441/"
 "133440","2019-02-18 16:14:29","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133440/"
-"133438","2019-02-18 16:14:28","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133438/"
+"133438","2019-02-18 16:14:28","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133438/"
 "133439","2019-02-18 16:14:28","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133439/"
 "133437","2019-02-18 16:14:27","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133437/"
 "133434","2019-02-18 16:14:26","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133434/"
@@ -7843,7 +8394,7 @@
 "133416","2019-02-18 16:14:09","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133416/"
 "133415","2019-02-18 16:14:06","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133415/"
 "133414","2019-02-18 16:14:05","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133414/"
-"133413","2019-02-18 16:14:04","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133413/"
+"133413","2019-02-18 16:14:04","http://unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133413/"
 "133412","2019-02-18 15:59:12","https://share.dmca.gripe/wjKlbKuTU57qahu3.jpg","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/133412/"
 "133411","2019-02-18 15:50:02","http://masjidsolar.nl/xMPn6P4SWc_Nor4jjjBga/","offline","malware_download","emotet","https://urlhaus.abuse.ch/url/133411/"
 "133410","2019-02-18 15:40:21","http://fenichka.ru/nh7sQadFRxH9/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/133410/"
@@ -7865,8 +8416,8 @@
 "133394","2019-02-18 15:14:08","https://my.mixtape.moe/tcelou.htaa","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/133394/"
 "133393","2019-02-18 14:55:12","http://allens.youcheckit.ca/yVxEv19/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133393/"
 "133392","2019-02-18 14:55:10","http://13.126.61.11/7yxtlsVP/","offline","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133392/"
-"133391","2019-02-18 14:55:09","http://13.233.31.203/pNuYMISS/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133391/"
-"133390","2019-02-18 14:55:07","http://118.25.176.38/spLxFZDWCy/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133390/"
+"133391","2019-02-18 14:55:09","http://13.233.31.203/pNuYMISS/","offline","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133391/"
+"133390","2019-02-18 14:55:07","http://118.25.176.38/spLxFZDWCy/","offline","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133390/"
 "133389","2019-02-18 14:55:04","http://139.59.64.173/GNsd8HGbEt/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/133389/"
 "133388","2019-02-18 14:51:03","http://kbfqatar.org/qa/wp-includes/SimplePie/Content/Type/file/brwnew/WINds60.exe","online","malware_download","exe,Loki,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/133388/"
 "133387","2019-02-18 14:48:14","https://images2.imgbox.com/34/60/1Zc8BevK_o.png","online","malware_download","cryptographic,payload,script,stage2,steganographic,URLzone,ursnif","https://urlhaus.abuse.ch/url/133387/"
@@ -7892,14 +8443,14 @@
 "133367","2019-02-18 14:30:08","http://weresolve.ca/de_DE/QPTCOWC0822892/Rechnung/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/133367/"
 "133366","2019-02-18 14:26:06","http://testcrowd.nl/DE/LYKRPNFHZ3597305/Rechnungs/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/133366/"
 "133365","2019-02-18 14:21:16","http://www.aemo-mecanique-usinage.fr/BWYBZL6197494/Rechnungs/DOC-Dokument/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133365/"
-"133364","2019-02-18 14:21:15","http://venta72.ru/SGRKGTJD9577207/Rechnungskorrektur/RECH/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133364/"
+"133364","2019-02-18 14:21:15","http://venta72.ru/SGRKGTJD9577207/Rechnungskorrektur/RECH/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133364/"
 "133363","2019-02-18 14:21:10","http://satellit-group.ru/DE_de/VECMWQG0468271/DE_de/Fakturierung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133363/"
 "133362","2019-02-18 14:21:02","http://northcityspb.ru/MRFFHCACQ9991599/GER/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133362/"
 "133361","2019-02-18 14:20:53","http://mostkuafor.com/DE/EDHANN2408104/gescanntes-Dokument/DOC-Dokument/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133361/"
 "133360","2019-02-18 14:20:47","http://kynanggiaotiepungxu.edu.vn/de_DE/BUSGNCMNM5925190/Bestellungen/Zahlungserinnerung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133360/"
-"133359","2019-02-18 14:20:39","http://distro.attaqwapreneur.com/Februar2019/MAHFTTWU4194090/Scan/Rechnungsanschrift/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133359/"
+"133359","2019-02-18 14:20:39","http://distro.attaqwapreneur.com/Februar2019/MAHFTTWU4194090/Scan/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133359/"
 "133358","2019-02-18 14:20:33","http://distribuidorajb.com.ar/DE/SEZCOUTDJ0398039/Rechnungs/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133358/"
-"133357","2019-02-18 14:20:29","http://detsad-kr.ru/DE/WJKDVRPDX2185849/GER/Fakturierung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133357/"
+"133357","2019-02-18 14:20:29","http://detsad-kr.ru/DE/WJKDVRPDX2185849/GER/Fakturierung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133357/"
 "133356","2019-02-18 14:20:24","http://cityofpossibilities.org/THRQDXFN7136849/DE_de/RECH/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/133356/"
 "133355","2019-02-18 14:20:22","http://bonex.it/DE/HFAPEFIFHT3691281/Rech/Fakturierung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133355/"
 "133354","2019-02-18 14:20:16","http://52.15.227.66/DE_de/MGDEZR5274786/Scan/FORM/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/133354/"
@@ -7929,7 +8480,7 @@
 "133330","2019-02-18 14:16:34","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133330/"
 "133329","2019-02-18 14:16:30","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133329/"
 "133328","2019-02-18 14:16:26","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133328/"
-"133327","2019-02-18 14:16:21","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133327/"
+"133327","2019-02-18 14:16:21","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133327/"
 "133326","2019-02-18 14:16:18","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133326/"
 "133325","2019-02-18 14:16:15","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133325/"
 "133324","2019-02-18 14:16:12","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133324/"
@@ -7948,7 +8499,7 @@
 "133311","2019-02-18 14:15:30","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133311/"
 "133310","2019-02-18 14:15:24","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133310/"
 "133309","2019-02-18 14:15:20","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133309/"
-"133308","2019-02-18 14:15:17","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133308/"
+"133308","2019-02-18 14:15:17","https://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133308/"
 "133307","2019-02-18 14:15:13","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133307/"
 "133306","2019-02-18 14:15:10","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133306/"
 "133305","2019-02-18 14:15:07","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133305/"
@@ -7969,7 +8520,7 @@
 "133290","2019-02-18 14:14:29","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133290/"
 "133289","2019-02-18 14:14:23","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133289/"
 "133288","2019-02-18 14:14:21","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133288/"
-"133287","2019-02-18 14:14:20","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133287/"
+"133287","2019-02-18 14:14:20","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133287/"
 "133286","2019-02-18 14:14:14","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133286/"
 "133285","2019-02-18 14:14:13","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133285/"
 "133284","2019-02-18 14:14:12","http://decorinfo.ru/De/JKDLFMSWI8662303/DE/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/133284/"
@@ -7995,7 +8546,7 @@
 "133264","2019-02-18 14:13:48","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133264/"
 "133263","2019-02-18 14:13:45","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133263/"
 "133262","2019-02-18 14:13:43","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133262/"
-"133261","2019-02-18 14:13:42","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133261/"
+"133261","2019-02-18 14:13:42","http://emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133261/"
 "133260","2019-02-18 14:13:36","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133260/"
 "133259","2019-02-18 14:13:33","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133259/"
 "133258","2019-02-18 14:13:30","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133258/"
@@ -8008,7 +8559,7 @@
 "133251","2019-02-18 14:13:10","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133251/"
 "133250","2019-02-18 14:13:07","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133250/"
 "133249","2019-02-18 14:13:04","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133249/"
-"133248","2019-02-18 14:13:01","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133248/"
+"133248","2019-02-18 14:13:01","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133248/"
 "133247","2019-02-18 14:12:59","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133247/"
 "133246","2019-02-18 14:12:56","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133246/"
 "133245","2019-02-18 14:12:54","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133245/"
@@ -8027,7 +8578,7 @@
 "133232","2019-02-18 14:12:18","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133232/"
 "133231","2019-02-18 14:12:14","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133231/"
 "133230","2019-02-18 14:12:11","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133230/"
-"133229","2019-02-18 14:12:09","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133229/"
+"133229","2019-02-18 14:12:09","https://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133229/"
 "133228","2019-02-18 14:12:06","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133228/"
 "133227","2019-02-18 14:12:05","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133227/"
 "133226","2019-02-18 14:12:03","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133226/"
@@ -8047,7 +8598,7 @@
 "133212","2019-02-18 14:11:46","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133212/"
 "133211","2019-02-18 14:11:45","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133211/"
 "133210","2019-02-18 14:11:44","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133210/"
-"133208","2019-02-18 14:11:43","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133208/"
+"133208","2019-02-18 14:11:43","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133208/"
 "133209","2019-02-18 14:11:43","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133209/"
 "133204","2019-02-18 14:11:41","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133204/"
 "133205","2019-02-18 14:11:41","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133205/"
@@ -8073,7 +8624,7 @@
 "133186","2019-02-18 14:11:24","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133186/"
 "133185","2019-02-18 14:11:21","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133185/"
 "133184","2019-02-18 14:11:20","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133184/"
-"133183","2019-02-18 14:11:19","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133183/"
+"133183","2019-02-18 14:11:19","http://appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133183/"
 "133182","2019-02-18 14:11:15","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133182/"
 "133181","2019-02-18 14:11:13","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133181/"
 "133180","2019-02-18 14:11:09","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133180/"
@@ -8086,7 +8637,7 @@
 "133173","2019-02-18 14:10:45","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133173/"
 "133172","2019-02-18 14:10:43","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133172/"
 "133171","2019-02-18 14:10:40","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133171/"
-"133170","2019-02-18 14:10:37","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133170/"
+"133170","2019-02-18 14:10:37","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133170/"
 "133169","2019-02-18 14:10:35","http://thinkmonochrome.co.uk/.well-known/acme-challenge/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/133169/"
 "133168","2019-02-18 14:10:33","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133168/"
 "133167","2019-02-18 14:10:31","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133167/"
@@ -8106,7 +8657,7 @@
 "133153","2019-02-18 14:09:56","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133153/"
 "133152","2019-02-18 14:09:52","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133152/"
 "133151","2019-02-18 14:09:48","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133151/"
-"133150","2019-02-18 14:09:45","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133150/"
+"133150","2019-02-18 14:09:45","https://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133150/"
 "133149","2019-02-18 14:09:43","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133149/"
 "133148","2019-02-18 14:09:42","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133148/"
 "133147","2019-02-18 14:09:39","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133147/"
@@ -8127,7 +8678,7 @@
 "133132","2019-02-18 14:09:25","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133132/"
 "133130","2019-02-18 14:09:24","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133130/"
 "133131","2019-02-18 14:09:24","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133131/"
-"133129","2019-02-18 14:09:23","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133129/"
+"133129","2019-02-18 14:09:23","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133129/"
 "133126","2019-02-18 14:09:22","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133126/"
 "133127","2019-02-18 14:09:22","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133127/"
 "133128","2019-02-18 14:09:22","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133128/"
@@ -8152,7 +8703,7 @@
 "133107","2019-02-18 14:09:04","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133107/"
 "133106","2019-02-18 14:09:02","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133106/"
 "133105","2019-02-18 14:09:01","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133105/"
-"133104","2019-02-18 14:09:00","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133104/"
+"133104","2019-02-18 14:09:00","http://gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133104/"
 "133103","2019-02-18 14:08:56","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133103/"
 "133102","2019-02-18 14:08:53","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133102/"
 "133101","2019-02-18 14:08:49","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133101/"
@@ -8165,7 +8716,7 @@
 "133094","2019-02-18 14:08:31","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133094/"
 "133093","2019-02-18 14:08:29","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133093/"
 "133092","2019-02-18 14:08:26","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133092/"
-"133091","2019-02-18 14:08:23","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133091/"
+"133091","2019-02-18 14:08:23","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133091/"
 "133090","2019-02-18 14:08:21","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133090/"
 "133089","2019-02-18 14:08:19","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133089/"
 "133088","2019-02-18 14:08:17","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133088/"
@@ -8184,7 +8735,7 @@
 "133075","2019-02-18 14:07:46","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133075/"
 "133074","2019-02-18 14:07:42","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133074/"
 "133073","2019-02-18 14:07:39","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133073/"
-"133072","2019-02-18 14:07:37","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133072/"
+"133072","2019-02-18 14:07:37","https://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133072/"
 "133071","2019-02-18 14:07:35","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133071/"
 "133070","2019-02-18 14:07:34","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133070/"
 "133069","2019-02-18 14:07:31","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133069/"
@@ -8204,7 +8755,7 @@
 "133055","2019-02-18 14:07:18","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133055/"
 "133054","2019-02-18 14:07:17","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133054/"
 "133053","2019-02-18 14:07:16","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133053/"
-"133051","2019-02-18 14:07:15","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133051/"
+"133051","2019-02-18 14:07:15","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133051/"
 "133052","2019-02-18 14:07:15","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133052/"
 "133050","2019-02-18 14:07:14","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133050/"
 "133046","2019-02-18 14:07:13","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133046/"
@@ -8230,7 +8781,7 @@
 "133029","2019-02-18 14:06:54","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133029/"
 "133028","2019-02-18 14:06:51","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133028/"
 "133027","2019-02-18 14:06:50","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133027/"
-"133026","2019-02-18 14:06:49","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133026/"
+"133026","2019-02-18 14:06:49","http://czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133026/"
 "133025","2019-02-18 14:06:46","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133025/"
 "133024","2019-02-18 14:06:43","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133024/"
 "133023","2019-02-18 14:06:40","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133023/"
@@ -8243,7 +8794,7 @@
 "133016","2019-02-18 14:06:22","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133016/"
 "133015","2019-02-18 14:06:20","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133015/"
 "133014","2019-02-18 14:06:17","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133014/"
-"133013","2019-02-18 14:06:15","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133013/"
+"133013","2019-02-18 14:06:15","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/133013/"
 "133012","2019-02-18 14:06:12","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133012/"
 "133011","2019-02-18 14:06:10","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/133011/"
 "133010","2019-02-18 14:06:08","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/133010/"
@@ -8262,7 +8813,7 @@
 "132997","2019-02-18 14:05:38","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132997/"
 "132996","2019-02-18 14:05:34","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132996/"
 "132995","2019-02-18 14:05:32","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132995/"
-"132994","2019-02-18 14:05:29","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132994/"
+"132994","2019-02-18 14:05:29","https://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132994/"
 "132993","2019-02-18 14:05:26","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132993/"
 "132992","2019-02-18 14:05:19","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132992/"
 "132991","2019-02-18 14:05:16","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132991/"
@@ -8283,7 +8834,7 @@
 "132976","2019-02-18 14:05:00","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132976/"
 "132975","2019-02-18 14:04:58","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132975/"
 "132974","2019-02-18 14:04:57","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132974/"
-"132973","2019-02-18 14:04:56","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132973/"
+"132973","2019-02-18 14:04:56","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132973/"
 "132971","2019-02-18 14:04:55","http://kgr.kirov.spb.ru/ZYYQSI0013717/Bestellungen/DETAILS//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132971/"
 "132972","2019-02-18 14:04:55","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132972/"
 "132969","2019-02-18 14:04:54","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132969/"
@@ -8309,7 +8860,7 @@
 "132950","2019-02-18 14:04:35","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132950/"
 "132949","2019-02-18 14:04:33","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132949/"
 "132948","2019-02-18 14:04:31","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132948/"
-"132947","2019-02-18 14:04:30","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132947/"
+"132947","2019-02-18 14:04:30","http://sgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132947/"
 "132946","2019-02-18 14:04:27","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132946/"
 "132945","2019-02-18 14:04:25","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132945/"
 "132944","2019-02-18 14:04:21","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132944/"
@@ -8322,7 +8873,7 @@
 "132937","2019-02-18 14:03:59","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132937/"
 "132936","2019-02-18 14:03:56","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132936/"
 "132935","2019-02-18 14:03:50","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132935/"
-"132934","2019-02-18 14:03:46","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132934/"
+"132934","2019-02-18 14:03:46","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132934/"
 "132933","2019-02-18 14:03:43","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132933/"
 "132932","2019-02-18 14:03:41","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132932/"
 "132931","2019-02-18 14:03:38","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132931/"
@@ -8341,7 +8892,7 @@
 "132918","2019-02-18 14:03:05","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132918/"
 "132917","2019-02-18 14:03:00","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132917/"
 "132916","2019-02-18 14:02:57","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132916/"
-"132915","2019-02-18 14:02:55","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132915/"
+"132915","2019-02-18 14:02:55","https://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132915/"
 "132914","2019-02-18 14:02:52","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132914/"
 "132913","2019-02-18 14:02:48","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132913/"
 "132912","2019-02-18 14:02:41","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132912/"
@@ -8361,7 +8912,7 @@
 "132898","2019-02-18 14:02:07","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132898/"
 "132897","2019-02-18 14:02:06","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132897/"
 "132896","2019-02-18 14:02:03","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132896/"
-"132894","2019-02-18 14:02:01","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132894/"
+"132894","2019-02-18 14:02:01","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132894/"
 "132895","2019-02-18 14:02:01","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132895/"
 "132893","2019-02-18 14:01:59","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132893/"
 "132890","2019-02-18 14:01:58","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132890/"
@@ -8387,7 +8938,7 @@
 "132872","2019-02-18 14:01:12","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132872/"
 "132871","2019-02-18 14:00:58","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132871/"
 "132870","2019-02-18 14:00:54","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132870/"
-"132869","2019-02-18 14:00:48","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132869/"
+"132869","2019-02-18 14:00:48","http://globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132869/"
 "132868","2019-02-18 14:00:41","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132868/"
 "132867","2019-02-18 14:00:35","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132867/"
 "132866","2019-02-18 14:00:25","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132866/"
@@ -8400,7 +8951,7 @@
 "132859","2019-02-18 13:59:14","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132859/"
 "132858","2019-02-18 13:59:11","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132858/"
 "132857","2019-02-18 13:59:08","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132857/"
-"132856","2019-02-18 13:59:04","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132856/"
+"132856","2019-02-18 13:59:04","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132856/"
 "132855","2019-02-18 13:59:01","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132855/"
 "132854","2019-02-18 13:58:58","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132854/"
 "132853","2019-02-18 13:58:55","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132853/"
@@ -8419,7 +8970,7 @@
 "132840","2019-02-18 13:58:13","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132840/"
 "132839","2019-02-18 13:58:08","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132839/"
 "132838","2019-02-18 13:58:04","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132838/"
-"132837","2019-02-18 13:58:00","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132837/"
+"132837","2019-02-18 13:58:00","https://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132837/"
 "132836","2019-02-18 13:57:57","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132836/"
 "132835","2019-02-18 13:57:49","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132835/"
 "132834","2019-02-18 13:57:30","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132834/"
@@ -8440,7 +8991,7 @@
 "132819","2019-02-18 13:55:42","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132819/"
 "132818","2019-02-18 13:55:31","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132818/"
 "132817","2019-02-18 13:55:27","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132817/"
-"132816","2019-02-18 13:55:25","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132816/"
+"132816","2019-02-18 13:55:25","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132816/"
 "132815","2019-02-18 13:55:19","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132815/"
 "132813","2019-02-18 13:55:18","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132813/"
 "132814","2019-02-18 13:55:18","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132814/"
@@ -8465,7 +9016,7 @@
 "132794","2019-02-18 13:53:43","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132794/"
 "132793","2019-02-18 13:53:36","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132793/"
 "132792","2019-02-18 13:53:34","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132792/"
-"132791","2019-02-18 13:53:29","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132791/"
+"132791","2019-02-18 13:53:29","http://blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132791/"
 "132790","2019-02-18 13:53:24","https://prudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132790/"
 "132789","2019-02-18 13:53:21","https://prudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132789/"
 "132788","2019-02-18 13:53:17","https://prudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132788/"
@@ -8478,7 +9029,7 @@
 "132781","2019-02-18 13:52:52","https://prudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132781/"
 "132780","2019-02-18 13:52:44","https://prudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132780/"
 "132779","2019-02-18 13:52:41","https://prudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132779/"
-"132778","2019-02-18 13:52:38","https://prudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132778/"
+"132778","2019-02-18 13:52:38","https://prudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132778/"
 "132777","2019-02-18 13:52:36","https://prudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132777/"
 "132776","2019-02-18 13:52:34","https://prudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132776/"
 "132775","2019-02-18 13:52:25","https://prudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132775/"
@@ -8497,7 +9048,7 @@
 "132762","2019-02-18 13:51:33","https://prudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132762/"
 "132761","2019-02-18 13:51:28","https://prudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132761/"
 "132760","2019-02-18 13:51:25","https://prudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132760/"
-"132759","2019-02-18 13:51:21","https://prudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132759/"
+"132759","2019-02-18 13:51:21","https://prudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132759/"
 "132758","2019-02-18 13:51:17","http://prudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132758/"
 "132757","2019-02-18 13:51:11","http://prudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132757/"
 "132756","2019-02-18 13:50:55","http://prudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132756/"
@@ -8518,7 +9069,7 @@
 "132741","2019-02-18 13:50:19","http://prudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132741/"
 "132740","2019-02-18 13:50:10","http://prudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132740/"
 "132739","2019-02-18 13:50:07","http://prudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132739/"
-"132738","2019-02-18 13:50:06","http://prudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132738/"
+"132738","2019-02-18 13:50:06","http://prudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132738/"
 "132737","2019-02-18 13:50:05","http://prudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132737/"
 "132735","2019-02-18 13:50:04","http://prudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132735/"
 "132736","2019-02-18 13:50:04","http://prudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132736/"
@@ -8543,7 +9094,7 @@
 "132716","2019-02-18 13:48:11","http://prudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132716/"
 "132715","2019-02-18 13:47:55","http://prudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132715/"
 "132714","2019-02-18 13:47:50","http://prudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132714/"
-"132713","2019-02-18 13:47:42","http://prudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132713/"
+"132713","2019-02-18 13:47:42","http://prudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132713/"
 "132712","2019-02-18 13:47:34","https://ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132712/"
 "132711","2019-02-18 13:47:31","https://ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132711/"
 "132710","2019-02-18 13:47:25","https://ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132710/"
@@ -8556,7 +9107,7 @@
 "132703","2019-02-18 13:46:58","https://ccomduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132703/"
 "132702","2019-02-18 13:46:55","https://ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132702/"
 "132701","2019-02-18 13:46:51","https://ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132701/"
-"132700","2019-02-18 13:46:47","https://ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132700/"
+"132700","2019-02-18 13:46:47","https://ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132700/"
 "132699","2019-02-18 13:46:44","https://ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132699/"
 "132698","2019-02-18 13:46:41","https://ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132698/"
 "132697","2019-02-18 13:46:38","https://ccomduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132697/"
@@ -8575,7 +9126,7 @@
 "132684","2019-02-18 13:45:59","https://ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132684/"
 "132683","2019-02-18 13:45:55","https://ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132683/"
 "132682","2019-02-18 13:45:52","https://ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132682/"
-"132681","2019-02-18 13:45:49","https://ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132681/"
+"132681","2019-02-18 13:45:49","https://ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132681/"
 "132680","2019-02-18 13:45:47","http://ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132680/"
 "132679","2019-02-18 13:45:46","http://ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132679/"
 "132678","2019-02-18 13:45:43","http://ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132678/"
@@ -8595,7 +9146,7 @@
 "132664","2019-02-18 13:45:27","http://ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132664/"
 "132663","2019-02-18 13:45:25","http://ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132663/"
 "132662","2019-02-18 13:45:24","http://ccomduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132662/"
-"132660","2019-02-18 13:45:23","http://ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132660/"
+"132660","2019-02-18 13:45:23","http://ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132660/"
 "132661","2019-02-18 13:45:23","http://ccomduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132661/"
 "132658","2019-02-18 13:45:22","http://ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132658/"
 "132659","2019-02-18 13:45:22","http://ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132659/"
@@ -8622,7 +9173,7 @@
 "132637","2019-02-18 13:43:56","http://ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132637/"
 "132636","2019-02-18 13:43:54","http://ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132636/"
 "132635","2019-02-18 13:43:52","http://ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132635/"
-"132634","2019-02-18 13:43:51","http://ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132634/"
+"132634","2019-02-18 13:43:51","http://ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132634/"
 "132633","2019-02-18 13:43:48","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132633/"
 "132632","2019-02-18 13:43:46","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132632/"
 "132631","2019-02-18 13:43:42","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132631/"
@@ -8635,7 +9186,7 @@
 "132624","2019-02-18 13:43:23","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132624/"
 "132623","2019-02-18 13:43:20","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132623/"
 "132622","2019-02-18 13:43:18","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132622/"
-"132621","2019-02-18 13:43:15","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132621/"
+"132621","2019-02-18 13:43:15","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132621/"
 "132620","2019-02-18 13:43:13","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132620/"
 "132619","2019-02-18 13:43:11","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132619/"
 "132618","2019-02-18 13:43:08","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132618/"
@@ -8654,7 +9205,7 @@
 "132605","2019-02-18 13:42:37","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132605/"
 "132604","2019-02-18 13:42:33","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132604/"
 "132603","2019-02-18 13:42:31","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132603/"
-"132602","2019-02-18 13:42:29","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132602/"
+"132602","2019-02-18 13:42:29","https://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132602/"
 "132601","2019-02-18 13:42:27","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132601/"
 "132600","2019-02-18 13:42:25","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132600/"
 "132599","2019-02-18 13:42:23","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132599/"
@@ -8674,7 +9225,7 @@
 "132585","2019-02-18 13:42:09","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132585/"
 "132584","2019-02-18 13:42:07","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132584/"
 "132583","2019-02-18 13:42:05","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132583/"
-"132581","2019-02-18 13:42:04","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132581/"
+"132581","2019-02-18 13:42:04","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132581/"
 "132582","2019-02-18 13:42:04","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132582/"
 "132579","2019-02-18 13:42:02","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132579/"
 "132580","2019-02-18 13:42:02","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132580/"
@@ -8700,7 +9251,7 @@
 "132559","2019-02-18 13:41:09","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132559/"
 "132558","2019-02-18 13:41:06","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132558/"
 "132557","2019-02-18 13:41:05","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132557/"
-"132556","2019-02-18 13:41:04","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132556/"
+"132556","2019-02-18 13:41:04","http://emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132556/"
 "132555","2019-02-18 13:39:04","http://beheshtimaal.com/KWHUYEGC0155327/Rechnungs/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132555/"
 "132554","2019-02-18 13:35:02","http://cashin.ca/Februar2019/SPGLYDBXW6053074/de/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132554/"
 "132553","2019-02-18 13:30:07","http://eyestopper.ru/TKYVBPI8437659/de/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132553/"
@@ -8715,41 +9266,41 @@
 "132544","2019-02-18 13:00:08","http://13.126.28.98/de_DE/ERVBUB9959354/Rechnungskorrektur/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132544/"
 "132543","2019-02-18 12:56:06","http://mirkma.ru/de_DE/VVOLSVIL9729357/Dokumente/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132543/"
 "132542","2019-02-18 12:51:04","http://211.238.147.196/@eaDir/DE/FSGARB7511034/Dokumente/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132542/"
-"132541","2019-02-18 12:47:05","http://160.16.198.220/De/AQUUZPMII3442933/Rechnungs/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132541/"
+"132541","2019-02-18 12:47:05","http://160.16.198.220/De/AQUUZPMII3442933/Rechnungs/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132541/"
 "132540","2019-02-18 12:44:48","http://groundswellfilms.org/DE/IRWIOMG1185760/Rechnungskorrektur/DETAILS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/132540/"
-"132539","2019-02-18 12:44:43","http://81.56.198.200/DE_de/AGWKTL2505139/Dokumente/DOC-Dokument/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132539/"
+"132539","2019-02-18 12:44:43","http://81.56.198.200/DE_de/AGWKTL2505139/Dokumente/DOC-Dokument/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132539/"
 "132538","2019-02-18 12:44:13","http://78.207.210.11/@eaDir/Februar2019/XQCNETYKHN1099130/Rechnungs-Details/Zahlungserinnerung/","online","malware_download","doc,emotet,epoch1,Gozi,heodo","https://urlhaus.abuse.ch/url/132538/"
 "132537","2019-02-18 12:44:11","http://54.175.140.118/Februar2019/NFZJSULXU2729511/DE_de/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132537/"
 "132536","2019-02-18 12:44:09","http://54.164.84.17/De/ZEDLYG0772400/GER/FORM/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132536/"
 "132535","2019-02-18 12:44:06","http://52.66.236.210/de_DE/TAWMOAUYM5676668/Rechnungs/RECH/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132535/"
 "132534","2019-02-18 12:44:01","http://52.202.101.89/Februar2019/WKSJVQLYO7325225/Rechnungs/RECHNUNG/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/132534/"
-"132533","2019-02-18 12:43:31","http://37.139.27.218/DE/BDMYARSBK2827816/Rechnungs-docs/Hilfestellung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132533/"
-"132532","2019-02-18 12:43:28","http://35.247.37.148/DE_de/BGIVSWSI9094709/Rech/Rechnungszahlung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132532/"
-"132531","2019-02-18 12:43:22","http://35.190.186.53/De/SKTAPCYQTR6199495/Scan/Rechnungsanschrift/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132531/"
+"132533","2019-02-18 12:43:31","http://37.139.27.218/DE/BDMYARSBK2827816/Rechnungs-docs/Hilfestellung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132533/"
+"132532","2019-02-18 12:43:28","http://35.247.37.148/DE_de/BGIVSWSI9094709/Rech/Rechnungszahlung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132532/"
+"132531","2019-02-18 12:43:22","http://35.190.186.53/De/SKTAPCYQTR6199495/Scan/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132531/"
 "132530","2019-02-18 12:43:20","http://35.184.197.183/Februar2019/XCBJBUPQD4995786/Rechnungs-Details/DETAILS/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132530/"
 "132529","2019-02-18 12:43:18","http://35.176.197.139/de_DE/GHDPILMPSQ4188201/DE/DETAILS/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132529/"
-"132528","2019-02-18 12:43:17","http://188.131.164.117/Februar2019/JDNQVNEO7659282/Bestellungen/Rechnungsanschrift/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132528/"
-"132527","2019-02-18 12:43:13","http://159.89.167.92/De_de/EHRMQNRQUL2815951/Rechnung/Hilfestellung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132527/"
-"132525","2019-02-18 12:43:10","http://159.65.65.213/Februar2019/LWCXWKUNAK6379960/GER/DOC/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132525/"
-"132526","2019-02-18 12:43:10","http://159.65.83.246/FZGYPXJMA2476395/Rechnungskorrektur/DOC/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132526/"
-"132524","2019-02-18 12:43:08","http://159.65.147.40/De_de/CUHHAUAPJV7448870/Rechnungs-Details/Fakturierung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132524/"
+"132528","2019-02-18 12:43:17","http://188.131.164.117/Februar2019/JDNQVNEO7659282/Bestellungen/Rechnungsanschrift/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132528/"
+"132527","2019-02-18 12:43:13","http://159.89.167.92/De_de/EHRMQNRQUL2815951/Rechnung/Hilfestellung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132527/"
+"132525","2019-02-18 12:43:10","http://159.65.65.213/Februar2019/LWCXWKUNAK6379960/GER/DOC/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132525/"
+"132526","2019-02-18 12:43:10","http://159.65.83.246/FZGYPXJMA2476395/Rechnungskorrektur/DOC/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132526/"
+"132524","2019-02-18 12:43:08","http://159.65.147.40/De_de/CUHHAUAPJV7448870/Rechnungs-Details/Fakturierung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132524/"
 "132523","2019-02-18 12:43:06","http://130.211.205.139/CPCVVB7382198/gescanntes-Dokument/DOC-Dokument/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132523/"
 "132522","2019-02-18 12:43:05","http://13.233.173.191/wp-content/BXROAQEY9168432/gescanntes-Dokument/DETAILS/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132522/"
-"132521","2019-02-18 12:43:03","http://104.198.73.104/De_de/BYLZNG4781296/Rechnungs-docs/Fakturierung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132521/"
-"132520","2019-02-18 12:42:05","http://119.254.12.142/De_de/UDUAGTZ8720587/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132520/"
+"132521","2019-02-18 12:43:03","http://104.198.73.104/De_de/BYLZNG4781296/Rechnungs-docs/Fakturierung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/132521/"
+"132520","2019-02-18 12:42:05","http://119.254.12.142/De_de/UDUAGTZ8720587/Rechnungskorrektur/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132520/"
 "132519","2019-02-18 12:37:04","http://206.189.45.178/wp-content/uploads/de_DE/BUEBJWJE6755100/Rechnungs-docs/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132519/"
 "132518","2019-02-18 12:33:03","http://159.65.142.218/wp-admin/De_de/LBYFVB4427436/Bestellungen/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132518/"
 "132517","2019-02-18 12:28:03","http://162.243.254.239/wordpress/JKMTGSV2656883/DE/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132517/"
 "132516","2019-02-18 12:24:05","http://103.11.22.51/wp-content/uploads/De_de/MFNCUOH4242924/Rechnungs/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132516/"
 "132515","2019-02-18 12:21:32","http://54.153.245.124/DE_de/JHKUWXVZVW5112482/Dokumente/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132515/"
 "132514","2019-02-18 12:19:02","http://104.155.134.95/de_DE/PHRJHNS1706006/Bestellungen/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132514/"
-"132513","2019-02-18 12:14:08","http://54.250.159.171/ITYUILQHPS2527864/de/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132513/"
+"132513","2019-02-18 12:14:08","http://54.250.159.171/ITYUILQHPS2527864/de/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132513/"
 "132512","2019-02-18 12:05:05","http://52.63.119.3/DE/WJVLFQXIL7243103/Scan/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132512/"
 "132511","2019-02-18 12:03:11","http://185.224.249.181:80/bins/despise.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132511/"
 "132510","2019-02-18 12:03:08","http://185.224.249.181:80/bins/despise.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132510/"
 "132509","2019-02-18 12:03:05","http://185.224.249.181:80/bins/despise.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132509/"
 "132508","2019-02-18 12:02:03","http://185.224.249.181:80/bins/despise.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/132508/"
-"132507","2019-02-18 12:01:04","http://82.253.156.136/wordpress/Februar2019/RXZOTII4866226/GER/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132507/"
+"132507","2019-02-18 12:01:04","http://82.253.156.136/wordpress/Februar2019/RXZOTII4866226/GER/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132507/"
 "132506","2019-02-18 11:58:09","http://hourofcode.cn/De_de/WMUPSXLK9917373/Rechnungskorrektur/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132506/"
 "132505","2019-02-18 11:55:02","http://down.softlist.tcroot.cn/xbdtfences4310v1426.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132505/"
 "132504","2019-02-18 11:53:11","http://menardvidal.com/new.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132504/"
@@ -8758,7 +9309,7 @@
 "132501","2019-02-18 11:52:11","http://185.224.249.181:80/bins/despise.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132501/"
 "132500","2019-02-18 11:52:08","http://185.224.249.181:80/bins/despise.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132500/"
 "132499","2019-02-18 11:52:05","http://185.224.249.181:80/bins/despise.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132499/"
-"132498","2019-02-18 11:49:06","http://35.232.73.116/DE/DSWTSAJ2444068/Rechnungs/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132498/"
+"132498","2019-02-18 11:49:06","http://35.232.73.116/DE/DSWTSAJ2444068/Rechnungs/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132498/"
 "132497","2019-02-18 11:48:14","http://mincoindia.com/wp-content/a2.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132497/"
 "132496","2019-02-18 11:46:18","http://headshotsni.co.uk/.well-known/acme-challenge/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/132496/"
 "132495","2019-02-18 11:45:59","http://o-corporation.net/Content/PrintArea/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/132495/"
@@ -8771,14 +9322,14 @@
 "132488","2019-02-18 11:40:10","http://mincoindia.com/wp-content/90603327.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132488/"
 "132487","2019-02-18 11:40:04","http://krisen.ca/De/ZVHWKN4733448/Rechnungs/DETAILS/","offline","malware_download","None","https://urlhaus.abuse.ch/url/132487/"
 "132486","2019-02-18 11:36:05","http://menardvidal.com/nj.exe","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/132486/"
-"132485","2019-02-18 11:36:04","http://206.189.154.46/De_de/IOYGXFOS4586915/Rechnungs-Details/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132485/"
+"132485","2019-02-18 11:36:04","http://206.189.154.46/De_de/IOYGXFOS4586915/Rechnungs-Details/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132485/"
 "132484","2019-02-18 11:32:09","http://13.239.63.5/De_de/PTHJMWEKE6025428/gescanntes-Dokument/Rechnungszahlung//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132484/"
-"132483","2019-02-18 11:31:46","http://104.223.40.40/8CqRIJhG4/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/132483/"
-"132482","2019-02-18 11:31:42","http://128.199.187.124/v35hrbFz/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/132482/"
+"132483","2019-02-18 11:31:46","http://104.223.40.40/8CqRIJhG4/","offline","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/132483/"
+"132482","2019-02-18 11:31:42","http://128.199.187.124/v35hrbFz/","offline","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/132482/"
 "132481","2019-02-18 11:31:37","http://13.233.183.227/5VfqqsmV/","offline","malware_download","emotet,epoch1,exe,GandCrab,heodo","https://urlhaus.abuse.ch/url/132481/"
 "132480","2019-02-18 11:31:07","http://giancarloraso.com/xwSiP547/","online","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/132480/"
 "132479","2019-02-18 11:31:04","http://bazee365.com/v59HxZy/","offline","malware_download","emotet,epoch1,exe,GandCrab,Gozi,heodo","https://urlhaus.abuse.ch/url/132479/"
-"132478","2019-02-18 11:28:05","http://3.92.174.100/DE_de/LKYFRY3430810/Rechnungs/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132478/"
+"132478","2019-02-18 11:28:05","http://3.92.174.100/DE_de/LKYFRY3430810/Rechnungs/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132478/"
 "132477","2019-02-18 11:24:25","https://www.kamagra4uk.com/images/gee/eb/ebb.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/132477/"
 "132476","2019-02-18 11:24:12","http://35.204.88.6/De_de/QNXXBL2550799/DE/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132476/"
 "132475","2019-02-18 11:19:09","http://193.77.216.20/jwzedo5/Februar2019/UGSIRFQS9041754/Bestellungen/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132475/"
@@ -8795,30 +9346,30 @@
 "132465","2019-02-18 11:08:03","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos13.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132465/"
 "132463","2019-02-18 11:08:03","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos9.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132463/"
 "132462","2019-02-18 11:08:02","http://fihjamaal.com/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=noos8.harz","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/132462/"
-"132461","2019-02-18 11:06:04","http://159.89.153.180/Februar2019/KIGORQGG3636393/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132461/"
-"132460","2019-02-18 11:02:03","http://159.65.146.232/De_de/JVKBEGN3447167/Rechnungs-docs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132460/"
+"132461","2019-02-18 11:06:04","http://159.89.153.180/Februar2019/KIGORQGG3636393/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132461/"
+"132460","2019-02-18 11:02:03","http://159.65.146.232/De_de/JVKBEGN3447167/Rechnungs-docs/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132460/"
 "132459","2019-02-18 10:58:02","http://18.218.56.72/wp-content/Februar2019/MCUQNVLYB6133013/GER/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132459/"
-"132458","2019-02-18 10:53:05","http://128.199.172.4/DE_de/SBWMHZD3362582/DE/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132458/"
+"132458","2019-02-18 10:53:05","http://128.199.172.4/DE_de/SBWMHZD3362582/DE/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132458/"
 "132457","2019-02-18 10:49:05","http://139.59.6.216/De/MOKKBK2937470/de/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132457/"
-"132456","2019-02-18 10:45:04","http://128.199.207.179/De_de/XAQWGLP5525711/DE/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132456/"
+"132456","2019-02-18 10:45:04","http://128.199.207.179/De_de/XAQWGLP5525711/DE/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132456/"
 "132455","2019-02-18 10:41:04","http://178.236.210.22/DE_de/VXLQHV3545501/Rechnungskorrektur/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132455/"
-"132454","2019-02-18 10:37:02","http://207.154.223.104/De/MUDMLVMRE9635299/Dokumente/Zahlungserinnerung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132454/"
-"132452","2019-02-18 10:33:03","http://138.197.72.9/De_de/DAWSAA4214739/DE/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132452/"
+"132454","2019-02-18 10:37:02","http://207.154.223.104/De/MUDMLVMRE9635299/Dokumente/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132454/"
+"132452","2019-02-18 10:33:03","http://138.197.72.9/De_de/DAWSAA4214739/DE/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132452/"
 "132453","2019-02-18 10:33:03","http://139.99.186.18/xml/amin.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/132453/"
 "132451","2019-02-18 10:28:08","http://thales-las.cfdt-fgmm.fr/cgi-bin/de_DE/HGBRXR0176258/Rechnung/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132451/"
-"132450","2019-02-18 10:24:07","http://178.62.102.110/Februar2019/AUNPVURZA9802560/Rechnung/RECHNUNG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132450/"
+"132450","2019-02-18 10:24:07","http://178.62.102.110/Februar2019/AUNPVURZA9802560/Rechnung/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132450/"
 "132449","2019-02-18 10:22:04","http://masjidsolar.nl/xMPn6P4SWc_Nor4jjjBg/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/132449/"
 "132448","2019-02-18 10:20:08","http://132.145.153.89/de_DE/USZFAV9571004/Rechnungs-Details/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132448/"
-"132447","2019-02-18 10:14:04","http://139.59.182.250/DE_de/YEMZQWL7122420/DE_de/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132447/"
-"132446","2019-02-18 10:11:05","http://178.62.233.192/DE/IIGBOEF2759358/Rechnungs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132446/"
+"132447","2019-02-18 10:14:04","http://139.59.182.250/DE_de/YEMZQWL7122420/DE_de/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132447/"
+"132446","2019-02-18 10:11:05","http://178.62.233.192/DE/IIGBOEF2759358/Rechnungs/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132446/"
 "132445","2019-02-18 10:07:03","http://178.62.213.188/DE_de/VLETOOSN3411887/Rechnung/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132445/"
-"132444","2019-02-18 10:02:02","http://139.59.130.73/Februar2019/GOQXXVYNC1427879/Rechnung/DETAILS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132444/"
+"132444","2019-02-18 10:02:02","http://139.59.130.73/Februar2019/GOQXXVYNC1427879/Rechnung/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132444/"
 "132443","2019-02-18 09:58:03","http://www.difalabarghoo.ir/De_de/UMKZAQYHN9698380/Rechnungs-Details/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132443/"
-"132442","2019-02-18 09:54:10","http://wordpress-219768-716732.cloudwaysapps.com/De_de/QGMZIZ7416457/Scan/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132442/"
+"132442","2019-02-18 09:54:10","http://wordpress-219768-716732.cloudwaysapps.com/De_de/QGMZIZ7416457/Scan/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132442/"
 "132441","2019-02-18 09:53:21","http://amazonvietnampharma.com.vn/l/css/baba.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/132441/"
 "132440","2019-02-18 09:53:11","http://124.80.38.9:55660/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/132440/"
 "132439","2019-02-18 09:53:05","http://185.224.249.181:80/bins/despise.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132439/"
-"132438","2019-02-18 09:48:06","http://167.99.10.129/De/TWVNEO1831802/GER/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132438/"
+"132438","2019-02-18 09:48:06","http://167.99.10.129/De/TWVNEO1831802/GER/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132438/"
 "132437","2019-02-18 09:44:23","https://www.kamagra4uk.com/images/gce/gio.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132437/"
 "132436","2019-02-18 09:44:05","http://truenorthtimber.com/de_DE/GDWQWYRJ1104890/Rechnungs-Details/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/132436/"
 "132435","2019-02-18 09:40:07","https://kamagra4uk.com/images/gce/gio.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/132435/"
@@ -8867,7 +9418,7 @@
 "132392","2019-02-18 07:54:33","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132392/"
 "132391","2019-02-18 07:54:30","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132391/"
 "132390","2019-02-18 07:54:28","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132390/"
-"132389","2019-02-18 07:54:25","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132389/"
+"132389","2019-02-18 07:54:25","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132389/"
 "132388","2019-02-18 07:54:23","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132388/"
 "132387","2019-02-18 07:54:19","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132387/"
 "132386","2019-02-18 07:54:17","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132386/"
@@ -8886,7 +9437,7 @@
 "132373","2019-02-18 07:53:46","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132373/"
 "132372","2019-02-18 07:53:42","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132372/"
 "132371","2019-02-18 07:53:39","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132371/"
-"132370","2019-02-18 07:53:37","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132370/"
+"132370","2019-02-18 07:53:37","https://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132370/"
 "132368","2019-02-18 07:53:34","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132368/"
 "132369","2019-02-18 07:53:34","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132369/"
 "132367","2019-02-18 07:53:31","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132367/"
@@ -8907,7 +9458,7 @@
 "132352","2019-02-18 07:53:16","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132352/"
 "132350","2019-02-18 07:53:14","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132350/"
 "132351","2019-02-18 07:53:14","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132351/"
-"132349","2019-02-18 07:53:13","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132349/"
+"132349","2019-02-18 07:53:13","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132349/"
 "132347","2019-02-18 07:53:12","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132347/"
 "132348","2019-02-18 07:53:12","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132348/"
 "132344","2019-02-18 07:53:11","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132344/"
@@ -8932,7 +9483,7 @@
 "132327","2019-02-18 07:52:53","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132327/"
 "132326","2019-02-18 07:52:51","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132326/"
 "132325","2019-02-18 07:52:50","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132325/"
-"132324","2019-02-18 07:52:48","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132324/"
+"132324","2019-02-18 07:52:48","http://peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132324/"
 "132323","2019-02-18 07:52:45","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132323/"
 "132322","2019-02-18 07:52:42","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132322/"
 "132321","2019-02-18 07:52:39","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132321/"
@@ -8945,7 +9496,7 @@
 "132314","2019-02-18 07:52:20","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132314/"
 "132313","2019-02-18 07:52:17","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132313/"
 "132312","2019-02-18 07:52:15","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132312/"
-"132311","2019-02-18 07:52:13","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132311/"
+"132311","2019-02-18 07:52:13","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132311/"
 "132310","2019-02-18 07:52:10","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132310/"
 "132309","2019-02-18 07:52:08","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132309/"
 "132308","2019-02-18 07:52:06","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132308/"
@@ -8964,7 +9515,7 @@
 "132295","2019-02-18 07:51:35","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132295/"
 "132294","2019-02-18 07:51:31","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132294/"
 "132293","2019-02-18 07:51:29","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132293/"
-"132292","2019-02-18 07:51:27","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132292/"
+"132292","2019-02-18 07:51:27","https://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132292/"
 "132291","2019-02-18 07:51:24","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132291/"
 "132290","2019-02-18 07:51:23","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132290/"
 "132289","2019-02-18 07:51:21","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132289/"
@@ -8985,7 +9536,7 @@
 "132274","2019-02-18 07:51:06","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132274/"
 "132272","2019-02-18 07:51:05","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132272/"
 "132273","2019-02-18 07:51:05","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132273/"
-"132271","2019-02-18 07:51:04","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132271/"
+"132271","2019-02-18 07:51:04","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132271/"
 "132268","2019-02-18 07:51:03","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132268/"
 "132269","2019-02-18 07:51:03","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132269/"
 "132270","2019-02-18 07:51:03","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132270/"
@@ -9011,7 +9562,7 @@
 "132248","2019-02-18 07:50:45","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132248/"
 "132247","2019-02-18 07:50:43","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132247/"
 "132246","2019-02-18 07:50:42","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132246/"
-"132245","2019-02-18 07:50:41","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132245/"
+"132245","2019-02-18 07:50:41","http://cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132245/"
 "132244","2019-02-18 07:50:38","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132244/"
 "132243","2019-02-18 07:50:36","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132243/"
 "132242","2019-02-18 07:50:32","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132242/"
@@ -9024,7 +9575,7 @@
 "132235","2019-02-18 07:50:12","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132235/"
 "132234","2019-02-18 07:50:10","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132234/"
 "132233","2019-02-18 07:50:07","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132233/"
-"132232","2019-02-18 07:50:04","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132232/"
+"132232","2019-02-18 07:50:04","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132232/"
 "132231","2019-02-18 07:49:57","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132231/"
 "132230","2019-02-18 07:49:54","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132230/"
 "132229","2019-02-18 07:49:52","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132229/"
@@ -9043,7 +9594,7 @@
 "132216","2019-02-18 07:49:21","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132216/"
 "132215","2019-02-18 07:49:17","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132215/"
 "132214","2019-02-18 07:49:15","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132214/"
-"132213","2019-02-18 07:49:12","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132213/"
+"132213","2019-02-18 07:49:12","https://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132213/"
 "132212","2019-02-18 07:49:10","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132212/"
 "132211","2019-02-18 07:49:09","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132211/"
 "132210","2019-02-18 07:49:06","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132210/"
@@ -9063,7 +9614,7 @@
 "132196","2019-02-18 07:48:53","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132196/"
 "132195","2019-02-18 07:48:52","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132195/"
 "132194","2019-02-18 07:48:51","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132194/"
-"132192","2019-02-18 07:48:50","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132192/"
+"132192","2019-02-18 07:48:50","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132192/"
 "132193","2019-02-18 07:48:50","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132193/"
 "132190","2019-02-18 07:48:48","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132190/"
 "132191","2019-02-18 07:48:48","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132191/"
@@ -9089,7 +9640,7 @@
 "132170","2019-02-18 07:48:29","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132170/"
 "132169","2019-02-18 07:48:26","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132169/"
 "132168","2019-02-18 07:48:25","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132168/"
-"132167","2019-02-18 07:48:24","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132167/"
+"132167","2019-02-18 07:48:24","http://pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132167/"
 "132166","2019-02-18 07:48:21","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132166/"
 "132165","2019-02-18 07:48:19","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132165/"
 "132164","2019-02-18 07:48:16","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132164/"
@@ -9102,7 +9653,7 @@
 "132157","2019-02-18 07:47:57","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132157/"
 "132156","2019-02-18 07:47:55","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132156/"
 "132155","2019-02-18 07:47:52","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132155/"
-"132154","2019-02-18 07:47:50","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132154/"
+"132154","2019-02-18 07:47:50","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132154/"
 "132153","2019-02-18 07:47:47","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132153/"
 "132152","2019-02-18 07:47:45","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132152/"
 "132151","2019-02-18 07:47:43","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132151/"
@@ -9121,7 +9672,7 @@
 "132138","2019-02-18 07:47:12","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132138/"
 "132137","2019-02-18 07:47:08","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132137/"
 "132136","2019-02-18 07:47:06","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132136/"
-"132135","2019-02-18 07:47:03","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132135/"
+"132135","2019-02-18 07:47:03","https://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132135/"
 "132134","2019-02-18 07:47:00","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132134/"
 "132133","2019-02-18 07:46:59","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132133/"
 "132132","2019-02-18 07:46:57","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132132/"
@@ -9141,7 +9692,7 @@
 "132118","2019-02-18 07:46:43","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132118/"
 "132117","2019-02-18 07:46:42","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132117/"
 "132116","2019-02-18 07:46:41","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132116/"
-"132114","2019-02-18 07:46:40","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132114/"
+"132114","2019-02-18 07:46:40","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132114/"
 "132115","2019-02-18 07:46:40","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132115/"
 "132113","2019-02-18 07:46:39","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132113/"
 "132110","2019-02-18 07:46:38","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132110/"
@@ -9167,7 +9718,7 @@
 "132092","2019-02-18 07:46:21","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132092/"
 "132091","2019-02-18 07:46:19","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132091/"
 "132090","2019-02-18 07:46:17","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132090/"
-"132089","2019-02-18 07:46:11","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132089/"
+"132089","2019-02-18 07:46:11","http://doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132089/"
 "132088","2019-02-18 07:46:07","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132088/"
 "132087","2019-02-18 07:46:05","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132087/"
 "132086","2019-02-18 07:46:01","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132086/"
@@ -9180,7 +9731,7 @@
 "132079","2019-02-18 07:45:43","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132079/"
 "132078","2019-02-18 07:45:40","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132078/"
 "132077","2019-02-18 07:45:38","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132077/"
-"132076","2019-02-18 07:45:35","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132076/"
+"132076","2019-02-18 07:45:35","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132076/"
 "132075","2019-02-18 07:45:33","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132075/"
 "132074","2019-02-18 07:45:30","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132074/"
 "132073","2019-02-18 07:45:28","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/132073/"
@@ -9200,7 +9751,7 @@
 "132059","2019-02-18 07:44:54","http://www.novatisk.cz/obrazky/q/891047.jpg","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/132059/"
 "132058","2019-02-18 07:44:53","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132058/"
 "132057","2019-02-18 07:44:50","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132057/"
-"132056","2019-02-18 07:44:47","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132056/"
+"132056","2019-02-18 07:44:47","https://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132056/"
 "132055","2019-02-18 07:44:45","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132055/"
 "132054","2019-02-18 07:44:43","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132054/"
 "132053","2019-02-18 07:44:34","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132053/"
@@ -9220,7 +9771,7 @@
 "132039","2019-02-18 07:43:38","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132039/"
 "132038","2019-02-18 07:43:31","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132038/"
 "132037","2019-02-18 07:43:23","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132037/"
-"132035","2019-02-18 07:43:19","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132035/"
+"132035","2019-02-18 07:43:19","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132035/"
 "132036","2019-02-18 07:43:19","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132036/"
 "132034","2019-02-18 07:43:15","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132034/"
 "132032","2019-02-18 07:43:14","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132032/"
@@ -9246,7 +9797,7 @@
 "132013","2019-02-18 07:41:55","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132013/"
 "132012","2019-02-18 07:41:44","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132012/"
 "132011","2019-02-18 07:41:41","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132011/"
-"132010","2019-02-18 07:41:36","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132010/"
+"132010","2019-02-18 07:41:36","http://mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/132010/"
 "132009","2019-02-18 07:41:31","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132009/"
 "132008","2019-02-18 07:41:27","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/132008/"
 "132007","2019-02-18 07:41:22","http://51.75.75.88/ankit/x86hua","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/132007/"
@@ -9260,7 +9811,7 @@
 "131999","2019-02-18 07:40:58","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131999/"
 "131998","2019-02-18 07:40:55","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131998/"
 "131997","2019-02-18 07:40:52","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131997/"
-"131996","2019-02-18 07:40:49","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131996/"
+"131996","2019-02-18 07:40:49","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131996/"
 "131995","2019-02-18 07:40:46","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131995/"
 "131994","2019-02-18 07:40:44","http://51.75.75.88/ankit/wtf","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131994/"
 "131993","2019-02-18 07:40:43","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131993/"
@@ -9281,7 +9832,7 @@
 "131978","2019-02-18 07:39:59","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131978/"
 "131977","2019-02-18 07:39:53","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131977/"
 "131976","2019-02-18 07:39:50","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131976/"
-"131975","2019-02-18 07:39:47","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131975/"
+"131975","2019-02-18 07:39:47","https://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131975/"
 "131974","2019-02-18 07:39:44","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131974/"
 "131973","2019-02-18 07:39:37","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131973/"
 "131972","2019-02-18 07:39:20","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131972/"
@@ -9304,7 +9855,7 @@
 "131955","2019-02-18 07:37:45","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131955/"
 "131954","2019-02-18 07:37:41","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131954/"
 "131953","2019-02-18 07:37:40","http://51.75.75.88/ankit/os.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131953/"
-"131952","2019-02-18 07:37:39","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131952/"
+"131952","2019-02-18 07:37:39","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131952/"
 "131951","2019-02-18 07:37:33","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131951/"
 "131950","2019-02-18 07:37:32","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131950/"
 "131948","2019-02-18 07:37:31","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131948/"
@@ -9331,7 +9882,7 @@
 "131928","2019-02-18 07:35:29","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131928/"
 "131927","2019-02-18 07:35:26","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131927/"
 "131926","2019-02-18 07:35:22","http://51.75.75.88/ankit/os.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131926/"
-"131925","2019-02-18 07:35:21","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131925/"
+"131925","2019-02-18 07:35:21","http://kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131925/"
 "131924","2019-02-18 07:35:17","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131924/"
 "131923","2019-02-18 07:35:14","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131923/"
 "131922","2019-02-18 07:35:09","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131922/"
@@ -9345,7 +9896,7 @@
 "131914","2019-02-18 07:34:43","http://51.75.75.88/ankit/os.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131914/"
 "131913","2019-02-18 07:34:42","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131913/"
 "131912","2019-02-18 07:34:39","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131912/"
-"131911","2019-02-18 07:34:36","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131911/"
+"131911","2019-02-18 07:34:36","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131911/"
 "131910","2019-02-18 07:34:32","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131910/"
 "131909","2019-02-18 07:34:30","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131909/"
 "131908","2019-02-18 07:34:27","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131908/"
@@ -9365,7 +9916,7 @@
 "131894","2019-02-18 07:33:54","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131894/"
 "131893","2019-02-18 07:33:50","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131893/"
 "131892","2019-02-18 07:33:48","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131892/"
-"131891","2019-02-18 07:33:44","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131891/"
+"131891","2019-02-18 07:33:44","https://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131891/"
 "131890","2019-02-18 07:33:41","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131890/"
 "131889","2019-02-18 07:33:38","http://51.75.75.88/ankit/os.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131889/"
 "131888","2019-02-18 07:33:37","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131888/"
@@ -9388,7 +9939,7 @@
 "131871","2019-02-18 07:32:20","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131871/"
 "131870","2019-02-18 07:32:14","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131870/"
 "131869","2019-02-18 07:32:09","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131869/"
-"131868","2019-02-18 07:32:07","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131868/"
+"131868","2019-02-18 07:32:07","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131868/"
 "131867","2019-02-18 07:32:02","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131867/"
 "131866","2019-02-18 07:32:01","http://51.75.75.88/ankit/os.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131866/"
 "131865","2019-02-18 07:32:00","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131865/"
@@ -9418,13 +9969,13 @@
 "131841","2019-02-18 07:29:55","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131841/"
 "131840","2019-02-18 07:29:50","http://51.75.75.88/ankit/mpsl.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131840/"
 "131839","2019-02-18 07:29:49","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131839/"
-"131838","2019-02-18 07:29:42","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131838/"
+"131838","2019-02-18 07:29:42","http://rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131838/"
 "131837","2019-02-18 07:29:35","http://51.75.75.88/ankit/gang","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131837/"
 "131836","2019-02-18 07:29:33","http://51.75.75.88/ankit/fgd","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131836/"
 "131835","2019-02-18 07:29:31","http://51.75.75.88/ankit/arm7.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131835/"
 "131834","2019-02-18 07:29:30","http://51.75.75.88/ankit/arm5.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131834/"
 "131833","2019-02-18 07:29:29","http://51.75.75.88/ankit/arm.fgt","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131833/"
-"131832","2019-02-18 07:29:28","http://simplebsolutions.co.uk/US/corporation/Invoice_Notice/9955581/ZEqz-9WuK_ApOHQ-8pw/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/131832/"
+"131832","2019-02-18 07:29:28","http://simplebsolutions.co.uk/US/corporation/Invoice_Notice/9955581/ZEqz-9WuK_ApOHQ-8pw/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/131832/"
 "131831","2019-02-18 07:29:23","http://megl.ca/llc/Invoice_Notice/VZYa-iN3oZ_MmWHxgsT-C7A","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131831/"
 "131830","2019-02-18 07:29:21","http://music.minoshazkr.gq/dj.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/131830/"
 "131829","2019-02-18 07:29:13","http://amazonvietnampharma.com.vn/l/css/css.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/131829/"
@@ -9510,10 +10061,10 @@
 "131749","2019-02-18 07:04:01","http://35.235.102.123/bins/kwari.armv4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131749/"
 "131748","2019-02-18 07:03:31","http://35.235.102.123/bins/kwari.arm7n","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131748/"
 "131747","2019-02-18 07:02:14","http://201.92.84.134:22521/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/131747/"
-"131746","2019-02-18 07:02:10","http://199.38.245.221/bins/yakuza.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131746/"
-"131745","2019-02-18 07:02:09","http://199.38.245.221/bins/yakuza.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131745/"
-"131744","2019-02-18 07:02:08","http://199.38.245.221/bins/yakuza.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131744/"
-"131743","2019-02-18 07:02:07","http://199.38.245.221/bins/x","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131743/"
+"131746","2019-02-18 07:02:10","http://199.38.245.221/bins/yakuza.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131746/"
+"131745","2019-02-18 07:02:09","http://199.38.245.221/bins/yakuza.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131745/"
+"131744","2019-02-18 07:02:08","http://199.38.245.221/bins/yakuza.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131744/"
+"131743","2019-02-18 07:02:07","http://199.38.245.221/bins/x","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131743/"
 "131742","2019-02-18 07:02:06","http://198.23.201.215/AB4g5/Josho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131742/"
 "131741","2019-02-18 07:02:05","http://185.244.25.134/AB4g5/Josho.x84","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131741/"
 "131740","2019-02-18 07:02:04","http://185.244.25.134/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131740/"
@@ -9533,7 +10084,7 @@
 "131726","2019-02-18 07:00:42","http://142.93.227.149/bins/purves.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131726/"
 "131725","2019-02-18 07:00:39","http://128.199.96.104/AB4g5/Omni.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131725/"
 "131724","2019-02-18 07:00:38","http://128.199.96.104/AB4g5/Omni.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131724/"
-"131723","2019-02-18 07:00:36","http://128.199.96.104/AB4g5/Omni.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131723/"
+"131723","2019-02-18 07:00:36","http://128.199.96.104/AB4g5/Omni.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131723/"
 "131722","2019-02-18 07:00:34","http://128.199.96.104/AB4g5/Omni.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131722/"
 "131721","2019-02-18 07:00:31","http://128.199.96.104/AB4g5/Omni.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131721/"
 "131720","2019-02-18 06:59:34","http://128.199.96.104/AB4g5/Omni.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131720/"
@@ -9544,22 +10095,22 @@
 "131715","2019-02-18 06:58:39","http://128.199.96.104/AB4g5/Omni.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131715/"
 "131714","2019-02-18 06:58:09","http://104.248.181.42:8000/usr/lib/hub/static/3017/ddgs.x86_64","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131714/"
 "131713","2019-02-18 06:58:07","http://104.248.181.42:8000/usr/lib/hub/static/3017/ddgs.i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131713/"
-"131711","2019-02-18 06:58:06","http://34.73.163.194/AB4g5/Josho.spc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131711/"
-"131710","2019-02-18 06:58:03","http://34.73.163.194/AB4g5/Josho.mpsl","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131710/"
+"131711","2019-02-18 06:58:06","http://34.73.163.194/AB4g5/Josho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131711/"
+"131710","2019-02-18 06:58:03","http://34.73.163.194/AB4g5/Josho.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131710/"
 "131709","2019-02-18 06:46:03","https://kamagra4uk.com/images/gee/eb/ebb.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/131709/"
 "131708","2019-02-18 06:45:17","https://share.dmca.gripe/fepQjvpl8uYh5yTy.jpg","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/131708/"
 "131707","2019-02-18 06:29:06","http://www.novatisk.cz/obrazky/q/6029118.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/131707/"
 "131706","2019-02-18 06:11:02","http://gaminggo.website/dbssxdydaf/file/jeMNh-Ra_puh-g0j","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131706/"
 "131705","2019-02-18 06:00:09","https://stablecoinswar.com/2e20640.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/131705/"
 "131704","2019-02-18 05:46:02","http://206.189.205.246/bins.sh","offline","malware_download","None","https://urlhaus.abuse.ch/url/131704/"
-"131703","2019-02-18 05:38:12","http://185.191.229.180/java8000","online","malware_download","elf","https://urlhaus.abuse.ch/url/131703/"
-"131702","2019-02-18 05:36:09","http://34.73.163.194/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131702/"
-"131701","2019-02-18 05:36:06","http://34.73.163.194/AB4g5/Josho.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131701/"
-"131700","2019-02-18 05:36:03","http://34.73.163.194/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131700/"
-"131699","2019-02-18 05:35:19","http://34.73.163.194/AB4g5/Josho.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131699/"
-"131698","2019-02-18 05:35:13","http://34.73.163.194/AB4g5/Josho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131698/"
-"131697","2019-02-18 05:35:06","http://34.73.163.194/AB4g5/Josho.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131697/"
-"131696","2019-02-18 05:33:05","http://34.73.163.194/AB4g5/Josho.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131696/"
+"131703","2019-02-18 05:38:12","http://185.191.229.180/java8000","offline","malware_download","elf","https://urlhaus.abuse.ch/url/131703/"
+"131702","2019-02-18 05:36:09","http://34.73.163.194/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131702/"
+"131701","2019-02-18 05:36:06","http://34.73.163.194/AB4g5/Josho.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131701/"
+"131700","2019-02-18 05:36:03","http://34.73.163.194/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131700/"
+"131699","2019-02-18 05:35:19","http://34.73.163.194/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131699/"
+"131698","2019-02-18 05:35:13","http://34.73.163.194/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131698/"
+"131697","2019-02-18 05:35:06","http://34.73.163.194/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131697/"
+"131696","2019-02-18 05:33:05","http://34.73.163.194/AB4g5/Josho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131696/"
 "131695","2019-02-18 05:25:05","http://54.250.159.171/US_us/corporation/mlKxT-I19OF_MChYwJVdO-FD","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131695/"
 "131694","2019-02-18 05:14:35","http://216.176.179.106:9090/26005","online","malware_download","payload","https://urlhaus.abuse.ch/url/131694/"
 "131693","2019-02-18 05:14:33","http://216.176.179.106:9090/26004","online","malware_download","payload","https://urlhaus.abuse.ch/url/131693/"
@@ -9571,14 +10122,14 @@
 "131687","2019-02-18 05:09:01","http://119.254.12.142/US_us/corporation/Invoice_number/aXwy-4a_IPVAwL-Yrb","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131687/"
 "131686","2019-02-18 04:31:02","http://35.176.197.139/US/company/Invoice/Yegah-4UC2R_EqbBA-uK","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131686/"
 "131685","2019-02-18 04:23:02","http://54.250.159.171/US/company/Invoice_number/123405918808120/nZdg-6se_PlUK-UQ","offline","malware_download","doc","https://urlhaus.abuse.ch/url/131685/"
-"131684","2019-02-18 04:19:03","http://34.73.163.194/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131684/"
+"131684","2019-02-18 04:19:03","http://34.73.163.194/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131684/"
 "131683","2019-02-18 04:19:02","http://www.novatisk.cz/obrazky/q/60501.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/131683/"
-"131682","2019-02-18 04:15:03","http://34.73.163.194/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131682/"
+"131682","2019-02-18 04:15:03","http://34.73.163.194/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131682/"
 "131681","2019-02-18 03:58:06","http://104.168.149.180/vb/Amakano.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131681/"
 "131680","2019-02-18 03:48:02","http://www.novatisk.cz/obrazky/q/tpl.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/131680/"
 "131679","2019-02-18 03:28:04","http://1.9.178.128:6425/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/131679/"
-"131678","2019-02-18 03:28:02","http://34.73.163.194:80/AB4g5/Josho.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131678/"
-"131677","2019-02-18 03:25:04","http://34.73.163.194:80/AB4g5/Josho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131677/"
+"131678","2019-02-18 03:28:02","http://34.73.163.194:80/AB4g5/Josho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131678/"
+"131677","2019-02-18 03:25:04","http://34.73.163.194:80/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131677/"
 "131676","2019-02-18 02:54:12","http://104.219.235.147/bins/x","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131676/"
 "131675","2019-02-18 02:26:10","https://ilistenidraw.com/CredAdv_85467PDF.jar","offline","malware_download","payload,stage2","https://urlhaus.abuse.ch/url/131675/"
 "131674","2019-02-18 02:26:04","http://priveeprimeltd.co.uk/PNC_943775_883.exe","offline","malware_download","payload,stage2","https://urlhaus.abuse.ch/url/131674/"
@@ -9594,7 +10145,7 @@
 "131664","2019-02-18 01:51:48","https://udential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131664/"
 "131663","2019-02-18 01:51:45","https://udential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131663/"
 "131662","2019-02-18 01:51:43","https://udential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131662/"
-"131661","2019-02-18 01:51:40","https://udential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131661/"
+"131661","2019-02-18 01:51:40","https://udential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131661/"
 "131660","2019-02-18 01:51:37","https://udential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131660/"
 "131659","2019-02-18 01:51:35","https://udential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131659/"
 "131658","2019-02-18 01:51:32","https://udential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131658/"
@@ -9613,7 +10164,7 @@
 "131645","2019-02-18 01:50:55","https://udential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131645/"
 "131644","2019-02-18 01:50:51","https://udential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131644/"
 "131643","2019-02-18 01:50:48","https://udential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131643/"
-"131642","2019-02-18 01:50:45","https://udential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131642/"
+"131642","2019-02-18 01:50:45","https://udential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131642/"
 "131641","2019-02-18 01:50:43","http://udential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131641/"
 "131640","2019-02-18 01:50:42","http://udential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131640/"
 "131639","2019-02-18 01:50:40","http://udential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131639/"
@@ -9634,7 +10185,7 @@
 "131624","2019-02-18 01:50:23","http://udential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131624/"
 "131623","2019-02-18 01:50:22","http://udential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131623/"
 "131622","2019-02-18 01:50:21","http://udential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131622/"
-"131621","2019-02-18 01:50:20","http://udential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131621/"
+"131621","2019-02-18 01:50:20","http://udential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131621/"
 "131618","2019-02-18 01:50:19","http://udential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131618/"
 "131619","2019-02-18 01:50:19","http://udential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131619/"
 "131620","2019-02-18 01:50:19","http://udential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131620/"
@@ -9659,7 +10210,7 @@
 "131599","2019-02-18 01:50:00","http://udential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131599/"
 "131598","2019-02-18 01:49:58","http://udential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131598/"
 "131597","2019-02-18 01:49:56","http://udential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131597/"
-"131596","2019-02-18 01:49:55","http://udential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131596/"
+"131596","2019-02-18 01:49:55","http://udential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131596/"
 "131595","2019-02-18 01:49:52","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131595/"
 "131594","2019-02-18 01:49:49","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131594/"
 "131593","2019-02-18 01:49:45","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131593/"
@@ -9672,7 +10223,7 @@
 "131586","2019-02-18 01:49:25","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131586/"
 "131585","2019-02-18 01:49:23","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131585/"
 "131584","2019-02-18 01:49:20","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131584/"
-"131583","2019-02-18 01:49:17","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131583/"
+"131583","2019-02-18 01:49:17","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131583/"
 "131582","2019-02-18 01:49:14","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131582/"
 "131581","2019-02-18 01:49:12","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131581/"
 "131580","2019-02-18 01:49:10","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131580/"
@@ -9691,7 +10242,7 @@
 "131567","2019-02-18 01:48:33","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131567/"
 "131566","2019-02-18 01:48:29","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131566/"
 "131565","2019-02-18 01:48:26","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131565/"
-"131564","2019-02-18 01:48:21","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131564/"
+"131564","2019-02-18 01:48:21","https://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131564/"
 "131563","2019-02-18 01:48:19","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131563/"
 "131562","2019-02-18 01:48:18","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131562/"
 "131561","2019-02-18 01:48:15","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131561/"
@@ -9711,7 +10262,7 @@
 "131547","2019-02-18 01:48:00","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131547/"
 "131546","2019-02-18 01:47:59","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131546/"
 "131545","2019-02-18 01:47:58","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131545/"
-"131543","2019-02-18 01:47:57","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131543/"
+"131543","2019-02-18 01:47:57","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131543/"
 "131544","2019-02-18 01:47:57","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131544/"
 "131541","2019-02-18 01:47:56","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131541/"
 "131542","2019-02-18 01:47:56","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131542/"
@@ -9737,7 +10288,7 @@
 "131521","2019-02-18 01:47:31","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131521/"
 "131520","2019-02-18 01:47:28","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131520/"
 "131519","2019-02-18 01:47:27","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131519/"
-"131518","2019-02-18 01:47:26","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131518/"
+"131518","2019-02-18 01:47:26","http://jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131518/"
 "131517","2019-02-18 01:47:23","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131517/"
 "131516","2019-02-18 01:47:20","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131516/"
 "131515","2019-02-18 01:47:16","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131515/"
@@ -9750,7 +10301,7 @@
 "131508","2019-02-18 01:46:57","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131508/"
 "131507","2019-02-18 01:46:54","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131507/"
 "131506","2019-02-18 01:46:52","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131506/"
-"131505","2019-02-18 01:46:49","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131505/"
+"131505","2019-02-18 01:46:49","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131505/"
 "131504","2019-02-18 01:46:47","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131504/"
 "131503","2019-02-18 01:46:44","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131503/"
 "131502","2019-02-18 01:46:42","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131502/"
@@ -9769,7 +10320,7 @@
 "131489","2019-02-18 01:46:05","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131489/"
 "131488","2019-02-18 01:46:01","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131488/"
 "131487","2019-02-18 01:45:58","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131487/"
-"131486","2019-02-18 01:45:56","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131486/"
+"131486","2019-02-18 01:45:56","https://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131486/"
 "131485","2019-02-18 01:45:48","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131485/"
 "131484","2019-02-18 01:45:45","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131484/"
 "131483","2019-02-18 01:45:27","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131483/"
@@ -9790,7 +10341,7 @@
 "131468","2019-02-18 01:44:24","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131468/"
 "131467","2019-02-18 01:44:18","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131467/"
 "131466","2019-02-18 01:44:15","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131466/"
-"131465","2019-02-18 01:44:14","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131465/"
+"131465","2019-02-18 01:44:14","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131465/"
 "131463","2019-02-18 01:44:09","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131463/"
 "131464","2019-02-18 01:44:09","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131464/"
 "131462","2019-02-18 01:44:07","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131462/"
@@ -9815,7 +10366,7 @@
 "131443","2019-02-18 01:42:50","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131443/"
 "131442","2019-02-18 01:42:39","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131442/"
 "131441","2019-02-18 01:42:33","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131441/"
-"131440","2019-02-18 01:42:27","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131440/"
+"131440","2019-02-18 01:42:27","http://mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131440/"
 "131439","2019-02-18 01:42:21","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131439/"
 "131438","2019-02-18 01:42:17","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131438/"
 "131437","2019-02-18 01:42:12","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131437/"
@@ -9828,7 +10379,7 @@
 "131430","2019-02-18 01:41:43","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131430/"
 "131429","2019-02-18 01:41:40","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131429/"
 "131428","2019-02-18 01:41:34","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131428/"
-"131427","2019-02-18 01:41:30","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131427/"
+"131427","2019-02-18 01:41:30","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131427/"
 "131426","2019-02-18 01:41:27","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131426/"
 "131425","2019-02-18 01:41:24","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131425/"
 "131424","2019-02-18 01:41:19","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131424/"
@@ -9847,7 +10398,7 @@
 "131411","2019-02-18 01:40:29","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131411/"
 "131410","2019-02-18 01:40:23","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131410/"
 "131409","2019-02-18 01:40:18","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131409/"
-"131408","2019-02-18 01:40:13","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131408/"
+"131408","2019-02-18 01:40:13","https://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131408/"
 "131407","2019-02-18 01:40:09","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131407/"
 "131406","2019-02-18 01:40:02","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131406/"
 "131405","2019-02-18 01:39:45","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131405/"
@@ -9868,7 +10419,7 @@
 "131390","2019-02-18 01:37:51","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131390/"
 "131389","2019-02-18 01:37:39","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131389/"
 "131388","2019-02-18 01:37:31","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131388/"
-"131387","2019-02-18 01:37:27","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131387/"
+"131387","2019-02-18 01:37:27","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131387/"
 "131386","2019-02-18 01:37:15","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131386/"
 "131385","2019-02-18 01:37:11","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131385/"
 "131384","2019-02-18 01:37:05","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131384/"
@@ -9893,7 +10444,7 @@
 "131365","2019-02-18 01:34:36","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131365/"
 "131364","2019-02-18 01:34:21","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131364/"
 "131363","2019-02-18 01:34:17","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131363/"
-"131362","2019-02-18 01:34:10","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131362/"
+"131362","2019-02-18 01:34:10","http://peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131362/"
 "131361","2019-02-18 01:32:10","http://178.128.127.231/bins/spc.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131361/"
 "131360","2019-02-18 01:32:08","http://178.128.127.231/bins/x86.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131360/"
 "131359","2019-02-18 01:32:05","http://178.128.127.231/bins/sh4.light","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131359/"
@@ -9913,7 +10464,7 @@
 "131345","2019-02-18 00:41:06","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131345/"
 "131344","2019-02-18 00:41:02","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131344/"
 "131343","2019-02-18 00:40:57","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131343/"
-"131342","2019-02-18 00:40:51","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131342/"
+"131342","2019-02-18 00:40:51","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131342/"
 "131341","2019-02-18 00:40:46","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131341/"
 "131340","2019-02-18 00:40:40","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131340/"
 "131339","2019-02-18 00:40:35","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131339/"
@@ -9935,7 +10486,7 @@
 "131323","2019-02-18 00:39:25","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131323/"
 "131322","2019-02-18 00:39:18","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131322/"
 "131321","2019-02-18 00:39:12","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131321/"
-"131320","2019-02-18 00:39:07","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131320/"
+"131320","2019-02-18 00:39:07","https://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131320/"
 "131319","2019-02-18 00:39:03","http://206.189.205.246/razdzn","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131319/"
 "131318","2019-02-18 00:39:01","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131318/"
 "131317","2019-02-18 00:38:53","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131317/"
@@ -9957,7 +10508,7 @@
 "131301","2019-02-18 00:36:45","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131301/"
 "131300","2019-02-18 00:36:34","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131300/"
 "131299","2019-02-18 00:36:28","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131299/"
-"131298","2019-02-18 00:36:26","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131298/"
+"131298","2019-02-18 00:36:26","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131298/"
 "131297","2019-02-18 00:36:19","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131297/"
 "131296","2019-02-18 00:36:17","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131296/"
 "131295","2019-02-18 00:36:14","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131295/"
@@ -9982,7 +10533,7 @@
 "131276","2019-02-18 00:34:54","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131276/"
 "131275","2019-02-18 00:34:52","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131275/"
 "131274","2019-02-18 00:34:51","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131274/"
-"131273","2019-02-18 00:34:49","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131273/"
+"131273","2019-02-18 00:34:49","http://e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131273/"
 "131272","2019-02-18 00:34:46","https://businessmanagemewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131272/"
 "131271","2019-02-18 00:34:44","https://businessmanagemewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131271/"
 "131270","2019-02-18 00:34:40","https://businessmanagemewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131270/"
@@ -9995,7 +10546,7 @@
 "131263","2019-02-18 00:34:22","https://businessmanagemewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131263/"
 "131262","2019-02-18 00:34:20","https://businessmanagemewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131262/"
 "131261","2019-02-18 00:34:17","https://businessmanagemewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131261/"
-"131260","2019-02-18 00:34:15","https://businessmanagemewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131260/"
+"131260","2019-02-18 00:34:15","https://businessmanagemewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131260/"
 "131259","2019-02-18 00:34:12","https://businessmanagemewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131259/"
 "131258","2019-02-18 00:34:10","https://businessmanagemewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131258/"
 "131257","2019-02-18 00:34:07","https://businessmanagemewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131257/"
@@ -10014,7 +10565,7 @@
 "131244","2019-02-18 00:33:22","https://businessmanagemewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131244/"
 "131243","2019-02-18 00:33:18","https://businessmanagemewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131243/"
 "131242","2019-02-18 00:33:16","https://businessmanagemewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131242/"
-"131241","2019-02-18 00:33:13","https://businessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131241/"
+"131241","2019-02-18 00:33:13","https://businessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131241/"
 "131240","2019-02-18 00:33:11","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131240/"
 "131239","2019-02-18 00:33:10","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131239/"
 "131238","2019-02-18 00:33:08","http://businessmanagemewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131238/"
@@ -10038,7 +10589,7 @@
 "131220","2019-02-18 00:32:48","http://businessmanagemewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131220/"
 "131219","2019-02-18 00:32:47","http://206.189.205.246/cemtop","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/131219/"
 "131218","2019-02-18 00:32:46","http://businessmanagemewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131218/"
-"131216","2019-02-18 00:32:45","http://businessmanagemewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131216/"
+"131216","2019-02-18 00:32:45","http://businessmanagemewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131216/"
 "131217","2019-02-18 00:32:45","http://businessmanagemewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131217/"
 "131215","2019-02-18 00:32:39","http://businessmanagemewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131215/"
 "131212","2019-02-18 00:32:38","http://businessmanagemewww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131212/"
@@ -10064,11 +10615,11 @@
 "131194","2019-02-18 00:32:11","http://businessmanagemewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131194/"
 "131193","2019-02-18 00:32:08","http://businessmanagemewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131193/"
 "131192","2019-02-18 00:32:07","http://businessmanagemewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131192/"
-"131191","2019-02-18 00:32:06","http://businessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131191/"
+"131191","2019-02-18 00:32:06","http://businessmanagemewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131191/"
 "131190","2019-02-18 00:29:24","http://216.176.179.106:9090/26006","online","malware_download","elf","https://urlhaus.abuse.ch/url/131190/"
-"131189","2019-02-18 00:29:02","http://34.73.163.194:80/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131189/"
+"131189","2019-02-18 00:29:02","http://34.73.163.194:80/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131189/"
 "131188","2019-02-18 00:29:01","http://208.89.211.38:80/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131188/"
-"131187","2019-02-18 00:29:00","http://34.73.163.194:80/AB4g5/Josho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131187/"
+"131187","2019-02-18 00:29:00","http://34.73.163.194:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/131187/"
 "131186","2019-02-18 00:28:58","http://88.29.193.92:42681/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/131186/"
 "131185","2019-02-18 00:28:40","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131185/"
 "131184","2019-02-18 00:28:37","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131184/"
@@ -10082,7 +10633,7 @@
 "131176","2019-02-18 00:28:14","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131176/"
 "131175","2019-02-18 00:28:12","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131175/"
 "131174","2019-02-18 00:28:09","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131174/"
-"131173","2019-02-18 00:28:07","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131173/"
+"131173","2019-02-18 00:28:07","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131173/"
 "131172","2019-02-18 00:28:04","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131172/"
 "131171","2019-02-18 00:28:02","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131171/"
 "131170","2019-02-18 00:27:59","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131170/"
@@ -10101,7 +10652,7 @@
 "131157","2019-02-18 00:27:28","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131157/"
 "131156","2019-02-18 00:27:24","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131156/"
 "131155","2019-02-18 00:27:21","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131155/"
-"131154","2019-02-18 00:27:18","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131154/"
+"131154","2019-02-18 00:27:18","https://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131154/"
 "131153","2019-02-18 00:27:16","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131153/"
 "131152","2019-02-18 00:27:15","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131152/"
 "131151","2019-02-18 00:27:12","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131151/"
@@ -10121,7 +10672,7 @@
 "131137","2019-02-18 00:26:58","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131137/"
 "131136","2019-02-18 00:26:56","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131136/"
 "131135","2019-02-18 00:26:55","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131135/"
-"131133","2019-02-18 00:26:53","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131133/"
+"131133","2019-02-18 00:26:53","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131133/"
 "131134","2019-02-18 00:26:53","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131134/"
 "131130","2019-02-18 00:26:51","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131130/"
 "131131","2019-02-18 00:26:51","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131131/"
@@ -10147,7 +10698,7 @@
 "131111","2019-02-18 00:24:23","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131111/"
 "131110","2019-02-18 00:24:03","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131110/"
 "131109","2019-02-18 00:23:56","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131109/"
-"131108","2019-02-18 00:23:47","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131108/"
+"131108","2019-02-18 00:23:47","http://lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131108/"
 "131107","2019-02-18 00:23:38","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131107/"
 "131106","2019-02-18 00:23:32","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131106/"
 "131105","2019-02-18 00:23:24","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131105/"
@@ -10160,7 +10711,7 @@
 "131098","2019-02-18 00:22:49","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131098/"
 "131097","2019-02-18 00:22:44","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131097/"
 "131096","2019-02-18 00:22:37","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131096/"
-"131095","2019-02-18 00:22:30","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131095/"
+"131095","2019-02-18 00:22:30","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131095/"
 "131094","2019-02-18 00:22:23","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131094/"
 "131093","2019-02-18 00:22:14","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131093/"
 "131092","2019-02-18 00:22:07","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131092/"
@@ -10179,7 +10730,7 @@
 "131079","2019-02-18 00:20:53","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131079/"
 "131078","2019-02-18 00:20:45","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131078/"
 "131077","2019-02-18 00:20:40","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131077/"
-"131076","2019-02-18 00:20:34","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131076/"
+"131076","2019-02-18 00:20:34","https://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131076/"
 "131075","2019-02-18 00:20:28","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131075/"
 "131074","2019-02-18 00:20:18","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131074/"
 "131073","2019-02-18 00:19:50","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131073/"
@@ -10200,7 +10751,7 @@
 "131058","2019-02-18 00:17:08","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131058/"
 "131057","2019-02-18 00:16:53","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131057/"
 "131056","2019-02-18 00:16:45","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131056/"
-"131055","2019-02-18 00:16:40","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131055/"
+"131055","2019-02-18 00:16:40","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131055/"
 "131054","2019-02-18 00:16:30","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131054/"
 "131053","2019-02-18 00:16:26","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131053/"
 "131052","2019-02-18 00:16:22","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131052/"
@@ -10225,7 +10776,7 @@
 "131033","2019-02-18 00:12:10","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131033/"
 "131032","2019-02-18 00:11:45","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131032/"
 "131031","2019-02-18 00:11:40","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131031/"
-"131030","2019-02-18 00:11:35","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131030/"
+"131030","2019-02-18 00:11:35","http://hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131030/"
 "131029","2019-02-18 00:11:28","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131029/"
 "131028","2019-02-18 00:11:24","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131028/"
 "131027","2019-02-18 00:11:19","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131027/"
@@ -10238,7 +10789,7 @@
 "131020","2019-02-18 00:10:55","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131020/"
 "131019","2019-02-18 00:10:53","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131019/"
 "131018","2019-02-18 00:10:50","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131018/"
-"131017","2019-02-18 00:10:47","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131017/"
+"131017","2019-02-18 00:10:47","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/131017/"
 "131016","2019-02-18 00:10:44","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131016/"
 "131015","2019-02-18 00:10:40","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131015/"
 "131014","2019-02-18 00:10:38","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/131014/"
@@ -10257,7 +10808,7 @@
 "131001","2019-02-18 00:09:59","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131001/"
 "131000","2019-02-18 00:09:52","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/131000/"
 "130999","2019-02-18 00:09:45","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130999/"
-"130998","2019-02-18 00:09:41","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130998/"
+"130998","2019-02-18 00:09:41","https://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130998/"
 "130997","2019-02-18 00:09:27","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130997/"
 "130996","2019-02-18 00:09:16","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130996/"
 "130995","2019-02-18 00:08:55","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130995/"
@@ -10278,7 +10829,7 @@
 "130980","2019-02-18 00:07:06","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130980/"
 "130979","2019-02-18 00:06:57","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130979/"
 "130978","2019-02-18 00:06:51","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130978/"
-"130977","2019-02-18 00:06:50","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130977/"
+"130977","2019-02-18 00:06:50","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130977/"
 "130976","2019-02-18 00:06:43","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130976/"
 "130975","2019-02-18 00:06:40","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130975/"
 "130974","2019-02-18 00:06:36","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130974/"
@@ -10303,7 +10854,7 @@
 "130955","2019-02-18 00:04:16","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130955/"
 "130954","2019-02-18 00:04:03","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130954/"
 "130953","2019-02-18 00:04:02","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130953/"
-"130952","2019-02-18 00:04:01","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130952/"
+"130952","2019-02-18 00:04:01","http://letgov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130952/"
 "130951","2019-02-18 00:03:59","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130951/"
 "130950","2019-02-18 00:03:56","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130950/"
 "130949","2019-02-18 00:03:52","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130949/"
@@ -10316,7 +10867,7 @@
 "130942","2019-02-18 00:03:34","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130942/"
 "130941","2019-02-18 00:03:31","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130941/"
 "130940","2019-02-18 00:03:29","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130940/"
-"130939","2019-02-18 00:03:26","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130939/"
+"130939","2019-02-18 00:03:26","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130939/"
 "130938","2019-02-18 00:03:24","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130938/"
 "130937","2019-02-18 00:03:21","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130937/"
 "130936","2019-02-18 00:03:19","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130936/"
@@ -10335,7 +10886,7 @@
 "130923","2019-02-18 00:02:49","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130923/"
 "130922","2019-02-18 00:02:28","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130922/"
 "130921","2019-02-18 00:02:26","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130921/"
-"130920","2019-02-18 00:02:23","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130920/"
+"130920","2019-02-18 00:02:23","https://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130920/"
 "130919","2019-02-18 00:02:21","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130919/"
 "130918","2019-02-18 00:02:20","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130918/"
 "130917","2019-02-18 00:02:17","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130917/"
@@ -10355,7 +10906,7 @@
 "130903","2019-02-18 00:01:57","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130903/"
 "130902","2019-02-18 00:01:56","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130902/"
 "130901","2019-02-18 00:01:54","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130901/"
-"130899","2019-02-18 00:01:53","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130899/"
+"130899","2019-02-18 00:01:53","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130899/"
 "130900","2019-02-18 00:01:53","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130900/"
 "130896","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130896/"
 "130897","2019-02-18 00:01:51","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130897/"
@@ -10381,7 +10932,7 @@
 "130877","2019-02-18 00:01:28","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130877/"
 "130876","2019-02-18 00:01:25","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130876/"
 "130875","2019-02-18 00:01:24","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130875/"
-"130874","2019-02-18 00:01:23","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130874/"
+"130874","2019-02-18 00:01:23","http://claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130874/"
 "130873","2019-02-18 00:01:20","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130873/"
 "130872","2019-02-18 00:01:17","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130872/"
 "130871","2019-02-18 00:01:13","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130871/"
@@ -10394,7 +10945,7 @@
 "130864","2019-02-18 00:00:53","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130864/"
 "130863","2019-02-18 00:00:49","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130863/"
 "130862","2019-02-18 00:00:47","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130862/"
-"130861","2019-02-18 00:00:44","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130861/"
+"130861","2019-02-18 00:00:44","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130861/"
 "130860","2019-02-18 00:00:41","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130860/"
 "130859","2019-02-18 00:00:39","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130859/"
 "130858","2019-02-18 00:00:36","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130858/"
@@ -10413,7 +10964,7 @@
 "130845","2019-02-18 00:00:03","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130845/"
 "130844","2019-02-17 23:59:59","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130844/"
 "130843","2019-02-17 23:59:57","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130843/"
-"130842","2019-02-17 23:59:54","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130842/"
+"130842","2019-02-17 23:59:54","https://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130842/"
 "130841","2019-02-17 23:59:52","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130841/"
 "130840","2019-02-17 23:59:51","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130840/"
 "130839","2019-02-17 23:59:47","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130839/"
@@ -10433,7 +10984,7 @@
 "130825","2019-02-17 23:59:32","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130825/"
 "130824","2019-02-17 23:59:31","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130824/"
 "130823","2019-02-17 23:59:30","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130823/"
-"130821","2019-02-17 23:59:29","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130821/"
+"130821","2019-02-17 23:59:29","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130821/"
 "130822","2019-02-17 23:59:29","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130822/"
 "130818","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130818/"
 "130819","2019-02-17 23:59:27","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130819/"
@@ -10459,7 +11010,7 @@
 "130799","2019-02-17 23:59:05","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130799/"
 "130798","2019-02-17 23:59:03","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130798/"
 "130797","2019-02-17 23:58:50","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130797/"
-"130796","2019-02-17 23:58:49","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130796/"
+"130796","2019-02-17 23:58:49","http://cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130796/"
 "130795","2019-02-17 23:58:46","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130795/"
 "130794","2019-02-17 23:58:43","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130794/"
 "130793","2019-02-17 23:58:39","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130793/"
@@ -10472,7 +11023,7 @@
 "130786","2019-02-17 23:58:17","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130786/"
 "130785","2019-02-17 23:58:14","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130785/"
 "130784","2019-02-17 23:58:11","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130784/"
-"130783","2019-02-17 23:58:08","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130783/"
+"130783","2019-02-17 23:58:08","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130783/"
 "130782","2019-02-17 23:58:06","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130782/"
 "130781","2019-02-17 23:58:03","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130781/"
 "130780","2019-02-17 23:58:01","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130780/"
@@ -10490,7 +11041,7 @@
 "130768","2019-02-17 23:57:36","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130768/"
 "130767","2019-02-17 23:57:32","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130767/"
 "130766","2019-02-17 23:57:30","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130766/"
-"130765","2019-02-17 23:57:27","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130765/"
+"130765","2019-02-17 23:57:27","https://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130765/"
 "130764","2019-02-17 23:57:24","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130764/"
 "130763","2019-02-17 23:57:23","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130763/"
 "130762","2019-02-17 23:57:21","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130762/"
@@ -10510,7 +11061,7 @@
 "130748","2019-02-17 23:56:57","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130748/"
 "130747","2019-02-17 23:56:56","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130747/"
 "130746","2019-02-17 23:56:55","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130746/"
-"130744","2019-02-17 23:56:54","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130744/"
+"130744","2019-02-17 23:56:54","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130744/"
 "130745","2019-02-17 23:56:54","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130745/"
 "130743","2019-02-17 23:56:53","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130743/"
 "130740","2019-02-17 23:56:52","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130740/"
@@ -10536,7 +11087,7 @@
 "130722","2019-02-17 23:56:33","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130722/"
 "130721","2019-02-17 23:56:31","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130721/"
 "130720","2019-02-17 23:56:30","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130720/"
-"130719","2019-02-17 23:56:29","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130719/"
+"130719","2019-02-17 23:56:29","http://pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130719/"
 "130718","2019-02-17 23:56:26","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130718/"
 "130717","2019-02-17 23:56:23","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130717/"
 "130716","2019-02-17 23:56:19","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130716/"
@@ -10549,7 +11100,7 @@
 "130709","2019-02-17 23:55:59","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130709/"
 "130708","2019-02-17 23:55:56","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130708/"
 "130707","2019-02-17 23:55:54","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130707/"
-"130706","2019-02-17 23:55:51","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130706/"
+"130706","2019-02-17 23:55:51","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130706/"
 "130705","2019-02-17 23:55:48","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130705/"
 "130704","2019-02-17 23:55:46","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130704/"
 "130703","2019-02-17 23:55:43","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130703/"
@@ -10568,7 +11119,7 @@
 "130690","2019-02-17 23:55:13","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130690/"
 "130689","2019-02-17 23:55:09","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130689/"
 "130688","2019-02-17 23:55:06","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130688/"
-"130687","2019-02-17 23:55:03","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130687/"
+"130687","2019-02-17 23:55:03","https://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130687/"
 "130686","2019-02-17 23:55:01","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130686/"
 "130685","2019-02-17 23:54:59","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130685/"
 "130684","2019-02-17 23:54:56","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130684/"
@@ -10589,7 +11140,7 @@
 "130669","2019-02-17 23:54:23","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130669/"
 "130668","2019-02-17 23:54:13","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130668/"
 "130667","2019-02-17 23:54:09","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130667/"
-"130666","2019-02-17 23:54:08","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130666/"
+"130666","2019-02-17 23:54:08","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130666/"
 "130665","2019-02-17 23:54:02","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130665/"
 "130663","2019-02-17 23:53:36","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130663/"
 "130664","2019-02-17 23:53:36","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130664/"
@@ -10614,10 +11165,10 @@
 "130644","2019-02-17 23:52:33","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130644/"
 "130643","2019-02-17 23:52:18","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130643/"
 "130642","2019-02-17 23:52:13","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130642/"
-"130641","2019-02-17 23:52:07","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130641/"
+"130641","2019-02-17 23:52:07","http://2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130641/"
 "130640","2019-02-17 23:21:05","http://89.35.39.78/x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/130640/"
 "130639","2019-02-17 23:21:03","http://89.35.39.78/i586.dddd","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/130639/"
-"130638","2019-02-17 22:45:33","http://chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130638/"
+"130638","2019-02-17 22:45:33","http://chungchi.edu.vn/wp-content/themes/robusta/css/browser.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130638/"
 "130637","2019-02-17 21:19:33","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130637/"
 "130636","2019-02-17 21:19:28","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130636/"
 "130635","2019-02-17 21:19:20","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130635/"
@@ -10630,7 +11181,7 @@
 "130628","2019-02-17 21:18:50","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130628/"
 "130627","2019-02-17 21:18:46","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130627/"
 "130626","2019-02-17 21:18:44","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130626/"
-"130625","2019-02-17 21:18:41","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130625/"
+"130625","2019-02-17 21:18:41","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130625/"
 "130624","2019-02-17 21:18:39","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130624/"
 "130623","2019-02-17 21:18:36","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130623/"
 "130622","2019-02-17 21:18:34","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130622/"
@@ -10649,7 +11200,7 @@
 "130609","2019-02-17 21:17:58","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130609/"
 "130608","2019-02-17 21:17:54","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130608/"
 "130607","2019-02-17 21:17:52","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130607/"
-"130606","2019-02-17 21:17:49","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130606/"
+"130606","2019-02-17 21:17:49","https://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130606/"
 "130605","2019-02-17 21:17:46","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130605/"
 "130604","2019-02-17 21:17:44","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130604/"
 "130603","2019-02-17 21:17:42","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130603/"
@@ -10669,7 +11220,7 @@
 "130589","2019-02-17 21:17:20","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130589/"
 "130588","2019-02-17 21:17:19","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130588/"
 "130587","2019-02-17 21:17:18","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130587/"
-"130585","2019-02-17 21:17:17","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130585/"
+"130585","2019-02-17 21:17:17","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130585/"
 "130586","2019-02-17 21:17:17","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130586/"
 "130584","2019-02-17 21:17:16","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130584/"
 "130581","2019-02-17 21:17:15","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130581/"
@@ -10695,7 +11246,7 @@
 "130563","2019-02-17 21:16:53","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130563/"
 "130562","2019-02-17 21:16:50","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130562/"
 "130561","2019-02-17 21:16:49","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130561/"
-"130560","2019-02-17 21:16:47","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130560/"
+"130560","2019-02-17 21:16:47","http://protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130560/"
 "130559","2019-02-17 21:16:43","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130559/"
 "130558","2019-02-17 21:16:40","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130558/"
 "130557","2019-02-17 21:16:35","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130557/"
@@ -10708,7 +11259,7 @@
 "130550","2019-02-17 21:16:12","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130550/"
 "130549","2019-02-17 21:16:09","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130549/"
 "130548","2019-02-17 21:16:06","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130548/"
-"130547","2019-02-17 21:16:03","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130547/"
+"130547","2019-02-17 21:16:03","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130547/"
 "130546","2019-02-17 21:15:59","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130546/"
 "130545","2019-02-17 21:15:56","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130545/"
 "130544","2019-02-17 21:15:53","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130544/"
@@ -10727,7 +11278,7 @@
 "130531","2019-02-17 21:15:11","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130531/"
 "130530","2019-02-17 21:15:06","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130530/"
 "130529","2019-02-17 21:15:03","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130529/"
-"130528","2019-02-17 21:15:00","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130528/"
+"130528","2019-02-17 21:15:00","https://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130528/"
 "130527","2019-02-17 21:14:58","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130527/"
 "130526","2019-02-17 21:14:56","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130526/"
 "130525","2019-02-17 21:14:53","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130525/"
@@ -10748,7 +11299,7 @@
 "130510","2019-02-17 21:13:35","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130510/"
 "130509","2019-02-17 21:13:26","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130509/"
 "130508","2019-02-17 21:13:21","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130508/"
-"130507","2019-02-17 21:13:20","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130507/"
+"130507","2019-02-17 21:13:20","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130507/"
 "130506","2019-02-17 21:13:13","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130506/"
 "130505","2019-02-17 21:13:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130505/"
 "130504","2019-02-17 21:13:09","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130504/"
@@ -10773,7 +11324,7 @@
 "130485","2019-02-17 21:10:33","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130485/"
 "130484","2019-02-17 21:10:11","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130484/"
 "130483","2019-02-17 21:10:03","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130483/"
-"130482","2019-02-17 21:09:55","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130482/"
+"130482","2019-02-17 21:09:55","http://mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130482/"
 "130481","2019-02-17 21:09:44","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130481/"
 "130480","2019-02-17 21:09:35","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130480/"
 "130479","2019-02-17 21:09:27","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130479/"
@@ -10786,7 +11337,7 @@
 "130472","2019-02-17 21:08:47","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130472/"
 "130471","2019-02-17 21:08:42","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130471/"
 "130470","2019-02-17 21:08:34","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130470/"
-"130469","2019-02-17 21:08:29","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130469/"
+"130469","2019-02-17 21:08:29","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130469/"
 "130468","2019-02-17 21:08:25","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130468/"
 "130467","2019-02-17 21:08:18","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130467/"
 "130466","2019-02-17 21:08:11","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130466/"
@@ -10805,7 +11356,7 @@
 "130453","2019-02-17 21:06:53","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130453/"
 "130452","2019-02-17 21:06:46","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130452/"
 "130451","2019-02-17 21:06:40","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130451/"
-"130450","2019-02-17 21:06:32","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130450/"
+"130450","2019-02-17 21:06:32","https://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130450/"
 "130449","2019-02-17 21:06:27","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130449/"
 "130448","2019-02-17 21:06:17","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130448/"
 "130447","2019-02-17 21:05:52","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130447/"
@@ -10826,7 +11377,7 @@
 "130432","2019-02-17 21:02:52","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130432/"
 "130431","2019-02-17 21:02:41","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130431/"
 "130430","2019-02-17 21:02:34","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130430/"
-"130429","2019-02-17 21:02:30","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130429/"
+"130429","2019-02-17 21:02:30","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130429/"
 "130428","2019-02-17 21:02:22","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130428/"
 "130427","2019-02-17 21:02:19","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130427/"
 "130426","2019-02-17 21:02:16","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130426/"
@@ -10851,9 +11402,9 @@
 "130407","2019-02-17 21:00:25","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130407/"
 "130406","2019-02-17 21:00:17","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130406/"
 "130405","2019-02-17 21:00:15","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130405/"
-"130404","2019-02-17 21:00:10","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130404/"
+"130404","2019-02-17 21:00:10","http://outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130404/"
 "130403","2019-02-17 20:23:07","http://211.21.205.207:40722/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130403/"
-"130402","2019-02-17 20:23:04","http://1.32.43.40:12984/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130402/"
+"130402","2019-02-17 20:23:04","http://1.32.43.40:12984/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/130402/"
 "130401","2019-02-17 20:23:00","http://mikrotik.com.pe/cli/as.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130401/"
 "130400","2019-02-17 20:22:58","http://www.pestguard.com.bd/protected.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130400/"
 "130399","2019-02-17 20:22:56","http://pestguard.com.bd/protected.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/130399/"
@@ -10869,7 +11420,7 @@
 "130389","2019-02-17 20:22:29","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130389/"
 "130388","2019-02-17 20:22:26","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130388/"
 "130387","2019-02-17 20:22:23","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130387/"
-"130386","2019-02-17 20:22:20","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130386/"
+"130386","2019-02-17 20:22:20","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130386/"
 "130385","2019-02-17 20:22:18","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130385/"
 "130384","2019-02-17 20:22:16","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130384/"
 "130383","2019-02-17 20:22:13","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130383/"
@@ -10888,7 +11439,7 @@
 "130370","2019-02-17 20:21:43","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130370/"
 "130369","2019-02-17 20:21:39","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130369/"
 "130368","2019-02-17 20:21:36","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130368/"
-"130367","2019-02-17 20:21:33","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130367/"
+"130367","2019-02-17 20:21:33","https://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130367/"
 "130366","2019-02-17 20:21:31","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130366/"
 "130365","2019-02-17 20:21:30","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130365/"
 "130364","2019-02-17 20:21:27","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130364/"
@@ -10908,7 +11459,7 @@
 "130350","2019-02-17 20:20:47","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130350/"
 "130349","2019-02-17 20:20:46","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130349/"
 "130348","2019-02-17 20:20:44","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130348/"
-"130346","2019-02-17 20:20:43","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130346/"
+"130346","2019-02-17 20:20:43","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130346/"
 "130347","2019-02-17 20:20:43","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130347/"
 "130343","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130343/"
 "130344","2019-02-17 20:20:40","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130344/"
@@ -10934,7 +11485,7 @@
 "130324","2019-02-17 20:19:09","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130324/"
 "130323","2019-02-17 20:18:53","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130323/"
 "130322","2019-02-17 20:18:48","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130322/"
-"130321","2019-02-17 20:18:41","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130321/"
+"130321","2019-02-17 20:18:41","http://kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130321/"
 "130320","2019-02-17 20:18:34","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130320/"
 "130319","2019-02-17 20:18:31","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130319/"
 "130318","2019-02-17 20:18:26","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130318/"
@@ -10947,7 +11498,7 @@
 "130311","2019-02-17 20:17:58","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130311/"
 "130310","2019-02-17 20:17:54","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130310/"
 "130309","2019-02-17 20:17:50","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130309/"
-"130308","2019-02-17 20:17:46","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130308/"
+"130308","2019-02-17 20:17:46","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130308/"
 "130307","2019-02-17 20:17:43","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130307/"
 "130306","2019-02-17 20:17:40","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130306/"
 "130305","2019-02-17 20:17:36","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130305/"
@@ -10966,7 +11517,7 @@
 "130292","2019-02-17 20:16:52","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130292/"
 "130291","2019-02-17 20:16:45","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130291/"
 "130290","2019-02-17 20:16:42","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130290/"
-"130289","2019-02-17 20:16:39","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130289/"
+"130289","2019-02-17 20:16:39","https://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130289/"
 "130288","2019-02-17 20:16:33","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130288/"
 "130287","2019-02-17 20:16:26","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130287/"
 "130286","2019-02-17 20:16:08","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130286/"
@@ -10987,7 +11538,7 @@
 "130271","2019-02-17 20:14:33","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130271/"
 "130270","2019-02-17 20:14:25","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130270/"
 "130269","2019-02-17 20:14:22","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130269/"
-"130268","2019-02-17 20:14:21","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130268/"
+"130268","2019-02-17 20:14:21","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130268/"
 "130267","2019-02-17 20:14:16","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130267/"
 "130265","2019-02-17 20:14:15","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130265/"
 "130266","2019-02-17 20:14:15","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130266/"
@@ -11012,7 +11563,7 @@
 "130246","2019-02-17 20:12:14","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130246/"
 "130245","2019-02-17 20:11:53","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130245/"
 "130244","2019-02-17 20:11:47","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130244/"
-"130243","2019-02-17 20:11:40","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130243/"
+"130243","2019-02-17 20:11:40","http://staybigsarash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130243/"
 "130242","2019-02-17 20:11:33","https://orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130242/"
 "130241","2019-02-17 20:11:29","https://orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130241/"
 "130240","2019-02-17 20:11:23","https://orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130240/"
@@ -11025,7 +11576,7 @@
 "130233","2019-02-17 20:10:56","https://orciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130233/"
 "130232","2019-02-17 20:10:53","https://orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130232/"
 "130231","2019-02-17 20:10:49","https://orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130231/"
-"130230","2019-02-17 20:10:46","https://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130230/"
+"130230","2019-02-17 20:10:46","https://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130230/"
 "130229","2019-02-17 20:10:44","https://orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130229/"
 "130228","2019-02-17 20:10:41","https://orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130228/"
 "130227","2019-02-17 20:10:37","https://orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130227/"
@@ -11044,7 +11595,7 @@
 "130214","2019-02-17 20:09:56","https://orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130214/"
 "130213","2019-02-17 20:09:50","https://orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130213/"
 "130212","2019-02-17 20:09:48","https://orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130212/"
-"130211","2019-02-17 20:09:45","https://orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130211/"
+"130211","2019-02-17 20:09:45","https://orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130211/"
 "130210","2019-02-17 20:09:42","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130210/"
 "130209","2019-02-17 20:09:41","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130209/"
 "130208","2019-02-17 20:09:38","http://orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130208/"
@@ -11065,7 +11616,7 @@
 "130193","2019-02-17 20:08:52","http://orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130193/"
 "130192","2019-02-17 20:08:43","http://orciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130192/"
 "130191","2019-02-17 20:08:39","http://orciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130191/"
-"130190","2019-02-17 20:08:38","http://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130190/"
+"130190","2019-02-17 20:08:38","http://orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130190/"
 "130189","2019-02-17 20:08:32","http://orciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130189/"
 "130188","2019-02-17 20:08:31","http://orciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130188/"
 "130186","2019-02-17 20:08:30","http://orciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130186/"
@@ -11090,7 +11641,7 @@
 "130168","2019-02-17 20:06:58","http://orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130168/"
 "130167","2019-02-17 20:06:42","http://orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130167/"
 "130166","2019-02-17 20:06:34","http://orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130166/"
-"130165","2019-02-17 20:06:25","http://orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130165/"
+"130165","2019-02-17 20:06:25","http://orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130165/"
 "130164","2019-02-17 20:06:17","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130164/"
 "130163","2019-02-17 20:06:11","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130163/"
 "130162","2019-02-17 20:06:04","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130162/"
@@ -11104,7 +11655,7 @@
 "130154","2019-02-17 20:05:03","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130154/"
 "130153","2019-02-17 20:05:01","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130153/"
 "130152","2019-02-17 20:04:58","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130152/"
-"130151","2019-02-17 20:04:55","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130151/"
+"130151","2019-02-17 20:04:55","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130151/"
 "130150","2019-02-17 20:04:53","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130150/"
 "130149","2019-02-17 20:04:50","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130149/"
 "130148","2019-02-17 20:04:48","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130148/"
@@ -11123,7 +11674,7 @@
 "130135","2019-02-17 20:04:17","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130135/"
 "130134","2019-02-17 20:04:12","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130134/"
 "130133","2019-02-17 20:04:09","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130133/"
-"130132","2019-02-17 20:04:07","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130132/"
+"130132","2019-02-17 20:04:07","https://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130132/"
 "130131","2019-02-17 20:04:04","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130131/"
 "130130","2019-02-17 20:04:02","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130130/"
 "130129","2019-02-17 20:04:00","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130129/"
@@ -11143,7 +11694,7 @@
 "130115","2019-02-17 20:03:46","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130115/"
 "130114","2019-02-17 20:03:45","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130114/"
 "130113","2019-02-17 20:03:44","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130113/"
-"130111","2019-02-17 20:03:42","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130111/"
+"130111","2019-02-17 20:03:42","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130111/"
 "130112","2019-02-17 20:03:42","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130112/"
 "130108","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130108/"
 "130109","2019-02-17 20:03:41","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130109/"
@@ -11169,7 +11720,7 @@
 "130089","2019-02-17 20:03:18","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130089/"
 "130088","2019-02-17 20:03:16","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130088/"
 "130087","2019-02-17 20:03:15","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130087/"
-"130086","2019-02-17 20:03:14","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130086/"
+"130086","2019-02-17 20:03:14","http://huc-hkh.orciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130086/"
 "130085","2019-02-17 20:03:11","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130085/"
 "130084","2019-02-17 20:03:08","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130084/"
 "130083","2019-02-17 20:03:05","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130083/"
@@ -11182,7 +11733,7 @@
 "130076","2019-02-17 20:02:41","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130076/"
 "130075","2019-02-17 20:02:39","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130075/"
 "130074","2019-02-17 20:02:36","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130074/"
-"130073","2019-02-17 20:02:33","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130073/"
+"130073","2019-02-17 20:02:33","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130073/"
 "130072","2019-02-17 20:02:30","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130072/"
 "130071","2019-02-17 20:02:28","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130071/"
 "130070","2019-02-17 20:02:26","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130070/"
@@ -11201,7 +11752,7 @@
 "130057","2019-02-17 20:01:55","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130057/"
 "130056","2019-02-17 20:01:52","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130056/"
 "130055","2019-02-17 20:01:49","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130055/"
-"130054","2019-02-17 20:01:47","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130054/"
+"130054","2019-02-17 20:01:47","https://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130054/"
 "130053","2019-02-17 20:01:44","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130053/"
 "130052","2019-02-17 20:01:42","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130052/"
 "130051","2019-02-17 20:01:38","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130051/"
@@ -11222,7 +11773,7 @@
 "130036","2019-02-17 20:01:04","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130036/"
 "130035","2019-02-17 20:01:02","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130035/"
 "130034","2019-02-17 20:01:01","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130034/"
-"130033","2019-02-17 20:01:00","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130033/"
+"130033","2019-02-17 20:01:00","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130033/"
 "130031","2019-02-17 20:00:58","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130031/"
 "130032","2019-02-17 20:00:58","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130032/"
 "130028","2019-02-17 20:00:57","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/130028/"
@@ -11247,7 +11798,7 @@
 "130011","2019-02-17 20:00:32","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130011/"
 "130010","2019-02-17 20:00:30","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130010/"
 "130009","2019-02-17 20:00:29","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130009/"
-"130008","2019-02-17 20:00:27","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130008/"
+"130008","2019-02-17 20:00:27","http://siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/130008/"
 "130007","2019-02-17 20:00:24","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130007/"
 "130006","2019-02-17 20:00:21","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130006/"
 "130005","2019-02-17 20:00:16","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/130005/"
@@ -11260,7 +11811,7 @@
 "129998","2019-02-17 19:59:50","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129998/"
 "129997","2019-02-17 19:59:48","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129997/"
 "129996","2019-02-17 19:59:45","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129996/"
-"129995","2019-02-17 19:59:42","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129995/"
+"129995","2019-02-17 19:59:42","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129995/"
 "129994","2019-02-17 19:59:40","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129994/"
 "129993","2019-02-17 19:59:38","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129993/"
 "129992","2019-02-17 19:59:35","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129992/"
@@ -11279,7 +11830,7 @@
 "129979","2019-02-17 19:59:03","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129979/"
 "129978","2019-02-17 19:58:59","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129978/"
 "129977","2019-02-17 19:58:56","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129977/"
-"129976","2019-02-17 19:58:54","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129976/"
+"129976","2019-02-17 19:58:54","https://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129976/"
 "129975","2019-02-17 19:58:51","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129975/"
 "129974","2019-02-17 19:58:50","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129974/"
 "129973","2019-02-17 19:58:48","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129973/"
@@ -11300,7 +11851,7 @@
 "129958","2019-02-17 19:58:32","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129958/"
 "129956","2019-02-17 19:58:30","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129956/"
 "129957","2019-02-17 19:58:30","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129957/"
-"129955","2019-02-17 19:58:29","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129955/"
+"129955","2019-02-17 19:58:29","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129955/"
 "129952","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129952/"
 "129953","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129953/"
 "129954","2019-02-17 19:58:28","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129954/"
@@ -11324,7 +11875,7 @@
 "129934","2019-02-17 19:58:10","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129934/"
 "129933","2019-02-17 19:58:06","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129933/"
 "129932","2019-02-17 19:58:05","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129932/"
-"129931","2019-02-17 19:58:04","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129931/"
+"129931","2019-02-17 19:58:04","http://marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129931/"
 "129930","2019-02-17 19:58:00","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129930/"
 "129929","2019-02-17 19:57:58","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129929/"
 "129928","2019-02-17 19:57:54","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129928/"
@@ -11337,7 +11888,7 @@
 "129921","2019-02-17 19:57:33","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129921/"
 "129920","2019-02-17 19:57:30","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129920/"
 "129919","2019-02-17 19:57:28","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129919/"
-"129918","2019-02-17 19:57:25","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129918/"
+"129918","2019-02-17 19:57:25","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129918/"
 "129917","2019-02-17 19:57:22","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129917/"
 "129916","2019-02-17 19:57:20","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129916/"
 "129915","2019-02-17 19:57:17","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129915/"
@@ -11356,7 +11907,7 @@
 "129902","2019-02-17 19:56:45","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129902/"
 "129901","2019-02-17 19:56:41","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129901/"
 "129900","2019-02-17 19:56:39","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129900/"
-"129899","2019-02-17 19:56:36","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129899/"
+"129899","2019-02-17 19:56:36","https://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129899/"
 "129898","2019-02-17 19:56:34","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129898/"
 "129897","2019-02-17 19:56:32","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129897/"
 "129896","2019-02-17 19:56:24","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129896/"
@@ -11377,7 +11928,7 @@
 "129881","2019-02-17 19:56:08","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129881/"
 "129880","2019-02-17 19:56:07","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129880/"
 "129879","2019-02-17 19:56:06","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129879/"
-"129878","2019-02-17 19:56:05","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129878/"
+"129878","2019-02-17 19:56:05","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129878/"
 "129875","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129875/"
 "129876","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129876/"
 "129877","2019-02-17 19:56:04","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129877/"
@@ -11402,7 +11953,7 @@
 "129856","2019-02-17 19:55:45","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129856/"
 "129855","2019-02-17 19:55:43","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129855/"
 "129854","2019-02-17 19:55:42","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129854/"
-"129853","2019-02-17 19:55:41","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129853/"
+"129853","2019-02-17 19:55:41","http://ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129853/"
 "129852","2019-02-17 19:55:38","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129852/"
 "129851","2019-02-17 19:55:35","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129851/"
 "129850","2019-02-17 19:55:30","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129850/"
@@ -11415,7 +11966,7 @@
 "129843","2019-02-17 19:55:11","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129843/"
 "129842","2019-02-17 19:55:08","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129842/"
 "129841","2019-02-17 19:55:06","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129841/"
-"129840","2019-02-17 19:55:03","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129840/"
+"129840","2019-02-17 19:55:03","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129840/"
 "129839","2019-02-17 19:55:01","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129839/"
 "129838","2019-02-17 19:54:58","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129838/"
 "129837","2019-02-17 19:54:56","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129837/"
@@ -11434,7 +11985,7 @@
 "129824","2019-02-17 19:54:25","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129824/"
 "129823","2019-02-17 19:54:21","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129823/"
 "129822","2019-02-17 19:54:18","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129822/"
-"129821","2019-02-17 19:54:16","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129821/"
+"129821","2019-02-17 19:54:16","https://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129821/"
 "129820","2019-02-17 19:54:10","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129820/"
 "129819","2019-02-17 19:54:09","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129819/"
 "129818","2019-02-17 19:54:07","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129818/"
@@ -11454,7 +12005,7 @@
 "129804","2019-02-17 19:53:51","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129804/"
 "129803","2019-02-17 19:53:49","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129803/"
 "129802","2019-02-17 19:53:48","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129802/"
-"129800","2019-02-17 19:53:47","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129800/"
+"129800","2019-02-17 19:53:47","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129800/"
 "129801","2019-02-17 19:53:47","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129801/"
 "129798","2019-02-17 19:53:46","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129798/"
 "129799","2019-02-17 19:53:46","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129799/"
@@ -11480,7 +12031,7 @@
 "129778","2019-02-17 19:53:26","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129778/"
 "129777","2019-02-17 19:53:23","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129777/"
 "129776","2019-02-17 19:53:22","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129776/"
-"129775","2019-02-17 19:53:21","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129775/"
+"129775","2019-02-17 19:53:21","http://sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129775/"
 "129774","2019-02-17 19:53:16","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129774/"
 "129773","2019-02-17 19:53:13","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129773/"
 "129772","2019-02-17 19:53:09","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129772/"
@@ -11493,7 +12044,7 @@
 "129765","2019-02-17 19:52:50","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129765/"
 "129764","2019-02-17 19:52:48","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129764/"
 "129763","2019-02-17 19:52:45","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129763/"
-"129762","2019-02-17 19:52:42","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129762/"
+"129762","2019-02-17 19:52:42","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129762/"
 "129761","2019-02-17 19:52:40","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129761/"
 "129760","2019-02-17 19:52:38","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129760/"
 "129759","2019-02-17 19:52:35","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129759/"
@@ -11512,7 +12063,7 @@
 "129746","2019-02-17 19:52:04","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129746/"
 "129745","2019-02-17 19:52:01","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129745/"
 "129744","2019-02-17 19:51:58","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129744/"
-"129743","2019-02-17 19:51:56","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129743/"
+"129743","2019-02-17 19:51:56","https://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129743/"
 "129742","2019-02-17 19:51:54","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129742/"
 "129741","2019-02-17 19:51:52","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129741/"
 "129740","2019-02-17 19:51:50","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129740/"
@@ -11532,7 +12083,7 @@
 "129726","2019-02-17 19:51:27","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129726/"
 "129725","2019-02-17 19:51:25","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129725/"
 "129724","2019-02-17 19:51:23","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129724/"
-"129722","2019-02-17 19:51:22","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129722/"
+"129722","2019-02-17 19:51:22","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129722/"
 "129723","2019-02-17 19:51:22","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129723/"
 "129720","2019-02-17 19:51:20","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129720/"
 "129721","2019-02-17 19:51:20","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129721/"
@@ -11558,7 +12109,7 @@
 "129700","2019-02-17 19:49:54","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129700/"
 "129699","2019-02-17 19:49:40","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129699/"
 "129698","2019-02-17 19:49:34","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129698/"
-"129697","2019-02-17 19:49:29","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129697/"
+"129697","2019-02-17 19:49:29","http://champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129697/"
 "129696","2019-02-17 19:49:23","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129696/"
 "129695","2019-02-17 19:49:20","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129695/"
 "129694","2019-02-17 19:49:15","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129694/"
@@ -11571,7 +12122,7 @@
 "129687","2019-02-17 19:48:48","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129687/"
 "129686","2019-02-17 19:48:45","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129686/"
 "129685","2019-02-17 19:48:41","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129685/"
-"129684","2019-02-17 19:48:38","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129684/"
+"129684","2019-02-17 19:48:38","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129684/"
 "129683","2019-02-17 19:48:34","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129683/"
 "129682","2019-02-17 19:48:31","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129682/"
 "129681","2019-02-17 19:48:28","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129681/"
@@ -11590,7 +12141,7 @@
 "129668","2019-02-17 19:46:57","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129668/"
 "129667","2019-02-17 19:46:51","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129667/"
 "129666","2019-02-17 19:46:48","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129666/"
-"129665","2019-02-17 19:46:43","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129665/"
+"129665","2019-02-17 19:46:43","https://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129665/"
 "129664","2019-02-17 19:46:40","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129664/"
 "129663","2019-02-17 19:46:32","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129663/"
 "129662","2019-02-17 19:46:16","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129662/"
@@ -11611,7 +12162,7 @@
 "129647","2019-02-17 19:44:45","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129647/"
 "129646","2019-02-17 19:44:37","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129646/"
 "129645","2019-02-17 19:44:34","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129645/"
-"129644","2019-02-17 19:44:33","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129644/"
+"129644","2019-02-17 19:44:33","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129644/"
 "129643","2019-02-17 19:44:26","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129643/"
 "129642","2019-02-17 19:44:24","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129642/"
 "129641","2019-02-17 19:44:22","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129641/"
@@ -11636,7 +12187,7 @@
 "129622","2019-02-17 19:42:16","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129622/"
 "129621","2019-02-17 19:41:59","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129621/"
 "129620","2019-02-17 19:41:54","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129620/"
-"129619","2019-02-17 19:41:45","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129619/"
+"129619","2019-02-17 19:41:45","http://auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129619/"
 "129618","2019-02-17 19:41:34","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129618/"
 "129617","2019-02-17 19:41:29","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129617/"
 "129616","2019-02-17 19:41:19","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129616/"
@@ -11649,7 +12200,7 @@
 "129609","2019-02-17 19:40:40","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129609/"
 "129608","2019-02-17 19:40:36","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129608/"
 "129607","2019-02-17 19:40:32","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129607/"
-"129606","2019-02-17 19:40:28","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129606/"
+"129606","2019-02-17 19:40:28","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129606/"
 "129605","2019-02-17 19:40:25","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129605/"
 "129604","2019-02-17 19:40:21","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129604/"
 "129603","2019-02-17 19:40:18","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129603/"
@@ -11668,7 +12219,7 @@
 "129590","2019-02-17 19:39:31","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129590/"
 "129589","2019-02-17 19:39:25","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129589/"
 "129588","2019-02-17 19:39:21","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129588/"
-"129587","2019-02-17 19:39:18","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129587/"
+"129587","2019-02-17 19:39:18","https://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129587/"
 "129586","2019-02-17 19:39:15","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129586/"
 "129585","2019-02-17 19:39:09","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129585/"
 "129584","2019-02-17 19:38:55","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129584/"
@@ -11688,7 +12239,7 @@
 "129570","2019-02-17 19:38:26","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129570/"
 "129569","2019-02-17 19:38:24","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129569/"
 "129568","2019-02-17 19:38:23","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129568/"
-"129566","2019-02-17 19:38:22","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129566/"
+"129566","2019-02-17 19:38:22","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129566/"
 "129567","2019-02-17 19:38:22","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129567/"
 "129563","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129563/"
 "129564","2019-02-17 19:38:20","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129564/"
@@ -11714,7 +12265,7 @@
 "129544","2019-02-17 19:37:40","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129544/"
 "129543","2019-02-17 19:37:23","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129543/"
 "129542","2019-02-17 19:37:17","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129542/"
-"129541","2019-02-17 19:37:10","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129541/"
+"129541","2019-02-17 19:37:10","http://pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129541/"
 "129540","2019-02-17 19:37:04","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129540/"
 "129539","2019-02-17 19:36:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129539/"
 "129538","2019-02-17 19:36:54","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129538/"
@@ -11727,7 +12278,7 @@
 "129531","2019-02-17 19:36:15","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129531/"
 "129530","2019-02-17 19:36:09","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129530/"
 "129529","2019-02-17 19:36:05","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129529/"
-"129528","2019-02-17 19:35:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129528/"
+"129528","2019-02-17 19:35:59","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129528/"
 "129527","2019-02-17 19:35:55","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129527/"
 "129526","2019-02-17 19:35:50","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129526/"
 "129525","2019-02-17 19:35:45","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129525/"
@@ -11746,7 +12297,7 @@
 "129512","2019-02-17 19:34:33","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129512/"
 "129511","2019-02-17 19:34:27","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129511/"
 "129510","2019-02-17 19:34:22","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129510/"
-"129509","2019-02-17 19:34:16","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129509/"
+"129509","2019-02-17 19:34:16","https://gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129509/"
 "129508","2019-02-17 19:34:12","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129508/"
 "129507","2019-02-17 19:34:06","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129507/"
 "129506","2019-02-17 19:34:03","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129506/"
@@ -11766,7 +12317,7 @@
 "129492","2019-02-17 19:33:43","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129492/"
 "129491","2019-02-17 19:33:42","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129491/"
 "129490","2019-02-17 19:33:40","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129490/"
-"129488","2019-02-17 19:33:39","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129488/"
+"129488","2019-02-17 19:33:39","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129488/"
 "129489","2019-02-17 19:33:39","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129489/"
 "129486","2019-02-17 19:33:37","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129486/"
 "129487","2019-02-17 19:33:37","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129487/"
@@ -11792,7 +12343,7 @@
 "129466","2019-02-17 19:33:17","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129466/"
 "129465","2019-02-17 19:33:15","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129465/"
 "129464","2019-02-17 19:33:14","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129464/"
-"129463","2019-02-17 19:33:13","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129463/"
+"129463","2019-02-17 19:33:13","http://gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129463/"
 "129462","2019-02-17 19:33:10","https://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129462/"
 "129461","2019-02-17 19:33:07","https://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129461/"
 "129460","2019-02-17 19:33:04","https://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129460/"
@@ -11805,7 +12356,7 @@
 "129453","2019-02-17 19:32:45","https://rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129453/"
 "129452","2019-02-17 19:32:42","https://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129452/"
 "129451","2019-02-17 19:32:40","https://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129451/"
-"129450","2019-02-17 19:32:37","https://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129450/"
+"129450","2019-02-17 19:32:37","https://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129450/"
 "129449","2019-02-17 19:32:34","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129449/"
 "129448","2019-02-17 19:32:32","https://rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129448/"
 "129447","2019-02-17 19:32:30","https://rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129447/"
@@ -11824,7 +12375,7 @@
 "129434","2019-02-17 19:31:58","https://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129434/"
 "129433","2019-02-17 19:31:54","https://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129433/"
 "129432","2019-02-17 19:31:52","https://rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129432/"
-"129431","2019-02-17 19:31:49","https://rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129431/"
+"129431","2019-02-17 19:31:49","https://rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129431/"
 "129430","2019-02-17 19:31:46","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129430/"
 "129429","2019-02-17 19:31:45","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129429/"
 "129428","2019-02-17 19:31:43","http://rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129428/"
@@ -11844,7 +12395,7 @@
 "129414","2019-02-17 19:31:28","http://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129414/"
 "129413","2019-02-17 19:31:27","http://rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129413/"
 "129412","2019-02-17 19:31:25","http://rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129412/"
-"129410","2019-02-17 19:31:24","http://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129410/"
+"129410","2019-02-17 19:31:24","http://rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129410/"
 "129411","2019-02-17 19:31:24","http://rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129411/"
 "129409","2019-02-17 19:31:23","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129409/"
 "129406","2019-02-17 19:31:22","http://rsmart-testsolutions.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129406/"
@@ -11870,7 +12421,7 @@
 "129388","2019-02-17 19:30:57","http://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129388/"
 "129387","2019-02-17 19:30:52","http://rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129387/"
 "129386","2019-02-17 19:30:50","http://rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129386/"
-"129385","2019-02-17 19:30:45","http://rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129385/"
+"129385","2019-02-17 19:30:45","http://rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129385/"
 "129384","2019-02-17 19:30:35","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129384/"
 "129383","2019-02-17 19:30:25","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129383/"
 "129382","2019-02-17 19:30:16","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129382/"
@@ -11883,7 +12434,7 @@
 "129375","2019-02-17 19:29:47","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129375/"
 "129374","2019-02-17 19:29:42","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129374/"
 "129373","2019-02-17 19:29:36","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129373/"
-"129372","2019-02-17 19:29:29","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129372/"
+"129372","2019-02-17 19:29:29","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129372/"
 "129371","2019-02-17 19:29:21","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129371/"
 "129370","2019-02-17 19:29:15","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129370/"
 "129369","2019-02-17 19:29:08","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129369/"
@@ -11902,7 +12453,7 @@
 "129356","2019-02-17 19:28:07","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129356/"
 "129355","2019-02-17 19:28:00","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129355/"
 "129354","2019-02-17 19:27:56","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129354/"
-"129353","2019-02-17 19:27:51","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129353/"
+"129353","2019-02-17 19:27:51","https://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129353/"
 "129352","2019-02-17 19:27:47","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129352/"
 "129351","2019-02-17 19:27:36","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129351/"
 "129350","2019-02-17 19:27:14","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129350/"
@@ -11923,7 +12474,7 @@
 "129335","2019-02-17 19:24:29","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129335/"
 "129334","2019-02-17 19:24:17","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129334/"
 "129333","2019-02-17 19:24:11","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129333/"
-"129332","2019-02-17 19:24:08","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129332/"
+"129332","2019-02-17 19:24:08","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129332/"
 "129331","2019-02-17 19:24:01","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129331/"
 "129329","2019-02-17 19:24:00","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129329/"
 "129330","2019-02-17 19:24:00","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129330/"
@@ -11948,7 +12499,7 @@
 "129310","2019-02-17 19:21:52","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129310/"
 "129309","2019-02-17 19:21:33","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129309/"
 "129308","2019-02-17 19:21:26","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129308/"
-"129307","2019-02-17 19:21:14","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129307/"
+"129307","2019-02-17 19:21:14","http://minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129307/"
 "129306","2019-02-17 19:08:02","http://cild.edu.vn/DE_de/VZFPYLAO2818712/gescanntes-Dokument/RECH","offline","malware_download","doc","https://urlhaus.abuse.ch/url/129306/"
 "129305","2019-02-17 18:42:05","http://1.9.124.131:2933/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/129305/"
 "129304","2019-02-17 18:37:09","https://bmstu-iu9.github.io/compiler-labs/1/BeRo/btpc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/129304/"
@@ -12059,7 +12610,7 @@
 "129199","2019-02-17 09:59:31","https://ciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129199/"
 "129198","2019-02-17 09:59:29","https://ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129198/"
 "129197","2019-02-17 09:59:26","https://ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129197/"
-"129196","2019-02-17 09:59:23","https://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129196/"
+"129196","2019-02-17 09:59:23","https://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129196/"
 "129195","2019-02-17 09:59:21","https://ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129195/"
 "129194","2019-02-17 09:59:18","https://ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129194/"
 "129193","2019-02-17 09:59:15","https://ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129193/"
@@ -12078,7 +12629,7 @@
 "129180","2019-02-17 09:58:45","https://ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129180/"
 "129179","2019-02-17 09:58:41","https://ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129179/"
 "129178","2019-02-17 09:58:39","https://ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129178/"
-"129177","2019-02-17 09:58:36","https://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129177/"
+"129177","2019-02-17 09:58:36","https://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129177/"
 "129176","2019-02-17 09:58:33","http://dixe.online/En/document/Invoice_number/cJaLC-On_M-yu","offline","malware_download","doc","https://urlhaus.abuse.ch/url/129176/"
 "129175","2019-02-17 09:58:31","http://ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129175/"
 "129174","2019-02-17 09:58:30","http://ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129174/"
@@ -12099,7 +12650,7 @@
 "129159","2019-02-17 09:58:14","http://ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129159/"
 "129158","2019-02-17 09:58:13","http://ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129158/"
 "129157","2019-02-17 09:58:12","http://ciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129157/"
-"129155","2019-02-17 09:58:11","http://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129155/"
+"129155","2019-02-17 09:58:11","http://ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129155/"
 "129156","2019-02-17 09:58:11","http://ciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129156/"
 "129154","2019-02-17 09:58:10","http://ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129154/"
 "129151","2019-02-17 09:58:09","http://ciprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129151/"
@@ -12125,7 +12676,7 @@
 "129133","2019-02-17 09:56:53","http://ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129133/"
 "129132","2019-02-17 09:56:50","http://ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129132/"
 "129131","2019-02-17 09:56:49","http://ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129131/"
-"129130","2019-02-17 09:56:48","http://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129130/"
+"129130","2019-02-17 09:56:48","http://ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129130/"
 "129129","2019-02-17 09:56:45","https://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129129/"
 "129128","2019-02-17 09:56:43","https://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129128/"
 "129127","2019-02-17 09:56:39","https://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129127/"
@@ -12138,7 +12689,7 @@
 "129120","2019-02-17 09:56:20","https://benfey.ciprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129120/"
 "129119","2019-02-17 09:56:18","https://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129119/"
 "129118","2019-02-17 09:56:15","https://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129118/"
-"129117","2019-02-17 09:56:12","https://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129117/"
+"129117","2019-02-17 09:56:12","https://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129117/"
 "129116","2019-02-17 09:56:10","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129116/"
 "129115","2019-02-17 09:56:07","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129115/"
 "129114","2019-02-17 09:56:04","https://benfey.ciprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129114/"
@@ -12157,7 +12708,7 @@
 "129101","2019-02-17 09:55:33","https://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129101/"
 "129100","2019-02-17 09:55:29","https://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129100/"
 "129099","2019-02-17 09:55:26","https://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129099/"
-"129098","2019-02-17 09:55:23","https://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129098/"
+"129098","2019-02-17 09:55:23","https://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129098/"
 "129097","2019-02-17 09:55:20","http://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129097/"
 "129096","2019-02-17 09:55:19","http://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129096/"
 "129095","2019-02-17 09:55:17","http://benfey.ciprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129095/"
@@ -12178,7 +12729,7 @@
 "129080","2019-02-17 09:54:31","http://benfey.ciprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129080/"
 "129078","2019-02-17 09:54:29","http://benfey.ciprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129078/"
 "129079","2019-02-17 09:54:29","http://benfey.ciprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129079/"
-"129077","2019-02-17 09:54:28","http://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129077/"
+"129077","2019-02-17 09:54:28","http://benfey.ciprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129077/"
 "129074","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129074/"
 "129075","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129075/"
 "129076","2019-02-17 09:54:27","http://benfey.ciprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129076/"
@@ -12203,7 +12754,7 @@
 "129055","2019-02-17 09:54:09","http://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129055/"
 "129054","2019-02-17 09:54:06","http://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129054/"
 "129053","2019-02-17 09:54:05","http://benfey.ciprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129053/"
-"129052","2019-02-17 09:54:04","http://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129052/"
+"129052","2019-02-17 09:54:04","http://benfey.ciprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129052/"
 "129051","2019-02-17 09:38:03","http://sevesheldon.com/wp-includes/pomo/1.exe","online","malware_download","exe,hancitor,payload,Pony,stage2","https://urlhaus.abuse.ch/url/129051/"
 "129050","2019-02-17 09:35:53","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129050/"
 "129049","2019-02-17 09:35:51","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129049/"
@@ -12217,7 +12768,7 @@
 "129041","2019-02-17 09:35:27","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129041/"
 "129040","2019-02-17 09:35:24","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129040/"
 "129039","2019-02-17 09:35:21","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129039/"
-"129038","2019-02-17 09:35:19","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129038/"
+"129038","2019-02-17 09:35:19","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129038/"
 "129037","2019-02-17 09:35:16","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129037/"
 "129036","2019-02-17 09:35:14","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129036/"
 "129035","2019-02-17 09:35:11","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/129035/"
@@ -12236,7 +12787,7 @@
 "129022","2019-02-17 09:34:40","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129022/"
 "129021","2019-02-17 09:34:36","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129021/"
 "129020","2019-02-17 09:34:34","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129020/"
-"129019","2019-02-17 09:34:31","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129019/"
+"129019","2019-02-17 09:34:31","https://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/129019/"
 "129018","2019-02-17 09:34:29","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129018/"
 "129017","2019-02-17 09:34:27","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129017/"
 "129016","2019-02-17 09:34:25","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129016/"
@@ -12256,7 +12807,7 @@
 "129002","2019-02-17 09:34:11","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129002/"
 "129001","2019-02-17 09:34:10","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129001/"
 "129000","2019-02-17 09:34:09","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/129000/"
-"128998","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128998/"
+"128998","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128998/"
 "128999","2019-02-17 09:34:08","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128999/"
 "128996","2019-02-17 09:34:07","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128996/"
 "128997","2019-02-17 09:34:07","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128997/"
@@ -12282,7 +12833,7 @@
 "128976","2019-02-17 09:33:44","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128976/"
 "128975","2019-02-17 09:33:42","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128975/"
 "128974","2019-02-17 09:33:40","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128974/"
-"128973","2019-02-17 09:33:39","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128973/"
+"128973","2019-02-17 09:33:39","http://mcdanielconrjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128973/"
 "128972","2019-02-17 09:33:37","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128972/"
 "128971","2019-02-17 09:33:34","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128971/"
 "128970","2019-02-17 09:33:30","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128970/"
@@ -12295,7 +12846,7 @@
 "128963","2019-02-17 09:33:11","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128963/"
 "128962","2019-02-17 09:33:09","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128962/"
 "128961","2019-02-17 09:33:06","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128961/"
-"128960","2019-02-17 09:33:03","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128960/"
+"128960","2019-02-17 09:33:03","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128960/"
 "128959","2019-02-17 09:33:00","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128959/"
 "128958","2019-02-17 09:32:57","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128958/"
 "128957","2019-02-17 09:32:55","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128957/"
@@ -12314,7 +12865,7 @@
 "128944","2019-02-17 09:32:24","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128944/"
 "128943","2019-02-17 09:32:20","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128943/"
 "128942","2019-02-17 09:32:18","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128942/"
-"128941","2019-02-17 09:32:16","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128941/"
+"128941","2019-02-17 09:32:16","https://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128941/"
 "128940","2019-02-17 09:32:13","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128940/"
 "128939","2019-02-17 09:32:12","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128939/"
 "128938","2019-02-17 09:32:10","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128938/"
@@ -12334,7 +12885,7 @@
 "128924","2019-02-17 09:31:36","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128924/"
 "128923","2019-02-17 09:31:34","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128923/"
 "128922","2019-02-17 09:31:33","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128922/"
-"128920","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128920/"
+"128920","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128920/"
 "128921","2019-02-17 09:31:32","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128921/"
 "128918","2019-02-17 09:31:31","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128918/"
 "128919","2019-02-17 09:31:31","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128919/"
@@ -12360,7 +12911,7 @@
 "128898","2019-02-17 09:31:11","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128898/"
 "128897","2019-02-17 09:31:09","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128897/"
 "128896","2019-02-17 09:31:08","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128896/"
-"128895","2019-02-17 09:31:06","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128895/"
+"128895","2019-02-17 09:31:06","http://datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128895/"
 "128894","2019-02-17 09:23:07","http://xfit.kz/administrator/cache/com_virtuemart_cats/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/128894/"
 "128893","2019-02-17 09:19:05","https://cdn.discordapp.com/attachments/538861511133888526/546550948026253332/jumpscare.exe","online","malware_download","exe,orcus,payload,rat,stage2","https://urlhaus.abuse.ch/url/128893/"
 "128892","2019-02-17 09:16:10","https://cdn.discordapp.com/attachments/538861511133888526/546557289419636736/fff.exe","online","malware_download","exe,orcus,payload,rat,stage2","https://urlhaus.abuse.ch/url/128892/"
@@ -12406,7 +12957,7 @@
 "128852","2019-02-17 06:46:49","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128852/"
 "128851","2019-02-17 06:46:47","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128851/"
 "128850","2019-02-17 06:46:44","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128850/"
-"128849","2019-02-17 06:46:41","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128849/"
+"128849","2019-02-17 06:46:41","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128849/"
 "128848","2019-02-17 06:46:39","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128848/"
 "128847","2019-02-17 06:46:36","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128847/"
 "128846","2019-02-17 06:46:34","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128846/"
@@ -12425,7 +12976,7 @@
 "128833","2019-02-17 06:46:01","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128833/"
 "128832","2019-02-17 06:45:56","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128832/"
 "128831","2019-02-17 06:45:53","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128831/"
-"128830","2019-02-17 06:45:51","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128830/"
+"128830","2019-02-17 06:45:51","https://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128830/"
 "128829","2019-02-17 06:45:48","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128829/"
 "128828","2019-02-17 06:45:47","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128828/"
 "128827","2019-02-17 06:45:44","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128827/"
@@ -12445,7 +12996,7 @@
 "128813","2019-02-17 06:45:26","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128813/"
 "128812","2019-02-17 06:45:25","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128812/"
 "128811","2019-02-17 06:45:23","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128811/"
-"128809","2019-02-17 06:45:22","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128809/"
+"128809","2019-02-17 06:45:22","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128809/"
 "128810","2019-02-17 06:45:22","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128810/"
 "128806","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128806/"
 "128807","2019-02-17 06:45:20","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128807/"
@@ -12471,7 +13022,7 @@
 "128787","2019-02-17 06:44:46","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128787/"
 "128786","2019-02-17 06:44:41","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128786/"
 "128785","2019-02-17 06:44:39","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128785/"
-"128784","2019-02-17 06:44:34","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128784/"
+"128784","2019-02-17 06:44:34","http://medicinaonline.rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128784/"
 "128783","2019-02-17 06:44:27","https://rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128783/"
 "128782","2019-02-17 06:44:23","https://rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128782/"
 "128781","2019-02-17 06:44:17","https://rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128781/"
@@ -12484,7 +13035,7 @@
 "128774","2019-02-17 06:43:53","https://rjsrwaco.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128774/"
 "128773","2019-02-17 06:43:49","https://rjsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128773/"
 "128772","2019-02-17 06:43:44","https://rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128772/"
-"128771","2019-02-17 06:43:39","https://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128771/"
+"128771","2019-02-17 06:43:39","https://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128771/"
 "128770","2019-02-17 06:43:33","https://rjsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128770/"
 "128769","2019-02-17 06:43:28","https://rjsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128769/"
 "128768","2019-02-17 06:43:23","https://rjsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128768/"
@@ -12503,7 +13054,7 @@
 "128755","2019-02-17 06:42:25","https://rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128755/"
 "128754","2019-02-17 06:42:20","https://rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128754/"
 "128753","2019-02-17 06:42:16","https://rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128753/"
-"128752","2019-02-17 06:42:13","https://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128752/"
+"128752","2019-02-17 06:42:13","https://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128752/"
 "128751","2019-02-17 06:42:10","http://rjsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128751/"
 "128750","2019-02-17 06:42:03","http://rjsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128750/"
 "128749","2019-02-17 06:41:48","http://rjsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128749/"
@@ -12524,7 +13075,7 @@
 "128734","2019-02-17 06:40:04","http://rjsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128734/"
 "128733","2019-02-17 06:39:56","http://rjsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128733/"
 "128732","2019-02-17 06:39:53","http://rjsrwaco.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128732/"
-"128731","2019-02-17 06:39:52","http://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128731/"
+"128731","2019-02-17 06:39:52","http://rjsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128731/"
 "128730","2019-02-17 06:39:46","http://rjsrwaco.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128730/"
 "128728","2019-02-17 06:39:45","http://rjsrwaco.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128728/"
 "128729","2019-02-17 06:39:45","http://rjsrwaco.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128729/"
@@ -12549,7 +13100,7 @@
 "128709","2019-02-17 06:36:50","http://rjsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128709/"
 "128708","2019-02-17 06:36:27","http://rjsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128708/"
 "128707","2019-02-17 06:36:20","http://rjsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128707/"
-"128706","2019-02-17 06:36:11","http://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128706/"
+"128706","2019-02-17 06:36:11","http://rjsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128706/"
 "128705","2019-02-17 06:26:06","https://www.e-basvur.com/wp-content/themes/bizcorp/inc/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/128705/"
 "128704","2019-02-17 06:26:04","http://104.168.149.180/vb/Amakano.i686","offline","malware_download","elf","https://urlhaus.abuse.ch/url/128704/"
 "128703","2019-02-17 06:26:02","http://104.168.149.180/vb/Amakano.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/128703/"
@@ -12596,7 +13147,7 @@
 "128662","2019-02-17 00:23:19","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128662/"
 "128661","2019-02-17 00:23:16","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128661/"
 "128660","2019-02-17 00:23:12","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128660/"
-"128659","2019-02-17 00:23:05","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128659/"
+"128659","2019-02-17 00:23:05","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128659/"
 "128658","2019-02-17 00:22:34","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128658/"
 "128657","2019-02-17 00:22:31","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128657/"
 "128656","2019-02-17 00:22:28","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128656/"
@@ -12615,7 +13166,7 @@
 "128643","2019-02-17 00:21:45","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128643/"
 "128642","2019-02-17 00:21:39","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128642/"
 "128641","2019-02-17 00:21:36","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128641/"
-"128640","2019-02-17 00:21:32","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128640/"
+"128640","2019-02-17 00:21:32","https://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128640/"
 "128639","2019-02-17 00:21:29","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128639/"
 "128638","2019-02-17 00:21:22","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128638/"
 "128637","2019-02-17 00:21:11","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128637/"
@@ -12636,7 +13187,7 @@
 "128622","2019-02-17 00:20:25","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128622/"
 "128621","2019-02-17 00:20:22","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128621/"
 "128620","2019-02-17 00:20:20","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128620/"
-"128619","2019-02-17 00:20:19","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128619/"
+"128619","2019-02-17 00:20:19","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128619/"
 "128618","2019-02-17 00:20:17","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128618/"
 "128617","2019-02-17 00:20:16","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128617/"
 "128616","2019-02-17 00:20:14","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128616/"
@@ -12662,7 +13213,7 @@
 "128596","2019-02-17 00:19:17","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128596/"
 "128595","2019-02-17 00:19:11","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128595/"
 "128594","2019-02-17 00:19:04","https://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128594/"
-"128593","2019-02-17 00:19:00","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128593/"
+"128593","2019-02-17 00:19:00","http://cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128593/"
 "128592","2019-02-17 00:18:54","https://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128592/"
 "128591","2019-02-17 00:18:49","https://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128591/"
 "128590","2019-02-17 00:18:44","https://folkbjnrwwww.watchdogdns.duckdns.org/world/vcx.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128590/"
@@ -12674,7 +13225,7 @@
 "128584","2019-02-17 00:18:22","https://folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128584/"
 "128583","2019-02-17 00:18:19","https://folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128583/"
 "128582","2019-02-17 00:18:15","https://folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128582/"
-"128581","2019-02-17 00:18:10","https://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128581/"
+"128581","2019-02-17 00:18:10","https://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128581/"
 "128580","2019-02-17 00:18:06","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128580/"
 "128579","2019-02-17 00:18:03","https://folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128579/"
 "128578","2019-02-17 00:17:59","https://folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128578/"
@@ -12693,7 +13244,7 @@
 "128565","2019-02-17 00:17:02","https://folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128565/"
 "128564","2019-02-17 00:16:57","https://folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128564/"
 "128563","2019-02-17 00:16:55","https://folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128563/"
-"128562","2019-02-17 00:16:52","https://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128562/"
+"128562","2019-02-17 00:16:52","https://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128562/"
 "128561","2019-02-17 00:16:50","http://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128561/"
 "128560","2019-02-17 00:16:49","http://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128560/"
 "128559","2019-02-17 00:16:46","http://folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128559/"
@@ -12713,7 +13264,7 @@
 "128545","2019-02-17 00:16:29","http://folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128545/"
 "128544","2019-02-17 00:16:28","http://folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128544/"
 "128543","2019-02-17 00:16:27","http://folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128543/"
-"128541","2019-02-17 00:16:26","http://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128541/"
+"128541","2019-02-17 00:16:26","http://folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128541/"
 "128542","2019-02-17 00:16:26","http://folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128542/"
 "128540","2019-02-17 00:16:25","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128540/"
 "128538","2019-02-17 00:16:24","http://folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128538/"
@@ -12739,7 +13290,7 @@
 "128519","2019-02-17 00:16:05","http://folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128519/"
 "128518","2019-02-17 00:16:03","http://folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128518/"
 "128517","2019-02-17 00:16:02","http://folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128517/"
-"128516","2019-02-17 00:16:01","http://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128516/"
+"128516","2019-02-17 00:16:01","http://folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128516/"
 "128515","2019-02-17 00:15:58","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128515/"
 "128514","2019-02-17 00:15:56","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128514/"
 "128513","2019-02-17 00:15:52","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128513/"
@@ -12752,7 +13303,7 @@
 "128506","2019-02-17 00:15:33","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128506/"
 "128505","2019-02-17 00:15:31","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128505/"
 "128504","2019-02-17 00:15:28","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128504/"
-"128503","2019-02-17 00:15:25","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128503/"
+"128503","2019-02-17 00:15:25","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128503/"
 "128502","2019-02-17 00:15:23","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128502/"
 "128501","2019-02-17 00:15:20","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128501/"
 "128500","2019-02-17 00:15:18","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128500/"
@@ -12771,7 +13322,7 @@
 "128487","2019-02-17 00:14:43","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128487/"
 "128486","2019-02-17 00:14:39","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128486/"
 "128485","2019-02-17 00:14:37","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128485/"
-"128484","2019-02-17 00:14:34","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128484/"
+"128484","2019-02-17 00:14:34","https://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128484/"
 "128483","2019-02-17 00:14:31","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128483/"
 "128482","2019-02-17 00:14:30","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128482/"
 "128481","2019-02-17 00:14:28","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128481/"
@@ -12792,7 +13343,7 @@
 "128466","2019-02-17 00:14:12","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128466/"
 "128465","2019-02-17 00:14:11","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128465/"
 "128464","2019-02-17 00:14:10","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128464/"
-"128463","2019-02-17 00:14:09","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128463/"
+"128463","2019-02-17 00:14:09","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128463/"
 "128460","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128460/"
 "128461","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128461/"
 "128462","2019-02-17 00:14:08","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128462/"
@@ -12817,7 +13368,7 @@
 "128441","2019-02-17 00:12:49","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128441/"
 "128440","2019-02-17 00:12:47","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128440/"
 "128439","2019-02-17 00:12:45","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128439/"
-"128438","2019-02-17 00:12:44","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128438/"
+"128438","2019-02-17 00:12:44","http://porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128438/"
 "128437","2019-02-17 00:12:41","https://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128437/"
 "128436","2019-02-17 00:12:38","https://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128436/"
 "128435","2019-02-17 00:12:35","https://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128435/"
@@ -12830,7 +13381,7 @@
 "128428","2019-02-17 00:12:15","https://actionfraud.coqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128428/"
 "128427","2019-02-17 00:12:12","https://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128427/"
 "128426","2019-02-17 00:12:09","https://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128426/"
-"128425","2019-02-17 00:12:06","https://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128425/"
+"128425","2019-02-17 00:12:06","https://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128425/"
 "128424","2019-02-17 00:12:04","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128424/"
 "128423","2019-02-17 00:12:01","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128423/"
 "128422","2019-02-17 00:11:59","https://actionfraud.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128422/"
@@ -12849,7 +13400,7 @@
 "128409","2019-02-17 00:11:27","https://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128409/"
 "128408","2019-02-17 00:11:23","https://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128408/"
 "128407","2019-02-17 00:11:21","https://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128407/"
-"128406","2019-02-17 00:11:18","https://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128406/"
+"128406","2019-02-17 00:11:18","https://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128406/"
 "128405","2019-02-17 00:11:16","http://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128405/"
 "128404","2019-02-17 00:11:15","http://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128404/"
 "128403","2019-02-17 00:11:13","http://actionfraud.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128403/"
@@ -12870,7 +13421,7 @@
 "128388","2019-02-17 00:10:41","http://actionfraud.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128388/"
 "128387","2019-02-17 00:10:39","http://actionfraud.coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128387/"
 "128386","2019-02-17 00:10:38","http://actionfraud.coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128386/"
-"128385","2019-02-17 00:10:37","http://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128385/"
+"128385","2019-02-17 00:10:37","http://actionfraud.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128385/"
 "128383","2019-02-17 00:10:36","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128383/"
 "128384","2019-02-17 00:10:36","http://actionfraud.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128384/"
 "128380","2019-02-17 00:10:35","http://actionfraud.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128380/"
@@ -12895,7 +13446,7 @@
 "128363","2019-02-17 00:10:13","http://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128363/"
 "128362","2019-02-17 00:10:10","http://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128362/"
 "128361","2019-02-17 00:10:09","http://actionfraud.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128361/"
-"128360","2019-02-17 00:10:08","http://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128360/"
+"128360","2019-02-17 00:10:08","http://actionfraud.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128360/"
 "128359","2019-02-16 23:59:05","http://drberrinkarakuy.com/WbB9Y9w/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/128359/"
 "128358","2019-02-16 23:58:10","http://garenanow.myvnc.com:81/CIG_MHKD.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128358/"
 "128356","2019-02-16 23:46:03","http://83.166.241.99/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/128356/"
@@ -12977,7 +13528,7 @@
 "128280","2019-02-16 18:09:34","https://sitwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128280/"
 "128279","2019-02-16 18:09:30","https://sitwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128279/"
 "128278","2019-02-16 18:09:26","https://sitwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128278/"
-"128277","2019-02-16 18:09:23","https://sitwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128277/"
+"128277","2019-02-16 18:09:23","https://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128277/"
 "128276","2019-02-16 18:09:19","https://sitwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128276/"
 "128275","2019-02-16 18:09:15","https://sitwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128275/"
 "128274","2019-02-16 18:09:12","https://sitwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128274/"
@@ -12996,7 +13547,7 @@
 "128261","2019-02-16 18:08:04","https://sitwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128261/"
 "128260","2019-02-16 18:07:59","https://sitwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128260/"
 "128259","2019-02-16 18:07:56","https://sitwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128259/"
-"128258","2019-02-16 18:07:52","https://sitwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128258/"
+"128258","2019-02-16 18:07:52","https://sitwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128258/"
 "128257","2019-02-16 18:07:49","http://sitwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128257/"
 "128256","2019-02-16 18:07:44","http://sitwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128256/"
 "128255","2019-02-16 18:07:28","http://sitwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128255/"
@@ -13017,7 +13568,7 @@
 "128240","2019-02-16 18:05:50","http://sitwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128240/"
 "128239","2019-02-16 18:05:42","http://sitwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128239/"
 "128238","2019-02-16 18:05:38","http://sitwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128238/"
-"128237","2019-02-16 18:05:37","http://sitwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128237/"
+"128237","2019-02-16 18:05:37","http://sitwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128237/"
 "128236","2019-02-16 18:05:31","http://sitwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128236/"
 "128234","2019-02-16 18:05:30","http://sitwww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128234/"
 "128235","2019-02-16 18:05:30","http://sitwww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128235/"
@@ -13042,7 +13593,7 @@
 "128215","2019-02-16 18:03:42","http://sitwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128215/"
 "128214","2019-02-16 18:03:23","http://sitwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128214/"
 "128213","2019-02-16 18:03:17","http://sitwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128213/"
-"128212","2019-02-16 18:03:09","http://sitwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128212/"
+"128212","2019-02-16 18:03:09","http://sitwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128212/"
 "128211","2019-02-16 17:39:20","http://garenanow.myvnc.com:81/CIG.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128211/"
 "128210","2019-02-16 17:39:11","http://chinhdropfile80.myvnc.com:81/CIG.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/128210/"
 "128209","2019-02-16 17:35:14","http://jetwaysairlines.us/titan/tandr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/128209/"
@@ -13088,7 +13639,7 @@
 "128169","2019-02-16 17:17:27","https://arash.tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128169/"
 "128168","2019-02-16 17:17:24","https://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128168/"
 "128167","2019-02-16 17:17:22","https://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128167/"
-"128166","2019-02-16 17:17:19","https://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128166/"
+"128166","2019-02-16 17:17:19","https://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128166/"
 "128165","2019-02-16 17:17:17","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128165/"
 "128164","2019-02-16 17:17:14","https://arash.tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128164/"
 "128163","2019-02-16 17:17:12","https://arash.tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128163/"
@@ -13107,7 +13658,7 @@
 "128150","2019-02-16 17:16:36","https://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128150/"
 "128149","2019-02-16 17:16:33","https://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128149/"
 "128148","2019-02-16 17:16:29","https://arash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128148/"
-"128147","2019-02-16 17:16:27","https://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128147/"
+"128147","2019-02-16 17:16:27","https://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128147/"
 "128146","2019-02-16 17:16:24","http://arash.tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128146/"
 "128145","2019-02-16 17:16:23","http://arash.tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128145/"
 "128144","2019-02-16 17:16:20","http://arash.tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128144/"
@@ -13127,7 +13678,7 @@
 "128130","2019-02-16 17:16:05","http://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128130/"
 "128129","2019-02-16 17:16:03","http://arash.tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128129/"
 "128128","2019-02-16 17:16:02","http://arash.tcoqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128128/"
-"128126","2019-02-16 17:16:01","http://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128126/"
+"128126","2019-02-16 17:16:01","http://arash.tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128126/"
 "128127","2019-02-16 17:16:01","http://arash.tcoqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128127/"
 "128125","2019-02-16 17:15:59","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128125/"
 "128122","2019-02-16 17:15:58","http://arash.tcoqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128122/"
@@ -13154,7 +13705,7 @@
 "128103","2019-02-16 17:15:36","http://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128103/"
 "128102","2019-02-16 17:15:33","http://arash.tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128102/"
 "128101","2019-02-16 17:15:32","http://arash.tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128101/"
-"128100","2019-02-16 17:15:31","http://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128100/"
+"128100","2019-02-16 17:15:31","http://arash.tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128100/"
 "128099","2019-02-16 17:15:28","https://tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128099/"
 "128098","2019-02-16 17:15:25","https://tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128098/"
 "128097","2019-02-16 17:15:21","https://tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128097/"
@@ -13167,7 +13718,7 @@
 "128090","2019-02-16 17:15:00","https://tcoqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128090/"
 "128089","2019-02-16 17:14:58","https://tcoqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128089/"
 "128088","2019-02-16 17:14:55","https://tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128088/"
-"128087","2019-02-16 17:14:52","https://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128087/"
+"128087","2019-02-16 17:14:52","https://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128087/"
 "128086","2019-02-16 17:14:49","https://tcoqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128086/"
 "128085","2019-02-16 17:14:47","https://tcoqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128085/"
 "128084","2019-02-16 17:14:44","https://tcoqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128084/"
@@ -13186,7 +13737,7 @@
 "128071","2019-02-16 17:13:57","https://tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128071/"
 "128070","2019-02-16 17:13:51","https://tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128070/"
 "128069","2019-02-16 17:13:47","https://tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128069/"
-"128068","2019-02-16 17:13:43","https://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128068/"
+"128068","2019-02-16 17:13:43","https://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128068/"
 "128067","2019-02-16 17:13:38","http://tcoqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128067/"
 "128066","2019-02-16 17:13:32","http://tcoqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128066/"
 "128065","2019-02-16 17:13:14","http://tcoqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128065/"
@@ -13207,7 +13758,7 @@
 "128050","2019-02-16 17:11:32","http://tcoqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128050/"
 "128049","2019-02-16 17:11:25","http://tcoqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128049/"
 "128048","2019-02-16 17:11:23","http://tcoqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128048/"
-"128047","2019-02-16 17:11:22","http://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128047/"
+"128047","2019-02-16 17:11:22","http://tcoqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128047/"
 "128046","2019-02-16 17:11:18","http://tcoqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128046/"
 "128045","2019-02-16 17:11:17","http://tcoqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128045/"
 "128044","2019-02-16 17:11:16","http://tcoqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128044/"
@@ -13233,7 +13784,7 @@
 "128024","2019-02-16 17:08:17","http://tcoqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128024/"
 "128023","2019-02-16 17:07:56","http://tcoqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128023/"
 "128022","2019-02-16 17:07:52","http://tcoqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128022/"
-"128021","2019-02-16 17:07:45","http://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128021/"
+"128021","2019-02-16 17:07:45","http://tcoqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128021/"
 "128020","2019-02-16 17:07:38","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128020/"
 "128019","2019-02-16 17:07:34","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128019/"
 "128018","2019-02-16 17:07:28","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128018/"
@@ -13246,7 +13797,7 @@
 "128011","2019-02-16 17:06:54","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128011/"
 "128010","2019-02-16 17:06:48","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128010/"
 "128009","2019-02-16 17:06:42","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128009/"
-"128008","2019-02-16 17:06:36","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128008/"
+"128008","2019-02-16 17:06:36","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/128008/"
 "128007","2019-02-16 17:06:30","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128007/"
 "128006","2019-02-16 17:06:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/128006/"
 "128005","2019-02-16 17:06:13","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/128005/"
@@ -13265,7 +13816,7 @@
 "127992","2019-02-16 17:04:44","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127992/"
 "127991","2019-02-16 17:04:35","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127991/"
 "127990","2019-02-16 17:04:29","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127990/"
-"127989","2019-02-16 17:04:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127989/"
+"127989","2019-02-16 17:04:24","https://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127989/"
 "127988","2019-02-16 17:04:18","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127988/"
 "127987","2019-02-16 17:04:10","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127987/"
 "127986","2019-02-16 17:03:56","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127986/"
@@ -13285,7 +13836,7 @@
 "127972","2019-02-16 17:02:32","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127972/"
 "127971","2019-02-16 17:02:26","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127971/"
 "127970","2019-02-16 17:02:19","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127970/"
-"127968","2019-02-16 17:02:17","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127968/"
+"127968","2019-02-16 17:02:17","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127968/"
 "127969","2019-02-16 17:02:17","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127969/"
 "127967","2019-02-16 17:02:13","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127967/"
 "127965","2019-02-16 17:02:12","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127965/"
@@ -13311,7 +13862,7 @@
 "127946","2019-02-16 17:01:41","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127946/"
 "127945","2019-02-16 17:01:38","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127945/"
 "127944","2019-02-16 17:01:37","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127944/"
-"127943","2019-02-16 17:01:36","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127943/"
+"127943","2019-02-16 17:01:36","http://parm6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127943/"
 "127942","2019-02-16 17:01:30","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127942/"
 "127941","2019-02-16 17:01:26","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127941/"
 "127940","2019-02-16 17:01:19","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127940/"
@@ -13324,7 +13875,7 @@
 "127933","2019-02-16 17:00:32","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127933/"
 "127932","2019-02-16 17:00:27","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127932/"
 "127931","2019-02-16 17:00:20","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127931/"
-"127930","2019-02-16 17:00:11","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127930/"
+"127930","2019-02-16 17:00:11","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127930/"
 "127929","2019-02-16 17:00:08","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127929/"
 "127928","2019-02-16 17:00:05","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127928/"
 "127927","2019-02-16 17:00:01","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127927/"
@@ -13343,7 +13894,7 @@
 "127914","2019-02-16 16:59:03","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127914/"
 "127913","2019-02-16 16:58:58","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127913/"
 "127912","2019-02-16 16:58:56","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127912/"
-"127911","2019-02-16 16:58:53","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127911/"
+"127911","2019-02-16 16:58:53","https://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127911/"
 "127910","2019-02-16 16:58:51","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127910/"
 "127909","2019-02-16 16:58:49","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127909/"
 "127908","2019-02-16 16:58:47","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127908/"
@@ -13364,7 +13915,7 @@
 "127893","2019-02-16 16:58:28","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127893/"
 "127891","2019-02-16 16:58:26","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127891/"
 "127892","2019-02-16 16:58:26","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127892/"
-"127890","2019-02-16 16:58:25","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127890/"
+"127890","2019-02-16 16:58:25","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127890/"
 "127888","2019-02-16 16:58:24","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127888/"
 "127889","2019-02-16 16:58:24","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127889/"
 "127887","2019-02-16 16:58:23","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127887/"
@@ -13389,7 +13940,7 @@
 "127868","2019-02-16 16:58:00","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127868/"
 "127867","2019-02-16 16:57:58","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127867/"
 "127866","2019-02-16 16:57:57","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127866/"
-"127865","2019-02-16 16:57:56","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127865/"
+"127865","2019-02-16 16:57:56","http://fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127865/"
 "127864","2019-02-16 16:57:53","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127864/"
 "127863","2019-02-16 16:57:50","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127863/"
 "127862","2019-02-16 16:57:46","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127862/"
@@ -13402,7 +13953,7 @@
 "127855","2019-02-16 16:57:22","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127855/"
 "127854","2019-02-16 16:57:19","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127854/"
 "127853","2019-02-16 16:57:17","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127853/"
-"127852","2019-02-16 16:57:13","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127852/"
+"127852","2019-02-16 16:57:13","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127852/"
 "127851","2019-02-16 16:57:11","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127851/"
 "127850","2019-02-16 16:57:09","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127850/"
 "127849","2019-02-16 16:57:07","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127849/"
@@ -13421,7 +13972,7 @@
 "127836","2019-02-16 16:56:32","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127836/"
 "127835","2019-02-16 16:56:28","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127835/"
 "127834","2019-02-16 16:56:26","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127834/"
-"127833","2019-02-16 16:56:23","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127833/"
+"127833","2019-02-16 16:56:23","https://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127833/"
 "127832","2019-02-16 16:56:20","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127832/"
 "127831","2019-02-16 16:56:19","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127831/"
 "127830","2019-02-16 16:56:17","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127830/"
@@ -13441,7 +13992,7 @@
 "127816","2019-02-16 16:56:00","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127816/"
 "127815","2019-02-16 16:55:58","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127815/"
 "127814","2019-02-16 16:55:57","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127814/"
-"127812","2019-02-16 16:55:56","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127812/"
+"127812","2019-02-16 16:55:56","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127812/"
 "127813","2019-02-16 16:55:56","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127813/"
 "127809","2019-02-16 16:55:54","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127809/"
 "127810","2019-02-16 16:55:54","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127810/"
@@ -13467,7 +14018,7 @@
 "127790","2019-02-16 16:55:19","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127790/"
 "127789","2019-02-16 16:55:16","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127789/"
 "127788","2019-02-16 16:55:15","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127788/"
-"127787","2019-02-16 16:55:14","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127787/"
+"127787","2019-02-16 16:55:14","http://firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127787/"
 "127786","2019-02-16 16:55:10","https://bjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127786/"
 "127785","2019-02-16 16:55:08","https://bjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127785/"
 "127784","2019-02-16 16:55:04","https://bjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127784/"
@@ -13480,7 +14031,7 @@
 "127777","2019-02-16 16:54:44","https://bjnrwwww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127777/"
 "127776","2019-02-16 16:54:41","https://bjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127776/"
 "127775","2019-02-16 16:54:38","https://bjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127775/"
-"127774","2019-02-16 16:54:35","https://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127774/"
+"127774","2019-02-16 16:54:35","https://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127774/"
 "127773","2019-02-16 16:54:33","https://bjnrwwww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127773/"
 "127772","2019-02-16 16:54:30","https://bjnrwwww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127772/"
 "127771","2019-02-16 16:54:28","https://bjnrwwww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127771/"
@@ -13499,7 +14050,7 @@
 "127758","2019-02-16 16:53:57","https://bjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127758/"
 "127757","2019-02-16 16:53:53","https://bjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127757/"
 "127756","2019-02-16 16:53:51","https://bjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127756/"
-"127755","2019-02-16 16:53:48","https://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127755/"
+"127755","2019-02-16 16:53:48","https://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127755/"
 "127754","2019-02-16 16:53:45","http://bjnrwwww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127754/"
 "127753","2019-02-16 16:53:44","http://bjnrwwww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127753/"
 "127752","2019-02-16 16:53:41","http://bjnrwwww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127752/"
@@ -13519,7 +14070,7 @@
 "127738","2019-02-16 16:53:26","http://bjnrwwww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127738/"
 "127737","2019-02-16 16:53:24","http://bjnrwwww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127737/"
 "127736","2019-02-16 16:53:22","http://bjnrwwww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127736/"
-"127734","2019-02-16 16:53:21","http://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127734/"
+"127734","2019-02-16 16:53:21","http://bjnrwwww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127734/"
 "127735","2019-02-16 16:53:21","http://bjnrwwww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127735/"
 "127733","2019-02-16 16:53:17","http://bjnrwwww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127733/"
 "127730","2019-02-16 16:53:16","http://bjnrwwww.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127730/"
@@ -13545,7 +14096,7 @@
 "127712","2019-02-16 16:51:17","http://bjnrwwww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127712/"
 "127711","2019-02-16 16:50:54","http://bjnrwwww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127711/"
 "127710","2019-02-16 16:50:45","http://bjnrwwww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127710/"
-"127709","2019-02-16 16:50:35","http://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127709/"
+"127709","2019-02-16 16:50:35","http://bjnrwwww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127709/"
 "127708","2019-02-16 16:50:26","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127708/"
 "127707","2019-02-16 16:50:21","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127707/"
 "127706","2019-02-16 16:50:13","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127706/"
@@ -13558,7 +14109,7 @@
 "127699","2019-02-16 16:49:43","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127699/"
 "127698","2019-02-16 16:49:37","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127698/"
 "127697","2019-02-16 16:49:33","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127697/"
-"127696","2019-02-16 16:49:28","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127696/"
+"127696","2019-02-16 16:49:28","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127696/"
 "127695","2019-02-16 16:49:24","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127695/"
 "127694","2019-02-16 16:49:21","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127694/"
 "127693","2019-02-16 16:49:17","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127693/"
@@ -13577,7 +14128,7 @@
 "127680","2019-02-16 16:48:11","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127680/"
 "127679","2019-02-16 16:48:00","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127679/"
 "127678","2019-02-16 16:47:58","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127678/"
-"127677","2019-02-16 16:47:54","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127677/"
+"127677","2019-02-16 16:47:54","https://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127677/"
 "127676","2019-02-16 16:47:51","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127676/"
 "127675","2019-02-16 16:47:44","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127675/"
 "127674","2019-02-16 16:47:22","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127674/"
@@ -13598,7 +14149,7 @@
 "127659","2019-02-16 16:44:52","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127659/"
 "127658","2019-02-16 16:44:43","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127658/"
 "127657","2019-02-16 16:44:36","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127657/"
-"127656","2019-02-16 16:44:33","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127656/"
+"127656","2019-02-16 16:44:33","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127656/"
 "127655","2019-02-16 16:44:23","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127655/"
 "127654","2019-02-16 16:44:20","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127654/"
 "127653","2019-02-16 16:44:17","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127653/"
@@ -13624,7 +14175,7 @@
 "127633","2019-02-16 16:41:42","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127633/"
 "127632","2019-02-16 16:41:23","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127632/"
 "127631","2019-02-16 16:41:18","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127631/"
-"127630","2019-02-16 16:41:09","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127630/"
+"127630","2019-02-16 16:41:09","http://fair-watduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127630/"
 "127629","2019-02-16 16:22:33","http://chinhdropfile.myvnc.com:81/CIG.dat","online","malware_download","exe","https://urlhaus.abuse.ch/url/127629/"
 "127628","2019-02-16 12:40:14","https://www.palmomedia.de/wp-content/themes/mcluhan/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/127628/"
 "127627","2019-02-16 12:40:13","http://185.244.25.173/bins/Solstice.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127627/"
@@ -13757,7 +14308,7 @@
 "127500","2019-02-16 06:50:55","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127500/"
 "127499","2019-02-16 06:50:52","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127499/"
 "127498","2019-02-16 06:50:50","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127498/"
-"127497","2019-02-16 06:50:47","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127497/"
+"127497","2019-02-16 06:50:47","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127497/"
 "127496","2019-02-16 06:50:44","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127496/"
 "127495","2019-02-16 06:50:42","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127495/"
 "127494","2019-02-16 06:50:39","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127494/"
@@ -13776,7 +14327,7 @@
 "127481","2019-02-16 06:50:05","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127481/"
 "127480","2019-02-16 06:49:59","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127480/"
 "127479","2019-02-16 06:49:57","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127479/"
-"127478","2019-02-16 06:49:54","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127478/"
+"127478","2019-02-16 06:49:54","https://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127478/"
 "127477","2019-02-16 06:49:52","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127477/"
 "127476","2019-02-16 06:49:51","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127476/"
 "127475","2019-02-16 06:49:49","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127475/"
@@ -13797,7 +14348,7 @@
 "127460","2019-02-16 06:49:32","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127460/"
 "127459","2019-02-16 06:49:31","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127459/"
 "127458","2019-02-16 06:49:30","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127458/"
-"127457","2019-02-16 06:49:29","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127457/"
+"127457","2019-02-16 06:49:29","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127457/"
 "127454","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127454/"
 "127455","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127455/"
 "127456","2019-02-16 06:49:28","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127456/"
@@ -13822,7 +14373,7 @@
 "127435","2019-02-16 06:49:07","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127435/"
 "127434","2019-02-16 06:49:04","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127434/"
 "127433","2019-02-16 06:49:03","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127433/"
-"127432","2019-02-16 06:49:01","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127432/"
+"127432","2019-02-16 06:49:01","http://m6web-tracking.cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127432/"
 "127431","2019-02-16 06:48:58","https://cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127431/"
 "127430","2019-02-16 06:48:56","https://cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127430/"
 "127429","2019-02-16 06:48:51","https://cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127429/"
@@ -13835,7 +14386,7 @@
 "127422","2019-02-16 06:48:32","https://cocomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127422/"
 "127421","2019-02-16 06:48:29","https://cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127421/"
 "127420","2019-02-16 06:48:27","https://cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127420/"
-"127419","2019-02-16 06:48:24","https://cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127419/"
+"127419","2019-02-16 06:48:24","https://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127419/"
 "127418","2019-02-16 06:48:21","https://cocomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127418/"
 "127417","2019-02-16 06:48:19","https://cocomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127417/"
 "127416","2019-02-16 06:48:17","https://cocomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127416/"
@@ -13854,7 +14405,7 @@
 "127403","2019-02-16 06:47:45","https://cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127403/"
 "127402","2019-02-16 06:47:41","https://cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127402/"
 "127401","2019-02-16 06:47:39","https://cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127401/"
-"127400","2019-02-16 06:47:36","https://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127400/"
+"127400","2019-02-16 06:47:36","https://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127400/"
 "127399","2019-02-16 06:47:33","http://cocomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127399/"
 "127398","2019-02-16 06:47:32","http://cocomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127398/"
 "127397","2019-02-16 06:47:30","http://cocomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127397/"
@@ -13874,7 +14425,7 @@
 "127383","2019-02-16 06:47:16","http://cocomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127383/"
 "127382","2019-02-16 06:47:15","http://cocomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127382/"
 "127381","2019-02-16 06:47:14","http://cocomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127381/"
-"127379","2019-02-16 06:47:13","http://cocomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127379/"
+"127379","2019-02-16 06:47:13","http://cocomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127379/"
 "127380","2019-02-16 06:47:13","http://cocomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127380/"
 "127377","2019-02-16 06:47:11","http://cocomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127377/"
 "127378","2019-02-16 06:47:11","http://cocomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127378/"
@@ -13900,7 +14451,7 @@
 "127357","2019-02-16 06:46:13","http://cocomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127357/"
 "127356","2019-02-16 06:46:10","http://cocomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127356/"
 "127355","2019-02-16 06:46:09","http://cocomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127355/"
-"127354","2019-02-16 06:46:07","http://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127354/"
+"127354","2019-02-16 06:46:07","http://cocomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127354/"
 "127353","2019-02-16 06:46:03","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127353/"
 "127352","2019-02-16 06:45:59","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127352/"
 "127351","2019-02-16 06:45:55","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127351/"
@@ -13913,7 +14464,7 @@
 "127344","2019-02-16 06:45:30","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127344/"
 "127343","2019-02-16 06:45:27","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127343/"
 "127342","2019-02-16 06:45:24","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127342/"
-"127341","2019-02-16 06:45:20","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127341/"
+"127341","2019-02-16 06:45:20","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127341/"
 "127340","2019-02-16 06:45:17","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127340/"
 "127339","2019-02-16 06:45:14","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127339/"
 "127338","2019-02-16 06:45:11","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127338/"
@@ -13932,7 +14483,7 @@
 "127325","2019-02-16 06:44:32","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127325/"
 "127324","2019-02-16 06:44:27","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127324/"
 "127323","2019-02-16 06:44:25","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127323/"
-"127322","2019-02-16 06:44:22","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127322/"
+"127322","2019-02-16 06:44:22","https://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127322/"
 "127321","2019-02-16 06:44:20","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127321/"
 "127320","2019-02-16 06:44:19","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127320/"
 "127319","2019-02-16 06:44:16","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127319/"
@@ -13952,7 +14503,7 @@
 "127305","2019-02-16 06:43:33","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127305/"
 "127304","2019-02-16 06:43:32","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127304/"
 "127303","2019-02-16 06:43:31","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127303/"
-"127301","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127301/"
+"127301","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127301/"
 "127302","2019-02-16 06:43:30","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127302/"
 "127299","2019-02-16 06:43:29","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127299/"
 "127300","2019-02-16 06:43:29","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127300/"
@@ -13978,7 +14529,7 @@
 "127279","2019-02-16 06:43:09","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127279/"
 "127277","2019-02-16 06:43:06","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127277/"
 "127278","2019-02-16 06:43:06","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127278/"
-"127276","2019-02-16 06:43:04","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127276/"
+"127276","2019-02-16 06:43:04","http://escolbounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127276/"
 "127275","2019-02-16 06:37:07","http://www.carsonbiz.com/htts/server.exe","online","malware_download","exe,njRAT,payload,stage2","https://urlhaus.abuse.ch/url/127275/"
 "127274","2019-02-16 06:37:04","https://cld.pt/dl/download/ed83c39b-a2c1-4d8e-b532-5f249d4b41ac/%24%24%24%24%23%23%24%24.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/127274/"
 "127273","2019-02-16 06:32:04","http://185.244.25.173:80/bins/Solstice.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/127273/"
@@ -14026,7 +14577,7 @@
 "127231","2019-02-16 05:04:41","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127231/"
 "127230","2019-02-16 05:04:38","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127230/"
 "127229","2019-02-16 05:04:36","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127229/"
-"127228","2019-02-16 05:04:33","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127228/"
+"127228","2019-02-16 05:04:33","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127228/"
 "127227","2019-02-16 05:04:31","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127227/"
 "127226","2019-02-16 05:04:28","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127226/"
 "127225","2019-02-16 05:04:26","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127225/"
@@ -14045,7 +14596,7 @@
 "127212","2019-02-16 05:03:55","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127212/"
 "127211","2019-02-16 05:03:51","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127211/"
 "127210","2019-02-16 05:03:48","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127210/"
-"127209","2019-02-16 05:03:45","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127209/"
+"127209","2019-02-16 05:03:45","https://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127209/"
 "127208","2019-02-16 05:03:43","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127208/"
 "127207","2019-02-16 05:03:42","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127207/"
 "127206","2019-02-16 05:03:39","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127206/"
@@ -14065,7 +14616,7 @@
 "127192","2019-02-16 05:03:22","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127192/"
 "127191","2019-02-16 05:03:21","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127191/"
 "127190","2019-02-16 05:03:20","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127190/"
-"127188","2019-02-16 05:03:19","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127188/"
+"127188","2019-02-16 05:03:19","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127188/"
 "127189","2019-02-16 05:03:19","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127189/"
 "127184","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127184/"
 "127185","2019-02-16 05:03:17","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127185/"
@@ -14091,7 +14642,7 @@
 "127166","2019-02-16 05:02:59","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127166/"
 "127165","2019-02-16 05:02:57","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127165/"
 "127164","2019-02-16 05:02:56","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127164/"
-"127163","2019-02-16 05:02:54","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127163/"
+"127163","2019-02-16 05:02:54","http://ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127163/"
 "127162","2019-02-16 05:02:51","https://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127162/"
 "127161","2019-02-16 05:02:48","https://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127161/"
 "127160","2019-02-16 05:02:42","https://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127160/"
@@ -14104,7 +14655,7 @@
 "127153","2019-02-16 05:02:22","https://comduoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127153/"
 "127152","2019-02-16 05:02:19","https://comduoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127152/"
 "127151","2019-02-16 05:02:16","https://comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127151/"
-"127150","2019-02-16 05:02:14","https://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127150/"
+"127150","2019-02-16 05:02:14","https://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127150/"
 "127149","2019-02-16 05:02:11","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127149/"
 "127148","2019-02-16 05:02:06","https://comduoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127148/"
 "127147","2019-02-16 05:02:04","https://comduoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127147/"
@@ -14123,7 +14674,7 @@
 "127134","2019-02-16 05:01:32","https://comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127134/"
 "127133","2019-02-16 05:01:29","https://comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127133/"
 "127132","2019-02-16 05:01:26","https://comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127132/"
-"127131","2019-02-16 05:01:23","https://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127131/"
+"127131","2019-02-16 05:01:23","https://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127131/"
 "127130","2019-02-16 05:01:20","http://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127130/"
 "127129","2019-02-16 05:01:19","http://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127129/"
 "127128","2019-02-16 05:01:17","http://comduoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127128/"
@@ -14144,7 +14695,7 @@
 "127113","2019-02-16 05:00:28","http://comduoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127113/"
 "127112","2019-02-16 05:00:25","http://comduoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127112/"
 "127111","2019-02-16 05:00:23","http://comduoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127111/"
-"127110","2019-02-16 05:00:21","http://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127110/"
+"127110","2019-02-16 05:00:21","http://comduoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127110/"
 "127109","2019-02-16 05:00:15","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127109/"
 "127108","2019-02-16 05:00:13","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127108/"
 "127107","2019-02-16 05:00:11","http://comduoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127107/"
@@ -14169,7 +14720,7 @@
 "127088","2019-02-16 04:57:46","http://comduoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127088/"
 "127087","2019-02-16 04:57:27","http://comduoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127087/"
 "127086","2019-02-16 04:57:20","http://comduoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127086/"
-"127085","2019-02-16 04:57:11","http://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127085/"
+"127085","2019-02-16 04:57:11","http://comduoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127085/"
 "127084","2019-02-16 04:55:09","https://agilife.pl/file/1767554/ajlzT-SeK_W-xRz/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/127084/"
 "127083","2019-02-16 04:54:10","http://autobuschel.ru/En_us/llc/8629908607223/gTPLL-q5m_vyXAFmH-syu/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/127083/"
 "127082","2019-02-16 04:53:53","http://equiracing.fr/templates/rhuk_milkyway_equiracing/css/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/127082/"
@@ -14195,8 +14746,8 @@
 "127062","2019-02-16 03:42:19","http://xn--90aeb9ae9a.xn--p1ai/Amazon/Documents/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127062/"
 "127061","2019-02-16 03:42:14","http://sexchatsnol.nl/Amazon/En/Documents/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127061/"
 "127060","2019-02-16 03:42:09","http://ilo-drink.nl/Amazon/EN/Messages/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127060/"
-"127059","2019-02-16 03:41:20","http://doservicework.com/Amazon/Details/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127059/"
-"127058","2019-02-16 03:41:14","http://currenteventsmemes.com/Amazon/En/Clients_Messages/2019-02/","online","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127058/"
+"127059","2019-02-16 03:41:20","http://doservicework.com/Amazon/Details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127059/"
+"127058","2019-02-16 03:41:14","http://currenteventsmemes.com/Amazon/En/Clients_Messages/2019-02/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127058/"
 "127057","2019-02-16 03:41:07","http://aterrosanitarioouroverde.com.br/Amazon/Clients_transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127057/"
 "127056","2019-02-16 03:38:18","http://ronex90.myjino.ru/Amazon/Clients_information/2019-02/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/127056/"
 "127055","2019-02-16 03:38:17","http://qitafood.com/Amazon/Payments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/127055/"
@@ -14215,7 +14766,7 @@
 "127042","2019-02-16 03:14:13","https://coqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127042/"
 "127041","2019-02-16 03:14:09","https://coqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127041/"
 "127040","2019-02-16 03:14:05","https://coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127040/"
-"127039","2019-02-16 03:14:01","https://coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127039/"
+"127039","2019-02-16 03:14:01","https://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127039/"
 "127038","2019-02-16 03:13:57","https://coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127038/"
 "127037","2019-02-16 03:13:54","https://coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127037/"
 "127036","2019-02-16 03:13:51","https://coqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/127036/"
@@ -14234,7 +14785,7 @@
 "127023","2019-02-16 03:13:11","https://coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127023/"
 "127022","2019-02-16 03:13:01","https://coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127022/"
 "127021","2019-02-16 03:12:59","https://coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127021/"
-"127020","2019-02-16 03:12:56","https://coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127020/"
+"127020","2019-02-16 03:12:56","https://coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/127020/"
 "127019","2019-02-16 03:12:53","http://coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127019/"
 "127018","2019-02-16 03:12:52","http://coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127018/"
 "127017","2019-02-16 03:12:50","http://coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127017/"
@@ -14255,7 +14806,7 @@
 "127002","2019-02-16 03:12:33","http://coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127002/"
 "127001","2019-02-16 03:12:32","http://coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127001/"
 "127000","2019-02-16 03:12:31","http://coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/127000/"
-"126999","2019-02-16 03:12:30","http://coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126999/"
+"126999","2019-02-16 03:12:30","http://coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126999/"
 "126996","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126996/"
 "126997","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126997/"
 "126998","2019-02-16 03:12:29","http://coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126998/"
@@ -14280,7 +14831,7 @@
 "126977","2019-02-16 03:12:09","http://coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126977/"
 "126976","2019-02-16 03:12:07","http://coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126976/"
 "126975","2019-02-16 03:12:06","http://coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126975/"
-"126974","2019-02-16 03:12:05","http://coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126974/"
+"126974","2019-02-16 03:12:05","http://coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126974/"
 "126973","2019-02-16 03:12:02","https://lists.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126973/"
 "126972","2019-02-16 03:11:59","https://lists.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126972/"
 "126971","2019-02-16 03:11:56","https://lists.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126971/"
@@ -14293,7 +14844,7 @@
 "126964","2019-02-16 03:11:38","https://lists.coqianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126964/"
 "126963","2019-02-16 03:11:36","https://lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126963/"
 "126962","2019-02-16 03:11:33","https://lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126962/"
-"126961","2019-02-16 03:11:30","https://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126961/"
+"126961","2019-02-16 03:11:30","https://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126961/"
 "126960","2019-02-16 03:11:28","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126960/"
 "126959","2019-02-16 03:11:25","https://lists.coqianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126959/"
 "126958","2019-02-16 03:11:23","https://lists.coqianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126958/"
@@ -14312,7 +14863,7 @@
 "126945","2019-02-16 03:10:01","https://lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126945/"
 "126944","2019-02-16 03:09:57","https://lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126944/"
 "126943","2019-02-16 03:09:54","https://lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126943/"
-"126942","2019-02-16 03:09:52","https://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126942/"
+"126942","2019-02-16 03:09:52","https://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126942/"
 "126941","2019-02-16 03:09:49","http://lists.coqianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126941/"
 "126940","2019-02-16 03:09:48","http://lists.coqianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126940/"
 "126939","2019-02-16 03:09:46","http://lists.coqianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126939/"
@@ -14332,7 +14883,7 @@
 "126925","2019-02-16 03:09:31","http://lists.coqianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126925/"
 "126924","2019-02-16 03:09:30","http://lists.coqianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126924/"
 "126923","2019-02-16 03:09:29","http://lists.coqianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126923/"
-"126921","2019-02-16 03:09:28","http://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126921/"
+"126921","2019-02-16 03:09:28","http://lists.coqianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126921/"
 "126922","2019-02-16 03:09:28","http://lists.coqianlong.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126922/"
 "126920","2019-02-16 03:09:27","http://lists.coqianlong.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126920/"
 "126917","2019-02-16 03:09:26","http://lists.coqianlong.watchdogdns.duckdns.org/lyd/d.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126917/"
@@ -14358,7 +14909,7 @@
 "126899","2019-02-16 03:09:09","http://lists.coqianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126899/"
 "126898","2019-02-16 03:09:07","http://lists.coqianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126898/"
 "126897","2019-02-16 03:09:06","http://lists.coqianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126897/"
-"126896","2019-02-16 03:09:05","http://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126896/"
+"126896","2019-02-16 03:09:05","http://lists.coqianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126896/"
 "126895","2019-02-16 02:54:07","http://nkcatering.pl/wp-content/themes/vogue/templates/contents/slavneft.zakaz.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126895/"
 "126894","2019-02-16 02:54:06","http://alisa-photo.com.ua/admin/ctxmenu/font/docx.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126894/"
 "126893","2019-02-16 02:54:04","http://yolyardim.baynuri.net/wp-content/ai1wm-backups/slavneft.zakaz.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126893/"
@@ -14394,13 +14945,13 @@
 "126863","2019-02-16 02:23:07","http://quadriconexiones.info/mylokifeb.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126863/"
 "126862","2019-02-16 02:23:06","http://quadriconexiones.info/fbnew.png","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126862/"
 "126861","2019-02-16 02:23:05","http://quadriconexiones.info/fbnew.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126861/"
-"126860","2019-02-16 02:18:18","http://www.acropol.com.eg/pdf/wealthy.exe","online","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126860/"
-"126859","2019-02-16 02:18:16","http://www.acropol.com.eg/pdf/sunny.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126859/"
-"126858","2019-02-16 02:18:13","http://www.acropol.com.eg/pdf/sales.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126858/"
+"126860","2019-02-16 02:18:18","http://www.acropol.com.eg/pdf/wealthy.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/126860/"
+"126859","2019-02-16 02:18:16","http://www.acropol.com.eg/pdf/sunny.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126859/"
+"126858","2019-02-16 02:18:13","http://www.acropol.com.eg/pdf/sales.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126858/"
 "126857","2019-02-16 02:18:11","http://www.acropol.com.eg/pdf/onos.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126857/"
 "126856","2019-02-16 02:18:09","http://www.acropol.com.eg/pdf/info.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126856/"
-"126855","2019-02-16 02:18:07","http://www.acropol.com.eg/pdf/contact.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126855/"
-"126854","2019-02-16 02:18:04","http://www.acropol.com.eg/pdf/admin.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126854/"
+"126855","2019-02-16 02:18:07","http://www.acropol.com.eg/pdf/contact.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126855/"
+"126854","2019-02-16 02:18:04","http://www.acropol.com.eg/pdf/admin.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126854/"
 "126853","2019-02-16 02:13:15","http://donsworld.org/templates/kitephotography/js/messg.jpg","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126853/"
 "126852","2019-02-16 02:13:12","http://nathannewman.org/wp-content/themes/boldnews/lang/messg.jpg","online","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126852/"
 "126851","2019-02-16 02:13:09","http://www.rdmarmotte.net/wp-content/themes/responsive/woocommerce/cart/Philip.Morris.International.zip","offline","malware_download","Ransomware,Troldesh","https://urlhaus.abuse.ch/url/126851/"
@@ -14444,7 +14995,7 @@
 "126813","2019-02-16 01:33:52","https://duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126813/"
 "126812","2019-02-16 01:33:49","https://duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126812/"
 "126811","2019-02-16 01:33:46","https://duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126811/"
-"126810","2019-02-16 01:33:43","https://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126810/"
+"126810","2019-02-16 01:33:43","https://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126810/"
 "126809","2019-02-16 01:33:41","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126809/"
 "126808","2019-02-16 01:33:38","https://duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126808/"
 "126807","2019-02-16 01:33:36","https://duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126807/"
@@ -14462,7 +15013,7 @@
 "126795","2019-02-16 01:32:56","https://duoliprudential.com.watchdogdns.duckdns.org/admin.exe","offline","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/126795/"
 "126794","2019-02-16 01:32:51","https://duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126794/"
 "126793","2019-02-16 01:32:45","https://duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126793/"
-"126792","2019-02-16 01:32:41","https://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126792/"
+"126792","2019-02-16 01:32:41","https://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126792/"
 "126791","2019-02-16 01:32:37","https://duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126791/"
 "126790","2019-02-16 01:32:32","http://duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126790/"
 "126789","2019-02-16 01:32:25","http://duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126789/"
@@ -14484,7 +15035,7 @@
 "126773","2019-02-16 01:31:55","http://duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126773/"
 "126771","2019-02-16 01:31:53","http://duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126771/"
 "126772","2019-02-16 01:31:53","http://duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126772/"
-"126770","2019-02-16 01:31:52","http://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126770/"
+"126770","2019-02-16 01:31:52","http://duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126770/"
 "126767","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126767/"
 "126768","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126768/"
 "126769","2019-02-16 01:31:51","http://duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126769/"
@@ -14509,7 +15060,7 @@
 "126748","2019-02-16 01:31:34","http://duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126748/"
 "126747","2019-02-16 01:31:32","http://duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126747/"
 "126746","2019-02-16 01:31:31","http://duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126746/"
-"126745","2019-02-16 01:31:30","http://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126745/"
+"126745","2019-02-16 01:31:30","http://duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126745/"
 "126744","2019-02-16 01:31:27","https://farmcomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126744/"
 "126743","2019-02-16 01:31:24","https://farmcomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126743/"
 "126742","2019-02-16 01:31:20","https://farmcomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126742/"
@@ -14522,7 +15073,7 @@
 "126735","2019-02-16 01:31:01","https://farmcomputewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126735/"
 "126734","2019-02-16 01:30:58","https://farmcomputewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126734/"
 "126733","2019-02-16 01:30:55","https://farmcomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126733/"
-"126732","2019-02-16 01:30:53","https://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126732/"
+"126732","2019-02-16 01:30:53","https://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126732/"
 "126731","2019-02-16 01:30:50","https://farmcomputewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126731/"
 "126730","2019-02-16 01:30:48","https://farmcomputewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126730/"
 "126729","2019-02-16 01:30:45","https://farmcomputewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126729/"
@@ -14541,7 +15092,7 @@
 "126716","2019-02-16 01:30:12","https://farmcomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126716/"
 "126715","2019-02-16 01:29:37","https://farmcomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126715/"
 "126714","2019-02-16 01:29:34","https://farmcomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126714/"
-"126713","2019-02-16 01:29:32","https://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126713/"
+"126713","2019-02-16 01:29:32","https://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126713/"
 "126712","2019-02-16 01:29:29","http://farmcomputewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126712/"
 "126711","2019-02-16 01:29:28","http://farmcomputewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126711/"
 "126710","2019-02-16 01:29:26","http://farmcomputewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126710/"
@@ -14562,7 +15113,7 @@
 "126695","2019-02-16 01:29:11","http://farmcomputewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126695/"
 "126693","2019-02-16 01:29:09","http://farmcomputewww.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126693/"
 "126694","2019-02-16 01:29:09","http://farmcomputewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126694/"
-"126692","2019-02-16 01:29:08","http://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126692/"
+"126692","2019-02-16 01:29:08","http://farmcomputewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126692/"
 "126689","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126689/"
 "126690","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126690/"
 "126691","2019-02-16 01:29:07","http://farmcomputewww.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126691/"
@@ -14587,7 +15138,7 @@
 "126670","2019-02-16 01:28:49","http://farmcomputewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126670/"
 "126669","2019-02-16 01:28:46","http://farmcomputewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126669/"
 "126668","2019-02-16 01:28:45","http://farmcomputewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126668/"
-"126667","2019-02-16 01:28:44","http://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126667/"
+"126667","2019-02-16 01:28:44","http://farmcomputewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126667/"
 "126666","2019-02-16 01:28:41","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126666/"
 "126665","2019-02-16 01:28:39","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126665/"
 "126664","2019-02-16 01:28:35","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126664/"
@@ -14600,7 +15151,7 @@
 "126657","2019-02-16 01:28:14","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126657/"
 "126656","2019-02-16 01:28:12","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126656/"
 "126655","2019-02-16 01:28:09","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126655/"
-"126654","2019-02-16 01:28:06","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126654/"
+"126654","2019-02-16 01:28:06","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126654/"
 "126653","2019-02-16 01:28:04","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126653/"
 "126652","2019-02-16 01:28:01","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126652/"
 "126651","2019-02-16 01:27:58","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126651/"
@@ -14619,7 +15170,7 @@
 "126638","2019-02-16 01:27:04","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126638/"
 "126637","2019-02-16 01:26:59","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126637/"
 "126636","2019-02-16 01:26:56","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126636/"
-"126635","2019-02-16 01:26:53","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126635/"
+"126635","2019-02-16 01:26:53","https://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126635/"
 "126634","2019-02-16 01:26:49","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126634/"
 "126633","2019-02-16 01:26:41","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126633/"
 "126632","2019-02-16 01:26:25","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126632/"
@@ -14640,7 +15191,7 @@
 "126617","2019-02-16 01:24:57","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126617/"
 "126616","2019-02-16 01:24:50","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126616/"
 "126615","2019-02-16 01:24:47","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/qsr.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126615/"
-"126614","2019-02-16 01:24:46","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126614/"
+"126614","2019-02-16 01:24:46","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126614/"
 "126613","2019-02-16 01:24:40","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126613/"
 "126611","2019-02-16 01:24:39","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/dmw.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126611/"
 "126612","2019-02-16 01:24:39","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/lyd/invoice.doc","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126612/"
@@ -14665,8 +15216,8 @@
 "126592","2019-02-16 01:22:30","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126592/"
 "126591","2019-02-16 01:22:16","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126591/"
 "126590","2019-02-16 01:22:11","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126590/"
-"126589","2019-02-16 01:22:06","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126589/"
-"126588","2019-02-16 00:58:12","http://prostranstvorosta.ru/EN_en/download/78720601871/gNrCC-bhx_DdkAUl-KL0/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126588/"
+"126589","2019-02-16 01:22:06","http://bounces.duoliprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126589/"
+"126588","2019-02-16 00:58:12","http://prostranstvorosta.ru/EN_en/download/78720601871/gNrCC-bhx_DdkAUl-KL0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126588/"
 "126587","2019-02-16 00:54:13","http://jaintigers.com/file/fanR-W8_pmwhaZW-2j4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126587/"
 "126586","2019-02-16 00:50:04","http://mantoerika.yazdvip.ir/US/xerox/Invoice_number/MJECq-y52_WUlHeblzb-c6/","online","malware_download","None","https://urlhaus.abuse.ch/url/126586/"
 "126585","2019-02-16 00:47:14","http://www.realhaunts.com/wp-content/plugins/akismet/_inc/img/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/126585/"
@@ -14683,7 +15234,7 @@
 "126574","2019-02-16 00:32:30","http://timothymills.org.uk/corporation/Copy_Invoice/uXaER-jbJ_DYX-lyE/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126574/"
 "126573","2019-02-16 00:32:24","http://salesround.com/US_us/download/Invoice_Notice/1549691030811/RrWbu-vV_jYIMXESHL-LE/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126573/"
 "126572","2019-02-16 00:32:17","http://qqenglish.com.cn/EN_en/llc/rkjV-e8WJ4_Qj-3Gs/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126572/"
-"126571","2019-02-16 00:32:09","http://pw-financial.net/Februar2019/YXSHKE7345353/Rechnungs/Rechnungszahlung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126571/"
+"126571","2019-02-16 00:32:09","http://pw-financial.net/Februar2019/YXSHKE7345353/Rechnungs/Rechnungszahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126571/"
 "126570","2019-02-16 00:29:04","http://afshari.yazdvip.ir/EN_en/company/Inv/gVSlo-m8WoH_AVpZKB-BN/","online","malware_download","None","https://urlhaus.abuse.ch/url/126570/"
 "126569","2019-02-16 00:27:09","http://92.63.197.153/work/3.exe","offline","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/126569/"
 "126568","2019-02-16 00:27:08","http://help3in1.oss-cn-hangzhou.aliyuncs.com/1405/QQHelper_1405.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126568/"
@@ -14701,7 +15252,7 @@
 "126556","2019-02-15 23:59:04","http://rms.uzelbilisim.com.tr/Amazon/En/Information/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126556/"
 "126555","2019-02-15 23:56:02","https://tischer.ro/document/61805022/gksJP-pt_vVj-agO/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126555/"
 "126554","2019-02-15 23:53:01","http://www.forodigitalpyme.es/US/file/Invoice_Notice/YSBoc-HFsMY_FXHFU-bf/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126554/"
-"126553","2019-02-15 23:49:04","http://ea-no7.net/.well-known/pki-validation/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126553/"
+"126553","2019-02-15 23:49:04","http://ea-no7.net/.well-known/pki-validation/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126553/"
 "126552","2019-02-15 23:46:03","http://mingroups.vn/company/Invoice_Notice/18513116945962/aBgCb-ZaC_bBREJCMeF-V1Z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126552/"
 "126551","2019-02-15 23:42:06","http://mimiabner.com/Invoice_number/coOkV-Jl_VOY-B8/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126551/"
 "126550","2019-02-15 23:39:08","http://jaspinformatica.com/HRdFL-IZC_yV-VS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126550/"
@@ -14710,7 +15261,7 @@
 "126547","2019-02-15 23:37:17","http://pis.grajewo.pl/wp-content/themes/Divi/js/messg.jpg","offline","malware_download","compressed,javascript,Ransomware,Troldesh,zip","https://urlhaus.abuse.ch/url/126547/"
 "126546","2019-02-15 23:36:07","http://weresolve.ca/AWlN-dO_LPWjbADqQ-hjt/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126546/"
 "126545","2019-02-15 23:35:53","http://xn----7sbbdfeovrgh2b6al.xn--p1ai/Amazon/En/Orders-details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126545/"
-"126544","2019-02-15 23:35:47","http://www.prdbrasil.com.br/Amazon/Attachments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126544/"
+"126544","2019-02-15 23:35:47","http://www.prdbrasil.com.br/Amazon/Attachments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126544/"
 "126543","2019-02-15 23:35:42","http://health.chmoz.com/download/Copy_Invoice/HdvXD-Ii32d_HOsonMPci-dEM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126543/"
 "126542","2019-02-15 23:35:32","http://royalskyworld.com/AMAZON/Payments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126542/"
 "126541","2019-02-15 23:35:23","http://retreatsmaui.com/Amazon/EN/Messages/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126541/"
@@ -14739,7 +15290,7 @@
 "126518","2019-02-15 23:23:04","http://jonathantercero.com/wp-content/themes/sonata/inc/meta-box/css/jqueryui/VserosBank.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126518/"
 "126517","2019-02-15 23:23:03","http://jonathantercero.com/wp-content/themes/sonata/inc/meta-box/css/jqueryui/PhilipMorris.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126517/"
 "126516","2019-02-15 23:21:05","http://izeussolutions.com/document/Copy_Invoice/hgMEX-8PG_PAvRNqo-Th/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126516/"
-"126515","2019-02-15 23:17:04","http://www.simplebsolutions.co.uk/US/corporation/Invoice_Notice/9955581/ZEqz-9WuK_ApOHQ-8pw/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126515/"
+"126515","2019-02-15 23:17:04","http://www.simplebsolutions.co.uk/US/corporation/Invoice_Notice/9955581/ZEqz-9WuK_ApOHQ-8pw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126515/"
 "126514","2019-02-15 23:14:13","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/Vseros.Bank.zakaz.docx.zip","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126514/"
 "126513","2019-02-15 23:14:12","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/Philip.Morris.International.zip","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126513/"
 "126512","2019-02-15 23:14:11","http://thebeautyresidence.net/wp-content/themes/hemlock/plugins/messg.jpg","offline","malware_download","comrpessed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126512/"
@@ -14747,9 +15298,9 @@
 "126510","2019-02-15 23:12:05","http://teelam9.com/myfb11.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/126510/"
 "126509","2019-02-15 23:09:06","http://thewordrelianceinternational.org/wp-content/themes/event-star/template-parts/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126509/"
 "126508","2019-02-15 23:09:02","http://jambanswers.org/.well-known/pki-validation/Vseros.Bank.zakaz.docx.zip","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/126508/"
-"126507","2019-02-15 23:08:03","http://westsideresources.org/US_us/scan/Copy_Invoice/BmNl-4B_LMSObWM-FN9/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126507/"
+"126507","2019-02-15 23:08:03","http://westsideresources.org/US_us/scan/Copy_Invoice/BmNl-4B_LMSObWM-FN9/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126507/"
 "126506","2019-02-15 23:03:02","http://mkcelectric.com/doc/qvjs-cJG4D_zNPVc-GG/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126506/"
-"126505","2019-02-15 22:59:02","http://aginversiones.net/US_us/llc/23806405831/vRSJ-4fgRh_HIg-cN/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126505/"
+"126505","2019-02-15 22:59:02","http://aginversiones.net/US_us/llc/23806405831/vRSJ-4fgRh_HIg-cN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126505/"
 "126504","2019-02-15 22:57:03","http://www.wsu.pl/templates/atomic/addons/demo_panel/images/messg.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/126504/"
 "126503","2019-02-15 22:55:16","http://suduguan.com/oldnew/formdpr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/126503/"
 "126502","2019-02-15 22:54:08","http://reddeadtwo.com/US_us/xerox/New_invoice/0555844815483/DOsL-oiU_S-W2/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126502/"
@@ -14758,15 +15309,15 @@
 "126499","2019-02-15 22:53:18","http://chadikaysora.com/Stealer/order.exe","online","malware_download","compressed,exe,jar,payload,stage2,zip","https://urlhaus.abuse.ch/url/126499/"
 "126498","2019-02-15 22:53:10","http://chadikaysora.com/Stealer/order.zip","online","malware_download","compressed,exe,jar,payload,stage2,zip","https://urlhaus.abuse.ch/url/126498/"
 "126497","2019-02-15 22:52:12","http://dorukhankumbet.com/wp-content/plugins/contact-form-7/acc.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126497/"
-"126496","2019-02-15 22:49:06","http://mmctalent.com/En/corporation/4918770/PHCI-23_m-zRS/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126496/"
-"126495","2019-02-15 22:44:05","http://tantrung.com/En_us/scan/Inv/681481662692/YSUCq-yL_pYdhPM-EMX/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126495/"
+"126496","2019-02-15 22:49:06","http://mmctalent.com/En/corporation/4918770/PHCI-23_m-zRS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126496/"
+"126495","2019-02-15 22:44:05","http://tantrung.com/En_us/scan/Inv/681481662692/YSUCq-yL_pYdhPM-EMX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126495/"
 "126494","2019-02-15 22:36:06","http://camasdecks.com/info/Invoice/MQKX-w0_lMkDp-BG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126494/"
 "126493","2019-02-15 22:29:12","https://doc-0s-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/iihknhvv46f451har5kugd0itode8hl0/1550260800000/09100922564250845248/*/1tKpTzIDP8TlJa5FTmUCA-uTxJAJkIELC","offline","malware_download","exe","https://urlhaus.abuse.ch/url/126493/"
 "126492","2019-02-15 22:26:07","http://rongenfishingpro.com/En/document/New_invoice/wqNW-yG_xtu-R8/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126492/"
 "126491","2019-02-15 22:22:03","http://www.sponsorplay.com/scan/04602848/QhWi-Fl_zcy-sj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126491/"
 "126490","2019-02-15 22:18:05","http://www.idoctorcloud.com/Invoice/KwpQ-5yNQ_Hx-eMI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126490/"
 "126489","2019-02-15 22:14:05","http://techrecyclers.info/EN_en/jSjtg-W7_gGC-rJX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126489/"
-"126488","2019-02-15 22:10:06","http://domanhtrang.com/En/scan/Invoice_number/QVKS-FFWtW_nGdgp-xD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126488/"
+"126488","2019-02-15 22:10:06","http://domanhtrang.com/En/scan/Invoice_number/QVKS-FFWtW_nGdgp-xD/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126488/"
 "126487","2019-02-15 22:07:29","http://www.caassure.ovh/xerox/jwrdp-dml7_N-qqo/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126487/"
 "126486","2019-02-15 22:07:24","http://tellingmusic.com/En_us/document/Copy_Invoice/051321957164/Jdmj-w2F_WaL-cS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126486/"
 "126485","2019-02-15 22:07:18","http://treasureto.com/Amazon/EN/Transactions-details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126485/"
@@ -14779,7 +15330,7 @@
 "126478","2019-02-15 22:06:48","http://enviedepices.fr/AMAZON/Clients/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126478/"
 "126477","2019-02-15 22:06:43","http://buralistesdugard.fr/Amazon/Transactions-details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126477/"
 "126476","2019-02-15 22:06:38","http://bestcleaningcolombia.com/Amazon/Clients_transactions/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126476/"
-"126475","2019-02-15 22:06:30","http://3.92.174.100/Amazon/En/Information/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126475/"
+"126475","2019-02-15 22:06:30","http://3.92.174.100/Amazon/En/Information/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126475/"
 "126474","2019-02-15 22:06:23","http://18.217.96.49/Amazon/EN/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126474/"
 "126473","2019-02-15 22:06:14","http://caree.in/corporation/ogjZD-sn4YS_aGlxAcciF-yVX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126473/"
 "126472","2019-02-15 22:03:03","http://pravara-mi.com/download/Invoice_number/fofur-h2CAB_c-lgb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126472/"
@@ -14790,7 +15341,7 @@
 "126467","2019-02-15 21:55:07","https://drive.google.com/uc?export=download&id=1TPWekt1wH2gmUMwFv_a6jyiFgHq-TxG4","online","malware_download","compressed,Loader,payload","https://urlhaus.abuse.ch/url/126467/"
 "126466","2019-02-15 21:55:06","https://drive.google.com/uc?export=download&id=1rp33UAGDE-eSmtdSO7gdlKDAo4uZI140","online","malware_download","compressed,Loader,payload","https://urlhaus.abuse.ch/url/126466/"
 "126465","2019-02-15 21:55:04","https://drive.google.com/uc?export=download&id=1j0gFsx99vuGUTnK5VKYurkLxR9wRQAyD","online","malware_download","compressed,Loader,payload","https://urlhaus.abuse.ch/url/126465/"
-"126464","2019-02-15 21:55:02","http://25yardscreamer.co.uk/file/Invoice_Notice/DNeUA-zc4F_JyyF-MyE/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126464/"
+"126464","2019-02-15 21:55:02","http://25yardscreamer.co.uk/file/Invoice_Notice/DNeUA-zc4F_JyyF-MyE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126464/"
 "126463","2019-02-15 21:47:09","http://hotelmaya.mx/En_us/scan/New_invoice/QaLyv-9S_tX-tX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126463/"
 "126462","2019-02-15 21:42:08","https://lifeskillsmagicschool.com/images/Order/Invoices/hGFghfJHFGJtRTrTYjgfJTYfrTYJfJYfjytfGjytfJYTFjyGFJtyFJfghjtyfGFHjyFRGjhFJhFRTyjfjGghfGHFgJHFjhgfj@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@","offline","malware_download","Adwind,jar,java,payload,rat","https://urlhaus.abuse.ch/url/126462/"
 "126461","2019-02-15 21:41:02","http://ililform.se/oned","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126461/"
@@ -14812,11 +15363,11 @@
 "126445","2019-02-15 20:42:10","http://stbarnabasps.edu.na/Amazon/EN/Transactions-details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126445/"
 "126444","2019-02-15 20:42:07","http://nmce2015.nichost.ru/Amazon/En/Clients_Messages/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126444/"
 "126443","2019-02-15 20:42:06","http://asansor.parsnet.space/Amazon/EN/Clients/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126443/"
-"126442","2019-02-15 20:42:03","http://35.190.186.53/Amazon/En/Payments_details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126442/"
+"126442","2019-02-15 20:42:03","http://35.190.186.53/Amazon/En/Payments_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126442/"
 "126441","2019-02-15 20:42:02","http://cech.gdansk.pl/llc/Inv/51545223150/KyNd-8Z8SW_qri-JS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/126441/"
 "126440","2019-02-15 20:39:02","http://theengineersguild.com/info/Invoice_Notice/aqJr-KGB_A-JoI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126440/"
 "126439","2019-02-15 20:36:21","http://13.126.61.11/qpA8kpDj8_rp/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126439/"
-"126438","2019-02-15 20:36:19","http://138.197.72.9/5jEtWZHLS/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126438/"
+"126438","2019-02-15 20:36:19","http://138.197.72.9/5jEtWZHLS/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126438/"
 "126437","2019-02-15 20:36:18","http://195.88.208.202/GkR3jnNg/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126437/"
 "126436","2019-02-15 20:36:17","http://markkellylive.com.au/nzB1yr7bR8Jf_VXGMg/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126436/"
 "126435","2019-02-15 20:36:11","http://tellusvillas.com/l2BOnRc5q_pGXL6RE/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/126435/"
@@ -14826,16 +15377,16 @@
 "126431","2019-02-15 20:31:10","https://doc-00-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/0p72cr7rffke4bottccuatc0jv9qkjhb/1550253600000/09100922564250845248/*/1HgSWyA3-erKtySCSJj0mJLoAWV6LpUo3","offline","malware_download","exe","https://urlhaus.abuse.ch/url/126431/"
 "126430","2019-02-15 20:29:06","http://193.77.216.20/US_us/scan/Invoice_number/eaFz-bA1hG_IrMD-5it/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126430/"
 "126429","2019-02-15 20:25:09","http://alexlema.com/css/a1/Mail_Access_Logs.doc","offline","malware_download","doc,Loader,rat,remcos,stage1","https://urlhaus.abuse.ch/url/126429/"
-"126428","2019-02-15 20:25:06","http://159.65.65.213/US_us/llc/Inv/OsvtZ-fja_VeDfqRvsn-9mK/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126428/"
+"126428","2019-02-15 20:25:06","http://159.65.65.213/US_us/llc/Inv/OsvtZ-fja_VeDfqRvsn-9mK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126428/"
 "126427","2019-02-15 20:23:30","http://mincoindia.com/wp-content/PcHeal.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/126427/"
 "126426","2019-02-15 20:23:11","http://sadaemujahid.com/a1/die.exe","offline","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126426/"
 "126425","2019-02-15 20:23:10","http://sadaemujahid.com/a1/lord.exe","offline","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126425/"
 "126424","2019-02-15 20:23:05","http://useraccount.co/assets/pqs/logo.jpg","offline","malware_download","exe,Loader,payload,trojan","https://urlhaus.abuse.ch/url/126424/"
 "126423","2019-02-15 20:20:05","http://traktor.parsnet.space/En/YZUYI-dlk_CfhKdCOSl-i6C/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126423/"
 "126422","2019-02-15 20:16:10","http://snopsd.duckdns.org:7101/mt810000019034.jar?_sm_au_%3diVVsR0FwMDnjWRqP","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/126422/"
-"126421","2019-02-15 20:15:31","http://207.154.223.104/sycTwoHI4/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126421/"
-"126420","2019-02-15 20:15:29","http://128.199.172.4/J1EuGgi0sx/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126420/"
-"126419","2019-02-15 20:15:27","http://themodellabel.com/QByaBRWa/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126419/"
+"126421","2019-02-15 20:15:31","http://207.154.223.104/sycTwoHI4/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126421/"
+"126420","2019-02-15 20:15:29","http://128.199.172.4/J1EuGgi0sx/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126420/"
+"126419","2019-02-15 20:15:27","http://themodellabel.com/QByaBRWa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126419/"
 "126418","2019-02-15 20:15:20","http://eventcherry.com/EPRpYDL/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126418/"
 "126417","2019-02-15 20:15:13","http://rhlnetwork.com/uuf31PTan3/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/126417/"
 "126416","2019-02-15 20:15:06","http://romantis.penghasilan.website/En/llc/0204066758/wVcLq-vu8C_hV-Tj/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126416/"
@@ -14894,20 +15445,20 @@
 "126363","2019-02-15 19:27:39","http://focus-group.spb.ru/Amazon/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126363/"
 "126362","2019-02-15 19:27:36","http://csvina.vn/wp-snapshots/Amazon/En/Orders-details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126362/"
 "126361","2019-02-15 19:27:33","http://charms.com.co/Amazon/EN/Orders_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126361/"
-"126360","2019-02-15 19:27:30","http://cash-lovers.com/Amazon/En/Attachments/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126360/"
-"126359","2019-02-15 19:26:59","http://big.5072610.ru/Amazon/En/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126359/"
+"126360","2019-02-15 19:27:30","http://cash-lovers.com/Amazon/En/Attachments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126360/"
+"126359","2019-02-15 19:26:59","http://big.5072610.ru/Amazon/En/Details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126359/"
 "126358","2019-02-15 19:26:54","http://arvendanismanlik.com/Amazon/EN/Transaction_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126358/"
 "126357","2019-02-15 19:26:46","http://arieloutdoors.in/Amazon/En/Transaction_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126357/"
 "126356","2019-02-15 19:26:39","http://54.202.85.204/Amazon/EN/Information/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126356/"
 "126355","2019-02-15 19:26:30","http://52.63.71.120/Amazon/En/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126355/"
 "126354","2019-02-15 19:26:22","http://52.63.119.3/Amazon/En/Clients/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126354/"
-"126353","2019-02-15 19:26:15","http://52.205.176.136/Amazon/EN/Details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126353/"
+"126353","2019-02-15 19:26:15","http://52.205.176.136/Amazon/EN/Details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126353/"
 "126352","2019-02-15 19:26:10","http://52.202.101.89/Amazon/En/Orders-details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126352/"
 "126351","2019-02-15 19:25:39","http://52.196.225.91/wordpress/Amazon/EN/Details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126351/"
-"126350","2019-02-15 19:25:34","http://188.192.104.226/wordpress/Amazon/EN/Transactions-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126350/"
-"126349","2019-02-15 19:25:30","http://188.131.164.117/Amazon/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126349/"
+"126350","2019-02-15 19:25:34","http://188.192.104.226/wordpress/Amazon/EN/Transactions-details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126350/"
+"126349","2019-02-15 19:25:30","http://188.131.164.117/Amazon/Attachments/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126349/"
 "126348","2019-02-15 19:25:25","http://159.65.142.218/wp-admin/Amazon/Attachments/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126348/"
-"126347","2019-02-15 19:25:20","http://13.126.61.22/Amazon/En/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126347/"
+"126347","2019-02-15 19:25:20","http://13.126.61.22/Amazon/En/Messages/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126347/"
 "126346","2019-02-15 19:25:14","http://115.66.127.67/Amazon/EN/Transactions/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126346/"
 "126345","2019-02-15 19:25:07","http://104.155.134.95/Amazon/En/Clients/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/126345/"
 "126344","2019-02-15 19:24:59","http://joerath.ca/US_us/scan/Inv/379791966093282/ozeH-2byJM_hd-yP/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126344/"
@@ -14928,7 +15479,7 @@
 "126329","2019-02-15 19:18:56","https://www.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126329/"
 "126328","2019-02-15 19:18:53","https://www.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126328/"
 "126327","2019-02-15 19:18:49","https://www.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126327/"
-"126326","2019-02-15 19:18:45","https://www.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126326/"
+"126326","2019-02-15 19:18:45","https://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126326/"
 "126325","2019-02-15 19:18:42","https://www.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126325/"
 "126324","2019-02-15 19:18:36","https://www.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126324/"
 "126323","2019-02-15 19:18:31","https://www.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126323/"
@@ -14944,7 +15495,7 @@
 "126313","2019-02-15 19:17:36","https://www.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126313/"
 "126312","2019-02-15 19:17:30","https://www.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126312/"
 "126311","2019-02-15 19:17:27","https://www.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126311/"
-"126310","2019-02-15 19:17:23","https://www.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126310/"
+"126310","2019-02-15 19:17:23","https://www.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126310/"
 "126309","2019-02-15 19:17:18","http://www.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126309/"
 "126308","2019-02-15 19:17:12","http://www.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126308/"
 "126307","2019-02-15 19:16:56","http://www.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126307/"
@@ -14957,7 +15508,7 @@
 "126300","2019-02-15 19:16:39","http://www.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126300/"
 "126299","2019-02-15 19:16:37","http://www.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126299/"
 "126298","2019-02-15 19:16:36","http://www.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126298/"
-"126297","2019-02-15 19:16:35","http://www.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126297/"
+"126297","2019-02-15 19:16:35","http://www.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126297/"
 "126296","2019-02-15 19:16:33","http://www.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126296/"
 "126295","2019-02-15 19:16:32","http://www.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126295/"
 "126294","2019-02-15 19:16:24","http://www.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126294/"
@@ -14974,7 +15525,7 @@
 "126283","2019-02-15 19:16:07","http://www.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126283/"
 "126282","2019-02-15 19:16:03","http://www.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126282/"
 "126281","2019-02-15 19:16:01","http://www.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126281/"
-"126280","2019-02-15 19:16:00","http://www.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126280/"
+"126280","2019-02-15 19:16:00","http://www.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126280/"
 "126279","2019-02-15 19:15:57","https://ta107s3.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126279/"
 "126278","2019-02-15 19:15:55","https://ta107s3.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126278/"
 "126277","2019-02-15 19:15:51","https://ta107s3.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126277/"
@@ -14987,7 +15538,7 @@
 "126270","2019-02-15 19:15:31","https://ta107s3.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126270/"
 "126269","2019-02-15 19:15:27","https://ta107s3.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126269/"
 "126268","2019-02-15 19:15:25","https://ta107s3.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126268/"
-"126267","2019-02-15 19:15:22","https://ta107s3.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126267/"
+"126267","2019-02-15 19:15:22","https://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126267/"
 "126266","2019-02-15 19:15:20","https://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126266/"
 "126265","2019-02-15 19:15:17","https://ta107s3.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126265/"
 "126264","2019-02-15 19:15:14","https://ta107s3.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126264/"
@@ -15006,7 +15557,7 @@
 "126251","2019-02-15 19:14:18","https://ta107s3.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126251/"
 "126250","2019-02-15 19:14:10","https://ta107s3.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126250/"
 "126249","2019-02-15 19:14:05","https://ta107s3.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126249/"
-"126248","2019-02-15 19:14:02","https://ta107s3.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126248/"
+"126248","2019-02-15 19:14:02","https://ta107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126248/"
 "126247","2019-02-15 19:13:59","http://ta107s3.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126247/"
 "126246","2019-02-15 19:13:58","http://ta107s3.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126246/"
 "126245","2019-02-15 19:13:55","http://ta107s3.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126245/"
@@ -15021,7 +15572,7 @@
 "126236","2019-02-15 19:13:37","http://ta107s3.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126236/"
 "126235","2019-02-15 19:13:36","http://ta107s3.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126235/"
 "126234","2019-02-15 19:13:35","http://ta107s3.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126234/"
-"126233","2019-02-15 19:13:34","http://ta107s3.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126233/"
+"126233","2019-02-15 19:13:34","http://ta107s3.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126233/"
 "126232","2019-02-15 19:13:33","http://ta107s3.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126232/"
 "126231","2019-02-15 19:13:32","http://ta107s3.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126231/"
 "126230","2019-02-15 19:13:31","http://ta107s3.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126230/"
@@ -15041,7 +15592,7 @@
 "126216","2019-02-15 19:13:15","http://ta107s3.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126216/"
 "126215","2019-02-15 19:13:13","http://ta107s3.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126215/"
 "126214","2019-02-15 19:13:12","http://ta107s3.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126214/"
-"126213","2019-02-15 19:13:11","http://ta107s3.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126213/"
+"126213","2019-02-15 19:13:11","http://ta107s3.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126213/"
 "126212","2019-02-15 19:13:08","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126212/"
 "126211","2019-02-15 19:13:06","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126211/"
 "126210","2019-02-15 19:13:02","http://forsalebybuilderusa.com/En/scan/Invoice_number/0009788342914/vsHI-qTON_DqAgcAYw-11j/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/126210/"
@@ -15055,7 +15606,7 @@
 "126202","2019-02-15 19:12:33","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126202/"
 "126201","2019-02-15 19:12:30","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126201/"
 "126200","2019-02-15 19:12:28","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126200/"
-"126199","2019-02-15 19:12:25","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126199/"
+"126199","2019-02-15 19:12:25","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126199/"
 "126198","2019-02-15 19:12:22","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126198/"
 "126197","2019-02-15 19:12:19","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126197/"
 "126196","2019-02-15 19:12:17","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126196/"
@@ -15074,7 +15625,7 @@
 "126183","2019-02-15 19:11:45","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126183/"
 "126182","2019-02-15 19:11:42","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126182/"
 "126181","2019-02-15 19:11:39","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126181/"
-"126180","2019-02-15 19:11:37","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126180/"
+"126180","2019-02-15 19:11:37","https://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126180/"
 "126179","2019-02-15 19:11:34","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126179/"
 "126178","2019-02-15 19:11:33","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126178/"
 "126177","2019-02-15 19:11:31","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126177/"
@@ -15088,7 +15639,7 @@
 "126169","2019-02-15 19:11:19","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126169/"
 "126168","2019-02-15 19:11:17","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126168/"
 "126167","2019-02-15 19:11:16","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126167/"
-"126165","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126165/"
+"126165","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126165/"
 "126166","2019-02-15 19:11:14","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126166/"
 "126164","2019-02-15 19:11:13","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126164/"
 "126163","2019-02-15 19:11:12","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126163/"
@@ -15109,7 +15660,7 @@
 "126148","2019-02-15 19:10:56","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126148/"
 "126147","2019-02-15 19:10:53","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126147/"
 "126146","2019-02-15 19:10:52","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126146/"
-"126145","2019-02-15 19:10:50","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126145/"
+"126145","2019-02-15 19:10:50","http://www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126145/"
 "126144","2019-02-15 19:10:47","https://com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126144/"
 "126143","2019-02-15 19:10:45","https://com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126143/"
 "126142","2019-02-15 19:10:31","https://com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126142/"
@@ -15122,7 +15673,7 @@
 "126135","2019-02-15 19:10:09","https://com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126135/"
 "126134","2019-02-15 19:10:06","https://com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126134/"
 "126133","2019-02-15 19:10:04","https://com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126133/"
-"126132","2019-02-15 19:10:00","https://com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126132/"
+"126132","2019-02-15 19:10:00","https://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126132/"
 "126131","2019-02-15 19:09:58","https://com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126131/"
 "126130","2019-02-15 19:09:55","https://com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126130/"
 "126129","2019-02-15 19:09:53","https://com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126129/"
@@ -15141,7 +15692,7 @@
 "126116","2019-02-15 19:09:21","https://com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126116/"
 "126115","2019-02-15 19:09:17","https://com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126115/"
 "126114","2019-02-15 19:09:15","https://com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126114/"
-"126113","2019-02-15 19:09:12","https://com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126113/"
+"126113","2019-02-15 19:09:12","https://com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126113/"
 "126112","2019-02-15 19:09:10","http://com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126112/"
 "126111","2019-02-15 19:09:09","http://com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126111/"
 "126110","2019-02-15 19:09:07","http://com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126110/"
@@ -15156,7 +15707,7 @@
 "126101","2019-02-15 19:08:54","http://com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126101/"
 "126100","2019-02-15 19:08:52","http://com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126100/"
 "126099","2019-02-15 19:08:51","http://com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126099/"
-"126098","2019-02-15 19:08:50","http://com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126098/"
+"126098","2019-02-15 19:08:50","http://com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126098/"
 "126097","2019-02-15 19:08:49","http://com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126097/"
 "126096","2019-02-15 19:08:48","http://com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126096/"
 "126095","2019-02-15 19:08:47","http://com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126095/"
@@ -15176,7 +15727,7 @@
 "126081","2019-02-15 19:08:32","http://com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126081/"
 "126080","2019-02-15 19:08:29","http://com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126080/"
 "126079","2019-02-15 19:08:28","http://com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126079/"
-"126078","2019-02-15 19:08:27","http://com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126078/"
+"126078","2019-02-15 19:08:27","http://com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126078/"
 "126077","2019-02-15 19:08:24","https://iprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126077/"
 "126076","2019-02-15 19:08:22","https://iprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126076/"
 "126075","2019-02-15 19:08:18","https://iprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126075/"
@@ -15189,7 +15740,7 @@
 "126068","2019-02-15 19:07:58","https://iprudential.com.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126068/"
 "126067","2019-02-15 19:07:55","https://iprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126067/"
 "126066","2019-02-15 19:07:53","https://iprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126066/"
-"126065","2019-02-15 19:07:50","https://iprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126065/"
+"126065","2019-02-15 19:07:50","https://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126065/"
 "126064","2019-02-15 19:07:48","https://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126064/"
 "126063","2019-02-15 19:07:46","https://iprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126063/"
 "126062","2019-02-15 19:07:44","https://iprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126062/"
@@ -15208,7 +15759,7 @@
 "126049","2019-02-15 19:07:14","https://iprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126049/"
 "126048","2019-02-15 19:07:10","https://iprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126048/"
 "126047","2019-02-15 19:07:08","https://iprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126047/"
-"126046","2019-02-15 19:07:05","https://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126046/"
+"126046","2019-02-15 19:07:05","https://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126046/"
 "126045","2019-02-15 19:07:03","http://iprudential.com.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126045/"
 "126044","2019-02-15 19:07:02","http://iprudential.com.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126044/"
 "126043","2019-02-15 19:06:59","http://iprudential.com.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126043/"
@@ -15223,7 +15774,7 @@
 "126034","2019-02-15 19:06:43","http://iprudential.com.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126034/"
 "126033","2019-02-15 19:06:42","http://iprudential.com.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126033/"
 "126032","2019-02-15 19:06:40","http://iprudential.com.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126032/"
-"126031","2019-02-15 19:06:39","http://iprudential.com.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126031/"
+"126031","2019-02-15 19:06:39","http://iprudential.com.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126031/"
 "126030","2019-02-15 19:06:38","http://iprudential.com.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126030/"
 "126029","2019-02-15 19:06:37","http://iprudential.com.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126029/"
 "126028","2019-02-15 19:06:35","http://iprudential.com.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126028/"
@@ -15243,7 +15794,7 @@
 "126014","2019-02-15 19:06:15","http://iprudential.com.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126014/"
 "126013","2019-02-15 19:06:13","http://iprudential.com.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126013/"
 "126012","2019-02-15 19:06:12","http://iprudential.com.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126012/"
-"126011","2019-02-15 19:06:10","http://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126011/"
+"126011","2019-02-15 19:06:10","http://iprudential.com.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/126011/"
 "126010","2019-02-15 19:06:07","https://jsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126010/"
 "126009","2019-02-15 19:06:04","https://jsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126009/"
 "126008","2019-02-15 19:06:01","https://jsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126008/"
@@ -15256,7 +15807,7 @@
 "126001","2019-02-15 19:05:42","https://jsrwaco.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/126001/"
 "126000","2019-02-15 19:05:39","https://jsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/126000/"
 "125999","2019-02-15 19:05:36","https://jsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125999/"
-"125998","2019-02-15 19:05:33","https://jsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125998/"
+"125998","2019-02-15 19:05:33","https://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125998/"
 "125997","2019-02-15 19:05:31","https://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125997/"
 "125996","2019-02-15 19:05:29","https://jsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125996/"
 "125995","2019-02-15 19:05:26","https://jsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125995/"
@@ -15275,7 +15826,7 @@
 "125982","2019-02-15 19:04:51","https://jsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125982/"
 "125981","2019-02-15 19:04:47","https://jsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125981/"
 "125980","2019-02-15 19:04:44","https://jsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125980/"
-"125979","2019-02-15 19:04:41","https://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125979/"
+"125979","2019-02-15 19:04:41","https://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125979/"
 "125978","2019-02-15 19:04:38","http://jsrwaco.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125978/"
 "125977","2019-02-15 19:04:36","http://jsrwaco.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125977/"
 "125976","2019-02-15 19:04:31","http://jsrwaco.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125976/"
@@ -15290,7 +15841,7 @@
 "125967","2019-02-15 19:03:01","http://jsrwaco.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125967/"
 "125966","2019-02-15 19:02:44","http://jsrwaco.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125966/"
 "125965","2019-02-15 19:02:25","http://jsrwaco.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125965/"
-"125964","2019-02-15 19:02:14","http://jsrwaco.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125964/"
+"125964","2019-02-15 19:02:14","http://jsrwaco.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125964/"
 "125963","2019-02-15 19:02:07","http://jsrwaco.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125963/"
 "125962","2019-02-15 19:02:01","http://jsrwaco.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125962/"
 "125961","2019-02-15 19:01:55","http://jsrwaco.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125961/"
@@ -15306,12 +15857,12 @@
 "125951","2019-02-15 19:00:52","http://jsrwaco.watchdogdns.duckdns.org/frank/invioce.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125951/"
 "125950","2019-02-15 19:00:48","http://jsrwaco.watchdogdns.duckdns.org/frank/Azeez%202.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125950/"
 "125949","2019-02-15 19:00:44","http://jsrwaco.watchdogdns.duckdns.org/frank/AZEEZ.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125949/"
-"125948","2019-02-15 19:00:39","http://160.16.198.220/scan/Inv/NFqVR-RQ_aLTZfrBiO-fYA/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125948/"
+"125948","2019-02-15 19:00:39","http://160.16.198.220/scan/Inv/NFqVR-RQ_aLTZfrBiO-fYA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125948/"
 "125947","2019-02-15 19:00:36","http://jsrwaco.watchdogdns.duckdns.org/admin.exe","offline","malware_download","exe,LimeRAT,payload","https://urlhaus.abuse.ch/url/125947/"
 "125946","2019-02-15 19:00:30","http://jsrwaco.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125946/"
 "125945","2019-02-15 19:00:10","http://jsrwaco.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125945/"
 "125944","2019-02-15 19:00:05","http://jsrwaco.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125944/"
-"125943","2019-02-15 18:59:56","http://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125943/"
+"125943","2019-02-15 18:59:56","http://jsrwaco.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125943/"
 "125942","2019-02-15 18:59:49","https://resonance-pub.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125942/"
 "125941","2019-02-15 18:59:45","https://resonance-pub.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125941/"
 "125940","2019-02-15 18:59:39","https://resonance-pub.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125940/"
@@ -15324,7 +15875,7 @@
 "125933","2019-02-15 18:59:09","https://resonance-pub.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125933/"
 "125932","2019-02-15 18:59:06","https://resonance-pub.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125932/"
 "125931","2019-02-15 18:59:02","https://resonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125931/"
-"125930","2019-02-15 18:58:58","https://resonance-pub.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125930/"
+"125930","2019-02-15 18:58:58","https://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125930/"
 "125929","2019-02-15 18:58:54","https://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125929/"
 "125928","2019-02-15 18:58:51","https://resonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125928/"
 "125927","2019-02-15 18:58:48","https://resonance-pub.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125927/"
@@ -15343,7 +15894,7 @@
 "125914","2019-02-15 18:58:06","https://resonance-pub.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125914/"
 "125913","2019-02-15 18:58:01","https://resonance-pub.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125913/"
 "125912","2019-02-15 18:57:58","https://resonance-pub.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125912/"
-"125911","2019-02-15 18:57:55","https://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125911/"
+"125911","2019-02-15 18:57:55","https://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125911/"
 "125910","2019-02-15 18:57:52","http://resonance-pub.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125910/"
 "125909","2019-02-15 18:57:46","http://resonance-pub.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125909/"
 "125908","2019-02-15 18:57:24","http://resonance-pub.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125908/"
@@ -15358,7 +15909,7 @@
 "125899","2019-02-15 18:55:52","http://resonance-pub.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125899/"
 "125898","2019-02-15 18:55:44","http://resonance-pub.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125898/"
 "125897","2019-02-15 18:55:33","http://resonance-pub.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125897/"
-"125896","2019-02-15 18:55:29","http://resonance-pub.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125896/"
+"125896","2019-02-15 18:55:29","http://resonance-pub.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125896/"
 "125895","2019-02-15 18:55:17","http://resonance-pub.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125895/"
 "125894","2019-02-15 18:55:10","http://resonance-pub.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125894/"
 "125893","2019-02-15 18:55:04","http://resonance-pub.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125893/"
@@ -15378,7 +15929,7 @@
 "125879","2019-02-15 18:53:17","http://resonance-pub.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125879/"
 "125878","2019-02-15 18:52:59","http://resonance-pub.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125878/"
 "125877","2019-02-15 18:52:55","http://resonance-pub.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125877/"
-"125876","2019-02-15 18:52:54","http://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125876/"
+"125876","2019-02-15 18:52:54","http://resonance-pub.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125876/"
 "125875","2019-02-15 18:52:50","https://qianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125875/"
 "125874","2019-02-15 18:52:47","https://qianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125874/"
 "125873","2019-02-15 18:52:42","https://qianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125873/"
@@ -15391,7 +15942,7 @@
 "125866","2019-02-15 18:52:19","https://qianlong.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125866/"
 "125865","2019-02-15 18:52:16","https://qianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125865/"
 "125864","2019-02-15 18:52:13","https://qianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125864/"
-"125863","2019-02-15 18:52:10","https://qianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125863/"
+"125863","2019-02-15 18:52:10","https://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125863/"
 "125862","2019-02-15 18:52:07","https://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125862/"
 "125861","2019-02-15 18:52:05","https://qianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125861/"
 "125860","2019-02-15 18:52:02","https://qianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125860/"
@@ -15410,7 +15961,7 @@
 "125847","2019-02-15 18:51:31","https://qianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125847/"
 "125846","2019-02-15 18:51:27","https://qianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125846/"
 "125845","2019-02-15 18:51:25","https://qianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125845/"
-"125844","2019-02-15 18:51:22","https://qianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125844/"
+"125844","2019-02-15 18:51:22","https://qianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125844/"
 "125843","2019-02-15 18:51:19","http://qianlong.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125843/"
 "125842","2019-02-15 18:51:18","http://qianlong.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125842/"
 "125841","2019-02-15 18:51:15","http://qianlong.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125841/"
@@ -15425,7 +15976,7 @@
 "125832","2019-02-15 18:51:01","http://qianlong.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125832/"
 "125831","2019-02-15 18:51:00","http://qianlong.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125831/"
 "125830","2019-02-15 18:50:58","http://qianlong.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125830/"
-"125829","2019-02-15 18:50:57","http://qianlong.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125829/"
+"125829","2019-02-15 18:50:57","http://qianlong.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125829/"
 "125828","2019-02-15 18:50:56","http://qianlong.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125828/"
 "125827","2019-02-15 18:50:55","http://qianlong.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125827/"
 "125826","2019-02-15 18:50:54","http://qianlong.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125826/"
@@ -15445,7 +15996,7 @@
 "125812","2019-02-15 18:50:36","http://qianlong.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125812/"
 "125811","2019-02-15 18:50:34","http://qianlong.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125811/"
 "125810","2019-02-15 18:50:32","http://qianlong.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125810/"
-"125809","2019-02-15 18:50:31","http://qianlong.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125809/"
+"125809","2019-02-15 18:50:31","http://qianlong.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125809/"
 "125808","2019-02-15 18:50:28","https://computewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125808/"
 "125807","2019-02-15 18:50:24","https://computewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125807/"
 "125806","2019-02-15 18:50:18","https://computewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125806/"
@@ -15458,7 +16009,7 @@
 "125799","2019-02-15 18:49:54","https://computewww.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125799/"
 "125798","2019-02-15 18:49:52","https://computewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125798/"
 "125797","2019-02-15 18:49:49","https://computewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125797/"
-"125796","2019-02-15 18:49:46","https://computewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125796/"
+"125796","2019-02-15 18:49:46","https://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125796/"
 "125795","2019-02-15 18:49:43","https://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125795/"
 "125794","2019-02-15 18:49:41","https://computewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125794/"
 "125793","2019-02-15 18:49:38","https://computewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125793/"
@@ -15477,7 +16028,7 @@
 "125780","2019-02-15 18:49:08","https://computewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125780/"
 "125779","2019-02-15 18:49:04","https://computewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125779/"
 "125778","2019-02-15 18:49:01","https://computewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125778/"
-"125777","2019-02-15 18:48:59","https://computewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125777/"
+"125777","2019-02-15 18:48:59","https://computewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125777/"
 "125776","2019-02-15 18:48:56","http://computewww.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125776/"
 "125775","2019-02-15 18:48:55","http://computewww.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125775/"
 "125774","2019-02-15 18:48:52","http://computewww.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125774/"
@@ -15492,7 +16043,7 @@
 "125765","2019-02-15 18:48:39","http://computewww.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125765/"
 "125764","2019-02-15 18:48:38","http://computewww.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125764/"
 "125763","2019-02-15 18:48:37","http://computewww.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125763/"
-"125762","2019-02-15 18:48:36","http://computewww.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125762/"
+"125762","2019-02-15 18:48:36","http://computewww.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125762/"
 "125761","2019-02-15 18:48:35","http://computewww.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125761/"
 "125760","2019-02-15 18:48:34","http://computewww.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125760/"
 "125759","2019-02-15 18:48:33","http://computewww.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125759/"
@@ -15512,7 +16063,7 @@
 "125745","2019-02-15 18:48:17","http://computewww.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125745/"
 "125744","2019-02-15 18:48:15","http://computewww.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125744/"
 "125743","2019-02-15 18:48:14","http://computewww.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125743/"
-"125742","2019-02-15 18:48:12","http://computewww.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125742/"
+"125742","2019-02-15 18:48:12","http://computewww.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125742/"
 "125741","2019-02-15 18:48:09","https://doverenewables.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125741/"
 "125740","2019-02-15 18:48:07","https://doverenewables.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125740/"
 "125739","2019-02-15 18:48:03","https://doverenewables.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125739/"
@@ -15525,7 +16076,7 @@
 "125732","2019-02-15 18:47:44","https://doverenewables.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125732/"
 "125731","2019-02-15 18:47:41","https://doverenewables.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125731/"
 "125730","2019-02-15 18:47:39","https://doverenewables.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125730/"
-"125729","2019-02-15 18:47:36","https://doverenewables.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125729/"
+"125729","2019-02-15 18:47:36","https://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125729/"
 "125728","2019-02-15 18:47:34","https://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125728/"
 "125727","2019-02-15 18:47:31","https://doverenewables.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125727/"
 "125726","2019-02-15 18:47:29","https://doverenewables.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125726/"
@@ -15544,7 +16095,7 @@
 "125713","2019-02-15 18:46:58","https://doverenewables.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125713/"
 "125712","2019-02-15 18:46:55","https://doverenewables.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125712/"
 "125711","2019-02-15 18:46:52","https://doverenewables.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125711/"
-"125710","2019-02-15 18:46:49","https://doverenewables.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125710/"
+"125710","2019-02-15 18:46:49","https://doverenewables.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125710/"
 "125709","2019-02-15 18:46:47","http://doverenewables.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125709/"
 "125708","2019-02-15 18:46:46","http://doverenewables.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125708/"
 "125707","2019-02-15 18:46:44","http://doverenewables.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125707/"
@@ -15559,7 +16110,7 @@
 "125698","2019-02-15 18:46:30","http://doverenewables.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125698/"
 "125697","2019-02-15 18:46:29","http://doverenewables.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125697/"
 "125696","2019-02-15 18:46:27","http://doverenewables.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125696/"
-"125695","2019-02-15 18:46:26","http://doverenewables.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125695/"
+"125695","2019-02-15 18:46:26","http://doverenewables.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125695/"
 "125694","2019-02-15 18:46:25","http://doverenewables.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125694/"
 "125693","2019-02-15 18:46:24","http://doverenewables.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125693/"
 "125692","2019-02-15 18:46:23","http://doverenewables.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125692/"
@@ -15580,7 +16131,7 @@
 "125677","2019-02-15 18:45:19","http://doverenewables.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125677/"
 "125676","2019-02-15 18:45:17","http://doverenewables.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125676/"
 "125675","2019-02-15 18:45:16","http://doverenewables.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125675/"
-"125674","2019-02-15 18:45:14","http://doverenewables.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125674/"
+"125674","2019-02-15 18:45:14","http://doverenewables.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125674/"
 "125673","2019-02-15 18:45:12","https://mirtv.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125673/"
 "125672","2019-02-15 18:45:09","https://mirtv.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125672/"
 "125671","2019-02-15 18:45:04","https://mirtv.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125671/"
@@ -15593,7 +16144,7 @@
 "125664","2019-02-15 18:44:45","https://mirtv.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125664/"
 "125663","2019-02-15 18:44:43","https://mirtv.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125663/"
 "125662","2019-02-15 18:44:40","https://mirtv.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125662/"
-"125661","2019-02-15 18:44:37","https://mirtv.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125661/"
+"125661","2019-02-15 18:44:37","https://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125661/"
 "125660","2019-02-15 18:44:35","https://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125660/"
 "125659","2019-02-15 18:44:32","https://mirtv.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125659/"
 "125658","2019-02-15 18:44:29","https://mirtv.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125658/"
@@ -15612,7 +16163,7 @@
 "125645","2019-02-15 18:43:57","https://mirtv.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125645/"
 "125644","2019-02-15 18:43:53","https://mirtv.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125644/"
 "125643","2019-02-15 18:43:51","https://mirtv.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125643/"
-"125642","2019-02-15 18:43:48","https://mirtv.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125642/"
+"125642","2019-02-15 18:43:48","https://mirtv.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125642/"
 "125641","2019-02-15 18:43:46","http://mirtv.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125641/"
 "125640","2019-02-15 18:43:45","http://mirtv.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125640/"
 "125639","2019-02-15 18:43:43","http://mirtv.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125639/"
@@ -15627,7 +16178,7 @@
 "125630","2019-02-15 18:43:30","http://mirtv.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125630/"
 "125629","2019-02-15 18:43:29","http://mirtv.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125629/"
 "125628","2019-02-15 18:43:28","http://mirtv.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125628/"
-"125627","2019-02-15 18:43:27","http://mirtv.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125627/"
+"125627","2019-02-15 18:43:27","http://mirtv.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125627/"
 "125626","2019-02-15 18:43:26","http://mirtv.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125626/"
 "125625","2019-02-15 18:43:25","http://mirtv.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125625/"
 "125624","2019-02-15 18:43:24","http://mirtv.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125624/"
@@ -15647,7 +16198,7 @@
 "125610","2019-02-15 18:43:09","http://mirtv.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125610/"
 "125609","2019-02-15 18:43:07","http://mirtv.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125609/"
 "125608","2019-02-15 18:43:06","http://mirtv.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125608/"
-"125607","2019-02-15 18:43:05","http://mirtv.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125607/"
+"125607","2019-02-15 18:43:05","http://mirtv.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125607/"
 "125606","2019-02-15 18:43:02","https://smart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125606/"
 "125605","2019-02-15 18:42:59","https://smart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125605/"
 "125604","2019-02-15 18:42:55","https://smart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125604/"
@@ -15660,7 +16211,7 @@
 "125597","2019-02-15 18:42:35","https://smart-testsolutions.watchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125597/"
 "125596","2019-02-15 18:42:33","https://smart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125596/"
 "125595","2019-02-15 18:42:30","https://smart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125595/"
-"125594","2019-02-15 18:42:27","https://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125594/"
+"125594","2019-02-15 18:42:27","https://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125594/"
 "125593","2019-02-15 18:42:25","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125593/"
 "125592","2019-02-15 18:42:23","https://smart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125592/"
 "125591","2019-02-15 18:42:20","https://smart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125591/"
@@ -15679,7 +16230,7 @@
 "125578","2019-02-15 18:41:50","https://smart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125578/"
 "125577","2019-02-15 18:41:46","https://smart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125577/"
 "125576","2019-02-15 18:41:44","https://smart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125576/"
-"125575","2019-02-15 18:41:41","https://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125575/"
+"125575","2019-02-15 18:41:41","https://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125575/"
 "125574","2019-02-15 18:41:39","http://smart-testsolutions.watchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125574/"
 "125573","2019-02-15 18:41:38","http://smart-testsolutions.watchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125573/"
 "125572","2019-02-15 18:41:35","http://smart-testsolutions.watchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125572/"
@@ -15694,7 +16245,7 @@
 "125563","2019-02-15 18:41:23","http://smart-testsolutions.watchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125563/"
 "125562","2019-02-15 18:41:21","http://smart-testsolutions.watchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125562/"
 "125561","2019-02-15 18:41:20","http://smart-testsolutions.watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125561/"
-"125560","2019-02-15 18:41:19","http://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125560/"
+"125560","2019-02-15 18:41:19","http://smart-testsolutions.watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125560/"
 "125558","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125558/"
 "125559","2019-02-15 18:41:18","http://smart-testsolutions.watchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125559/"
 "125557","2019-02-15 18:41:16","http://smart-testsolutions.watchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125557/"
@@ -15714,7 +16265,7 @@
 "125543","2019-02-15 18:41:02","http://smart-testsolutions.watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125543/"
 "125542","2019-02-15 18:40:58","http://smart-testsolutions.watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125542/"
 "125541","2019-02-15 18:40:55","http://smart-testsolutions.watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125541/"
-"125540","2019-02-15 18:40:54","http://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125540/"
+"125540","2019-02-15 18:40:54","http://smart-testsolutions.watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125540/"
 "125539","2019-02-15 18:40:51","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125539/"
 "125538","2019-02-15 18:40:47","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125538/"
 "125537","2019-02-15 18:40:44","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125537/"
@@ -15727,7 +16278,7 @@
 "125530","2019-02-15 18:40:23","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/work/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125530/"
 "125529","2019-02-15 18:40:20","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125529/"
 "125528","2019-02-15 18:40:17","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/sure/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125528/"
-"125527","2019-02-15 18:40:13","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125527/"
+"125527","2019-02-15 18:40:13","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125527/"
 "125526","2019-02-15 18:40:10","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/vbc.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125526/"
 "125525","2019-02-15 18:40:08","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jhn/tony.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125525/"
 "125524","2019-02-15 18:40:05","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/jae/win32.exe","offline","malware_download","exe,Formbook,payload","https://urlhaus.abuse.ch/url/125524/"
@@ -15746,7 +16297,7 @@
 "125511","2019-02-15 18:39:27","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125511/"
 "125510","2019-02-15 18:39:18","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125510/"
 "125509","2019-02-15 18:39:15","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125509/"
-"125508","2019-02-15 18:39:12","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125508/"
+"125508","2019-02-15 18:39:12","https://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125508/"
 "125507","2019-02-15 18:39:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zenaa.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125507/"
 "125506","2019-02-15 18:39:03","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zena.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125506/"
 "125505","2019-02-15 18:38:46","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/zaher/zanny.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125505/"
@@ -15780,7 +16331,7 @@
 "125477","2019-02-15 18:34:41","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125477/"
 "125476","2019-02-15 18:34:22","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125476/"
 "125475","2019-02-15 18:34:16","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/125475/"
-"125474","2019-02-15 18:34:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125474/"
+"125474","2019-02-15 18:34:08","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT","https://urlhaus.abuse.ch/url/125474/"
 "125473","2019-02-15 18:33:06","http://chuthapdobg.org.vn/tmp/Invoice/hgjz-zS1_rC-tl3/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125473/"
 "125472","2019-02-15 18:32:41","http://pujjr-cs.oss-cn-hangzhou.aliyuncs.com/DocData/CUP3143001728570/A102170215124S2/AAAAAA/831505b5-bb9a-4ef8-b098-abc014e67d8a.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125472/"
 "125471","2019-02-15 18:29:03","http://empressxtensions.com/US_us/5667351314009/JiRt-TN_lBKR-r7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125471/"
@@ -15788,7 +16339,7 @@
 "125469","2019-02-15 18:23:47","http://dlqz4.oss-cn-hangzhou.aliyuncs.com/0108.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125469/"
 "125468","2019-02-15 18:21:04","http://elbizkonut.com/En_us/OhfUR-zRW_ECYHxzMCX-IwK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125468/"
 "125467","2019-02-15 18:17:05","http://dod-tec.ru/EN_en/document/73826160583/VlZUL-qU_eAPqY-tW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125467/"
-"125466","2019-02-15 18:13:03","http://119.254.12.142/US_us/corporation/Invoice_number/aXwy-4a_IPVAwL-Yrb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125466/"
+"125466","2019-02-15 18:13:03","http://119.254.12.142/US_us/corporation/Invoice_number/aXwy-4a_IPVAwL-Yrb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125466/"
 "125465","2019-02-15 18:09:02","http://ajaa.ru/En_us/company/hLzCH-Z8B_cl-riQ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125465/"
 "125464","2019-02-15 18:08:04","http://www.caringsoul.org/sites/all/libraries/mediaplayer/jwplayer/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/125464/"
 "125463","2019-02-15 18:07:11","http://www.dumblaws.com/scripts/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/125463/"
@@ -15797,7 +16348,7 @@
 "125460","2019-02-15 18:07:01","http://www.prowidorcom/corporation/Inv/KPDJg-tK_lRzuQw-KCt/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125460/"
 "125459","2019-02-15 18:05:03","http://base.n24rostov.ru/US/WVWYZ-WjTW_KXk-ni/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125459/"
 "125458","2019-02-15 18:00:03","http://crypto-strategy.ru/document/Dyofl-L4l_saN-2c/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125458/"
-"125457","2019-02-15 17:56:03","http://venta72.ru/company/Invoice/DYTf-2H_B-jhh/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125457/"
+"125457","2019-02-15 17:56:03","http://venta72.ru/company/Invoice/DYTf-2H_B-jhh/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125457/"
 "125456","2019-02-15 17:52:28","http://www.watchdogdns.duckdns.org/global/global.doc","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125456/"
 "125455","2019-02-15 17:52:26","https://www.watchdogdns.duckdns.org/global/global.doc","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125455/"
 "125454","2019-02-15 17:52:23","http://www.watchdogdns.duckdns.org/global/vb.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125454/"
@@ -15814,14 +16365,14 @@
 "125443","2019-02-15 17:51:08","https://watchdogdns.duckdns.org/shell/vbc.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125443/"
 "125442","2019-02-15 17:51:05","http://140.227.27.252/wp-content/En_us/company/260678375091/tochY-ZuC_zNJsI-VU/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125442/"
 "125441","2019-02-15 17:47:10","http://104.248.140.207/xerox/Copy_Invoice/QabZ-lS_GduWJiqh-ZS5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125441/"
-"125440","2019-02-15 17:43:07","http://54.250.159.171/US_us/corporation/mlKxT-I19OF_MChYwJVdO-FD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125440/"
+"125440","2019-02-15 17:43:07","http://54.250.159.171/US_us/corporation/mlKxT-I19OF_MChYwJVdO-FD/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125440/"
 "125439","2019-02-15 17:39:03","http://54.153.245.124/document/Invoice_number/snqMU-136A_J-50/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125439/"
 "125438","2019-02-15 17:35:02","http://fenichka.ru/En/download/Invoice_Notice/jjhzf-rIi_PSROCFYf-OB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125438/"
 "125437","2019-02-15 17:31:03","http://78.207.210.11/@eaDir/US_us/doc/blvY-ZLi_vfDtzP-4k/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125437/"
 "125436","2019-02-15 17:28:08","http://www.prowidor.com/corporation/Inv/KPDJg-tK_lRzuQw-KCt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125436/"
 "125435","2019-02-15 17:22:04","http://139.59.64.173/document/Viug-LTDg_DmjGWykv-EZ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125435/"
 "125434","2019-02-15 17:19:06","http://18.223.20.43/EN_en/xerox/Invoice_number/LaejY-Xt_sgrNPE-YD","offline","malware_download","doc","https://urlhaus.abuse.ch/url/125434/"
-"125433","2019-02-15 17:19:04","http://82.253.156.136/wordpress/document/03152911871242/eCbFE-RU_mthlzaFHB-mUv/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125433/"
+"125433","2019-02-15 17:19:04","http://82.253.156.136/wordpress/document/03152911871242/eCbFE-RU_mthlzaFHB-mUv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125433/"
 "125432","2019-02-15 17:18:28","https://watchdogdns.duckdns.org/global/vvc.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125432/"
 "125431","2019-02-15 17:18:24","https://watchdogdns.duckdns.org/global/vb.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125431/"
 "125430","2019-02-15 17:18:20","https://watchdogdns.duckdns.org/global/global.doc","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125430/"
@@ -15837,9 +16388,9 @@
 "125420","2019-02-15 17:17:02","https://watchdogdns.duckdns.org/world/office.doc","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125420/"
 "125419","2019-02-15 17:17:00","https://watchdogdns.duckdns.org/world/in.doc","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125419/"
 "125418","2019-02-15 17:16:57","https://watchdogdns.duckdns.org/world/dwm.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125418/"
-"125417","2019-02-15 17:16:52","https://watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125417/"
+"125417","2019-02-15 17:16:52","https://watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,LimeRAT,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125417/"
 "125416","2019-02-15 17:16:47","https://watchdogdns.duckdns.org/admin.exe","offline","malware_download","exe,LimeRAT,payload,stage2","https://urlhaus.abuse.ch/url/125416/"
-"125415","2019-02-15 17:16:42","https://watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125415/"
+"125415","2019-02-15 17:16:42","https://watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/125415/"
 "125414","2019-02-15 17:16:38","https://watchdogdns.duckdns.org/ace/vpn.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125414/"
 "125413","2019-02-15 17:16:31","https://watchdogdns.duckdns.org/ace/vbc.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125413/"
 "125412","2019-02-15 17:16:28","https://watchdogdns.duckdns.org/ace/ss.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/125412/"
@@ -15923,7 +16474,7 @@
 "125334","2019-02-15 16:54:56","http://www.sweethusky.com/Amazon/Attachments/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125334/"
 "125333","2019-02-15 16:54:21","http://kupiklopik.ru/AMAZON/Transaction_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125333/"
 "125332","2019-02-15 16:54:16","http://insideljpc.com/AMAZON/Information/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125332/"
-"125331","2019-02-15 16:54:10","http://cicekciilhan.com/Amazon/EN/Transactions/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125331/"
+"125331","2019-02-15 16:54:10","http://cicekciilhan.com/Amazon/EN/Transactions/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125331/"
 "125330","2019-02-15 16:54:02","http://54.167.192.134/Amazon/Details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125330/"
 "125329","2019-02-15 16:53:58","http://35.204.88.6/Amazon/Clients_information/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125329/"
 "125328","2019-02-15 16:53:54","http://35.202.250.4/AMAZON/Messages/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125328/"
@@ -15931,7 +16482,7 @@
 "125326","2019-02-15 16:53:41","http://204.48.21.209/AMAZON/Clients_Messages/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125326/"
 "125325","2019-02-15 16:53:37","http://18.223.20.43/Amazon/Payments_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125325/"
 "125324","2019-02-15 16:53:07","http://178.128.54.239/Amazon/Transactions-details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125324/"
-"125323","2019-02-15 16:53:04","http://104.223.40.40/Amazon/En/Orders_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125323/"
+"125323","2019-02-15 16:53:04","http://104.223.40.40/Amazon/En/Orders_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125323/"
 "125322","2019-02-15 16:51:12","https://doc-0k-9o-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/uasf9f8eeu5b3k8eia359q1o9jp8u2d7/1550246400000/09100922564250845248/*/1vGaIisUsuzVmypZogXvyyOqpiSYq2y5P","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125322/"
 "125321","2019-02-15 16:51:03","http://cityofpossibilities.org/US_us/doc/Invoice_Notice/LPNXf-eZ_iB-Bc/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125321/"
 "125320","2019-02-15 16:46:03","http://varzeshpress.com/EN_en/corporation/Invoice_Notice/bRCS-dwz6m_Z-iE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125320/"
@@ -15940,40 +16491,40 @@
 "125317","2019-02-15 16:37:05","http://light.light1234565.5gbfree.com/dj.exe","online","malware_download","avemaria,exe,keylogger,payload,stage2,stealer","https://urlhaus.abuse.ch/url/125317/"
 "125316","2019-02-15 16:33:04","http://51.77.192.138/En/file/Invoice_number/923223948040/NwCO-MiEZa_WvFVTc-jia/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125316/"
 "125315","2019-02-15 16:29:08","http://www.mediafire.com/file/q6uiz1ykwyw9r5q/TT_Payment_00774235.rar/file","offline","malware_download","compressed,NetWire,payload,winrar","https://urlhaus.abuse.ch/url/125315/"
-"125314","2019-02-15 16:29:06","http://206.189.154.46/US_us/file/Invoice_number/pTMek-4W_Tfg-ZaC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125314/"
+"125314","2019-02-15 16:29:06","http://206.189.154.46/US_us/file/Invoice_number/pTMek-4W_Tfg-ZaC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125314/"
 "125313","2019-02-15 16:27:20","https://onedrive.live.com/download?cid=F7D3319EB4E00F92&resid=F7D3319EB4E00F92%21120&authkey=APV8gIMOzw2-JRA","offline","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/125313/"
 "125312","2019-02-15 16:27:10","https://onedrive.live.com/download?cid=341DF7E18D513049&resid=341DF7E18D513049%21110&authkey=ACZqAh_FBkJu3AY","offline","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/125312/"
-"125311","2019-02-15 16:26:07","http://35.232.73.116/New_invoice/11748266539/OQuWW-v33wt_atU-7iI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125311/"
+"125311","2019-02-15 16:26:07","http://35.232.73.116/New_invoice/11748266539/OQuWW-v33wt_atU-7iI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125311/"
 "125310","2019-02-15 16:25:14","http://18.222.169.76/AMAZON/Transaction_details/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125310/"
 "125309","2019-02-15 16:25:07","http://178.236.210.22/Amazon/En/Payments_details/02_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125309/"
 "125308","2019-02-15 16:23:09","http://x-soft.tomsk.ru/EN_en/Invoice_Notice/Ujdw-re9LW_xd-qrV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125308/"
 "125307","2019-02-15 16:18:04","http://kynanggiaotiepungxu.edu.vn/info/PJrRM-qjS_LypV-giD/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125307/"
-"125306","2019-02-15 16:15:10","http://118.25.176.38/US/file/pzNrj-UiBO_xho-hm/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125306/"
-"125305","2019-02-15 16:09:02","http://37.139.27.218/US/document/Inv/5014931055813/UmTFt-UY_BDJMDb-83Z/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125305/"
+"125306","2019-02-15 16:15:10","http://118.25.176.38/US/file/pzNrj-UiBO_xho-hm/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125306/"
+"125305","2019-02-15 16:09:02","http://37.139.27.218/US/document/Inv/5014931055813/UmTFt-UY_BDJMDb-83Z/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125305/"
 "125304","2019-02-15 16:06:02","http://34.242.190.144/En/info/New_invoice/MJsM-ePI_g-pQS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125304/"
 "125303","2019-02-15 16:01:03","http://18.221.1.168/corporation/Invoice_number/19580066705/gzOGt-HXwZr_JkfdtFW-QN8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125303/"
 "125302","2019-02-15 15:59:31","http://18.217.211.183/wordpress/Amazon/Documents/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125302/"
 "125301","2019-02-15 15:59:30","http://13.112.69.225/wp-content/Amazon/En/Clients_Messages/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125301/"
 "125300","2019-02-15 15:59:27","http://18.218.56.72/wp-content/AMAZON/Clients/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125300/"
-"125299","2019-02-15 15:59:26","http://104.198.73.104/Amazon/En/Transactions/022019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125299/"
-"125298","2019-02-15 15:59:25","http://128.199.187.124/Amazon/En/Documents/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125298/"
+"125299","2019-02-15 15:59:26","http://104.198.73.104/Amazon/En/Transactions/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125299/"
+"125298","2019-02-15 15:59:25","http://128.199.187.124/Amazon/En/Documents/2019-02/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125298/"
 "125297","2019-02-15 15:59:24","http://www.goworldmarketing.net/Amazon/En/Transactions/2019-02/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125297/"
 "125296","2019-02-15 15:59:19","http://lasementera.org/xerox/Invoice/8726285/cwGZ-bJ_Uyz-PDb/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125296/"
 "125295","2019-02-15 15:59:13","http://angelageorgesphotography.com/EN_en/corporation/Inv/79644556/IwVD-GV1W_bSw-2mY/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125295/"
 "125294","2019-02-15 15:59:07","http://julesmariano.com/EN_en/file/Invoice_number/VhEQ-Umo_DjULJVV-xLK/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125294/"
-"125293","2019-02-15 15:59:01","http://139.59.182.250/xerox/New_invoice/32044145106/Xzeqc-sHt_iauGP-k3/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125293/"
+"125293","2019-02-15 15:59:01","http://139.59.182.250/xerox/New_invoice/32044145106/Xzeqc-sHt_iauGP-k3/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125293/"
 "125292","2019-02-15 15:54:04","http://18.206.204.30/wp-content/uploads/doc/Invoice/ipzbx-nCDBi_Kksu-Q9G/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125292/"
-"125291","2019-02-15 15:48:04","http://128.199.207.179/US/document/Inv/hTdoS-bd5_rq-JcZ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125291/"
+"125291","2019-02-15 15:48:04","http://128.199.207.179/US/document/Inv/hTdoS-bd5_rq-JcZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125291/"
 "125290","2019-02-15 15:46:07","http://www.ishqekamil.com/ciY34zeKn3d/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/125290/"
-"125289","2019-02-15 15:44:03","http://159.89.153.180/US/corporation/gzjt-hFUt_HVt-6m/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125289/"
-"125288","2019-02-15 15:39:04","http://13.233.173.191/wp-content/US_us/document/Copy_Invoice/FLEt-le9Bu_ZrU-1qX/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125288/"
+"125289","2019-02-15 15:44:03","http://159.89.153.180/US/corporation/gzjt-hFUt_HVt-6m/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125289/"
+"125288","2019-02-15 15:39:04","http://13.233.173.191/wp-content/US_us/document/Copy_Invoice/FLEt-le9Bu_ZrU-1qX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125288/"
 "125287","2019-02-15 15:38:02","http://ishqekamil.com/ciY34zeKn3d","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125287/"
 "125286","2019-02-15 15:36:06","http://130.211.205.139/En_us/document/Invoice/ciSH-CC7t_CVeGI-bX/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125286/"
 "125285","2019-02-15 15:31:03","http://139.59.6.216/corporation/Invoice_Notice/NFBB-Sz_r-6k/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125285/"
-"125284","2019-02-15 15:26:03","http://13.233.31.203/US/8203538/hWNpZ-Rbjd_SG-9y/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125284/"
+"125284","2019-02-15 15:26:03","http://13.233.31.203/US/8203538/hWNpZ-Rbjd_SG-9y/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125284/"
 "125283","2019-02-15 15:22:05","http://159.203.101.9/bDQo-p6Sx_viMZSpIP-HJI/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125283/"
 "125282","2019-02-15 15:18:04","http://13.233.16.248/info/Invoice/REkMq-z2D_OoBNqwM-A0q/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125282/"
-"125281","2019-02-15 15:14:04","http://178.62.102.110/En/llc/Inv/873706184896/rUHbR-pwe_UL-Tq6/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125281/"
+"125281","2019-02-15 15:14:04","http://178.62.102.110/En/llc/Inv/873706184896/rUHbR-pwe_UL-Tq6/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125281/"
 "125280","2019-02-15 15:12:01","http://julesmarianocom/EN_en/file/Invoice_number/VhEQ-Umo_DjULJVV-xLK/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125280/"
 "125279","2019-02-15 15:06:02","http://www.rosero.co/xerox/Invoice/FwPs-Lwi_fZ-M9T/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125279/"
 "125278","2019-02-15 15:02:03","http://greatescapesworkshop.com/scan/Invoice_number/192204032053284/bHImA-6f_qfCKF-jXU/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125278/"
@@ -15981,9 +16532,9 @@
 "125276","2019-02-15 14:55:13","http://193.226.232.72:61815/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/125276/"
 "125275","2019-02-15 14:55:08","http://59.31.164.189:56060/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/125275/"
 "125274","2019-02-15 14:53:19","http://rightsense.in/En_us/Invoice_Notice/HaJTM-Mybf_VGWlPlzQx-sB/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125274/"
-"125273","2019-02-15 14:53:10","http://maxarmstrongradio.com/US/Copy_Invoice/eQgGl-w6rV_I-Ds/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125273/"
+"125273","2019-02-15 14:53:10","http://maxarmstrongradio.com/US/Copy_Invoice/eQgGl-w6rV_I-Ds/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/125273/"
 "125272","2019-02-15 14:52:04","http://www.capitalrh.com.br/AMAZON/Details/2019-02/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/125272/"
-"125271","2019-02-15 14:51:56","http://wordpress-219768-716732.cloudwaysapps.com/AMAZON/Transactions/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125271/"
+"125271","2019-02-15 14:51:56","http://wordpress-219768-716732.cloudwaysapps.com/AMAZON/Transactions/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125271/"
 "125270","2019-02-15 14:51:53","http://ucanbisiklet.com/Amazon/Payments_details/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125270/"
 "125269","2019-02-15 14:51:49","http://test.aimakinvest.kz/Amazon/Orders-details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125269/"
 "125268","2019-02-15 14:51:43","http://stardenteurope.com/Amazon/EN/Payments_details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125268/"
@@ -16007,7 +16558,7 @@
 "125250","2019-02-15 14:40:09","http://13.233.22.226/VbLAXz7/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125250/"
 "125249","2019-02-15 14:40:07","http://foundationrepairdirectory.com/4RDIWs7WeP/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/125249/"
 "125248","2019-02-15 14:40:05","http://themaiergroup.com/8C4ebB7oC/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125248/"
-"125247","2019-02-15 14:38:03","http://electbloom.com/En/Inv/DUCY-Aof_ORvy-3k/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125247/"
+"125247","2019-02-15 14:38:03","http://electbloom.com/En/Inv/DUCY-Aof_ORvy-3k/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125247/"
 "125246","2019-02-15 14:37:15","http://property.arkof5.com/Amazon/Documents/02_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125246/"
 "125245","2019-02-15 14:37:12","http://aminshiri.com/AMAZON/Transactions/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125245/"
 "125244","2019-02-15 14:37:11","http://truenorthtimber.com/Amazon/En/Clients_Messages/022019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125244/"
@@ -16018,7 +16569,7 @@
 "125239","2019-02-15 14:29:03","http://arqis.jp/EN_en/xerox/MCKC-oqcW_CbEvRm-Ivp/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125239/"
 "125238","2019-02-15 14:25:06","http://thedarlings.com.au/xerox/OQJLZ-bf_ONdij-Uq/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125238/"
 "125237","2019-02-15 14:18:04","http://ejder.com.tr/US_us/xerox/New_invoice/jMzdO-9s_wPk-Em5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125237/"
-"125236","2019-02-15 14:15:03","http://barabooseniorhigh.com/US/Invoice_Notice/kRIOU-DqB_ZsSqnJZFD-kfz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125236/"
+"125236","2019-02-15 14:15:03","http://barabooseniorhigh.com/US/Invoice_Notice/kRIOU-DqB_ZsSqnJZFD-kfz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125236/"
 "125235","2019-02-15 14:09:01","http://xn----7sbhaobqpf0albbckrilel.xn--p1ai/New_invoice/2218786/Jshz-xJ_URFH-QA4/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125235/"
 "125234","2019-02-15 14:05:02","http://www.seksmag.nl/En_us/document/Invoice_number/SwMIY-3uko_iI-OJK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125234/"
 "125233","2019-02-15 13:59:06","http://wiki.ugix.ru/US_us/Invoice_Notice/jnRX-jj_FaayjRy-xY2/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125233/"
@@ -16038,7 +16589,7 @@
 "125219","2019-02-15 13:35:06","https://www.dropbox.com/s/0259z5lsjmkiavk/Scan_Doc_%23785784904.ace?dl=1","offline","malware_download","NanoCore,rat","https://urlhaus.abuse.ch/url/125219/"
 "125218","2019-02-15 13:33:06","http://lesclefsdor.sg/scan/IbkD-dSf1_S-bH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125218/"
 "125217","2019-02-15 13:32:33","http://www.taoday.net/wp-content/themes/twentyten/languages/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125217/"
-"125216","2019-02-15 13:32:18","http://master-of-bitcoin.net/.well-known/pki-validation/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125216/"
+"125216","2019-02-15 13:32:18","http://master-of-bitcoin.net/.well-known/pki-validation/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125216/"
 "125215","2019-02-15 13:31:15","http://mikrotik.com.pe/gestion/inc/fpdf/yellow/h1QEDsxz2.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/125215/"
 "125214","2019-02-15 13:30:16","http://choinkimarkus.pl/wp-content/themes/unicon/framework/admin/ReduxCore/assets/css/color-picker/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125214/"
 "125213","2019-02-15 13:29:16","http://thu-san-world-challenges.org/wp-includes/ID3/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125213/"
@@ -16055,7 +16606,7 @@
 "125202","2019-02-15 13:26:16","http://satellit-group.ru/Amazon/Clients_information/022019/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/125202/"
 "125201","2019-02-15 13:26:13","http://helpdesk.lesitedemamsp.fr/Amazon/En/Orders_details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125201/"
 "125200","2019-02-15 13:26:10","http://galinakulesh.ru/Amazon/Transactions/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125200/"
-"125199","2019-02-15 13:26:05","http://178.62.233.192/AMAZON/Clients_transactions/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125199/"
+"125199","2019-02-15 13:26:05","http://178.62.233.192/AMAZON/Clients_transactions/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/125199/"
 "125198","2019-02-15 13:26:03","http://na-korable.ru/websitemap/PhilipMorris.zip","offline","malware_download","Ransomware,Shade,Troldesh,zip","https://urlhaus.abuse.ch/url/125198/"
 "125197","2019-02-15 13:24:20","http://www.caringsoul.org/includes/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/125197/"
 "125196","2019-02-15 13:24:06","http://etka.com.tr/En/llc/New_invoice/tcEP-BV_RjtvlM-kMw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125196/"
@@ -16074,17 +16625,17 @@
 "125183","2019-02-15 13:05:08","http://3forfree.org/wp-content/themes/twentyseventeen/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/125183/"
 "125182","2019-02-15 13:05:04","http://chopman.ru/scan/sezW-Fg_JZxlYfTKH-DNA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125182/"
 "125181","2019-02-15 12:53:06","http://193.187.172.181/test.dat","offline","malware_download","exe","https://urlhaus.abuse.ch/url/125181/"
-"125180","2019-02-15 12:50:16","http://128.199.68.28/QZp55xxC/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125180/"
+"125180","2019-02-15 12:50:16","http://128.199.68.28/QZp55xxC/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125180/"
 "125179","2019-02-15 12:50:15","http://noithatchungcudep.info/47urKpX3/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125179/"
 "125178","2019-02-15 12:50:13","http://54.224.240.34/L0PRmepe6/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125178/"
 "125177","2019-02-15 12:50:12","http://54.165.253.1/4mBBNcsGYL/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125177/"
-"125176","2019-02-15 12:50:11","http://81.56.198.200/MrMAFWOk9/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125176/"
+"125176","2019-02-15 12:50:11","http://81.56.198.200/MrMAFWOk9/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/125176/"
 "125175","2019-02-15 12:40:02","http://46.29.166.149/bins/daku.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125175/"
 "125174","2019-02-15 12:31:05","http://35.196.135.186/wordpress/de_DE/VFLMIFHU1523439/Rechnungs-docs/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125174/"
 "125173","2019-02-15 12:24:04","http://104.155.65.6/DE_de/WUBQWPKMTT2568902/Scan/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125173/"
 "125172","2019-02-15 12:22:52","http://down10.zol.com.cn/20180926/mp3yinpin0118.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/125172/"
 "125171","2019-02-15 12:18:06","http://gor-gorizont.ru/de_DE/SDTELNJPXU6007402/Bestellungen/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125171/"
-"125170","2019-02-15 12:13:02","http://85.171.136.37/@eaDir/DE/AYKPEIRGX3418789/DE_de/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125170/"
+"125170","2019-02-15 12:13:02","http://85.171.136.37/@eaDir/DE/AYKPEIRGX3418789/DE_de/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125170/"
 "125169","2019-02-15 12:10:04","http://206.189.45.178/wp-content/uploads/De/BJBUZMEG0557084/de/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125169/"
 "125168","2019-02-15 12:06:05","http://35.200.161.87/DE/MTCRKMWEE5142395/DE_de/Rechnungsanschrift//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125168/"
 "125167","2019-02-15 12:02:06","http://52.66.236.210/de_DE/AUTMAGM5440478/Rechnungs/DOC-Dokument/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125167/"
@@ -16099,7 +16650,7 @@
 "125158","2019-02-15 11:55:07","http://54.146.46.168/DE/BGMHJYILP5652933/DE/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125158/"
 "125157","2019-02-15 11:53:34","http://67.209.114.215/Februar2019/IQWQYRNGPM7431933/DE_de/Rechnungsanschrift/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125157/"
 "125156","2019-02-15 11:53:32","http://34.208.141.93/AFWGBTAL9125778/de/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125156/"
-"125155","2019-02-15 11:42:03","http://35.247.37.148/De/XMFAFAOAZ4892552/GER/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125155/"
+"125155","2019-02-15 11:42:03","http://35.247.37.148/De/XMFAFAOAZ4892552/GER/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125155/"
 "125154","2019-02-15 11:37:02","http://52.211.179.190/de_DE/ZVSSHBMVKT7067800/DE/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125154/"
 "125153","2019-02-15 11:34:02","http://35.226.135.179/wp-content/uploads/KVNYWXAG6111046/gescanntes-Dokument/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125153/"
 "125152","2019-02-15 11:32:12","http://80.211.191.43/bins/kwari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125152/"
@@ -16150,7 +16701,7 @@
 "125107","2019-02-15 11:17:03","http://18.188.113.212/DE_de/UPNEDGNCRR5337942/de/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125107/"
 "125106","2019-02-15 11:16:03","http://www.iremart.es/farmautils/FarmaUtils.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125106/"
 "125105","2019-02-15 11:15:03","http://46.249.62.199/Tinx86_14.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/125105/"
-"125104","2019-02-15 11:12:34","http://139.59.130.73/De_de/XFTAUDVWI4985024/Scan/DOC/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125104/"
+"125104","2019-02-15 11:12:34","http://139.59.130.73/De_de/XFTAUDVWI4985024/Scan/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125104/"
 "125103","2019-02-15 11:12:34","http://157.230.11.49/yakuza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125103/"
 "125102","2019-02-15 11:12:33","http://157.230.11.49/yakuza.arm4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125102/"
 "125101","2019-02-15 11:12:32","http://157.230.11.49/yakuza.m68k","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125101/"
@@ -16177,7 +16728,7 @@
 "125080","2019-02-15 11:04:01","http://btcfansclub.premiumbeautyhair.com/Februar2019/BCYTLYLFU6733030/gescanntes-Dokument/DOC-Dokument/","offline","malware_download","None","https://urlhaus.abuse.ch/url/125080/"
 "125079","2019-02-15 11:00:09","http://thefragrancefreeshop.com/TBBAUMGGK1680634/Dokumente/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125079/"
 "125078","2019-02-15 10:58:04","http://adepan.frameweb.ro/de_DE/TWAYPELBT3261721/Rechnungs-Details/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125078/"
-"125077","2019-02-15 10:51:06","http://159.65.83.246/Februar2019/MCJAGEVEJ9676275/Scan/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125077/"
+"125077","2019-02-15 10:51:06","http://159.65.83.246/Februar2019/MCJAGEVEJ9676275/Scan/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125077/"
 "125076","2019-02-15 10:49:07","http://lionabrasives.ru/DE/RYKGGACW7337658/DE/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/125076/"
 "125075","2019-02-15 10:46:03","http://165.227.26.16/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125075/"
 "125074","2019-02-15 10:44:03","http://165.227.26.16/bins/sora.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/125074/"
@@ -16252,10 +16803,10 @@
 "125005","2019-02-15 09:00:11","http://194.147.35.56/Okami.x86","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125005/"
 "125004","2019-02-15 08:59:29","http://194.147.35.56/Okami.i686","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125004/"
 "125003","2019-02-15 08:58:12","http://194.147.35.56/Okami.i586","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/125003/"
-"125001","2019-02-15 08:56:30","http://grupomedica.equipment/Ftfh7wZ3JuiVUFr/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125001/"
+"125001","2019-02-15 08:56:30","http://grupomedica.equipment/Ftfh7wZ3JuiVUFr/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125001/"
 "125002","2019-02-15 08:56:30","http://hapoo.pet/9vYXJezSnwW3Q/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125002/"
 "125000","2019-02-15 08:56:23","http://shalomsilverspring.com/DjYnScdrVeCU/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/125000/"
-"124999","2019-02-15 08:56:18","http://ziyimusic.com/UodjTJ0riBe3w_gBUxJCO/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124999/"
+"124999","2019-02-15 08:56:18","http://ziyimusic.com/UodjTJ0riBe3w_gBUxJCO/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124999/"
 "124998","2019-02-15 08:56:11","http://summertreesnews.com/0GkOWnOx16FEka/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124998/"
 "124997","2019-02-15 08:56:02","http://185.244.25.237/i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124997/"
 "124996","2019-02-15 08:55:04","http://46.17.41.208/ntpd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124996/"
@@ -16293,7 +16844,7 @@
 "124963","2019-02-15 08:47:02","http://142.11.206.115/bins/onryo.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124963/"
 "124964","2019-02-15 08:47:02","http://142.11.206.115/bins/onryo.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124964/"
 "124962","2019-02-15 08:47:01","http://142.11.206.115/bins/onryo.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124962/"
-"124961","2019-02-15 08:45:04","http://www.pw-financial.net/Februar2019/YXSHKE7345353/Rechnungs/Rechnungszahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124961/"
+"124961","2019-02-15 08:45:04","http://www.pw-financial.net/Februar2019/YXSHKE7345353/Rechnungs/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124961/"
 "124960","2019-02-15 08:43:04","http://142.11.206.115/bins/onryo.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124960/"
 "124959","2019-02-15 08:43:03","http://192.155.85.122/bins/xbox.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124959/"
 "124958","2019-02-15 08:43:02","http://192.155.85.122/bins/xbox.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124958/"
@@ -16345,7 +16896,7 @@
 "124912","2019-02-15 06:56:10","http://201.92.187.125:13866/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124912/"
 "124911","2019-02-15 06:56:06","http://192.155.85.122:80/bins/xbox.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124911/"
 "124910","2019-02-15 06:56:05","http://59.31.110.106:39209/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/124910/"
-"124909","2019-02-15 06:50:04","http://185.191.229.180/ys53a","online","malware_download","elf","https://urlhaus.abuse.ch/url/124909/"
+"124909","2019-02-15 06:50:04","http://185.191.229.180/ys53a","offline","malware_download","elf","https://urlhaus.abuse.ch/url/124909/"
 "124908","2019-02-15 05:52:03","http://axisqms.com/output22FBB40.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/124908/"
 "124907","2019-02-15 04:04:12","http://104.168.149.180/vb/Amakano.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124907/"
 "124906","2019-02-15 04:04:08","http://104.168.149.180/vb/Amakano.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124906/"
@@ -16408,7 +16959,7 @@
 "124849","2019-02-15 00:18:10","http://46.29.165.131/Arbiter.sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124849/"
 "124848","2019-02-15 00:18:08","http://46.29.165.131/Arbiter.mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124848/"
 "124847","2019-02-15 00:18:06","http://46.29.165.131/Arbiter.arm4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124847/"
-"124846","2019-02-15 00:18:03","http://46.29.165.131/Arbiter.mips","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124846/"
+"124846","2019-02-15 00:18:03","http://46.29.165.131/Arbiter.mips","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124846/"
 "124845","2019-02-15 00:17:11","http://46.29.165.131/Arbiter.i686","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124845/"
 "124844","2019-02-15 00:17:10","http://46.29.165.131/Arbiter.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124844/"
 "124843","2019-02-15 00:17:08","http://46.29.165.131/Arbiter.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/124843/"
@@ -16423,28 +16974,28 @@
 "124834","2019-02-15 00:03:41","https://198.101.246.240/vk_wp/wp-includes/sec.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124834/"
 "124833","2019-02-15 00:03:39","http://www.allindiaoneatm.com/sec.myacc.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124833/"
 "124832","2019-02-15 00:03:32","http://wagnermenezes.org/secure.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124832/"
-"124831","2019-02-15 00:03:25","http://w4snc.com/sec.myacc.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124831/"
+"124831","2019-02-15 00:03:25","http://w4snc.com/sec.myacc.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124831/"
 "124830","2019-02-15 00:03:18","http://threemenandamovie.com/trust.accounts.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124830/"
 "124829","2019-02-15 00:03:15","http://tekirmak.com.tr/secure.myacc.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124829/"
 "124828","2019-02-15 00:03:12","http://rohrreinigung-klosterneuburg.at/verif.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124828/"
 "124827","2019-02-15 00:03:10","http://pontotocdistrictba.com/secure.accs.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124827/"
 "124826","2019-02-15 00:03:04","http://pinturaartisticas.com/verif.accounts.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124826/"
-"124825","2019-02-15 00:03:01","http://mclplumbing.com/trust.myacc.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124825/"
+"124825","2019-02-15 00:03:01","http://mclplumbing.com/trust.myacc.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124825/"
 "124824","2019-02-15 00:02:54","http://seksmag.nl/trust.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124824/"
 "124823","2019-02-15 00:02:52","http://s550mods.com/verif.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124823/"
-"124822","2019-02-15 00:02:45","http://kpccontracting.ca/verif.myaccount.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124822/"
+"124822","2019-02-15 00:02:45","http://kpccontracting.ca/verif.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124822/"
 "124821","2019-02-15 00:02:39","http://jrbdecorators.com/sec.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124821/"
 "124820","2019-02-15 00:02:31","http://irnanoshop.com/trust.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124820/"
 "124819","2019-02-15 00:02:28","http://herbeauty.info/7jhzynf/trust.accs.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124819/"
 "124818","2019-02-15 00:02:24","http://hdzbih.tv/verif.myacc.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124818/"
-"124817","2019-02-15 00:02:19","http://doctorjuliandiaz.com/trust.myaccount.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124817/"
+"124817","2019-02-15 00:02:19","http://doctorjuliandiaz.com/trust.myaccount.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124817/"
 "124816","2019-02-15 00:02:12","http://awcq60100.com/verif.accounts.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124816/"
 "124815","2019-02-15 00:02:09","https://www.dropbox.com/s/y72iq5g9f4xlu3e/Invoice%20Payment.iso?=1","offline","malware_download","compressed,iso,NanoCore","https://urlhaus.abuse.ch/url/124815/"
 "124814","2019-02-15 00:02:07","http://themaiergroup.com.au/US/qxzki-TsUoV_zBV-rIL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124814/"
 "124813","2019-02-14 23:59:35","http://prowidor.com/35hflpam3A/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124813/"
 "124812","2019-02-14 23:59:31","http://toprecipe.co.uk/sec.myacc.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124812/"
 "124811","2019-02-14 23:59:29","http://zendegieziba.com/sec.accs.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124811/"
-"124810","2019-02-14 23:59:27","http://menzway.com/secure.myaccount.send.biz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124810/"
+"124810","2019-02-14 23:59:27","http://menzway.com/secure.myaccount.send.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124810/"
 "124809","2019-02-14 23:59:22","http://springcube.com/secure.myaccount.docs.biz/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124809/"
 "124808","2019-02-14 23:59:20","http://thehivecreative.com/secure.myacc.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124808/"
 "124807","2019-02-14 23:59:18","https://bkkbubblebar.com/EN_en/file/pwPyo-OpsA_yEWnZTg-UL/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124807/"
@@ -16463,23 +17014,23 @@
 "124794","2019-02-14 23:27:04","http://vcpesaas.com/info/Invoice/pBXt-q6Sq_xS-1B/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124794/"
 "124793","2019-02-14 23:25:07","https://carsibazar.com/corporation/Inv/aMTY-oqbx_JdrQ-lzJ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124793/"
 "124792","2019-02-14 23:25:05","http://tischer.ro/US/document/Invoice/thmRA-M2eu_ct-9s/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/124792/"
-"124791","2019-02-14 23:25:03","http://www.ppp-au.com/verif.myaccount.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124791/"
+"124791","2019-02-14 23:25:03","http://www.ppp-au.com/verif.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124791/"
 "124790","2019-02-14 23:24:56","http://truththerapy.com/secure.accs.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124790/"
 "124788","2019-02-14 23:24:49","http://forodigitalpyme.es/En/download/iiJNr-RvP_lMcn-8t9/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/124788/"
 "124787","2019-02-14 23:24:49","http://sprinty.com.au/sec.accounts.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124787/"
-"124786","2019-02-14 23:24:42","http://smtfmb.com/sec.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124786/"
+"124786","2019-02-14 23:24:42","http://smtfmb.com/sec.accs.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124786/"
 "124785","2019-02-14 23:24:36","http://printingphuket.com/secure.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124785/"
 "124784","2019-02-14 23:24:30","http://carsibazar.com/corporation/Inv/aMTY-oqbx_JdrQ-lzJ/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/124784/"
-"124783","2019-02-14 23:24:30","http://mgxconsultancy.com/secure.myaccount.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124783/"
+"124783","2019-02-14 23:24:30","http://mgxconsultancy.com/secure.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124783/"
 "124782","2019-02-14 23:24:24","http://malayalinewsonline.com/sec.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124782/"
 "124781","2019-02-14 23:24:22","http://mail.turismonordeste.com.br/Telekom/Rechnung/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124781/"
-"124780","2019-02-14 23:24:19","http://localbusinessadvisory.com/sec.myacc.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124780/"
+"124780","2019-02-14 23:24:19","http://localbusinessadvisory.com/sec.myacc.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124780/"
 "124779","2019-02-14 23:24:16","http://licenciamentotraumaclinic.com.br/verif.accs.send.com///","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124779/"
 "124778","2019-02-14 23:24:15","http://forestaljal.com/verif.accounts.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124778/"
 "124777","2019-02-14 23:24:12","http://email.rocricambi.com/c/eJx1jssKwjAURL-mXYY2bdUsslBBiqLiwuq2vblt0mpS88DH11s_QBgYDsOBEZw2gs1ErHh5zuXFV_3yMcjrqdP7an0Yg_2w8hjS15qZYlfC4wjbYbdyafUsrn2UJ4Daox2Nmkqj7d4EzD2WfJ7jrM1okrQ0BWRNVkPdNoC1YEVKF0V849L7McqWEd1M0d2ghJNm_PkTOwRyf9cAJmhPLDoTrENHNPppjS3vg_NKE6lgcP9-f/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124777/"
 "124776","2019-02-14 23:24:11","http://drberrinkarakuy.com/secure.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124776/"
 "124775","2019-02-14 23:24:10","http://cambozseo.com/verif.myacc.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124775/"
-"124774","2019-02-14 23:24:07","http://barjockeysclub.com/trust.myacc.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124774/"
+"124774","2019-02-14 23:24:07","http://barjockeysclub.com/trust.myacc.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124774/"
 "124773","2019-02-14 23:23:02","http://megahost.pt/bdDi-82_ZauxX-OER/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124773/"
 "124772","2019-02-14 23:18:05","http://wpdemo.wctravel.com.au/EN_en/Invoice_Notice/3587030376176/LuApR-pna_EJX-dW/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124772/"
 "124771","2019-02-14 23:14:05","http://www.tiagovsky.com/US/xerox/Invoice_Notice/FjtM-4y_cR-q0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124771/"
@@ -16502,11 +17053,11 @@
 "124754","2019-02-14 22:00:10","http://rupbasanbandung.com/US/xerox/Invoice_number/nitY-LG6_vaiXe-RU0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124754/"
 "124753","2019-02-14 21:56:04","http://www.blueelephantmassage.com.au/En/download/8243513533/ZsScr-fwQ_vfsKCVRz-TUA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124753/"
 "124752","2019-02-14 21:52:03","http://whitefarmhousestudio.com/corporation/Invoice_number/ZZwEc-WU_kbmpt-77/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124752/"
-"124751","2019-02-14 21:48:03","http://kendinyap.club/EN_en/document/Invoice_number/hIBsT-Hmi2_huftCxLC-Fn/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124751/"
+"124751","2019-02-14 21:48:03","http://kendinyap.club/EN_en/document/Invoice_number/hIBsT-Hmi2_huftCxLC-Fn/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124751/"
 "124750","2019-02-14 21:43:05","http://wordwave.academy/scan/66653977405360/vcjGs-3fw2I_WQzUDnH-Kq/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124750/"
 "124749","2019-02-14 21:39:09","http://transcendsin.org/EN_en/file/Inv/22174501/epGH-Gu_zw-hIj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124749/"
 "124748","2019-02-14 21:35:05","http://dinero-online.club/US_us/company/Invoice_number/ICocU-75_GkXwjNYSi-nN/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124748/"
-"124747","2019-02-14 21:30:06","http://manualquickbooksespanol.com/scan/Inv/wIPR-wSA86_oKJzi-WVJ/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124747/"
+"124747","2019-02-14 21:30:06","http://manualquickbooksespanol.com/scan/Inv/wIPR-wSA86_oKJzi-WVJ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124747/"
 "124746","2019-02-14 21:26:04","http://bohobitches.co.uk/file/eEwY-IVlQT_uX-Jg7/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124746/"
 "124745","2019-02-14 21:25:04","http://deluvis.net/key/Quotation%20Order.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/124745/"
 "124744","2019-02-14 21:22:05","http://grapeness.mx/En/xerox/Invoice_number/pbhZ-cRPgP_zEmPCHin-7w/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124744/"
@@ -16536,7 +17087,7 @@
 "124719","2019-02-14 21:03:52","http://xn--12cs3ad5a6alt7c1a6cva8byhn4hnno.com/secure.myacc.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124719/"
 "124718","2019-02-14 21:03:50","http://www.youwatches.online/sec.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124718/"
 "124717","2019-02-14 21:03:43","http://www.tepeas.com/sec.accounts.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124717/"
-"124716","2019-02-14 21:03:41","http://speechwar.com/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124716/"
+"124716","2019-02-14 21:03:41","http://speechwar.com/trust.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124716/"
 "124715","2019-02-14 21:03:35","http://sapidestraining.com/secure.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124715/"
 "124714","2019-02-14 21:03:29","http://research.fph.tu.ac.th/wp-content/uploads/verif.accounts.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124714/"
 "124713","2019-02-14 21:03:22","http://kosheranguilla.com/secure.myaccount.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124713/"
@@ -16597,12 +17148,12 @@
 "124658","2019-02-14 19:30:22","http://greenflagtrails.co.za/verif.myaccount.resourses.biz/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/124658/"
 "124657","2019-02-14 19:30:20","http://aaswim.co.za/verif.myaccount.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124657/"
 "124656","2019-02-14 19:30:18","http://www.cambozseo.com/verif.myacc.docs.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124656/"
-"124655","2019-02-14 19:30:11","http://40seg.com/verif.accs.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124655/"
+"124655","2019-02-14 19:30:11","http://40seg.com/verif.accs.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124655/"
 "124654","2019-02-14 19:30:09","http://bayaneabrishami.ir/verif.accs.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124654/"
 "124653","2019-02-14 19:30:07","http://khtc.hcmut.edu.vn/trust.myacc.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124653/"
 "124652","2019-02-14 19:30:04","http://ngkidshop.com/sec.myaccount.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124652/"
 "124651","2019-02-14 19:30:01","https://lun.otrweb.ru/verif.myaccount.resourses.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124651/"
-"124650","2019-02-14 19:29:59","http://distro.attaqwapreneur.com/secure.accounts.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124650/"
+"124650","2019-02-14 19:29:59","http://distro.attaqwapreneur.com/secure.accounts.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124650/"
 "124649","2019-02-14 19:29:56","http://esgaming.com.br/wp-content/secure.accounts.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124649/"
 "124648","2019-02-14 19:29:54","http://licenciamentotraumaclinic.com.br/verif.accs.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124648/"
 "124647","2019-02-14 19:29:50","http://thien.com.vn/verif.myaccount.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124647/"
@@ -16620,7 +17171,7 @@
 "124635","2019-02-14 19:08:05","http://kuoying.net/wp-admin/info/dhzv-E8HR_pExT-QWV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124635/"
 "124634","2019-02-14 18:58:04","http://view52.com/En/ThKIO-mF3vn_LgYuedH-53/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124634/"
 "124633","2019-02-14 18:56:03","http://198.98.62.207/ldr.exe","online","malware_download","exe,GandCrab","https://urlhaus.abuse.ch/url/124633/"
-"124632","2019-02-14 18:54:03","http://birchgroupllc.com/file/Copy_Invoice/BrEV-q7Rcv_TwTCqh-yv/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124632/"
+"124632","2019-02-14 18:54:03","http://birchgroupllc.com/file/Copy_Invoice/BrEV-q7Rcv_TwTCqh-yv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124632/"
 "124631","2019-02-14 18:50:04","http://vivekanandaeducation-armoor.org/corporation/Invoice_Notice/JhGpZ-bMVh_SpOYPCo-tf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124631/"
 "124630","2019-02-14 18:46:02","http://fortuneinfosys.com/En_us/info/Invoice_Notice/2986743250/lwYN-Y2_MUvIcLZ-Asr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124630/"
 "124629","2019-02-14 18:41:03","http://185.244.25.182/bins/arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124629/"
@@ -16881,7 +17432,7 @@
 "124373","2019-02-14 11:51:04","http://honkytonk-studio.com/Kw0rSq2FAX/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/124373/"
 "124372","2019-02-14 11:48:19","http://kocamanmuhendislik.com/Telekom/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124372/"
 "124371","2019-02-14 11:48:15","http://nt-kmv.ru/Telekom/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124371/"
-"124370","2019-02-14 11:48:14","http://sgl.kz/Telekom/Transaktion/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124370/"
+"124370","2019-02-14 11:48:14","http://sgl.kz/Telekom/Transaktion/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124370/"
 "124369","2019-02-14 11:48:13","http://www.difalabarghoo.ir/wp-admin/Telekom/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124369/"
 "124368","2019-02-14 11:48:11","http://aimaproducoes.com.br/Telekom/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124368/"
 "124367","2019-02-14 11:48:05","https://www.exablack.com/Februar2019/EVPXGEQIS4018025/de/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124367/"
@@ -16994,7 +17545,7 @@
 "124259","2019-02-14 08:03:07","http://www.luckylibertarian.com/US/file/Invoice/ExYcg-Yin_Doma-KW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124259/"
 "124258","2019-02-14 08:01:02","http://167.99.10.129/De/QSCTCD4359230/Rechnungs/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124258/"
 "124257","2019-02-14 07:59:04","http://distribuidorajb.com.ar/Telekom/Rechnungen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124257/"
-"124256","2019-02-14 07:56:04","http://fwpanels.com/De/ABHYSQR9969074/Rechnung/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124256/"
+"124256","2019-02-14 07:56:04","http://fwpanels.com/De/ABHYSQR9969074/Rechnung/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124256/"
 "124255","2019-02-14 07:54:03","http://bkm-adwokaci.pl/res/En/Copy_Invoice/NexAt-nx_dWYibmDm-G2k/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124255/"
 "124254","2019-02-14 07:53:02","http://nova-cloud.it/Februar2019/ZVOKSN8028767/Rechnungskorrektur/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124254/"
 "124253","2019-02-14 07:50:14","http://64.110.27.136/bins/kalon.i686","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124253/"
@@ -17003,7 +17554,7 @@
 "124250","2019-02-14 07:50:10","http://64.110.27.136/bins/kalon.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124250/"
 "124249","2019-02-14 07:50:09","http://64.110.27.136/bins/kalon.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124249/"
 "124248","2019-02-14 07:50:07","http://ikols.net/En/xerox/New_invoice/dYcyp-Ygr_eseqAkXGj-6Cz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124248/"
-"124247","2019-02-14 07:48:21","http://liketop.tk/Februar2019/DEWZDFS5921051/Rechnungs/Fakturierung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124247/"
+"124247","2019-02-14 07:48:21","http://liketop.tk/Februar2019/DEWZDFS5921051/Rechnungs/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124247/"
 "124246","2019-02-14 07:48:16","http://185.244.25.153/bins/Masurabins.sh","offline","malware_download","elf,gafgyt,sh","https://urlhaus.abuse.ch/url/124246/"
 "124245","2019-02-14 07:48:14","http://185.244.25.153/bins/DEMON.x86","offline","malware_download","ddos,elf,gafgyt","https://urlhaus.abuse.ch/url/124245/"
 "124244","2019-02-14 07:48:11","http://185.244.25.153/bins/DEMON.sparc","offline","malware_download","ddos,elf,gafgyt","https://urlhaus.abuse.ch/url/124244/"
@@ -17026,14 +17577,14 @@
 "124227","2019-02-14 07:44:12","http://dogstudios.it/ltBpABqV1Ns2_X/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124227/"
 "124226","2019-02-14 07:44:09","http://abiataltib.ml/FrbrnDxacZrXy9s/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124226/"
 "124225","2019-02-14 07:44:07","http://spb0969.ru/y08GBl6toozB/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124225/"
-"124224","2019-02-14 07:44:04","http://hifucancertreatment.com/wp-content/uploads/PKL8EApdvFOUn79/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124224/"
+"124224","2019-02-14 07:44:04","http://hifucancertreatment.com/wp-content/uploads/PKL8EApdvFOUn79/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/124224/"
 "124223","2019-02-14 07:41:03","http://ulco.tv/doc/Invoice_number/WRSTM-CHkG_mv-Pjb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124223/"
 "124222","2019-02-14 07:40:07","http://fupfa.org/Februar2019/BQADLYIX6017258/Rechnungs-Details/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124222/"
 "124221","2019-02-14 07:38:02","http://alexovicsattila.com/US/llc/Invoice/313173491/MxLj-7fKU_fc-0Jr/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124221/"
-"124220","2019-02-14 07:35:03","http://159.89.167.92/De/ZMIUKLF0088630/Rechnungs-Details/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124220/"
+"124220","2019-02-14 07:35:03","http://159.89.167.92/De/ZMIUKLF0088630/Rechnungs-Details/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124220/"
 "124219","2019-02-14 07:31:04","http://1.246.245.213/@eaDir/De/MBJXSUUZXW3751092/DE/Fakturierung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/124219/"
 "124218","2019-02-14 07:28:04","http://nikastroi.ru/De/DQOUAT1965838/Rechnungs-Details/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124218/"
-"124217","2019-02-14 07:28:03","http://dentistmomma.com/US_us/corporation/EKaok-mK_puUnx-zb/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124217/"
+"124217","2019-02-14 07:28:03","http://dentistmomma.com/US_us/corporation/EKaok-mK_puUnx-zb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124217/"
 "124216","2019-02-14 07:25:13","http://mipec-city-view.com/Invoice/EeMOE-xzz3m_DmvMdrI-mXT/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124216/"
 "124215","2019-02-14 07:23:06","http://fur-market.ru/Februar2019/RLSDYBEVFU3100419/Rech/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/124215/"
 "124214","2019-02-14 07:21:10","http://fileservice.ga/POm.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/124214/"
@@ -17186,7 +17737,7 @@
 "124067","2019-02-14 03:36:02","http://92.242.62.156/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124067/"
 "124066","2019-02-14 03:29:03","http://jointpluspro.premiumbeautyhair.com/trust.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124066/"
 "124065","2019-02-14 03:28:07","http://bestcook.hu/trust.myacc.sendnet/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/124065/"
-"124064","2019-02-14 03:28:05","http://188.131.164.117/secure.accounts.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124064/"
+"124064","2019-02-14 03:28:05","http://188.131.164.117/secure.accounts.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/124064/"
 "124063","2019-02-14 03:04:15","http://www.medgen.pl/templates/medgen/less/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124063/"
 "124062","2019-02-14 03:03:06","http://medgen.pl/templates/medgen/less/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/124062/"
 "124061","2019-02-14 03:03:05","http://92.242.62.156:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/124061/"
@@ -17261,9 +17812,9 @@
 "123992","2019-02-14 00:39:06","http://afshari.yazdvip.ir/sec.myacc.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123992/"
 "123991","2019-02-14 00:39:02","http://adbord.com/css/verif.accs.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123991/"
 "123990","2019-02-14 00:20:06","https://u.teknik.io/zfjr0.jpg","offline","malware_download","exe,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/123990/"
-"123989","2019-02-14 00:15:20","http://acropol.com.eg/pdf/sunny.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123989/"
+"123989","2019-02-14 00:15:20","http://acropol.com.eg/pdf/sunny.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123989/"
 "123988","2019-02-14 00:15:16","http://acropol.com.eg/pdf/onos.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123988/"
-"123987","2019-02-14 00:15:13","http://acropol.com.eg/pdf/contact.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123987/"
+"123987","2019-02-14 00:15:13","http://acropol.com.eg/pdf/contact.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/123987/"
 "123986","2019-02-14 00:14:02","http://116.203.66.92/bins/hoho.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123986/"
 "123985","2019-02-14 00:12:04","http://116.203.66.92/bins/hoho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123985/"
 "123983","2019-02-14 00:12:03","http://116.203.66.92/bins/hoho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123983/"
@@ -17294,7 +17845,7 @@
 "123959","2019-02-13 23:45:13","http://giancarloraso.com/US/download/qrZvo-Z3O04_bKRwVcLq-iJ/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123959/"
 "123958","2019-02-13 23:45:09","http://dizinler.site/En/scan/Invoice_number/Fxvm-USL_Jem-3S6/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123958/"
 "123957","2019-02-13 23:45:05","http://54.164.84.17/En_us/info/Copy_Invoice/632505435818/TCSp-Zj2_ND-gp/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123957/"
-"123956","2019-02-13 23:44:41","http://13.251.184.56/PeOI-pSLj_AlnHhVk-QDI/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123956/"
+"123956","2019-02-13 23:44:41","http://13.251.184.56/PeOI-pSLj_AlnHhVk-QDI/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123956/"
 "123955","2019-02-13 23:44:11","http://viticomvietnam.com/trust.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123955/"
 "123954","2019-02-13 23:44:07","http://shlifovka.by/secure.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123954/"
 "123953","2019-02-13 23:44:05","http://nightonline.ru/images/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123953/"
@@ -17362,21 +17913,21 @@
 "123891","2019-02-13 22:03:23","http://caree.in/sec.myaccount.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123891/"
 "123890","2019-02-13 22:03:12","http://104.248.66.24/secure.accounts.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123890/"
 "123889","2019-02-13 21:54:04","https://onedrive.live.com/download?cid=4F1737459E3F8C0A&resid=4F1737459E3F8C0A%21108&authkey=ANpirksTUiMHwHg","offline","malware_download","compressed,HawkEye,keylogger,payload","https://urlhaus.abuse.ch/url/123889/"
-"123888","2019-02-13 21:47:04","http://199.38.245.221/bins/yakuza.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123888/"
-"123887","2019-02-13 21:47:03","http://199.38.245.221:80/bins/yakuza.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123887/"
-"123886","2019-02-13 21:47:02","http://199.38.245.221/bins/yakuza.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123886/"
-"123885","2019-02-13 21:46:05","http://199.38.245.221:80/bins/yakuza.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123885/"
-"123884","2019-02-13 21:46:04","http://199.38.245.221:80/bins/yakuza.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123884/"
+"123888","2019-02-13 21:47:04","http://199.38.245.221/bins/yakuza.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123888/"
+"123887","2019-02-13 21:47:03","http://199.38.245.221:80/bins/yakuza.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123887/"
+"123886","2019-02-13 21:47:02","http://199.38.245.221/bins/yakuza.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123886/"
+"123885","2019-02-13 21:46:05","http://199.38.245.221:80/bins/yakuza.ppc","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123885/"
+"123884","2019-02-13 21:46:04","http://199.38.245.221:80/bins/yakuza.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123884/"
 "123883","2019-02-13 21:46:03","http://23.249.163.110/microsoft/office/excel/browser.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/123883/"
-"123882","2019-02-13 21:44:05","http://199.38.245.221/bins/yakuza.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123882/"
-"123881","2019-02-13 21:44:04","http://199.38.245.221:80/bins/yakuza.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123881/"
-"123880","2019-02-13 21:44:03","http://199.38.245.221:80/bins/yakuza.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123880/"
-"123879","2019-02-13 21:44:02","http://199.38.245.221:80/bins/yakuza.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123879/"
-"123878","2019-02-13 21:43:04","http://199.38.245.221:80/bins/yakuza.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123878/"
-"123877","2019-02-13 21:43:03","http://199.38.245.221/bins/yakuza.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123877/"
-"123876","2019-02-13 21:43:03","http://199.38.245.221/bins/yakuza.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123876/"
-"123875","2019-02-13 21:42:02","http://199.38.245.221/bins/yakuza.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123875/"
-"123874","2019-02-13 21:36:02","http://199.38.245.221/bins/yakuza.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123874/"
+"123882","2019-02-13 21:44:05","http://199.38.245.221/bins/yakuza.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123882/"
+"123881","2019-02-13 21:44:04","http://199.38.245.221:80/bins/yakuza.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123881/"
+"123880","2019-02-13 21:44:03","http://199.38.245.221:80/bins/yakuza.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123880/"
+"123879","2019-02-13 21:44:02","http://199.38.245.221:80/bins/yakuza.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123879/"
+"123878","2019-02-13 21:43:04","http://199.38.245.221:80/bins/yakuza.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123878/"
+"123877","2019-02-13 21:43:03","http://199.38.245.221/bins/yakuza.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123877/"
+"123876","2019-02-13 21:43:03","http://199.38.245.221/bins/yakuza.sh4","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123876/"
+"123875","2019-02-13 21:42:02","http://199.38.245.221/bins/yakuza.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123875/"
+"123874","2019-02-13 21:36:02","http://199.38.245.221/bins/yakuza.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123874/"
 "123873","2019-02-13 21:19:05","https://www.wcsrh.org/dns-update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123873/"
 "123872","2019-02-13 21:05:03","http://decorinfo.ru/En_us/document/Inv/kEqPV-E0nEH_Fehi-vC0/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123872/"
 "123871","2019-02-13 21:03:39","http://162.243.254.239/quoteandbuy/CcSkzUOiUa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123871/"
@@ -17390,7 +17941,7 @@
 "123863","2019-02-13 20:58:02","http://185.244.25.98/bins/arm","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123863/"
 "123862","2019-02-13 20:57:02","http://britanniasuperior.uk/NDohX-BhSDg_yMzBa-wh/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123862/"
 "123861","2019-02-13 20:54:03","http://185.22.154.206/bins/trojan.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123861/"
-"123860","2019-02-13 20:54:02","http://199.38.245.221/bins/yakuza.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123860/"
+"123860","2019-02-13 20:54:02","http://199.38.245.221/bins/yakuza.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123860/"
 "123859","2019-02-13 20:53:02","http://es-solution.u1296248.cp.regruhosting.ru/file/ROpMZ-OJIU8_jJc-INK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123859/"
 "123858","2019-02-13 20:51:01","http://www.marconuenlist.ch/trust.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123858/"
 "123857","2019-02-13 20:50:31","http://marmorems.com.br/secure.accounts.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123857/"
@@ -17415,16 +17966,16 @@
 "123838","2019-02-13 20:19:10","http://xn----dtbicbmcv0cdfeb.xn--p1ai/US_us/file/JZhX-uoAxG_uryptRJ-EIH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123838/"
 "123837","2019-02-13 20:15:12","http://lubraperfis.com.br/En_us/company/New_invoice/NqJst-IOh_BURkbxF-oM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123837/"
 "123836","2019-02-13 20:14:31","http://193.77.216.20/sOHJcxww2XdiSVz_e/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123836/"
-"123835","2019-02-13 20:14:28","http://159.65.65.213/2TsF5icjLdR_6yyM5jk/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123835/"
+"123835","2019-02-13 20:14:28","http://159.65.65.213/2TsF5icjLdR_6yyM5jk/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123835/"
 "123834","2019-02-13 20:14:24","http://103.254.86.219/rdfcrm/custom/history/tGT4LaJxsnASp/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123834/"
-"123833","2019-02-13 20:14:09","http://35.190.186.53/1znMVkdMfAPn8G_f8vhtU7XS/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123833/"
+"123833","2019-02-13 20:14:09","http://35.190.186.53/1znMVkdMfAPn8G_f8vhtU7XS/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123833/"
 "123832","2019-02-13 20:14:05","http://52.236.174.152/jvWJzuX5kVly/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123832/"
 "123831","2019-02-13 20:11:03","http://aquilastudios.se/En/corporation/9649763/vJie-jP8_m-5D/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123831/"
 "123830","2019-02-13 20:07:03","http://lionestateturkey.com/EN_en/download/Invoice/stOfP-bzI_fry-y73/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123830/"
 "123829","2019-02-13 20:03:07","http://185.244.25.98:80/bins/arm","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123829/"
 "123827","2019-02-13 20:03:06","http://185.22.154.206:80/bins/trojan.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123827/"
 "123828","2019-02-13 20:03:06","http://185.244.25.98:80/bins/arm7","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123828/"
-"123826","2019-02-13 20:03:05","http://199.38.245.221:80/bins/yakuza.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123826/"
+"123826","2019-02-13 20:03:05","http://199.38.245.221:80/bins/yakuza.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123826/"
 "123825","2019-02-13 20:03:04","http://farshzagros.com/info/Copy_Invoice/660292314540/aasCj-FF1CD_s-Nm/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123825/"
 "123824","2019-02-13 20:02:06","http://185.22.154.206:80/bins/trojan.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/123824/"
 "123823","2019-02-13 20:02:05","http://211.204.165.173:41953/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/123823/"
@@ -17447,9 +17998,9 @@
 "123806","2019-02-13 19:37:26","http://fenichka.ru/En/company/OHTV-0cd_UtWIeX-0AH/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123806/"
 "123805","2019-02-13 19:37:24","http://cech.gdansk.pl/US_us/corporation/nflO-0g_zGDw-v75/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123805/"
 "123804","2019-02-13 19:37:23","http://bristols6.wiserobot.space/Invoice_Notice/9227865/oIwkc-11_SXoUv-qc8/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123804/"
-"123803","2019-02-13 19:37:22","http://95.177.143.55/Inv/YSgzD-zXdwz_Bi-Wi/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123803/"
-"123802","2019-02-13 19:37:20","http://82.253.156.136/wordpress/En/Copy_Invoice/eIqV-HZWan_frkIOz-fTS/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123802/"
-"123801","2019-02-13 19:37:19","http://54.250.159.171/US/company/Invoice_number/123405918808120/nZdg-6se_PlUK-UQ/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123801/"
+"123803","2019-02-13 19:37:22","http://95.177.143.55/Inv/YSgzD-zXdwz_Bi-Wi/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123803/"
+"123802","2019-02-13 19:37:20","http://82.253.156.136/wordpress/En/Copy_Invoice/eIqV-HZWan_frkIOz-fTS/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123802/"
+"123801","2019-02-13 19:37:19","http://54.250.159.171/US/company/Invoice_number/123405918808120/nZdg-6se_PlUK-UQ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123801/"
 "123800","2019-02-13 19:37:13","http://54.234.174.153/corporation/Invoice_number/IBPk-HDo_PwtXEj-4o/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123800/"
 "123799","2019-02-13 19:37:12","http://159.65.142.218/wp-admin/file/rlQCK-AEA_TOLYw-ti/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123799/"
 "123798","2019-02-13 19:37:09","http://104.248.140.207/EN_en/download/0234405946/ZDyA-U0FPh_dvfsnUKXu-CG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123798/"
@@ -17474,7 +18025,7 @@
 "123779","2019-02-13 19:34:20","http://63.34.12.228/secure.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123779/"
 "123778","2019-02-13 19:34:17","http://55kotel.ru/sec.myaccount.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123778/"
 "123777","2019-02-13 19:34:14","http://211.238.147.196/@eaDir/verif.accs.docs.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123777/"
-"123776","2019-02-13 19:34:10","http://188.192.104.226/wordpress/secure.myacc.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123776/"
+"123776","2019-02-13 19:34:10","http://188.192.104.226/wordpress/secure.myacc.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123776/"
 "123775","2019-02-13 19:34:06","http://140.227.27.252/wp-content/verif.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123775/"
 "123774","2019-02-13 19:31:12","http://wcsrh.org/dns-update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123774/"
 "123773","2019-02-13 19:31:09","http://beheshtimaal.com/scan/New_invoice/Wxpp-f1_NZMKf-n7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123773/"
@@ -17539,7 +18090,7 @@
 "123714","2019-02-13 18:25:02","http://155.138.195.197/bins/KowaiB3.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123714/"
 "123713","2019-02-13 18:24:04","http://deenjeevantimes.in/En/file/JoQQR-Af4_rgFaUjp-1F/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123713/"
 "123712","2019-02-13 18:20:07","http://52.205.176.136/xerox/iCtfU-ck8_vlrGAB-Dx/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123712/"
-"123711","2019-02-13 18:16:04","http://160.16.198.220/EN_en/Invoice_Notice/yuCZQ-FZi5_fO-Eff/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123711/"
+"123711","2019-02-13 18:16:04","http://160.16.198.220/EN_en/Invoice_Notice/yuCZQ-FZi5_fO-Eff/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123711/"
 "123710","2019-02-13 18:12:10","http://cech.gdansk.pl//US_us/corporation/nflO-0g_zGDw-v75/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123710/"
 "123709","2019-02-13 18:11:21","http://rouvamusta.fi/wp-admin/includes/_output881CF3F.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/123709/"
 "123708","2019-02-13 18:11:15","http://waterfordcomputers.ie/wp-content/themes/WCv15/includes/css/messg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123708/"
@@ -17564,7 +18115,7 @@
 "123690","2019-02-13 17:51:04","http://puygspkk67.company/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=weex8.harz","offline","malware_download","exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/123690/"
 "123688","2019-02-13 17:51:03","http://puygspkk67.company/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=weex2.harz","offline","malware_download","exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/123688/"
 "123687","2019-02-13 17:51:02","http://puygspkk67.company/puewpxmasl/suoepwxpamxapxlamslxdo.php?l=weex1.harz","offline","malware_download","exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/123687/"
-"123686","2019-02-13 17:48:07","http://119.254.12.142/US_us/download/Invoice_Notice/DEhK-cRi_XfFFEn-rui/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123686/"
+"123686","2019-02-13 17:48:07","http://119.254.12.142/US_us/download/Invoice_Notice/DEhK-cRi_XfFFEn-rui/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123686/"
 "123685","2019-02-13 17:46:04","https://www.Citigroup.com//","offline","malware_download","None","https://urlhaus.abuse.ch/url/123685/"
 "123684","2019-02-13 17:46:02","https://www.Citibank.com//","offline","malware_download","None","https://urlhaus.abuse.ch/url/123684/"
 "123683","2019-02-13 17:44:05","http://explorehue.com/corporation/059767712543/FlyI-uBcdu_KAasjYjt-hW/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123683/"
@@ -17591,7 +18142,7 @@
 "123662","2019-02-13 17:14:09","http://customsservices.xyz/aii/bin_outputBD76DAF.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123662/"
 "123661","2019-02-13 17:13:20","http://13.125.133.209/8v3dAOp/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123661/"
 "123660","2019-02-13 17:13:17","http://52.63.71.120/jP7Bi6vPVK/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123660/"
-"123659","2019-02-13 17:13:13","http://13.126.61.22/Tkjz49D/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123659/"
+"123659","2019-02-13 17:13:13","http://13.126.61.22/Tkjz49D/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123659/"
 "123658","2019-02-13 17:13:07","http://139.59.64.173/hlMSx0fm/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123658/"
 "123657","2019-02-13 17:13:05","http://www.prowidor.com/35hflpam3A/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123657/"
 "123656","2019-02-13 17:13:03","http://klotho.net/wp/wp-admin/css/colors/blue/ashan.russia.zakaz.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/123656/"
@@ -17600,8 +18151,8 @@
 "123653","2019-02-13 17:02:37","http://varzeshpress.com/wp-admin/7W2CoXQJAHI_8PXLADey7/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123653/"
 "123652","2019-02-13 17:02:33","http://pro-iherb.ru/IeuJlgdj6_D/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123652/"
 "123651","2019-02-13 17:02:24","http://zhiko.ir/5lJEfpVX9e7_6Hm/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/123651/"
-"123650","2019-02-13 17:02:20","http://207.154.223.104/usgfmGl/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123650/"
-"123649","2019-02-13 17:02:14","http://159.89.153.180/PirPKmVSvCUrD_faC0bF8/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123649/"
+"123650","2019-02-13 17:02:20","http://207.154.223.104/usgfmGl/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123650/"
+"123649","2019-02-13 17:02:14","http://159.89.153.180/PirPKmVSvCUrD_faC0bF8/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/123649/"
 "123648","2019-02-13 16:55:03","http://35.231.216.11/AB4g5/Josho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123648/"
 "123647","2019-02-13 16:54:02","http://35.231.216.11/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123647/"
 "123646","2019-02-13 16:53:04","http://presse.schmutzki.de/.well-known/acme-challenge/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/123646/"
@@ -17622,16 +18173,16 @@
 "123630","2019-02-13 16:42:03","http://35.231.216.11:80/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123630/"
 "123631","2019-02-13 16:42:03","http://35.231.216.11:80/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123631/"
 "123629","2019-02-13 16:40:49","http://x-soft.tomsk.ru/EN_en/doc/Invoice/vdcb-8AvQ7_oxW-qr/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123629/"
-"123628","2019-02-13 16:40:48","http://prostranstvorosta.ru/EN_en/scan/TWGwh-nz_WT-Aok/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123628/"
+"123628","2019-02-13 16:40:48","http://prostranstvorosta.ru/EN_en/scan/TWGwh-nz_WT-Aok/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123628/"
 "123627","2019-02-13 16:40:46","http://nonfree.ru/company/Inv/975956727/NKErr-s90_fjVgbaUI-wVO/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123627/"
 "123626","2019-02-13 16:40:45","http://newsfeedkings.palab.info/New_invoice/oeLUK-6II_zjnwqie-x3/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123626/"
 "123625","2019-02-13 16:40:44","http://46.101.52.174/doc/Invoice_Notice/DCjw-HXt2D_G-uT/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123625/"
 "123624","2019-02-13 16:40:43","http://40.69.23.131/US_us/company/New_invoice/PpUcl-3bjaO_X-s42/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123624/"
-"123623","2019-02-13 16:40:42","http://35.232.73.116/scan/898053748436506/ttSQH-TTO_nNouWKfU-fsG/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123623/"
+"123623","2019-02-13 16:40:42","http://35.232.73.116/scan/898053748436506/ttSQH-TTO_nNouWKfU-fsG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123623/"
 "123622","2019-02-13 16:40:40","http://35.204.88.6/45103872657/Aiwa-tzPq_Tem-ASt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123622/"
 "123621","2019-02-13 16:40:39","http://35.176.197.139/US/company/Invoice/Yegah-4UC2R_EqbBA-uK/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123621/"
 "123620","2019-02-13 16:40:38","http://34.220.101.62/US/Invoice/yDNsy-UFfiS_ZK-Iy/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123620/"
-"123618","2019-02-13 16:40:35","http://206.189.154.46/En_us/info/New_invoice/tPds-xIodr_VDgMFSO-s9d/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123618/"
+"123618","2019-02-13 16:40:35","http://206.189.154.46/En_us/info/New_invoice/tPds-xIodr_VDgMFSO-s9d/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123618/"
 "123619","2019-02-13 16:40:35","http://3.120.147.8/download/9428618769/sary-0cZ_cEYzUU-2u/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123619/"
 "123617","2019-02-13 16:40:32","http://18.223.20.43/EN_en/xerox/Invoice_number/LaejY-Xt_sgrNPE-YD/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123617/"
 "123616","2019-02-13 16:40:30","http://18.221.1.168/corporation/Rthgy-VE_DqQJ-iP/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123616/"
@@ -17640,26 +18191,26 @@
 "123613","2019-02-13 16:40:25","http://pro-iherb.u1296248.cp.regruhosting.ru/trust.myaccount.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123613/"
 "123612","2019-02-13 16:40:23","http://photowizard.com.ua/verif.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123612/"
 "123611","2019-02-13 16:40:20","http://158.69.135.116/EN_en/info/VLavl-5jWa_NN-Yxz/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123611/"
-"123609","2019-02-13 16:40:18","http://13.233.173.191/wp-content/US/llc/MwFSH-aOkOo_WKGErDSh-3pU/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123609/"
-"123610","2019-02-13 16:40:18","http://139.59.182.250/En/llc/Invoice_Notice/26997967767947/xFUlr-Ng4Hq_drWklraru-fK/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123610/"
+"123609","2019-02-13 16:40:18","http://13.233.173.191/wp-content/US/llc/MwFSH-aOkOo_WKGErDSh-3pU/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123609/"
+"123610","2019-02-13 16:40:18","http://139.59.182.250/En/llc/Invoice_Notice/26997967767947/xFUlr-Ng4Hq_drWklraru-fK/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123610/"
 "123608","2019-02-13 16:40:16","http://13.112.69.225/wp-content/Copy_Invoice/kiUmW-O7_ambwybOW-6G/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123608/"
-"123607","2019-02-13 16:40:12","http://128.199.207.179/EN_en/corporation/949706293103860/RNFCL-bK_rDb-RL/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123607/"
-"123606","2019-02-13 16:40:10","http://128.199.187.124/EN_en/Invoice_number/ncuQs-C0hW_uPvdSfApY-zz/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123606/"
-"123605","2019-02-13 16:40:08","http://118.25.176.38/US/download/New_invoice/EMQRa-Mp6_Ik-r8N/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123605/"
+"123607","2019-02-13 16:40:12","http://128.199.207.179/EN_en/corporation/949706293103860/RNFCL-bK_rDb-RL/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123607/"
+"123606","2019-02-13 16:40:10","http://128.199.187.124/EN_en/Invoice_number/ncuQs-C0hW_uPvdSfApY-zz/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123606/"
+"123605","2019-02-13 16:40:08","http://118.25.176.38/US/download/New_invoice/EMQRa-Mp6_Ik-r8N/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123605/"
 "123604","2019-02-13 16:40:04","http://114.34.129.103/EN_en/file/Invoice_number/bxFD-ub4_IXOswJjtk-dFG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123604/"
 "123603","2019-02-13 16:39:09","http://cityofpossibilities.org/sec.myacc.docs.biz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123603/"
 "123602","2019-02-13 16:39:08","http://51.77.192.138/verif.myaccount.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123602/"
-"123601","2019-02-13 16:39:06","http://37.139.27.218/secure.myaccount.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123601/"
+"123601","2019-02-13 16:39:06","http://37.139.27.218/secure.myaccount.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123601/"
 "123600","2019-02-13 16:39:04","http://35.202.250.4/sec.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123600/"
 "123599","2019-02-13 16:39:00","http://34.242.190.144/secure.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123599/"
-"123598","2019-02-13 16:38:56","http://3.92.174.100/sec.myacc.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123598/"
+"123598","2019-02-13 16:38:56","http://3.92.174.100/sec.myacc.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123598/"
 "123597","2019-02-13 16:38:54","http://23.235.202.43/verif.myacc.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123597/"
 "123596","2019-02-13 16:38:50","http://207.148.31.160/sec.myaccount.docs.biz/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123596/"
 "123595","2019-02-13 16:38:20","http://204.48.21.209/secure.myacc.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123595/"
 "123594","2019-02-13 16:38:17","http://192.241.145.236/verif.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123594/"
 "123593","2019-02-13 16:38:14","http://18.222.169.76/trust.accs.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123593/"
 "123592","2019-02-13 16:38:09","http://178.236.210.22/secure.myaccount.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123592/"
-"123591","2019-02-13 16:38:05","http://128.199.172.4/sec.myaccount.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123591/"
+"123591","2019-02-13 16:38:05","http://128.199.172.4/sec.myaccount.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123591/"
 "123590","2019-02-13 16:31:06","http://35.231.216.11:80/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/123590/"
 "123589","2019-02-13 16:22:06","https://www.dropbox.com/s/5pmfvp2owyt66cu/NEW%20ORDER.pdf.z?dl=1","offline","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/123589/"
 "123588","2019-02-13 16:16:39","http://crdpmaule.cl/wp-includes/customize/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/123588/"
@@ -17695,12 +18246,12 @@
 "123558","2019-02-13 15:35:06","http://130.211.205.139/HtDDY-RBS_s-6w5/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123558/"
 "123557","2019-02-13 15:35:04","http://18.223.125.61/trust.accounts.docs.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123557/"
 "123556","2019-02-13 15:00:03","http://159.203.101.9/En_us/llc/1909649/HBnm-4g7qj_vZSlWoOrD-JU/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/123556/"
-"123555","2019-02-13 14:55:10","http://13.233.31.203/trust.accs.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123555/"
+"123555","2019-02-13 14:55:10","http://13.233.31.203/trust.accs.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123555/"
 "123554","2019-02-13 14:55:08","http://forum.reshalka.com/verif.accounts.docs.net/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/123554/"
 "123553","2019-02-13 14:55:08","https://forum.reshalka.com/verif.accounts.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123553/"
-"123552","2019-02-13 14:55:07","http://178.62.102.110/secure.myacc.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123552/"
+"123552","2019-02-13 14:55:07","http://178.62.102.110/secure.myacc.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123552/"
 "123551","2019-02-13 14:55:06","http://108.61.214.253/trust.accs.docs.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123551/"
-"123550","2019-02-13 14:55:03","http://104.198.73.104/secure.myacc.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123550/"
+"123550","2019-02-13 14:55:03","http://104.198.73.104/secure.myacc.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123550/"
 "123549","2019-02-13 14:54:05","http://klotho.net/wp/wp-admin/css/colors/blue/metro.cash.and.carry.zakaz.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/123549/"
 "123548","2019-02-13 14:54:02","https://casana-ae.com/hok.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123548/"
 "123547","2019-02-13 14:37:02","http://bouncingbunny.nl/wp-content/uploads/d2ZFkehi/client2.rar","offline","malware_download","Encoded,Task","https://urlhaus.abuse.ch/url/123547/"
@@ -17748,16 +18299,16 @@
 "123505","2019-02-13 14:21:42","http://35.184.197.183/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123505/"
 "123504","2019-02-13 14:21:39","http://34.208.141.93/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123504/"
 "123503","2019-02-13 14:21:37","http://2647403-1.web-hosting.es/Telekom/Rechnung/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123503/"
-"123502","2019-02-13 14:21:36","http://178.62.233.192/Telekom/RechnungOnline/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123502/"
-"123500","2019-02-13 14:21:35","http://138.197.72.9/secure.accounts.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123500/"
-"123501","2019-02-13 14:21:35","http://159.65.83.246/Telekom/Rechnung/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123501/"
+"123502","2019-02-13 14:21:36","http://178.62.233.192/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123502/"
+"123500","2019-02-13 14:21:35","http://138.197.72.9/secure.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123500/"
+"123501","2019-02-13 14:21:35","http://159.65.83.246/Telekom/Rechnung/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123501/"
 "123499","2019-02-13 14:21:05","http://132.145.153.89/verif.accs.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123499/"
 "123498","2019-02-13 14:21:02","http://13.233.183.227/verif.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123498/"
 "123496","2019-02-13 14:07:02","http://khaledlakmes.com/llc/New_invoice/ZtDW-kJ46_Faeed-HyH/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123496/"
 "123497","2019-02-13 14:07:02","http://www.car-partner.ru/Februar2019/MZEALCIHPL7706516/Rechnungs/DOC-Dokument/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123497/"
 "123495","2019-02-13 14:07:01","http://eco-fun.ru/De_de/KPUGOF1777468/Rechnungs-docs/Rechnungszahlung/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/123495/"
 "123494","2019-02-13 14:01:17","https://jardinsterapias.com.br/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123494/"
-"123493","2019-02-13 14:01:14","http://wordpress-219768-716732.cloudwaysapps.com/verif.myaccount.resourses.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123493/"
+"123493","2019-02-13 14:01:14","http://wordpress-219768-716732.cloudwaysapps.com/verif.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123493/"
 "123492","2019-02-13 14:01:13","http://jardinsterapias.com.br/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/123492/"
 "123491","2019-02-13 14:01:12","http://eunmingwan.com/verif.myaccount.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123491/"
 "123490","2019-02-13 14:01:03","http://ejder.com.tr/verif.accounts.send.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123490/"
@@ -17780,7 +18331,7 @@
 "123473","2019-02-13 13:48:15","http://altuntuval.com/8cfiGmIXk/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123473/"
 "123472","2019-02-13 13:48:13","http://vesidailucachau.com/F1zcXKyj/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123472/"
 "123471","2019-02-13 13:48:09","http://mimiabner.com/x7bQDOiSJe/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123471/"
-"123470","2019-02-13 13:48:07","http://barabooseniorhigh.com/FWLR2ZT/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123470/"
+"123470","2019-02-13 13:48:07","http://barabooseniorhigh.com/FWLR2ZT/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123470/"
 "123469","2019-02-13 13:48:05","http://www.venturelendingllc.com/Wxw9QNt8I/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/123469/"
 "123468","2019-02-13 13:47:03","http://13.126.61.11/EN_en/Copy_Invoice/3537640860405/dkXlq-Ij_ZxmVpj-fLJ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123468/"
 "123467","2019-02-13 13:43:04","http://13.92.177.54/corporation/Copy_Invoice/oYHZ-DU3_FMxI-vE/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123467/"
@@ -17807,7 +18358,7 @@
 "123446","2019-02-13 13:19:02","http://res11.bignox.com/player/tools/201804/407c0ce1a3b0432e91d07b3a55c6613e.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/123446/"
 "123445","2019-02-13 13:18:20","http://franksrobomachines.com/sec.accs.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123445/"
 "123444","2019-02-13 13:18:11","http://hosting.mrsofttech.com/sec.myacc.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123444/"
-"123443","2019-02-13 13:18:08","http://81.56.198.200/Telekom/Transaktion/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123443/"
+"123443","2019-02-13 13:18:08","http://81.56.198.200/Telekom/Transaktion/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123443/"
 "123442","2019-02-13 13:18:05","http://detsad-kr.ru/sec.myaccount.send.com/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/123442/"
 "123441","2019-02-13 13:18:03","http://104.155.65.6/wp-admin/Telekom/Rechnung/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123441/"
 "123440","2019-02-13 13:18:02","http://rcagency.royalcastagency.com/Telekom/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/123440/"
@@ -17828,7 +18379,7 @@
 "123425","2019-02-13 12:50:56","http://plc24.u1296248.cp.regruhosting.ru/EN_en/Invoice/226211865611/TkeNs-Udm_AKS-fq/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123425/"
 "123424","2019-02-13 12:50:55","http://kirstenborum.com/De/YDPADIFC5848993/Rechnungs-Details/Rechnungsanschrift/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123424/"
 "123423","2019-02-13 12:50:54","https://cdn.discordapp.com/attachments/538099848738504731/544283617493254174/mebarth_Protected.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/123423/"
-"123422","2019-02-13 12:50:53","http://179.191.88.69/xerox/Invoice/3864374247/fqFZm-qU0_sQNFd-wH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123422/"
+"123422","2019-02-13 12:50:53","http://179.191.88.69/xerox/Invoice/3864374247/fqFZm-qU0_sQNFd-wH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123422/"
 "123421","2019-02-13 12:50:51","http://1stgroupco.mn/De_de/EQLHDFO3496533/Rechnung/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123421/"
 "123420","2019-02-13 12:50:39","http://tarhanco.ir/En/info/Invoice_Notice/74938550/cfGp-wJy_nRrdRwlOg-TH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123420/"
 "123419","2019-02-13 12:50:37","http://35.170.104.162/Februar2019/OILSFDX0082973/Rechnungskorrektur/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123419/"
@@ -17864,7 +18415,7 @@
 "123389","2019-02-13 11:56:04","http://ordiroi.palab.info/EN_en/info/Invoice_Notice/oRziV-eM_MiaPfhVqa-s9H/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123389/"
 "123388","2019-02-13 11:56:03","http://pechi150.ru/Februar2019/YFWZTW3358544/Rechnungs-Details/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123388/"
 "123387","2019-02-13 11:53:02","http://gemaco.com.ve/css/php/bu.exe","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/123387/"
-"123386","2019-02-13 11:51:12","http://85.171.136.37/@eaDir/US_us/doc/KRtTq-fyMl_lR-4hp/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123386/"
+"123386","2019-02-13 11:51:12","http://85.171.136.37/@eaDir/US_us/doc/KRtTq-fyMl_lR-4hp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123386/"
 "123385","2019-02-13 11:51:12","http://aghigh.yazdvip.ir/De/IVCGEFAP6613031/Rechnungs-Details/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123385/"
 "123384","2019-02-13 11:49:03","http://lam.cz/templates/lam/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/123384/"
 "123383","2019-02-13 11:47:05","http://bjtechnologies.net/DE_de/GGLPOHEMJH2841406/Rechnungs-Details/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123383/"
@@ -17883,7 +18434,7 @@
 "123370","2019-02-13 11:19:07","http://67.209.114.215/US_us/New_invoice/WurVn-MoQ_KZruyHDR-kp/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123370/"
 "123369","2019-02-13 11:19:06","http://52.89.55.218/wp-content/de_DE/TIJHADTEWZ0988890/DE/Zahlungserinnerung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123369/"
 "123368","2019-02-13 11:18:05","http://diputraders.com/okfiles.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/123368/"
-"123367","2019-02-13 11:15:06","http://35.247.37.148/En/corporation/pTdW-py_grtITFZu-Sw/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123367/"
+"123367","2019-02-13 11:15:06","http://35.247.37.148/En/corporation/pTdW-py_grtITFZu-Sw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123367/"
 "123366","2019-02-13 11:15:03","http://mantoerika.yazdvip.ir/DE/DHAUJEYVPX3329168/Scan/DOC-Dokument/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123366/"
 "123365","2019-02-13 11:11:18","http://gemaco.com.ve/js/file/com.exe","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/123365/"
 "123364","2019-02-13 11:11:12","http://gemaco.com.ve/js/file/coc.exe","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/123364/"
@@ -17900,7 +18451,7 @@
 "123350","2019-02-13 10:58:05","http://212.47.233.25/wordpress/wp-content/RWACHN5834441/gescanntes-Dokument/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123350/"
 "123349","2019-02-13 10:54:05","http://orionmarketing.ru/En/corporation/Copy_Invoice/WuRwl-HAJ90_xRTt-zpk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123349/"
 "123348","2019-02-13 10:53:03","http://176.32.32.140/ZZJHJIWWHC4541074/GER/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123348/"
-"123347","2019-02-13 10:50:02","http://139.59.130.73/KAAECAW0228023/DE/Zahlung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123347/"
+"123347","2019-02-13 10:50:02","http://139.59.130.73/KAAECAW0228023/DE/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123347/"
 "123346","2019-02-13 10:49:01","http://aulsystem.com/US_us/scan/Inv/bGyh-QnW_WLBwUcNkh-PZ/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123346/"
 "123345","2019-02-13 10:45:03","http://beta.compspb.ru/De_de/FFIZUMLUCI4809632/Dokumente/DETAILS/","offline","malware_download","None","https://urlhaus.abuse.ch/url/123345/"
 "123344","2019-02-13 10:44:04","http://18.188.113.212/En/scan/iQxC-0G_L-JA/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123344/"
@@ -18066,7 +18617,7 @@
 "123154","2019-02-13 09:17:03","http://www.cbmagency.com/company/1595560/FnAI-nC5_lDgvO-REl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123154/"
 "123153","2019-02-13 09:15:03","http://camsexsnol.nl/De/OKUGFJDBVU7012434/gescanntes-Dokument/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123153/"
 "123152","2019-02-13 09:13:09","http://hourofcode.cn/ckYQ-swPJ_dJ-qf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/123152/"
-"123151","2019-02-13 09:12:12","http://nguyendachung.com/wp-includes/baxKC0aEHBtA_Hhay4/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/123151/"
+"123151","2019-02-13 09:12:12","http://nguyendachung.com/wp-includes/baxKC0aEHBtA_Hhay4/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/123151/"
 "123150","2019-02-13 09:12:10","http://midwestfoods.com/wp-content/odbfx8yt_5yvdgPL6/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/123150/"
 "123149","2019-02-13 09:12:08","http://happyfishcompany.com/2vqObycriG/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/123149/"
 "123148","2019-02-13 09:12:04","http://parsinstore.com/alYc5u7PCe_w/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/123148/"
@@ -18188,7 +18739,7 @@
 "123032","2019-02-13 06:36:03","http://bcexsupport.online/crypto.scr","offline","malware_download","dark comet,rat","https://urlhaus.abuse.ch/url/123032/"
 "123031","2019-02-13 06:32:03","http://46.29.163.77/earyzq","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123031/"
 "123030","2019-02-13 06:32:02","http://46.101.226.29/nut","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123030/"
-"123029","2019-02-13 06:31:06","http://senital.co.uk/templates/a4joomla-ocean-free/js/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/123029/"
+"123029","2019-02-13 06:31:06","http://senital.co.uk/templates/a4joomla-ocean-free/js/messg.jpg","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/123029/"
 "123028","2019-02-13 06:31:04","http://doktech.cba.pl/includes/Archive/messg.jpg","offline","malware_download","compressed,exe,javascript,payload,Ransomware,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/123028/"
 "123027","2019-02-13 06:31:03","http://kameyacat.ru/webstat/slavneft.zakaz.zip","online","malware_download","compressed,exe,javascript,payload,Ransomware,stage1,stage2,Troldesh,zip","https://urlhaus.abuse.ch/url/123027/"
 "123026","2019-02-13 06:30:04","http://46.101.226.29/sh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/123026/"
@@ -18694,7 +19245,7 @@
 "122526","2019-02-12 14:54:25","http://lipraco.cz/templates/lipraco/css/messg.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/122526/"
 "122525","2019-02-12 14:52:14","http://hinterwaldfest.com/4Y1.exe","online","malware_download","exe,zeus","https://urlhaus.abuse.ch/url/122525/"
 "122524","2019-02-12 14:51:03","http://realdealhouse.eu/HAY/OSE.exe","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/122524/"
-"122523","2019-02-12 14:46:16","http://p2.lingpao8.com/Dragoon/20150711_5L.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/122523/"
+"122523","2019-02-12 14:46:16","http://p2.lingpao8.com/Dragoon/20150711_5L.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/122523/"
 "122522","2019-02-12 14:43:05","http://bkkbubblebar.com/trust.accounts.send.net/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122522/"
 "122521","2019-02-12 14:38:08","http://monkeyinferno.net/seledka.exe","online","malware_download","GandCrab,Ransomware","https://urlhaus.abuse.ch/url/122521/"
 "122520","2019-02-12 14:33:06","http://dev.go.bookingrobin.com/US/hIPYq-zTm_ZrflKdXwr-7s/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122520/"
@@ -19057,7 +19608,7 @@
 "122140","2019-02-12 01:11:20","http://afshari.yazdvip.ir/verif.myacc.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122140/"
 "122138","2019-02-12 01:11:17","http://adbord.com/css/sec.accs.send.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122138/"
 "122139","2019-02-12 01:11:17","https://secure.accounts.resourses.com/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/122139/"
-"122137","2019-02-12 01:11:14","http://bachhoatructuyen.com.vn/trust.accs.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122137/"
+"122137","2019-02-12 01:11:14","http://bachhoatructuyen.com.vn/trust.accs.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122137/"
 "122136","2019-02-12 01:11:11","http://ortotomsk.ru/trust.accs.docs.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122136/"
 "122135","2019-02-12 01:11:09","http://demo.pifasoft.cn/trust.myaccount.send.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122135/"
 "122134","2019-02-12 01:11:03","http://angullar.com.br/trust.myacc.docs.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122134/"
@@ -19131,7 +19682,7 @@
 "122066","2019-02-11 22:22:04","http://emae26.ru/sec.accs.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122066/"
 "122065","2019-02-11 22:20:04","http://noithatshop.vn/En_us/corporation/04378129/baVj-GT2gt_lRS-YX/","offline","malware_download","None","https://urlhaus.abuse.ch/url/122065/"
 "122064","2019-02-11 22:15:03","http://nightonline.ru/images/scan/tScs-t0_T-P7N/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122064/"
-"122063","2019-02-11 22:11:06","http://3.dohodtut.ru/En/86756718/xcwcO-tzz6_fGPD-h9c/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122063/"
+"122063","2019-02-11 22:11:06","http://3.dohodtut.ru/En/86756718/xcwcO-tzz6_fGPD-h9c/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122063/"
 "122062","2019-02-11 22:08:08","http://xn--90aeb9ae9a.xn--p1ai/En_us/company/86292351/tppR-Ssdb_SxULZKP-76/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122062/"
 "122061","2019-02-11 22:07:04","http://ds415p.com/@eaDir/En/company/Inv/GYqLj-d1_iLh-0kp/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/122061/"
 "122060","2019-02-11 22:04:31","http://www.mardaschaves.com.br/trust.accs.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/122060/"
@@ -19147,7 +19698,7 @@
 "122050","2019-02-11 21:50:05","http://jaspinformatica.com/qlpN-ih_jedKZH-Lf/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122050/"
 "122049","2019-02-11 21:47:31","http://lacledudestin.fr/llc/New_invoice/YvZWZ-4myR_URIud-Mj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122049/"
 "122048","2019-02-11 21:41:04","http://mechanicsthatcometoyou.com/US/Invoice/pSuh-S6pH_O-LFB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122048/"
-"122047","2019-02-11 21:37:07","http://fwpanels.com/US_us/Inv/66003684747228/DYmql-cT_UAJ-Ta5/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122047/"
+"122047","2019-02-11 21:37:07","http://fwpanels.com/US_us/Inv/66003684747228/DYmql-cT_UAJ-Ta5/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/122047/"
 "122046","2019-02-11 21:31:48","http://orderauto.es/OVERDUE-ACCOUNT/Invoice-06-25-18","offline","malware_download","doc","https://urlhaus.abuse.ch/url/122046/"
 "122045","2019-02-11 21:31:47","https://f.coka.la/JUofn2.jpg","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/122045/"
 "122044","2019-02-11 21:31:46","https://f.coka.la/yh8em2.pdf","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/122044/"
@@ -19225,7 +19776,7 @@
 "121972","2019-02-11 20:56:08","http://114.34.129.103/trust.accs.docs.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121972/"
 "121971","2019-02-11 20:56:05","http://104.211.226.28/secure.myacc.send.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121971/"
 "121970","2019-02-11 20:56:04","http://35.193.106.214/wordpress/wp-content/En_us/download/Invoice_number/LsPHz-QZw_sT-x7/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121970/"
-"121969","2019-02-11 20:56:02","http://188.192.104.226/wordpress/US_us/corporation/New_invoice/RVzv-BRhZ_cdjkq-9E/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121969/"
+"121969","2019-02-11 20:56:02","http://188.192.104.226/wordpress/US_us/corporation/New_invoice/RVzv-BRhZ_cdjkq-9E/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121969/"
 "121968","2019-02-11 20:54:03","http://mpo.firstideasolutions.in/fAdqt-eXyR_iI-Nr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121968/"
 "121967","2019-02-11 20:50:05","http://livrocolapso.com.br/27500173682/VgYx-XHoe_oJkoY-syL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121967/"
 "121966","2019-02-11 20:49:15","https://a.coka.la/IBKK7b.jpg","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/121966/"
@@ -19284,7 +19835,7 @@
 "121913","2019-02-11 20:26:12","http://htnieuw.hazenbergtimmerwerken.nl/secure.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121913/"
 "121912","2019-02-11 20:26:09","http://dwdsystem.home.pl/css/secure.accounts.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121912/"
 "121911","2019-02-11 20:26:05","http://costaricalawfirm.com/sec.accounts.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121911/"
-"121910","2019-02-11 20:25:07","http://liketop.tk/En_us/company/Invoice/BQmyd-d9RPL_gl-vyM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121910/"
+"121910","2019-02-11 20:25:07","http://liketop.tk/En_us/company/Invoice/BQmyd-d9RPL_gl-vyM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121910/"
 "121909","2019-02-11 20:20:12","http://khzwl.ir/US/Inv/NNnML-VGRZ2_FV-P7E/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121909/"
 "121908","2019-02-11 20:16:08","http://filtragem.mine.nu/Tribunan4689774.rar","offline","malware_download","zip","https://urlhaus.abuse.ch/url/121908/"
 "121907","2019-02-11 20:16:07","http://filtragem.mine.nu/CHUST45545654.rar","offline","malware_download","zip","https://urlhaus.abuse.ch/url/121907/"
@@ -19316,11 +19867,11 @@
 "121881","2019-02-11 19:29:09","http://okna-lik.kz/wp-content/uploads/sec.myaccount.send.biz/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121881/"
 "121880","2019-02-11 19:29:07","http://libertycastle.com.pk/sec.myaccount.resourses.net/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121880/"
 "121879","2019-02-11 19:29:04","http://kicksonfire.xyz/verif.accounts.resourses.com/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121879/"
-"121878","2019-02-11 19:29:02","http://dentistmomma.com/sec.accounts.resourses.com/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121878/"
+"121878","2019-02-11 19:29:02","http://dentistmomma.com/sec.accounts.resourses.com/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121878/"
 "121877","2019-02-11 19:29:01","http://220.230.116.97/sec.accounts.docs.net/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121877/"
 "121875","2019-02-11 19:28:58","http://hcforklift-eg.com/CuxN_oo-mrPGKMPXb/S2/Documents/022019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121875/"
-"121872","2019-02-11 19:28:54","http://35.190.186.53/EN_en/doc/Copy_Invoice/Nebk-gt3_ZZV-Ok/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121872/"
-"121870","2019-02-11 19:28:53","http://13.233.31.203/En_us/corporation/Invoice_number/FcgF-sTeGi_PbAm-l0/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121870/"
+"121872","2019-02-11 19:28:54","http://35.190.186.53/EN_en/doc/Copy_Invoice/Nebk-gt3_ZZV-Ok/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121872/"
+"121870","2019-02-11 19:28:53","http://13.233.31.203/En_us/corporation/Invoice_number/FcgF-sTeGi_PbAm-l0/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121870/"
 "121869","2019-02-11 19:28:51","http://207.154.241.24/En/llc/New_invoice/ObLFM-Nl5X9_Ix-r1/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121869/"
 "121868","2019-02-11 19:28:50","http://inhouse.fitser.com/BigImageAustralia/html/verif.accs.send.net/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121868/"
 "121867","2019-02-11 19:28:48","http://13.233.16.248/En_us/corporation/New_invoice/HyXZg-Yml_GDzUPhvMI-0X/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/121867/"
@@ -19332,9 +19883,9 @@
 "121858","2019-02-11 19:21:06","http://davieshall.ilovesurreybc.ca/document/Invoice_Notice/NWJM-Y5eC_tKcB-iHI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121858/"
 "121857","2019-02-11 19:17:06","http://danceacademyvolos.gr/US/scan/zvLFs-xT_r-RG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121857/"
 "121856","2019-02-11 19:12:12","http://jiodiscount.com/US_us/doc/Invoice/umtP-mURI5_hHuYA-LeM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121856/"
-"121855","2019-02-11 19:12:10","http://159.65.147.40/info/iUQY-5T_DXgr-a8s/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121855/"
-"121854","2019-02-11 19:12:08","http://104.198.73.104/En_us/Invoice_Notice/tLUhB-5w3_UmSk-WmN/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121854/"
-"121853","2019-02-11 19:12:07","http://82.253.156.136/wordpress/document/Invoice_Notice/bcAiU-CY33H_AyuNvJW-ua/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121853/"
+"121855","2019-02-11 19:12:10","http://159.65.147.40/info/iUQY-5T_DXgr-a8s/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121855/"
+"121854","2019-02-11 19:12:08","http://104.198.73.104/En_us/Invoice_Notice/tLUhB-5w3_UmSk-WmN/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121854/"
+"121853","2019-02-11 19:12:07","http://82.253.156.136/wordpress/document/Invoice_Notice/bcAiU-CY33H_AyuNvJW-ua/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121853/"
 "121852","2019-02-11 19:12:04","http://94.177.233.190/wp/US/info/Invoice_Notice/3027157/EHLwm-zES_OWAjyir-lO/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121852/"
 "121851","2019-02-11 19:12:03","http://52.236.174.152/doc/New_invoice/OwcFW-cQVA_RD-lXj/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121851/"
 "121850","2019-02-11 19:12:02","http://54.38.35.144/US_us/llc/BRBk-OHo0r_GrEJNw-lH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121850/"
@@ -19344,7 +19895,7 @@
 "121846","2019-02-11 19:05:16","http://52.205.176.136/verif.accounts.docs.com/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121846/"
 "121845","2019-02-11 19:05:15","http://54.202.85.204/trust.accs.docs.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121845/"
 "121844","2019-02-11 19:05:13","http://rubylux.vn/secure.accounts.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121844/"
-"121843","2019-02-11 19:05:10","http://119.254.12.142/En/llc/UjBO-7i5MH_rh-hch/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121843/"
+"121843","2019-02-11 19:05:10","http://119.254.12.142/En/llc/UjBO-7i5MH_rh-hch/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121843/"
 "121842","2019-02-11 19:05:05","http://211.20.204.164/EN_en/document/Invoice/lXKc-EXZ_YnnTIO-1pt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121842/"
 "121841","2019-02-11 19:04:55","http://141.136.47.32/c5pNnVVa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121841/"
 "121840","2019-02-11 19:04:53","http://190.164.186.104/PNNakLQ9C/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121840/"
@@ -19372,7 +19923,7 @@
 "121818","2019-02-11 18:52:05","http://carpediemdiamond.com/verif.accounts.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121818/"
 "121817","2019-02-11 18:50:07","http://mswnetworks.nl/En/info/Invoice/dWax-sV0_DjQksCeOP-mRl/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121817/"
 "121816","2019-02-11 18:46:06","http://madrastrends.com/EN_en/scan/VBbW-YgV1_FlHNc-Ka/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121816/"
-"121815","2019-02-11 18:43:04","http://hifucancertreatment.com/wp-content/uploads/EN_en/scan/waVr-0A_mVwcJ-SBz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121815/"
+"121815","2019-02-11 18:43:04","http://hifucancertreatment.com/wp-content/uploads/EN_en/scan/waVr-0A_mVwcJ-SBz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121815/"
 "121814","2019-02-11 18:33:17","http://35.154.50.228/sec.myaccount.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121814/"
 "121813","2019-02-11 18:33:15","http://52.202.101.89/trust.accounts.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121813/"
 "121812","2019-02-11 18:32:44","http://vieclam.f5mobile.vn/med.microsoft.net/api/drm/ZPnmc58dAzsXuB/ZPnmc58dAzsXuB/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121812/"
@@ -19380,13 +19931,13 @@
 "121810","2019-02-11 18:32:32","http://edax.com.pl/verif.myacc.resourses.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121810/"
 "121809","2019-02-11 18:32:29","http://bornkickers.kounterdev.com/wp-content/uploads/secure.myacc.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121809/"
 "121808","2019-02-11 18:32:25","http://84.28.185.76/wordpress/verif.accounts.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121808/"
-"121807","2019-02-11 18:32:21","http://160.16.198.220/sec.accounts.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121807/"
+"121807","2019-02-11 18:32:21","http://160.16.198.220/sec.accounts.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121807/"
 "121806","2019-02-11 18:32:17","http://103.11.22.51/wp-content/uploads/trust.accs.send.biz/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/121806/"
 "121805","2019-02-11 18:32:15","http://104.155.134.95/verif.myacc.docs.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121805/"
 "121804","2019-02-11 18:32:12","http://95.177.143.55/wp-content/sec.myacc.docs.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121804/"
 "121803","2019-02-11 18:32:10","http://18.222.169.76/verif.myaccount.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121803/"
 "121802","2019-02-11 18:32:07","http://ec2-18-218-56-72.us-east-2.compute.amazonaws.com/wp-content/secure.myacc.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121802/"
-"121801","2019-02-11 18:32:05","http://37.139.27.218/sec.accs.resourses.net///","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121801/"
+"121801","2019-02-11 18:32:05","http://37.139.27.218/sec.accs.resourses.net///","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121801/"
 "121800","2019-02-11 18:03:05","https://www.dropbox.com/s/dl/3anvvlpcrt4f7af/joddd.jpg?dl=1","offline","malware_download","exe,payload,rat,revenge,RevengeRAT","https://urlhaus.abuse.ch/url/121800/"
 "121799","2019-02-11 18:00:09","http://alfaelegancedesign.ro/US/scan/New_invoice/2395250479/IKSi-iG40_eGodEyK-6jC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121799/"
 "121798","2019-02-11 17:45:05","http://asztar.pl/templates/theme1627/css/messg.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/121798/"
@@ -19402,7 +19953,7 @@
 "121788","2019-02-11 17:23:20","http://adsdemo.techflirt.com/info/Inv/42931369754/hvJbI-MOe_mc-B4Q/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121788/"
 "121787","2019-02-11 17:23:13","http://abiataltib.ml/download/Invoice_number/fTvp-N8mZ_rD-PM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121787/"
 "121786","2019-02-11 17:23:07","http://66.42.78.2/En_us/CneA-P3sTk_OsvoGAV-kC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121786/"
-"121785","2019-02-11 17:22:05","http://54.250.159.171/En_us/2446830/NqWP-TQObp_cgfZBBxnl-NP/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121785/"
+"121785","2019-02-11 17:22:05","http://54.250.159.171/En_us/2446830/NqWP-TQObp_cgfZBBxnl-NP/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121785/"
 "121784","2019-02-11 17:22:01","http://54.153.245.124/En_us/Copy_Invoice/YhNNA-ZeEBY_ek-JfG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121784/"
 "121783","2019-02-11 17:21:31","http://52.63.71.120/US_us/corporation/Invoice_number/45951863/OtwFS-R2FA_ZrXS-v72/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121783/"
 "121782","2019-02-11 17:21:00","http://52.63.119.3/En_us/doc/Invoice_Notice/1095987397054/IIPw-Eoa_M-au9/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121782/"
@@ -19418,7 +19969,7 @@
 "121772","2019-02-11 17:20:07","http://73.114.227.141/verif.accs.docs.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121772/"
 "121771","2019-02-11 17:20:05","http://54.234.174.153/sec.accs.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121771/"
 "121770","2019-02-11 17:20:04","http://51.77.192.138/sec.myaccount.resourses.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121770/"
-"121769","2019-02-11 17:20:03","http://188.131.164.117/trust.myacc.resourses.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121769/"
+"121769","2019-02-11 17:20:03","http://188.131.164.117/trust.myacc.resourses.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121769/"
 "121768","2019-02-11 17:19:04","https://www.dropbox.com/s/dl/6z3d23myuzzzvfm/Sign%20Sales%20Contract%20of%20PI=-98476YT.Pdf.z?dl=1","offline","malware_download","compressed,NanoCore,payload,rat,scr","https://urlhaus.abuse.ch/url/121768/"
 "121767","2019-02-11 17:15:03","http://162.243.254.239/quoteandbuy/EN_en/scan/kgsnn-f3J_CVs-RJ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121767/"
 "121766","2019-02-11 17:14:04","https://www.dropbox.com/s/dl/5hbg8emruhdg3mv/ShippingDocuments_201859.docx.z?dl=1","offline","malware_download","compressed,NanoCore,payload,rat,scr","https://urlhaus.abuse.ch/url/121766/"
@@ -19432,20 +19983,20 @@
 "121758","2019-02-11 16:14:06","https://www.beautymakeup.ca/byc.png","offline","malware_download","AgentTesla,exe,hta,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121758/"
 "121757","2019-02-11 15:58:02","http://35.176.197.139/KqrEF-qna_v-ehL/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121757/"
 "121756","2019-02-11 15:55:06","http://46.101.52.174/secure.accs.send.com/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121756/"
-"121755","2019-02-11 15:55:05","http://206.189.154.46/secure.accs.resourses.biz/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121755/"
+"121755","2019-02-11 15:55:05","http://206.189.154.46/secure.accs.resourses.biz/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121755/"
 "121754","2019-02-11 15:55:04","http://www.dropbox.com/s/xfja85riokvg9xk/ORDER%20LIST.ace?dl=1","online","malware_download","ace,compressed,payload","https://urlhaus.abuse.ch/url/121754/"
 "121753","2019-02-11 15:54:32","http://18.184.16.5/EN_en/company/Invoice_number/34128416/Fdjmu-NQuzD_srNbU-G2p/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121753/"
 "121752","2019-02-11 15:50:06","http://94.177.233.190/wp/US/info/Invoice_Notice/3027157/EHLwm-zES_OWAjyir-lO//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121752/"
 "121751","2019-02-11 15:45:07","http://52.196.225.91/wordpress/US_us/document/aTUC-RQb_nAQiekDLJ-wbj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121751/"
 "121750","2019-02-11 15:40:05","http://34.201.148.147/download/Inv/rwUu-GoD8Y_YsGNacwnq-Wi1/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121750/"
-"121749","2019-02-11 15:39:14","http://3.92.174.100/FV5nbvVP/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121749/"
+"121749","2019-02-11 15:39:14","http://3.92.174.100/FV5nbvVP/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121749/"
 "121748","2019-02-11 15:39:13","http://204.27.61.244/GWrMNkk/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121748/"
 "121747","2019-02-11 15:39:06","http://160.20.145.103/sfcdcCBM/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121747/"
 "121746","2019-02-11 15:39:03","http://40.69.23.131/8oyfkox0mn/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121746/"
 "121745","2019-02-11 15:39:02","http://31.131.24.153/eYXaJRMd/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121745/"
-"121744","2019-02-11 15:37:48","http://128.199.207.179/d6JEQSR1V2hkqXqT1/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121744/"
+"121744","2019-02-11 15:37:48","http://128.199.207.179/d6JEQSR1V2hkqXqT1/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121744/"
 "121743","2019-02-11 15:37:46","http://178.236.210.22/tKMrxvGkHP/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121743/"
-"121742","2019-02-11 15:37:45","http://118.25.176.38/bmNCKBx/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121742/"
+"121742","2019-02-11 15:37:45","http://118.25.176.38/bmNCKBx/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121742/"
 "121741","2019-02-11 15:37:39","http://178.159.38.201/wcbrQ8LRfb_7pKaOP9z/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121741/"
 "121740","2019-02-11 15:37:38","http://104.198.17.119/h0Ya3P8r0O_cG/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121740/"
 "121739","2019-02-11 15:36:32","http://54.167.192.134/AwafJ-uSkG_fPlXdovJx-icC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121739/"
@@ -19455,8 +20006,8 @@
 "121735","2019-02-11 15:27:20","http://hopi.hopto.org/trust.accounts.docs.biz/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121735/"
 "121734","2019-02-11 15:27:19","http://23.235.202.43/secure.myacc.resourses.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121734/"
 "121733","2019-02-11 15:27:17","http://13.112.69.225/wp-content/verif.myaccount.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121733/"
-"121732","2019-02-11 15:27:15","http://37.139.27.218/sec.accs.resourses.net/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121732/"
-"121731","2019-02-11 15:27:14","http://159.89.153.180/trust.myaccount.send.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121731/"
+"121732","2019-02-11 15:27:15","http://37.139.27.218/sec.accs.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121732/"
+"121731","2019-02-11 15:27:14","http://159.89.153.180/trust.myaccount.send.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121731/"
 "121730","2019-02-11 15:27:13","http://178.128.54.239/sec.accs.docs.com/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121730/"
 "121729","2019-02-11 15:27:11","http://18.218.56.72/wp-content/secure.myacc.send.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121729/"
 "121728","2019-02-11 15:27:10","http://13.233.22.226/trust.accounts.docs.com/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121728/"
@@ -19464,26 +20015,26 @@
 "121726","2019-02-11 15:27:07","http://18.223.125.61/secure.accs.resourses.net/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121726/"
 "121725","2019-02-11 15:27:05","http://prowidor.com/KY5VHstRW/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121725/"
 "121724","2019-02-11 15:27:04","http://34.220.101.62/lbnc-u6oJR_H-Bv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121724/"
-"121723","2019-02-11 15:24:03","http://35.232.73.116/doc/zzwd-Wja0_fJkVYk-J6/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121723/"
+"121723","2019-02-11 15:24:03","http://35.232.73.116/doc/zzwd-Wja0_fJkVYk-J6/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121723/"
 "121722","2019-02-11 15:23:35","http://produccion.sanmartindelosandes.gov.ar/wp-content/uploads/En/download/Copy_Invoice/Ihpyw-WoX_N-lRv/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121722/"
 "121721","2019-02-11 15:23:32","http://13.239.63.5/company/Invoice/MItGR-BX_YOeO-dF/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121721/"
-"121720","2019-02-11 15:20:04","http://35.190.186.53/EN_en/doc/Copy_Invoice/Nebk-gt3_ZZV-Ok//","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121720/"
+"121720","2019-02-11 15:20:04","http://35.190.186.53/EN_en/doc/Copy_Invoice/Nebk-gt3_ZZV-Ok//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121720/"
 "121719","2019-02-11 15:18:07","http://produccion.sanmartindelosandes.gov.ar/wp-content/uploads/En/download/Copy_Invoice/Ihpyw-WoX_N-lRv//","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121719/"
 "121718","2019-02-11 15:17:06","http://35.202.250.4/document/Invoice_Notice/pnDo-aHDN_HzaHfarw-RWS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121718/"
-"121717","2019-02-11 15:13:10","http://139.59.182.250/En_us/doc/921630112996/rgbuP-SSFaG_aL-Mz/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121717/"
+"121717","2019-02-11 15:13:10","http://139.59.182.250/En_us/doc/921630112996/rgbuP-SSFaG_aL-Mz/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121717/"
 "121716","2019-02-11 15:13:06","http://www.anvd.ne/wp-content/corporation/UwlGE-b50Lg_Kv-lj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121716/"
 "121715","2019-02-11 15:10:32","http://34.242.190.144/EN_en/download/Invoice_number/vHScR-n1_PNvfJN-qJs/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121715/"
-"121714","2019-02-11 15:09:12","http://207.154.223.104/ooDtybmXDTDVP_Iv/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121714/"
-"121713","2019-02-11 15:09:11","http://138.197.72.9/vRoDcTOZS_qq4qSrbs/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121713/"
+"121714","2019-02-11 15:09:12","http://207.154.223.104/ooDtybmXDTDVP_Iv/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121714/"
+"121713","2019-02-11 15:09:11","http://138.197.72.9/vRoDcTOZS_qq4qSrbs/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121713/"
 "121712","2019-02-11 15:09:09","http://13.126.61.11/TTLDQc4Su4n/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121712/"
 "121711","2019-02-11 15:09:08","http://139.59.64.173/hSQpezoBAp/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121711/"
 "121710","2019-02-11 15:09:06","http://13.126.61.22/ZersFqNzy4Dr/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121710/"
 "121709","2019-02-11 15:09:02","http://3.120.147.8/info/gLfY-53_Rjy-2Ms/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121709/"
 "121708","2019-02-11 15:07:03","http://158.69.135.116/scan/VGIy-LJJq_rtJTwGJ-loZ/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121708/"
 "121707","2019-02-11 15:05:15","http://34.243.4.98/document/Inv/whfgV-T5_OhosR-KjB/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121707/"
-"121706","2019-02-11 15:03:05","http://13.251.184.56/EN_en/scan/Invoice_number/MAAB-ZMd_n-3p4/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121706/"
+"121706","2019-02-11 15:03:05","http://13.251.184.56/EN_en/scan/Invoice_number/MAAB-ZMd_n-3p4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121706/"
 "121705","2019-02-11 15:00:10","http://207.148.31.160/doc/Invoice_Notice/xJkcH-pXzw_ikv-yP/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/121705/"
-"121704","2019-02-11 15:00:08","http://159.65.146.232/secure.myacc.send.net/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121704/"
+"121704","2019-02-11 15:00:08","http://159.65.146.232/secure.myacc.send.net/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121704/"
 "121703","2019-02-11 15:00:07","http://139.180.213.48/En/company/MLSD-5n8_NW-aGk/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121703/"
 "121702","2019-02-11 15:00:04","http://35.204.88.6/EN_en/llc/Inv/pGzEf-am_UQMBer-Wx/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121702/"
 "121701","2019-02-11 14:57:27","http://103.254.86.219/rdfcrm/custom/history/corporation/New_invoice/006725110/VLnx-r1_hjVzvJ-yq/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121701/"
@@ -19492,14 +20043,14 @@
 "121698","2019-02-11 14:52:05","http://194.58.106.244/US_us/doc/DIpu-awo_KK-PS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121698/"
 "121697","2019-02-11 14:51:04","http://18.206.204.30/wp-content/uploads/US/doc/Copy_Invoice/RBRS-B2QR_nBbQqjB-4yt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121697/"
 "121696","2019-02-11 14:49:13","http://rexus.com.tr/wp-content/languages/plugins/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/121696/"
-"121695","2019-02-11 14:47:06","http://159.65.65.213/file/Ryzo-3h_qp-jAt/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121695/"
+"121695","2019-02-11 14:47:06","http://159.65.65.213/file/Ryzo-3h_qp-jAt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121695/"
 "121694","2019-02-11 14:46:06","http://18.223.20.43/US/llc/Copy_Invoice/202956035/wyZr-NIkXO_dEpTjku-0i/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121694/"
 "121693","2019-02-11 14:43:12","http://18.221.1.168/En_us/Inv/70722042/TxlW-3bBd_Azwqu-AXb/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121693/"
 "121692","2019-02-11 14:43:06","http://192.241.145.236/US/New_invoice/ZoRXj-H1k08_v-ty/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121692/"
 "121691","2019-02-11 14:42:52","http://handofdoom.org/wordpress/wp-content/plugins/ubh/Sysstem.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121691/"
 "121690","2019-02-11 14:42:12","http://5.188.231.206/uploads/orbit.mp4","offline","malware_download","Encoded,Gozi,JPN,Task","https://urlhaus.abuse.ch/url/121690/"
-"121689","2019-02-11 14:39:04","http://159.89.167.92/llc/New_invoice/57979132/ukUI-Avt_NXbMuPG-0I/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121689/"
-"121688","2019-02-11 14:37:05","http://13.233.173.191/wp-content/info/Invoice/JLnG-6hne_SExrbEPBf-C5G/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121688/"
+"121689","2019-02-11 14:39:04","http://159.89.167.92/llc/New_invoice/57979132/ukUI-Avt_NXbMuPG-0I/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121689/"
+"121688","2019-02-11 14:37:05","http://13.233.173.191/wp-content/info/Invoice/JLnG-6hne_SExrbEPBf-C5G/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121688/"
 "121687","2019-02-11 14:35:23","http://www.ydone.site:80/morningx/patrdoz.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121687/"
 "121686","2019-02-11 14:35:22","http://ydone.site:80/morningx/patrdoz.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121686/"
 "121684","2019-02-11 14:35:21","http://ydone.site:80/morningx/patdoz.png","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/121684/"
@@ -19524,7 +20075,7 @@
 "121666","2019-02-11 14:35:02","https://ydone.site:443/morningx/patrstag.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121666/"
 "121665","2019-02-11 14:34:02","http://18.130.106.226/US_us/company/Invoice/lKjq-lO53o_V-Ud/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121665/"
 "121664","2019-02-11 14:30:02","http://anapa-2013.ru/EN_en/Invoice_number/YXEJ-Ac_dmzpJpcC-B1/","offline","malware_download","None","https://urlhaus.abuse.ch/url/121664/"
-"121663","2019-02-11 14:27:03","http://128.199.172.4/US/Invoice_number/946924058146/omHD-D8Zh_S-xw/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121663/"
+"121663","2019-02-11 14:27:03","http://128.199.172.4/US/Invoice_number/946924058146/omHD-D8Zh_S-xw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121663/"
 "121662","2019-02-11 14:26:02","http://prosperity-student.co.uk/ml2NQffoMmyJs6J/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/121662/"
 "121661","2019-02-11 14:26:01","http://thales-las.cfdt-fgmm.fr/cgi-bin/maGRA8iYgDCPMG/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/121661/"
 "121660","2019-02-11 14:24:03","http://173.45.124.227/US/document/LMzly-2CWE_sGDVC-Xt/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121660/"
@@ -19555,7 +20106,7 @@
 "121635","2019-02-11 14:18:07","http://ydone.site/morningx/patrdoz.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121635/"
 "121634","2019-02-11 14:18:06","https://www.ydone.site/morningx/patrdoz.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121634/"
 "121633","2019-02-11 14:18:05","http://www.ydone.site/morningx/patrdoz.png","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/121633/"
-"121632","2019-02-11 14:18:03","http://128.199.187.124/trust.myacc.resourses.net/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121632/"
+"121632","2019-02-11 14:18:03","http://128.199.187.124/trust.myacc.resourses.net/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121632/"
 "121631","2019-02-11 14:17:06","http://185.244.25.200/earyzq","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/121631/"
 "121630","2019-02-11 14:17:04","http://185.244.25.200/qvmxvl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/121630/"
 "121629","2019-02-11 14:16:05","http://185.244.25.200/vvglma","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/121629/"
@@ -19572,7 +20123,7 @@
 "121617","2019-02-11 13:48:04","https://lithi.io/file/6cc96f.exe","offline","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121617/"
 "121616","2019-02-11 13:47:16","http://mskhistory.ru/sAZpJs8/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/121616/"
 "121615","2019-02-11 13:47:14","http://maxtraidingru.437.com1.ru/NaOnFCqNz/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121615/"
-"121614","2019-02-11 13:47:10","http://wordpress-219768-716732.cloudwaysapps.com/EcUKpEfiLX/","online","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121614/"
+"121614","2019-02-11 13:47:10","http://wordpress-219768-716732.cloudwaysapps.com/EcUKpEfiLX/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121614/"
 "121613","2019-02-11 13:47:08","http://altuntuval.com/n4jkQZWtK/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121613/"
 "121612","2019-02-11 13:47:05","http://www.prowidor.com/KY5VHstRW/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/121612/"
 "121611","2019-02-11 13:41:03","http://lithi.io/file/6cc96f.exe","offline","malware_download","doc,exe,Loader,payload,stage2","https://urlhaus.abuse.ch/url/121611/"
@@ -19621,13 +20172,13 @@
 "121568","2019-02-11 12:50:40","http://azs-service.victoria-makeup.kz/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121568/"
 "121567","2019-02-11 12:50:34","http://allopizzanuit.fr/mm.microsoft.ms/med/event/dNhfd4yt/dNhfd4yt/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121567/"
 "121566","2019-02-11 12:50:29","http://999.co.id/med.ms.net/med/event-uat/M1a22AL8NQdO/M1a22AL8NQdO/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/121566/"
-"121565","2019-02-11 12:50:27","http://81.56.198.200/Telekom/Rechnungen/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121565/"
+"121565","2019-02-11 12:50:27","http://81.56.198.200/Telekom/Rechnungen/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121565/"
 "121564","2019-02-11 12:50:21","http://67.209.114.215/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121564/"
 "121563","2019-02-11 12:50:17","http://54.165.253.1/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121563/"
 "121562","2019-02-11 12:50:12","http://52.89.55.218/wp-content/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121562/"
 "121561","2019-02-11 12:50:08","http://52.211.179.190/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121561/"
 "121560","2019-02-11 12:50:05","http://52.15.227.66/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121560/"
-"121559","2019-02-11 12:50:00","http://35.247.37.148/Telekom/Transaktion/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121559/"
+"121559","2019-02-11 12:50:00","http://35.247.37.148/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121559/"
 "121558","2019-02-11 12:49:58","http://35.200.161.87/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121558/"
 "121557","2019-02-11 12:49:52","http://35.196.135.186/wordpress/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121557/"
 "121556","2019-02-11 12:49:48","http://35.184.197.183/Telekom/Rechnung/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121556/"
@@ -19638,7 +20189,7 @@
 "121551","2019-02-11 12:49:33","http://1lorawicz.pl/plan/med.microsoft.net/agr/event-uat/gtDlnph6D/gtDlnph6D/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121551/"
 "121550","2019-02-11 12:49:29","http://18.188.113.212/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121550/"
 "121549","2019-02-11 12:49:22","http://178.62.213.188/Telekom/Rechnungen/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121549/"
-"121548","2019-02-11 12:49:18","http://159.65.83.246/Telekom/Transaktion/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121548/"
+"121548","2019-02-11 12:49:18","http://159.65.83.246/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121548/"
 "121547","2019-02-11 12:49:14","http://130.211.121.110/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121547/"
 "121546","2019-02-11 12:49:09","http://13.52.34.29/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121546/"
 "121545","2019-02-11 12:49:05","http://104.155.65.6/Telekom/Rechnung/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/121545/"
@@ -19651,7 +20202,7 @@
 "121538","2019-02-11 12:34:02","http://xn----dtbicbmcv0cdfeb.xn--p1ai/DE/UOIGXDS7797753/Rechnungs/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121538/"
 "121537","2019-02-11 12:30:04","http://port-vostochny.ru/Februar2019/TYPXGG4494638/gescanntes-Dokument/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121537/"
 "121536","2019-02-11 12:26:05","http://manhphu.xyz/DE_de/NKNFYK7660981/gescanntes-Dokument/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121536/"
-"121535","2019-02-11 12:22:03","http://barabooseniorhigh.com/De/PJCLEXQXV7099833/DE/Rechnungsanschrift/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121535/"
+"121535","2019-02-11 12:22:03","http://barabooseniorhigh.com/De/PJCLEXQXV7099833/DE/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121535/"
 "121534","2019-02-11 12:18:04","http://ablades.ru/de_DE/UNREEK1803477/Rechnung/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121534/"
 "121533","2019-02-11 12:16:06","http://roman.yava.tech:9000/putty.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121533/"
 "121532","2019-02-11 12:13:03","http://modernitiveconstruction.palab.info/DE_de/CBHSVLM4774839/Rechnung/DETAILS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121532/"
@@ -19674,9 +20225,9 @@
 "121515","2019-02-11 11:48:05","http://trandinhtuan.edu.vn/DE/SNDLABM5014270/DE/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121515/"
 "121514","2019-02-11 11:44:07","http://all4office.ba/de_DE/GYPYCONFA0209810/DE/Rechnungsanschrift/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121514/"
 "121513","2019-02-11 11:40:02","http://35.170.104.162/DE/PJXLIBNDUK7169850/Bestellungen/RECHNUNG/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121513/"
-"121512","2019-02-11 11:36:03","http://179.191.88.69/De/WVHQJHGVLK3054354/Rechnungs/RECH/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121512/"
+"121512","2019-02-11 11:36:03","http://179.191.88.69/De/WVHQJHGVLK3054354/Rechnungs/RECH/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121512/"
 "121511","2019-02-11 11:32:03","http://agemars.dev.kubeitalia.it/DE_de/REPPSOOF3613334/DE_de/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121511/"
-"121510","2019-02-11 11:27:03","http://85.171.136.37/@eaDir/Februar2019/RTDIFLHMQ2752834/Rechnungs-docs/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121510/"
+"121510","2019-02-11 11:27:03","http://85.171.136.37/@eaDir/Februar2019/RTDIFLHMQ2752834/Rechnungs-docs/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121510/"
 "121509","2019-02-11 11:26:14","http://185.220.33.209/bins/miraint.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/121509/"
 "121507","2019-02-11 11:26:13","http://185.220.33.209/bins/miraint.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/121507/"
 "121508","2019-02-11 11:26:13","http://185.220.33.209/bins/miraint.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/121508/"
@@ -19766,9 +20317,9 @@
 "121423","2019-02-11 10:32:03","http://34.242.220.49/DE/VJRCDGL1534972/DE_de/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121423/"
 "121422","2019-02-11 10:28:04","http://212.47.233.25/wordpress/wp-content/De/YTELMXMCAN5556140/Bestellungen/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121422/"
 "121421","2019-02-11 10:24:03","http://176.32.32.140/De/AFCXKM3339855/de/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121421/"
-"121420","2019-02-11 10:20:10","http://139.59.130.73/DE_de/QRPTYCKAS2952593/Bestellungen/Hilfestellung/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121420/"
+"121420","2019-02-11 10:20:10","http://139.59.130.73/DE_de/QRPTYCKAS2952593/Bestellungen/Hilfestellung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121420/"
 "121419","2019-02-11 10:16:05","http://kirstenborum.com/De_de/AQEZDTZY5928523/Bestellungen/RECH/","offline","malware_download","None","https://urlhaus.abuse.ch/url/121419/"
-"121418","2019-02-11 10:11:05","http://178.62.233.192/Februar2019/KMANGTNNIX4458863/Dokumente/FORM/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121418/"
+"121418","2019-02-11 10:11:05","http://178.62.233.192/Februar2019/KMANGTNNIX4458863/Dokumente/FORM/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121418/"
 "121417","2019-02-11 10:07:08","http://thefragrancefreeshop.com/de_DE/HKIJWU9413394/gescanntes-Dokument/Fakturierung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121417/"
 "121416","2019-02-11 10:03:02","http://plugelectro4you.com/de_DE/UMNJTDP6323223/DE_de/DOC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121416/"
 "121415","2019-02-11 09:59:09","http://185.22.152.122/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/121415/"
@@ -19785,10 +20336,10 @@
 "121404","2019-02-11 09:57:04","http://185.22.152.122/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/121404/"
 "121403","2019-02-11 09:56:01","http://namirest.ir/cgi-bin/QOBHBWHZ9443410/de/Fakturierung/","offline","malware_download","None","https://urlhaus.abuse.ch/url/121403/"
 "121402","2019-02-11 09:50:04","https://misophoniatreatment.com/Februar2019/JOQMQNSY7255255/Bestellungen/Rechnungszahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/121402/"
-"121400","2019-02-11 09:49:04","http://185.244.25.153/apache2","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121400/"
+"121400","2019-02-11 09:49:04","http://185.244.25.153/apache2","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121400/"
 "121401","2019-02-11 09:49:04","http://185.244.25.153/telnetd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121401/"
-"121399","2019-02-11 09:49:03","http://185.244.25.153/nut","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121399/"
-"121398","2019-02-11 09:48:11","http://185.244.25.153/sh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121398/"
+"121399","2019-02-11 09:49:03","http://185.244.25.153/nut","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121399/"
+"121398","2019-02-11 09:48:11","http://185.244.25.153/sh","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121398/"
 "121397","2019-02-11 09:48:10","http://185.244.25.153/m68k","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121397/"
 "121396","2019-02-11 09:48:09","http://185.244.25.153/i586","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121396/"
 "121395","2019-02-11 09:48:08","http://185.244.25.153/ppc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/121395/"
@@ -19874,7 +20425,7 @@
 "121315","2019-02-11 06:39:08","http://vektorex.com/source/Z/1205899.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/121315/"
 "121314","2019-02-11 06:39:06","http://vektorex.com/source/Z/9508137.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/121314/"
 "121313","2019-02-11 06:39:04","http://vektorex.com/source/Z/13020587.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/121313/"
-"121312","2019-02-11 06:38:04","http://friendsstarintl.com/order/po009w.png","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/121312/"
+"121312","2019-02-11 06:38:04","http://friendsstarintl.com/order/po009w.png","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/121312/"
 "121311","2019-02-11 06:34:06","http://despachopublicitario.com.mx/cele/builder.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121311/"
 "121310","2019-02-11 06:34:04","http://despachopublicitario.com.mx/cele/KeyGen_original.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/121310/"
 "121309","2019-02-11 06:21:03","http://www.aerveo.com/cartx/outputDB2007F.exe","offline","malware_download","exe,rat,RemcosRAT","https://urlhaus.abuse.ch/url/121309/"
@@ -19974,7 +20525,7 @@
 "121215","2019-02-10 23:30:13","http://godealweb.com/wp-admin/includes/SWIFT_Caixabanco_exportdocs.jar","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121215/"
 "121214","2019-02-10 23:16:15","http://www.dropbox.com/s/stcdk6rxruh0fvf/Wire%20Copy7849003.jar?dl=1","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121214/"
 "121213","2019-02-10 23:13:04","http://www.dropbox.com/s/eitircc3uaphbgi/Payment%20Advise_90002318849.jar?dl=1","offline","malware_download","Adwind,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121213/"
-"121212","2019-02-10 23:11:11","http://princetonsuppliers.co.uk/CredAdv_9346552.jar","online","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121212/"
+"121212","2019-02-10 23:11:11","http://princetonsuppliers.co.uk/CredAdv_9346552.jar","offline","malware_download","Adwind,jar,java,jSocket,payload,rat","https://urlhaus.abuse.ch/url/121212/"
 "121211","2019-02-10 23:09:08","http://www.unknown-soft.com/payments/qqqinvoice_70651.jar","offline","malware_download","Adwind,jar,java,jSocket,payload","https://urlhaus.abuse.ch/url/121211/"
 "121210","2019-02-10 23:09:07","http://www.unknown-soft.com/payments/invoice_70ww651.jar","offline","malware_download","Adwind,jar,java,jSocket,payload","https://urlhaus.abuse.ch/url/121210/"
 "121209","2019-02-10 23:09:06","http://www.unknown-soft.com/payments/invoice_70651www.jar","offline","malware_download","Adwind,jar,java,jSocket,payload","https://urlhaus.abuse.ch/url/121209/"
@@ -20523,8 +21074,8 @@
 "120664","2019-02-09 14:55:02","http://craftmartonline.com/Company-Invoices","offline","malware_download","doc","https://urlhaus.abuse.ch/url/120664/"
 "120663","2019-02-09 14:00:21","http://download.1ys.com/ys9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/120663/"
 "120662","2019-02-09 14:00:05","http://ryleco.com/wp-content/invoices-docs-06/28/2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/120662/"
-"120661","2019-02-09 13:14:05","http://time.awebsiteonline.com/emmm/eeeeee.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/120661/"
-"120660","2019-02-09 13:13:05","http://ffb.awebsiteonline.com/gcd.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/120660/"
+"120661","2019-02-09 13:14:05","http://time.awebsiteonline.com/emmm/eeeeee.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/120661/"
+"120660","2019-02-09 13:13:05","http://ffb.awebsiteonline.com/gcd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/120660/"
 "120659","2019-02-09 12:38:01","http://xn--b1afnmjcis3f.xn--p1ai/Service-Invoice","offline","malware_download","doc","https://urlhaus.abuse.ch/url/120659/"
 "120658","2019-02-09 12:33:08","http://hhind.co.kr/INTRA/ITEMS.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/120658/"
 "120657","2019-02-09 12:33:02","https://dhlexpressworldwide.box.com/shared/static/ae6veaknxz1wo4kkwd6r3wbdfkfvv80g.doc","offline","malware_download","zip","https://urlhaus.abuse.ch/url/120657/"
@@ -21184,7 +21735,7 @@
 "119988","2019-02-08 08:38:03","https://sub5.mambaddd4.ru/PredatorST/winminer/cryptedfile.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/119988/"
 "119987","2019-02-08 08:35:03","http://sub9.mambaddd4.ru/build_2019-02-04_23-19.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/119987/"
 "119986","2019-02-08 08:34:04","http://sub0.mambaddd4.ru/TheStalr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/119986/"
-"119985","2019-02-08 08:33:06","https://lotusconstructiontl.com/wp-content/uploads/crt.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/119985/"
+"119985","2019-02-08 08:33:06","https://lotusconstructiontl.com/wp-content/uploads/crt.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/119985/"
 "119984","2019-02-08 08:32:16","http://sub3.mambaddd4.ru/CrashedCar.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/119984/"
 "119983","2019-02-08 08:32:13","http://better-1win.com/1WinBetter_us.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/119983/"
 "119982","2019-02-08 08:31:10","http://sub7.mambaddd4.ru/DXOwdEpOSIixexqbZPHWJNEmIFX.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/119982/"
@@ -21196,23 +21747,23 @@
 "119976","2019-02-08 08:24:02","https://docs.google.com/uc?export=&id=1WvFJxDgobd1BWqBiutcOqwpiUj6wC3_Q","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119976/"
 "119975","2019-02-08 08:24:01","https://docs.google.com/uc?export=&id=1w1R_c9wg3z3r83Ff-LNMp-ixmNXxBdpL","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119975/"
 "119974","2019-02-08 08:23:59","https://docs.google.com/uc?export=&id=1TmYPo3YE3lUzaYN5w20MfYX6YaMp_UwY","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119974/"
-"119973","2019-02-08 08:23:58","https://docs.google.com/uc?export=&id=1SYsejolXobV64Rc4rklsz4IK9_2csiq5","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119973/"
-"119972","2019-02-08 08:23:57","https://docs.google.com/uc?export=&id=1sOmbFYwzacO6ksh9phgLtPtnS8ls5cS2","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119972/"
+"119973","2019-02-08 08:23:58","https://docs.google.com/uc?export=&id=1SYsejolXobV64Rc4rklsz4IK9_2csiq5","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119973/"
+"119972","2019-02-08 08:23:57","https://docs.google.com/uc?export=&id=1sOmbFYwzacO6ksh9phgLtPtnS8ls5cS2","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119972/"
 "119971","2019-02-08 08:23:55","https://docs.google.com/uc?export=&id=1RJe46hywJ5y581vef13ipXUOnj1m8DKm","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119971/"
 "119970","2019-02-08 08:23:54","https://docs.google.com/uc?export=&id=1oaofepPwcwtcQLRSwSXkzGm563A9p1ja","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119970/"
 "119969","2019-02-08 08:23:52","https://docs.google.com/uc?export=&id=1NPgY2Op3kPNjv60pbfAQ_zdmb7RVZnuG","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119969/"
 "119968","2019-02-08 08:23:51","https://docs.google.com/uc?export=&id=1kk6FzeAFH2ISLcxQ4OYPRPRNHsMCYeZw","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119968/"
-"119967","2019-02-08 08:23:49","https://docs.google.com/uc?export=&id=1jYXSlIlTQwiJlUSigRsn8f0xl_rbrVLb","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119967/"
-"119966","2019-02-08 08:23:48","https://docs.google.com/uc?export=&id=1jRItcnp4neS59fOyJFYBGFxJCP2uNMvQ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119966/"
+"119967","2019-02-08 08:23:49","https://docs.google.com/uc?export=&id=1jYXSlIlTQwiJlUSigRsn8f0xl_rbrVLb","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119967/"
+"119966","2019-02-08 08:23:48","https://docs.google.com/uc?export=&id=1jRItcnp4neS59fOyJFYBGFxJCP2uNMvQ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119966/"
 "119965","2019-02-08 08:23:46","https://docs.google.com/uc?export=&id=1j3uS2pkT1upWmAo6o_ICQd6kgAizdtva","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119965/"
-"119964","2019-02-08 08:23:16","https://docs.google.com/uc?export=&id=1fRvg4YvDGXn9XlxSM-P18Q025oAGeIt9","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119964/"
+"119964","2019-02-08 08:23:16","https://docs.google.com/uc?export=&id=1fRvg4YvDGXn9XlxSM-P18Q025oAGeIt9","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119964/"
 "119963","2019-02-08 08:23:14","https://docs.google.com/uc?export=&id=1FmvO1GDj1Hhri-icUOgrTM2xQ1A5j4r2","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119963/"
 "119962","2019-02-08 08:23:13","https://docs.google.com/uc?export=&id=1FfZ73oe8B0P503xOL57H3k_X9qdKacAL","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119962/"
-"119961","2019-02-08 08:23:12","https://docs.google.com/uc?export=&id=1eMBaWp_isvH_wp2u4HJ9qg1ZLfrVVzg4","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119961/"
+"119961","2019-02-08 08:23:12","https://docs.google.com/uc?export=&id=1eMBaWp_isvH_wp2u4HJ9qg1ZLfrVVzg4","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119961/"
 "119960","2019-02-08 08:23:10","https://docs.google.com/uc?export=&id=1D1nwUc5GAC8_a5ZU879FXJitlDWQMNie","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119960/"
 "119959","2019-02-08 08:23:08","https://docs.google.com/uc?export=&id=1bEsYM_0_KJ8fYxfsUdToTQBls91GFyQO","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119959/"
 "119958","2019-02-08 08:23:07","https://docs.google.com/uc?export=&id=1aZ88AncMIhKMlKMXxepmvV5zusqTdX0Z","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119958/"
-"119957","2019-02-08 08:23:04","https://docs.google.com/uc?export=&id=1AdZklNdErUVKieHIj_17M4KA71fYFUgY","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119957/"
+"119957","2019-02-08 08:23:04","https://docs.google.com/uc?export=&id=1AdZklNdErUVKieHIj_17M4KA71fYFUgY","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119957/"
 "119956","2019-02-08 08:23:03","https://docs.google.com/uc?export=&id=1_l0iB7LGB-fWqToAazhfueLkiDWlGEXs","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119956/"
 "119955","2019-02-08 07:48:11","http://firemaplegames.com/NNtM6qj4fa/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119955/"
 "119954","2019-02-08 07:48:10","http://www.sinbadvoyage.com/5V6LU9T/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/119954/"
@@ -21360,7 +21911,7 @@
 "119810","2019-02-08 03:22:12","https://docs.google.com/uc?export=&id=1fQ8g504YfIigneDb6PkPPZH28Hl--8A-","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119810/"
 "119809","2019-02-08 03:21:42","https://docs.google.com/uc?export=&id=1wqapdW8YblJoYnJiKgMZg2uiPX38QwEZ","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119809/"
 "119808","2019-02-08 03:21:41","https://docs.google.com/uc?export=&id=1Haoaqr13jBdbVnbkujcxPk_Q9jTt4qGJ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119808/"
-"119807","2019-02-08 03:21:39","https://docs.google.com/uc?export=&id=1vH0brV1wkVdLccmAXPmQXf7GVL26Kcj3","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119807/"
+"119807","2019-02-08 03:21:39","https://docs.google.com/uc?export=&id=1vH0brV1wkVdLccmAXPmQXf7GVL26Kcj3","offline","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119807/"
 "119806","2019-02-08 03:21:09","https://docs.google.com/uc?export=&id=1P0boW2aSEFr_bJZ4GyUZjBji0ccL7UQQ","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119806/"
 "119805","2019-02-08 03:21:07","https://docs.google.com/uc?export=&id=11m4Hol6AC4ursYm-seOCpuCM6fbT5CE5","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119805/"
 "119804","2019-02-08 03:21:06","https://docs.google.com/uc?export=&id=1SbH7bMmBsBilZQ4etzm3OR88t8wudVTz","online","malware_download","AUS,DanaBot,zipped-exe","https://urlhaus.abuse.ch/url/119804/"
@@ -21417,7 +21968,7 @@
 "119753","2019-02-07 23:57:12","http://vhhomemax.com.vn/scan/Invoice_Notice/mDUA-PhG_TuawChG-Vm/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119753/"
 "119752","2019-02-07 23:57:07","http://mnquotes.com/En_us/xerox/MLCT-q9_YYSmv-iw/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119752/"
 "119751","2019-02-07 23:57:04","http://kolejmontlari.com/npjk_cJoka-tM/F2/Transactions/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119751/"
-"119750","2019-02-07 23:56:14","http://wordpress-219768-716732.cloudwaysapps.com/yDCq-0XFN_ZccWS-jZt/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119750/"
+"119750","2019-02-07 23:56:14","http://wordpress-219768-716732.cloudwaysapps.com/yDCq-0XFN_ZccWS-jZt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119750/"
 "119749","2019-02-07 23:56:12","http://weresolve.ca/En_us/info/Inv/0333180560/tRVYD-K7K6L_KMgAeItKH-PSo/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119749/"
 "119748","2019-02-07 23:56:09","http://webahang.com/En/company/Copy_Invoice/BKrMj-4E_iNYeqhBtK-ZH/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119748/"
 "119747","2019-02-07 23:56:04","http://w3y.ir/En_us/New_invoice/eils-vBDS3_BrrvrFfhN-yA/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119747/"
@@ -21466,7 +22017,7 @@
 "119704","2019-02-07 23:52:33","http://umdescartables.com/wYuKq_2QPw-V/oj/Information/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119704/"
 "119703","2019-02-07 23:52:27","http://transnicaragua.com/PGIc_Wr-aMEO/su/Information/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119703/"
 "119702","2019-02-07 23:52:20","http://tomren.ch/UzSF_awMA-ebkVTWTcV/zh6/Messages/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119702/"
-"119701","2019-02-07 23:52:17","http://texeem.com/HVKwF_2tm-WGQLFv/FLE/Clients/2019-02/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119701/"
+"119701","2019-02-07 23:52:17","http://texeem.com/HVKwF_2tm-WGQLFv/FLE/Clients/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119701/"
 "119700","2019-02-07 23:52:11","http://teste.3achieve.com.br/ylRhH_lf2-ZrstOeX/tY/Details/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119700/"
 "119699","2019-02-07 23:52:05","http://tempnature.es/XxZL_JT9eU-v/Aap/Payments/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119699/"
 "119698","2019-02-07 23:52:01","http://solarnas.net/@eaDir/kcIOi_p3QE-lyQELglRx/mbX/Clients_information/2019-02/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/119698/"
@@ -21612,8 +22163,8 @@
 "119558","2019-02-07 17:48:06","http://mayphatrasua.com/US_us/document/Invoice_Notice/68527544761887/QrTKR-a97p_BcOTzhZL-p4/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119558/"
 "119557","2019-02-07 17:44:17","http://tepeas.com/EN_en/scan/xvIN-eFa_WmBIZB-HQ/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119557/"
 "119556","2019-02-07 17:44:10","http://cattuongled.com.vn/US/llc/Copy_Invoice/1223287/IzwC-U8_MUlakxe-DQ//","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/119556/"
-"119555","2019-02-07 17:40:02","http://hoanggiaanh.vn/templates/sj_teen/images/blue/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/119555/"
-"119554","2019-02-07 17:39:32","http://hoanggiaanh.vn/templates/sj_teen/css/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/119554/"
+"119555","2019-02-07 17:40:02","http://hoanggiaanh.vn/templates/sj_teen/images/blue/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/119555/"
+"119554","2019-02-07 17:39:32","http://hoanggiaanh.vn/templates/sj_teen/css/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/119554/"
 "119553","2019-02-07 17:31:28","http://elahris.org/company/New_invoice/DxNNj-H8WR_iHqykMngg-Jc8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119553/"
 "119552","2019-02-07 17:31:27","http://daotaokynang.org/US_us/Inv/DISlY-Wb3IN_qrdOt-vGw/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119552/"
 "119551","2019-02-07 17:31:24","http://dishub.purwakartakab.go.id/wp-content/scan/kEmVY-QG_dEwv-YmV/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119551/"
@@ -21661,7 +22212,7 @@
 "119509","2019-02-07 16:19:15","http://rensgeubbels.nl/mIXOb-fWn7lu8K8wY1jeM_ftacUUWaE-GIz/60190/SurveyQuestionsDec2018/EN_en/Invoice-Number-247797/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/119509/"
 "119508","2019-02-07 16:19:15","http://roteirobrasil.com/wp-includes/XEBv3PdHgZ/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/119508/"
 "119507","2019-02-07 16:19:13","http://maionline.co.uk/ZIujz-5mZq6fO8388CKuw_VEwGNMNL-va/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/119507/"
-"119506","2019-02-07 16:19:12","http://quangcaovnstar.vn/wp-admin/z1QfRWkZ_LWUT/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/119506/"
+"119506","2019-02-07 16:19:12","http://quangcaovnstar.vn/wp-admin/z1QfRWkZ_LWUT/","online","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/119506/"
 "119505","2019-02-07 16:19:09","http://tehilacrew.com/lYEnR-UOWimGxXgb0uGjn_JFkZWKyI-zBM/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/119505/"
 "119504","2019-02-07 16:19:08","http://cascaproducoes.com.br/US/corporation/Inv/pYPP-7Gyo_BVAZCN-ER/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119504/"
 "119503","2019-02-07 16:13:05","http://dev.stgss.se-solves.com/US/xerox/Inv/ZGty-VZK9x_CEw-tzj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119503/"
@@ -21674,7 +22225,7 @@
 "119496","2019-02-07 16:07:37","http://cryptoholders.org/EmgOL_EtZL-qvNZvbAS/dU/Transactions/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119496/"
 "119495","2019-02-07 16:07:33","http://bluebird-developments.com/yxJY_MM-K/VAg/Payment_details/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119495/"
 "119494","2019-02-07 16:07:25","http://biodiversi.com.br/voYnI_QBYo-hVSDOyeA/0xa/Clients_information/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119494/"
-"119493","2019-02-07 16:07:21","http://barabooseniorhigh.com/HTSmt_qG-YWmpD/jVq/Clients_Messages/022019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119493/"
+"119493","2019-02-07 16:07:21","http://barabooseniorhigh.com/HTSmt_qG-YWmpD/jVq/Clients_Messages/022019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119493/"
 "119492","2019-02-07 16:07:19","http://app.htetznaing.com/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119492/"
 "119491","2019-02-07 16:07:16","http://anhsangtuthien.com/cIJc_gO-MbCcgDY/n87/Information/2019-02/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/119491/"
 "119490","2019-02-07 16:07:12","http://altallak.com/wp-content/uploads/Telekom/Rechnungen/01_19/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/119490/"
@@ -21930,7 +22481,7 @@
 "119238","2019-02-07 08:42:22","http://letholedriving.co.za/Telekom/Transaktion/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/119238/"
 "119237","2019-02-07 08:42:18","http://guruz.com/Telekom/RechnungOnline/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/119237/"
 "119236","2019-02-07 08:42:14","http://aroa-design.com/Telekom/Rechnungen/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/119236/"
-"119235","2019-02-07 08:42:09","http://bachhoatructuyen.com.vn/Telekom/Rechnung/01_19/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/119235/"
+"119235","2019-02-07 08:42:09","http://bachhoatructuyen.com.vn/Telekom/Rechnung/01_19/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/119235/"
 "119234","2019-02-07 08:42:05","http://mateada.com.br/Telekom/Transaktion/01_19/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/119234/"
 "119233","2019-02-07 08:35:02","http://ribeiro-wellness.de/De_de/KZDTRRBXY9250514/Rechnungs/Zahlung/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/119233/"
 "119232","2019-02-07 08:31:02","http://owjtravelagency.com/de_DE/OMPLBLWTEL4632324/de/DETAILS/","offline","malware_download","None","https://urlhaus.abuse.ch/url/119232/"
@@ -22268,7 +22819,7 @@
 "118885","2019-02-07 01:59:13","https://unabashed-clothes.000webhostapp.com/Agent/Chrome%20incognit%20history.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/118885/"
 "118884","2019-02-07 01:53:02","http://walemastande.com/view/orderid2341.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/118884/"
 "118883","2019-02-07 01:49:52","http://80.85.157.130:4577/vid.exe","offline","malware_download","exe,payload","https://urlhaus.abuse.ch/url/118883/"
-"118882","2019-02-07 01:36:03","https://lotusconstructiontl.com/wp-content/uploads/updates.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/118882/"
+"118882","2019-02-07 01:36:03","https://lotusconstructiontl.com/wp-content/uploads/updates.doc","online","malware_download","RTF","https://urlhaus.abuse.ch/url/118882/"
 "118881","2019-02-07 01:30:16","http://www.turbolader.by/wp-content/themes/turbolader/css-components/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/118881/"
 "118880","2019-02-07 01:25:24","http://mcbusaccel.com/info/Inv/386880342120/TpMGn-Fy47_UNQf-Ws/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/118880/"
 "118879","2019-02-07 01:25:16","http://madrededios.com.pe/doc/Invoice/56580329/SbdJI-Etc_pO-Hn/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/118879/"
@@ -22333,7 +22884,7 @@
 "118820","2019-02-06 23:51:03","http://vektorex.com/source/Z/0158088.exe","offline","malware_download","exe,Loki,payload,stage2","https://urlhaus.abuse.ch/url/118820/"
 "118819","2019-02-06 23:51:02","http://vektorex.com/source/Z/002036219.exe","offline","malware_download","AZORult,exe,payload,stage2","https://urlhaus.abuse.ch/url/118819/"
 "118818","2019-02-06 23:20:04","http://cjasminedison.com/xap_102b-AZ1/704e.php?l=adnaz16.gas","offline","malware_download","payload,stage2","https://urlhaus.abuse.ch/url/118818/"
-"118817","2019-02-06 23:12:07","https://lotusconstructiontl.com/wp-content/uploads/css/l/yltlgt.msi","offline","malware_download","Loda,msi,payload,stage2","https://urlhaus.abuse.ch/url/118817/"
+"118817","2019-02-06 23:12:07","https://lotusconstructiontl.com/wp-content/uploads/css/l/yltlgt.msi","online","malware_download","Loda,msi,payload,stage2","https://urlhaus.abuse.ch/url/118817/"
 "118816","2019-02-06 22:48:05","http://link2u.nl/xerox/362148692187650/jfpbi-ahG_UKUMXPqQp-NwG/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/118816/"
 "118815","2019-02-06 22:48:04","http://leptokurtosis.com/EN_en/Invoice_number/rfDLz-rz_Xzz-ig/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/118815/"
 "118814","2019-02-06 22:40:40","https://ftp.smartcarpool.co.kr/lf_care/user_picture/27000096775/oLNX-to_GpHAYXQAM-I5/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/118814/"
@@ -23003,7 +23554,7 @@
 "118147","2019-02-06 05:34:05","https://onedrive.live.com/download?cid=BADA6E9B193308E5&resid=BADA6E9B193308E5%21115&authkey=AOHc9J6cj1S-dp4","offline","malware_download","compressed,payload","https://urlhaus.abuse.ch/url/118147/"
 "118146","2019-02-06 05:33:07","https://www.dropbox.com/s/ueegvw1ez7u83w7/Payment-voucher-1283223.pdf.z?dl=1","offline","malware_download","compressed,payload,winrar","https://urlhaus.abuse.ch/url/118146/"
 "118145","2019-02-06 05:32:16","http://23.249.161.100/mrd.exe","offline","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/118145/"
-"118144","2019-02-06 05:32:10","http://watchdogdns.duckdns.org/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/118144/"
+"118144","2019-02-06 05:32:10","http://watchdogdns.duckdns.org/IMM.EXE","online","malware_download","exe,LimeRAT,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/118144/"
 "118143","2019-02-06 05:32:05","http://23.249.161.100/IMM.EXE","offline","malware_download","exe,payload,RemcosRAT,stage2","https://urlhaus.abuse.ch/url/118143/"
 "118142","2019-02-06 05:29:03","http://carmelpublications.com/home/a64f2adc7910483688f2f09418e00365/flashplayer31_xa_install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/118142/"
 "118141","2019-02-06 05:23:03","http://ksolare.com/fb/jb.exe","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/118141/"
@@ -23441,7 +23992,7 @@
 "117702","2019-02-05 16:44:08","http://clinicalosvalles.cl/US_us/ACAp-k5tTR_WqpfMrXdu-JK/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117702/"
 "117701","2019-02-05 16:39:07","https://a.rokket.space/t_7pTjPE.jpg","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/117701/"
 "117700","2019-02-05 16:39:06","http://encomtrading-net.ml/file/chuks.jpg","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/117700/"
-"117699","2019-02-05 16:37:18","http://cosmoprof.com.gt/US_us/doc/Lrsg-F5K_rbNBsn-jv/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117699/"
+"117699","2019-02-05 16:37:18","http://cosmoprof.com.gt/US_us/doc/Lrsg-F5K_rbNBsn-jv/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117699/"
 "117698","2019-02-05 16:37:16","http://filmphil.com/m.exe","offline","malware_download","Pony","https://urlhaus.abuse.ch/url/117698/"
 "117697","2019-02-05 16:37:15","http://cdsanit.fr/En/info/Inv/934672737272566/VQSD-1ovkQ_YE-4L/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117697/"
 "117696","2019-02-05 16:37:14","http://bizinmontana.com/US_us/Copy_Invoice/24391795533556/aZHx-ozGId_QNa-e8/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/117696/"
@@ -23789,7 +24340,7 @@
 "117353","2019-02-05 04:27:04","http://142.93.211.141:80/kira1/kirai.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/117353/"
 "117352","2019-02-05 04:27:03","http://142.93.211.141:80/kira1/kirai.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/117352/"
 "117351","2019-02-05 04:26:03","http://142.93.211.141:80/kira1/kirai.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/117351/"
-"117350","2019-02-05 04:14:07","http://211.55.144.196:32173/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/117350/"
+"117350","2019-02-05 04:14:07","http://211.55.144.196:32173/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/117350/"
 "117349","2019-02-05 04:07:20","http://e913618t.beget.tech/st/build.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/117349/"
 "117348","2019-02-05 04:07:10","http://tadilatmadilat.com/wp-content/themes/cocktail/assets/font-awesome/css/massg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/117348/"
 "117347","2019-02-05 04:06:09","http://142.93.211.141:80/kira1/kirai.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/117347/"
@@ -23817,10 +24368,10 @@
 "117325","2019-02-05 02:42:06","https://backpage-inc.com/twerk.exe","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117325/"
 "117324","2019-02-05 02:37:04","http://reverserett.org/1a262e0.msi","offline","malware_download","exe,lokibot,payload,stage2","https://urlhaus.abuse.ch/url/117324/"
 "117323","2019-02-05 02:26:11","http://elinkco-com.ga/file/chuks.jpg","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117323/"
-"117322","2019-02-05 02:23:11","http://acropol.com.eg/pdf/wealthy.exe","online","malware_download","exe,HawkEye,Loki,payload,stage2","https://urlhaus.abuse.ch/url/117322/"
-"117321","2019-02-05 02:23:08","http://acropol.com.eg/pdf/sales.exe","online","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117321/"
+"117322","2019-02-05 02:23:11","http://acropol.com.eg/pdf/wealthy.exe","offline","malware_download","exe,HawkEye,Loki,payload,stage2","https://urlhaus.abuse.ch/url/117322/"
+"117321","2019-02-05 02:23:08","http://acropol.com.eg/pdf/sales.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117321/"
 "117320","2019-02-05 02:23:06","http://acropol.com.eg/pdf/info.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117320/"
-"117319","2019-02-05 02:23:04","http://acropol.com.eg/pdf/admin.exe","online","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117319/"
+"117319","2019-02-05 02:23:04","http://acropol.com.eg/pdf/admin.exe","offline","malware_download","exe,HawkEye,payload,stage2","https://urlhaus.abuse.ch/url/117319/"
 "117318","2019-02-05 02:20:03","http://vektorex.com/source/Z/5809132.exe","offline","malware_download","AZORult,exe,payload,stage2","https://urlhaus.abuse.ch/url/117318/"
 "117317","2019-02-05 02:00:07","https://www.asialinklogistics.com/mkmike.jpg","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/117317/"
 "117316","2019-02-05 01:52:03","http://shop.theirishlinenstore.com/gggg.png","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117316/"
@@ -23881,7 +24432,7 @@
 "117261","2019-02-05 00:30:06","http://datvangthainguyen.com/xerox/New_invoice/baxUX-A7A_DObSu-Wc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/117261/"
 "117260","2019-02-05 00:28:16","http://www.sery.ga/file/DLMC.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/117260/"
 "117259","2019-02-05 00:28:05","http://alessiopaolelli.com/paneecirco.com/please.exe","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117259/"
-"117257","2019-02-05 00:26:08","http://www.lianglinyiyou.com/r16/?zXGTvP=apJy1QVmfSfOlcX0/WKRWrFs4bYoc/vmkWcwrWPRZ5WwhPIBV3AMMeN2DBFnnTa0UA5jjw==&Tx4=O0RHThcPZdnxnn&sql=1","online","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117257/"
+"117257","2019-02-05 00:26:08","http://www.lianglinyiyou.com/r16/?zXGTvP=apJy1QVmfSfOlcX0/WKRWrFs4bYoc/vmkWcwrWPRZ5WwhPIBV3AMMeN2DBFnnTa0UA5jjw==&Tx4=O0RHThcPZdnxnn&sql=1","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117257/"
 "117258","2019-02-05 00:26:08","https://u.teknik.io/m9tCz.jpg","offline","malware_download","exe,Formbook,payload,stage2","https://urlhaus.abuse.ch/url/117258/"
 "117256","2019-02-05 00:07:36","http://www.lesprivatzenith.com/EN_en/Invoice_Notice/206427596260567/OJPVt-kfA_XDjL-uWZ/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117256/"
 "117255","2019-02-05 00:07:34","http://lesprivatzenith.com/En/llc/Dbkoz-BeFga_IyNQUIYbu-eut/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117255/"
@@ -23928,7 +24479,7 @@
 "117214","2019-02-04 22:34:45","http://ronanict.nl/info/xIkgR-KCbj_MOJkpsFil-gmY/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117214/"
 "117213","2019-02-04 22:34:43","http://holbert.com.mx/US/download/nDmcd-nHv_xMVmLsW-WK/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117213/"
 "117212","2019-02-04 22:34:38","http://demo.vms.by/Inv/21653966/XRhky-FAtOz_TtFoZAw-sD/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117212/"
-"117211","2019-02-04 22:34:35","http://bachhoatructuyen.com.vn/EN_en/Invoice/yVeRe-SIBW_Ml-ck/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117211/"
+"117211","2019-02-04 22:34:35","http://bachhoatructuyen.com.vn/EN_en/Invoice/yVeRe-SIBW_Ml-ck/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117211/"
 "117210","2019-02-04 22:34:31","http://askibinyuk.myjino.ru/EN_en/xerox/XlSG-FEJ6_AUFP-Cd/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117210/"
 "117209","2019-02-04 22:34:27","http://algomaispresentes.projetoscantec.com/xerox/New_invoice/AfgrG-hvD_evXT-NTC/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117209/"
 "117208","2019-02-04 22:34:23","http://aisi2000.com.ua/En_us/New_invoice/GYVS-oG_P-qY/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/117208/"
@@ -23995,7 +24546,7 @@
 "117147","2019-02-04 21:00:10","https://onedrive.live.com/download?cid=80D795D3560BAA7F&resid=80D795D3560BAA7F!113&authkey=AHDwtMkcgWCT_FQ","offline","malware_download","compressed,exe,payload,winrar","https://urlhaus.abuse.ch/url/117147/"
 "117146","2019-02-04 20:59:19","http://96.94.205.130:8731/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/117146/"
 "117145","2019-02-04 20:59:14","http://77.227.211.169:12038/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/117145/"
-"117144","2019-02-04 20:59:07","http://2.180.2.240:40832/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/117144/"
+"117144","2019-02-04 20:59:07","http://2.180.2.240:40832/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/117144/"
 "117143","2019-02-04 20:56:03","https://www.dropbox.com/s/znrmzclseulk5px/LC-IMG014-020419_DRAFT_PDF.ace?dl=1","offline","malware_download","ace,compressed,exe,payload","https://urlhaus.abuse.ch/url/117143/"
 "117142","2019-02-04 20:50:05","https://share.dmca.gripe/GgGJjtgTN9hje9jc.jpg","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117142/"
 "117141","2019-02-04 20:45:05","http://oluyamachine.xyz/m/sammy.exe","offline","malware_download","AgentTesla,exe,payload,stage2","https://urlhaus.abuse.ch/url/117141/"
@@ -24702,7 +25253,7 @@
 "116436","2019-02-04 03:48:03","http://104.168.149.5:80/vb/Amakano.mips","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116436/"
 "116435","2019-02-04 03:47:03","https://kmjqsq.sn.files.1drv.com/y4mzDxoV-vAGkfKtnYBpN6HuJAnenVkpPFyXULNpSSc1lxMNgCS87F0bSLD_UmXi38UE9W4H9hWzroh_lFsM0P7Mu7zwdJ6FWvoD-4HCV5YakwKHy-dix2E8DBbmChnKzgH_Js8RKLMkBRoZam0LZ3oKz2ZU4q63R5ID5p0QACm-szEkHU9SN4dPEJquXZ0va7X7WQHikpNSp5su8-MX2rsSg/Scan23432134_xls%201.gz?download&psid=1","offline","malware_download","HawkEye,keylogger,payload","https://urlhaus.abuse.ch/url/116435/"
 "116434","2019-02-04 03:46:02","https://mirocaffe.ro/Scan_20190204_pdf.zip","offline","malware_download","compressed,exe,Loki,lokibot,zip","https://urlhaus.abuse.ch/url/116434/"
-"116433","2019-02-04 03:35:06","http://rosalos.ug/xxx/35.exe","offline","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/116433/"
+"116433","2019-02-04 03:35:06","http://rosalos.ug/xxx/35.exe","online","malware_download","exe,payload,stage2","https://urlhaus.abuse.ch/url/116433/"
 "116432","2019-02-04 03:25:06","http://file.mayter.cn/rebound/private/win64.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/116432/"
 "116431","2019-02-04 03:24:04","http://104.168.149.5:80/vb/Amakano.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/116431/"
 "116430","2019-02-04 02:54:06","http://neandermall.com/admin/docs.scr","offline","malware_download","exe,payload,scr,stage2","https://urlhaus.abuse.ch/url/116430/"
@@ -24913,7 +25464,7 @@
 "116225","2019-02-03 08:07:11","http://203.163.211.46:31441/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116225/"
 "116224","2019-02-03 08:07:03","http://51.254.164.30:2640/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116224/"
 "116223","2019-02-03 08:04:06","http://road2somewhere.com/wp-content/themes/twentynineteen/classes/sserv.jpg","offline","malware_download","exe,payload,Ransomware,stage2,Troldesh","https://urlhaus.abuse.ch/url/116223/"
-"116222","2019-02-03 07:30:02","http://www.navegadoratt.club/wpad2.dat","online","malware_download","exe,fakeflash,flash,payload,player,script,stage1,stage2","https://urlhaus.abuse.ch/url/116222/"
+"116222","2019-02-03 07:30:02","http://www.navegadoratt.club/wpad2.dat","offline","malware_download","exe,fakeflash,flash,payload,player,script,stage1,stage2","https://urlhaus.abuse.ch/url/116222/"
 "116221","2019-02-03 07:26:04","http://209.97.133.141/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/116221/"
 "116220","2019-02-03 07:26:03","http://138.197.153.211/jdabfsjkhfasl/jiren.i686","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116220/"
 "116219","2019-02-03 07:25:05","http://138.197.153.211/jdabfsjkhfasl/jiren.sparc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116219/"
@@ -25094,7 +25645,7 @@
 "116044","2019-02-02 10:47:11","http://76.74.170.204/D3PVJ9HWL","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116044/"
 "116043","2019-02-02 10:47:09","http://76.74.170.204/6443IOKGR","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116043/"
 "116042","2019-02-02 10:47:06","http://76.74.170.204/QVF00ACGD","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/116042/"
-"116041","2019-02-02 09:42:14","http://114.33.233.96:58114/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116041/"
+"116041","2019-02-02 09:42:14","http://114.33.233.96:58114/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116041/"
 "116040","2019-02-02 09:42:07","http://1.32.53.177:63910/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/116040/"
 "116039","2019-02-02 09:02:01","http://pozan.nl/cnfxR-Lf2_wsYjyMnT-vFN/PaymentStatus/US_us/Invoice-46565423","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116039/"
 "116038","2019-02-02 08:57:02","http://loonbedrijf-radwa.nl/ofFgg_uHyYn-wNF/1Ei/Clients_Messages/02_19","offline","malware_download","doc","https://urlhaus.abuse.ch/url/116038/"
@@ -25259,7 +25810,7 @@
 "115879","2019-02-02 04:22:06","http://tianangdep.com/capnhat/files/caidattevas.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115879/"
 "115878","2019-02-02 04:17:02","http://amocrmkrg.kz/Spmem-UX_OlFH-NZf/63363/SurveyQuestionsEn_us/Invoice-5046524-January","offline","malware_download","doc","https://urlhaus.abuse.ch/url/115878/"
 "115877","2019-02-02 04:13:04","http://adrienneaubrecht.net/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/115877/"
-"115876","2019-02-02 04:07:09","http://xlv.f3322.net:9789/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115876/"
+"115876","2019-02-02 04:07:09","http://xlv.f3322.net:9789/2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115876/"
 "115875","2019-02-02 03:46:06","http://106.14.42.35:9789/2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115875/"
 "115874","2019-02-02 03:39:07","http://linksysdatakeys.se/SQ465798.exe","offline","malware_download","exe,RemcosRAT,Xtrat","https://urlhaus.abuse.ch/url/115874/"
 "115873","2019-02-02 03:37:20","http://nhansinhduong.com/wp-content/themes/phongkham/core/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/115873/"
@@ -25349,7 +25900,7 @@
 "115789","2019-02-02 02:03:06","http://205.185.120.227:80/Binarys/Owari.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/115789/"
 "115788","2019-02-02 01:49:02","http://ssearthmovers.in/wWjjr-NgiP_XsjTnYYd-EQ/Ref/12071454US/Invoices-attached","offline","malware_download","doc","https://urlhaus.abuse.ch/url/115788/"
 "115787","2019-02-02 01:47:09","http://116.100.5.168:47888/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115787/"
-"115786","2019-02-02 01:47:05","http://14.37.53.247:50589/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115786/"
+"115786","2019-02-02 01:47:05","http://14.37.53.247:50589/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115786/"
 "115785","2019-02-02 01:47:02","http://80.211.8.182/Okami.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115785/"
 "115784","2019-02-02 01:47:02","http://80.211.8.182/Okami.sh4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115784/"
 "115783","2019-02-02 01:46:09","http://80.211.8.182/Okami.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/115783/"
@@ -25633,7 +26184,7 @@
 "115505","2019-02-01 19:42:06","http://belyi.ug/eu.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/115505/"
 "115504","2019-02-01 18:34:03","http://www.moh.sk.gov.ng/files/treu.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/115504/"
 "115503","2019-02-01 18:23:09","http://steam-money.ru/load.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115503/"
-"115502","2019-02-01 18:23:07","http://183.99.140.11:20134/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115502/"
+"115502","2019-02-01 18:23:07","http://183.99.140.11:20134/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115502/"
 "115501","2019-02-01 18:23:04","http://46.249.127.224:7849/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115501/"
 "115500","2019-02-01 18:21:06","http://189.18.170.50:23583/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115500/"
 "115499","2019-02-01 18:11:06","http://7-chicken.multishop.co.id/US_us/llc/5534=905732028/qoIo-wyD_plk-4S/","offline","malware_download","doc,emotet,url","https://urlhaus.abuse.ch/url/115499/"
@@ -25779,7 +26330,7 @@
 "115359","2019-02-01 14:41:04","http://majesticartsgallery.com/rzID_El-dq/7f/Transactions/02_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115359/"
 "115358","2019-02-01 14:40:06","http://64.44.51.120/alisa.yad","offline","malware_download","sat35,Trickbot","https://urlhaus.abuse.ch/url/115358/"
 "115357","2019-02-01 14:40:04","http://107.173.104.130/alisa.yad","offline","malware_download","sat35,Trickbot","https://urlhaus.abuse.ch/url/115357/"
-"115356","2019-02-01 14:39:13","http://it-accent.ru/distrib/ats/setup_ats_1.0.10.8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115356/"
+"115356","2019-02-01 14:39:13","http://it-accent.ru/distrib/ats/setup_ats_1.0.10.8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115356/"
 "115355","2019-02-01 14:39:05","http://219.251.34.3/intra/imis.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115355/"
 "115354","2019-02-01 14:33:08","http://singleshotespresso.com/Notare.zip?LJuYNMutdNotare.Pdf________________________________________________________________.exe","offline","malware_download","zip","https://urlhaus.abuse.ch/url/115354/"
 "115353","2019-02-01 14:32:27","http://caneyvalleycorvetteclub.com/clients/jxpiinstall.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115353/"
@@ -25852,7 +26403,7 @@
 "115286","2019-02-01 12:55:41","http://365poker.000webhostapp.com/wp-content/themes/shapely/woocommerce/messg.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/115286/"
 "115285","2019-02-01 12:52:06","http://hhind.co.kr/intra/insa.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115285/"
 "115284","2019-02-01 12:51:22","http://cn.download.ichengyun.net/othersoft/haozip_v2.2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115284/"
-"115283","2019-02-01 12:50:07","http://hhind.co.kr/INTRA/IMIS.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115283/"
+"115283","2019-02-01 12:50:07","http://hhind.co.kr/INTRA/IMIS.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/115283/"
 "115282","2019-02-01 12:47:09","http://linksysdatakeys.se/Etr739.exe","online","malware_download","exe,RemcosRAT,Xtrat","https://urlhaus.abuse.ch/url/115282/"
 "115281","2019-02-01 12:45:29","http://www.laxsposure.com/2FuJEaG8X/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/115281/"
 "115280","2019-02-01 12:45:28","http://theaothundao.com/w7nzEiy/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/115280/"
@@ -25874,10 +26425,10 @@
 "115264","2019-02-01 12:06:06","http://106.14.42.35:9789/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115264/"
 "115263","2019-02-01 12:05:12","http://www.zxminer.com/miner/download/ZXMiner.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115263/"
 "115262","2019-02-01 12:05:08","http://106.14.42.35:9789/3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115262/"
-"115261","2019-02-01 11:44:08","http://xlv.f3322.net:9789/DhlServer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115261/"
+"115261","2019-02-01 11:44:08","http://xlv.f3322.net:9789/DhlServer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115261/"
 "115260","2019-02-01 11:31:12","http://jdsoftdados.com.br/TempJD/downloadjd/output/setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115260/"
 "115259","2019-02-01 10:53:09","http://177.197.65.8:59130/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115259/"
-"115258","2019-02-01 10:51:04","http://zxminer.com/miner/download/ZXMiner.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115258/"
+"115258","2019-02-01 10:51:04","http://zxminer.com/miner/download/ZXMiner.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115258/"
 "115257","2019-02-01 10:07:01","https://uc442c25e47ad62fb4c380b50e70.dl.dropboxusercontent.com/cd/0/get/AainS270IAVx6wtY2lPMNncn2T4NKzDGquVApHFhWRRoj69fnIPMUiclz9ZOdzndoJy0tougEpfOs51rJ2jFVarcxorXlrmgejg4Ke3Sd8GwAA/file?dl=1#","offline","malware_download","scr,zip","https://urlhaus.abuse.ch/url/115257/"
 "115256","2019-02-01 09:59:03","http://91.243.82.109/flashplayer.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/115256/"
 "115254","2019-02-01 09:50:15","http://m22tamia62jorge.city/xap_102b-AZ1/704e.php?l=quarck10.gas","offline","malware_download","exe,geofenced,ursnif,USA","https://urlhaus.abuse.ch/url/115254/"
@@ -26067,7 +26618,7 @@
 "115057","2019-02-01 03:05:13","http://staroil.info/wp-content/themes/bestbuild/assets/css/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/115057/"
 "115056","2019-02-01 03:05:11","http://91.205.215.12:8080/4O0q0K2SkA9D/saFM0MD3EVmp.bin","offline","malware_download","payload,stage2","https://urlhaus.abuse.ch/url/115056/"
 "115055","2019-02-01 03:05:10","http://187.148.80.156:30211/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/115055/"
-"115054","2019-02-01 03:02:07","http://theslimyjay.ml/wed.scr","offline","malware_download","exe,Loader,payload,scr,trojan","https://urlhaus.abuse.ch/url/115054/"
+"115054","2019-02-01 03:02:07","http://theslimyjay.ml/wed.scr","online","malware_download","exe,Loader,payload,scr,trojan","https://urlhaus.abuse.ch/url/115054/"
 "115053","2019-02-01 03:01:04","http://staroil.info/wp-content/themes/bestbuild/inc/lib/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/115053/"
 "115052","2019-02-01 02:58:03","http://slpsrgpsrhojifdij.ru/t.exe","online","malware_download","CoinMiner,exe,GandCrab,Loader,phorpiex,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/115052/"
 "115051","2019-02-01 02:52:26","http://staroil.info/app/staroil/app-release.apk","online","malware_download","android,malware","https://urlhaus.abuse.ch/url/115051/"
@@ -26078,8 +26629,8 @@
 "115046","2019-02-01 02:36:04","http://www.tapchisuckhoengaynay.com/wp-admin/Attachments/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/115046/"
 "115045","2019-02-01 02:27:06","http://www.lightbox.de/wp-content/themes/Extra/scripts/ext/messg.jpg","online","malware_download","exe,Loader,payload,Ransomware,Shade,stage2,Troldesh","https://urlhaus.abuse.ch/url/115045/"
 "115044","2019-02-01 02:22:20","http://jagadishchristian.com/tmp/jofb.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/115044/"
-"115043","2019-02-01 02:22:10","http://xlv.f3322.net:9789/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115043/"
-"115042","2019-02-01 02:20:08","http://xlv.f3322.net:9789/3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/115042/"
+"115043","2019-02-01 02:22:10","http://xlv.f3322.net:9789/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115043/"
+"115042","2019-02-01 02:20:08","http://xlv.f3322.net:9789/3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115042/"
 "115041","2019-02-01 02:15:06","http://106.14.42.35:9789/DhlServer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/115041/"
 "115040","2019-02-01 01:50:04","https://chronopost.box.com/shared/static/jzk02q9rsqczy5rqtsla82sk4i0dk2do.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/115040/"
 "115039","2019-02-01 01:26:17","http://www.peyzaj.site/En_us/xerox/Invoice_Notice/fqWGI-0kI_eGOAHLdr-5md/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/115039/"
@@ -26715,7 +27266,7 @@
 "114398","2019-01-31 06:19:02","http://hy-cosmetics.com/pro.ime","offline","malware_download","Trickbot","https://urlhaus.abuse.ch/url/114398/"
 "114397","2019-01-31 06:18:08","http://157.230.85.212/ankit/jno.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/114397/"
 "114396","2019-01-31 06:18:07","http://blessedstudiodigital.000webhostapp.com/wp-content/themes/shapely/layouts/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114396/"
-"114395","2019-01-31 06:17:59","https://www.pakmedcon.com/wp-content/themes/twentyseventeen/assets/css/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114395/"
+"114395","2019-01-31 06:17:59","https://www.pakmedcon.com/wp-content/themes/twentyseventeen/assets/css/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114395/"
 "114394","2019-01-31 06:17:53","http://nienkevanhijum.nl/wp-content/themes/elastico/js/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114394/"
 "114393","2019-01-31 06:17:47","http://muratto.site/.well-known/pki-validation/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114393/"
 "114392","2019-01-31 06:17:36","https://www.fibeex.com/wp-content/themes/businext/components/headers/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/114392/"
@@ -26779,7 +27330,7 @@
 "114333","2019-01-31 03:33:04","http://media0.iplace.cz/files/media0:4b58ae7778cab.exe.upl/virus_gen033a.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114333/"
 "114332","2019-01-31 03:32:08","http://media0.wgz.ro/files/media0:4dda70e2255d8.exe.upl/SaveEditor.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114332/"
 "114331","2019-01-31 03:32:05","http://rsquareandco.com/wp-content/themes/adsf/sketch/images/Tax%20Payment%20Challan.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/114331/"
-"114330","2019-01-31 03:30:05","http://media0.wgz.cz/files/media0:51018bbf344e4.exe.upl/keymaker+[ez.antivirus.2005.7.0.7.7].exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114330/"
+"114330","2019-01-31 03:30:05","http://media0.wgz.cz/files/media0:51018bbf344e4.exe.upl/keymaker+[ez.antivirus.2005.7.0.7.7].exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114330/"
 "114329","2019-01-31 03:29:07","http://media0.wgz.cz/files/media0:51018bbf344e4.exe.upl/keymakerez.antivirus.2005.7.0.7.7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114329/"
 "114328","2019-01-31 03:21:05","http://140.82.33.56/file2b.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/114328/"
 "114327","2019-01-31 03:21:02","http://media1.napady.net/files/media1:50f87b9d80d81.exe.upl/vcUnban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/114327/"
@@ -26906,12 +27457,12 @@
 "114139","2019-01-30 22:14:11","http://noithatnghiakhiet.com/drNS-xAqQT_mUiKGJnx-FcN/InvoiceCodeChanges/EN_en/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114139/"
 "114138","2019-01-30 22:14:06","http://jaihanuman.us/wp-content/uploads/PH2hhe0aPx3_Fb17TW_Ad18c/Secure/Account/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114138/"
 "114137","2019-01-30 22:14:02","http://faternegar.ir/aQde_XQPORb_CnUIIdRllP/Organization/Account/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114137/"
-"114136","2019-01-30 22:09:03","https://linkprotect.cudasvc.com/url?a=http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt&c=E","online","malware_download","None","https://urlhaus.abuse.ch/url/114136/"
+"114136","2019-01-30 22:09:03","https://linkprotect.cudasvc.com/url?a=http://jjtphoto.com/scan/En/Paid-Invoice-Credit-Card-Receipt&c=E","offline","malware_download","None","https://urlhaus.abuse.ch/url/114136/"
 "114130","2019-01-30 21:42:13","http://npbina.com/Details/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114130/"
 "114129","2019-01-30 21:42:07","http://www.jackservice.com.pl/Messages/2019-01/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/114129/"
 "114128","2019-01-30 21:38:18","https://buligbugto.org/bkVR-obFW_c-hBo/ACH/PaymentAdvice/US/Invoice-for-you/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114128/"
 "114127","2019-01-30 21:38:17","http://alfemimoda.com/GYev-wEzP_Kh-mK/Southwire/EJP5666373967/EN_en/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114127/"
-"114126","2019-01-30 21:38:13","http://ghazaldookht.ir/etZH-zyO7P_znCT-Olj/Inv/0120002972/US_us/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114126/"
+"114126","2019-01-30 21:38:13","http://ghazaldookht.ir/etZH-zyO7P_znCT-Olj/Inv/0120002972/US_us/Outstanding-Invoices/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114126/"
 "114125","2019-01-30 21:38:06","http://cwc.vi-bus.com/vQoS-PW_nRNzc-gVi/INVOICE/US/Companies-Invoice-4520895/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/114125/"
 "114124","2019-01-30 21:34:08","http://oceanzacoustics.com/wp-content/js/GST%20Payment%20Challan.zip","online","malware_download","Kutaki,zipped-exe","https://urlhaus.abuse.ch/url/114124/"
 "114123","2019-01-30 20:36:38","http://www.tubeian.com/hXeM-gK7wt_xIHMbkmUJ-PDc/Inv/675530529/EN_en/Open-Past-Due-Orders/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/114123/"
@@ -27176,7 +27727,7 @@
 "113849","2019-01-30 14:45:51","http://kerusiinovasi.com/wp-includes/ID3/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113849/"
 "113848","2019-01-30 14:45:47","https://iphonedelivery.com/system/config/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113848/"
 "113847","2019-01-30 14:45:40","http://bienhieutrongnha.com/forum/cache/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113847/"
-"113846","2019-01-30 14:45:33","https://alfaqihuddin.com/forum/cache/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113846/"
+"113846","2019-01-30 14:45:33","https://alfaqihuddin.com/forum/cache/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113846/"
 "113845","2019-01-30 14:45:28","https://madrascrackers.com/wp-content/themes/tyche/woocommerce/global/messg.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/113845/"
 "113844","2019-01-30 14:45:24","http://185.234.218.10/hakai.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113844/"
 "113843","2019-01-30 14:45:23","http://185.234.218.10/hakai.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113843/"
@@ -27208,7 +27759,7 @@
 "113816","2019-01-30 14:44:48","http://fashionandme.ru/cache/preview/update_2018_01.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/113816/"
 "113817","2019-01-30 14:44:48","http://mail.saglikpersoneli.net/sohft/PTYGsf41Witt_k/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/113817/"
 "113815","2019-01-30 14:44:45","http://xn--80aae8aujdld9c.xn--p1ai/Scan031.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/113815/"
-"113814","2019-01-30 14:44:43","http://benstrange.co.uk/wp-content/themes/retro-blog/assets/css/massg.jpg","offline","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/113814/"
+"113814","2019-01-30 14:44:43","http://benstrange.co.uk/wp-content/themes/retro-blog/assets/css/massg.jpg","online","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/113814/"
 "113813","2019-01-30 14:44:41","http://noorda.org/wp-content/themes/HighendWP/functions/massg.jpg","offline","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/113813/"
 "113812","2019-01-30 14:44:40","http://nunez.pl/wp-content/themes/imprint/assets/admin/css/fonts/massg.jpg","offline","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/113812/"
 "113811","2019-01-30 14:44:38","https://motorent.mk/Swift46.000usd_pdf.zip","offline","malware_download","lokibot","https://urlhaus.abuse.ch/url/113811/"
@@ -27390,7 +27941,7 @@
 "113634","2019-01-30 10:55:54","http://www.newpavanchatcorner.com/Transaktion/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113634/"
 "113633","2019-01-30 10:55:52","http://www.pivmag02.ru/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113633/"
 "113632","2019-01-30 10:55:49","http://chinesetimes.jp/chinanews3/Rechnungen/01_19/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/113632/"
-"113631","2019-01-30 10:55:42","http://ulco.tv/Rechnung/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113631/"
+"113631","2019-01-30 10:55:42","http://ulco.tv/Rechnung/012019/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113631/"
 "113630","2019-01-30 10:55:38","http://designbrochure.us/vrwcaj/papkaa17/Rechnungs/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113630/"
 "113629","2019-01-30 10:55:34","https://dasco.kz/Rechnungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113629/"
 "113628","2019-01-30 10:55:30","http://zoomevents.pl/Rechnung/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/113628/"
@@ -27469,7 +28020,7 @@
 "113555","2019-01-30 09:57:48","http://107.191.109.122/Bender.x86","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113555/"
 "113554","2019-01-30 09:57:47","http://107.191.109.122/Bender.mpsl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113554/"
 "113553","2019-01-30 09:57:46","http://107.191.109.122/Bender.mips","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113553/"
-"113552","2019-01-30 09:57:45","http://37.44.212.223/rig","offline","malware_download","None","https://urlhaus.abuse.ch/url/113552/"
+"113552","2019-01-30 09:57:45","http://37.44.212.223/rig","online","malware_download","None","https://urlhaus.abuse.ch/url/113552/"
 "113551","2019-01-30 09:57:42","http://208.89.215.123/pftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113551/"
 "113549","2019-01-30 09:57:40","http://159.65.185.61/yakuza.arm4","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113549/"
 "113550","2019-01-30 09:57:40","http://159.65.185.61/yakuza.arm5","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113550/"
@@ -27554,7 +28105,7 @@
 "113470","2019-01-30 07:44:12","http://103.114.163.197/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113470/"
 "113469","2019-01-30 07:44:08","http://157.230.175.134/yakuza.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113469/"
 "113468","2019-01-30 07:44:05","http://208.89.215.123/openssh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113468/"
-"113467","2019-01-30 07:42:09","http://159.65.185.61/yakuza.m68k","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113467/"
+"113467","2019-01-30 07:42:09","http://159.65.185.61/yakuza.m68k","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113467/"
 "113466","2019-01-30 07:42:07","http://159.65.185.61/yakuza.x32","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113466/"
 "113465","2019-01-30 07:42:05","http://157.230.211.181/tftp","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113465/"
 "113464","2019-01-30 07:20:05","http://157.230.175.134/yakuza.mpsl","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/113464/"
@@ -27598,7 +28149,7 @@
 "113426","2019-01-30 06:14:08","http://220.135.36.11:33547/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/113426/"
 "113425","2019-01-30 06:02:05","http://www.australiaadventures.com/ps.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113425/"
 "113424","2019-01-30 05:57:12","http://140.82.33.56/pl.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113424/"
-"113422","2019-01-30 05:57:11","http://46.29.163.68/apache2","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113422/"
+"113422","2019-01-30 05:57:11","http://46.29.163.68/apache2","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113422/"
 "113423","2019-01-30 05:57:11","http://46.29.163.68/telnetd","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113423/"
 "113421","2019-01-30 05:57:10","http://46.29.163.68/sh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113421/"
 "113420","2019-01-30 05:57:09","http://46.29.163.68/pftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113420/"
@@ -27606,7 +28157,7 @@
 "113418","2019-01-30 05:57:07","http://46.29.163.68/cron","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113418/"
 "113417","2019-01-30 05:57:07","http://46.29.163.68/wget","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113417/"
 "113415","2019-01-30 05:57:05","http://46.29.163.68/bash","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113415/"
-"113416","2019-01-30 05:57:05","http://46.29.163.68/tftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113416/"
+"113416","2019-01-30 05:57:05","http://46.29.163.68/tftp","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113416/"
 "113414","2019-01-30 05:57:04","http://46.29.163.68/openssh","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113414/"
 "113413","2019-01-30 05:57:03","http://46.29.163.68/sshd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113413/"
 "113412","2019-01-30 05:57:02","http://46.29.163.68/ntpd","online","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/113412/"
@@ -27623,7 +28174,7 @@
 "113400","2019-01-30 05:51:04","http://saveserpresults.com/install6.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113400/"
 "113401","2019-01-30 05:51:04","http://sisweb.info/download/download/setup_impresa_x64/avviaimpresa.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113401/"
 "113399","2019-01-30 05:49:02","http://australiaadventures.com/58.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113399/"
-"113398","2019-01-30 05:41:04","http://www.sisweb.info/download/download/setup_impresa_x64/avviaimpresa.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113398/"
+"113398","2019-01-30 05:41:04","http://www.sisweb.info/download/download/setup_impresa_x64/avviaimpresa.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113398/"
 "113397","2019-01-30 05:39:02","http://australiaadventures.com/ps.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113397/"
 "113396","2019-01-30 05:38:04","http://ychynt.com/Jun2018/Customer-Invoice-CT-34471630","offline","malware_download","doc","https://urlhaus.abuse.ch/url/113396/"
 "113395","2019-01-30 05:22:02","http://sisweb.info/download/download/utility_ced/KernelCed.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113395/"
@@ -27920,7 +28471,7 @@
 "113096","2019-01-29 17:03:03","http://109.169.89.4/job/job.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/113096/"
 "113095","2019-01-29 17:02:02","http://salongolenarges.ir/urEO_Gj9-Ze/hsk/Clients_information/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113095/"
 "113094","2019-01-29 16:50:10","http://dawaphoto.co.kr/software/HANAPHOTO.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113094/"
-"113093","2019-01-29 16:49:09","http://dawaphoto.co.kr/software/DAWAPHOTOBB.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113093/"
+"113093","2019-01-29 16:49:09","http://dawaphoto.co.kr/software/DAWAPHOTOBB.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113093/"
 "113092","2019-01-29 16:48:03","http://165.227.36.38:80/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113092/"
 "113091","2019-01-29 16:48:02","http://194.147.35.54:80/ankit/os.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113091/"
 "113090","2019-01-29 16:46:05","http://194.147.35.54:80/ankit/os.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113090/"
@@ -27939,7 +28490,7 @@
 "113077","2019-01-29 16:33:30","http://www.thebagforum.com/document.pdf.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113077/"
 "113076","2019-01-29 16:33:28","http://zhealth.colling.hosting/wp-admin/mmQN-0aC_V-fs/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/US/Invoice-Number-00684/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/113076/"
 "113075","2019-01-29 16:33:26","http://xqu02.xyz/yvrRt-zTke2_EbjxGsEq-BSp/INV/0021875FORPO/7975237230/EN_en/Invoice-Number-997122/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113075/"
-"113074","2019-01-29 16:33:24","http://wiebe-sanitaer.de/XxNTd-zIYaB_wSpHU-kW/Ref/8600058563US/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113074/"
+"113074","2019-01-29 16:33:24","http://wiebe-sanitaer.de/XxNTd-zIYaB_wSpHU-kW/Ref/8600058563US/Need-to-send-the-attachment/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113074/"
 "113073","2019-01-29 16:33:23","http://vladsever.ru/eUHxT-lE_CC-Qw/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/En/Question/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113073/"
 "113072","2019-01-29 16:33:22","http://status.thememove.com/NQDhl-tpC_wmzLXZd-Ml/Inv/29776227983/En_us/Invoice-for-k/n-01/29/2019/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113072/"
 "113070","2019-01-29 16:33:20","http://mobilehomeest.com/daED-qL8OU_TElcl-1hm/Ref/695507774EN_en/Past-Due-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/113070/"
@@ -27980,7 +28531,7 @@
 "113036","2019-01-29 16:22:02","http://194.147.35.54/ankit/os.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113036/"
 "113035","2019-01-29 16:20:03","http://alkmaarculinairplaza.nl/TKuWw_0v-qNDDEkO/iir/Attachments/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/113035/"
 "113034","2019-01-29 16:17:02","http://194.147.35.54/ankit/os.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113034/"
-"113033","2019-01-29 16:16:05","http://www.thebagforum.com/Dokument_77725_211118728.doc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113033/"
+"113033","2019-01-29 16:16:05","http://www.thebagforum.com/Dokument_77725_211118728.doc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/113033/"
 "113032","2019-01-29 16:16:03","http://194.147.35.54/ankit/os.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/113032/"
 "113031","2019-01-29 16:11:03","http://www.shrikailashlogicity.in/AA.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113031/"
 "113030","2019-01-29 16:10:05","http://www.shrikailashlogicity.in/55.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/113030/"
@@ -28185,7 +28736,7 @@
 "112828","2019-01-29 10:55:07","http://pilrek.undip.ac.id/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112828/"
 "112827","2019-01-29 10:53:10","http://dcpn.projectsmd.in/Rechnungen/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112827/"
 "112826","2019-01-29 10:44:10","http://bizyangu.com/Januar2019/JGIISEWY5910885/DE_de/Rechnungszahlung/","offline","malware_download"," emotet,doc,heodo","https://urlhaus.abuse.ch/url/112826/"
-"112825","2019-01-29 10:37:10","http://sm.fq520000.com:443/by.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112825/"
+"112825","2019-01-29 10:37:10","http://sm.fq520000.com:443/by.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112825/"
 "112824","2019-01-29 10:35:08","http://cosmocolordip.com/npmiw5ld/Transaktion/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112824/"
 "112823","2019-01-29 10:28:59","http://karamba.pw/thrUPD.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112823/"
 "112822","2019-01-29 10:23:09","http://hairpd.com/stat/stip.exe","offline","malware_download","CAN,gootkit,Task","https://urlhaus.abuse.ch/url/112822/"
@@ -28202,7 +28753,7 @@
 "112811","2019-01-29 09:41:47","https://www.sylvanbrandt.com/wp-content/themes/sylvan-brandt/templates/massg.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/112811/"
 "112810","2019-01-29 09:41:42","http://mentoringjagojualan.com/site/cache/messg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112810/"
 "112809","2019-01-29 09:41:31","http://hugomaia.com/templates/agitato/css/massg.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/112809/"
-"112808","2019-01-29 09:41:27","http://dawgpoundinc.com/templates/yoo_level/css/black/massg.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/112808/"
+"112808","2019-01-29 09:41:27","http://dawgpoundinc.com/templates/yoo_level/css/black/massg.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/112808/"
 "112807","2019-01-29 09:41:19","http://45.76.99.110/Transaktion/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112807/"
 "112806","2019-01-29 09:41:16","http://carlatamler.com.br/Transaktion/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112806/"
 "112805","2019-01-29 09:41:11","http://sinotopoutdoor.com/DE/STMVOYBRJQ3343909/Bestellungen/Zahlungserinnerung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/112805/"
@@ -28230,7 +28781,7 @@
 "112782","2019-01-29 09:27:05","http://185.244.25.194:80/dwabniduawdbwad/memhoncho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112782/"
 "112781","2019-01-29 09:27:03","http://185.244.25.194:80/dwabniduawdbwad/memhoncho.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112781/"
 "112780","2019-01-29 09:23:04","http://209.141.56.224/youwin.exe","offline","malware_download","GandCrab,Ransomware","https://urlhaus.abuse.ch/url/112780/"
-"112779","2019-01-29 09:16:05","http://sg123.net/files/update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112779/"
+"112779","2019-01-29 09:16:05","http://sg123.net/files/update.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112779/"
 "112778","2019-01-29 09:14:10","http://mybitches.pw/USA1/cexplorer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112778/"
 "112777","2019-01-29 09:08:24","http://hiexsgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler,rat","https://urlhaus.abuse.ch/url/112777/"
 "112776","2019-01-29 09:08:22","https://kingasgroup.co.uk/Remittance%20Advice.jar","offline","malware_download","Qealler,rat","https://urlhaus.abuse.ch/url/112776/"
@@ -28362,8 +28913,8 @@
 "112650","2019-01-29 06:43:17","https://pchubonline.com/wp-admin/css/colors/blue/mesg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112650/"
 "112649","2019-01-29 06:43:07","http://ticket-mart.000webhostapp.com/wp-content/themes/shapely/inc/custom-controls/mesg.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/112649/"
 "112648","2019-01-29 06:36:13","http://sg123.net/files/install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112648/"
-"112647","2019-01-29 06:36:06","http://igra123.com/files/install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112647/"
-"112646","2019-01-29 06:35:14","https://sg123.net/files/install.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112646/"
+"112647","2019-01-29 06:36:06","http://igra123.com/files/install.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112647/"
+"112646","2019-01-29 06:35:14","https://sg123.net/files/install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112646/"
 "112645","2019-01-29 06:27:15","http://kimyen.net/upload/LoginTDVL.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112645/"
 "112644","2019-01-29 06:20:27","http://198.12.125.130/~safesfss/asafe/abazdnw.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112644/"
 "112643","2019-01-29 05:54:09","http://youagreatman.fun/MX/cexplorer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112643/"
@@ -28503,7 +29054,7 @@
 "112509","2019-01-29 01:09:03","http://104.168.167.92/bins/katana.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112509/"
 "112508","2019-01-29 01:06:07","http://198.98.53.130:80/AB4g5/Josho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/112508/"
 "112507","2019-01-28 23:25:08","http://amcmckinney.com/go/Boleto_Atualizado.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112507/"
-"112506","2019-01-28 23:24:22","http://csnsoft.com/download/sysware/autoupdate.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112506/"
+"112506","2019-01-28 23:24:22","http://csnsoft.com/download/sysware/autoupdate.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/112506/"
 "112505","2019-01-28 23:24:13","http://dromertontus.com/xZIpe-RG1_mjZuP-iMR/En_us/Paid-Invoices/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112505/"
 "112504","2019-01-28 23:24:09","http://campeonatodemaquiagem.com.br/Ixxj-y33P_yhpPDSiHq-hQ/InvoiceCodeChanges/En/Invoices-attached/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112504/"
 "112503","2019-01-28 23:23:32","http://download.security.baidu.co.th/softmgr/C9_Thailand_Downloader_1.062.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112503/"
@@ -28581,7 +29132,7 @@
 "112429","2019-01-28 21:25:16","http://openhousemonterrey.org/Toej-aL_gAP-ZvE/COMET/SIGNS/PAYMENT/NOTIFICATION/01/29/2019/En_us/Service-Report-1280/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112429/"
 "112428","2019-01-28 21:25:11","http://faternegar.ir/SmOG-vu_LTiFC-AyF/9894703/SurveyQuestionsUS_us/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112428/"
 "112427","2019-01-28 21:25:07","http://51laserclean.com/oyXf-pH_zQIHpYiql-7W/Inv/71371846260/En_us/New-order/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/112427/"
-"112426","2019-01-28 21:23:16","http://rus-fishing.com/images/main/2/1/officeonline.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/112426/"
+"112426","2019-01-28 21:23:16","http://rus-fishing.com/images/main/2/1/officeonline.doc","online","malware_download","RTF","https://urlhaus.abuse.ch/url/112426/"
 "112425","2019-01-28 21:23:11","http://rus-fishing.com/images/main/1/msoffice.msi","online","malware_download","msi","https://urlhaus.abuse.ch/url/112425/"
 "112424","2019-01-28 21:12:12","http://kobacco.com/shop/haoa.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112424/"
 "112423","2019-01-28 21:09:17","http://dgnj.cn/clbweb2005/gisstat/j2re-1_4_2-windows-i586.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112423/"
@@ -28734,7 +29285,7 @@
 "112268","2019-01-28 16:13:09","http://64.69.83.43/gacl/admin/templates_c/XTlF-6k_SwjIrETT-lSd/En/Invoices-attached/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112268/"
 "112267","2019-01-28 16:13:06","http://3kiloafvallen.nl/EmpcL-FI_pJZjhYNB-zzG/34522/SurveyQuestionsEn/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112267/"
 "112266","2019-01-28 16:11:19","http://universitytransplantcenter.com/templates/utc/html/com_content/article/image/cdf.png","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/112266/"
-"112265","2019-01-28 16:11:12","http://universitytransplantcenter.com/templates/utc/html/com_content/article/image/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/112265/"
+"112265","2019-01-28 16:11:12","http://universitytransplantcenter.com/templates/utc/html/com_content/article/image/sserv.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/112265/"
 "112264","2019-01-28 16:09:12","http://www.sp11dzm.ru/osPN-j6_TaargVDi-95/US/New-order/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112264/"
 "112263","2019-01-28 16:09:07","http://batdongsanphonoi.vn/Amazon/Transactions/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112263/"
 "112262","2019-01-28 16:08:08","http://habitacaosocial.org.br/bFHSc-ass_rviqgP-CZ/invoices/34036/20577/US_us/Need-to-send-the-attachment/index.php.suspected/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112262/"
@@ -28772,7 +29323,7 @@
 "112230","2019-01-28 15:47:08","http://bezsapan.com/wp-includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/112230/"
 "112229","2019-01-28 15:47:03","http://www.sos-secretariat.be/AMAZON/Clients_information/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112229/"
 "112228","2019-01-28 15:43:08","http://eibragimov.ru/Update.0205.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112228/"
-"112227","2019-01-28 15:43:04","http://headbuild.info/app/winboxscan-1003.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112227/"
+"112227","2019-01-28 15:43:04","http://headbuild.info/app/winboxscan-1003.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112227/"
 "112226","2019-01-28 15:41:12","http://headbuild.info/app/updateprofile-0121.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112226/"
 "112225","2019-01-28 15:41:10","http://headbuild.info/tvgyasmev5gmk49l/lsa64install.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112225/"
 "112224","2019-01-28 15:41:08","http://gastrohero.zendesk.com/attachments/token/cmomz9xlkrjs9rjwou8pmx17t/","offline","malware_download","zip","https://urlhaus.abuse.ch/url/112224/"
@@ -28781,7 +29332,7 @@
 "112221","2019-01-28 15:35:13","http://jijiquan.net/tools/start.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112221/"
 "112220","2019-01-28 15:35:07","http://headbuild.info/app/vc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112220/"
 "112219","2019-01-28 15:30:18","http://newscommer.com/tvgyasmev5gmk49l/lsa64install_in.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112219/"
-"112218","2019-01-28 15:30:15","http://59.124.90.231:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112218/"
+"112218","2019-01-28 15:30:15","http://59.124.90.231:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112218/"
 "112217","2019-01-28 15:30:09","http://newscommer.com/app/winboxscan-1003.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112217/"
 "112216","2019-01-28 15:30:05","http://mountainrp.com/RqlIj-s0q_zwNX-GGO/invoices/6237/3130/En/Invoice","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/112216/"
 "112215","2019-01-28 15:29:05","http://turbineblog.ir/Amazon/EN/Messages/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112215/"
@@ -28790,7 +29341,7 @@
 "112212","2019-01-28 15:25:09","http://galop-prijevoz.hr/TurkishMap.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/112212/"
 "112211","2019-01-28 15:25:06","http://addireengg.logicalat.com/Amazon/EN/Details/012019/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112211/"
 "112210","2019-01-28 15:23:11","http://newscommer.com/app/vc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112210/"
-"112209","2019-01-28 15:23:09","http://headbuild.info/app/watchdog.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112209/"
+"112209","2019-01-28 15:23:09","http://headbuild.info/app/watchdog.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112209/"
 "112208","2019-01-28 15:21:04","https://files.dropmybin.me/mcpfw.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/112208/"
 "112207","2019-01-28 15:19:11","http://rodaleitura.canoas.ifrs.edu.br/AMAZON/Details/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112207/"
 "112206","2019-01-28 15:18:34","http://headbuild.info/app/updateprofile-0124.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/112206/"
@@ -28839,10 +29390,10 @@
 "112163","2019-01-28 13:59:08","http://www.forodigitalpyme.es/AMAZON/Transactions/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112163/"
 "112162","2019-01-28 13:59:06","http://uborka-snega.spectehnika.novosibirsk.ru/Amazon/En/Clients_information/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112162/"
 "112161","2019-01-28 13:59:05","http://comeinitiative.org/Amazon/Transaction_details/2019-01/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/112161/"
-"112160","2019-01-28 13:56:07","http://79.2.211.133:6281/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112160/"
+"112160","2019-01-28 13:56:07","http://79.2.211.133:6281/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112160/"
 "112159","2019-01-28 13:56:06","http://114.34.45.35:33160/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/112159/"
 "112158","2019-01-28 13:52:07","http://ikuhentai.net/cgi-bin/mesg.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/112158/"
-"112157","2019-01-28 13:52:06","http://diamondzonebd.com/wp-content/themes/diamondtheme/images/about/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/112157/"
+"112157","2019-01-28 13:52:06","http://diamondzonebd.com/wp-content/themes/diamondtheme/images/about/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/112157/"
 "112156","2019-01-28 13:47:26","http://www.avis2018.cherrydemoserver10.com/cdFEl-tRiQ_f-hPf/COMET/SIGNS/PAYMENT/NOTIFICATION/01/28/2019/US_us/Sales-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112156/"
 "112155","2019-01-28 13:47:22","http://crowdsource.oasishub.co/BCuIj-5BS5a_mcIsTbE-d3L/Inv/432719241/EN_en/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/112155/"
 "112154","2019-01-28 13:47:20","http://cooljam.sdssoftltd.co.uk/fTpVx-ladHT_zBfcpScYg-mkF/INVOICE/0093/OVERPAYMENT/En_us/Service-Invoice/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/112154/"
@@ -29019,7 +29570,7 @@
 "111977","2019-01-28 09:50:04","http://206.189.112.94/bins/hoho.arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111977/"
 "111975","2019-01-28 09:50:03","http://206.189.112.94/bins/hoho.arm","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111975/"
 "111974","2019-01-28 09:48:11","http://fm963.top/360/bbc/T3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111974/"
-"111973","2019-01-28 09:48:06","http://www.cryptovoip.in/oliver/ZASTI.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111973/"
+"111973","2019-01-28 09:48:06","http://www.cryptovoip.in/oliver/ZASTI.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111973/"
 "111972","2019-01-28 09:45:16","http://mowbaza.chat.ru/beeline.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111972/"
 "111971","2019-01-28 09:44:12","http://dhoffmanfan.chat.ru/syscfg32.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111971/"
 "111970","2019-01-28 09:44:09","http://dhoffmanfan.chat.ru/uag.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111970/"
@@ -29032,7 +29583,7 @@
 "111963","2019-01-28 09:39:07","http://206.189.120.191/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111963/"
 "111962","2019-01-28 09:38:13","http://alexhhh.chat.ru/download/moscow.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111962/"
 "111961","2019-01-28 09:37:04","http://alexhhh.chat.ru/download/liquidnuke.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111961/"
-"111960","2019-01-28 09:35:22","http://alexhhh.chat.ru/download/IcqMachineGun.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/111960/"
+"111960","2019-01-28 09:35:22","http://alexhhh.chat.ru/download/IcqMachineGun.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111960/"
 "111959","2019-01-28 09:35:10","http://fm963.top/360/148/waNewRat360.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111959/"
 "111958","2019-01-28 09:33:09","http://alexhhh.chat.ru/download/hooker24.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/111958/"
 "111957","2019-01-28 09:30:12","http://46.29.163.229/AB4g5/Cult.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111957/"
@@ -29200,12 +29751,12 @@
 "111787","2019-01-28 07:15:33","http://157.230.209.235/pftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111787/"
 "111786","2019-01-28 07:15:30","http://157.230.209.235/ftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111786/"
 "111785","2019-01-28 07:15:23","http://157.230.209.235/cron","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111785/"
-"111784","2019-01-28 07:11:08","http://59.124.90.231:443/bf.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111784/"
+"111784","2019-01-28 07:11:08","http://59.124.90.231:443/bf.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111784/"
 "111783","2019-01-28 07:02:07","http://psychod.chat.ru/win.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111783/"
 "111782","2019-01-28 06:58:20","http://fm963.top/360/bbc/T8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111782/"
 "111781","2019-01-28 06:58:08","http://dhoffmanfan.chat.ru/chkfs32.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111781/"
 "111780","2019-01-28 06:46:03","http://hinfo.biz/informazioni/info.zip?yd6qmguo6zvloq","offline","malware_download","zip","https://urlhaus.abuse.ch/url/111780/"
-"111779","2019-01-28 06:45:59","http://www.cryptovoip.in/hp/wave.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111779/"
+"111779","2019-01-28 06:45:59","http://www.cryptovoip.in/hp/wave.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111779/"
 "111778","2019-01-28 06:45:52","http://157.230.209.235/wget","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111778/"
 "111777","2019-01-28 06:45:49","http://157.230.209.235/tftp","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111777/"
 "111776","2019-01-28 06:45:46","http://157.230.209.235/bash","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111776/"
@@ -29231,7 +29782,7 @@
 "111756","2019-01-28 06:31:37","http://128.199.45.93/earyzq","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111756/"
 "111755","2019-01-28 06:27:10","http://hinfo.biz/Informazioni/Fattura05032014.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/111755/"
 "111754","2019-01-28 06:23:07","http://hinfo.biz/fattura/fattura05032014.zip?2wqanhlo4fn","offline","malware_download","zip","https://urlhaus.abuse.ch/url/111754/"
-"111753","2019-01-28 06:20:07","http://59.124.90.231:443/5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111753/"
+"111753","2019-01-28 06:20:07","http://59.124.90.231:443/5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111753/"
 "111752","2019-01-28 06:19:05","http://199.38.243.9/yakuza.i586","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111752/"
 "111751","2019-01-28 06:19:04","http://199.38.243.9/yakuza.ppc","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111751/"
 "111750","2019-01-28 06:19:03","http://199.38.243.9/yakuza.arm4","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/111750/"
@@ -29264,15 +29815,15 @@
 "111723","2019-01-28 05:43:03","http://alsahagroup.com/t1U5yH/de_DE/Privatkunden/","offline","malware_download","None","https://urlhaus.abuse.ch/url/111723/"
 "111722","2019-01-28 05:40:07","http://gamehack.chat.ru/gamehack.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111722/"
 "111721","2019-01-28 05:36:14","http://down7.downyouxi.com/chaojimalixiongdi2006caimoguv2025.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111721/"
-"111720","2019-01-28 05:20:16","http://cryptovoip.in/jb/DOTNET.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111720/"
+"111720","2019-01-28 05:20:16","http://cryptovoip.in/jb/DOTNET.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111720/"
 "111719","2019-01-28 05:20:11","http://wt72.downyouxi.com/chaojimalixiongdi2006caimoguv2025.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111719/"
-"111718","2019-01-28 05:07:07","http://cryptovoip.in/gy/HJ.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/111718/"
+"111718","2019-01-28 05:07:07","http://cryptovoip.in/gy/HJ.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/111718/"
 "111717","2019-01-28 05:05:15","http://jijiquan.net/tools/tsreporter1.6.0.0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111717/"
 "111716","2019-01-28 04:58:59","http://datarecovery.chat.ru/pro/birdie-eml-to-pst.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111716/"
 "111715","2019-01-28 04:57:01","http://mowbaza.chat.ru/mtc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111715/"
 "111714","2019-01-28 04:56:46","http://down7.downyouxi.com/chiseyaosaifczhanche.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111714/"
-"111713","2019-01-28 04:54:08","http://59.124.90.231:443/3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111713/"
-"111712","2019-01-28 04:46:38","http://www.hldschool.com/SetUp.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111712/"
+"111713","2019-01-28 04:54:08","http://59.124.90.231:443/3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111713/"
+"111712","2019-01-28 04:46:38","http://www.hldschool.com/SetUp.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111712/"
 "111711","2019-01-28 04:45:41","http://fm963.top/360/bbc/T1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111711/"
 "111710","2019-01-28 04:45:38","http://moto-bazar.xf.cz/k8E4.exe","offline","malware_download","exe,zeus","https://urlhaus.abuse.ch/url/111710/"
 "111709","2019-01-28 04:33:41","http://www.jijiquan.net/Tools/start.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111709/"
@@ -29356,7 +29907,7 @@
 "111630","2019-01-27 21:58:38","http://189.180.253.216:29339/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111630/"
 "111629","2019-01-27 21:58:34","http://177.68.147.145:1142/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111629/"
 "111628","2019-01-27 21:58:28","http://37.34.244.167:16848/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111628/"
-"111627","2019-01-27 21:52:04","http://amd.alibuf.com:7723/dsc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111627/"
+"111627","2019-01-27 21:52:04","http://amd.alibuf.com:7723/dsc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111627/"
 "111626","2019-01-27 21:51:06","http://66.117.6.174/wpd.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/111626/"
 "111625","2019-01-27 21:08:06","http://moha-group.ir/nazy/PurchaseOrder.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/111625/"
 "111624","2019-01-27 21:07:05","http://komax.ir/Adobe_Flash_Player_Plugin.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111624/"
@@ -29366,18 +29917,18 @@
 "111620","2019-01-27 20:03:04","http://191.19.20.68:53913/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111620/"
 "111619","2019-01-27 19:58:05","http://ca.fq520000.com:443/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111619/"
 "111618","2019-01-27 19:51:15","http://majesticintltravel.com/web/ow.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/111618/"
-"111617","2019-01-27 19:51:10","http://sm.fq520000.com:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111617/"
+"111617","2019-01-27 19:51:10","http://sm.fq520000.com:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111617/"
 "111616","2019-01-27 19:45:02","http://moha-group.com/cli/waplord/doc/PurchaseOrder.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/111616/"
 "111615","2019-01-27 19:44:03","http://moha-group.com/cli/waplord/PurchaseOrder.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111615/"
 "111614","2019-01-27 19:37:03","http://183.110.79.42:8/buffffff.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111614/"
-"111613","2019-01-27 19:29:14","http://ca.posthash.org:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111613/"
+"111613","2019-01-27 19:29:14","http://ca.posthash.org:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111613/"
 "111612","2019-01-27 19:29:04","http://183.110.79.42:8/445.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111612/"
-"111611","2019-01-27 19:25:06","http://ms.fq520000.com:443/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111611/"
+"111611","2019-01-27 19:25:06","http://ms.fq520000.com:443/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111611/"
 "111610","2019-01-27 19:22:17","http://jagadishchristian.com/tmp/fbet.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/111610/"
-"111609","2019-01-27 19:22:11","http://amd.alibuf.com:7723/DSP12.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111609/"
-"111608","2019-01-27 19:18:05","http://dns.fq520000.com:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111608/"
+"111609","2019-01-27 19:22:11","http://amd.alibuf.com:7723/DSP12.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/111609/"
+"111608","2019-01-27 19:18:05","http://dns.fq520000.com:443/9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111608/"
 "111607","2019-01-27 19:14:02","http://165.227.212.62/bins/hoho.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111607/"
-"111606","2019-01-27 19:00:08","http://dns.alibuf.com:7723/dsc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111606/"
+"111606","2019-01-27 19:00:08","http://dns.alibuf.com:7723/dsc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111606/"
 "111605","2019-01-27 18:48:17","http://ca.fq520000.com:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111605/"
 "111604","2019-01-27 18:44:26","http://dns.alibuf.com:7723/dsp12.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111604/"
 "111603","2019-01-27 18:44:18","http://165.227.212.62/bins/hoho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111603/"
@@ -29444,10 +29995,10 @@
 "111542","2019-01-27 18:21:08","http://208.51.63.150/downs.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111542/"
 "111541","2019-01-27 18:21:05","http://66.117.6.174/ups.rar","online","malware_download","None","https://urlhaus.abuse.ch/url/111541/"
 "111540","2019-01-27 18:19:03","http://www.collagehg.ie/a55f14f.msi","online","malware_download","exe-to-msi,Loki,lokibot","https://urlhaus.abuse.ch/url/111540/"
-"111539","2019-01-27 18:17:05","http://ca.monerov8.com:443/123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111539/"
+"111539","2019-01-27 18:17:05","http://ca.monerov8.com:443/123.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111539/"
 "111538","2019-01-27 18:12:03","http://www.moha-group.com/cli/waplord/PurchaseOrder.exe","online","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/111538/"
-"111537","2019-01-27 18:05:17","http://dnn.alibuf.com:7723/DSP12.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/111537/"
-"111536","2019-01-27 18:05:10","http://down.eebbk.net/ddjsoftware/Webber.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111536/"
+"111537","2019-01-27 18:05:17","http://dnn.alibuf.com:7723/DSP12.EXE","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111537/"
+"111536","2019-01-27 18:05:10","http://down.eebbk.net/ddjsoftware/Webber.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111536/"
 "111535","2019-01-27 16:52:04","http://185.101.105.162/bins/Solstice.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111535/"
 "111534","2019-01-27 16:52:03","http://35.237.236.148/AB4g5/Josho.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111534/"
 "111533","2019-01-27 16:52:02","http://80.211.110.193/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111533/"
@@ -29540,27 +30091,27 @@
 "111446","2019-01-27 15:08:07","http://www.majesticintltravel.com/web/ow.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/111446/"
 "111445","2019-01-27 15:00:03","http://92.63.197.153/m/1.exe","offline","malware_download","exe,GandCrab,Ransomware,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111445/"
 "111444","2019-01-27 14:58:02","http://92.63.197.153/blowjob.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111444/"
-"111443","2019-01-27 14:49:29","http://sm.fq520000.com:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111443/"
-"111442","2019-01-27 14:49:26","http://sm.fq520000.com:443/8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111442/"
+"111443","2019-01-27 14:49:29","http://sm.fq520000.com:443/9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111443/"
+"111442","2019-01-27 14:49:26","http://sm.fq520000.com:443/8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111442/"
 "111441","2019-01-27 14:49:24","http://sm.fq520000.com:443/7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111441/"
 "111440","2019-01-27 14:49:20","http://sm.fq520000.com:443/6.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111440/"
-"111439","2019-01-27 14:49:17","http://sm.fq520000.com:443/5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111439/"
-"111438","2019-01-27 14:49:13","http://sm.fq520000.com:443/4.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111438/"
-"111437","2019-01-27 14:49:10","http://sm.fq520000.com:443/3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111437/"
+"111439","2019-01-27 14:49:17","http://sm.fq520000.com:443/5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111439/"
+"111438","2019-01-27 14:49:13","http://sm.fq520000.com:443/4.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111438/"
+"111437","2019-01-27 14:49:10","http://sm.fq520000.com:443/3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111437/"
 "111436","2019-01-27 14:49:07","http://sm.fq520000.com:443/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111436/"
 "111435","2019-01-27 14:49:04","http://sm.fq520000.com:443/2.exe","offline","malware_download","EBDP,Task","https://urlhaus.abuse.ch/url/111435/"
-"111434","2019-01-27 14:48:12","http://ca.hashpost.org:443/9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111434/"
-"111433","2019-01-27 14:48:11","http://ca.hashpost.org:443/8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111433/"
-"111432","2019-01-27 14:48:10","http://ca.hashpost.org:443/7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111432/"
-"111431","2019-01-27 14:48:08","http://ca.hashpost.org:443/6.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111431/"
-"111430","2019-01-27 14:48:07","http://ca.hashpost.org:443/5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111430/"
-"111429","2019-01-27 14:48:06","http://ca.hashpost.org:443/4.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111429/"
-"111428","2019-01-27 14:48:05","http://ca.hashpost.org:443/3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111428/"
-"111427","2019-01-27 14:48:03","http://ca.hashpost.org:443/2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111427/"
-"111426","2019-01-27 14:48:02","http://ca.hashpost.org:443/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111426/"
-"111425","2019-01-27 14:47:06","http://ca.hashpost.org:443/by.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111425/"
-"111424","2019-01-27 14:47:04","http://ca.hashpost.org:443/bf.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/111424/"
-"111423","2019-01-27 14:46:10","http://ca.hashpost.org:443/123.exe","online","malware_download","CoinMiner,EBDP","https://urlhaus.abuse.ch/url/111423/"
+"111434","2019-01-27 14:48:12","http://ca.hashpost.org:443/9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111434/"
+"111433","2019-01-27 14:48:11","http://ca.hashpost.org:443/8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111433/"
+"111432","2019-01-27 14:48:10","http://ca.hashpost.org:443/7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111432/"
+"111431","2019-01-27 14:48:08","http://ca.hashpost.org:443/6.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/111431/"
+"111430","2019-01-27 14:48:07","http://ca.hashpost.org:443/5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111430/"
+"111429","2019-01-27 14:48:06","http://ca.hashpost.org:443/4.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111429/"
+"111428","2019-01-27 14:48:05","http://ca.hashpost.org:443/3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111428/"
+"111427","2019-01-27 14:48:03","http://ca.hashpost.org:443/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111427/"
+"111426","2019-01-27 14:48:02","http://ca.hashpost.org:443/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111426/"
+"111425","2019-01-27 14:47:06","http://ca.hashpost.org:443/by.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111425/"
+"111424","2019-01-27 14:47:04","http://ca.hashpost.org:443/bf.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/111424/"
+"111423","2019-01-27 14:46:10","http://ca.hashpost.org:443/123.exe","offline","malware_download","CoinMiner,EBDP","https://urlhaus.abuse.ch/url/111423/"
 "111422","2019-01-27 14:43:03","http://cnm.idc3389.top/download.exe","offline","malware_download","EBDP","https://urlhaus.abuse.ch/url/111422/"
 "111421","2019-01-27 14:42:08","http://ca.monerov8.com:443/321.exe","offline","malware_download","CoinMiner,EBDP","https://urlhaus.abuse.ch/url/111421/"
 "111420","2019-01-27 14:39:16","http://dnn.alibuf.com:7723/dsc12.exe","online","malware_download","CoinMiner,EBDP","https://urlhaus.abuse.ch/url/111420/"
@@ -29601,7 +30152,7 @@
 "111385","2019-01-27 13:06:03","http://93.56.36.84:50892/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111385/"
 "111384","2019-01-27 13:00:20","http://78.39.232.91:56714/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111384/"
 "111383","2019-01-27 13:00:16","http://35.237.236.148:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111383/"
-"111382","2019-01-27 13:00:12","http://14.230.232.48:63285/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111382/"
+"111382","2019-01-27 13:00:12","http://14.230.232.48:63285/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111382/"
 "111381","2019-01-27 13:00:07","http://125.138.144.118:63853/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111381/"
 "111380","2019-01-27 12:58:11","http://80.211.110.193:80/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/111380/"
 "111379","2019-01-27 12:58:09","http://95.246.44.155:20787/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/111379/"
@@ -29902,7 +30453,7 @@
 "111084","2019-01-27 01:57:02","http://198.98.52.167/rebirth.x86","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111084/"
 "111083","2019-01-27 01:56:04","http://178.62.243.26/sh","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111083/"
 "111082","2019-01-27 01:56:03","http://198.98.52.167/rebirth.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111082/"
-"111081","2019-01-27 01:56:02","http://178.62.243.26/apache2","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111081/"
+"111081","2019-01-27 01:56:02","http://178.62.243.26/apache2","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111081/"
 "111080","2019-01-27 01:55:04","http://178.62.243.26/ftp","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111080/"
 "111079","2019-01-27 01:55:03","http://198.98.52.167/rebirth.arm4","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111079/"
 "111078","2019-01-27 01:55:02","http://198.98.52.167/rebirth.arm5","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/111078/"
@@ -30022,25 +30573,25 @@
 "110964","2019-01-26 23:53:14","http://dx115.downyouxi.com/zhizaoye.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110964/"
 "110963","2019-01-26 23:50:34","http://dx115.downyouxi.com/qinruzhezuozhanxunlian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110963/"
 "110962","2019-01-26 23:41:30","http://dx63.downyouxi.com/huoqiangyingxiong.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110962/"
-"110961","2019-01-26 23:40:45","http://dx65.downyouxi.com/huoqiangyingxiong.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110961/"
+"110961","2019-01-26 23:40:45","http://dx65.downyouxi.com/huoqiangyingxiong.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110961/"
 "110960","2019-01-26 23:36:52","http://wt112.downyouxi.com/aodesaipaopaolong.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110960/"
 "110959","2019-01-26 23:36:34","http://wt112.downyouxi.com/wodangbuyoudapao.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110959/"
 "110958","2019-01-26 23:35:48","http://wt112.downyouxi.com/hejindantouzhikaijiayongshizhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110958/"
-"110957","2019-01-26 23:32:55","http://wt111.downyouxi.com/siwangmishi.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110957/"
+"110957","2019-01-26 23:32:55","http://wt111.downyouxi.com/siwangmishi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110957/"
 "110956","2019-01-26 23:20:00","http://wt111.downyouxi.com/mingzidaluandou.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110956/"
 "110955","2019-01-26 23:19:44","http://dx63.downyouxi.com/baimudasanjiaopintu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110955/"
 "110954","2019-01-26 23:17:56","http://wt111.downyouxi.com/qunxiongshishibandichongtu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110954/"
 "110953","2019-01-26 23:07:37","http://wt112.downyouxi.com/jiejitaikongdazhan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110953/"
 "110952","2019-01-26 23:07:21","http://dx112.downyouxi.com/haimianfeixing.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110952/"
 "110951","2019-01-26 23:04:25","http://down11.downyouxi.com/gumuliying2huangjinbanhuangjinmianju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110951/"
-"110950","2019-01-26 23:03:38","http://dx62.downyouxi.com/shaqiu2000.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110950/"
+"110950","2019-01-26 23:03:38","http://dx62.downyouxi.com/shaqiu2000.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110950/"
 "110949","2019-01-26 22:51:27","http://wt112.downyouxi.com/qinruzhezuozhanxunlian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110949/"
 "110948","2019-01-26 22:50:50","http://dx115.downyouxi.com/wodangbuyoudapao.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110948/"
 "110947","2019-01-26 22:50:25","http://dx112.downyouxi.com/qinruzhezuozhanxunlian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110947/"
 "110946","2019-01-26 22:48:12","http://dx112.downyouxi.com/mingzidaluandou.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110946/"
 "110945","2019-01-26 22:47:10","http://dx62.downyouxi.com/shuangjielong2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110945/"
 "110944","2019-01-26 22:43:12","http://wt112.downyouxi.com/diyuzhilv.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110944/"
-"110943","2019-01-26 22:35:16","http://dx112.downyouxi.com/hundouluosandanjiaqiangbanzhongwenban.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110943/"
+"110943","2019-01-26 22:35:16","http://dx112.downyouxi.com/hundouluosandanjiaqiangbanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110943/"
 "110942","2019-01-26 22:33:45","http://dx62.downyouxi.com/huoqiangyingxiong.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110942/"
 "110941","2019-01-26 22:33:35","http://wt112.downyouxi.com/fuqiyuan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110941/"
 "110940","2019-01-26 22:33:18","http://dx112.downyouxi.com/qqtangdanjiban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110940/"
@@ -30069,7 +30620,7 @@
 "110917","2019-01-26 21:21:16","http://down11.downyouxi.com/qbanpaopaotang7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110917/"
 "110916","2019-01-26 21:12:20","http://down11.downyouxi.com/fcrentiantanghongbaijizhongwenmoniqi500jingdianyouxidajihe.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110916/"
 "110915","2019-01-26 21:10:21","http://wt112.downyouxi.com/qqtangdanjiban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110915/"
-"110914","2019-01-26 21:08:02","http://down11.downyouxi.com/sanguozhanjizhengzong2009huiyipian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110914/"
+"110914","2019-01-26 21:08:02","http://down11.downyouxi.com/sanguozhanjizhengzong2009huiyipian.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110914/"
 "110913","2019-01-26 21:07:22","http://wt112.downyouxi.com/weilianyuhuli2zhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110913/"
 "110912","2019-01-26 20:55:30","http://wt111.downyouxi.com/wujinmaoxianzhilv.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110912/"
 "110911","2019-01-26 20:12:26","http://185.244.25.145/x85143/Yowai.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/110911/"
@@ -30121,10 +30672,10 @@
 "110865","2019-01-26 19:33:05","http://191.250.236.164:57885/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110865/"
 "110864","2019-01-26 19:29:19","http://chefpromoter.com/wp-content/cache/supercache/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110864/"
 "110863","2019-01-26 19:29:09","http://quoidevert.com/templates/shaper_newsplus/js/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110863/"
-"110862","2019-01-26 19:25:08","http://www.newxing.com/D4894DD65482/server.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110862/"
-"110861","2019-01-26 19:22:17","http://down11.downyouxi.com/gaojizhanzheng2heidongshengqizhongwenban.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110861/"
+"110862","2019-01-26 19:25:08","http://www.newxing.com/D4894DD65482/server.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110862/"
+"110861","2019-01-26 19:22:17","http://down11.downyouxi.com/gaojizhanzheng2heidongshengqizhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110861/"
 "110860","2019-01-26 19:07:17","http://dx115.downyouxi.com/saierdachuanshuosizhijianzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110860/"
-"110859","2019-01-26 19:06:01","http://dx115.downyouxi.com/fcrentiantanghongbaijizhongwenmoniqi500jingdianyouxidajihe.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110859/"
+"110859","2019-01-26 19:06:01","http://dx115.downyouxi.com/fcrentiantanghongbaijizhongwenmoniqi500jingdianyouxidajihe.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110859/"
 "110858","2019-01-26 18:57:03","http://wt111.downyouxi.com/haimianfeixing.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110858/"
 "110857","2019-01-26 18:43:25","http://wt110.downyouxi.com/jiejitaikongdazhan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110857/"
 "110856","2019-01-26 18:40:37","http://wt111.downyouxi.com/xiaomiebianyimao.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110856/"
@@ -30133,13 +30684,13 @@
 "110853","2019-01-26 18:23:55","http://wt111.downyouxi.com/koudaiguaishoujingjichang.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110853/"
 "110852","2019-01-26 18:18:45","http://wt112.downyouxi.com/saierdachuanshuosizhijianzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110852/"
 "110851","2019-01-26 18:00:35","http://wt112.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110851/"
-"110850","2019-01-26 18:00:13","http://xzd.197946.com/winrar-x64.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/110850/"
+"110850","2019-01-26 18:00:13","http://xzd.197946.com/winrar-x64.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/110850/"
 "110849","2019-01-26 17:56:19","http://wt110.downyouxi.com/qiaobingkuaiaisijimoren.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110849/"
 "110848","2019-01-26 17:48:44","http://wt110.downyouxi.com/shumabaobeidouhunchuanshuo2danjiban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110848/"
 "110847","2019-01-26 17:45:08","http://rarejewelry.net/.well-known/acme-challenge/messg.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110847/"
 "110846","2019-01-26 16:36:10","http://37.255.196.22:61857/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110846/"
 "110845","2019-01-26 16:36:05","http://98.116.131.34:10242/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110845/"
-"110844","2019-01-26 16:19:09","http://www.newxing.com/DE8BD3F2F296/QQ2009.exe","offline","malware_download","zip","https://urlhaus.abuse.ch/url/110844/"
+"110844","2019-01-26 16:19:09","http://www.newxing.com/DE8BD3F2F296/QQ2009.exe","online","malware_download","zip","https://urlhaus.abuse.ch/url/110844/"
 "110843","2019-01-26 16:04:05","http://resys.pt/n/winnilog.png","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/110843/"
 "110842","2019-01-26 16:02:08","http://imoustapha.me/M.exe","online","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/110842/"
 "110841","2019-01-26 15:54:30","http://159.65.155.170/bins/hoho.x86","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110841/"
@@ -30161,11 +30712,11 @@
 "110825","2019-01-26 15:54:06","http://142.93.211.141/kira1/kirai.mips","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110825/"
 "110824","2019-01-26 15:54:04","http://142.93.211.141/kira1/kirai.m68k","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110824/"
 "110823","2019-01-26 15:54:03","http://142.93.211.141/kira1/kirai.arm7","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110823/"
-"110822","2019-01-26 15:50:06","http://www.newxing.com/d6c9a8a921847/prjfire.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110822/"
+"110822","2019-01-26 15:50:06","http://www.newxing.com/d6c9a8a921847/prjfire.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110822/"
 "110821","2019-01-26 15:13:06","http://imoustapha.me/N.exe","online","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/110821/"
 "110820","2019-01-26 14:30:05","http://rarejewelry.net/.well-known/acme-challenge/mxr.pdf","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110820/"
 "110819","2019-01-26 13:42:05","http://171.38.147.237:17462/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/110819/"
-"110818","2019-01-26 13:31:17","http://www.newxing.com/DDB3AC763452/StandardPalette.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110818/"
+"110818","2019-01-26 13:31:17","http://www.newxing.com/DDB3AC763452/StandardPalette.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110818/"
 "110817","2019-01-26 13:18:12","http://gamblchange.club/update.rar","offline","malware_download","CAN,Encoded,Kpot,Task","https://urlhaus.abuse.ch/url/110817/"
 "110816","2019-01-26 13:18:05","https://globalinvoice.club/update.php","offline","malware_download","CAN,geofenced,Gozi","https://urlhaus.abuse.ch/url/110816/"
 "110815","2019-01-26 13:14:21","http://viswavsp.com/war/winepress.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/110815/"
@@ -30225,7 +30776,7 @@
 "110761","2019-01-26 05:39:04","http://ztds.online/20190118/multishare.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110761/"
 "110760","2019-01-26 05:34:05","http://ztds2.online/20190118/multishare.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110760/"
 "110759","2019-01-26 05:30:04","http://www.cbet.ca/wp-content/themes/twentyseventeen/noyyy.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/110759/"
-"110758","2019-01-26 05:03:10","http://download.1ys.com/ys8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110758/"
+"110758","2019-01-26 05:03:10","http://download.1ys.com/ys8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110758/"
 "110757","2019-01-26 05:02:34","http://xiaou-game.xugameplay.com/yz_v1.5.4_inc.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110757/"
 "110756","2019-01-26 05:02:14","http://rrbyupdata.renrenbuyu.com/data/channel/duowan/zip/2017062201/startup/Update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110756/"
 "110755","2019-01-26 03:56:08","http://194.147.35.56/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/110755/"
@@ -30259,7 +30810,7 @@
 "110727","2019-01-26 03:06:10","http://jesseworld.eu/kings/kings.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110727/"
 "110726","2019-01-26 03:06:06","http://jesseworld.eu/yugo/yugo.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/110726/"
 "110725","2019-01-26 03:03:16","http://16.bd-pcgame.xiazai24.com:8090/tools/gongju/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%A2%A6%E5%B9%BB%E8%A5%BF%E6%B8%B8%E5%B7%A5%E5%85%B7%E7%AE%B11.0.1.4.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110725/"
-"110724","2019-01-26 03:03:09","http://thanhtungtanluoc.com/journal/cache/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110724/"
+"110724","2019-01-26 03:03:09","http://thanhtungtanluoc.com/journal/cache/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110724/"
 "110723","2019-01-26 02:56:00","http://03.bd-pcgame.xiazai24.com:8090/Patch/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%A8%A1%E6%8B%9F%E5%9F%8E%E5%B8%825%EF%BC%9A%E6%9C%AA%E6%9D%A5%E4%B9%8B%E5%9F%8E%E7%A0%B4%E8%A7%A3%E8%A1%A5%E4%B8%81.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110723/"
 "110722","2019-01-26 02:34:10","http://17.bd-pcgame.xiazai24.com:8090/tools/gongju/%E6%B8%B8%E8%BF%85%E7%BD%91_%E6%83%85%E5%9C%A3%E6%8B%89%E7%91%9E%EF%BC%9A%E9%87%8D%E8%A3%85%E4%B8%8A%E9%98%B5%E9%87%91%E9%92%B1%E4%BF%AE%E6%94%B9%E5%99%A8R%E7%BB%84.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110722/"
 "110721","2019-01-26 02:26:16","http://devgroupofhotels.com/wp-content/themes/hotelmaster/images/dark/social-icon/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110721/"
@@ -30727,7 +31278,7 @@
 "110238","2019-01-25 12:21:16","http://ksviet.com/wp-content/themes/siteorigin-north/woocommerce/cart/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110238/"
 "110237","2019-01-25 12:14:08","http://www.cartomanzia-al-telefono.org/risten.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110237/"
 "110236","2019-01-25 12:14:07","http://down.54nb.com/%D0%E9%C4%E2%BB%FA%BC%EC%B2%E2%B9%A4%BE%DF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110236/"
-"110235","2019-01-25 12:13:25","http://seyh9.com/wp-content/themes/specia/inc/breadcrumb/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/110235/"
+"110235","2019-01-25 12:13:25","http://seyh9.com/wp-content/themes/specia/inc/breadcrumb/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110235/"
 "110234","2019-01-25 12:13:04","http://vpa.lu/wp-content/themes/vp/fonts/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110234/"
 "110233","2019-01-25 12:07:30","http://218.92.218.38/FavriteAdd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110233/"
 "110232","2019-01-25 12:05:03","http://cartomanzia-al-telefono.org/risten.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110232/"
@@ -30761,7 +31312,7 @@
 "110204","2019-01-25 11:49:29","https://kobac.tochigi.jp/wp-content/themes/kobac_theme_sp/pc_img/top_space/mxr.pdf","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110204/"
 "110203","2019-01-25 11:49:22","http://podologotarragona.es/cgi-bin/mxr.pdf","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110203/"
 "110202","2019-01-25 11:49:21","https://teensbar.com/wp-content/themes/Avada/templates/mxr.pdf","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110202/"
-"110201","2019-01-25 11:49:17","http://francetvreplay.com/wp-content/themes/customizr/assets/back/css/iphone-style-checkboxes/mxr.pdf","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110201/"
+"110201","2019-01-25 11:49:17","http://francetvreplay.com/wp-content/themes/customizr/assets/back/css/iphone-style-checkboxes/mxr.pdf","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110201/"
 "110200","2019-01-25 11:49:14","http://corumtemizlik.com/wp-includes/ID3/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110200/"
 "110199","2019-01-25 11:49:09","http://portalartikel.ooo/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110199/"
 "110198","2019-01-25 11:49:02","http://thegioicongdungcu.com/wp-includes/ID3/mxr.pdf","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110198/"
@@ -30803,7 +31354,7 @@
 "110162","2019-01-25 11:26:05","http://formettic.be/jeuxepn/apprendresouris/dragdrop.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110162/"
 "110161","2019-01-25 11:24:04","https://bestcontrol.at/sqlite.dll","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110161/"
 "110160","2019-01-25 11:18:02","http://gamedoithe.net/meta/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110160/"
-"110159","2019-01-25 11:17:24","http://seyh9.com/wp-content/themes/specia/templates/mxr.pdf","online","malware_download","exe","https://urlhaus.abuse.ch/url/110159/"
+"110159","2019-01-25 11:17:24","http://seyh9.com/wp-content/themes/specia/templates/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110159/"
 "110158","2019-01-25 11:17:03","http://e-vel.by/themes/bartik/color/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110158/"
 "110157","2019-01-25 11:15:10","http://drrozinaakter.com/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110157/"
 "110156","2019-01-25 11:15:08","http://vpa.lu/wp-content/themes/vp/fonts/mxr.pdf","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110156/"
@@ -30820,8 +31371,8 @@
 "110145","2019-01-25 09:35:05","http://www.alsafeeradvt.com/a/np.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110145/"
 "110144","2019-01-25 09:29:27","http://hebros.id/wp-admin/css/colors/blue/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/110144/"
 "110143","2019-01-25 09:29:07","http://wowepic.net/autopatch/newfr3on/autopatcher1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110143/"
-"110142","2019-01-25 09:25:14","http://down.54nb.com/%D3%B2%BC%FE%D0%C5%CF%A2%B2%E9%BF%B4%C6%F7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110142/"
-"110141","2019-01-25 09:24:06","http://wowepic.net/autopatch/classic/clientfiles////autopatcher.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110141/"
+"110142","2019-01-25 09:25:14","http://down.54nb.com/%D3%B2%BC%FE%D0%C5%CF%A2%B2%E9%BF%B4%C6%F7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110142/"
+"110141","2019-01-25 09:24:06","http://wowepic.net/autopatch/classic/clientfiles////autopatcher.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110141/"
 "110140","2019-01-25 09:17:03","http://wowepic.net/Autopatch/ModernNew/clientfiles/Autopatcher.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110140/"
 "110139","2019-01-25 09:06:08","http://bugivena.club/RegFile228.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110139/"
 "110138","2019-01-25 09:05:08","http://wowepic.net/autopatch/newlight/clientfiles////autopatcher.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/110138/"
@@ -30866,7 +31417,7 @@
 "110099","2019-01-25 06:36:06","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/5.2/ExamBible201405303.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110099/"
 "110097","2019-01-25 06:13:09","http://bentom.ru/1Bl14v64v9_POmBW662/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/110097/"
 "110096","2019-01-25 06:13:07","http://wozup.org/xhcaRjfp3m4KS_HnX/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/110096/"
-"110095","2019-01-25 06:13:05","http://techfactory.pk/d0vjo7vRJw26C_G3JYE01qG/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/110095/"
+"110095","2019-01-25 06:13:05","http://techfactory.pk/d0vjo7vRJw26C_G3JYE01qG/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/110095/"
 "110094","2019-01-25 06:13:04","http://tolanimusic.com/FgGLYFx2fxkRLqu_ns1avpR1Z/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/110094/"
 "110093","2019-01-25 06:11:03","http://13r.lg.ua/IsvJO35t6kj/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/110093/"
 "110092","2019-01-25 06:10:07","http://up.ksbao.com/updateKSBD/UpdateFiles/app/testupdata/5.2/ExamBible201405307.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110092/"
@@ -30927,7 +31478,7 @@
 "110029","2019-01-25 02:46:06","http://mortest.ug/3.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/110029/"
 "110028","2019-01-25 02:27:32","http://update-res.100public.com/rwx-init/init_bfb_caiji.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/110028/"
 "110027","2019-01-25 02:23:03","http://fristpolychem.download/mods/info1.exe","offline","malware_download","Formbook","https://urlhaus.abuse.ch/url/110027/"
-"110026","2019-01-25 02:22:03","https://docs.google.com/uc?id=1q4wYe0iCIJcfgZ-iJKAp6kl2SwWaRCxS","offline","malware_download","IcedID,Macro-doc","https://urlhaus.abuse.ch/url/110026/"
+"110026","2019-01-25 02:22:03","https://docs.google.com/uc?id=1q4wYe0iCIJcfgZ-iJKAp6kl2SwWaRCxS","online","malware_download","IcedID,Macro-doc","https://urlhaus.abuse.ch/url/110026/"
 "110025","2019-01-25 02:12:03","http://40.121.158.163/sniff","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/110025/"
 "110024","2019-01-25 02:12:02","http://40.121.158.163/dirtysex","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/110024/"
 "110023","2019-01-25 02:11:03","http://40.121.158.163/aids","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/110023/"
@@ -30942,7 +31493,7 @@
 "110014","2019-01-25 02:00:06","http://40.121.158.163/suckond","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/110014/"
 "110013","2019-01-25 02:00:05","http://40.121.158.163/nutforme","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/110013/"
 "110012","2019-01-25 02:00:04","http://home.earthlink.net/~tom12345678/shipping-label.jar","offline","malware_download","Adwind,jSocket,rat","https://urlhaus.abuse.ch/url/110012/"
-"110011","2019-01-25 01:58:06","https://docs.google.com/uc?id=1jV5c3tij0vP2HkmAmYsXSGLkJCdNGH47","online","malware_download","IcedID,Macro-doc","https://urlhaus.abuse.ch/url/110011/"
+"110011","2019-01-25 01:58:06","https://docs.google.com/uc?id=1jV5c3tij0vP2HkmAmYsXSGLkJCdNGH47","offline","malware_download","IcedID,Macro-doc","https://urlhaus.abuse.ch/url/110011/"
 "110010","2019-01-25 01:58:05","https://docs.google.com/uc?id=1VXCHfbIRZkCtw9r7hSCzjTzeVNkPVGGj","online","malware_download","IcedID,Macro-doc","https://urlhaus.abuse.ch/url/110010/"
 "110009","2019-01-25 01:56:02","http://209.141.55.226/26.jpg","offline","malware_download","exe,geofenced,IcedID,USA","https://urlhaus.abuse.ch/url/110009/"
 "110007","2019-01-25 01:33:14","http://libertycastle.com.pk/oBCF-FBkXaEbTmyiuaxs_DeQQsjsUA-x6q/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/110007/"
@@ -30974,7 +31525,7 @@
 "109976","2019-01-25 00:42:07","http://5techexplore.com/wp-content/themes/betheme/betheme/css/skins/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109976/"
 "109975","2019-01-25 00:42:04","http://empresasmudanzaszaragoza.com.es/fonts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109975/"
 "109974","2019-01-25 00:41:14","http://59.126.40.253:64130/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109974/"
-"109973","2019-01-25 00:41:09","http://82.166.24.224:4197/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109973/"
+"109973","2019-01-25 00:41:09","http://82.166.24.224:4197/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109973/"
 "109972","2019-01-25 00:41:05","http://220.70.183.53:56657/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109972/"
 "109971","2019-01-25 00:40:05","http://217.139.86.228:13546/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109971/"
 "109970","2019-01-25 00:40:03","http://barondigital.com/ketoultra/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109970/"
@@ -30985,8 +31536,8 @@
 "109965","2019-01-25 00:24:04","http://rulamart.com/wp-content/plugins/akismet/_inc/img/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109965/"
 "109964","2019-01-25 00:22:38","http://barondigital.com/purefitketo/css/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109964/"
 "109963","2019-01-25 00:22:37","http://taichinhtrondoi.com/wp-includes/ID3/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109963/"
-"109962","2019-01-25 00:22:33","http://mnarat8.com/wp-content/themes/meditation/genericons/genericons/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109962/"
-"109961","2019-01-25 00:22:30","http://file.foxitreader.cn/www_file/PDFShrinkSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/109961/"
+"109962","2019-01-25 00:22:33","http://mnarat8.com/wp-content/themes/meditation/genericons/genericons/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109962/"
+"109961","2019-01-25 00:22:30","http://file.foxitreader.cn/www_file/PDFShrinkSetup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109961/"
 "109960","2019-01-25 00:21:09","http://5techexplore.com/wp-content/themes/betheme/betheme/css/skins/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109960/"
 "109959","2019-01-25 00:21:07","http://cosmictv.xyz/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109959/"
 "109958","2019-01-25 00:21:07","http://khicongnghiepvn.com/wp-content/themes/flash/js/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109958/"
@@ -30999,7 +31550,7 @@
 "109951","2019-01-25 00:16:46","http://noithatanhthu.vn/wp-content/languages/plugins/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109951/"
 "109950","2019-01-25 00:16:34","http://site-4.work/journal/cache/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109950/"
 "109949","2019-01-25 00:16:18","http://khicongnghiepvn.com/wp-content/themes/flash/template-parts/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109949/"
-"109948","2019-01-25 00:15:20","http://mnarat8.com/wp-content/themes/meditation/page-templates/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109948/"
+"109948","2019-01-25 00:15:20","http://mnarat8.com/wp-content/themes/meditation/page-templates/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109948/"
 "109947","2019-01-25 00:02:01","http://cosmictv.xyz/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109947/"
 "109946","2019-01-25 00:01:09","http://levante-europe.com/wp-content/themes/scalia/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109946/"
 "109945","2019-01-25 00:01:09","https://hairsalon-locco.net/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109945/"
@@ -31049,16 +31600,16 @@
 "109897","2019-01-24 23:21:17","http://deka-asiaresearch.com/wp-content/themes/icorporate/css/fonts/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109897/"
 "109896","2019-01-24 23:21:11","http://shly.fsygroup.com/aspnet_client/system_web/4_0_30319/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109896/"
 "109895","2019-01-24 23:21:06","http://khicongnghiepvn.com/wp-content/themes/flash/template-parts/zinf.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109895/"
-"109894","2019-01-24 23:13:35","http://file.foxitreader.cn/file/Channel/PDFShrink/PDFShrinkSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/109894/"
+"109894","2019-01-24 23:13:35","http://file.foxitreader.cn/file/Channel/PDFShrink/PDFShrinkSetup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109894/"
 "109893","2019-01-24 23:13:04","http://lelcrb.by/wp-content/themes/webber-hospital/img/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109893/"
-"109892","2019-01-24 23:12:10","http://shly.fsygroup.com/wp-content/languages/themes/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109892/"
+"109892","2019-01-24 23:12:10","http://shly.fsygroup.com/wp-content/languages/themes/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109892/"
 "109891","2019-01-24 23:10:25","http://chanhclup.club/wp-content/themes/twentyseventeen/inc/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109891/"
 "109890","2019-01-24 23:10:15","http://drewdailey.com/wp-content/themes/squareroot/layouts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109890/"
 "109889","2019-01-24 23:04:04","http://hgebatiment.com/wp-content/languages/plugins/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109889/"
 "109888","2019-01-24 23:04:03","http://newsnaija.ng/.well-known/pki-validation/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109888/"
 "109887","2019-01-24 23:02:04","http://levante-europe.com/wp-content/themes/scalia/vc_templates/post_block/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109887/"
 "109886","2019-01-24 23:02:03","http://levante-europe.com/wp-content/themes/scalia/languages/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109886/"
-"109884","2019-01-24 23:01:06","http://alhabib7.com/wp-content/themes/urja-solar-energy/woocommerce/global/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109884/"
+"109884","2019-01-24 23:01:06","http://alhabib7.com/wp-content/themes/urja-solar-energy/woocommerce/global/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109884/"
 "109885","2019-01-24 23:01:06","http://barondigital.com/ketoultra/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109885/"
 "109883","2019-01-24 22:56:04","http://levante-europe.com/wp-content/themes/scalia/cache/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109883/"
 "109882","2019-01-24 22:55:07","http://bdcarezone.com/wp-content/themes/theshop/images/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/109882/"
@@ -31235,7 +31786,7 @@
 "109708","2019-01-24 19:17:12","https://kobac-atsugi.com/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109708/"
 "109707","2019-01-24 19:17:00","http://systemnet.work/wp-content/themes/Newspaper/translation/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109707/"
 "109706","2019-01-24 19:16:55","http://noithatanhthu.vn/wp-content/languages/plugins/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109706/"
-"109705","2019-01-24 19:16:43","http://gratisgiftcards.com/wovinur/nptoris/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109705/"
+"109705","2019-01-24 19:16:43","http://gratisgiftcards.com/wovinur/nptoris/mxr.pdf","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109705/"
 "109704","2019-01-24 19:16:40","https://hemiaitbd.com/wp-content/themes/Divi/images/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109704/"
 "109703","2019-01-24 19:16:37","https://www.naadeifashioninstitute.com/wp-content/themes/astra/inc/addons/transparent-header/assets/js/minified/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109703/"
 "109702","2019-01-24 19:16:34","https://bparj.xyz/wp-includes/ID3/mxr.pdf","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109702/"
@@ -31354,7 +31905,7 @@
 "109589","2019-01-24 19:03:50","https://aa-publisher.com/.well-known/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109589/"
 "109588","2019-01-24 19:03:45","http://diota-ar.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109588/"
 "109587","2019-01-24 19:03:45","http://ultrasatshop.com/wp-admin/css/colors/blue/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109587/"
-"109586","2019-01-24 19:03:43","https://mnarat8.com/wp-content/themes/meditation/img/icons/small/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109586/"
+"109586","2019-01-24 19:03:43","https://mnarat8.com/wp-content/themes/meditation/img/icons/small/ssj.jpg","online","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109586/"
 "109585","2019-01-24 19:03:40","http://n1ka.one/wp-content/themes/CherryFramework/images/PrettyPhoto/dark_rounded/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109585/"
 "109584","2019-01-24 19:03:38","http://ymcaminya.org/wp-content/themes/elevation/js/ssj.jpg","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109584/"
 "109582","2019-01-24 19:03:34","http://newsnaija.ng/.well-known/pki-validation/mxr.pdf","offline","malware_download",",Troldesh","https://urlhaus.abuse.ch/url/109582/"
@@ -31561,7 +32112,7 @@
 "109377","2019-01-24 14:12:09","http://ul-remont.ru/mESm-lcO_VjDXaJ-RM/ACH/PaymentAdvice/US_us/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109377/"
 "109376","2019-01-24 14:11:57","http://tuoitrethainguyen.vn/moAH-Ky0X_u-t9/INVOICE/EN_en/New-order/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109376/"
 "109375","2019-01-24 14:11:37","http://top-furnitureassembly.com/de_DE/DBOQJIF5719843/Rechnungs/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109375/"
-"109374","2019-01-24 14:11:31","http://symbisystems.com/orLT-Ww_edbSY-fZt/INVOICE/EN_en/Invoice-52920967/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109374/"
+"109374","2019-01-24 14:11:31","http://symbisystems.com/orLT-Ww_edbSY-fZt/INVOICE/EN_en/Invoice-52920967/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109374/"
 "109373","2019-01-24 14:11:25","http://summertour.com.br/edhu-87_qdof-byn/ACH/PaymentAdvice/US/ACH-form/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109373/"
 "109372","2019-01-24 14:11:15","http://smtp.coolgamesonline.xyz/de_DE/JVOEFLY5257706/GER/Zahlungserinnerung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/109372/"
 "109371","2019-01-24 14:11:09","http://restauraceuvodarny.cz/WMjd-YI_HWa-CJs/F36/invoicing/US_us/Need-to-send-the-attachment/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/109371/"
@@ -31627,7 +32178,7 @@
 "109310","2019-01-24 12:20:06","https://psb-india.com/file/ComplainceId2550203.doc","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109310/"
 "109309","2019-01-24 12:10:06","http://eidos-sociology.ru/file/build__2017.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109309/"
 "109308","2019-01-24 12:08:55","http://takhnit.co.il/components/com_ajax/ssj.jpg","offline","malware_download","emotet,exe,Ransomware,Shade","https://urlhaus.abuse.ch/url/109308/"
-"109307","2019-01-24 12:08:51","http://mazharul-hossain.info/wp-content/themes/storecommerce/demo-content/default/ssj.jpg","offline","malware_download","emotet,exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/109307/"
+"109307","2019-01-24 12:08:51","http://mazharul-hossain.info/wp-content/themes/storecommerce/demo-content/default/ssj.jpg","online","malware_download","emotet,exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/109307/"
 "109306","2019-01-24 12:08:47","http://www.tours.pt/templates/tours.pt_red/img/ssj.jpg","offline","malware_download","emotet,exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/109306/"
 "109305","2019-01-24 12:08:16","http://tamagocin.com/wp-content/themes/relic-fashion-store/themerelic/customizers/assets/js/ssj.jpg","online","malware_download","emotet,exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/109305/"
 "109304","2019-01-24 12:08:08","http://xn----htbybfcxh3h.xn--p1ai/bin/ssj.jpg","offline","malware_download","emotet,exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/109304/"
@@ -31694,7 +32245,7 @@
 "109242","2019-01-24 11:04:10","http://quvalda.by/templates/quvalda/language/en-GB/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/109242/"
 "109241","2019-01-24 10:58:07","http://www.amayayurveda.com/Amazon/Zahlungen/012019","offline","malware_download","doc,online","https://urlhaus.abuse.ch/url/109241/"
 "109240","2019-01-24 10:49:20","http://179.220.125.55:2004/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109240/"
-"109239","2019-01-24 10:49:14","http://114.35.203.9:4787/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109239/"
+"109239","2019-01-24 10:49:14","http://114.35.203.9:4787/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109239/"
 "109238","2019-01-24 10:49:07","http://114.32.204.140:22228/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/109238/"
 "109237","2019-01-24 10:36:16","http://air-team-service.com/wp-content/languages/plugins/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109237/"
 "109236","2019-01-24 10:36:11","http://tevii.ru/support/downloads/20090313_myTeVii.v4.00.111S2.v3.38.4S1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/109236/"
@@ -31766,7 +32317,7 @@
 "109154","2019-01-24 07:27:38","http://temptest123.reveance.nl/Clients/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109154/"
 "109145","2019-01-24 07:27:23","https://kcz.com.pl//UzpNB-imv_ExmThOD-Ws0/Invoice/853093961/US/Sales-Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109145/"
 "109144","2019-01-24 07:27:21","http://www.pattani.mcu.ac.th/wp-content/uploads/mJxX-fv_mKFuWjr-ho/Inv/2635684539/En/Past-Due-Invoices/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109144/"
-"109143","2019-01-24 07:27:13","http://www.odesagroup.com/nWwFe-Srwbe_wgIoqCkGH-0T/Invoice/52777161/En/Invoice-81962694-January/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109143/"
+"109143","2019-01-24 07:27:13","http://www.odesagroup.com/nWwFe-Srwbe_wgIoqCkGH-0T/Invoice/52777161/En/Invoice-81962694-January/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109143/"
 "109142","2019-01-24 07:27:10","http://www.jackservice.com.pl//Clients_Messages/2019-01/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109142/"
 "109141","2019-01-24 07:26:50","http://www.craigryan.eu/Amazon/DE/Kunden-informationen/012019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109141/"
 "109140","2019-01-24 07:26:47","http://taxplus.co.in/rBOYX-Rg_bzY-yQ/INVOICE/En_us/Invoice-for-you/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/109140/"
@@ -31995,7 +32546,7 @@
 "108912","2019-01-23 22:05:23","https://www.una-studios.com/wp-content/themes/business-startup/template-parts/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108912/"
 "108911","2019-01-23 22:05:16","http://canhooceangate.com/docs/cache/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108911/"
 "108910","2019-01-23 22:04:08","http://mitsubishidn.com.vn/wp-admin/css/colors/blue/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108910/"
-"108909","2019-01-23 22:01:03","http://de-patouillet.com/sq.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108909/"
+"108909","2019-01-23 22:01:03","http://de-patouillet.com/sq.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108909/"
 "108908","2019-01-23 22:00:10","http://de-patouillet.com/45.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108908/"
 "108907","2019-01-23 21:58:13","http://chuyensacdep.com/wp-content/ai1wm-backups/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108907/"
 "108906","2019-01-23 21:57:03","http://de-patouillet.com/ee.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108906/"
@@ -32012,7 +32563,7 @@
 "108895","2019-01-23 21:36:16","http://tattoohane.com/wp-content/themes/ninezeroseven/languages/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108895/"
 "108894","2019-01-23 21:34:07","http://karkas-dom-moscow.ru/erpose/sotpie/nn_c.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108894/"
 "108893","2019-01-23 21:34:03","http://microsoftupdate.dns-report.com/download/update.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108893/"
-"108892","2019-01-23 21:33:06","http://cliniqueelmenzah.com/bloom.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108892/"
+"108892","2019-01-23 21:33:06","http://cliniqueelmenzah.com/bloom.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108892/"
 "108891","2019-01-23 21:32:16","https://www.norsterra.cn/kwhts-4y_BLft-df/Ref/052883920US/ACH-form/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108891/"
 "108888","2019-01-23 21:22:21","https://www.promonoble.com/wp-admin/Documents/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108888/"
 "108887","2019-01-23 21:22:20","https://register.srru.ac.th/Amazon/Bestellung_details/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108887/"
@@ -32123,7 +32674,7 @@
 "108777","2019-01-23 19:22:16","http://www.smefood.com/muON-7y_QChNJCfv-D8A/InvoiceCodeChanges/En_us/Invoice-receipt/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108777/"
 "108776","2019-01-23 19:22:04","http://satstore.kz/KXLC-6VZ_r-IyL/EXT/PaymentStatus/En/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108776/"
 "108775","2019-01-23 19:06:33","http://earnbdt.com/wp-content/themes/martfury/wc-vendors/front/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108775/"
-"108774","2019-01-23 19:06:26","http://xzc.198424.com/wrar56b5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108774/"
+"108774","2019-01-23 19:06:26","http://xzc.198424.com/wrar56b5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108774/"
 "108773","2019-01-23 19:01:16","http://microsoftpro.dns-report.com/host/162.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108773/"
 "108772","2019-01-23 19:01:08","http://139.180.195.93/bins/hoho.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108772/"
 "108771","2019-01-23 19:01:04","http://139.180.195.93/bins/hoho.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108771/"
@@ -32163,7 +32714,7 @@
 "108737","2019-01-23 18:31:30","http://dienlanhlehai.com/wp-content/themes/flatmarket/fonts/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108737/"
 "108736","2019-01-23 18:31:07","http://microsoft-live.zzux.com/update/update.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108736/"
 "108735","2019-01-23 18:31:06","http://tantiendoor.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108735/"
-"108734","2019-01-23 18:29:42","http://draanallelimanguilarleon.com/wp-content/themes/zerif-lite/images/zinf.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108734/"
+"108734","2019-01-23 18:29:42","http://draanallelimanguilarleon.com/wp-content/themes/zerif-lite/images/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108734/"
 "108733","2019-01-23 18:29:30","http://draanallelimanguilarleon.com/wp-content/themes/zerif-lite/images/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108733/"
 "108732","2019-01-23 18:29:16","http://una-studios.com/wp-content/themes/business-startup/template-parts/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108732/"
 "108731","2019-01-23 18:29:08","http://microsoft.ddns.us/host/civic.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108731/"
@@ -32216,12 +32767,12 @@
 "108684","2019-01-23 18:04:09","http://valentinesblues.com/.well-known/pki-validation/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108684/"
 "108683","2019-01-23 18:04:04","http://microsoft.ddns.us/download/update.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108683/"
 "108682","2019-01-23 18:02:50","http://newyeardealz.com/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108682/"
-"108681","2019-01-23 18:02:34","http://mitsubishidn.com.vn/.well-known/acme-challenge/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108681/"
+"108681","2019-01-23 18:02:34","http://mitsubishidn.com.vn/.well-known/acme-challenge/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108681/"
 "108680","2019-01-23 18:01:22","http://dienlanhlehai.com/wp-content/themes/flatmarket/img/payment/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108680/"
 "108679","2019-01-23 18:00:02","http://marinasuitesnhatrang.com/wp-content/themes/flatsome/inc/admin/advanced/assets/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108679/"
 "108678","2019-01-23 17:59:23","http://nepra.by/bin/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108678/"
 "108677","2019-01-23 17:38:08","http://microsoftupdate.dns-report.com/host/137.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108677/"
-"108676","2019-01-23 17:36:16","http://thecostatranphu.com/.well-known/acme-challenge/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108676/"
+"108676","2019-01-23 17:36:16","http://thecostatranphu.com/.well-known/acme-challenge/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108676/"
 "108675","2019-01-23 17:34:07","http://microsoftoutlook.ddns.info/update/update.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108675/"
 "108674","2019-01-23 17:33:07","http://microsoftoutlook.ddns.info/host/137.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108674/"
 "108673","2019-01-23 17:32:23","http://microsoft-live.zzux.com/host/137.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108673/"
@@ -32293,8 +32844,8 @@
 "108607","2019-01-23 16:34:41","http://dr-martini-sylvestre-stomatologue-strasbourg.fr/logs/Clients_transactions/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108607/"
 "108606","2019-01-23 16:34:37","http://cauumdy.gq/wp-admin/includes/Payment_details/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108606/"
 "108605","2019-01-23 16:34:07","http://airinovasi-indonesia.com/wp-data/Information/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108605/"
-"108604","2019-01-23 16:32:16","http://jayc-productions.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108604/"
-"108603","2019-01-23 16:32:10","http://tubdispvitvitebsk.by/templates/protostar/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108603/"
+"108604","2019-01-23 16:32:16","http://jayc-productions.com/.well-known/acme-challenge/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108604/"
+"108603","2019-01-23 16:32:10","http://tubdispvitvitebsk.by/templates/protostar/css/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108603/"
 "108602","2019-01-23 16:31:19","http://choviahe.cf/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108602/"
 "108601","2019-01-23 16:28:59","http://muzhskoedelo.by/cgi-bin/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108601/"
 "108600","2019-01-23 16:28:50","http://pushkinplaza.by/administrator/cache/_system/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108600/"
@@ -32346,7 +32897,7 @@
 "108553","2019-01-23 15:22:09","http://www.atocan.eu/zJUWR-yMAs_FdpuyN-FG/Inv/23206675010/EN_en/Inv-326267-PO-0J728868/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108553/"
 "108552","2019-01-23 15:22:06","http://improve-it.uy/nCIu-lQc_xC-7Q/7600251/SurveyQuestionsUS/Invoice-16349384-January/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108552/"
 "108551","2019-01-23 15:11:03","http://burasiaksaray.com/.well-known/pki-validation/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108551/"
-"108550","2019-01-23 15:09:04","http://riaztex.com/update/file.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/108550/"
+"108550","2019-01-23 15:09:04","http://riaztex.com/update/file.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/108550/"
 "108549","2019-01-23 15:09:03","http://adambenny.org/wp-content/themes/god-grace/languages/zinf.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/108549/"
 "108548","2019-01-23 15:08:06","http://wakalad.com/safe_download/741326/speedownloader.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108548/"
 "108547","2019-01-23 15:08:04","https://shrikailashlogicity.in/jupiteri.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/108547/"
@@ -32421,12 +32972,12 @@
 "108474","2019-01-23 14:22:09","http://www.modern-autoparts.com/ezFUGpI/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108474/"
 "108473","2019-01-23 14:22:08","http://stoutarc.com/JbCOGyE/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108473/"
 "108472","2019-01-23 14:22:06","http://tunerg.com/SKMFSuIWW/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/108472/"
-"108471","2019-01-23 14:19:03","http://23.249.163.110/doc/word/pdf.exe","offline","malware_download","AgentTesla,exe,NanoCore","https://urlhaus.abuse.ch/url/108471/"
+"108471","2019-01-23 14:19:03","http://23.249.163.110/doc/word/pdf.exe","online","malware_download","AgentTesla,exe,NanoCore","https://urlhaus.abuse.ch/url/108471/"
 "108470","2019-01-23 14:17:03","http://aksaraybelediyesi.tv/bs.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108470/"
 "108469","2019-01-23 14:16:09","http://globallegacyfreight.com/wp-content/themes/enfold/config-gravityforms/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108469/"
 "108468","2019-01-23 14:10:11","http://pzhsz.ltd/com.mynagisa.java.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/108468/"
 "108467","2019-01-23 14:03:55","http://greenglobal.co.id/wp-content/themes/avik/avik-functionality-plugin/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/108467/"
-"108466","2019-01-23 13:24:12","http://zh100.xzstatic.com/2017/04/wbhfzh.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108466/"
+"108466","2019-01-23 13:24:12","http://zh100.xzstatic.com/2017/04/wbhfzh.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108466/"
 "108464","2019-01-23 13:19:03","http://176.32.35.240/vb/Oasis.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108464/"
 "108465","2019-01-23 13:19:03","http://176.32.35.240/vb/Oasis.ppc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108465/"
 "108463","2019-01-23 13:19:02","http://176.32.35.240/vb/Oasis.sh4","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108463/"
@@ -32499,7 +33050,7 @@
 "108396","2019-01-23 12:18:05","http://frankshedy.5gbfree.com/mys.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/108396/"
 "108395","2019-01-23 12:11:10","http://vaytienlaocai.com/wp-content/themes/flatsome/woocommerce/cart/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108395/"
 "108394","2019-01-23 12:05:05","http://www.mytrains.net/administrator/templates/isis/less/bootstrap/Payment%20Challan.zip","online","malware_download","Kutaki,zipped-exe","https://urlhaus.abuse.ch/url/108394/"
-"108393","2019-01-23 11:58:16","http://yesky.xzstatic.com/2017/08/02/yxlmLOLpfzj_v14.6.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108393/"
+"108393","2019-01-23 11:58:16","http://yesky.xzstatic.com/2017/08/02/yxlmLOLpfzj_v14.6.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108393/"
 "108392","2019-01-23 11:56:05","http://iparkingtest.com/wp-content/themes/noyah/css/theme/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108392/"
 "108391","2019-01-23 11:55:32","http://ceronamtinclube.icu/opuba/unit.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108391/"
 "108390","2019-01-23 11:51:03","http://csb-co-id.ga/file/sweed.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108390/"
@@ -32566,7 +33117,7 @@
 "108329","2019-01-23 11:23:27","http://millennialsberkarya.com/wp-admin/de_DE/WUCHZZ6988312/Scan/Zahlung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108329/"
 "108328","2019-01-23 11:23:24","http://www.petroc.org.tw/Januar2019/UKXFADDS6748715/DE_de/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108328/"
 "108327","2019-01-23 11:23:19","http://kargopol-wood.ru/DE/STTUGZM0410275/DE_de/Fakturierung/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/108327/"
-"108326","2019-01-23 11:23:17","http://hjsanders.nl/De_de/ESBXISXZR0356086/Scan/FORM/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108326/"
+"108326","2019-01-23 11:23:17","http://hjsanders.nl/De_de/ESBXISXZR0356086/Scan/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108326/"
 "108325","2019-01-23 11:23:16","http://bloggers.swarajyaawards.com/wp-content/VWEECMRJXZ5229968/GER/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108325/"
 "108324","2019-01-23 11:23:13","http://saintjohnscba.com.ar/De/IUOUIYW0042513/Rechnungskorrektur/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/108324/"
 "108323","2019-01-23 11:23:11","http://www.dlysxx.cn/De_de/ESPDYMJC9534881/Rech/Rechnungsanschrift/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/108323/"
@@ -32585,7 +33136,7 @@
 "108310","2019-01-23 11:19:12","http://194.36.173.46/0000000.hta","offline","malware_download","None","https://urlhaus.abuse.ch/url/108310/"
 "108309","2019-01-23 11:19:10","http://194.36.173.46/00000.exe","offline","malware_download","exe,RevCode","https://urlhaus.abuse.ch/url/108309/"
 "108308","2019-01-23 11:17:03","http://194.36.173.46/good.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108308/"
-"108307","2019-01-23 11:16:06","http://23.249.163.110/microsoft/word/vbs.exe","online","malware_download","AgentTesla,Loki","https://urlhaus.abuse.ch/url/108307/"
+"108307","2019-01-23 11:16:06","http://23.249.163.110/microsoft/word/vbs.exe","offline","malware_download","AgentTesla,Loki","https://urlhaus.abuse.ch/url/108307/"
 "108306","2019-01-23 11:15:03","http://oxydating.com/hey.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/108306/"
 "108305","2019-01-23 11:14:16","http://www.circuits.gr/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/108305/"
 "108303","2019-01-23 11:14:14","http://191.101.42.179:8080/HxJOy7n0CJvydvN3qZ2FLgqSDe-upNDe0J0Ts0S_QVE3U8qmdyykRSnD6T_HvD7La8DNmDu0GFUno6sSH6E1kyH1KFLrK-sU2mx6mwqnG4gBWa7BSH61LeWes6_ip9ijxEIdPAmYbrc9mOjG3ohA4KJrSn_hMCCfI9Pc_7hBhp","offline","malware_download","exe,meterpreter","https://urlhaus.abuse.ch/url/108303/"
@@ -32639,7 +33190,6 @@
 "108248","2019-01-23 11:10:56","http://bit.ly/2EdlK92","offline","malware_download","exe,NanoCore,rat","https://urlhaus.abuse.ch/url/108248/"
 "108247","2019-01-23 11:10:56","http://cdnrep.reimage.com/prot/ProtectorPackageRR2023.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108247/"
 "108246","2019-01-23 11:10:52","http://www.greatis.com/dbs.zip","online","malware_download","miner,zip","https://urlhaus.abuse.ch/url/108246/"
-"108245","2019-01-23 11:10:48","http://www.greatissoftware.com/unhackmeb.zip","offline","malware_download","miner,zip","https://urlhaus.abuse.ch/url/108245/"
 "108244","2019-01-23 11:10:32","http://asedownloadgate.com/3/000000/wizzcaster_installer_v2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108244/"
 "108243","2019-01-23 11:10:32","http://asedownloadgate.com/from_backup/747474/AdsShow_installer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108243/"
 "108242","2019-01-23 11:10:31","http://corporationmicrosoft.duckdns.org:8379/is-sending%3C%7C%3ED:/servers/08-10-2018/nj.exe","offline","malware_download","exe,njRAT,rat","https://urlhaus.abuse.ch/url/108242/"
@@ -32679,7 +33229,7 @@
 "108205","2019-01-23 11:07:16","https://cdn.discordapp.com/attachments/323853112815124481/339009105366745088/1_abre_isto_e_espera_3_seg_e_dps_f7.exe","online","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/108205/"
 "108203","2019-01-23 11:07:12","https://cdn.discordapp.com/attachments/330023129223135232/331132862625611786/powerproductions.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108203/"
 "108202","2019-01-23 11:07:10","https://cdn.discordapp.com/attachments/341940792253874176/341940874445455360/MJnwem2Rzu0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108202/"
-"108201","2019-01-23 11:07:08","https://cdn.discordapp.com/attachments/360637646495809538/367538700911116288/LMAOBox.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108201/"
+"108201","2019-01-23 11:07:08","https://cdn.discordapp.com/attachments/360637646495809538/367538700911116288/LMAOBox.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108201/"
 "108200","2019-01-23 11:07:06","https://cdn.discordapp.com/attachments/361560694593945603/361921483959828490/injector.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108200/"
 "108199","2019-01-23 11:07:03","https://cdn.discordapp.com/attachments/366142357034500098/439388650581786634/Windows_Patch_Guard_.exe","online","malware_download","exe,Imminent,ImminentRAT,rat","https://urlhaus.abuse.ch/url/108199/"
 "108198","2019-01-23 11:07:01","https://cdn.discordapp.com/attachments/366654050969845793/366654203323613185/Rbx.Sell.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108198/"
@@ -32700,7 +33250,7 @@
 "108183","2019-01-23 11:05:48","http://www.tamoyun.web.tr/kurulum.exe","offline","malware_download","exe,sinkhole","https://urlhaus.abuse.ch/url/108183/"
 "108182","2019-01-23 11:05:46","http://chippyex.heliohost.org/TheTrollface.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108182/"
 "108181","2019-01-23 11:05:45","https://cdn.discordapp.com/attachments/445215560393818122/452881850524893215/test.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108181/"
-"108180","2019-01-23 11:05:42","https://cdn.discordapp.com/attachments/374213626829078530/374490504177516545/q12.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/108180/"
+"108180","2019-01-23 11:05:42","https://cdn.discordapp.com/attachments/374213626829078530/374490504177516545/q12.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108180/"
 "108179","2019-01-23 11:05:38","http://66.97.34.157/TI/yyyy.zip","offline","malware_download","auotit,exe,Loader,payload,zip","https://urlhaus.abuse.ch/url/108179/"
 "108178","2019-01-23 11:05:35","https://pdnas.myqnapcloud.com/share.cgi?ssid=0EydTKe&fid=0EydTKe&filename=20180806.xls&openfolder=forcedownload&ep=","offline","malware_download","AgentTesla,Loader,payload,xls","https://urlhaus.abuse.ch/url/108178/"
 "108173","2019-01-23 11:04:07","http://down.dll-biu.com/DD/Service.bin","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108173/"
@@ -32775,7 +33325,7 @@
 "108105","2019-01-23 08:19:04","http://loygf-99.gq/wishtop.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108105/"
 "108103","2019-01-23 08:19:03","http://157.230.61.82/AB4g5/Josho.arm","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108103/"
 "108102","2019-01-23 08:19:02","http://loygf-99.gq/volovo.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/108102/"
-"108101","2019-01-23 08:17:12","http://27.120.86.87/fi/hoge12.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/108101/"
+"108101","2019-01-23 08:17:12","http://27.120.86.87/fi/hoge12.doc","online","malware_download","RTF","https://urlhaus.abuse.ch/url/108101/"
 "108100","2019-01-23 08:15:10","http://firstchem.vn/wp-admin/Amazon/Zahlungen/01_19/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/108100/"
 "108099","2019-01-23 08:12:07","http://crtdju.org.ru/administrator/components/com_tags/views/tag/tmpl/p.ssj","offline","malware_download","None","https://urlhaus.abuse.ch/url/108099/"
 "108098","2019-01-23 08:12:03","http://157.230.49.191/yakuza.mpsl","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108098/"
@@ -32808,7 +33358,7 @@
 "108071","2019-01-23 07:31:07","http://yeuromndy.cf/Amazon/DE/Kunden_Messages/2019-01/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/108071/"
 "108070","2019-01-23 07:30:06","http://157.230.92.196/cron","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/108070/"
 "108069","2019-01-23 07:30:04","http://46.101.80.191/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/108069/"
-"108068","2019-01-23 07:26:03","http://www.pesei.it/old/jswp.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/108068/"
+"108068","2019-01-23 07:26:03","http://www.pesei.it/old/jswp.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/108068/"
 "108067","2019-01-23 07:20:06","http://157.230.49.191/yakuza.x86","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108067/"
 "108066","2019-01-23 07:20:04","http://157.230.92.196/wget","offline","malware_download","elf,gafgyt","https://urlhaus.abuse.ch/url/108066/"
 "108065","2019-01-23 07:19:25","https://aoiap.org/my.png","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/108065/"
@@ -33260,7 +33810,7 @@
 "107600","2019-01-22 18:41:22","http://sarwa.co.za/KuPva1H8nR7WkoQ/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/107600/"
 "107599","2019-01-22 18:41:14","http://find-me-an-english-penpal.find-me-an-english-tutor.co.uk/NQI8cCjpRB_qU/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/107599/"
 "107598","2019-01-22 18:41:07","http://durosfarm.com/lMQ9kTo2tA3mYFA_oiMgkWg7/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/107598/"
-"107597","2019-01-22 18:40:41","http://vadhuvarparichay.com/jRvr-g1Qh_REVKyd-Hrv/ACH/PaymentInfo/US_us/Invoices-attached/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107597/"
+"107597","2019-01-22 18:40:41","http://vadhuvarparichay.com/jRvr-g1Qh_REVKyd-Hrv/ACH/PaymentInfo/US_us/Invoices-attached/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107597/"
 "107596","2019-01-22 18:40:06","http://guimarte.com/VHnzN-MJ77q_XkU-qSg/76761/SurveyQuestionsEn_us/Invoices-Overdue/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107596/"
 "107595","2019-01-22 18:40:02","http://cp.nbdev.nl/FxXF-RC_JlI-YDP/COMET/SIGNS/PAYMENT/NOTIFICATION/01/22/2019/US/Invoice-Number-68121/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107595/"
 "107594","2019-01-22 18:39:57","http://dynamo.kz/apbV-bpkOE_KoWdzR-5g/ACH/PaymentInfo/US_us/New-order/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/107594/"
@@ -33351,7 +33901,7 @@
 "107507","2019-01-22 17:36:05","http://menformula.com/wp-admin/css/colors/blue/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107507/"
 "107506","2019-01-22 17:36:04","http://zanatika.com/wp-content/themes/flash/js/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107506/"
 "107505","2019-01-22 17:34:24","http://yeu81.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107505/"
-"107504","2019-01-22 17:34:21","http://kdoorviet.com/wp-content/themes/flatsome/inc/admin/advanced/assets/css/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107504/"
+"107504","2019-01-22 17:34:21","http://kdoorviet.com/wp-content/themes/flatsome/inc/admin/advanced/assets/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107504/"
 "107503","2019-01-22 17:34:12","http://khannen.com.vn/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107503/"
 "107502","2019-01-22 17:34:05","http://diamondking.co/docs/cache/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107502/"
 "107501","2019-01-22 17:33:27","http://khannen.vn/assets/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107501/"
@@ -33420,7 +33970,7 @@
 "107436","2019-01-22 16:31:03","http://suviajeaunclick.com/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107436/"
 "107435","2019-01-22 16:29:35","http://view.bmt.city/wp-content/languages/plugins/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107435/"
 "107434","2019-01-22 16:29:34","http://vuacacao.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107434/"
-"107433","2019-01-22 16:29:28","http://tienlambds.com/wp-content/themes/flatsome/languages/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107433/"
+"107433","2019-01-22 16:29:28","http://tienlambds.com/wp-content/themes/flatsome/languages/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107433/"
 "107432","2019-01-22 16:29:20","http://damuoigiasi.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107432/"
 "107431","2019-01-22 16:28:11","http://mypham3.bmt.city/wp-content/cache/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107431/"
 "107430","2019-01-22 16:28:06","http://tekacars.com/wp-content/themes/oceanwp/assets/css/edd/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107430/"
@@ -33459,7 +34009,7 @@
 "107396","2019-01-22 15:32:40","http://kanticzkos.bernardinai.lt/Amazon/DE/Zahlungen/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107396/"
 "107395","2019-01-22 15:32:39","http://mediaboxadvertising.com/Information/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107395/"
 "107394","2019-01-22 15:32:37","http://mrcleaner.ca/Transactions/012019/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107394/"
-"107393","2019-01-22 15:32:36","http://nightonline.ru/images/Amazon/DE/Kunden_informationen/01_19/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107393/"
+"107393","2019-01-22 15:32:36","http://nightonline.ru/images/Amazon/DE/Kunden_informationen/01_19/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107393/"
 "107391","2019-01-22 15:32:34","http://www.jongewolf.nl/AMAZON/Transaktion/012019/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107391/"
 "107390","2019-01-22 15:32:33","http://yachtclubhotel.com.au/Transactions/2019-01/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107390/"
 "107389","2019-01-22 15:32:31","https://url.emailprotection.link/?ajbo-VhEYM_CfcsByStOYLJVuZELcMGO1OVSMJez0j29BEMhVl1EPEsnDYllXX92wJrsYw1UjOu5gKTwpDV_boQ~~/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/107389/"
@@ -33489,7 +34039,7 @@
 "107365","2019-01-22 15:28:03","http://homestayhonson.com/wp-content/themes/sahifa/languages/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107365/"
 "107364","2019-01-22 15:27:20","http://whatsgoinginmarket.info/wp-content/themes/specia/languages/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107364/"
 "107363","2019-01-22 15:27:13","http://khanlanhdaklak.com/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107363/"
-"107362","2019-01-22 15:27:06","http://leclix.com/3rdlayout/cgi-bin/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107362/"
+"107362","2019-01-22 15:27:06","http://leclix.com/3rdlayout/cgi-bin/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107362/"
 "107361","2019-01-22 15:26:10","http://kblpartners.com/cgi-bin/test/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107361/"
 "107360","2019-01-22 15:25:45","http://sevendencasasyterrenos.com/Attachments/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107360/"
 "107359","2019-01-22 15:25:42","http://giay136.com/Transaction_details/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/107359/"
@@ -33542,7 +34092,7 @@
 "107311","2019-01-22 14:56:04","http://hexacode.lk/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107311/"
 "107310","2019-01-22 14:56:02","http://tucsonbikeshop.com/wp-content/themes/layerswp/assets/css/icon-fonts/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107310/"
 "107309","2019-01-22 14:55:04","http://xn----8sbf1cej3h.xn--p1ai/UjHkf-ji_PaEFp-SiX/INV/828049FORPO/3750710322/EN_en/Invoice-for-j/l-01/22/2019/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/107309/"
-"107308","2019-01-22 14:54:25","http://jobgreben5.store/wp-content/themes/covernews/assets/bootstrap/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107308/"
+"107308","2019-01-22 14:54:25","http://jobgreben5.store/wp-content/themes/covernews/assets/bootstrap/css/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107308/"
 "107307","2019-01-22 14:54:12","http://orishinecarwash.com/wp-content/themes/diamondking/bootstrap/css/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107307/"
 "107306","2019-01-22 14:49:13","http://shopseaman.com/wp-content/themes/seaman/font-awesome/css/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107306/"
 "107305","2019-01-22 14:44:03","https://a.uchi.moe/xyezbg.png","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/107305/"
@@ -33628,7 +34178,7 @@
 "107223","2019-01-22 12:45:10","http://energy-dnepr.com/files/category_pictures/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107223/"
 "107222","2019-01-22 12:45:06","http://vina.market/wp-includes/ID3/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/107222/"
 "107221","2019-01-22 12:38:12","http://rest-tv.top/administrator/cache/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107221/"
-"107220","2019-01-22 12:38:10","http://samar.media/templates/theme2018/css/hover_styles/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107220/"
+"107220","2019-01-22 12:38:10","http://samar.media/templates/theme2018/css/hover_styles/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/107220/"
 "107219","2019-01-22 12:38:08","http://meg-house.ooo/administrator/cache/jbzoo_currency/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107219/"
 "107218","2019-01-22 12:38:06","http://gomovies.cl/wp-content/languages/plugins/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107218/"
 "107217","2019-01-22 12:37:24","http://legobrain.pro/templates/shaper_helix3/layout/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107217/"
@@ -33735,7 +34285,7 @@
 "107115","2019-01-22 10:19:13","http://theubergroups.com/winos/ion.exe","offline","malware_download","AgentTesla,keylogger","https://urlhaus.abuse.ch/url/107115/"
 "107114","2019-01-22 10:19:10","http://theubergroups.com/winos/frn.exe","offline","malware_download","AgentTesla,keylogger","https://urlhaus.abuse.ch/url/107114/"
 "107113","2019-01-22 10:19:06","http://theubergroups.com/winos/emy.exe","offline","malware_download","AgentTesla,keylogger","https://urlhaus.abuse.ch/url/107113/"
-"107112","2019-01-22 10:15:10","http://xri4pork.s3.amazonaws.com/xxx_video.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107112/"
+"107112","2019-01-22 10:15:10","http://xri4pork.s3.amazonaws.com/xxx_video.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107112/"
 "107111","2019-01-22 10:15:09","http://wisdom-services.com/templates/finance/css/zinf.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107111/"
 "107110","2019-01-22 10:13:04","http://43.231.185.100:8027/lmmms.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/107110/"
 "107109","2019-01-22 10:13:04","http://www.signcutpro.com/files/plugins/corelx10.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/107109/"
@@ -33952,7 +34502,7 @@
 "106898","2019-01-22 06:22:09","http://vektorex.com/source/Z/561213328.jpg","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/106898/"
 "106897","2019-01-22 06:22:03","http://vektorex.com/jobs/cgi/30691001.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106897/"
 "106896","2019-01-22 06:16:04","http://freshwallet.at/file.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106896/"
-"106895","2019-01-22 06:10:03","http://royaproduct.ru/img/2/info/vic.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106895/"
+"106895","2019-01-22 06:10:03","http://royaproduct.ru/img/2/info/vic.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106895/"
 "106894","2019-01-22 06:09:03","http://wisdom-services.com/administrator/cache/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106894/"
 "106893","2019-01-22 05:31:02","http://185.52.2.199/Binarys/Owari.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106893/"
 "106892","2019-01-22 04:58:44","http://185.52.2.199/Binarys/Owari.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106892/"
@@ -34149,10 +34699,10 @@
 "106701","2019-01-21 20:05:19","http://579custom.space/errordocs/style/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106701/"
 "106700","2019-01-21 20:05:17","http://royaproduct.ru/img/2/admin/solo.exe","online","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106700/"
 "106699","2019-01-21 20:05:16","http://greenwheelings.com/wp-content/themes/twentynineteen/fonts/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/106699/"
-"106698","2019-01-21 20:05:13","http://royaproduct.ru/img/2/admin/whe.exe","online","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106698/"
+"106698","2019-01-21 20:05:13","http://royaproduct.ru/img/2/admin/whe.exe","offline","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106698/"
 "106697","2019-01-21 20:05:12","http://royaproduct.ru/img/2/admin/frc.exe","online","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106697/"
 "106696","2019-01-21 20:05:10","http://royaproduct.ru/img/2/admin/elbb.exe","online","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106696/"
-"106695","2019-01-21 20:05:09","http://royaproduct.ru/img/2/admin/whee.exe","online","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106695/"
+"106695","2019-01-21 20:05:09","http://royaproduct.ru/img/2/admin/whee.exe","offline","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106695/"
 "106694","2019-01-21 20:05:08","http://royaproduct.ru/img/2/admin/emmyy.exe","online","malware_download","AgentTesla,exe,stealer","https://urlhaus.abuse.ch/url/106694/"
 "106693","2019-01-21 20:05:06","http://royaproduct.ru/img/2/info/agoo.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/106693/"
 "106692","2019-01-21 20:05:05","http://royaproduct.ru/img/2/info/fran.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/106692/"
@@ -34195,7 +34745,7 @@
 "106655","2019-01-21 18:45:13","http://srcdos.com/Kuso69/Akiru.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106655/"
 "106654","2019-01-21 18:45:10","http://185.244.25.134/AB4g5/Josho.ppc","online","malware_download","elf","https://urlhaus.abuse.ch/url/106654/"
 "106653","2019-01-21 18:45:08","http://185.244.25.134/AB4g5/Josho.x85","online","malware_download","elf","https://urlhaus.abuse.ch/url/106653/"
-"106652","2019-01-21 18:45:06","http://185.244.25.134/AB4g5/Josho.sh4","online","malware_download","elf","https://urlhaus.abuse.ch/url/106652/"
+"106652","2019-01-21 18:45:06","http://185.244.25.134/AB4g5/Josho.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106652/"
 "106651","2019-01-21 18:45:04","http://185.244.25.134/AB4g5/Josho.mpsl","online","malware_download","elf","https://urlhaus.abuse.ch/url/106651/"
 "106650","2019-01-21 18:45:03","http://185.244.25.134/AB4g5/Josho.armt","online","malware_download","elf","https://urlhaus.abuse.ch/url/106650/"
 "106649","2019-01-21 18:45:02","http://185.244.25.134/AB4g5/Josho.arm5","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106649/"
@@ -34210,9 +34760,9 @@
 "106640","2019-01-21 18:29:07","http://prfancy-th.com/templates/prfancy/images/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106640/"
 "106639","2019-01-21 18:28:25","http://vattanacapparel.com/templates/a1black/js/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106639/"
 "106638","2019-01-21 18:28:15","http://vodai.bid/.well-known/pki-validation/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106638/"
-"106637","2019-01-21 18:26:30","http://prfancy-th.com/templates/prfancy/css/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106637/"
+"106637","2019-01-21 18:26:30","http://prfancy-th.com/templates/prfancy/css/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106637/"
 "106636","2019-01-21 18:26:20","http://quimitorres.com/wp-content/themes/twentyseventeen/template-parts/footer/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106636/"
-"106635","2019-01-21 18:25:12","http://bdtube.pl/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106635/"
+"106635","2019-01-21 18:25:12","http://bdtube.pl/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106635/"
 "106634","2019-01-21 18:14:04","http://bhartivaish.com/.well-known/acme-challenge/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106634/"
 "106633","2019-01-21 18:12:15","http://lmfhc.com/templates/zo2_hallo/components/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106633/"
 "106632","2019-01-21 18:11:25","http://aierswatch.com/wp-content/themes/baiila/fonts/ssj.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/106632/"
@@ -34257,16 +34807,16 @@
 "106593","2019-01-21 17:26:06","http://89.46.223.195/bins/arm6","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106593/"
 "106592","2019-01-21 17:26:03","http://89.46.223.195/bins/sh4","online","malware_download","ddos,elf,mirai","https://urlhaus.abuse.ch/url/106592/"
 "106591","2019-01-21 17:20:08","http://dev.bassetlawscouts.org.uk/images/carosel/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106591/"
-"106590","2019-01-21 17:19:11","http://forum.webprojemiz.com/bin/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106590/"
+"106590","2019-01-21 17:19:11","http://forum.webprojemiz.com/bin/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106590/"
 "106589","2019-01-21 17:19:09","http://habibsonline.com/wp-content/themes/vitrine/templates/woocommerce/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106589/"
 "106588","2019-01-21 17:19:05","http://romanyaciftevatandaslik.com/wp-content/themes/romanya/images/colorbox/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106588/"
 "106587","2019-01-21 17:19:03","http://iar.webprojemiz.com/ajax/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106587/"
 "106586","2019-01-21 17:18:25","http://next-vision.ro/js/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106586/"
 "106585","2019-01-21 17:18:18","http://dulichvietlao.vn/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106585/"
 "106584","2019-01-21 17:18:10","http://snappybooster.com/wp-content/themes/betheme/woocommerce/cart/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106584/"
-"106583","2019-01-21 17:18:04","http://prenak.com/wp-content/themes/grow/languages/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106583/"
+"106583","2019-01-21 17:18:04","http://prenak.com/wp-content/themes/grow/languages/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106583/"
 "106582","2019-01-21 17:16:21","http://mobileshousecompany.com/wp-content/themes/g5plus-orson/g5plus-framework/core/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106582/"
-"106581","2019-01-21 17:16:15","http://wisdom-services.com/templates/finance/switcher/colors/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106581/"
+"106581","2019-01-21 17:16:15","http://wisdom-services.com/templates/finance/switcher/colors/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106581/"
 "106580","2019-01-21 17:16:11","http://tradesucces.info/wp-content/themes/proficiency/images/blog/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106580/"
 "106579","2019-01-21 17:16:07","http://exoticano.com/wp-content/themes/efora/languages/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106579/"
 "106578","2019-01-21 17:15:39","http://vattanacapparel.com/templates/a1black/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106578/"
@@ -34278,12 +34828,12 @@
 "106572","2019-01-21 17:13:16","http://bharatchemicalindustries.com/wp-content/themes/insomnia/language/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106572/"
 "106571","2019-01-21 17:13:10","http://forceempiregh.com/wp-content/themes/bizworx/demo-content/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106571/"
 "106570","2019-01-21 17:12:54","http://dongygiatruyentienhanh.net/wp-content/languages/plugins/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106570/"
-"106569","2019-01-21 17:12:37","http://eticaretdanismani.com/wp-admin/css/colors/blue/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106569/"
+"106569","2019-01-21 17:12:37","http://eticaretdanismani.com/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106569/"
 "106568","2019-01-21 17:12:27","http://aierswatch.com/wp-content/themes/baiila/genericons/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106568/"
 "106567","2019-01-21 17:12:08","http://www.eleinad.org/wp-content/themes/dt-the7/css/compatibility/woo-fonts/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106567/"
 "106566","2019-01-21 16:52:12","http://vinhomeshalongxanh.xyz/.well-known/pki-validation/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106566/"
 "106565","2019-01-21 16:52:04","http://besthundredbusiness.com/wp-content/themes/twentyseventeen/template-parts/footer/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106565/"
-"106564","2019-01-21 16:51:20","http://golfadventuretours.com/wp-content/themes/golf/js/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106564/"
+"106564","2019-01-21 16:51:20","http://golfadventuretours.com/wp-content/themes/golf/js/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106564/"
 "106563","2019-01-21 16:51:14","http://prisbaca.com/wp-content/themes/twentyten/images/headers/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106563/"
 "106562","2019-01-21 16:51:11","http://send.webprojemiz.com/nedmin/netting/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106562/"
 "106561","2019-01-21 16:51:09","http://quinnieclinic.vn/wp-content/languages/plugins/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106561/"
@@ -34316,7 +34866,7 @@
 "106534","2019-01-21 16:31:02","http://lapiadinadellacioza.it/templates/piadina/assets/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106534/"
 "106533","2019-01-21 16:29:22","http://widztech.com/wp-content/themes/total/inc/css/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106533/"
 "106532","2019-01-21 16:29:21","http://baonghetinh.com/wp-content/languages/plugins/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106532/"
-"106531","2019-01-21 16:29:12","http://egyptiti.com/wp-content/themes/poseidon/template-parts/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106531/"
+"106531","2019-01-21 16:29:12","http://egyptiti.com/wp-content/themes/poseidon/template-parts/ssj.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106531/"
 "106530","2019-01-21 16:29:09","http://myphamnarguerite.vn/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106530/"
 "106529","2019-01-21 16:28:08","http://alseyh33.com/wp-content/themes/editorialmag/assets/css/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106529/"
 "106528","2019-01-21 16:28:06","http://miragemalloffers.com/templates/sj_vinda/images/404/ssj.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/106528/"
@@ -34488,7 +35038,7 @@
 "106362","2019-01-21 13:44:16","http://kamdhenu.technoexam.com/Amazon/DE/Zahlungsdetails/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106362/"
 "106361","2019-01-21 13:44:14","http://jongewolf.nl/AMAZON/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106361/"
 "106360","2019-01-21 13:44:13","http://jk-consulting.nl/AMAZON/DE/Bestellung-details/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106360/"
-"106359","2019-01-21 13:44:12","http://hjsanders.nl/Amazon/DE/Kunden-transaktion/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106359/"
+"106359","2019-01-21 13:44:12","http://hjsanders.nl/Amazon/DE/Kunden-transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106359/"
 "106358","2019-01-21 13:44:11","http://grantkulinar.ru/Amazon/DE/Kunden_Messages/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106358/"
 "106357","2019-01-21 13:44:09","http://gephesf.pontocritico.org/Rechnung/2018/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106357/"
 "106356","2019-01-21 13:44:07","http://eroes.nl/Amazon/DE/Kunden/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106356/"
@@ -34509,7 +35059,7 @@
 "106341","2019-01-21 13:43:07","http://aimypie.com/AMAZON/DE/Zahlungsdetails/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106341/"
 "106340","2019-01-21 13:42:04","http://www.chervinsky.ru/QBUPBD1709242/Rechnungs-Details/RECH/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106340/"
 "106339","2019-01-21 13:42:03","http://seitenstreifen.ch/DE_de/VGTTTGTVPC7100092/Rech/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/106339/"
-"106338","2019-01-21 13:39:14","http://filen3.utengine.co.kr/LiveService/Update/02/Tool02_1404.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106338/"
+"106338","2019-01-21 13:39:14","http://filen3.utengine.co.kr/LiveService/Update/02/Tool02_1404.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106338/"
 "106337","2019-01-21 13:38:14","http://leodruker.com/eXDzJC7bV/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/106337/"
 "106336","2019-01-21 13:38:12","http://zidanmeubel.com/MYVdz0msnU/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/106336/"
 "106334","2019-01-21 13:38:06","http://kids-education-support.com/M5ACow2LY/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/106334/"
@@ -34545,9 +35095,9 @@
 "106304","2019-01-21 11:06:05","http://gather-cloud.s3.amazonaws.com/attachments/2018-06-21/01d2ae65-081e-42a3-b100-20b81c7e28fb/Request.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/106304/"
 "106303","2019-01-21 11:06:03","http://appsstaticitpytfh82o.s3.amazonaws.com/install_flash_player_13_plugin_cc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106303/"
 "106302","2019-01-21 11:05:34","http://185.244.25.234/bins/spc","online","malware_download","elf","https://urlhaus.abuse.ch/url/106302/"
-"106301","2019-01-21 11:05:33","http://185.244.25.234/bins/sh4","online","malware_download","elf","https://urlhaus.abuse.ch/url/106301/"
+"106301","2019-01-21 11:05:33","http://185.244.25.234/bins/sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106301/"
 "106300","2019-01-21 11:05:32","http://185.244.25.234/bins/ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106300/"
-"106299","2019-01-21 11:05:31","http://185.244.25.234/bins/mipsel","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106299/"
+"106299","2019-01-21 11:05:31","http://185.244.25.234/bins/mipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/106299/"
 "106298","2019-01-21 11:05:30","http://185.244.25.234/bins/mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/106298/"
 "106297","2019-01-21 11:05:29","http://185.244.25.234/bins/m68k","online","malware_download","elf","https://urlhaus.abuse.ch/url/106297/"
 "106296","2019-01-21 11:05:28","http://185.244.25.234/bins/i686","online","malware_download","elf","https://urlhaus.abuse.ch/url/106296/"
@@ -34587,7 +35137,7 @@
 "106262","2019-01-21 10:00:35","http://rosalos.ug/xxx/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106262/"
 "106261","2019-01-21 10:00:35","http://rosalos.ug/xxx/2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106261/"
 "106260","2019-01-21 10:00:35","http://rosalos.ug/xxx/3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106260/"
-"106259","2019-01-21 09:41:06","http://akg-eng.net/dre/SP2.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/106259/"
+"106259","2019-01-21 09:41:06","http://akg-eng.net/dre/SP2.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/106259/"
 "106258","2019-01-21 09:08:34","http://royaproduct.ru/img/2/info/ion.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/106258/"
 "106257","2019-01-21 08:14:41","http://www.salonbellasa.sk/Amazon/Bestellung_details/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106257/"
 "106256","2019-01-21 08:14:40","http://www.pwpami.pl/Amazon/DE/Kunden/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106256/"
@@ -34601,7 +35151,7 @@
 "106248","2019-01-21 08:14:18","http://newcanadianmedia.ca/templates/beez_20/AMAZON/DE/Transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106248/"
 "106247","2019-01-21 08:14:17","http://marisel.com.ua/AMAZON/Bestelldetails/2019-01/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106247/"
 "106246","2019-01-21 08:14:16","http://kadinveyasam.org/wp-content/Amazon/Details/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106246/"
-"106245","2019-01-21 08:14:14","http://ivydental.vn/Amazon/DE/Kunden-transaktion/012019/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106245/"
+"106245","2019-01-21 08:14:14","http://ivydental.vn/Amazon/DE/Kunden-transaktion/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106245/"
 "106244","2019-01-21 08:14:11","http://improve-it.uy/Rechnungen/2018/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106244/"
 "106243","2019-01-21 08:14:08","http://dirc-madagascar.ru/Amazon/Dokumente/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106243/"
 "106242","2019-01-21 08:14:07","http://checkreview.ooo/Amazon/Bestellung_details/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/106242/"
@@ -34665,7 +35215,7 @@
 "106184","2019-01-21 06:40:05","http://bootaly.com/pjuupfw/4TPwjbiu_LtgB6bz_RNnEodsL/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/106184/"
 "106183","2019-01-21 06:40:04","http://brosstayhype.co.za/Qci_w6cOra0a_f/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/106183/"
 "106182","2019-01-21 06:20:03","http://185.101.105.139/bins/sora.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106182/"
-"106181","2019-01-21 06:10:04","http://www.yonetim.yonpf.com/Rem5.exe","online","malware_download","rat,remcos","https://urlhaus.abuse.ch/url/106181/"
+"106181","2019-01-21 06:10:04","http://www.yonetim.yonpf.com/Rem5.exe","offline","malware_download","rat,remcos","https://urlhaus.abuse.ch/url/106181/"
 "106179","2019-01-21 05:49:02","http://185.101.105.139/bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106179/"
 "106178","2019-01-21 05:45:14","http://159.65.83.240/bins/hades.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106178/"
 "106176","2019-01-21 05:45:13","http://159.65.83.240/bins/hades.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106176/"
@@ -34701,7 +35251,7 @@
 "106147","2019-01-21 04:33:03","http://185.101.105.139//bins/sora.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106147/"
 "106145","2019-01-21 04:33:02","https://www.mensajerosatiempo.com/wp-content/themes/sketch//css/l/s/l/updating.doc","offline","malware_download","Formbook,RTF","https://urlhaus.abuse.ch/url/106145/"
 "106146","2019-01-21 04:33:02","https://www.mensajerosatiempo.com/wp-content/themes/sketch/css/l/s/l/updating.doc","offline","malware_download","Formbook,RTF","https://urlhaus.abuse.ch/url/106146/"
-"106144","2019-01-21 04:26:33","http://78.186.165.233:9989/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106144/"
+"106144","2019-01-21 04:26:33","http://78.186.165.233:9989/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106144/"
 "106143","2019-01-21 04:12:05","https://vfs-gce-ae-382-2.c9.io/vfs/6385630/9cAaxSO1sdveXDjw/workspace/demo-sads.pdf.scr.rar?download&isfile=1","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/106143/"
 "106142","2019-01-21 03:41:04","http://www.mensajerosatiempo.com/wp-content/themes/sketch/css/l/updated.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/106142/"
 "106141","2019-01-21 03:15:04","http://malware-spyhunter.s3.amazonaws.com/one.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106141/"
@@ -34751,18 +35301,18 @@
 "106097","2019-01-20 18:36:59","http://cdnpic.mgyun.com/files/products/vRoot/2013/17039360/VRoot_1.4.0.2955_Setup_183.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106097/"
 "106096","2019-01-20 17:56:07","http://ocrn597v5.bkt.clouddn.com/cjtaoke2.9.5.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106096/"
 "106095","2019-01-20 17:08:24","http://down.leyoucoc.cn/LYSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106095/"
-"106094","2019-01-20 16:54:32","http://download.rising.com.cn/zsgj/ravmofei.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106094/"
-"106093","2019-01-20 16:50:33","http://download.rising.com.cn/zsgj/RavMGF.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106093/"
-"106092","2019-01-20 16:47:33","http://futurealind.com/a.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/106092/"
+"106094","2019-01-20 16:54:32","http://download.rising.com.cn/zsgj/ravmofei.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106094/"
+"106093","2019-01-20 16:50:33","http://download.rising.com.cn/zsgj/RavMGF.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106093/"
+"106092","2019-01-20 16:47:33","http://futurealind.com/a.exe","online","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/106092/"
 "106091","2019-01-20 15:53:36","http://179.162.177.249:21381/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106091/"
 "106090","2019-01-20 15:48:09","http://config.myjhxl.com/updater/newupate.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106090/"
-"106089","2019-01-20 15:14:23","http://ninabijoux.com.br/css/javaw.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106089/"
+"106089","2019-01-20 15:14:23","http://ninabijoux.com.br/css/javaw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106089/"
 "106088","2019-01-20 14:22:57","http://pc.xzstatic.com/2017/06/lxsetupv8.1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106088/"
 "106087","2019-01-20 14:07:36","http://ninabijoux.com.br/js/fancybox/zxcv09h8g76f5d4f5g6hj7k8lj7h6g5f4dsg4h5j6kl78ytf4uh5ij67hygt6dr5ej9nhbgyvfty87vyg6b5hu4jnikm3j4n5hu6ygtu7f8yrdtfu7yg6hnji5m4n5hbgvf6cd7xtc6r7tf6uo5ij4/dolbysoud.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106087/"
 "106086","2019-01-20 14:06:04","http://fxtraderlog.com/downloads/fxtraderlog_upgrade.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106086/"
 "106085","2019-01-20 13:41:05","http://files.hrloo.com/bbs/data/attachment/forum/201212/20/10301044ex3m3s62emr1r7.doc?n=weyvuwtgv3lkzjlt6xln7norq3nrqhnkiblilbluqyuzg9j","online","malware_download","doc","https://urlhaus.abuse.ch/url/106085/"
 "106084","2019-01-20 13:37:17","http://download.fahpvdxw.cn/xbpic/fmt/v1.0.1.17/fmt_01.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106084/"
-"106083","2019-01-20 13:37:08","http://down.xrpdf.com/softdownloadol/xrpdfol5024.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106083/"
+"106083","2019-01-20 13:37:08","http://down.xrpdf.com/softdownloadol/xrpdfol5024.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106083/"
 "106082","2019-01-20 13:12:42","http://45.62.249.171/d/xd.spc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106082/"
 "106081","2019-01-20 13:12:41","http://45.62.249.171/d/xd.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106081/"
 "106080","2019-01-20 13:12:40","http://167.114.186.21/i686","offline","malware_download","elf","https://urlhaus.abuse.ch/url/106080/"
@@ -34772,7 +35322,7 @@
 "106076","2019-01-20 13:11:03","http://files.hrloo.com/bbs/data/attachment/forum/201212/20/10301044ex3m3s62emr1r7.doc","online","malware_download","doc","https://urlhaus.abuse.ch/url/106076/"
 "106075","2019-01-20 12:45:35","http://85.99.111.150:12026/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106075/"
 "106074","2019-01-20 12:45:01","http://180.247.147.100:45617/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106074/"
-"106073","2019-01-20 12:44:12","http://220.132.38.177:26297/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106073/"
+"106073","2019-01-20 12:44:12","http://220.132.38.177:26297/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106073/"
 "106072","2019-01-20 12:43:37","http://178.211.167.190:39085/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106072/"
 "106071","2019-01-20 12:38:04","http://wbd.5636.com/d5/Client42800.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106071/"
 "106070","2019-01-20 12:37:18","http://kimyen.net/upload/AutoPK.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106070/"
@@ -34786,7 +35336,7 @@
 "106062","2019-01-20 11:16:09","http://www.wyptk.com/openlink/openlink1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106062/"
 "106061","2019-01-20 11:16:04","http://wbd.5636.com/d5/5636.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106061/"
 "106060","2019-01-20 11:07:12","http://kimyen.net/upload/CTCTanthu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106060/"
-"106059","2019-01-20 10:57:56","http://download.rising.com.cn/zsgj/ravnetsky.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106059/"
+"106059","2019-01-20 10:57:56","http://download.rising.com.cn/zsgj/ravnetsky.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106059/"
 "106058","2019-01-20 10:53:12","http://kimyen.net/upload/VLTKNhatRac.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106058/"
 "106057","2019-01-20 10:47:12","http://d1.udashi.com/soft/dnyx/20348/%E5%B0%8F%E8%8D%89%E8%BE%85%E5%8A%A9%E6%9C%80%E6%96%B0%E7%89%88.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106057/"
 "106056","2019-01-20 10:40:16","http://kimyen.net/upload/VLTKBacdau.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106056/"
@@ -34794,9 +35344,9 @@
 "106053","2019-01-20 10:09:35","http://wbd.5636.com/d5/Client62156.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106053/"
 "106052","2019-01-20 10:04:36","http://179.225.172.83:46727/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/106052/"
 "106051","2019-01-20 09:57:03","https://pasteboard.co/images/HWgDFYp.png/download","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106051/"
-"106050","2019-01-20 09:40:55","http://rosalos.ug/xxx/updatewin2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106050/"
-"106049","2019-01-20 09:40:51","http://rosalos.ug/xxx/updatewin1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106049/"
-"106048","2019-01-20 09:40:47","http://rosalos.ug/xxx/updatewin.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106048/"
+"106050","2019-01-20 09:40:55","http://rosalos.ug/xxx/updatewin2.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106050/"
+"106049","2019-01-20 09:40:51","http://rosalos.ug/xxx/updatewin1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106049/"
+"106048","2019-01-20 09:40:47","http://rosalos.ug/xxx/updatewin.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106048/"
 "106047","2019-01-20 09:40:42","http://rosalos.ug/xxx/39.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106047/"
 "106046","2019-01-20 09:37:03","https://pomf.pyonpyon.moe/ggesuy.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106046/"
 "106045","2019-01-20 09:30:07","http://d1exe.com/daqqcD87Y6.exe","offline","malware_download","exe,GandCrab,Ransomware,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106045/"
@@ -34813,14 +35363,14 @@
 "106034","2019-01-20 05:26:18","http://sgm.pc6.com/xiao4/kongjiangbing_65337.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106034/"
 "106033","2019-01-20 05:20:09","http://config.wwmhdq.com/bug/jkpic/sub/GeekPicMPage.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106033/"
 "106032","2019-01-20 05:03:09","http://cu.dodonew.com/dodonew1137/donewk.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106032/"
-"106031","2019-01-20 04:52:23","http://sgm.pc6.com/xiao5/AlphaBallSetup.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106031/"
+"106031","2019-01-20 04:52:23","http://sgm.pc6.com/xiao5/AlphaBallSetup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106031/"
 "106030","2019-01-20 04:43:10","http://sgm.pc6.com/xiao1/Flashxiuxian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106030/"
 "106029","2019-01-20 04:09:06","http://sgm.pc6.com/xiao2/H0MM4Trainer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106029/"
 "106028","2019-01-20 03:50:04","http://r.chaoxin.com/d29889e/2018-10-19_14/9ebbc/7e408/1539931621_225246.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106028/"
 "106027","2019-01-20 02:46:14","http://upgrade.shihuizhu.net/wgz174/%E5%BE%AE%E8%B4%AD%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106027/"
-"106026","2019-01-20 02:41:50","http://update.yalian1000.com/updatefiles/client.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106026/"
+"106026","2019-01-20 02:41:50","http://update.yalian1000.com/updatefiles/client.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/106026/"
 "106025","2019-01-20 02:26:32","http://dl.hzkfgs.com/djiejie.20171123.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106025/"
-"106024","2019-01-20 02:22:06","http://img54.hbzhan.com/5/20121217/634913135817656250813.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106024/"
+"106024","2019-01-20 02:22:06","http://img54.hbzhan.com/5/20121217/634913135817656250813.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106024/"
 "106023","2019-01-20 01:27:13","http://sgm.pc6.com/xiao4/baiwangfuweng_70563.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106023/"
 "106022","2019-01-20 01:16:30","http://upgrade.shihuizhu.net/102015/%E5%AE%9E%E6%83%A0%E7%8C%AA.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106022/"
 "106021","2019-01-20 00:38:02","http://193.148.69.33/bins/telnet.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/106021/"
@@ -34844,7 +35394,7 @@
 "106003","2019-01-19 22:08:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin133.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106003/"
 "106002","2019-01-19 22:05:07","http://cdn-10049480.file.myqcloud.com/jd/jd156.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106002/"
 "106001","2019-01-19 21:56:54","http://down.softlist.hyzmbz.com/xunjieSetup_4308.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106001/"
-"106000","2019-01-19 21:55:08","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin130.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/106000/"
+"106000","2019-01-19 21:55:08","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin130.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/106000/"
 "105999","2019-01-19 21:43:05","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin142.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105999/"
 "105998","2019-01-19 21:43:03","http://cdn-10049480.file.myqcloud.com/jd/jd124.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105998/"
 "105997","2019-01-19 21:42:06","http://cdn-10049480.file.myqcloud.com/qcoin/qcoin141.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105997/"
@@ -34890,7 +35440,7 @@
 "105957","2019-01-19 17:30:04","http://integramultimedia.com.mx/.well-known/acme-challenge/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105957/"
 "105956","2019-01-19 17:17:04","http://kristinka6.life/payload.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/105956/"
 "105955","2019-01-19 16:48:13","http://31.168.213.38:23289/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105955/"
-"105954","2019-01-19 16:47:41","http://2.186.112.113:37043/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105954/"
+"105954","2019-01-19 16:47:41","http://2.186.112.113:37043/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105954/"
 "105953","2019-01-19 16:47:08","http://177.139.57.151:34741/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105953/"
 "105952","2019-01-19 16:46:34","http://14.43.233.212:44708/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/105952/"
 "105951","2019-01-19 16:40:09","http://downfilepro.com/api/5f029c09dea6b04687b22844fba7d0fe/1001.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105951/"
@@ -35197,7 +35747,7 @@
 "105634","2019-01-18 19:55:41","http://astra-empress.com.ve/KDFLk-UcdJ_IYAwjC-DjA/PaymentStatus/En_us/Inv-30408-PO-9T735477/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105634/"
 "105633","2019-01-18 19:55:06","http://aryahospitalksh.com/gSxF-O0_lDfhym-3m/Invoice/89540320/En_us/Overdue-payment/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105633/"
 "105632","2019-01-18 19:55:03","http://robbedinbarcelona.com/Clients_transactions/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105632/"
-"105631","2019-01-18 18:58:07","https://cdn.discordapp.com/attachments/535542098124865566/535567927596810240/N3tfl1X_Reaper.exe","offline","malware_download","exe,orcus,orcusrat,rat","https://urlhaus.abuse.ch/url/105631/"
+"105631","2019-01-18 18:58:07","https://cdn.discordapp.com/attachments/535542098124865566/535567927596810240/N3tfl1X_Reaper.exe","online","malware_download","exe,orcus,orcusrat,rat","https://urlhaus.abuse.ch/url/105631/"
 "105630","2019-01-18 18:53:02","http://darkksource.x10.mx/spoofer/Loop.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105630/"
 "105629","2019-01-18 18:52:07","http://darkksource.x10.mx/spoofer/HDD.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105629/"
 "105628","2019-01-18 18:52:05","http://darkksource.x10.mx/spoofer/Spoofer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105628/"
@@ -35409,7 +35959,7 @@
 "105418","2019-01-18 12:49:03","http://mimiabner.com/22D_ZGrV5aY_AvvRf/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/105418/"
 "105417","2019-01-18 12:38:05","http://jineplast.com.tr/wp-admin/css/colors/blue/ssj.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105417/"
 "105416","2019-01-18 12:34:11","https://discounted-deal.website/.well-known/acme-challenge/ssj.jp","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/105416/"
-"105415","2019-01-18 12:34:09","http://xn--80abhfbusccenm1pyb.xn--p1ai/upload/images/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/105415/"
+"105415","2019-01-18 12:34:09","http://xn--80abhfbusccenm1pyb.xn--p1ai/upload/images/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/105415/"
 "105414","2019-01-18 12:14:03","http://denleddplighting.com/Amazon/Orders_details/01_19/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/105414/"
 "105413","2019-01-18 12:08:11","http://jineplast.com.tr/teo.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/105413/"
 "105412","2019-01-18 11:55:06","https://www.dropbox.com/s/e22j0gnwn63paa9/Fattura-n.105-del-14-11-2018.zip?dl=1","offline","malware_download","ITA,stealer,zipped-exe","https://urlhaus.abuse.ch/url/105412/"
@@ -35498,7 +36048,7 @@
 "105328","2019-01-18 07:16:19","http://uttechsystem.com/ZzO90Kh/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/105328/"
 "105327","2019-01-18 07:16:13","http://livingdivineprinciple.org/xTV5cGLcz2/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/105327/"
 "105326","2019-01-18 07:16:05","http://demos.technoexam.com/C1CpwolKHv/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/105326/"
-"105325","2019-01-18 07:14:04","http://bouresmau-gsf.com/ZhPZMfOo/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/105325/"
+"105325","2019-01-18 07:14:04","http://bouresmau-gsf.com/ZhPZMfOo/","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/105325/"
 "105324","2019-01-18 07:12:27","http://kcpaving.co.za/vTzd_4jLXhB6AV/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/105324/"
 "105323","2019-01-18 07:12:22","http://www.giancarlopuppo.com/tmp/3JBXN3_NmitWLk37_trb2wuQ/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/105323/"
 "105322","2019-01-18 07:12:08","http://www.immo-en-israel.com/mP7mhva_1xVx_6tOstw7/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/105322/"
@@ -35599,11 +36149,11 @@
 "105220","2019-01-17 22:32:16","http://www.gkif.net/AMAZON/Details/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105220/"
 "105219","2019-01-17 22:32:14","http://universalskadedyr.dk/AMAZON/Orders-details/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105219/"
 "105218","2019-01-17 22:32:13","http://saboreslibres.asertiva.cl/AMAZON/Orders-details/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105218/"
-"105217","2019-01-17 22:32:08","http://ivydental.vn/Amazon/En/Attachments/01_19/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105217/"
+"105217","2019-01-17 22:32:08","http://ivydental.vn/Amazon/En/Attachments/01_19/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105217/"
 "105216","2019-01-17 22:32:04","http://chalespaubrasil.com/Amazon/Transactions/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105216/"
 "105215","2019-01-17 22:32:03","http://cerrajeria-sabbath.holy-animero.com/Amazon/EN/Payments/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/105215/"
 "105214","2019-01-17 21:34:55","http://demo.trydaps.com/gzVv-22Omv_aIQZybVK-aJ/En/Question/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105214/"
-"105212","2019-01-17 21:34:52","http://befounddigitalmarketing.com/TjXfF-J1hc_ZdFMNrXAb-6gj/ACH/PaymentInfo/EN_en/Document-needed/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105212/"
+"105212","2019-01-17 21:34:52","http://befounddigitalmarketing.com/TjXfF-J1hc_ZdFMNrXAb-6gj/ACH/PaymentInfo/EN_en/Document-needed/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105212/"
 "105211","2019-01-17 21:34:49","http://moradikermani.oilyplus.ir/JYEcI-g88ru_dPzCIxK-f5x/InvoiceCodeChanges/US/Invoice-Number-581670/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105211/"
 "105210","2019-01-17 21:34:45","http://biometricsystems.ru/DfI5jgz_WjwyzgT/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105210/"
 "105209","2019-01-17 21:34:44","http://khsecurity.sg/pOVdt-5tJ_trqLw-2c/INVOICE/EN_en/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/105209/"
@@ -36047,13 +36597,13 @@
 "104761","2019-01-17 07:48:06","http://157.230.80.216/ftp","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/104761/"
 "104760","2019-01-17 07:48:03","http://205.185.120.227/Binarys/Owari.x86","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/104760/"
 "104759","2019-01-17 07:47:09","http://64.62.250.41/.systemd/armv5l","online","malware_download","elf,tsunamie","https://urlhaus.abuse.ch/url/104759/"
-"104758","2019-01-17 07:47:07","http://64.62.250.41/.systemd/powerpc","offline","malware_download","elf,tsunamie","https://urlhaus.abuse.ch/url/104758/"
+"104758","2019-01-17 07:47:07","http://64.62.250.41/.systemd/powerpc","online","malware_download","elf,tsunamie","https://urlhaus.abuse.ch/url/104758/"
 "104757","2019-01-17 07:47:05","http://157.230.80.216/ntpd","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/104757/"
 "104756","2019-01-17 07:47:03","http://217.61.112.140/yakuza.i586","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/104756/"
 "104755","2019-01-17 07:46:05","http://193.37.214.15/ntpd","offline","malware_download","elf","https://urlhaus.abuse.ch/url/104755/"
 "104754","2019-01-17 07:46:04","http://142.93.147.76/AB4g5/Josho.arm6","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/104754/"
 "104753","2019-01-17 07:46:03","http://205.185.120.227/Binarys/Owari.mpsl","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/104753/"
-"104752","2019-01-17 07:46:02","http://64.62.250.41/.systemd/armv4tl","offline","malware_download","elf,tsunamie","https://urlhaus.abuse.ch/url/104752/"
+"104752","2019-01-17 07:46:02","http://64.62.250.41/.systemd/armv4tl","online","malware_download","elf,tsunamie","https://urlhaus.abuse.ch/url/104752/"
 "104751","2019-01-17 07:45:10","http://mmaisok.com/ob2/Payment_Advice_DBS00975.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104751/"
 "104750","2019-01-17 07:45:08","http://www.nzfoi.org/wp-admin/js/widgets/pay.hta","offline","malware_download","downloader,hta","https://urlhaus.abuse.ch/url/104750/"
 "104749","2019-01-17 07:45:06","http://64.62.250.41/.systemd/armv6l","online","malware_download","elf,tsunamie","https://urlhaus.abuse.ch/url/104749/"
@@ -36414,7 +36964,7 @@
 "104367","2019-01-16 18:28:26","http://rccgregion15juniorchurch.org/ZBlPX-Wtc_BRf-i7/Ref/85034926US_us/Question/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104367/"
 "104366","2019-01-16 18:28:24","http://proserempresarial.com.mx/UVDCL-sEqb_z-fn/INV/46137FORPO/5825406314/US_us/Invoice-23324505-January/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104366/"
 "104365","2019-01-16 18:28:22","http://mozaland.vn/jptd-7Qea_j-F5/Ref/1062871160US_us/Past-Due-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104365/"
-"104364","2019-01-16 18:28:17","http://miketec.com.hk/OOkz-skFh_sZHMMFygO-fp4/ACH/PaymentInfo/En_us/Paid-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104364/"
+"104364","2019-01-16 18:28:17","http://miketec.com.hk/OOkz-skFh_sZHMMFygO-fp4/ACH/PaymentInfo/En_us/Paid-Invoices/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104364/"
 "104363","2019-01-16 18:28:16","http://mandalafest.com/JgvE-JcrP_Xl-BU8/Southwire/WPL02170711/US_us/Invoice/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/104363/"
 "104362","2019-01-16 18:28:14","http://maf-orleans.fr/XJWI-432_EN-vF/Inv/866847583/US_us/Open-invoices/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104362/"
 "104361","2019-01-16 18:28:11","http://korbi-studio.com/bsFe-kLt_lUWpexA-M6/Ref/3786979734US/Invoices-attached/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/104361/"
@@ -36437,7 +36987,7 @@
 "104343","2019-01-16 18:20:40","http://jenrobin.com/wp-content/plugins/mailchimp-for-wp/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/104343/"
 "104344","2019-01-16 18:20:40","http://jenrobin.com/wp-content/plugins/mailchimp-for-wp/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/104344/"
 "104342","2019-01-16 18:20:39","http://jenrobin.com/wp-content/plugins/mailchimp-for-wp/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/104342/"
-"104341","2019-01-16 18:20:38","http://www.turbominebtcminer.com/newer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104341/"
+"104341","2019-01-16 18:20:38","http://www.turbominebtcminer.com/newer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/104341/"
 "104340","2019-01-16 18:20:36","http://fossbcn.org/forum/cache/ssj.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/104340/"
 "104339","2019-01-16 18:20:34","http://cheats4gaming.com/bin.exe","online","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/104339/"
 "104338","2019-01-16 18:20:33","http://a98n98.xyz/endless.exe","offline","malware_download","exe,ImminentRAT,rat","https://urlhaus.abuse.ch/url/104338/"
@@ -36688,9 +37238,9 @@
 "104081","2019-01-16 11:08:04","http://michiganmastereltiempo.com/wp-content/themes/bizworx/images/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/104081/"
 "104080","2019-01-16 11:01:05","http://derrysmith.5gbfree.com/man.exe","offline","malware_download","exe,nanobot","https://urlhaus.abuse.ch/url/104080/"
 "104079","2019-01-16 10:33:06","http://saintjohnscba.com.ar/Januar2019/DFTPHAQLL6932712/de/RECH/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/104079/"
-"104078","2019-01-16 10:28:28","http://a46.bulehero.in/docropool.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/104078/"
+"104078","2019-01-16 10:28:28","http://a46.bulehero.in/docropool.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/104078/"
 "104077","2019-01-16 10:14:03","http://dw.convertfiles.com/files/0321124001547570957/ups-delivery-notification-1z074y0a0390613255_2019-01-15_19-44%281%29.zip?&rpsnv=83fdc3407ccf68718bfb9aaddefa7cc0e40529db","offline","malware_download","AZORult,zipped-exe","https://urlhaus.abuse.ch/url/104077/"
-"104076","2019-01-16 10:07:04","http://binderkvasa.ru/binderkvasa.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/104076/"
+"104076","2019-01-16 10:07:04","http://binderkvasa.ru/binderkvasa.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/104076/"
 "104075","2019-01-16 09:59:03","http://thelivingstonfamily.net/DE/EFFLWCZ2157103/DE_de/Fakturierung","offline","malware_download","None","https://urlhaus.abuse.ch/url/104075/"
 "104074","2019-01-16 09:51:03","http://vakschoenmakerijbolle.nl/De/OBSMQO8348602/Dokumente/Zahlung/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/104074/"
 "104073","2019-01-16 09:51:02","http://vakschoenmakerijbolle.nl/De/OBSMQO8348602/Dokumente/Zahlung","offline","malware_download","block,doc,exe,google,Zahlung","https://urlhaus.abuse.ch/url/104073/"
@@ -36727,13 +37277,13 @@
 "104039","2019-01-16 08:53:27","http://www.michiganmastereltiempo.com/wp-content/themes/bizworx/images/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104039/"
 "104038","2019-01-16 08:53:23","https://www.kwalityzns.com/wp-content/themes/devita/page-templates/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104038/"
 "104037","2019-01-16 08:53:17","https://laconcernedparents.com/wp-content/themes/twentyseventeen/template-parts/footer/ssj.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/104037/"
-"104036","2019-01-16 08:53:14","http://significadoswords.com/wp-content/themes/envo-magazine/template-parts/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104036/"
+"104036","2019-01-16 08:53:14","http://significadoswords.com/wp-content/themes/envo-magazine/template-parts/ssj.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104036/"
 "104035","2019-01-16 08:53:11","https://hotrosieunhanh.com/wp-content/themes/twentyseventeen/inc/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104035/"
 "104034","2019-01-16 08:53:04","http://expeditionabroad.com/wp-content/themes/twentynineteen/fonts/ssj.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/104034/"
 "104033","2019-01-16 08:44:03","http://lemon-remodeling.com/.well-known/acme-challenge/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/104033/"
 "104032","2019-01-16 08:32:04","http://vektorex.com/cgii/eddyReport.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/104032/"
 "104031","2019-01-16 08:32:03","http://vektorex.com/cgii/25087410.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/104031/"
-"104030","2019-01-16 08:27:07","https://mitsubishijogjaklaten.com/wp-content/themes/meditation/css/ssj.jpg","offline","malware_download","None","https://urlhaus.abuse.ch/url/104030/"
+"104030","2019-01-16 08:27:07","https://mitsubishijogjaklaten.com/wp-content/themes/meditation/css/ssj.jpg","online","malware_download","None","https://urlhaus.abuse.ch/url/104030/"
 "104029","2019-01-16 08:10:04","http://yogaspaceme.com/QCPdiT_LN2iP6fHd/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/104029/"
 "104028","2019-01-16 08:09:03","http://thepuffingtonhost.com/Clients_information/2019-01/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/104028/"
 "104027","2019-01-16 07:45:00","http://185.244.25.114/bins/kalon.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/104027/"
@@ -36758,7 +37308,7 @@
 "104008","2019-01-16 07:17:02","http://vektorex.com/cgii/felixReport.hta","offline","malware_download","downloader,hta,Loki","https://urlhaus.abuse.ch/url/104008/"
 "104007","2019-01-16 07:09:12","http://61.56.180.28:43680/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104007/"
 "104006","2019-01-16 07:09:08","http://222.119.40.240:26467/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104006/"
-"104005","2019-01-16 07:09:05","http://114.34.109.34:2167/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104005/"
+"104005","2019-01-16 07:09:05","http://114.34.109.34:2167/.i","online","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104005/"
 "104004","2019-01-16 07:07:07","http://76.89.234.82:30385/.i","offline","malware_download","elf,hajime","https://urlhaus.abuse.ch/url/104004/"
 "104003","2019-01-16 07:07:02","http://185.244.25.114/bins/kalon.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/104003/"
 "104002","2019-01-16 07:05:19","http://www.sp11dzm.ru/XhDjpb_0sihee1v_uALFk2/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/104002/"
@@ -37032,7 +37582,7 @@
 "103727","2019-01-15 20:20:04","http://starbilisim.net/umEgLOOKUD","offline","malware_download","None","https://urlhaus.abuse.ch/url/103727/"
 "103726","2019-01-15 20:20:03","http://al-bay.com/JbDEG76","offline","malware_download","None","https://urlhaus.abuse.ch/url/103726/"
 "103725","2019-01-15 20:20:02","http://nbhgroup.in/Clients_transactions/012019","offline","malware_download","None","https://urlhaus.abuse.ch/url/103725/"
-"103724","2019-01-15 20:15:04","http://interbizservices.eu/images/sm/sm.exe","online","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/103724/"
+"103724","2019-01-15 20:15:04","http://interbizservices.eu/images/sm/sm.exe","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/103724/"
 "103723","2019-01-15 19:35:03","http://tjo-hs.com/christ/bin.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/103723/"
 "103722","2019-01-15 19:29:10","https://doc-0s-8s-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/8ne944b43812vrcuv9954p7n8r2suam3/1547575200000/07335649321361492730/*/1dypTy3Z5GUN_lf52EICQ3H2heZuQWpKq?e=download","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103722/"
 "103721","2019-01-15 18:50:11","http://www.yogaspaceme.com/QCPdiT_LN2iP6fHd/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/103721/"
@@ -37289,7 +37839,7 @@
 "103463","2019-01-15 10:18:03","http://kbfqatar.org/qa/wp-includes/js/jquery/query/files/uchfile/WInnb89.exe","offline","malware_download","NanoCore,quasar,QuasarRAT","https://urlhaus.abuse.ch/url/103463/"
 "103462","2019-01-15 10:16:09","http://pagasahora.com/wp-content/themes/oceanwp/sass/base/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103462/"
 "103461","2019-01-15 10:16:07","http://fusioncoin.site/wordpress-4.8-ja-jetpack_webfont-undernavicontrol/wp-admin/css/colors/blue/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/103461/"
-"103460","2019-01-15 10:15:09","http://yerdendolumtesis.com/blog/cache/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/103460/"
+"103460","2019-01-15 10:15:09","http://yerdendolumtesis.com/blog/cache/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/103460/"
 "103459","2019-01-15 10:15:07","http://pagasahora.com/wp-content/themes/oceanwp/woocommerce/cart/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103459/"
 "103458","2019-01-15 10:15:05","http://vimarkaquaculture.com/wp-content/themes/unero/lang/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/103458/"
 "103457","2019-01-15 10:15:04","http://www.vimarkaquaculture.com/wp-content/themes/unero/lang/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/103457/"
@@ -37485,7 +38035,7 @@
 "103267","2019-01-14 23:10:06","http://yandexalfa.ru/de_DE/PTKQHV3499361/Rechnung/FORM/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103267/"
 "103266","2019-01-14 23:10:04","http://www.rome-apartments-it.com/JFyM-8G_q-Rg/PaymentStatus/US/Open-Past-Due-Orders/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103266/"
 "103265","2019-01-14 23:09:19","http://www.avtotest-taxi.ru/jwVb-CjdWn_pxlEC-Ku/Inv/453102149/US/Companies-Invoice-74122684/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103265/"
-"103264","2019-01-14 23:09:18","http://worshipwarriorsmovement.com/LflY-B3_uhU-XE0/Invoice/318011809/US_us/Scan/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103264/"
+"103264","2019-01-14 23:09:18","http://worshipwarriorsmovement.com/LflY-B3_uhU-XE0/Invoice/318011809/US_us/Scan/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103264/"
 "103263","2019-01-14 23:09:16","http://tenmiengiarenhat.com/zuJe-uKuh_kfcPsgQ-OU/ACH/PaymentInfo/US_us/Invoice-receipt/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103263/"
 "103262","2019-01-14 23:09:13","http://semanatoripaioase.com/mZWv-m7_dAqZ-0i/INV/9547398FORPO/2790161432/En_us/Invoice-for-m/a-01/15/2019/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103262/"
 "103261","2019-01-14 23:09:11","http://scarificatoare.com/agYab-T1S_UH-bnR/Invoice/625767864/US_us/Invoice-5864005-January/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/103261/"
@@ -37570,7 +38120,7 @@
 "103178","2019-01-14 19:43:05","http://www.carbontech.biz/Transactions/2019-01/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103178/"
 "103177","2019-01-14 19:43:04","http://jourssa.ru/Attachments/012019/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/103177/"
 "103176","2019-01-14 19:43:03","http://jourssa.ru/Attachments/012019","offline","malware_download","None","https://urlhaus.abuse.ch/url/103176/"
-"103175","2019-01-14 19:43:02","http://thedopplershift.co.uk/Payment_details/01_19/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/103175/"
+"103175","2019-01-14 19:43:02","http://thedopplershift.co.uk/Payment_details/01_19/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/103175/"
 "103174","2019-01-14 19:37:10","http://www.xn--ordetrfritt-p8a.com/sYOiP-vdmu_BRAu-au/COMET/SIGNS/PAYMENT/NOTIFICATION/01/14/2019/US_us/Overdue-payment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103174/"
 "103173","2019-01-14 19:37:09","http://www.x-tel.com/Clients_transactions/2019-01/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103173/"
 "103172","2019-01-14 19:37:07","http://www.winecorkartist.com/prWoa-WG4_rGjE-k5u/InvoiceCodeChanges/En_us/Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/103172/"
@@ -37680,7 +38230,7 @@
 "103067","2019-01-14 16:45:13","http://dodotv.de/wp-admin/includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/103067/"
 "103068","2019-01-14 16:45:13","http://dodotv.de/wp-admin/includes/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/103068/"
 "103066","2019-01-14 16:45:12","http://dodotv.de/wp-admin/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/103066/"
-"103065","2019-01-14 16:45:11","http://arstecne.net/3","offline","malware_download","None","https://urlhaus.abuse.ch/url/103065/"
+"103065","2019-01-14 16:45:11","http://arstecne.net/3","online","malware_download","None","https://urlhaus.abuse.ch/url/103065/"
 "103064","2019-01-14 16:45:09","http://arstecne.net/2","online","malware_download","None","https://urlhaus.abuse.ch/url/103064/"
 "103063","2019-01-14 16:45:08","http://arstecne.net/1","online","malware_download","None","https://urlhaus.abuse.ch/url/103063/"
 "103062","2019-01-14 16:45:05","http://topsecrets.com.pl/ori/clientbobo33.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/103062/"
@@ -38153,7 +38703,7 @@
 "102588","2019-01-12 01:04:02","http://moscow77.online/KeyMoscow77.35.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102588/"
 "102587","2019-01-12 00:21:04","http://moscow77.online/GetDataAVK.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102587/"
 "102586","2019-01-12 00:15:32","http://flashplayer-plugin.redirectme.net/adobe_fplayer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102586/"
-"102585","2019-01-11 22:42:04","http://www.sistemagema.com.ar/download/Argentina.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102585/"
+"102585","2019-01-11 22:42:04","http://www.sistemagema.com.ar/download/Argentina.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102585/"
 "102584","2019-01-11 22:33:06","http://www.sistemagema.com.ar/download/Campana.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/102584/"
 "102583","2019-01-11 21:30:05","http://oebuplo.000webhostapp.com/uploads/told.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102583/"
 "102582","2019-01-11 21:30:04","http://oebuplo.000webhostapp.com/uploads/test.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/102582/"
@@ -38724,7 +39274,7 @@
 "102017","2019-01-08 07:27:06","http://209.97.185.168/bins/kirai.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102017/"
 "102016","2019-01-08 07:27:05","http://185.244.25.114/OwO/Tsunami.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102016/"
 "102015","2019-01-08 07:27:04","http://178.128.247.161/bins/Yowai.arm7","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102015/"
-"102014","2019-01-08 07:27:03","http://185.244.25.249/armv4l","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102014/"
+"102014","2019-01-08 07:27:03","http://185.244.25.249/armv4l","online","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102014/"
 "102013","2019-01-08 07:26:04","http://185.244.25.114/OwO/Tsunami.spc","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102013/"
 "102012","2019-01-08 07:26:03","http://209.97.185.168/bins/kirai.arm5","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/102012/"
 "102011","2019-01-08 07:26:02","http://213.183.53.102/oops.arm6","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/102011/"
@@ -39094,7 +39644,7 @@
 "101646","2019-01-05 13:38:07","http://142.93.248.202/bins/sora.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101646/"
 "101645","2019-01-05 13:38:07","http://klano102.space/exe/1/azor.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/101645/"
 "101644","2019-01-05 13:38:05","http://usa-lenders.com/Program_Details.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/101644/"
-"101643","2019-01-05 13:38:04","https://cdn.discordapp.com/attachments/530022904038162434/530513439768969216/Ultimate_Trolling_GUI.exe","offline","malware_download","browserloot,exe,stealer","https://urlhaus.abuse.ch/url/101643/"
+"101643","2019-01-05 13:38:04","https://cdn.discordapp.com/attachments/530022904038162434/530513439768969216/Ultimate_Trolling_GUI.exe","online","malware_download","browserloot,exe,stealer","https://urlhaus.abuse.ch/url/101643/"
 "101642","2019-01-05 13:38:03","https://cdn.discordapp.com/attachments/530885819720794122/530903235385622538/RAT.exe","online","malware_download","exe,NanoCore,rat","https://urlhaus.abuse.ch/url/101642/"
 "101641","2019-01-05 13:38:02","https://cdn.discordapp.com/attachments/494893013147844610/531054085688786954/dac-v4.rar","online","malware_download","None","https://urlhaus.abuse.ch/url/101641/"
 "101640","2019-01-05 12:38:09","http://www.wwpdubai.com/wp-content/plugins/jav/inv.exe","offline","malware_download","NanoCore","https://urlhaus.abuse.ch/url/101640/"
@@ -39380,7 +39930,7 @@
 "101357","2019-01-04 07:42:11","http://174.138.1.149/openssh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101357/"
 "101356","2019-01-04 07:42:08","http://188.166.121.142/openssh","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101356/"
 "101355","2019-01-04 07:42:04","http://205.185.126.185/AB4g5/Josho.m68k","offline","malware_download","elf,mirai","https://urlhaus.abuse.ch/url/101355/"
-"101354","2019-01-04 07:41:07","http://80.211.113.14/mipsel","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101354/"
+"101354","2019-01-04 07:41:07","http://80.211.113.14/mipsel","online","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101354/"
 "101353","2019-01-04 07:41:04","http://104.248.213.68/OwO/Tsunami.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/101353/"
 "101352","2019-01-04 07:17:02","http://185.244.25.142/powerpc","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101352/"
 "101351","2019-01-04 07:16:05","http://89.34.26.123/wget","offline","malware_download","bashlite,elf,gafgyt","https://urlhaus.abuse.ch/url/101351/"
@@ -39965,7 +40515,7 @@
 "100770","2018-12-31 21:59:01","http://162.243.7.179/wp-content/themes/alveophase3/msf-files/COMET/SIGNS/PAYMENT/NOTIFICATION/12/13/2018/Dec2018/US_us/Question","offline","malware_download","doc","https://urlhaus.abuse.ch/url/100770/"
 "100769","2018-12-31 21:56:02","http://31.207.35.116/wordpress/BUrLI-f6Ugg_gE-WC/INV/0695672FORPO/088778662853/En_us/Invoice-04830668-December","offline","malware_download","doc","https://urlhaus.abuse.ch/url/100769/"
 "100768","2018-12-31 21:13:10","http://tsport88.com/program/gameroomEn.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100768/"
-"100767","2018-12-31 20:24:06","http://hyunmoon.nfile.net/files/hyunmoon.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100767/"
+"100767","2018-12-31 20:24:06","http://hyunmoon.nfile.net/files/hyunmoon.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100767/"
 "100766","2018-12-31 20:21:13","http://tsport88.com/program/gameroomTg.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100766/"
 "100765","2018-12-31 20:18:05","http://108.58.16.83:31066/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/100765/"
 "100764","2018-12-31 18:53:06","http://wp12033108.server-he.de/Home/uber/95650317.jpg","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100764/"
@@ -39983,7 +40533,7 @@
 "100752","2018-12-31 18:19:03","http://ru-shop.su/2222/7777.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100752/"
 "100751","2018-12-31 18:18:02","http://ru-shop.su/2222/1111.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100751/"
 "100750","2018-12-31 18:08:24","https://ru-shop.su/2222/2222.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100750/"
-"100749","2018-12-31 18:08:21","http://wt.mt30.com/media/kmplayer-wwwppo999.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100749/"
+"100749","2018-12-31 18:08:21","http://wt.mt30.com/media/kmplayer-wwwppo999.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100749/"
 "100748","2018-12-31 18:00:05","http://workonmemory.com/uploads/Catraca/explorer32.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100748/"
 "100747","2018-12-31 17:51:05","http://ru-shop.su/2222/bin.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100747/"
 "100746","2018-12-31 17:51:03","http://workonmemory.com/uploads/Felipe/down.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100746/"
@@ -40042,7 +40592,7 @@
 "100692","2018-12-31 07:23:19","http://209.97.133.9/OwO/Tsunami.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100692/"
 "100693","2018-12-31 07:23:19","http://209.97.133.9/OwO/Tsunami.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100693/"
 "100690","2018-12-31 07:23:18","http://bartantasdunyasi.com/wp-content/themes/kallyas/template_helpers/icons/glyphicons_halflingsregular/sserv.jpg","offline","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/100690/"
-"100689","2018-12-31 07:23:16","http://etouchbd.net/wp-content/themes/touch/css/sserv.jpg","offline","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/100689/"
+"100689","2018-12-31 07:23:16","http://etouchbd.net/wp-content/themes/touch/css/sserv.jpg","online","malware_download","Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/100689/"
 "100688","2018-12-31 07:23:15","http://yyhbggu.ru/bin/stak.exe","offline","malware_download","exe,miner","https://urlhaus.abuse.ch/url/100688/"
 "100687","2018-12-31 07:23:12","http://ezgame.website/bin/rig.exe","offline","malware_download","exe,miner","https://urlhaus.abuse.ch/url/100687/"
 "100686","2018-12-31 07:23:07","http://scb-hk.com/panel/PonyBuilder.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/100686/"
@@ -40064,14 +40614,14 @@
 "100670","2018-12-31 05:48:10","http://148.70.29.77/Linux.server","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100670/"
 "100669","2018-12-31 05:42:22","http://148.70.29.77/arm.server","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100669/"
 "100668","2018-12-31 05:42:17","http://114.115.249.109/svshost.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100668/"
-"100667","2018-12-31 05:42:14","http://114.115.249.109/1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100667/"
+"100667","2018-12-31 05:42:14","http://114.115.249.109/1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100667/"
 "100666","2018-12-31 05:31:15","http://148.70.29.77/crsrer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100666/"
 "100665","2018-12-31 05:31:07","http://47.94.203.21/SB360.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100665/"
-"100664","2018-12-31 05:30:09","http://114.115.249.109/Explorer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100664/"
+"100664","2018-12-31 05:30:09","http://114.115.249.109/Explorer.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100664/"
 "100663","2018-12-31 05:00:07","http://101.200.214.249/SVCH0St.EXE","online","malware_download","exe,nitol","https://urlhaus.abuse.ch/url/100663/"
 "100662","2018-12-31 04:56:07","http://148.70.29.77/lsass.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100662/"
 "100661","2018-12-31 04:56:05","http://148.70.29.77/%E4%B8%BB%E6%92%AD%E7%A6%8F%E5%88%A9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100661/"
-"100660","2018-12-31 04:52:04","http://101.200.214.249:80/SVCH0St.EXE","offline","malware_download","exe,nitol","https://urlhaus.abuse.ch/url/100660/"
+"100660","2018-12-31 04:52:04","http://101.200.214.249:80/SVCH0St.EXE","online","malware_download","exe,nitol","https://urlhaus.abuse.ch/url/100660/"
 "100659","2018-12-31 04:46:11","http://148.70.29.77/ccrss.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100659/"
 "100658","2018-12-31 04:46:04","http://148.70.29.77/ccsrr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100658/"
 "100657","2018-12-31 04:44:04","http://148.70.29.77/Auto.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100657/"
@@ -40153,7 +40703,7 @@
 "100581","2018-12-30 08:06:06","http://vip163.ga/greenteasx.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/100581/"
 "100580","2018-12-30 08:06:03","http://vip163.ga/xxtentaion.exe","offline","malware_download","exe,RemcosRAT","https://urlhaus.abuse.ch/url/100580/"
 "100579","2018-12-30 08:04:09","http://37.44.212.223/miner.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100579/"
-"100578","2018-12-30 08:04:05","http://37.44.212.223/haha.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100578/"
+"100578","2018-12-30 08:04:05","http://37.44.212.223/haha.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100578/"
 "100577","2018-12-30 07:55:03","http://68.183.32.243/yakuza.i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100577/"
 "100576","2018-12-30 07:55:02","http://157.230.54.252/tftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100576/"
 "100575","2018-12-30 07:54:04","http://107.191.104.226/yakuza.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100575/"
@@ -40292,7 +40842,7 @@
 "100442","2018-12-29 23:29:03","http://www.general.it/downloads/verificacitrix.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100442/"
 "100441","2018-12-29 23:28:03","http://advavoltiberica.com/wp-content/themes/sketch/mge.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100441/"
 "100440","2018-12-29 23:21:03","http://brianwelchhvac.com/Attachments/122018/index.php.suspected","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/100440/"
-"100439","2018-12-29 21:01:08","http://dash.simplybackers.com/code/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100439/"
+"100439","2018-12-29 21:01:08","http://dash.simplybackers.com/code/css/sserv.jpg","online","malware_download","exe","https://urlhaus.abuse.ch/url/100439/"
 "100437","2018-12-29 21:01:03","http://91.234.27.27:42757/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/100437/"
 "100438","2018-12-29 21:01:03","http://heartburnsafe.com/heartme/document_release.exe","offline","malware_download","zip","https://urlhaus.abuse.ch/url/100438/"
 "100436","2018-12-29 20:57:09","http://198.12.97.71/Haxed4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100436/"
@@ -40473,7 +41023,7 @@
 "100261","2018-12-28 19:38:02","http://www.reparaties-ipad.nl/KkIu-akQ_mc-jyx/INVOICE/US_us/Invoice-receipt","offline","malware_download","doc","https://urlhaus.abuse.ch/url/100261/"
 "100260","2018-12-28 19:37:40","http://ultranationmedia.com/wp-includes/Updater_Toolwiz.exe","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/100260/"
 "100259","2018-12-28 19:37:37","http://easydown.stnts.com/acc_download/Speeder_1.0.0.3_qd12.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100259/"
-"100258","2018-12-28 19:34:05","http://211.193.86.151:53759/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/100258/"
+"100258","2018-12-28 19:34:05","http://211.193.86.151:53759/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100258/"
 "100257","2018-12-28 19:15:03","http://195.123.209.212/DL/a.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/100257/"
 "100256","2018-12-28 19:05:07","http://198.144.189.191/worming.png","offline","malware_download"," trickbot,exe,Trickbot","https://urlhaus.abuse.ch/url/100256/"
 "100255","2018-12-28 19:05:05","http://198.144.189.191/toler.png","offline","malware_download"," trickbot,exe,Trickbot","https://urlhaus.abuse.ch/url/100255/"
@@ -40598,7 +41148,7 @@
 "100136","2018-12-28 07:32:05","http://103.124.107.193/bins/Unbound.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100136/"
 "100135","2018-12-28 07:32:03","http://80.211.186.50/sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/100135/"
 "100134","2018-12-28 07:12:04","http://labphon15.labphon.org/modules/contextual/contextual.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100134/"
-"100133","2018-12-28 07:04:05","https://flex.ru/files/flex_internet_x64.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100133/"
+"100133","2018-12-28 07:04:05","https://flex.ru/files/flex_internet_x64.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100133/"
 "100132","2018-12-28 06:53:03","http://files.l-d.tech/uploads/695988816.777.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100132/"
 "100131","2018-12-28 06:46:08","http://meinv.9ic.cn/server.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100131/"
 "100130","2018-12-28 06:46:04","http://files.l-d.tech/uploads/2011205455.1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100130/"
@@ -40638,7 +41188,7 @@
 "100096","2018-12-28 04:17:05","http://tonghopgia.net/WEBSERVICES/REDIRECT/RedirectService.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100096/"
 "100095","2018-12-28 04:15:10","http://tonghopgia.net/Webservices/Redirect/RedirectAds.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100095/"
 "100094","2018-12-28 04:05:06","http://tonghopgia.net/Webservices/Search/KeywordService.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100094/"
-"100093","2018-12-28 04:03:10","http://tonghopgia.net/webservices/redirect/cswindowsservicerecoveryproperty.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/100093/"
+"100093","2018-12-28 04:03:10","http://tonghopgia.net/webservices/redirect/cswindowsservicerecoveryproperty.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100093/"
 "100092","2018-12-28 03:50:11","http://tonghopgia.net/webservices/redirectv2/redirectads.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100092/"
 "100091","2018-12-28 03:46:10","http://tonghopgia.net/Webservices/Search/RedirectAds.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100091/"
 "100090","2018-12-28 03:43:07","http://tonghopgia.net/Webservices/RedirectV2/RedirectService.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/100090/"
@@ -40804,7 +41354,7 @@
 "99930","2018-12-26 17:46:26","http://jaxx.im/Jaxx.Liberty-setup-2.1.1.exe","offline","malware_download","exe,predator,PredatorStealer,predatorthethief,ptt,stealer","https://urlhaus.abuse.ch/url/99930/"
 "99929","2018-12-26 17:46:24","http://88b.me/nbt/bf.arm","online","malware_download","elf","https://urlhaus.abuse.ch/url/99929/"
 "99928","2018-12-26 17:46:20","http://88b.me/nbt/bf.mips","online","malware_download","elf","https://urlhaus.abuse.ch/url/99928/"
-"99927","2018-12-26 17:46:13","http://88b.me/nbt/bf.mipsel","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99927/"
+"99927","2018-12-26 17:46:13","http://88b.me/nbt/bf.mipsel","online","malware_download","elf","https://urlhaus.abuse.ch/url/99927/"
 "99926","2018-12-26 16:24:28","https://dl.dropboxusercontent.com/s/yoy0ort37uzmpm5/flashplayer_42.34_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/99926/"
 "99925","2018-12-26 16:24:27","https://dl.dropboxusercontent.com/s/b71ah1vxabbjb02/flashplayer_42.44_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/99925/"
 "99924","2018-12-26 16:24:26","https://dl.dropboxusercontent.com/s/wx1yxigil7vjh1w/flashplayer_42.4_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/99924/"
@@ -40843,7 +41393,7 @@
 "99890","2018-12-26 14:16:13","http://api.iwangsen.com/heimaupdate/jingling.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99890/"
 "99889","2018-12-26 13:28:27","http://api.iwangsen.com/wangyingupdate/wangying.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99889/"
 "99888","2018-12-26 13:27:53","http://api.iwangsen.com/diantaoupdate/diantao.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99888/"
-"99887","2018-12-26 13:26:31","http://api.iwangsen.com/heimaupdate/lingyi.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99887/"
+"99887","2018-12-26 13:26:31","http://api.iwangsen.com/heimaupdate/lingyi.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99887/"
 "99886","2018-12-26 13:20:12","http://api.iwangsen.com/chengzaiupdate/chengzai.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99886/"
 "99885","2018-12-26 13:20:09","http://api.iwangsen.com/jinglingupdate/jingling.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99885/"
 "99884","2018-12-26 13:19:26","http://api.iwangsen.com/taobaowangupdate/taobaowang.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99884/"
@@ -40854,16 +41404,16 @@
 "99879","2018-12-26 12:17:02","http://cdn.discordapp.com/attachments/526358454084960266/526774249990389790/314.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99879/"
 "99878","2018-12-26 12:12:02","http://optimasaludmental.com/Scan173.zip","online","malware_download","Ransomware,RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/99878/"
 "99877","2018-12-26 11:49:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Additional%20Tools/Virus%20reg_text/Reg-List-Dat_Packer2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99877/"
-"99876","2018-12-26 11:48:59","http://dx111.downyouxi.com/qunxiongshishibandichongtu.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99876/"
+"99876","2018-12-26 11:48:59","http://dx111.downyouxi.com/qunxiongshishibandichongtu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99876/"
 "99875","2018-12-26 11:48:15","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/Nuclear%20RAT%20Trojan/client.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99875/"
-"99874","2018-12-26 11:48:13","http://dx111.downyouxi.com/sanguozhanjizhengzong2009huiyipian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99874/"
+"99874","2018-12-26 11:48:13","http://dx111.downyouxi.com/sanguozhanjizhengzong2009huiyipian.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99874/"
 "99873","2018-12-26 11:46:23","http://www.softhy.net/softhy.net_down/cs93softhy.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99873/"
 "99872","2018-12-26 11:45:04","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Lite-SOCKS/Generator.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99872/"
 "99871","2018-12-26 11:42:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Lite-SOCKS/Packer.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99871/"
 "99870","2018-12-26 11:40:06","http://alfarius.ru/sites/img.jpg","offline","malware_download","exe,Ransomware,RUS,Troldesh","https://urlhaus.abuse.ch/url/99870/"
 "99869","2018-12-26 11:39:03","https://ktgroup.com.ua/misc/Scan072.zip","offline","malware_download","Ransomware,RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/99869/"
 "99868","2018-12-26 11:34:03","http://amarasrilankatours.com/inc/lojoi.exe","offline","malware_download","jSocket,NanoCore,rat,XtremeRAT","https://urlhaus.abuse.ch/url/99868/"
-"99867","2018-12-26 11:31:21","http://dx111.downyouxi.com/wujinmaoxianzhilv.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99867/"
+"99867","2018-12-26 11:31:21","http://dx111.downyouxi.com/wujinmaoxianzhilv.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99867/"
 "99866","2018-12-26 11:29:27","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/Trojan-Dropper.Win32.ZomJoiner.25.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99866/"
 "99865","2018-12-26 11:29:26","http://dx111.downyouxi.com/dnftafangwudibanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99865/"
 "99864","2018-12-26 11:29:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2016%20Hacking%20Webservers/webdav-gui/webdav-gui.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99864/"
@@ -40871,7 +41421,7 @@
 "99861","2018-12-26 11:26:29","http://dx111.downyouxi.com/ailisizhisi3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99861/"
 "99862","2018-12-26 11:26:29","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2005%20Scanning/Tiny%20TCP%20Firewall/afxfw.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99862/"
 "99860","2018-12-26 11:25:33","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2008%20Trojans%20and%20Backdoors/netbus17/NetBus.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99860/"
-"99859","2018-12-26 11:25:32","http://dx111.downyouxi.com/qinruzhezuozhanxunlian.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99859/"
+"99859","2018-12-26 11:25:32","http://dx111.downyouxi.com/qinruzhezuozhanxunlian.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99859/"
 "99858","2018-12-26 11:25:03","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Module%2014%20Denial%20of%20Service/Nuclear%20Bot/Editor.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99858/"
 "99857","2018-12-26 11:15:58","http://dx111.downyouxi.com/qqtangdanjiban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99857/"
 "99856","2018-12-26 11:15:02","http://repo.thehackademy.net/depot_cehv6/CEHv6%20Additional%20Tools/sendip%20v%201.5/sendip.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99856/"
@@ -40988,7 +41538,7 @@
 "99745","2018-12-25 23:42:09","http://one.ifis.today/downloads/Servise/jusched_srv.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99745/"
 "99744","2018-12-25 23:37:03","http://one.ifis.today/downloads/Modul/load.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/99744/"
 "99743","2018-12-25 23:37:02","http://one.ifis.today/downloads/KM_HS/hostdll1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99743/"
-"99742","2018-12-25 23:36:05","http://nesbbc.top/360/148/waNewRat360.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99742/"
+"99742","2018-12-25 23:36:05","http://nesbbc.top/360/148/waNewRat360.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99742/"
 "99741","2018-12-25 23:36:02","http://one.ifis.today/downloads/lsass_pb/Updater1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99741/"
 "99740","2018-12-25 23:35:11","http://205.185.119.101/vb/xxx.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99740/"
 "99739","2018-12-25 23:35:09","http://205.185.119.101/vb/xxx.spc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99739/"
@@ -41000,15 +41550,15 @@
 "99733","2018-12-25 23:34:03","http://one.ifis.today/downloads/Modul/SystemNT.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99733/"
 "99732","2018-12-25 23:34:02","http://one.ifis.today/downloads/XP/Secyrityi_IE.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99732/"
 "99731","2018-12-25 23:33:04","http://one.ifis.today/downloads/HS.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99731/"
-"99730","2018-12-25 23:30:03","http://nesbbc.top/360/bbc/T9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99730/"
-"99729","2018-12-25 23:21:03","http://nesbbc.top/360/bbc/T7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99729/"
-"99728","2018-12-25 23:19:03","http://nesbbc.top/360/bbc/T1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99728/"
-"99727","2018-12-25 23:18:08","http://nesbbc.top/360/bbc/T8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99727/"
+"99730","2018-12-25 23:30:03","http://nesbbc.top/360/bbc/T9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99730/"
+"99729","2018-12-25 23:21:03","http://nesbbc.top/360/bbc/T7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99729/"
+"99728","2018-12-25 23:19:03","http://nesbbc.top/360/bbc/T1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99728/"
+"99727","2018-12-25 23:18:08","http://nesbbc.top/360/bbc/T8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99727/"
 "99726","2018-12-25 23:18:03","http://one.ifis.today/downloads/Servise/Updater.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99726/"
 "99725","2018-12-25 23:16:09","http://one.ifis.today/downloads/Servise/Updater1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99725/"
-"99724","2018-12-25 23:08:04","http://nesbbc.top/360/bbc/T3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99724/"
-"99723","2018-12-25 22:41:04","http://nesbbc.top/360/243/wsvchosr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99723/"
-"99722","2018-12-25 22:40:06","http://nesbbc.top/360/243/wsvchos1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99722/"
+"99724","2018-12-25 23:08:04","http://nesbbc.top/360/bbc/T3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99724/"
+"99723","2018-12-25 22:41:04","http://nesbbc.top/360/243/wsvchosr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99723/"
+"99722","2018-12-25 22:40:06","http://nesbbc.top/360/243/wsvchos1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99722/"
 "99721","2018-12-25 22:26:04","http://24.130.74.133:9357/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99721/"
 "99720","2018-12-25 21:45:12","http://205.185.119.101/vb/xxx.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99720/"
 "99719","2018-12-25 21:45:10","http://205.185.119.101/vb/xxx.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99719/"
@@ -41034,17 +41584,17 @@
 "99699","2018-12-25 16:31:03","http://up.qatarw.com/up/2015-12-06/file677480536.exe","offline","malware_download","exe,Xtrat","https://urlhaus.abuse.ch/url/99699/"
 "99698","2018-12-25 16:30:03","http://ayhanceylan.av.tr/LnRO-o7VO_DB-TM/ACH/PaymentInfo/US/Invoice-for-n/e-12/21/2018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/99698/"
 "99697","2018-12-25 16:25:05","http://dhpos.com/wtf/explorer.exe","online","malware_download","exe,Neurevt","https://urlhaus.abuse.ch/url/99697/"
-"99696","2018-12-25 15:45:03","http://www.nesbbc.top/360/bbc/T3.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99696/"
-"99695","2018-12-25 15:44:03","http://www.nesbbc.top/360/bbc/T7.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99695/"
-"99694","2018-12-25 15:43:08","http://www.nesbbc.top/360/148/waNewRat360.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99694/"
-"99693","2018-12-25 15:43:07","http://www.nesbbc.top/360/243/wsvchos1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99693/"
-"99692","2018-12-25 15:43:03","http://www.nesbbc.top/360/243/wsvchosr.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99692/"
-"99691","2018-12-25 15:41:03","http://www.nesbbc.top/360/bbc/T9.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99691/"
+"99696","2018-12-25 15:45:03","http://www.nesbbc.top/360/bbc/T3.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99696/"
+"99695","2018-12-25 15:44:03","http://www.nesbbc.top/360/bbc/T7.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99695/"
+"99694","2018-12-25 15:43:08","http://www.nesbbc.top/360/148/waNewRat360.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99694/"
+"99693","2018-12-25 15:43:07","http://www.nesbbc.top/360/243/wsvchos1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99693/"
+"99692","2018-12-25 15:43:03","http://www.nesbbc.top/360/243/wsvchosr.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99692/"
+"99691","2018-12-25 15:41:03","http://www.nesbbc.top/360/bbc/T9.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99691/"
 "99690","2018-12-25 15:30:06","http://download.enativ.com/new/update_conf.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99690/"
 "99689","2018-12-25 15:24:09","http://emotion.bethlapierre.com/8923rfj.bin","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/99689/"
 "99688","2018-12-25 15:24:07","http://photoviewer.altervista.org/CrKY.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99688/"
-"99687","2018-12-25 15:24:06","http://www.nesbbc.top/360/bbc/T8.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99687/"
-"99686","2018-12-25 15:22:05","http://www.nesbbc.top/360/bbc/T1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/99686/"
+"99687","2018-12-25 15:24:06","http://www.nesbbc.top/360/bbc/T8.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99687/"
+"99686","2018-12-25 15:22:05","http://www.nesbbc.top/360/bbc/T1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/99686/"
 "99685","2018-12-25 13:56:02","http://87.251.82.211/hello-ankit","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99685/"
 "99684","2018-12-25 13:11:04","http://rce.trade/bins/rift.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99684/"
 "99682","2018-12-25 13:11:03","http://rce.trade/bins/rift.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/99682/"
@@ -41797,8 +42347,8 @@
 "98923","2018-12-21 20:17:06","http://patch3.51mag.com/2012/dishonored_trainer_by_arm4nd0.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98923/"
 "98922","2018-12-21 20:15:24","http://wt120.downyouxi.com/hundouluosandanjiaqiangbanzhongwenban.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98922/"
 "98921","2018-12-21 20:11:04","http://patch3.51mag.com/newpatch16/m3k4edit.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98921/"
-"98920","2018-12-21 20:10:23","http://patch3.51mag.com/2012/DOATrainer.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98920/"
-"98919","2018-12-21 20:10:20","http://patch3.51mag.com/2012/civilization_v_trainer_v1_0_1_674_r2.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98919/"
+"98920","2018-12-21 20:10:23","http://patch3.51mag.com/2012/DOATrainer.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98920/"
+"98919","2018-12-21 20:10:20","http://patch3.51mag.com/2012/civilization_v_trainer_v1_0_1_674_r2.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98919/"
 "98918","2018-12-21 20:10:18","http://jaspinformatica.com/sdL8s7hg/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/98918/"
 "98917","2018-12-21 20:10:17","http://xyzeeee.ga/file/nanoz.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/98917/"
 "98916","2018-12-21 20:10:10","http://realitycomputers.nl/CX2ibxR5r4/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/98916/"
@@ -41814,7 +42364,7 @@
 "98906","2018-12-21 19:44:10","http://suporteatendimentorh.com/web?NBOXamp;xc75362dad4a9da06941b7dc3d6915ac64selectedfolderINBOX","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98906/"
 "98905","2018-12-21 19:44:04","http://patch3.51mag.com/newpatch25/prototype_soundfix2.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98905/"
 "98904","2018-12-21 19:42:57","http://patch3.51mag.com/2013/ALI213-PLANTS.VS.ZOMBIES.V1.2.0.1073.PLUS11TRN.DENKA003.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98904/"
-"98903","2018-12-21 19:42:51","http://patch3.51mag.com/newpatch14/sango9tcup_date.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98903/"
+"98903","2018-12-21 19:42:51","http://patch3.51mag.com/newpatch14/sango9tcup_date.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98903/"
 "98902","2018-12-21 19:42:29","http://wt120.downyouxi.com/22loujialidibeiju.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98902/"
 "98901","2018-12-21 19:41:24","http://patch3.51mag.com/2013/ali213-alienscolonialmarine.8_aobeta_fixed.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98901/"
 "98900","2018-12-21 19:41:15","http://wt120.downyouxi.com/tankedajuezhan.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/98900/"
@@ -42077,12 +42627,12 @@
 "98633","2018-12-21 06:01:28","https://pmvrswsociety.com/wp-content/themes/septera/admin/css/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/98633/"
 "98632","2018-12-21 06:01:25","http://gajianku.com/wp-content/themes/ares/images/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98632/"
 "98631","2018-12-21 06:01:17","http://wikaconsulting.com/js/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98631/"
-"98630","2018-12-21 06:01:08","https://fastimmo.fr/wp-includes/ID3/sserv.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98630/"
+"98630","2018-12-21 06:01:08","https://fastimmo.fr/wp-includes/ID3/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/98630/"
 "98629","2018-12-21 06:01:04","http://jenniferdouglasliterarypublicist.com/wp-content/themes/superfast/languages/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/98629/"
 "98628","2018-12-21 06:01:03","https://www.hostingcloud.science/6NQq.js","offline","malware_download","None","https://urlhaus.abuse.ch/url/98628/"
 "98627","2018-12-21 06:00:11","https://tagmanager.vn//wp-content/themes/pridmag/sup.exe","offline","malware_download","exe,Retefe","https://urlhaus.abuse.ch/url/98627/"
 "98626","2018-12-21 05:52:04","http://dianneholman.com/R4YEKTW.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98626/"
-"98625","2018-12-21 05:51:13","http://patch3.51mag.com/newpatch21/ss4trn.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/98625/"
+"98625","2018-12-21 05:51:13","http://patch3.51mag.com/newpatch21/ss4trn.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/98625/"
 "98624","2018-12-21 05:51:08","http://influentialparenting.org/blog/wp-content/plugins/Theme-Crystal/FlashPlayer_Update.cpl","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98624/"
 "98623","2018-12-21 05:51:02","http://tiras.org/ordine.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/98623/"
 "98622","2018-12-21 05:26:02","http://uploadexe.com/uploads/5c1ac26d5a3ba025580784.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/98622/"
@@ -42095,7 +42645,7 @@
 "98615","2018-12-21 03:45:13","http://url.emailprotection.link/?aGmQLItz4ajoMEkt5Z_P3gtrfPXUFC3dM_qmuboW6TQ-kC7qNlN37BR_eD8YQ3c1KORYOSFpRXilgqhUuh7aOx-yxhBy9pjj9BeqehIfV_7vKmXhQnQZS1BQq67v2XHHQf9DJ4lpzxa51HTntCDzGUuAU8jQ3km-v9xh3iCFm1ok~/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/98615/"
 "98614","2018-12-21 03:45:12","http://uocmonho.com/oHno-Dc1orvj3ZxXXjd_cdOssUFx-VPM/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/98614/"
 "98613","2018-12-21 03:45:10","http://ultimatehoteldeals.com/de_DE/RVDFZW2613173/DE_de/DOC-Dokument/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98613/"
-"98612","2018-12-21 03:45:09","http://turkexportline.com/ATT/RJoZT_Jf6b8DCJ_ludqf//","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98612/"
+"98612","2018-12-21 03:45:09","http://turkexportline.com/ATT/RJoZT_Jf6b8DCJ_ludqf//","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98612/"
 "98611","2018-12-21 03:45:07","http://track.wizkidhosting.com/track/click/30927887/billfritzjr.com?p=eyJzIjoiVHczRGlkN0Y3dERfZEswbU0yd0QxaHd3V2JvIiwidiI6MSwicCI6IntcInVcIjozMDkyNzg4NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvYmlsbGZyaXR6anIuY29tXFxcL0VXQUxaUU5KQkg4ODQ5ODk0XFxcL0Rva3VtZW50ZVxcXC9GYWt0dXJpZXJ1bmdcIixcImlkXCI6XCJjOGU2YmNiMDJlZmY0NDIzODk3NGY0NmZmMjI3ZjRjOFwiLFwidXJsX2lkc1wiOltcImVhZTE5YTFjZjdhY2VjZDdiYzAwYzFjZmZhZTM4Mjg2NWI5OWNkMzFcIl19In0/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/98611/"
 "98610","2018-12-21 03:45:06","http://tomasabad.es/qFscs-XX1K_apDxzsM-rD/ACH/PaymentAdvice/US/New-order/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98610/"
 "98609","2018-12-21 03:45:05","http://superla.com.mx/HwPN-kON8rJAhI25G6w_iMFmBpiVP-VzO/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/98609/"
@@ -42842,8 +43392,8 @@
 "97862","2018-12-19 15:53:03","http://rdabih.org/m7mnTYaIzL","offline","malware_download","exe","https://urlhaus.abuse.ch/url/97862/"
 "97860","2018-12-19 15:53:02","http://sundownbodrum.com/J335NbN","offline","malware_download","exe","https://urlhaus.abuse.ch/url/97860/"
 "97861","2018-12-19 15:53:02","http://www.roteirobrasil.com/wp-includes/XEBv3PdHgZ","offline","malware_download","exe","https://urlhaus.abuse.ch/url/97861/"
-"97859","2018-12-19 15:48:10","https://www.slboutique.com.br/catalog/cana/Canara_Bank_Letter_Deposit_docx.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/97859/"
-"97858","2018-12-19 15:48:07","https://www.slboutique.com.br/catalog/cdd/Information_Compliance_000029872234_docx.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/97858/"
+"97859","2018-12-19 15:48:10","https://www.slboutique.com.br/catalog/cana/Canara_Bank_Letter_Deposit_docx.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/97859/"
+"97858","2018-12-19 15:48:07","https://www.slboutique.com.br/catalog/cdd/Information_Compliance_000029872234_docx.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/97858/"
 "97857","2018-12-19 15:46:24","http://stoutarc.com/SAYs-K54vaMNeu_iWI-2n/9404844/SurveyQuestionsDec2018/En/ACH-form/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97857/"
 "97856","2018-12-19 15:46:16","http://usjack.com/zLfNB-oorGrGiTG_ZZWHqL-mw/Inv/70797064484/newsletter/En_us/New-order/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97856/"
 "97855","2018-12-19 15:46:11","http://typtotaal.nl/wQum-omqRAMX3_mSMileE-gk/InvoiceCodeChanges/sites/En_us/3-Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/97855/"
@@ -42943,7 +43493,7 @@
 "97761","2018-12-19 12:55:08","http://www.mzkome.com/AMAZON/Documents/122018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/97761/"
 "97760","2018-12-19 12:54:09","http://llen.co.nz/HYkOt-32HWouqGu_ZnxSCuWA-Vm/ACH/PaymentInfo/scan/US/Past-Due-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/97760/"
 "97759","2018-12-19 12:54:04","http://h722.tk/i43.php","offline","malware_download","zip","https://urlhaus.abuse.ch/url/97759/"
-"97758","2018-12-19 12:39:02","https://onedrive.live.com/download?cid=8AD327FEA0288842&resid=8AD327FEA0288842%21476&authkey=ACo-GUvKHDyJL-o","offline","malware_download","zip","https://urlhaus.abuse.ch/url/97758/"
+"97758","2018-12-19 12:39:02","https://onedrive.live.com/download?cid=8AD327FEA0288842&resid=8AD327FEA0288842%21476&authkey=ACo-GUvKHDyJL-o","online","malware_download","zip","https://urlhaus.abuse.ch/url/97758/"
 "97757","2018-12-19 12:23:05","http://58.218.66.96:7788/server.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/97757/"
 "97756","2018-12-19 11:50:07","http://tafertergr.com/rez-senqo/o402ek2m.php?l=yuptb17.dds","offline","malware_download","CAN,exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/97756/"
 "97755","2018-12-19 11:50:03","http://sudetztend.com/rez-senqo/o402ek2m.php?l=yuptb8.dds","offline","malware_download","CAN,exe,geofenced,Gozi,USA","https://urlhaus.abuse.ch/url/97755/"
@@ -43345,7 +43895,7 @@
 "97352","2018-12-18 20:35:34","http://nfbio.com/img/upload_Image/edm/pic_2/UCeCb-xIWsNgQhiZ8NYS_oowntbDO-TxR/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/97352/"
 "97351","2018-12-18 20:35:03","http://mhophotos.com/VpXBr-cUzP9NjL22kTJRl_CAWiSqklH-eTr/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/97351/"
 "97350","2018-12-18 20:34:32","http://www.not2b4gotten.com/bFbS-c2UOBVbGj24GnpT_oliJzxZGw-VrF/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/97350/"
-"97349","2018-12-18 20:33:50","http://www.1040expressdallas.com/EH1CbBG_hYypTq/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/97349/"
+"97349","2018-12-18 20:33:50","http://www.1040expressdallas.com/EH1CbBG_hYypTq/","online","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/97349/"
 "97348","2018-12-18 20:33:19","http://www.quangcaovnstar.vn/wp-admin/z1QfRWkZ_LWUT/","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/97348/"
 "97347","2018-12-18 20:32:47","http://www.masjidbaiturrozaq.com/Xjp_a6M0A/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/97347/"
 "97346","2018-12-18 20:32:17","http://www.mancavedudes.net/K2WZ_GMBP8VtJ/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/97346/"
@@ -43648,7 +44198,7 @@
 "97048","2018-12-18 10:50:02","http://80.211.89.146/hakai.mpsl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/97048/"
 "97047","2018-12-18 10:49:04","http://cestenelles.jakobson.fr/ttt/ojvkljkiy.doc","offline","malware_download","doc,IcedID","https://urlhaus.abuse.ch/url/97047/"
 "97046","2018-12-18 10:48:06","http://cestenelles.jakobson.fr/ttt/rzfviwix.doc","offline","malware_download","doc,IcedID","https://urlhaus.abuse.ch/url/97046/"
-"97045","2018-12-18 10:07:10","http://time.awebsiteonline.com/mmmm.exe","online","malware_download","HawkEye","https://urlhaus.abuse.ch/url/97045/"
+"97045","2018-12-18 10:07:10","http://time.awebsiteonline.com/mmmm.exe","offline","malware_download","HawkEye","https://urlhaus.abuse.ch/url/97045/"
 "97044","2018-12-18 09:47:02","http://www.sparkolvideo.qoiy.ru/ttt/ynAYfimF.doc","offline","malware_download","doc,IcedID","https://urlhaus.abuse.ch/url/97044/"
 "97042","2018-12-18 09:46:03","http://www.sparkolvideo.qoiy.ru/ttt/bVphnaIYgV.doc","offline","malware_download","doc,IcedID","https://urlhaus.abuse.ch/url/97042/"
 "97043","2018-12-18 09:46:03","http://www.sparkolvideo.qoiy.ru/ttt/RWdsbWvMJ.doc","offline","malware_download","doc,IcedID","https://urlhaus.abuse.ch/url/97043/"
@@ -44111,7 +44661,7 @@
 "96573","2018-12-17 19:41:40","http://ciss.mk/sj/wp-includes/efUz-ysEsRh9S6OhJYB_nSyCDAwE-xs/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96573/"
 "96572","2018-12-17 19:41:39","http://www.erhansarac.com/rywr-mVV7OeMmPTPnde_tHrBDLJW-x5J/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96572/"
 "96571","2018-12-17 19:41:38","http://www.arisun.com/PjLYo-78KitaAOqgZBkV_WeBsuRmWc-8F/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96571/"
-"96570","2018-12-17 19:41:09","http://marisel.com.ua/myATT/sEg6zP_QnuzUqhf4_Xmelj8CdG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96570/"
+"96570","2018-12-17 19:41:09","http://marisel.com.ua/myATT/sEg6zP_QnuzUqhf4_Xmelj8CdG/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96570/"
 "96569","2018-12-17 19:41:08","http://johnscevolaseo.com/HezS-3umZKZe0JPtWkn_oMVVbLJn-bP/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96569/"
 "96568","2018-12-17 19:41:06","http://datthocuphuquoc.xyz/YJOiC-qMOD4pCpnSgbPr_QRcxkAmjh-dhT/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96568/"
 "96567","2018-12-17 19:41:03","http://minterburn.co.uk/AT_T_Account/F7qD8WPT_WXMZNzKt_wlQ4Drdop/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/96567/"
@@ -44337,8 +44887,8 @@
 "96321","2018-12-17 16:21:04","http://mail.porterranchpetnanny.com/wp-includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/96321/"
 "96318","2018-12-17 16:01:02","http://jamieatkins.org/AMAZON/Information/2018-12/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/96318/"
 "96317","2018-12-17 16:00:04","http://escamesseguros.com.br/wvvw/ATTBusiness/mqmz_ooaM4tXB8_fTQMqZL/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/96317/"
-"96316","2018-12-17 15:48:33","http://9youwang.com/down/9you_4.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/96316/"
-"96315","2018-12-17 15:48:19","http://9youwang.com/moban/haomuban1/80/4f918-80.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/96315/"
+"96316","2018-12-17 15:48:33","http://9youwang.com/down/9you_4.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/96316/"
+"96315","2018-12-17 15:48:19","http://9youwang.com/moban/haomuban1/80/4f918-80.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/96315/"
 "96314","2018-12-17 15:48:02","http://kc.vedigitize.com/res/Amazon/Payments/122018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/96314/"
 "96313","2018-12-17 15:47:36","http://fastsolutions-france.com/cc.exe","online","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/96313/"
 "96312","2018-12-17 15:47:35","http://tantarantantan23.ru/17/azo_Protected.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/96312/"
@@ -44600,7 +45150,7 @@
 "96052","2018-12-17 06:55:04","https://centromedicopinilla.es/Remittance_171218VI06_PDF.jar","offline","malware_download","jar,malspam","https://urlhaus.abuse.ch/url/96052/"
 "96051","2018-12-17 06:48:04","http://91.227.17.32/nj.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/96051/"
 "96050","2018-12-17 06:48:03","http://91.227.17.32/MINER.exe","offline","malware_download","CoinMiner,exe","https://urlhaus.abuse.ch/url/96050/"
-"96049","2018-12-17 06:39:09","http://alba1004.co.kr/backup/es/asds.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/96049/"
+"96049","2018-12-17 06:39:09","http://alba1004.co.kr/backup/es/asds.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/96049/"
 "96048","2018-12-17 06:39:04","http://questingpanda.com/3BCA150.png","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/96048/"
 "96047","2018-12-17 06:29:13","http://204.12.217.206/g.txt","offline","malware_download","elf","https://urlhaus.abuse.ch/url/96047/"
 "96046","2018-12-17 06:29:10","http://fernandaestrada.net/wp-content/themes/twentysixteen/template-parts/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/96046/"
@@ -44656,7 +45206,7 @@
 "95995","2018-12-16 22:03:08","http://mm2017mmm.com/images/m1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95995/"
 "95994","2018-12-16 20:31:12","http://kamasu11.cafe24.com/autoup/Bsw2008/update.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95994/"
 "95993","2018-12-16 19:52:06","http://187.171.165.162:15177/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95993/"
-"95992","2018-12-16 19:26:08","http://14.44.8.176:1790/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/95992/"
+"95992","2018-12-16 19:26:08","http://14.44.8.176:1790/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95992/"
 "95990","2018-12-16 19:26:04","http://178.128.196.88/ankit/jno.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95990/"
 "95991","2018-12-16 19:26:04","http://178.128.196.88/ankit/jno.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95991/"
 "95989","2018-12-16 19:26:03","http://178.128.196.88/ankit/jno.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95989/"
@@ -44666,7 +45216,7 @@
 "95985","2018-12-16 19:24:04","http://xeggufhxmczp.tw/ifiwis/79669_03845.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/95985/"
 "95984","2018-12-16 19:09:05","http://178.128.196.88/ankit/jno.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95984/"
 "95983","2018-12-16 19:09:03","http://178.128.196.88/ankit/jno.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95983/"
-"95982","2018-12-16 18:56:05","http://mxd-1253507133.file.myqcloud.com/exe/2.6.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95982/"
+"95982","2018-12-16 18:56:05","http://mxd-1253507133.file.myqcloud.com/exe/2.6.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95982/"
 "95981","2018-12-16 18:15:06","http://151.50.135.79:44225/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95981/"
 "95980","2018-12-16 17:36:04","http://xixwdnuawkdi.tw/mndbjn/06705_1868335.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/95980/"
 "95979","2018-12-16 17:24:02","http://80.211.66.236/bins/sora.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95979/"
@@ -44726,7 +45276,7 @@
 "95920","2018-12-16 11:50:05","https://dl.dropboxusercontent.com/s/77uhl07dq3lfx8q/flashplayer_42.8_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/95920/"
 "95919","2018-12-16 11:49:03","https://dl.dropboxusercontent.com/s/wkd0x2uz1s17xn0/flashplayer_42.28_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/95919/"
 "95918","2018-12-16 11:20:05","http://fotofranan.es/De_de/PCSRUFZCG6824582/Rechnungs/Zahlung/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/95918/"
-"95917","2018-12-16 11:06:06","http://down.ecubefile.com/part/tdisk.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95917/"
+"95917","2018-12-16 11:06:06","http://down.ecubefile.com/part/tdisk.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95917/"
 "95916","2018-12-16 10:12:03","http://www.nullcode.in/xenia/XeniaCVatUpdator.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95916/"
 "95915","2018-12-16 10:02:04","http://tecnologiatech.com/wp-content/themes/poseidon/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95915/"
 "95914","2018-12-16 10:02:02","http://theoncarrier.com/nqaB-vuRrwusQ6huXXvT_gvziqJGo-zy","offline","malware_download","doc","https://urlhaus.abuse.ch/url/95914/"
@@ -44802,16 +45352,16 @@
 "95844","2018-12-16 07:01:02","http://213.32.95.48/qvmxvl","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95844/"
 "95843","2018-12-16 07:00:04","http://138.197.1.64/ftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95843/"
 "95842","2018-12-16 07:00:02","http://68.183.208.152/pl0xsparc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95842/"
-"95841","2018-12-16 06:29:51","http://tapnprint.co.uk/IKCustomise/_KioskInstaller/IKCust07_SP4/IKCust07_SP4.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95841/"
-"95840","2018-12-16 06:29:09","http://tapnprint.co.uk/Updater/Airprint/eventer/APProductionLog.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95840/"
+"95841","2018-12-16 06:29:51","http://tapnprint.co.uk/IKCustomise/_KioskInstaller/IKCust07_SP4/IKCust07_SP4.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95841/"
+"95840","2018-12-16 06:29:09","http://tapnprint.co.uk/Updater/Airprint/eventer/APProductionLog.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95840/"
 "95839","2018-12-16 06:28:16","http://tapnprint.co.uk/Updater/Airprint/eventer/patches/UnbindIPV6/unbindtcpipv6.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95839/"
 "95838","2018-12-16 06:28:10","http://fikirhouse.com/js/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95838/"
 "95837","2018-12-16 06:26:05","http://africantradefairpartners.com/wp-content/themes/idyllic/css/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95837/"
-"95836","2018-12-16 06:14:26","http://tapnprint.co.uk/SmartNet/eventer/patches/exFATUD/exFAT.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95836/"
+"95836","2018-12-16 06:14:26","http://tapnprint.co.uk/SmartNet/eventer/patches/exFATUD/exFAT.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95836/"
 "95835","2018-12-16 06:02:31","http://download.sosej.cz/E-Campaign_8.0.37.1628.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95835/"
 "95834","2018-12-16 05:49:02","http://gweijsjkk.desi/HOTTY.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/95834/"
 "95833","2018-12-16 05:37:12","http://sinacloud.net/yun2016/pl25120.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95833/"
-"95832","2018-12-16 05:37:08","https://sinacloud.net/yun2016/PrsProt32.rar","offline","malware_download","AgentTesla,exe,heodo,nemucod,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/95832/"
+"95832","2018-12-16 05:37:08","https://sinacloud.net/yun2016/PrsProt32.rar","online","malware_download","AgentTesla,exe,heodo,nemucod,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/95832/"
 "95831","2018-12-16 05:37:05","http://sinacloud.net/yun2016/Bwin732d.rar","online","malware_download","AgentTesla,exe,nemucod,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/95831/"
 "95830","2018-12-16 05:22:08","http://dl.rp-soft.ir/softwares/google-cracker.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/95830/"
 "95829","2018-12-16 05:22:03","http://sinacloud.net/yun2016/PrsProt32.rar","online","malware_download","AgentTesla,exe,heodo,nemucod,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/95829/"
@@ -44856,14 +45406,14 @@
 "95790","2018-12-16 00:05:03","https://wonderful-davinci-e6a9e8.netlify.com/FLASHUPDATE_016.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/95790/"
 "95789","2018-12-16 00:04:02","https://wonderful-davinci-e6a9e8.netlify.com/FLASHUPDATE_068.EXE","online","malware_download","exe","https://urlhaus.abuse.ch/url/95789/"
 "95788","2018-12-16 00:03:07","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_044.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95788/"
-"95787","2018-12-16 00:03:04","http://download.ware.ru/win/14779_SETUP_opl.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95787/"
+"95787","2018-12-16 00:03:04","http://download.ware.ru/win/14779_SETUP_opl.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95787/"
 "95786","2018-12-16 00:02:08","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_022.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95786/"
 "95785","2018-12-16 00:02:03","http://wonderful-davinci-e6a9e8.netlify.com/flashupdate_051.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95785/"
 "95784","2018-12-16 00:01:04","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_073.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95784/"
 "95783","2018-12-16 00:00:24","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_063.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95783/"
 "95782","2018-12-16 00:00:19","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_027.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95782/"
 "95781","2018-12-16 00:00:06","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_076.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95781/"
-"95780","2018-12-15 23:59:04","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_083.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95780/"
+"95780","2018-12-15 23:59:04","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_083.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95780/"
 "95779","2018-12-15 23:58:05","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_072.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95779/"
 "95778","2018-12-15 23:58:04","https://wonderful-davinci-e6a9e8.netlify.com/flashupdate_029.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/95778/"
 "95777","2018-12-15 23:57:03","http://wonderful-davinci-e6a9e8.netlify.com/flashupdate_055.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95777/"
@@ -44890,7 +45440,7 @@
 "95756","2018-12-15 21:54:44","http://cesan-yuni.com/templates/protostar/less/sserv.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95756/"
 "95755","2018-12-15 21:54:41","http://phukienmayphatdien.xyz/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95755/"
 "95754","2018-12-15 21:54:33","http://spicenday.com/wp-content/themes/advance-portfolio/template-parts/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95754/"
-"95753","2018-12-15 21:54:29","http://dash.simplybackers.com/api/css/images/sserv.jpg","online","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95753/"
+"95753","2018-12-15 21:54:29","http://dash.simplybackers.com/api/css/images/sserv.jpg","offline","malware_download","exe,Shade","https://urlhaus.abuse.ch/url/95753/"
 "95752","2018-12-15 21:54:26","https://heartburnsafe.com/wp-content/themes/basel/css/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95752/"
 "95751","2018-12-15 21:54:22","https://fernandaestrada.net/wp-content/themes/twentysixteen/template-parts/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95751/"
 "95750","2018-12-15 21:54:19","http://furstyle-jl.de/templates/offf/css/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/95750/"
@@ -44909,7 +45459,7 @@
 "95737","2018-12-15 20:42:04","http://healingisnotanaccident.com/wp-content/4562w.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/95737/"
 "95736","2018-12-15 19:48:07","http://www.xpunyseoxygs.tw/ykqbvt/2858481_20852.html","offline","malware_download","gzip","https://urlhaus.abuse.ch/url/95736/"
 "95735","2018-12-15 19:30:06","http://dx.qqyewu.com/soft/uploadfile/2015/150918sssz.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95735/"
-"95734","2018-12-15 19:28:37","http://dx.qqyewu.com/soft/uploadfile/2016/160223tsvip.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95734/"
+"95734","2018-12-15 19:28:37","http://dx.qqyewu.com/soft/uploadfile/2016/160223tsvip.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/95734/"
 "95733","2018-12-15 19:28:24","http://36.84.141.77:26121/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95733/"
 "95732","2018-12-15 19:09:28","http://dx.qqyewu.com/soft/UploadFile/2016/160225vipczz.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95732/"
 "95731","2018-12-15 18:48:17","http://web.classica-il.cf/070.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/95731/"
@@ -44979,7 +45529,7 @@
 "95667","2018-12-15 15:06:02","http://199.38.243.9/bins/sora.arm7","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95667/"
 "95666","2018-12-15 15:05:05","http://199.38.243.9/bins/sora.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95666/"
 "95665","2018-12-15 15:05:04","http://199.38.243.9/bins/sora.sh4","offline","malware_download","elf","https://urlhaus.abuse.ch/url/95665/"
-"95664","2018-12-15 15:05:03","http://healingisnotanaccident.com/wp-content/oset.jpg","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/95664/"
+"95664","2018-12-15 15:05:03","http://healingisnotanaccident.com/wp-content/oset.jpg","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/95664/"
 "95663","2018-12-15 14:16:03","http://199.38.243.9/bins/sora.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/95663/"
 "95662","2018-12-15 14:10:03","http://bestlive.biz/soft/hinge.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95662/"
 "95661","2018-12-15 14:09:03","http://www.nullcode.in/ab/abupdator.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95661/"
@@ -45008,7 +45558,7 @@
 "95636","2018-12-15 11:55:04","http://www.nullcode.in/xenia/CUpdator.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95636/"
 "95635","2018-12-15 11:54:04","http://hontravel.com/wp-admin/includes/98.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95635/"
 "95634","2018-12-15 11:52:55","http://www.okhan.net/soft/uploadfile/guochang/setup_tvplayer.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/95634/"
-"95633","2018-12-15 11:51:14","http://www.okhan.net/soft/uploadfile/youxi/okhan.net-2wn.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95633/"
+"95633","2018-12-15 11:51:14","http://www.okhan.net/soft/uploadfile/youxi/okhan.net-2wn.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/95633/"
 "95632","2018-12-15 11:06:05","http://adakam.com/11/file.exe","offline","malware_download","AUS,DanaBot","https://urlhaus.abuse.ch/url/95632/"
 "95631","2018-12-15 11:05:03","https://www.dropbox.com/s/uos0y01lbh4n703/eFax_message_8507.zip?dl=1","offline","malware_download","AUS,DanaBot,zipped-VBS","https://urlhaus.abuse.ch/url/95631/"
 "95630","2018-12-15 10:10:06","http://tantarantantan23.ru/14/ppnet_Protected.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/95630/"
@@ -45158,7 +45708,7 @@
 "95484","2018-12-15 00:24:48","http://www.estab.org.tr/HPPX-heZy9ExKCuJ417_AvoNJeqoe-MA/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95484/"
 "95483","2018-12-15 00:24:47","http://www.fyrishbikes.com/PpmK-S9B4p4nQLYBIxV_IWnbSWtx-rj/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95483/"
 "95481","2018-12-15 00:24:41","http://www.vidrioyaluminiosayj.com/LOojS-DZJSiNN58uqIBZf_hpRpkLoN-K6p/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95481/"
-"95480","2018-12-15 00:24:39","http://en.worthfind.com/rMmf-k2whfGSKiAfCje_ItuhENMDF-uIi/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95480/"
+"95480","2018-12-15 00:24:39","http://en.worthfind.com/rMmf-k2whfGSKiAfCje_ItuhENMDF-uIi/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95480/"
 "95479","2018-12-15 00:24:35","http://www.sunjsc.vn/LTmgM-aUzzJadtHREpNY_QUHIKCFcj-5n/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95479/"
 "95478","2018-12-15 00:24:32","http://ygraphx.com/fCUzR-egoEybhdOLnMjK_RoLfxLbB-aO/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/95478/"
 "95477","2018-12-15 00:24:31","http://render.lt/pano/EN_US/Payments/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95477/"
@@ -45172,7 +45722,7 @@
 "95468","2018-12-15 00:24:02","http://topjewelrymart.com/jRFE-FCUkvUKQBUcFdeY_aIaCXolmO-Pr/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95468/"
 "95467","2018-12-15 00:24:00","http://www.sial-healthcare.co.uk/GxZp-oczyr74mcUTZg4_KMcFfxVb-sOu/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95467/"
 "95466","2018-12-15 00:23:58","http://www.passosdainfancia.com.br/UWMYF-TZ6dQPKEX87nIlV_OdqAHpDF-rH/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95466/"
-"95465","2018-12-15 00:23:43","http://teambored.co.uk/uyTo-1rseAk21WClGFc_ZCwOpzWF-UB/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95465/"
+"95465","2018-12-15 00:23:43","http://teambored.co.uk/uyTo-1rseAk21WClGFc_ZCwOpzWF-UB/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95465/"
 "95464","2018-12-15 00:23:41","http://www.manga-gaysex.com/iYYd-nLy4RUCJFIomuGW_waVwSQbz-GvG/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95464/"
 "95463","2018-12-15 00:23:39","http://yolcuinsaatkesan.com/QCTq/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95463/"
 "95462","2018-12-15 00:23:32","http://simgen.ca/InvoiceCodeChanges/newsletter/En_us/Invoice-for-you/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/95462/"
@@ -45392,7 +45942,7 @@
 "95245","2018-12-14 16:24:52","http://www.ldxquimica.com.br/KPHa-5mBs6E89ijjzCB_mBvftWvR-rG/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95245/"
 "95244","2018-12-14 16:24:47","http://dcaremedicolegal.com/En_us/Clients_transactions/US/ACH/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95244/"
 "95243","2018-12-14 16:24:44","http://drivespa.com/EN_US/Information/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95243/"
-"95242","2018-12-14 16:24:43","http://marisel.com.ua/GSiA-baWrYXyQ03NmZqc_NTQCiTyVA-0ML/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95242/"
+"95242","2018-12-14 16:24:43","http://marisel.com.ua/GSiA-baWrYXyQ03NmZqc_NTQCiTyVA-0ML/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95242/"
 "95241","2018-12-14 16:24:42","http://unitedtechusa.shamiptv.com/uflL-PurSbqRpMaomn9_ZOZpAFHcd-PYW/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95241/"
 "95240","2018-12-14 16:24:40","https://url.emailprotection.link/?auN3ZqjjvuBgWjSin2WSxj8NMGM2GFzyvO5cP19V0eXhyemjWr-Oz-t8EPYieXTXUMYM-qZ6Z8xyWJMu9vOwgFGKY1i7rn-1RjxJB_zJseVxzfvEK9dx0BEfUDiQFX-iO/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/95240/"
 "95239","2018-12-14 16:24:39","http://www.soyinterieur.com/En_us/Attachments/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/95239/"
@@ -45630,7 +46180,7 @@
 "95006","2018-12-14 11:19:04","http://s.51shijuan.com/cz10/51cz20103071471uy.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95006/"
 "95005","2018-12-14 11:18:24","http://s.51shijuan.com/cz09/51cz200908091194xl.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95005/"
 "95004","2018-12-14 11:18:16","http://s.51shijuan.com/cz10/51cz201002081323nr.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95004/"
-"95003","2018-12-14 11:18:11","http://s.51shijuan.com/cz09/51cz200908091286tc.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/95003/"
+"95003","2018-12-14 11:18:11","http://s.51shijuan.com/cz09/51cz200908091286tc.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95003/"
 "95002","2018-12-14 11:17:12","http://s.51shijuan.com/cz09/51cz200908091130nh.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95002/"
 "95001","2018-12-14 11:17:04","http://s.51shijuan.com/cz10/51cz201003111146wn.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95001/"
 "95000","2018-12-14 10:59:09","http://s.51shijuan.com/cz09/51cz200908091238tm.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/95000/"
@@ -45882,7 +46432,7 @@
 "94754","2018-12-14 00:27:37","http://dataserver.c0.pl/En_us/Attachments/122018/","offline","malware_download","emotet,epoch1","https://urlhaus.abuse.ch/url/94754/"
 "94753","2018-12-14 00:27:35","http://doordroppers.co.uk/En_us/Payments/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94753/"
 "94752","2018-12-14 00:27:32","http://eldruidaylashierbas.com/EN_US/Clients_transactions/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94752/"
-"94751","2018-12-14 00:27:30","http://carefreepet.com/US/ACH/12_18/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94751/"
+"94751","2018-12-14 00:27:30","http://carefreepet.com/US/ACH/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94751/"
 "94750","2018-12-14 00:27:28","http://consultingro.com/En_us/Payments/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94750/"
 "94749","2018-12-14 00:27:25","http://cyberholtkamp.com/En_us/ACH/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94749/"
 "94748","2018-12-14 00:27:18","http://asndoors.co.uk/US/Clients_transactions/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94748/"
@@ -45998,7 +46548,7 @@
 "94595","2018-12-13 20:34:04","http://harlemrenaissancecentennial.org/En_us/Details/122018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94595/"
 "94594","2018-12-13 20:33:59","http://cididlawfirm.com/Inv/0861898/default/US_us/Invoice-for-q/d-12/13/2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94594/"
 "94593","2018-12-13 20:33:56","http://meunasahbaro.desa.id/ACH/PaymentAdvice/scan/EN_en/Invoice-receipt/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94593/"
-"94592","2018-12-13 20:33:52","http://30-by-30.com/En_us/Transaction_details/122018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94592/"
+"94592","2018-12-13 20:33:52","http://30-by-30.com/En_us/Transaction_details/122018/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94592/"
 "94591","2018-12-13 20:33:48","http://retorika.co.id/ACH/PaymentAdvice/Download/EN_en/Important-Please-Read/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94591/"
 "94590","2018-12-13 20:33:44","http://maartech.pl//US/Clients_information/122018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94590/"
 "94588","2018-12-13 20:33:40","http://blog.realizaimoveis.com.br/wp-content/US/Transactions/12_18/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/94588/"
@@ -46163,7 +46713,7 @@
 "94399","2018-12-13 16:24:54","http://dfafreezeclan.com/Southwire/1509881820512019/xerox/En/Past-Due-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94399/"
 "94398","2018-12-13 16:24:52","http://demo.letuscode.com/INVOICE/85648790701/OVERPAYMENT/newsletter/US/Important-Please-Read/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94398/"
 "94397","2018-12-13 16:24:51","http://mahestri.id/ACH/PaymentInfo/doc/EN_en/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94397/"
-"94396","2018-12-13 16:24:48","http://dayahblang.id/ACH/PaymentInfo/Document/US/Invoice-Number-613259/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94396/"
+"94396","2018-12-13 16:24:48","http://dayahblang.id/ACH/PaymentInfo/Document/US/Invoice-Number-613259/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94396/"
 "94395","2018-12-13 16:24:45","http://bimaco.id/De/QHWYXOMVK1143081/de/DOC-Dokument/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94395/"
 "94394","2018-12-13 16:24:41","http://library.cifor.org/tmp-delete/lib/__MACOSX/Southwire/11129346223841689/FILE/US/Outstanding-Invoices/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94394/"
 "94393","2018-12-13 16:24:39","http://dontlitigate.com/PaymentStatus/sites/En_us/Invoice/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/94393/"
@@ -46209,7 +46759,7 @@
 "94351","2018-12-13 16:03:06","http://canhovincity-daimo.com/wp-content/uploads/YImNUM5e/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/94351/"
 "94350","2018-12-13 16:02:50","http://draanaalice.com.br/US/Clients_transactions/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94350/"
 "94349","2018-12-13 16:02:47","http://acqualidade.pt/US/Messages/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94349/"
-"94348","2018-12-13 16:02:45","http://miketec.com.hk/US/Clients_Messages/122018/","online","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94348/"
+"94348","2018-12-13 16:02:45","http://miketec.com.hk/US/Clients_Messages/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94348/"
 "94347","2018-12-13 16:02:37","http://inpakpapier.nl/US/Details/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94347/"
 "94346","2018-12-13 16:02:36","http://atostrategies.com/US/Transactions/12_18/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94346/"
 "94345","2018-12-13 16:02:33","http://maartech.pl/US/Clients_information/122018/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94345/"
@@ -46428,7 +46978,7 @@
 "94130","2018-12-13 07:09:09","http://www.afubiagroup.com/XQoB5mT/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/94130/"
 "94129","2018-12-13 07:09:04","http://www.nurserylk.com/4TWENjw8/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/94129/"
 "94128","2018-12-13 06:54:11","http://softhy.net/softhy.net_down/ienovel.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/94128/"
-"94127","2018-12-13 06:54:05","http://mrhinkydink.com/utmods/063/pottytel.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/94127/"
+"94127","2018-12-13 06:54:05","http://mrhinkydink.com/utmods/063/pottytel.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/94127/"
 "94126","2018-12-13 06:37:13","http://expen.cf/ScannedDoc_output_20180512-0751_PDF.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/94126/"
 "94124","2018-12-13 06:37:12","http://expen.cf/1.com","offline","malware_download","None","https://urlhaus.abuse.ch/url/94124/"
 "94123","2018-12-13 06:37:12","http://expen.cf/2.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/94123/"
@@ -46507,7 +47057,7 @@
 "94050","2018-12-13 03:40:08","http://skycnxz2.wy119.com/2/jxwzgj_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94050/"
 "94049","2018-12-13 03:39:02","http://travelcentreny.com/Inv/5547289622/Corporation/En_us/Invoices-attached","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94049/"
 "94048","2018-12-13 03:22:12","http://skycnxz2.wy119.com/yuegft_fr.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/94048/"
-"94047","2018-12-13 03:07:11","http://wxbsc.hzgjp.com/fz2/setup/silverlight5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/94047/"
+"94047","2018-12-13 03:07:11","http://wxbsc.hzgjp.com/fz2/setup/silverlight5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/94047/"
 "94046","2018-12-13 01:24:48","http://185.162.88.237:96/inv.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/94046/"
 "94045","2018-12-13 01:23:02","http://www.progettopersianas.com.br/INVOICE/sites/EN_en/Invoice-9290167","offline","malware_download","doc","https://urlhaus.abuse.ch/url/94045/"
 "94044","2018-12-13 00:24:07","http://www.actld.org.tw/wp-content/upload/EN_US/Transaction_details/2018-12/","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/94044/"
@@ -46968,7 +47518,7 @@
 "93555","2018-12-12 13:04:29","https://www.vdvlugt.org/de_DE/TLVFSCP4179104/Scan/DOC/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93555/"
 "93554","2018-12-12 13:04:27","http://kvltehnika.ee/xerox/US/Invoice/","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93554/"
 "93553","2018-12-12 13:04:27","http://miniaturapty.com/DE/SJXGIBBY2190847/Bestellungen/FORM/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93553/"
-"93552","2018-12-12 13:04:25","http://miniboone.com/Dezember2018/RFIDIDLMG4318849/Rechnungs/Zahlungserinnerung/","online","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93552/"
+"93552","2018-12-12 13:04:25","http://miniboone.com/Dezember2018/RFIDIDLMG4318849/Rechnungs/Zahlungserinnerung/","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/93552/"
 "93551","2018-12-12 13:04:23","http://strike3productions.com/CmxgkGP/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/93551/"
 "93550","2018-12-12 13:04:21","http://drapart.org/P5AhWbm7m/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/93550/"
 "93549","2018-12-12 13:04:16","http://ghoulash.com/VcFbtIE7M/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/93549/"
@@ -47478,7 +48028,7 @@
 "93037","2018-12-11 13:19:04","http://83.57.160.255:6759/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/93037/"
 "93036","2018-12-11 13:19:02","http://roddom.601125.ru/IRS/IRS-irsonline-treasury-gov/Record-of-Account-Transcript/12112018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/93036/"
 "93035","2018-12-11 13:05:06","http://wazzah.com.br/doc/En_us/Sales-Invoice","offline","malware_download","doc","https://urlhaus.abuse.ch/url/93035/"
-"93034","2018-12-11 13:05:05","http://creamistryfranchise.com/5vAfyDtA","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/93034/"
+"93034","2018-12-11 13:05:05","http://creamistryfranchise.com/5vAfyDtA","online","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/93034/"
 "93033","2018-12-11 13:05:03","http://animalovers.us/cRXX","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/93033/"
 "93032","2018-12-11 13:05:03","http://shariaexclusive.com/Qod6x","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/93032/"
 "93031","2018-12-11 12:59:09","http://jd-studio.net/Southwire/KTL870387956/doc/EN_en/Invoices-Overdue","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/93031/"
@@ -47498,7 +48048,7 @@
 "93017","2018-12-11 11:55:05","http://www.phillipjohnson.co.uk/yP7gDa","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/93017/"
 "93016","2018-12-11 11:55:03","http://nusantararental.com/Z4aZh","offline","malware_download","emotet,epoch2,exe","https://urlhaus.abuse.ch/url/93016/"
 "93015","2018-12-11 11:21:03","http://178.156.202.202/bins/unix.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/93015/"
-"93014","2018-12-11 11:19:09","http://82.137.216.202:11298/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/93014/"
+"93014","2018-12-11 11:19:09","http://82.137.216.202:11298/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/93014/"
 "93013","2018-12-11 10:40:03","http://mjvd.me/virus.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/93013/"
 "93012","2018-12-11 10:36:04","http://thelivingstonfamily.net/5066BVTO/PAYROLL/Commercial","offline","malware_download","doc","https://urlhaus.abuse.ch/url/93012/"
 "93011","2018-12-11 10:36:03","http://dbwsweb.com/launchers/Invoice/5087497/files/US_us/Invoice-Number-381357","offline","malware_download","doc","https://urlhaus.abuse.ch/url/93011/"
@@ -47563,7 +48113,7 @@
 "92952","2018-12-11 07:23:03","http://68.183.212.61/x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/92952/"
 "92951","2018-12-11 07:23:02","http://142.93.102.204/Axe","offline","malware_download","elf","https://urlhaus.abuse.ch/url/92951/"
 "92950","2018-12-11 07:22:05","http://142.93.102.204/pie","offline","malware_download","elf","https://urlhaus.abuse.ch/url/92950/"
-"92949","2018-12-11 07:22:04","http://www.velatoursrls.com/templates/ol_blexi/css/font-awesome/sserv.jpg","online","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/92949/"
+"92949","2018-12-11 07:22:04","http://www.velatoursrls.com/templates/ol_blexi/css/font-awesome/sserv.jpg","offline","malware_download","exe,Troldesh","https://urlhaus.abuse.ch/url/92949/"
 "92948","2018-12-11 07:22:02","http://standart-uk.ru/En_us/Attachments/122018","offline","malware_download","doc","https://urlhaus.abuse.ch/url/92948/"
 "92946","2018-12-11 07:20:02","http://51.15.68.150/executable/lulz.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/92946/"
 "92947","2018-12-11 07:20:02","http://www.reparaties-ipad.nl/Document/En/Summit-Companies-Invoice-6895582","offline","malware_download","doc","https://urlhaus.abuse.ch/url/92947/"
@@ -47870,7 +48420,7 @@
 "92637","2018-12-11 02:31:15","http://wpthemes.com/QdO/","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/92637/"
 "92636","2018-12-11 02:31:13","http://23.249.161.100/saint/ben.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/92636/"
 "92635","2018-12-11 02:31:07","http://googletime.ac.ug/10/gccccc1111.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/92635/"
-"92634","2018-12-11 02:30:17","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,HawkEye,LimeRAT,QuasarRAT,RemcosRAT","https://urlhaus.abuse.ch/url/92634/"
+"92634","2018-12-11 02:30:17","http://watchdogdns.duckdns.orgwatchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,HawkEye,LimeRAT,QuasarRAT,RemcosRAT","https://urlhaus.abuse.ch/url/92634/"
 "92633","2018-12-11 02:18:10","http://giallaz.tuttotone.com/rm82/explorer.exe","offline","malware_download","exe,njRAT","https://urlhaus.abuse.ch/url/92633/"
 "92632","2018-12-11 02:03:02","http://104.248.137.30/pftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/92632/"
 "92631","2018-12-11 02:02:03","http://track.wizkidhosting.com/track/click/30927887/saveraahealthcare.com?p=eyJzIjoiUklYQ3Zmb3RmcHZQRUE4dXlUeXRkM1ZKNDhVIiwidiI6MSwicCI6IntcInVcIjozMDkyNzg4NyxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvc2F2ZXJhYWhlYWx0aGNhcmUuY29tXFxcL0lSUy5HT1ZcXFwvSW50ZXJuYWwtUmV2ZW51ZS1TZXJ2aWNlLU9ubGluZVxcXC9SZWNvcmQtb2YtQWNjb3VudC1UcmFuc2NyaXB0XFxcLzEyMTAyMDE4XCIsXCJpZFwiOlwiMGFiYWVkN2RlYWRmNDY3M2JjNzY1OTdiZDQ5ODY0MGFcIixcInVybF9pZHNcIjpbXCIwYTYzMTE1NTgxMzUwMzc4MTU2YzYwYmFlZjllZWE5NGZlNWYyNzllXCJdfSJ9","offline","malware_download","doc","https://urlhaus.abuse.ch/url/92631/"
@@ -48212,7 +48762,7 @@
 "92278","2018-12-10 13:00:02","https://docs.google.com/uc?id=1hAJtdASFUTA6VeW8D5Gjkd_BHNd3PWMC","offline","malware_download","exe,GBR,Gozi","https://urlhaus.abuse.ch/url/92278/"
 "92277","2018-12-10 12:58:04","http://139.59.69.64/bins/sector.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/92277/"
 "92276","2018-12-10 12:58:03","https://doc-04-68-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/c4eugklk7qpu5eb7eoicdpjn2p7clfr9/1544443200000/05984462313861663074/*/10uDRUJcZKI7xiMr98Ak535xBqUIsOGA1","offline","malware_download","exe","https://urlhaus.abuse.ch/url/92276/"
-"92275","2018-12-10 12:41:09","https://www.velatoursrls.com/templates/ol_blexi/css/font-awesome/sserv.jpg","online","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/92275/"
+"92275","2018-12-10 12:41:09","https://www.velatoursrls.com/templates/ol_blexi/css/font-awesome/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/92275/"
 "92274","2018-12-10 12:41:06","http://careforthesheep.org/wp-content/ai1wm-backups/sserv.jpg","offline","malware_download","exe,Shade,Troldesh","https://urlhaus.abuse.ch/url/92274/"
 "92273","2018-12-10 12:29:04","http://girlfridaymusic.com/wp-content/themes/twentyten/WU.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/92273/"
 "92272","2018-12-10 12:18:15","http://weisbergweb.com/fEPPM/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/92272/"
@@ -50200,7 +50750,7 @@
 "90260","2018-12-06 16:12:07","http://minterburn.co.uk/newsletter/En_us/Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90260/"
 "90259","2018-12-06 16:12:05","http://mtaconsulting.com/newsletter/EN_en/Invoice-for-o/k-12/06/2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90259/"
 "90258","2018-12-06 16:12:03","http://kolny.cz/IRS.GOV/IRS-Transcript-treasury-gov/Verification-of-Non-filing-Letter/December-06-2018","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/90258/"
-"90257","2018-12-06 16:04:21","http://tcy.198424.com/12YKGYY.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/90257/"
+"90257","2018-12-06 16:04:21","http://tcy.198424.com/12YKGYY.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/90257/"
 "90256","2018-12-06 15:55:26","http://arreyhotels.com.br/wp-admin/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90256/"
 "90255","2018-12-06 15:55:25","http://seasonsfamilymedicine.com/wp-includes/pomo/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90255/"
 "90254","2018-12-06 15:55:23","http://silverstoltsen.com/wp-content/plugins/facebook-comments-plugin/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/90254/"
@@ -51406,7 +51956,7 @@
 "89037","2018-12-05 00:12:07","http://iberias.ge/PFGbVX0Nl","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89037/"
 "89036","2018-12-05 00:12:05","http://fortifi.com/bECoyZ4dr","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89036/"
 "89035","2018-12-05 00:12:03","http://kosses.nl/s7U7gvF","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/89035/"
-"89034","2018-12-04 23:21:13","http://tcy.198424.com/SUIJICHOUQIANCX.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/89034/"
+"89034","2018-12-04 23:21:13","http://tcy.198424.com/SUIJICHOUQIANCX.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/89034/"
 "89033","2018-12-04 23:21:09","http://46.17.47.73/vodity.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/89033/"
 "89032","2018-12-04 22:46:09","http://websitedesigngarden.com/k7Xp","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/89032/"
 "89031","2018-12-04 22:46:06","http://itbparnamirim.org/fj","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/89031/"
@@ -51419,7 +51969,7 @@
 "89024","2018-12-04 22:45:08","http://ptgut.co.id/Corporation/EN_en/999-88-805311-816-999-88-805311-384","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/89024/"
 "89023","2018-12-04 22:45:06","http://bratech.co.jp/lpo/m/mfp/tmp/doc/En_us/Invoice-for-you","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/89023/"
 "89021","2018-12-04 22:36:05","http://ars-internationals.com/INFO/EN_en/Invoice-7592660","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89021/"
-"89020","2018-12-04 22:20:18","http://a.xiazai163.com/down/cyspysrj_itmop.com.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/89020/"
+"89020","2018-12-04 22:20:18","http://a.xiazai163.com/down/cyspysrj_itmop.com.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/89020/"
 "89019","2018-12-04 22:20:07","http://jaylonimpex.com/LAYEDED/hush/ASKJHGFGHJ.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/89019/"
 "89018","2018-12-04 22:20:04","http://franceslin.com/xerox/En_us/Past-Due-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/89018/"
 "89017","2018-12-04 22:05:26","http://jaylonimpex.com/LAYEDED/hush/KKKAMM.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/89017/"
@@ -51511,7 +52061,7 @@
 "88929","2018-12-04 16:11:04","http://vcube-vvp.com/0Tfl6UZQ","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88929/"
 "88928","2018-12-04 16:00:03","http://tom-steed.com/3708605SRQOW/PAY/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88928/"
 "88927","2018-12-04 15:59:11","https://f.coka.la/GXEACu.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88927/"
-"88926","2018-12-04 15:59:10","http://a.xiazai163.com/down/ghojingxianganzhuangqiwin10_itmop.com.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/88926/"
+"88926","2018-12-04 15:59:10","http://a.xiazai163.com/down/ghojingxianganzhuangqiwin10_itmop.com.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88926/"
 "88925","2018-12-04 15:59:02","https://f.coka.la/3vnnZy.jpg","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/88925/"
 "88924","2018-12-04 15:45:40","https://ruforum.uonbi.ac.ke/wp-content/uploads/8A/PAY/Commercial/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88924/"
 "88923","2018-12-04 15:45:38","http://bemsar.tevci.org/files/Scan/DETAILS/Rech-IES-22-82270/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88923/"
@@ -51661,7 +52211,7 @@
 "88779","2018-12-04 11:12:03","https://qcpqng.bn.files.1drv.com/y4m9kHWz89JR7S6aTjHNKG09R1lQsJQN1svT6DUMJ53Gp2sKr6GcD66Y0pKmjamlmuZC0rQZgHRD6XzsSvKtZAShuHth6AUdQf40vgV4yOWlYXFcGEi3DTi0uyUBx1NL7wzXPWyby46OCqpLf2J_VaI5qX8dc6Mfna04wmZ2-aWJIoo6rN1cq4eRM6VZ1GdcZkhnnYI0-ZwG0hDtYu3TJG1Xw/Final%20BOQ%20Quotation.zip?download&psid=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88779/"
 "88778","2018-12-04 11:09:03","http://u908048402.hostingerapp.com/obil.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/88778/"
 "88777","2018-12-04 10:59:06","http://alphaterapi.no/Download/EN_en/Invoice-for-h/c-12/04/2018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88777/"
-"88776","2018-12-04 10:59:05","http://onedrive.live.com/download?cid=2BCCCFD49591E542&resid=2BCCCFD49591E542!104&authkey=ACSUapER1G2BuSA","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88776/"
+"88776","2018-12-04 10:59:05","http://onedrive.live.com/download?cid=2BCCCFD49591E542&resid=2BCCCFD49591E542!104&authkey=ACSUapER1G2BuSA","online","malware_download","zip","https://urlhaus.abuse.ch/url/88776/"
 "88775","2018-12-04 10:59:03","https://qcpqng.bn.files.1drv.com/y4m1zmqVT1rvTbxmOMbK8q9NtRG4j0klUoigOsaPMUn0Q9_L6AOINono45XcmdQGGuxC5FTmLZcJ1OaP8ntey0WZnekwmM_LLzD94Rn59ueDyU4NlO3DbsXKm6BuyTc06cFHLi8dr3vBcsMs1M5cs72ITU_Lke1I4GxI_oKjEu4eWpO9bp_17hUl6qr6jt5V_Q-bng__OIl9Nus2LlcFE_zJw/Final%20BOQ%20Quotation.zip?download&psid=1","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88775/"
 "88774","2018-12-04 10:50:04","http://gapsystem.com.ar/7qNiy0g/","offline","malware_download","emotet,epoch1,exe","https://urlhaus.abuse.ch/url/88774/"
 "88772","2018-12-04 10:50:03","http://brkini.net/o8MS8X4/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/88772/"
@@ -51986,7 +52536,7 @@
 "88452","2018-12-04 00:33:05","http://tom-steed.com/pYP5mhsWm/SEP/PrivateBanking","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88452/"
 "88451","2018-12-04 00:33:05","http://venusnevele.be/LLC/En/Outstanding-Invoices","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/88451/"
 "88450","2018-12-04 00:33:03","http://adsmith.in/9zPcEumvy1","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/88450/"
-"88449","2018-12-04 00:30:14","http://tcy.198424.com/FOLDERENCRYPTORPJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88449/"
+"88449","2018-12-04 00:30:14","http://tcy.198424.com/FOLDERENCRYPTORPJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88449/"
 "88448","2018-12-04 00:19:03","http://carminewarren.com/AwanSite/newsletter/En/Invoices-Overdue","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88448/"
 "88447","2018-12-03 23:52:06","https://a.doko.moe/tkencn.jpg","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/88447/"
 "88446","2018-12-03 23:24:06","http://laparomag.ru/9113BKSMFTUQ/identity/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/88446/"
@@ -52225,8 +52775,8 @@
 "88195","2018-12-03 11:00:04","http://181.174.57.207:43920/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88195/"
 "88194","2018-12-03 10:56:03","http://tvaradze.com/r/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/88194/"
 "88193","2018-12-03 10:38:03","http://oceanicproducts.eu/temple/temple.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/88193/"
-"88192","2018-12-03 10:30:32","http://p1.lingpao8.com/dra/20140108.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/88192/"
-"88191","2018-12-03 10:28:32","http://p1.lingpao8.com/dra/20140618_L.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/88191/"
+"88192","2018-12-03 10:30:32","http://p1.lingpao8.com/dra/20140108.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88192/"
+"88191","2018-12-03 10:28:32","http://p1.lingpao8.com/dra/20140618_L.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88191/"
 "88190","2018-12-03 10:20:04","http://danalexintl.com/bcc/hostNT.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/88190/"
 "88189","2018-12-03 10:16:03","http://www.basmaclinic.com/wp-content/plugins/wr-pagebuilder/assets/woorockets/images/icons-16/calc.exe?54","offline","malware_download","Retefe","https://urlhaus.abuse.ch/url/88189/"
 "88188","2018-12-03 10:09:03","http://www.cubino.it/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/wpcli/calc.exe","offline","malware_download","exe,Retefe","https://urlhaus.abuse.ch/url/88188/"
@@ -52317,7 +52867,7 @@
 "88103","2018-12-03 03:47:09","http://protoblues.com/cloudnet.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88103/"
 "88102","2018-12-03 03:25:19","http://58.218.66.90:6677/love","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88102/"
 "88101","2018-12-03 03:09:02","http://blog.gothicangelclothing.co.uk/Fuji.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88101/"
-"88100","2018-12-03 02:55:08","http://p1.lingpao8.com/App/20160119.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/88100/"
+"88100","2018-12-03 02:55:08","http://p1.lingpao8.com/App/20160119.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88100/"
 "88099","2018-12-03 02:33:02","http://142.93.243.137/bins/hoho.m68k","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88099/"
 "88098","2018-12-03 02:31:04","http://142.93.163.62/x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88098/"
 "88097","2018-12-03 02:31:03","http://142.93.243.137/bins/hoho.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88097/"
@@ -52330,10 +52880,10 @@
 "88090","2018-12-03 02:28:05","http://142.93.163.62/armv6l","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88090/"
 "88089","2018-12-03 02:28:04","http://142.93.243.137/bins/hoho.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88089/"
 "88088","2018-12-03 02:28:03","http://142.93.243.137/bins/hoho.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88088/"
-"88087","2018-12-03 02:18:31","http://tcy.198424.com/ZDZWMMSDW.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88087/"
-"88086","2018-12-03 02:17:35","http://tcy.198424.com/CFXCBSFYJWSBMDGJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88086/"
+"88087","2018-12-03 02:18:31","http://tcy.198424.com/ZDZWMMSDW.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88087/"
+"88086","2018-12-03 02:17:35","http://tcy.198424.com/CFXCBSFYJWSBMDGJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88086/"
 "88085","2018-12-03 02:17:04","http://205.209.176.202:2018/999","offline","malware_download","elf","https://urlhaus.abuse.ch/url/88085/"
-"88084","2018-12-03 02:10:09","http://tcy.198424.com/FYP2PZZSSQ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/88084/"
+"88084","2018-12-03 02:10:09","http://tcy.198424.com/FYP2PZZSSQ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/88084/"
 "88083","2018-12-03 02:09:06","http://owwwc.com/mm/BX.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88083/"
 "88082","2018-12-03 01:54:04","http://sad-kurbatovo.nubex.ru/resources/doc-5571-file-block_files_5571-5572.file/name","offline","malware_download","exe","https://urlhaus.abuse.ch/url/88082/"
 "88081","2018-12-03 01:44:08","http://art.nfile.net/files/art.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/88081/"
@@ -53386,7 +53936,7 @@
 "87030","2018-11-29 18:56:04","http://pioneerfitting.com/image/amb001.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/87030/"
 "87029","2018-11-29 18:14:02","http://animalrescueis.us/xerox/En/Important-Please-Read/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/87029/"
 "87028","2018-11-29 17:56:08","http://186.188.229.46:44977/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/87028/"
-"87027","2018-11-29 17:56:06","http://1.34.220.200:52672/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/87027/"
+"87027","2018-11-29 17:56:06","http://1.34.220.200:52672/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/87027/"
 "87026","2018-11-29 17:46:03","http://playitforwardnashville.com/harzrthb","offline","malware_download","doc,gootkit,Loader","https://urlhaus.abuse.ch/url/87026/"
 "87025","2018-11-29 17:46:02","http://mirabellekruger.com/dbshdsdk","offline","malware_download","doc,gootkit,Loader","https://urlhaus.abuse.ch/url/87025/"
 "87024","2018-11-29 17:23:05","http://mexathermal.co.uk/EN/CyberMonday2018/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/87024/"
@@ -53433,7 +53983,7 @@
 "86983","2018-11-29 15:15:03","http://radiotaxilaguna.com/files/En/Need-to-send-the-attachment/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/86983/"
 "86982","2018-11-29 15:08:05","http://nasdacoin.ru/xmrig.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86982/"
 "86981","2018-11-29 14:50:07","http://update-prog.com/update.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/86981/"
-"86980","2018-11-29 14:49:40","http://tcy.198424.com/WINSOCKZBGJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86980/"
+"86980","2018-11-29 14:49:40","http://tcy.198424.com/WINSOCKZBGJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86980/"
 "86979","2018-11-29 14:38:50","http://en.avtoprommarket.ru/Document/En_us/Open-Past-Due-Orders","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86979/"
 "86978","2018-11-29 14:38:48","http://terrats.biz/default/US_us/ACH-form","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86978/"
 "86977","2018-11-29 14:38:46","http://venturemeets.com/wp-content/sites/US/Service-Invoice","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86977/"
@@ -53459,13 +54009,13 @@
 "86957","2018-11-29 14:20:00","http://31.214.240.105/florid/darkrat/plugins/miner/gpuamd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86957/"
 "86956","2018-11-29 14:19:58","http://31.214.240.105/florid/darkrat/plugins/updater/system.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86956/"
 "86955","2018-11-29 14:19:57","http://31.214.240.105/florid/darkrat/plugins/miner/cpu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86955/"
-"86954","2018-11-29 14:19:54","http://tcy.198424.com/YIJIANJUYUWANGWENJIANGXRJ.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/86954/"
+"86954","2018-11-29 14:19:54","http://tcy.198424.com/YIJIANJUYUWANGWENJIANGXRJ.RAR","online","malware_download","rar","https://urlhaus.abuse.ch/url/86954/"
 "86953","2018-11-29 14:17:06","http://symbisystems.com/PL9qSNRM6","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86953/"
 "86952","2018-11-29 14:17:03","http://sevensites.es/NhG0JMO","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86952/"
 "86951","2018-11-29 14:17:01","http://tccrennes.fr/n7KoD5DB5W","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86951/"
 "86950","2018-11-29 14:17:00","http://reflectionpress.com/mm7GGS7ie","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86950/"
 "86949","2018-11-29 14:16:58","http://rabinovicionline.com/GWBhWrqx0","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86949/"
-"86948","2018-11-29 14:16:55","http://tcy.198424.com/GTQQKJSSCQQ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86948/"
+"86948","2018-11-29 14:16:55","http://tcy.198424.com/GTQQKJSSCQQ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86948/"
 "86947","2018-11-29 14:14:04","http://sjpowersolution.com/wp-content/themes/store/languages/sserv.jpg","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86947/"
 "86946","2018-11-29 14:11:12","http://shannonmolloy.com/En/CyberMonday2018","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86946/"
 "86945","2018-11-29 14:11:10","http://siteme.com/En/Clients_CM_Coupons","offline","malware_download","emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/86945/"
@@ -53512,7 +54062,7 @@
 "86902","2018-11-29 12:33:08","http://www.pushkino-motors.ru/I57072557093082-50A90002419572802261.zip","offline","malware_download","DEU,Nymaim,zipped-exe","https://urlhaus.abuse.ch/url/86902/"
 "86901","2018-11-29 12:33:06","http://www.superacionpobreza.cl/haztesocio/R13-0964773181181105522515249446566.zip","offline","malware_download","DEU,Nymaim,zipped-exe","https://urlhaus.abuse.ch/url/86901/"
 "86900","2018-11-29 12:21:03","http://cybernicity.com/63jvP6YgU/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/86900/"
-"86899","2018-11-29 12:13:09","http://www.wanderers.com/jukebox/jukeupdate.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/86899/"
+"86899","2018-11-29 12:13:09","http://www.wanderers.com/jukebox/jukeupdate.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/86899/"
 "86898","2018-11-29 12:12:02","https://image.woodrockestate.com/update/65n8e56uth.txt","offline","malware_download","BITS,geofenced,ITA,sLoad","https://urlhaus.abuse.ch/url/86898/"
 "86897","2018-11-29 11:23:14","http://rodtimberproducts.co.za/s","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/86897/"
 "86896","2018-11-29 11:23:11","http://lawsonmusicco.com/NJ3Ta","offline","malware_download","emotet,epoch2,exe,heodo","https://urlhaus.abuse.ch/url/86896/"
@@ -53754,7 +54304,7 @@
 "86659","2018-11-28 23:24:04","http://ansaigon.com/templates/tm_parallaite/features/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86659/"
 "86658","2018-11-28 23:24:03","https://chasehematite.com/wp-content/themes/rara-business/sections/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86658/"
 "86657","2018-11-28 23:22:21","http://tuhoctiengduc.asia/wp-includes/ID3/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86657/"
-"86656","2018-11-28 23:22:17","http://nexusonedegoogle.com/wp-includes/ID3/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86656/"
+"86656","2018-11-28 23:22:17","http://nexusonedegoogle.com/wp-includes/ID3/sserv.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86656/"
 "86655","2018-11-28 23:22:15","http://conseil-btp.fr/wp-snapshots/sserv.jpg","online","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86655/"
 "86654","2018-11-28 23:22:13","http://www.izmirlipilavciadnan.com/wp-content/themes/twentyseventeen/assets/css/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86654/"
 "86652","2018-11-28 23:22:11","http://xn--e1adigbdjz5k.xn--p1ai/includes/sserv.jpg","offline","malware_download","exe,Ransomware,Shade,Troldesh","https://urlhaus.abuse.ch/url/86652/"
@@ -54069,7 +54619,7 @@
 "86340","2018-11-28 14:50:05","http://201.68.165.46:26272/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86340/"
 "86339","2018-11-28 14:49:08","http://175.151.123.42:27756/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86339/"
 "86338","2018-11-28 14:38:12","http://gonorthhalifax.com/ffmoJjv8/de_DE/IhreSparkasse","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86338/"
-"86337","2018-11-28 14:29:09","http://tcy.198424.com/JIUYUANQQALICEFREE.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86337/"
+"86337","2018-11-28 14:29:09","http://tcy.198424.com/JIUYUANQQALICEFREE.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86337/"
 "86336","2018-11-28 14:28:04","https://omalleyco-my.sharepoint.com/:u:/g/personal/emma_sho_co_nz/EbQRIY4HsDlHhnMvJxGtgwoB9UgiLMLTNvyfdl5CFWqSbw?e=GftPPW&download=1","offline","malware_download","Gozi,vbs,zip","https://urlhaus.abuse.ch/url/86336/"
 "86335","2018-11-28 14:27:11","http://borich.ru/dkYtO2YM","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86335/"
 "86334","2018-11-28 14:27:09","http://shreeconstructions.co.in/737ZDAS/SEP/S6rjgxh","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/86334/"
@@ -54155,7 +54705,7 @@
 "86254","2018-11-28 11:39:06","http://goomark.com.br/default/Rechnungs-docs/Fakturierung/RechnungsDetails-OGM-46-34540","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86254/"
 "86253","2018-11-28 11:39:04","http://siamnatural.com/5769OLDEF/com/Commercial","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86253/"
 "86252","2018-11-28 11:39:02","http://westickit.be/39670QD/SWIFT/Smallbusiness","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/86252/"
-"86251","2018-11-28 11:30:14","http://xzb.198424.com/XXGSJYWGXRJ.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/86251/"
+"86251","2018-11-28 11:30:14","http://xzb.198424.com/XXGSJYWGXRJ.ZIP","online","malware_download","zip","https://urlhaus.abuse.ch/url/86251/"
 "86250","2018-11-28 11:30:04","http://178.156.202.127/woah.x64","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86250/"
 "86248","2018-11-28 11:30:03","http://178.156.202.127/woah.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86248/"
 "86249","2018-11-28 11:30:03","http://178.156.202.127/woah.spc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/86249/"
@@ -54437,7 +54987,7 @@
 "85971","2018-11-28 01:06:03","http://haganelectronics.rubickdesigns.com/8200179JLDT/WIRE/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85971/"
 "85970","2018-11-28 01:02:03","http://raquelariana.com/wp-content/0971548684.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/85970/"
 "85969","2018-11-28 00:59:02","http://leonart.lviv.ua/9UWSHN/WIRE/Commercial","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85969/"
-"85968","2018-11-28 00:56:04","http://en.worthfind.com/En/CyberMonday2018/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85968/"
+"85968","2018-11-28 00:56:04","http://en.worthfind.com/En/CyberMonday2018/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85968/"
 "85967","2018-11-28 00:54:06","http://p3.zbjimg.com/task/2009-06/29/106045/rc1veeex.rar","online","malware_download","rar","https://urlhaus.abuse.ch/url/85967/"
 "85966","2018-11-28 00:52:03","http://ts-prod-assets.tripleseat.com.s3.amazonaws.com/assets/009/074/172/Untitled-112718-980459.doc?1543298055","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/85966/"
 "85965","2018-11-28 00:51:01","http://185.22.174.139/ftp","offline","malware_download","elf","https://urlhaus.abuse.ch/url/85965/"
@@ -57077,7 +57627,7 @@
 "83283","2018-11-21 01:27:03","http://eco-spurghi.it/43RaWCLb/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/83283/"
 "83282","2018-11-21 01:27:02","http://chiantibicycles.it/kkKMa/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/83282/"
 "83281","2018-11-21 01:19:05","http://189.148.182.221:51910/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83281/"
-"83280","2018-11-21 01:19:03","http://41.32.210.2:51598/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/83280/"
+"83280","2018-11-21 01:19:03","http://41.32.210.2:51598/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/83280/"
 "83279","2018-11-21 00:57:08","http://eco-spurghi.it/43RaWCLb","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/83279/"
 "83277","2018-11-21 00:57:06","http://chiantibicycles.it/kkKMa","offline","malware_download","emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/83277/"
 "83278","2018-11-21 00:57:06","http://happinessmag.ru/mt4to008","offline","malware_download","emotet,epoch2","https://urlhaus.abuse.ch/url/83278/"
@@ -58388,7 +58938,7 @@
 "81943","2018-11-18 16:48:04","http://rucop.ru/java.dat","offline","malware_download","exe","https://urlhaus.abuse.ch/url/81943/"
 "81942","2018-11-18 16:46:01","http://92.63.197.48/m/o.exe","offline","malware_download","exe,GandCrab,Ransomware,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/81942/"
 "81941","2018-11-18 16:45:03","http://kharkiv.biz.ua/hPpD/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/81941/"
-"81940","2018-11-18 15:48:03","http://88.249.120.216:48942/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/81940/"
+"81940","2018-11-18 15:48:03","http://88.249.120.216:48942/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/81940/"
 "81939","2018-11-18 14:38:03","https://sairetail.com/wp/","offline","malware_download","None","https://urlhaus.abuse.ch/url/81939/"
 "81938","2018-11-18 14:22:03","http://5.79.106.222/bins/hoho.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/81938/"
 "81937","2018-11-18 14:22:02","http://5.79.106.222/bins/hoho.mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/81937/"
@@ -59175,7 +59725,7 @@
 "81136","2018-11-15 18:21:03","http://munimafil.cl/51945NIYCGP/PAYROLL/US/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81136/"
 "81135","2018-11-15 18:19:03","http://heramic.vn/newsletter/US/Invoices-Overdue/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81135/"
 "81134","2018-11-15 18:18:26","http://www.stra.org.my/917243KVSZZ/biz/Personal/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81134/"
-"81133","2018-11-15 18:17:05","http://sainashabake.com/wp-content/Download/EN_en/Invoice/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81133/"
+"81133","2018-11-15 18:17:05","http://sainashabake.com/wp-content/Download/EN_en/Invoice/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81133/"
 "81132","2018-11-15 18:17:03","http://brickstud.com/DOC/En_us/Paid-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81132/"
 "81131","2018-11-15 18:16:02","http://bankinsurancescore.com/wp-content/uploads/70474XZCO/SEP/Commercial/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81131/"
 "81130","2018-11-15 18:15:03","http://askaconvict.com/250345ORC/PAY/Personal/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/81130/"
@@ -59357,7 +59907,7 @@
 "80904","2018-11-15 15:37:06","http://lsa.dev.tuut.com.br/En_us/Clients_Messages/2018-11/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/80904/"
 "80903","2018-11-15 15:37:04","http://xn-----6kcctdddutktcqaek9baeg7qld.xn--j1amh/US/Clients_information/112018/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/80903/"
 "80902","2018-11-15 15:22:07","http://104.206.242.208/nwinnilog.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/80902/"
-"80901","2018-11-15 15:22:06","http://189.32.232.54:58460/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/80901/"
+"80901","2018-11-15 15:22:06","http://189.32.232.54:58460/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/80901/"
 "80900","2018-11-15 15:14:03","http://oceanicproducts.eu/ajay/ajay.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/80900/"
 "80899","2018-11-15 15:09:06","http://xwnmt.mjt.lu/lnk/AMMAAB7eKdgAAAAAAAAAAACq4NoAAAAAKs8AAAAAAAytrwBb7XuvZXGG2qpYS22Sz27NVrXMmQAMrHU/2/8OLTNpjeZl0R6wNgNOturw/aHR0cDovL2hvb29rbW9uZXkuY29tL0dVenJvb005Mw","offline","malware_download","doc","https://urlhaus.abuse.ch/url/80899/"
 "80898","2018-11-15 15:01:38","http://gramie.com/wp-content/uploads/kKww37Pjid/","offline","malware_download","emotet,epoch1,exe,heodo","https://urlhaus.abuse.ch/url/80898/"
@@ -60658,7 +61208,7 @@
 "79599","2018-11-13 22:36:45","http://vcorset.com/wp-content/uploads/LLC/US/Invoices-attached/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/79599/"
 "79598","2018-11-13 22:36:44","http://smartretail.co.za/Download/US_us/Scan/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79598/"
 "79597","2018-11-13 22:36:43","http://seegeesolutions.com/DOC/En_us/Invoices-attached/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79597/"
-"79596","2018-11-13 22:36:35","http://sainashabake.com/wp-content/47939IZ/biz/Smallbusiness/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79596/"
+"79596","2018-11-13 22:36:35","http://sainashabake.com/wp-content/47939IZ/biz/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79596/"
 "79595","2018-11-13 22:36:33","http://raidking.com/sites/En/Sales-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79595/"
 "79594","2018-11-13 22:36:32","http://raidking.com/sites/En/Sales-Invoice","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79594/"
 "79593","2018-11-13 22:36:31","http://otumfuocharityfoundation.org/LLC/En/Overdue-payment","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/79593/"
@@ -60905,7 +61455,7 @@
 "79349","2018-11-13 17:22:46","http://cdn.discordapp.com/attachments/482228034632548363/506077641061826561/doublepumpcheck.exe","offline","malware_download","exe,njRAT,rat","https://urlhaus.abuse.ch/url/79349/"
 "79348","2018-11-13 17:22:45","http://uch.my.to/503/NHYECBGDK.exe","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/79348/"
 "79347","2018-11-13 17:22:43","http://down.topsadon.com/topsadon.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/79347/"
-"79346","2018-11-13 17:22:40","http://down.webbora.com/app/pd/webbora_cope_inst.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/79346/"
+"79346","2018-11-13 17:22:40","http://down.webbora.com/app/pd/webbora_cope_inst.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/79346/"
 "79345","2018-11-13 17:22:36","http://down.topsadon.com/setup_tops01_silent.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/79345/"
 "79344","2018-11-13 17:22:32","http://rspl-sg.com/32.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/79344/"
 "79343","2018-11-13 17:22:09","http://rspl-sg.com/dio.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/79343/"
@@ -61269,7 +61819,7 @@
 "78980","2018-11-13 01:08:03","http://89.34.26.138/bins/yagi.arm5","offline","malware_download","elf","https://urlhaus.abuse.ch/url/78980/"
 "78979","2018-11-13 00:59:11","http://download.library1.org/main/331000/a0db29a0810bddb891d4a3a3574db46c/%D0%98%D0%BB%D1%8C%D0%B8%D0%BD%20%D0%90.%D0%90.-%D0%90%D0%BA%D1%83%D1%88%D0%B5%D1%80%D1%81%D1%82%D0%B2%D0%BE%20%D0%B8%20%D0%B3%D0%B8%D0%BD%D0%B5%D0%BA%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F.%20%D0%9A%D0%BE%D0%BD%D1%81%D0%BF%D0%B5%D0%BA%D1%82%20%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D0%B9-itteachvideo%20(2007).exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/78979/"
 "78978","2018-11-13 00:28:03","https://waraboo.com/0ne6CK/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/78978/"
-"78977","2018-11-13 00:28:02","http://thenutnofastflix2.com/156XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78977/"
+"78977","2018-11-13 00:28:02","http://thenutnofastflix2.com/156XKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78977/"
 "78975","2018-11-13 00:27:03","http://thenutnofastflix2.com/161XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78975/"
 "78976","2018-11-13 00:27:03","http://thenutnofastflix2.com/38XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78976/"
 "78974","2018-11-13 00:18:05","http://thenutnofastflix2.com/123XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/78974/"
@@ -62786,7 +63336,7 @@
 "77385","2018-11-09 00:42:03","http://www.sastudio.co/GgGV3mOVlN/","offline","malware_download","exe,heodo","https://urlhaus.abuse.ch/url/77385/"
 "77384","2018-11-09 00:30:34","http://berger.aero/assets/components/gallery/cache/656UC/biz/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/77384/"
 "77383","2018-11-09 00:29:09","http://96.48.32.149:63654/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/77383/"
-"77382","2018-11-09 00:29:04","http://61.219.41.50:2018/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/77382/"
+"77382","2018-11-09 00:29:04","http://61.219.41.50:2018/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/77382/"
 "77381","2018-11-09 00:22:45","http://xn--80ajabbioiffsd5b7e8c.xn--p1ai/US/Transactions/2018-11/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/77381/"
 "77380","2018-11-09 00:22:44","http://www.rcaconstrutora.com.br/EN_US/Details/2018-11/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/77380/"
 "77379","2018-11-09 00:22:43","http://www.ourys.com/En_us/ACH/11_18/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/77379/"
@@ -63629,7 +64179,7 @@
 "76521","2018-11-08 04:53:03","http://cnc.methaddict.xyz/bins/apep.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/76521/"
 "76520","2018-11-08 04:53:02","http://cnc.methaddict.xyz/bins/apep.x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/76520/"
 "76519","2018-11-08 04:52:02","http://cnc.methaddict.xyz/bins/apep.arm","offline","malware_download","elf","https://urlhaus.abuse.ch/url/76519/"
-"76518","2018-11-08 04:36:11","http://79.39.88.20:1094/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/76518/"
+"76518","2018-11-08 04:36:11","http://79.39.88.20:1094/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/76518/"
 "76517","2018-11-08 04:32:06","http://ayoobeducationaltrust.in/r4KfYtf1JX","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/76517/"
 "76516","2018-11-08 04:32:03","http://gtworldacademy.webhibe.com/JCUxhB2E","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/76516/"
 "76515","2018-11-08 04:13:17","https://www.paubox.com/attachment/M2D0xhRbJVUZ2LT87q5lmA&5db6745f7437225b8ff3ffaae6cacafc/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/76515/"
@@ -63879,7 +64429,7 @@
 "76271","2018-11-08 00:52:02","http://162.243.23.45/Download/EN_en/New-order/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/76271/"
 "76270","2018-11-08 00:47:06","http://14.249.139.35:60426/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/76270/"
 "76269","2018-11-08 00:09:02","http://rickenbbacker.westeurope.cloudapp.azure.com/cmd.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/76269/"
-"76268","2018-11-08 00:08:03","http://thenutnofastflix2.com/74XKjddnnsa.exe","online","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76268/"
+"76268","2018-11-08 00:08:03","http://thenutnofastflix2.com/74XKjddnnsa.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/76268/"
 "76267","2018-11-08 00:07:02","http://kulikovonn.ru/Download/US_us/Invoices-Overdue/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76267/"
 "76266","2018-11-08 00:06:02","http://salon-semeynaya.ru/6878768ISGB/oamo/Commercial/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/76266/"
 "76265","2018-11-08 00:00:25","http://www.waverunnerball.com/EN_US/Payments/11_18/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/76265/"
@@ -66253,7 +66803,7 @@
 "73874","2018-11-03 02:11:02","http://194.48.152.114/wget","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73874/"
 "73873","2018-11-03 00:58:05","http://lex-guard.com/prtce/redacted_email","offline","malware_download","doc","https://urlhaus.abuse.ch/url/73873/"
 "73872","2018-11-03 00:58:03","http://www.andanterondo.com/03847U9274682993772.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/73872/"
-"73870","2018-11-03 00:05:17","http://221.159.211.136:44543/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/73870/"
+"73870","2018-11-03 00:05:17","http://221.159.211.136:44543/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73870/"
 "73869","2018-11-03 00:05:08","http://114.32.245.198:36663/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73869/"
 "73868","2018-11-03 00:05:04","http://181.41.96.4:14971/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73868/"
 "73867","2018-11-02 23:22:09","http://122.116.50.23:31585/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/73867/"
@@ -68124,7 +68674,7 @@
 "71992","2018-10-29 18:02:06","http://yaticaterm.com/TYJ/wwnox.php?l=juxe1.xap","offline","malware_download","Gozi,ursnif","https://urlhaus.abuse.ch/url/71992/"
 "71991","2018-10-29 17:58:04","http://halsmku.com/z.exe","offline","malware_download","NetWire","https://urlhaus.abuse.ch/url/71991/"
 "71990","2018-10-29 17:58:03","http://halsmku.com/22.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/71990/"
-"71989","2018-10-29 17:52:06","http://191.92.234.159:30085/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71989/"
+"71989","2018-10-29 17:52:06","http://191.92.234.159:30085/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71989/"
 "71988","2018-10-29 17:52:03","http://dodhmlaethandi.com/go/file1.exe","offline","malware_download","AZORult,exe","https://urlhaus.abuse.ch/url/71988/"
 "71987","2018-10-29 17:45:08","http://167.88.124.204/galaxy.ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71987/"
 "71986","2018-10-29 17:45:07","http://194.5.98.70:4560/kat.msi","offline","malware_download","msi","https://urlhaus.abuse.ch/url/71986/"
@@ -68513,7 +69063,7 @@
 "71602","2018-10-27 19:12:03","http://69.202.198.255:62733/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71602/"
 "71601","2018-10-27 19:11:03","http://81.43.101.247:2187/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71601/"
 "71600","2018-10-27 18:26:20","http://konstar.hk/imgs/product/cleaner.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71600/"
-"71599","2018-10-27 18:26:15","http://img19.vikecn.com/Item/2010-9/16/21754940_1863593.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/71599/"
+"71599","2018-10-27 18:26:15","http://img19.vikecn.com/Item/2010-9/16/21754940_1863593.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/71599/"
 "71598","2018-10-27 17:48:04","http://46.59.101.173:63217/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71598/"
 "71597","2018-10-27 16:53:05","http://micropcsystem.com/condim/ert.exe","offline","malware_download","exe,NetWire","https://urlhaus.abuse.ch/url/71597/"
 "71596","2018-10-27 15:59:06","http://194.5.98.70:4560/fis.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/71596/"
@@ -68686,7 +69236,7 @@
 "71428","2018-10-27 00:00:03","https://gocbd.club/bu.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71428/"
 "71427","2018-10-26 22:53:04","http://79.181.92.251:43866/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71427/"
 "71426","2018-10-26 22:07:10","http://81.43.144.223:58052/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71426/"
-"71425","2018-10-26 22:07:07","http://221.167.229.24:62577/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/71425/"
+"71425","2018-10-26 22:07:07","http://221.167.229.24:62577/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71425/"
 "71424","2018-10-26 22:07:04","http://5.55.60.145:33375/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71424/"
 "71423","2018-10-26 21:16:03","http://www.xmusick.com/product/Njrat.dll","offline","malware_download","exe","https://urlhaus.abuse.ch/url/71423/"
 "71422","2018-10-26 19:57:14","http://125.166.156.219:2641/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/71422/"
@@ -69271,7 +69821,7 @@
 "70835","2018-10-24 12:55:02","https://a.doko.moe/szsqcj.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/70835/"
 "70834","2018-10-24 12:54:18","https://a.doko.moe/yfbrut.jpg","offline","malware_download","Pony","https://urlhaus.abuse.ch/url/70834/"
 "70833","2018-10-24 12:54:17","https://a.doko.moe/nhbqig.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/70833/"
-"70832","2018-10-24 12:54:16","http://itimius.com/wp-content/themes/sensible-wp/fonts/chrome.exe","offline","malware_download","Shade","https://urlhaus.abuse.ch/url/70832/"
+"70832","2018-10-24 12:54:16","http://itimius.com/wp-content/themes/sensible-wp/fonts/chrome.exe","online","malware_download","Shade","https://urlhaus.abuse.ch/url/70832/"
 "70831","2018-10-24 12:54:12","http://blissmen.com/.well-known/acme-challenge/chrome.exe","offline","malware_download","Shade","https://urlhaus.abuse.ch/url/70831/"
 "70830","2018-10-24 12:54:06","http://nauticalpromo.com/wp-includes/ID3/chrome.jpg","online","malware_download","Shade","https://urlhaus.abuse.ch/url/70830/"
 "70829","2018-10-24 12:54:02","http://ey-uk.net/lunar.pony","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/70829/"
@@ -72026,7 +72576,7 @@
 "68050","2018-10-15 09:34:03","http://w3.153.yhlg.com/UPLOADFILE/2010-7/201000569.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/68050/"
 "68049","2018-10-15 09:33:06","http://marasgezikulubu.com/wp-content/themes/twentyseventeen/inc/chrome.exe","offline","malware_download","HawkEye,Ransomware,RUS,Troldesh","https://urlhaus.abuse.ch/url/68049/"
 "68048","2018-10-15 09:33:04","http://w3.153.yhlg.com/UPLOADFILE/2007-5/ULOCK.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/68048/"
-"68047","2018-10-15 09:33:03","http://thaidocdaitrang.com/wp-includes/ID3/oplata.zip","online","malware_download","RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/68047/"
+"68047","2018-10-15 09:33:03","http://thaidocdaitrang.com/wp-includes/ID3/oplata.zip","offline","malware_download","RUS,Troldesh,zipped-JS","https://urlhaus.abuse.ch/url/68047/"
 "68046","2018-10-15 09:32:05","http://w3.153.yhlg.com/UPLOADFILE/2010-3/SMTPMAIL.RAR","offline","malware_download","rar","https://urlhaus.abuse.ch/url/68046/"
 "68045","2018-10-15 09:15:03","https://d.coka.la/0y69SI.jpg","offline","malware_download","AgentTesla,exe,rtfkit","https://urlhaus.abuse.ch/url/68045/"
 "68044","2018-10-15 09:13:02","http://142.93.138.130/ajoomk","offline","malware_download","elf","https://urlhaus.abuse.ch/url/68044/"
@@ -73198,7 +73748,7 @@
 "66864","2018-10-12 01:58:04","http://46.29.166.34/cc9mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66864/"
 "66863","2018-10-12 01:58:03","http://46.29.166.34/cc9x86","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66863/"
 "66862","2018-10-12 01:58:02","http://46.29.166.34/cc9ppc","offline","malware_download","elf","https://urlhaus.abuse.ch/url/66862/"
-"66861","2018-10-12 01:52:11","http://soft.114lk.com/wdxtbh.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/66861/"
+"66861","2018-10-12 01:52:11","http://soft.114lk.com/wdxtbh.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/66861/"
 "66860","2018-10-12 00:37:02","http://pleasureingold.de/union.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66860/"
 "66858","2018-10-12 00:27:02","http://pleasureingold.de/documento.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66858/"
 "66859","2018-10-12 00:27:02","http://pleasureingold.de/img00806.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/66859/"
@@ -76200,18 +76750,18 @@
 "63817","2018-10-03 02:21:02","http://172.245.173.145/kara.cron","offline","malware_download","elf","https://urlhaus.abuse.ch/url/63817/"
 "63816","2018-10-03 02:14:02","http://dx.qqw235.com/QQ/ddz.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/63816/"
 "63815","2018-10-03 02:13:12","http://dx.qqw235.com/QQ2/4399ssjjsjbsqfz.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/63815/"
-"63814","2018-10-03 02:13:07","http://d1.w26.cn/z1b7ap.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63814/"
+"63814","2018-10-03 02:13:07","http://d1.w26.cn/z1b7ap.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63814/"
 "63813","2018-10-03 02:12:05","http://boylondon.jaanhsoft.kr/wp-content/plugins/Order/Past-Due-invoice","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/63813/"
 "63812","2018-10-03 02:11:04","http://u2752257.ct.sendgrid.net/wf/click?upn=4LlWqy7bcWoK6cK4FQ-2FA5lPwfD6y-2B1NVIJ13U8fv2-2Fx1F5AOS0Z3aTNc5v7WuE1ZZtKgtXfVA0LU4GxLQMbt0yuiTzXIK-2BgnFYVewPjx9L4-3D_AbLK4d9y6jXb75fcPuLw9H44zY01oXPdR7YZz-2BPNj-2FkhQxKLHBemQ-2FCmmS0LcwIsLHCSKByPVvAOqMuNh7ngw282W6akGBIZa-2BMIgQ-2Fcg4wbtCYcB9mGUFAZ-2FUjs2kpHUI1u8X3O-2B-2BnKZy7WM3PN-2B5CI715w8iP8QtuiITsxzwpvmdfshJlR6-2B4M5s3fy-2F6XNkF-2BigsiY-2B-2FYEnmNlqGl6g-3D-3D","offline","malware_download","zip","https://urlhaus.abuse.ch/url/63812/"
-"63811","2018-10-03 02:04:06","http://d1.w26.cn/z1b7i.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63811/"
-"63810","2018-10-03 02:04:05","http://d1.w26.cn/b2.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63810/"
+"63811","2018-10-03 02:04:06","http://d1.w26.cn/z1b7i.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63811/"
+"63810","2018-10-03 02:04:05","http://d1.w26.cn/b2.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63810/"
 "63809","2018-10-03 02:03:08","http://dx.qqw235.com/qq1/bpqqkjyjscsszs.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/63809/"
 "63808","2018-10-03 01:57:03","http://ultigamer.com/wp-admin/includes/935VFXN/biz/Personal","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/63808/"
-"63807","2018-10-03 01:52:02","http://d1.w26.cn/16d2.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63807/"
-"63806","2018-10-03 01:51:08","http://d1.w26.cn/z2b6a.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63806/"
-"63805","2018-10-03 01:51:06","http://d1.w26.cn/z2b5.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63805/"
-"63804","2018-10-03 01:43:02","http://d1.w26.cn/lin7.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63804/"
-"63803","2018-10-03 01:42:08","http://d1.w26.cn/b1t_155.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63803/"
+"63807","2018-10-03 01:52:02","http://d1.w26.cn/16d2.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63807/"
+"63806","2018-10-03 01:51:08","http://d1.w26.cn/z2b6a.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63806/"
+"63805","2018-10-03 01:51:06","http://d1.w26.cn/z2b5.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63805/"
+"63804","2018-10-03 01:43:02","http://d1.w26.cn/lin7.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63804/"
+"63803","2018-10-03 01:42:08","http://d1.w26.cn/b1t_155.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63803/"
 "63802","2018-10-03 01:35:04","http://krasngvard-crb.belzdrav.ru/4060MJGBD/PAY/Personal","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/63802/"
 "63801","2018-10-03 01:34:08","http://dx.qqw235.com/QQ2/COMPUTERXIUFU.ZIP","offline","malware_download","zip","https://urlhaus.abuse.ch/url/63801/"
 "63800","2018-10-03 01:34:04","http://ultigamer.com/wp-admin/includes/pdf/En/Client/Account-69782","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/63800/"
@@ -76275,7 +76825,7 @@
 "63742","2018-10-02 22:26:06","https://samsclass.info/124/proj14/evil.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63742/"
 "63741","2018-10-02 22:19:06","https://samsclass.info/124/proj14/rsh-192-168-1-89.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63741/"
 "63740","2018-10-02 21:46:03","http://tunjihost.ga/svr/achilky.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/63740/"
-"63739","2018-10-02 21:33:09","http://d1.w26.cn/ab4.zip","offline","malware_download","exe","https://urlhaus.abuse.ch/url/63739/"
+"63739","2018-10-02 21:33:09","http://d1.w26.cn/ab4.zip","online","malware_download","exe","https://urlhaus.abuse.ch/url/63739/"
 "63738","2018-10-02 20:54:07","http://argamax-polymer.ru/9228897SIWZKADP/PAYROLL/Business","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/63738/"
 "63737","2018-10-02 20:54:06","http://ec2-52-27-72-148.us-west-2.compute.amazonaws.com/perumahan-baru/bundles/28-18381172624-31786532308400618.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/63737/"
 "63736","2018-10-02 20:54:02","http://164.132.159.56/drupal/2/prcsz","offline","malware_download","elf","https://urlhaus.abuse.ch/url/63736/"
@@ -79385,35 +79935,35 @@
 "60581","2018-09-25 19:43:09","http://omnigroupcapital.com/poVNoK","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/60581/"
 "60580","2018-09-25 19:43:04","http://goldenyachts.customexposure.tech/wp-content/uploads/e","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/60580/"
 "60579","2018-09-25 19:37:06","http://blog.ctiwe.com/EN_US/Payments/09_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60579/"
-"60578","2018-09-25 19:35:14","http://ossi4.51cto.com/attachment/201204/4594712_1334794324.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60578/"
-"60577","2018-09-25 19:35:11","http://ossi4.51cto.com/attachment/201206/4594712_1339214458.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60577/"
-"60576","2018-09-25 19:35:08","http://ossi4.51cto.com/attachment/201206/4594712_1339410537.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60576/"
+"60578","2018-09-25 19:35:14","http://ossi4.51cto.com/attachment/201204/4594712_1334794324.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60578/"
+"60577","2018-09-25 19:35:11","http://ossi4.51cto.com/attachment/201206/4594712_1339214458.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60577/"
+"60576","2018-09-25 19:35:08","http://ossi4.51cto.com/attachment/201206/4594712_1339410537.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60576/"
 "60575","2018-09-25 19:34:05","http://share.dmca.gripe/DjKborKt6xziHP7p.jpg","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/60575/"
 "60574","2018-09-25 19:33:06","http://share.dmca.gripe/9iT9fGX4Fxyy9QzF.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/60574/"
-"60573","2018-09-25 19:33:03","http://ossi4.51cto.com/attachment/201206/4594712_1338940618.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60573/"
+"60573","2018-09-25 19:33:03","http://ossi4.51cto.com/attachment/201206/4594712_1338940618.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60573/"
 "60572","2018-09-25 19:32:07","https://share.dmca.gripe/t6p7tMewNILQ7aS5.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/60572/"
-"60571","2018-09-25 19:32:02","http://ossi4.51cto.com/attachment/201205/4594712_1337902068.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60571/"
+"60571","2018-09-25 19:32:02","http://ossi4.51cto.com/attachment/201205/4594712_1337902068.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60571/"
 "60570","2018-09-25 19:31:11","https://mhdaaikash-dot-yamm-track.appspot.com/Redirect?ukey=1sslm86aJS3is-9swoOGl2979wtRj1U7o7AnakUUnAuc-0&key=YAMMID-98993792&link=https://a.doko.moe/aeiwgt.rar","offline","malware_download","rar","https://urlhaus.abuse.ch/url/60570/"
-"60569","2018-09-25 19:31:08","http://ossi4.51cto.com/attachment/201206/4594712_1339042034.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60569/"
-"60568","2018-09-25 19:31:06","http://ossi4.51cto.com/attachment/201204/4594712_1335670976.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60568/"
+"60569","2018-09-25 19:31:08","http://ossi4.51cto.com/attachment/201206/4594712_1339042034.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60569/"
+"60568","2018-09-25 19:31:06","http://ossi4.51cto.com/attachment/201204/4594712_1335670976.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60568/"
 "60567","2018-09-25 19:21:05","http://107.as7x.com/dl/dlhost.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60567/"
-"60566","2018-09-25 19:20:19","http://ossi4.51cto.com/attachment/201206/4594712_1338596584.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60566/"
-"60565","2018-09-25 19:20:14","http://ossi4.51cto.com/attachment/201206/4594712_1339151181.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60565/"
+"60566","2018-09-25 19:20:19","http://ossi4.51cto.com/attachment/201206/4594712_1338596584.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60566/"
+"60565","2018-09-25 19:20:14","http://ossi4.51cto.com/attachment/201206/4594712_1339151181.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60565/"
 "60564","2018-09-25 19:20:08","https://share.dmca.gripe/nm8RMge45dQBQzB9.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/60564/"
-"60563","2018-09-25 19:19:16","http://ossi4.51cto.com/attachment/201205/4594712_1337853814.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60563/"
+"60563","2018-09-25 19:19:16","http://ossi4.51cto.com/attachment/201205/4594712_1337853814.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60563/"
 "60562","2018-09-25 19:19:08","https://share.dmca.gripe/hse8kCbL0OXVGnSW.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/60562/"
 "60561","2018-09-25 19:19:05","http://korneliaorban.com/193473F/biz/Smallbusiness","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60561/"
 "60560","2018-09-25 19:18:17","http://share.dmca.gripe/henfdEpyk9Yplp3z.jpg","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/60560/"
 "60559","2018-09-25 19:18:11","https://share.dmca.gripe/yveiGxHjVryuL4Pc.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/60559/"
 "60558","2018-09-25 19:18:04","http://share.dmca.gripe/qme77QbwSuvsExS2.jpg","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/60558/"
-"60557","2018-09-25 19:17:10","http://ossi4.51cto.com/attachment/201205/4594712_1336127240.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60557/"
-"60556","2018-09-25 19:17:03","http://ossi4.51cto.com/attachment/201206/4594712_1339456815.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60556/"
-"60555","2018-09-25 19:16:31","http://ossi4.51cto.com/attachment/201206/4594712_1338631130.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60555/"
+"60557","2018-09-25 19:17:10","http://ossi4.51cto.com/attachment/201205/4594712_1336127240.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60557/"
+"60556","2018-09-25 19:17:03","http://ossi4.51cto.com/attachment/201206/4594712_1339456815.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60556/"
+"60555","2018-09-25 19:16:31","http://ossi4.51cto.com/attachment/201206/4594712_1338631130.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60555/"
 "60554","2018-09-25 19:16:26","https://share.dmca.gripe/IHoGaqLXOcFi9khV.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/60554/"
-"60553","2018-09-25 19:16:17","http://ossi4.51cto.com/attachment/201205/4594712_1337420961.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60553/"
-"60552","2018-09-25 19:04:03","http://ossi4.51cto.com/attachment/201205/4594712_1338219299.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60552/"
+"60553","2018-09-25 19:16:17","http://ossi4.51cto.com/attachment/201205/4594712_1337420961.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60553/"
+"60552","2018-09-25 19:04:03","http://ossi4.51cto.com/attachment/201205/4594712_1338219299.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60552/"
 "60551","2018-09-25 19:03:13","http://share.dmca.gripe/Z835aTaxOFpEun0t.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/60551/"
-"60550","2018-09-25 19:03:08","http://ossi4.51cto.com/attachment/201206/5305206_1339979954.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/60550/"
+"60550","2018-09-25 19:03:08","http://ossi4.51cto.com/attachment/201206/5305206_1339979954.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60550/"
 "60549","2018-09-25 19:01:38","http://lyfamilydaycare.com/5xGRTav8N","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/60549/"
 "60548","2018-09-25 19:01:32","http://izzylight.com/PGO7xrJ","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/60548/"
 "60547","2018-09-25 19:01:20","http://stemcellsgrownewhair.com/o26D8HJ","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/60547/"
@@ -79631,10 +80181,10 @@
 "60334","2018-09-25 13:19:19","http://daffodilssurguja.com/EN_US/Documents/092018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60334/"
 "60333","2018-09-25 13:19:14","http://nutraceptic.com/EN_US/Clients/09_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60333/"
 "60332","2018-09-25 13:19:07","http://finnessemedia.com/files/En_us/Invoice-6078200","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60332/"
-"60331","2018-09-25 13:17:26","http://11.gxdx2.crsky.com/201305/lmqqkjqnw-v1.1.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/60331/"
+"60331","2018-09-25 13:17:26","http://11.gxdx2.crsky.com/201305/lmqqkjqnw-v1.1.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/60331/"
 "60330","2018-09-25 13:17:16","http://11.gxdx2.crsky.com/201107/qqzjqqsqgj-v5.6.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/60330/"
 "60329","2018-09-25 13:04:03","http://ruralinnovationfund.varadev.com/scan/EN_en/Paid-Invoices/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60329/"
-"60328","2018-09-25 12:54:42","http://11.gxdx2.crsky.com/201310/qqegsq-v1.0.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/60328/"
+"60328","2018-09-25 12:54:42","http://11.gxdx2.crsky.com/201310/qqegsq-v1.0.zip","offline","malware_download","zip","https://urlhaus.abuse.ch/url/60328/"
 "60327","2018-09-25 12:51:08","http://quangngoc.vn/US/Documents/09_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60327/"
 "60326","2018-09-25 12:44:06","http://irmaospereira.com.br/EN_US/Payments/09_18","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60326/"
 "60325","2018-09-25 12:33:07","http://oracle-business.com/compliance.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/60325/"
@@ -79705,7 +80255,7 @@
 "60256","2018-09-25 09:50:57","http://criamaiscomunicacao.com.br/32604U/identity/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60256/"
 "60255","2018-09-25 09:50:50","http://pornbeam.com/wp-content/uploads/Sep2018/US/ACH-form","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60255/"
 "60250","2018-09-25 09:49:07","http://cooperativaauroraalimentos.com/En_us/ATTACHMENTS/09_18","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/60250/"
-"60249","2018-09-25 09:37:20","http://118.99.239.217:3972/.i","online","malware_download","elf","https://urlhaus.abuse.ch/url/60249/"
+"60249","2018-09-25 09:37:20","http://118.99.239.217:3972/.i","offline","malware_download","elf","https://urlhaus.abuse.ch/url/60249/"
 "60248","2018-09-25 09:37:06","http://ccdwdelaware.com/default/En/Past-Due-Invoices","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60248/"
 "60247","2018-09-25 09:29:04","http://78.142.19.81/yakuza.i586","offline","malware_download","elf","https://urlhaus.abuse.ch/url/60247/"
 "60246","2018-09-25 09:28:19","http://81.4.107.104/cc9mips","offline","malware_download","elf","https://urlhaus.abuse.ch/url/60246/"
@@ -79954,12 +80504,12 @@
 "60002","2018-09-24 21:42:03","http://pbt-demo.web2de.com/LLC/US_us/Invoices-attached","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/60002/"
 "60001","2018-09-24 21:41:04","http://mbr.kill0604.ru/upsnew2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/60001/"
 "60000","2018-09-24 21:26:06","http://67.21.81.79/dtacard.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/60000/"
-"59999","2018-09-24 21:25:35","http://soft.duote.com.cn/sycpdf_1.0.0.0.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59999/"
+"59999","2018-09-24 21:25:35","http://soft.duote.com.cn/sycpdf_1.0.0.0.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59999/"
 "59998","2018-09-24 21:25:09","http://dc.amegt.com/wp-content/sites/En/New-Order-Upcoming/Invoice","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59998/"
 "59997","2018-09-24 21:24:10","http://hotellaspalmashmo.com/92WKNDMR/PAYMENT/Smallbusiness","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59997/"
 "59996","2018-09-24 21:24:05","http://67.21.81.79/datacard.doc","offline","malware_download","RTF","https://urlhaus.abuse.ch/url/59996/"
 "59995","2018-09-24 21:23:53","http://www.skayweb.com/rr.exe","offline","malware_download","exe,ImminentRAT","https://urlhaus.abuse.ch/url/59995/"
-"59994","2018-09-24 21:23:42","http://soft.duote.com.cn/wyzdjk_7.2.0.2.exe","online","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/59994/"
+"59994","2018-09-24 21:23:42","http://soft.duote.com.cn/wyzdjk_7.2.0.2.exe","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/59994/"
 "59993","2018-09-24 21:21:15","http://manatour.cl/pdf/EN_en/Invoice-for-sent/Invoice-92978","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59993/"
 "59992","2018-09-24 21:21:04","http://manatour.cl/DOC/New-Invoice-EI1978-AT-5653","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/59992/"
 "59991","2018-09-24 21:20:07","http://hd.pe/470076SC/ACH/Smallbusiness/","offline","malware_download","doc","https://urlhaus.abuse.ch/url/59991/"
@@ -79972,10 +80522,10 @@
 "59984","2018-09-24 21:09:17","http://hukuki.site/LLC/US/Paid-Invoice","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59984/"
 "59983","2018-09-24 21:09:12","http://weinraub.net/helpdesk/default/En/Outstanding-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59983/"
 "59982","2018-09-24 21:09:05","http://diainc.com/Document/EN_en/Past-Due-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/59982/"
-"59980","2018-09-24 21:07:09","http://soft.duote.com.cn/ddmfwifi_1.1.5.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59980/"
+"59980","2018-09-24 21:07:09","http://soft.duote.com.cn/ddmfwifi_1.1.5.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59980/"
 "59979","2018-09-24 21:02:03","http://aluigi.altervista.org/poc/dirtysky.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59979/"
 "59978","2018-09-24 21:00:11","http://aluigi.altervista.org/poc/ut2004null.zip","online","malware_download","zip","https://urlhaus.abuse.ch/url/59978/"
-"59977","2018-09-24 20:48:58","http://ossi4.51cto.com/attachment/201203/4594712_1333015433.rar","online","malware_download","exe","https://urlhaus.abuse.ch/url/59977/"
+"59977","2018-09-24 20:48:58","http://ossi4.51cto.com/attachment/201203/4594712_1333015433.rar","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59977/"
 "59976","2018-09-24 20:48:03","http://gelecekdiyarbakirsigorta.com/bnm4y","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59976/"
 "59975","2018-09-24 20:47:07","http://107.as7x.com/dl/dlhost2.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/59975/"
 "59974","2018-09-24 20:47:05","http://isis.com.ar/llaves/53-55319.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59974/"
@@ -80656,7 +81206,7 @@
 "59295","2018-09-23 20:41:17","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/inf.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59295/"
 "59294","2018-09-23 20:41:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/car.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59294/"
 "59293","2018-09-23 20:41:02","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/jiz.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/59293/"
-"59292","2018-09-23 20:40:49","http://soft.duote.com.cn/baohusan_1.4.3.3.exe","online","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/59292/"
+"59292","2018-09-23 20:40:49","http://soft.duote.com.cn/baohusan_1.4.3.3.exe","offline","malware_download","exe,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/59292/"
 "59291","2018-09-23 20:25:12","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/joo.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59291/"
 "59290","2018-09-23 20:25:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/jizz.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59290/"
 "59289","2018-09-23 20:25:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/new/md.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/59289/"
@@ -81589,7 +82139,7 @@
 "58346","2018-09-20 16:51:10","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/okey.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58346/"
 "58345","2018-09-20 16:51:09","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/mi.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58345/"
 "58344","2018-09-20 16:51:08","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/jiz.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58344/"
-"58343","2018-09-20 16:51:07","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/jinj.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58343/"
+"58343","2018-09-20 16:51:07","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/jinj.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58343/"
 "58342","2018-09-20 16:51:06","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/fran.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58342/"
 "58341","2018-09-20 16:51:04","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/fine.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58341/"
 "58340","2018-09-20 16:51:02","http://medicalfarmitalia.it/themes/theme1197/modules/blocklink/translations/apps/figg.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/58340/"
@@ -82716,7 +83266,7 @@
 "57201","2018-09-17 18:35:27","http://birmetalciningezinotlari.com/8NE/PAYROLL/Cpf2tl","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57201/"
 "57200","2018-09-17 18:35:17","http://betwext.com/PTa1a1aF","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57200/"
 "57199","2018-09-17 18:35:08","http://brkini.net/Rfb","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/57199/"
-"57198","2018-09-17 18:32:03","http://van-wonders.co.uk/wwvvv/862RNNE/73846WN/com/US/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/57198/"
+"57198","2018-09-17 18:32:03","http://van-wonders.co.uk/wwvvv/862RNNE/73846WN/com/US/","online","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/57198/"
 "57197","2018-09-17 18:31:18","http://www.ultigamer.com/wp-admin/includes/216ZVOKXLK/PAY/Business","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/57197/"
 "57196","2018-09-17 18:31:12","http://www.thefxgroup.co.za/Document/EN_en/Paid-Invoice-Credit-Card-Receipt","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/57196/"
 "57195","2018-09-17 18:31:09","http://roingenieria.cl/files/US/Invoice-for-you","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/57195/"
@@ -82981,7 +83531,7 @@
 "56936","2018-09-17 11:28:06","http://pasoprage.nl/CYcS488Bs","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/56936/"
 "56935","2018-09-17 11:28:05","http://grupoperfetto.com.br/k0K5MRB","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/56935/"
 "56934","2018-09-17 10:21:05","https://b.coka.la/yU0VkC.jpg","offline","malware_download","exe,HawkEye","https://urlhaus.abuse.ch/url/56934/"
-"56933","2018-09-17 09:44:10","https://archiware.ir/t.doc","online","malware_download","AgentTesla,Loki,RTF","https://urlhaus.abuse.ch/url/56933/"
+"56933","2018-09-17 09:44:10","https://archiware.ir/t.doc","offline","malware_download","AgentTesla,Loki,RTF","https://urlhaus.abuse.ch/url/56933/"
 "56932","2018-09-17 09:44:05","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/delta.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56932/"
 "56931","2018-09-17 09:11:41","http://astreya.info/c2OoZfai","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/56931/"
 "56930","2018-09-17 09:11:31","http://nisho.us/zByygNwnrw","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/56930/"
@@ -83006,7 +83556,7 @@
 "56910","2018-09-17 07:50:08","http://mymt.jp/AckXZnzG","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/56910/"
 "56909","2018-09-17 06:58:08","http://bhbeautyempire.com/newsletter/En/Invoice","offline","malware_download","doc,heodo,Sonbokli","https://urlhaus.abuse.ch/url/56909/"
 "56908","2018-09-17 06:30:10","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/jiz.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56908/"
-"56907","2018-09-17 06:30:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/agg.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56907/"
+"56907","2018-09-17 06:30:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/agg.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56907/"
 "56906","2018-09-17 06:30:08","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/bre.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/56906/"
 "56905","2018-09-17 06:30:04","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/sodo.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56905/"
 "56904","2018-09-17 06:23:08","http://htt.nu/nW8b4","offline","malware_download","AgentTesla,embedded,equation,exe,Loki,RTF","https://urlhaus.abuse.ch/url/56904/"
@@ -83524,7 +84074,7 @@
 "56388","2018-09-14 05:43:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/whe.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56388/"
 "56387","2018-09-14 05:43:08","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/france.exe","online","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/56387/"
 "56386","2018-09-14 05:43:07","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/off.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56386/"
-"56385","2018-09-14 05:43:06","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/bree.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56385/"
+"56385","2018-09-14 05:43:06","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/bree.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56385/"
 "56384","2018-09-14 05:43:05","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/ioa.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56384/"
 "56383","2018-09-14 05:43:04","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/oke.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56383/"
 "56382","2018-09-14 05:43:02","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/ago.exe","online","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/56382/"
@@ -83783,7 +84333,7 @@
 "56105","2018-09-13 08:02:54","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/fig.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/56105/"
 "56104","2018-09-13 08:02:52","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/fine.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/56104/"
 "56103","2018-09-13 08:02:51","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/fran.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/56103/"
-"56102","2018-09-13 08:02:50","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/ike.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/56102/"
+"56102","2018-09-13 08:02:50","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/ike.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/56102/"
 "56101","2018-09-13 08:02:48","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/inf.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/56101/"
 "56100","2018-09-13 08:02:47","http://zenshinonline.ru/two/jon001.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/56100/"
 "56099","2018-09-13 08:02:40","https://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/jin.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/56099/"
@@ -84091,7 +84641,7 @@
 "55797","2018-09-13 05:35:32","http://cdlingju.com/67785EJHHZSI/PAY/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55797/"
 "55796","2018-09-13 05:35:29","http://casellamoving.com/69VQINXXJO/PAYROLL/Smallbusiness","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55796/"
 "55795","2018-09-13 05:35:26","http://capstonetech.co.zw/9118156LB/PAY/US/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55795/"
-"55794","2018-09-13 05:35:24","http://camerathongminh.com.vn/Download/EN_en/Invoice-Number-09577/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55794/"
+"55794","2018-09-13 05:35:24","http://camerathongminh.com.vn/Download/EN_en/Invoice-Number-09577/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55794/"
 "55793","2018-09-13 05:35:17","http://bytosti.cz/4683176OKAZJNAX/BIZ/US/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/55793/"
 "55792","2018-09-13 05:35:15","http://byacademy.fr/9VPE/com/Personal/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55792/"
 "55791","2018-09-13 05:35:13","http://byacademy.fr/8706937YGVMNXM/PAYMENT/Smallbusiness","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/55791/"
@@ -84199,7 +84749,7 @@
 "55686","2018-09-12 18:34:09","http://v454vd9o8wzuwz.com/RTT/opanskot.php?l=targa2.tkn","offline","malware_download","exe,ursnif","https://urlhaus.abuse.ch/url/55686/"
 "55685","2018-09-12 18:33:09","http://1h5ofqpfubd1b.com/RTT/opanskot.php?l=zime2.tkn","offline","malware_download","exe,Gozi,ursnif","https://urlhaus.abuse.ch/url/55685/"
 "55684","2018-09-12 18:31:34","http://enduuyyhgeetyasd.com/RTT/opanskot.php?l=omg7.tkn","offline","malware_download","exe,ursnif","https://urlhaus.abuse.ch/url/55684/"
-"55683","2018-09-12 18:30:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/inf.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/55683/"
+"55683","2018-09-12 18:30:09","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/inf.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/55683/"
 "55682","2018-09-12 18:30:07","http://medicalfarmitalia.it/themes/theme1197/modules/blockcurrencies/translations/files/inf.doc","offline","malware_download","None","https://urlhaus.abuse.ch/url/55682/"
 "55681","2018-09-12 18:29:07","http://4jt4l032ayqiw.com/RTT/opanskot.php?l=zime5.tkn","offline","malware_download","exe,Gozi,ursnif","https://urlhaus.abuse.ch/url/55681/"
 "55680","2018-09-12 18:10:20","http://karpiel.info.pl/QS6o3Vr/","offline","malware_download","AgentTesla,emotet,exe,heodo","https://urlhaus.abuse.ch/url/55680/"
@@ -86190,7 +86740,7 @@
 "53656","2018-09-07 20:19:15","http://allstateelectrical.contractors/5rVKD4ajRO","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/53656/"
 "53655","2018-09-07 20:19:12","http://reliablefenceli.wevportfolio.com/KP7OVR5z","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/53655/"
 "53654","2018-09-07 20:19:10","http://first-base-online.co.uk/jw1irZN3Ug","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/53654/"
-"53653","2018-09-07 20:19:08","http://application.cravingsgroup.com/89ZIgSfO4","online","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/53653/"
+"53653","2018-09-07 20:19:08","http://application.cravingsgroup.com/89ZIgSfO4","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/53653/"
 "53652","2018-09-07 20:19:06","http://a1hydraulics.in/wqeDAvng3","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/53652/"
 "53651","2018-09-07 20:01:08","http://hufa.hueuni.edu.vn/Backup_T10_2017/wp-content/scan/En/Inv-423283-PO-7M030545/","offline","malware_download","doc,heodo","https://urlhaus.abuse.ch/url/53651/"
 "53650","2018-09-07 19:41:20","http://eu-easy.com/3OEHTKRLP/BIZ/Commercial","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/53650/"
@@ -87766,7 +88316,7 @@
 "52045","2018-09-05 10:53:03","http://kalameafoods.gr/supetre.orau","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/52045/"
 "52044","2018-09-05 10:45:24","http://com2c.com.au/filehome/mettu.exe","offline","malware_download","exe,Loki,Trickbot","https://urlhaus.abuse.ch/url/52044/"
 "52043","2018-09-05 10:45:20","http://cdn.discordapp.com/attachments/454788938331324428/457185831904608286/WindowsApp17.exe","offline","malware_download","js,nemucod,njRAT","https://urlhaus.abuse.ch/url/52043/"
-"52042","2018-09-05 10:45:19","http://epta.co.id/web/1.exe","online","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/52042/"
+"52042","2018-09-05 10:45:19","http://epta.co.id/web/1.exe","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/52042/"
 "52041","2018-09-05 10:45:14","http://154.85.55.50/mrstep/mrstep.exe","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/52041/"
 "52040","2018-09-05 10:45:11","http://wfdblinds.com/kc.exe","offline","malware_download","exe,Loki,Trickbot","https://urlhaus.abuse.ch/url/52040/"
 "52039","2018-09-05 10:45:09","http://inktaceu.com/zz/wa.exe","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/52039/"
@@ -89319,7 +89869,7 @@
 "50477","2018-09-01 05:29:12","http://jppygfot.sha58.me/d239ec5a21e71059cb8106851869b7a6/LkV8/9NAbz/eitczeqhbw10054.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50477/"
 "50476","2018-09-01 05:29:10","http://umzdjymq.sha58.me/3cbbc9e91d9d5571823ef933a357f371/SVb3/h953p/catsannubl10080.apk","offline","malware_download","zip","https://urlhaus.abuse.ch/url/50476/"
 "50475","2018-09-01 05:29:06","http://caferaa.com/CcCaDi.html","offline","malware_download","None","https://urlhaus.abuse.ch/url/50475/"
-"50474","2018-09-01 05:29:01","http://down10b.zol.com.cn/zoldownload/rdvideo8.2at81_327255.exe","offline","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/50474/"
+"50474","2018-09-01 05:29:01","http://down10b.zol.com.cn/zoldownload/rdvideo8.2at81_327255.exe","online","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/50474/"
 "50473","2018-09-01 05:28:51","http://180.153.105.169/dlied6.qq.com/invc/conn_android/drivers/PhoneDockInstaller_5.8.0.6.exe?mkey=5b70c60f0219b226&f=a122&c=0&p=.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/50473/"
 "50472","2018-09-01 05:28:36","http://6ip.us/","offline","malware_download","None","https://urlhaus.abuse.ch/url/50472/"
 "50471","2018-09-01 05:28:29","http://down.wlds.net/mtv_setup.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/50471/"
@@ -89914,7 +90464,7 @@
 "49878","2018-08-31 05:05:08","http://kandidat-poprad.sk/095881K/SWIFT/Personal","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/49878/"
 "49877","2018-08-31 05:05:07","http://kanaangroupsociety.com/2SBKMMCM/PAYMENT/US","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/49877/"
 "49876","2018-08-31 05:05:01","http://kalif-law.co.il/1313564BZU/com/Business","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/49876/"
-"49875","2018-08-31 05:04:59","http://j610033.myjino.ru/357YCZFSSA/WIRE/US","online","malware_download","emotet","https://urlhaus.abuse.ch/url/49875/"
+"49875","2018-08-31 05:04:59","http://j610033.myjino.ru/357YCZFSSA/WIRE/US","offline","malware_download","emotet","https://urlhaus.abuse.ch/url/49875/"
 "49874","2018-08-31 05:04:58","http://ironspot.com/81939ZEL/PAYROLL/US","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/49874/"
 "49873","2018-08-31 05:04:57","http://imish.ru/4405167RXOQ/BIZ/Business","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/49873/"
 "49872","2018-08-31 05:04:55","http://huseyintoz.com/2Y/BIZ/Business","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/49872/"
@@ -90404,7 +90954,7 @@
 "49385","2018-08-30 06:35:50","http://elista-gs.ru/Corporation/En/Service-Invoice","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49385/"
 "49384","2018-08-30 06:35:49","http://e3dai.com/default/En/Outstanding-Invoices/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49384/"
 "49383","2018-08-30 06:35:48","http://dwtdehradun.org/739352HKSPVJBC/PAYROLL/Commercial/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49383/"
-"49382","2018-08-30 06:35:45","http://duratransgroup.com/561613UXJ/oamo/US/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49382/"
+"49382","2018-08-30 06:35:45","http://duratransgroup.com/561613UXJ/oamo/US/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49382/"
 "49381","2018-08-30 06:35:44","http://duanvinhomeshanoi.net/80214VZYVFNS/PAY/Personal/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49381/"
 "49380","2018-08-30 06:35:41","http://doctoradmin.joinw3.com/default/EN_en/Invoice-for-you/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49380/"
 "49379","2018-08-30 06:35:39","http://djsomali.com/8MOIPWQM/SWIFT/Smallbusiness/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/49379/"
@@ -91965,7 +92515,7 @@
 "47800","2018-08-27 08:08:07","https://morenetend.com/public/demo.php2","offline","malware_download","AUS,Gozi,ursnif","https://urlhaus.abuse.ch/url/47800/"
 "47799","2018-08-27 08:03:16","https://goo-s.mn/benzeco.exe","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/47799/"
 "47798","2018-08-27 08:03:09","http://goo-s.mn/benzeco.exe","offline","malware_download","exe,Loki,lokibot","https://urlhaus.abuse.ch/url/47798/"
-"47797","2018-08-27 08:00:09","http://watchdogdns.duckdns.org/mrd.exe","offline","malware_download","exe,HawkEye,LimeRAT,NetWire,QuasarRAT,rat,RemcosRAT","https://urlhaus.abuse.ch/url/47797/"
+"47797","2018-08-27 08:00:09","http://watchdogdns.duckdns.org/mrd.exe","online","malware_download","exe,HawkEye,LimeRAT,NetWire,QuasarRAT,rat,RemcosRAT","https://urlhaus.abuse.ch/url/47797/"
 "47796","2018-08-27 07:52:07","https://goo-s.mn/benzecohta.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/47796/"
 "47795","2018-08-27 07:52:05","http://goo-s.mn/benzecohta.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/47795/"
 "47794","2018-08-27 07:51:05","http://obsidian.su/files/hvnc.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/47794/"
@@ -93525,7 +94075,7 @@
 "46231","2018-08-22 22:20:36","http://enckell.se/353JSAUPONF/PAY/Personal/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46231/"
 "46230","2018-08-22 22:20:35","http://ehisblogtutorial.tk/w9StIuEAsC/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46230/"
 "46229","2018-08-22 22:20:34","http://eatlocalco.com/Document/US_us/6-Past-Due-Invoices","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46229/"
-"46228","2018-08-22 22:20:32","http://duratransgroup.com/umFXhtZDb4V1j/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46228/"
+"46228","2018-08-22 22:20:32","http://duratransgroup.com/umFXhtZDb4V1j/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46228/"
 "46227","2018-08-22 22:20:30","http://dpicenter.edu.vn/fb-sdk/77071DC/7YQNN/biz/Personal/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46227/"
 "46226","2018-08-22 22:20:23","http://doctoradmin.joinw3.com/newsletter/US/Summit-Companies-Invoice-76119041/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46226/"
 "46225","2018-08-22 22:20:21","http://docs.qualva.io/FILE/En/Invoice-for-you","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/46225/"
@@ -95599,7 +96149,7 @@
 "44139","2018-08-17 20:53:23","http://medlem.dsvu.dk/0313412S/oamo/Commercial/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44139/"
 "44138","2018-08-17 20:53:22","http://mandalikawisata.com/4ERQDJY/com/Smallbusiness/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44138/"
 "44137","2018-08-17 20:53:16","http://majulia.com/1OV/ACH/US/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44137/"
-"44136","2018-08-17 20:53:14","http://luyenthitoefl.net/wp-content/uploads/9MS/PAYMENT/Commercial/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44136/"
+"44136","2018-08-17 20:53:14","http://luyenthitoefl.net/wp-content/uploads/9MS/PAYMENT/Commercial/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44136/"
 "44135","2018-08-17 20:53:12","http://konsepmedya.net/wp-includes/252EMNPEAJ/oamo/US/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44135/"
 "44134","2018-08-17 20:53:11","http://keokukstpaulucc.org/WellsFargo/com/US/Aug-15-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44134/"
 "44133","2018-08-17 20:53:08","http://itlanguage.co.uk/20797G/SWIFT/Commercial/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/44133/"
@@ -96510,7 +97060,7 @@
 "43228","2018-08-15 15:45:46","http://videofootball.ru/wp-content/plugins/order-categories/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/43228/"
 "43227","2018-08-15 15:45:45","http://tmpressio.org/wp-content/plugins/pirate-forms/includes/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/43227/"
 "43226","2018-08-15 15:45:44","http://mikaelraad.com/wp-content/plugins/custom-login-page/2","offline","malware_download","None","https://urlhaus.abuse.ch/url/43226/"
-"43225","2018-08-15 15:45:43","http://clinicasense.com/wp-content/plugins/redux-framework/codestyles/1","online","malware_download","None","https://urlhaus.abuse.ch/url/43225/"
+"43225","2018-08-15 15:45:43","http://clinicasense.com/wp-content/plugins/redux-framework/codestyles/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/43225/"
 "43224","2018-08-15 15:45:40","http://yustina.com.ua/wp-content/plugins/duplicate-post/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/43224/"
 "43223","2018-08-15 15:45:38","http://videofootball.ru/wp-content/plugins/order-categories/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/43223/"
 "43222","2018-08-15 15:45:37","http://tmpressio.org/wp-content/plugins/pirate-forms/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/43222/"
@@ -97527,7 +98077,7 @@
 "42206","2018-08-14 04:20:43","http://buhta-krasnoe.ru/Aug2018/US_us/Statement/Pay-Invoice/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/42206/"
 "42205","2018-08-14 04:20:42","http://buanahelindo.com/3HPAY/KDIN2530085COPD/Aug-11-2018-612671/WP-HPT/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/42205/"
 "42204","2018-08-14 04:20:40","http://btbengineering.pl/980LSFILE/MSPP45158664812LFUYK/28804719136/JI-MXHP/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42204/"
-"42203","2018-08-14 04:20:09","http://brunotalledo.com/Aug2018/EN_en/OVERDUE-ACCOUNT/Invoice-680379/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42203/"
+"42203","2018-08-14 04:20:09","http://brunotalledo.com/Aug2018/EN_en/OVERDUE-ACCOUNT/Invoice-680379/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42203/"
 "42202","2018-08-14 04:20:06","http://breastaesthetic.com/WellsFargo/Smallbusiness/Aug-13-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42202/"
 "42201","2018-08-14 04:19:57","http://bodoshopy.com/6WTTCARD/CGP922227YUFDIZ/Aug-11-2018-835877/SCVF-HJYG-Aug-11-2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42201/"
 "42200","2018-08-14 04:19:56","http://blueit04ec.com/default/En_us/Invoice/Payment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42200/"
@@ -97660,7 +98210,7 @@
 "42073","2018-08-13 22:20:16","http://solutiontools.net/files/US_us/STATUS/Past-Due-invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42073/"
 "42072","2018-08-13 22:20:15","http://solutiontools.net/doc/US_us/INVOICE-STATUS/Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42072/"
 "42071","2018-08-13 22:20:13","http://solutiontools.net/doc/US_us/INVOICE-STATUS/Invoice","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42071/"
-"42070","2018-08-13 22:20:11","http://sohointeriors.org/7XVRFILE/LLT02809CVJQ/Aug-10-2018-902986848/RMI-IMR/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42070/"
+"42070","2018-08-13 22:20:11","http://sohointeriors.org/7XVRFILE/LLT02809CVJQ/Aug-10-2018-902986848/RMI-IMR/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42070/"
 "42069","2018-08-13 22:20:10","http://sockmaniacs.com/842YCACH/NLG295677DZ/Aug-10-2018-99472628/HAHL-XIW-Aug-10-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42069/"
 "42068","2018-08-13 22:20:08","http://snowdoll.net/879VFILE/BS621672BBTJX/Aug-08-2018-54868/SNP-EMW/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/42068/"
 "42067","2018-08-13 22:20:06","http://sisco.website/Wellsfargo/Personal/Aug-13-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42067/"
@@ -97723,7 +98273,7 @@
 "42010","2018-08-13 22:17:19","http://mattke.biz/53GDownload/DRB7361142KLTKCM/83254/IZ-GAK","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/42010/"
 "42009","2018-08-13 22:17:18","http://maskotmeyvepresi.com/2JTJFILE/PN518760660R/336112/VOFH-XAWAO","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42009/"
 "42008","2018-08-13 22:17:16","http://majulia.com/229LPAYMENT/WTO683458T/4487392336/UO-HOIA-Aug-10-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42008/"
-"42007","2018-08-13 22:17:13","http://luyenthitoefl.net/wp-content/uploads/Aug2018/US/INVOICE-STATUS/Invoice-325532470-081018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42007/"
+"42007","2018-08-13 22:17:13","http://luyenthitoefl.net/wp-content/uploads/Aug2018/US/INVOICE-STATUS/Invoice-325532470-081018/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42007/"
 "42006","2018-08-13 22:17:09","http://luxvilla.vn/5HCPAY/KQVZ22358315TZCIV/3632877311/UT-YKUBR/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42006/"
 "42005","2018-08-13 22:17:06","http://lunacine.com/newsletter/EN_en/OVERDUE-ACCOUNT/Invoice-194021898-081318/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42005/"
 "42004","2018-08-13 22:17:04","http://lunacine.com/0AUOPAYMENT/JXX9435544HRKKKP/1534196268/TDAE-GNXZV-Aug-11-2018","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/42004/"
@@ -98236,7 +98786,7 @@
 "41489","2018-08-13 10:45:07","https://www.caterlindo.co.id/blog/wp-admin/includes/_output6782F10.exe","offline","malware_download","emotet,exe,Formbook","https://urlhaus.abuse.ch/url/41489/"
 "41488","2018-08-13 10:31:11","https://posta.co.tz/network/cb-2018%20mandate-pdf.jar","online","malware_download","jar","https://urlhaus.abuse.ch/url/41488/"
 "41487","2018-08-13 10:31:08","https://posta.co.tz/network/List0fNames2018-pdf.jar","online","malware_download","jar","https://urlhaus.abuse.ch/url/41487/"
-"41486","2018-08-13 10:31:06","https://posta.co.tz/network/Payment_notification_pdf.jar","online","malware_download","jar","https://urlhaus.abuse.ch/url/41486/"
+"41486","2018-08-13 10:31:06","https://posta.co.tz/network/Payment_notification_pdf.jar","offline","malware_download","jar","https://urlhaus.abuse.ch/url/41486/"
 "41485","2018-08-13 09:32:04","http://wevino.gq/tesla/server.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/41485/"
 "41484","2018-08-13 08:45:05","https://u.lewd.se/8izm0m_IMG-002318.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/41484/"
 "41483","2018-08-13 08:24:18","http://www.telechargement-fichiers.win/dl.exe","offline","malware_download","tinynuke","https://urlhaus.abuse.ch/url/41483/"
@@ -100849,10 +101399,10 @@
 "38844","2018-08-06 04:48:17","http://ekuvshinova.com/udfQrgHr/","offline","malware_download","exe,Fuery","https://urlhaus.abuse.ch/url/38844/"
 "38843","2018-08-06 04:48:16","http://pashafrendley.hr00.ru/Loxotron.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/38843/"
 "38842","2018-08-06 04:48:14","http://94.100.18.47/hhhhhh/POSW18.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/38842/"
-"38841","2018-08-06 04:48:12","http://www.shbaoju.com/wap/Boleto-35161265.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/38841/"
+"38841","2018-08-06 04:48:12","http://www.shbaoju.com/wap/Boleto-35161265.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/38841/"
 "38840","2018-08-06 04:48:11","https://s3.us-east-2.amazonaws.com/newpower/Listagem_Or%C3%A7amento.jar","offline","malware_download","None","https://urlhaus.abuse.ch/url/38840/"
 "38839","2018-08-06 04:48:10","https://bbuseruploads.s3.amazonaws.com/4cbd0bcf-1f5f-4cb3-aa69-e8bfbecb1aa0/downloads/93763ca5-6d29-4684-a4f0-fb09892f2fa8/micheck.exe?Signature=LaMByoRrQmcJyTJGkpJb9oZM%2FCU%3D&Expires=1533224865&AWSAccessKeyId=AKIAIQWXW6WLXMB5QZAQ&versionId=MdhdKM3YSlZwjup2.Pq.1G0n16xYfszG&response-content-disposition=attachment%3B%20filename%3D%22micheck.exe%22","offline","malware_download","None","https://urlhaus.abuse.ch/url/38839/"
-"38838","2018-08-06 04:48:09","http://www.shbaoju.com/upfile/2018/02/28/IMG-20180802.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/38838/"
+"38838","2018-08-06 04:48:09","http://www.shbaoju.com/upfile/2018/02/28/IMG-20180802.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/38838/"
 "38837","2018-08-06 04:48:05","http://mediaritm.com.ua/dd1LAay/","offline","malware_download","None","https://urlhaus.abuse.ch/url/38837/"
 "38836","2018-08-06 04:48:04","http://mtztech.com/caleb/BWT.exe","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/38836/"
 "38835","2018-08-06 04:48:02","http://al-falah.ir/slide/irbi.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/38835/"
@@ -101591,7 +102141,7 @@
 "38099","2018-08-02 18:50:05","http://42.7.26.13/svssshost.exe","offline","malware_download","exe,Loader,miner,payload","https://urlhaus.abuse.ch/url/38099/"
 "38098","2018-08-02 18:50:05","http://mtztech.com/caleb/rbt.exe","offline","malware_download","GandCrab,gandcrabv4,Ransomware,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/38098/"
 "38097","2018-08-02 17:16:05","http://closhlab.com/doc/EN_en/Payment-enclosed...","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/38097/"
-"38096","2018-08-02 17:06:03","https://cdn.discordapp.com/attachments/474594801229234191/474594846494031892/SubCrypt_Installer.rar","online","malware_download","exe,rat,revenge,RevengeRAT","https://urlhaus.abuse.ch/url/38096/"
+"38096","2018-08-02 17:06:03","https://cdn.discordapp.com/attachments/474594801229234191/474594846494031892/SubCrypt_Installer.rar","offline","malware_download","exe,rat,revenge,RevengeRAT","https://urlhaus.abuse.ch/url/38096/"
 "38095","2018-08-02 16:45:32","http://hunterbase.xyz/hunterba_bbb/shit.exe","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/38095/"
 "38094","2018-08-02 16:45:26","http://f-sholding.com/dfe/uyw/shit.exe","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/38094/"
 "38093","2018-08-02 16:45:10","http://vpggc.org/_output7D8BF60lary.exe","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/38093/"
@@ -101650,7 +102200,7 @@
 "38034","2018-08-02 14:55:14","http://scrapgoldpile.com/wp-content/plugins/google-sitemap-generator/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38034/"
 "38033","2018-08-02 14:55:10","http://zsgmm.com/wp-content/plugins/themegrill-demo-importer/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38033/"
 "38032","2018-08-02 14:55:08","http://carimint.com/wp-content/plugins/jetpack/modules/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38032/"
-"38031","2018-08-02 14:55:06","http://cadencespa.net/wp-content/plugins/kadence-slider/redux/1","online","malware_download","None","https://urlhaus.abuse.ch/url/38031/"
+"38031","2018-08-02 14:55:06","http://cadencespa.net/wp-content/plugins/kadence-slider/redux/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38031/"
 "38030","2018-08-02 14:55:04","http://estrindesign.com/wp-content/plugins/option-tree/includes/1","offline","malware_download","None","https://urlhaus.abuse.ch/url/38030/"
 "38029","2018-08-02 14:39:09","https://dl.dropboxusercontent.com/s/tlcud74elo1pslx/flashplayer_39.14_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/38029/"
 "38028","2018-08-02 14:39:07","https://dl.dropboxusercontent.com/s/6wbcteo6lfz0ncs/flashplayer_39.13_plugin.js?dl=1","offline","malware_download","js,js-GhoLoader,SocGholish","https://urlhaus.abuse.ch/url/38028/"
@@ -101736,7 +102286,7 @@
 "37940","2018-08-02 03:34:08","http://www.nufdi.net/newsletter/US/My-current-address-update/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37940/"
 "37939","2018-08-02 03:34:07","http://www.luvverly.com/images/DHL/En/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37939/"
 "37938","2018-08-02 03:34:05","http://www.iutai.tec.ve/casicoin/img/adjuntos/default/En_us/Payment-details/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37938/"
-"37937","2018-08-02 03:34:01","http://www.icmcce.net/DHL-Tracking/EN_en/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37937/"
+"37937","2018-08-02 03:34:01","http://www.icmcce.net/DHL-Tracking/EN_en/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37937/"
 "37936","2018-08-02 03:33:58","http://www.hotelsanjeronimopopayan.com/newsletter/En_us/Receipt-attached/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37936/"
 "37935","2018-08-02 03:33:57","http://www.demicolon.com/dvrguru_revoerror/image/default/En/Due-balance-paid/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37935/"
 "37934","2018-08-02 03:33:47","http://www.cardspets.com/wp-content/uploads/Aug2018/EN_en/Address-Update/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/37934/"
@@ -105065,7 +105615,7 @@
 "34567","2018-07-19 17:32:06","http://daytonohseo.com/new.qz","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/34567/"
 "34566","2018-07-19 17:32:04","http://clevelandohseo.com/new.qz","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/34566/"
 "34565","2018-07-19 17:31:43","https://xit4f7sj.xzkkl.com:8585/release/4062.apk","offline","malware_download","apk ","https://urlhaus.abuse.ch/url/34565/"
-"34564","2018-07-19 17:30:45","http://ak.imgfarm.com/images/nocache/vicinio/installers/v2/224245005.TTAB02.1/nsis/866643-TTAB02.1/180517193804604/msniFunCustomCreations/FunCustomCreations.e414d339d9fe4f889f91320c82d9ab51.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/34564/"
+"34564","2018-07-19 17:30:45","http://ak.imgfarm.com/images/nocache/vicinio/installers/v2/224245005.TTAB02.1/nsis/866643-TTAB02.1/180517193804604/msniFunCustomCreations/FunCustomCreations.e414d339d9fe4f889f91320c82d9ab51.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/34564/"
 "34563","2018-07-19 17:30:43","http://uploadtops.is/3/T/R3DPwh4","offline","malware_download","trojan","https://urlhaus.abuse.ch/url/34563/"
 "34561","2018-07-19 17:29:21","http://aaxrcljp.ahhxdl.cn/1/44278-C01","offline","malware_download","None","https://urlhaus.abuse.ch/url/34561/"
 "34560","2018-07-19 17:29:12","http://urbibfvy.yuhong.me/435d9150c43b23a6a86cd251d6685871/vB7A/Hnt6S/xamwgcdpbg10007.apk","offline","malware_download","apk ","https://urlhaus.abuse.ch/url/34560/"
@@ -106714,7 +107264,7 @@
 "32850","2018-07-16 16:49:24","http://hocalarlaofis.com/Borradores-acuerdos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32850/"
 "32849","2018-07-16 16:49:23","http://hobimsiseyler.com/Monatsrechnung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32849/"
 "32848","2018-07-16 16:49:21","http://herliniamran.com/Bestellungen/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32848/"
-"32847","2018-07-16 16:49:19","http://goldenuv.com/wp-content/themes/rttheme19/post-contents/Monatsrechnung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32847/"
+"32847","2018-07-16 16:49:19","http://goldenuv.com/wp-content/themes/rttheme19/post-contents/Monatsrechnung/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32847/"
 "32846","2018-07-16 16:49:16","http://friseur.xyz/Invoices-DOCS-07-2018/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32846/"
 "32845","2018-07-16 16:49:15","http://dveriki50.ru/Rechnungs/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32845/"
 "32844","2018-07-16 16:49:14","http://dc.amegt.com/wp-content/Monatsrechnung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/32844/"
@@ -107391,7 +107941,7 @@
 "32168","2018-07-13 12:09:45","http://ivsnet.org/Rechnungs/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32168/"
 "32167","2018-07-13 12:09:42","http://mongduongtpc.vn/DOCUMENTOS/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32167/"
 "32166","2018-07-13 12:09:34","http://shetakari.in/default/EN_en/Payment-and-address/invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32166/"
-"32165","2018-07-13 12:09:33","http://goldenuv.com/wp-content/plugins/woocommerce/dummy-data/Overdue-payment/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32165/"
+"32165","2018-07-13 12:09:33","http://goldenuv.com/wp-content/plugins/woocommerce/dummy-data/Overdue-payment/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/32165/"
 "32164","2018-07-13 12:09:29","http://sophiethomasartist.com/Jul2018/En/Jul2018/Invoice-5046159/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32164/"
 "32163","2018-07-13 12:09:28","http://krb.waw.pl/Rechnungs/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32163/"
 "32162","2018-07-13 12:09:26","http://shikshakhaber.com/Jul2018/EN_en/Order/INV47124945/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/32162/"
@@ -108363,7 +108913,7 @@
 "31178","2018-07-12 05:50:27","http://abstractandreal.eu//default/En/Statement/invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/31178/"
 "31177","2018-07-12 05:49:05","http://home.earthlink.net/~suzystar/Ups~costomer~service.jar","offline","malware_download","Adwind,java,JBifrost","https://urlhaus.abuse.ch/url/31177/"
 "31176","2018-07-12 04:45:37","http://abby2.checkallserver.xyz/panel/shit.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31176/"
-"31175","2018-07-12 04:45:36","http://cryptovoip.in/update/Zip.exe","online","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31175/"
+"31175","2018-07-12 04:45:36","http://cryptovoip.in/update/Zip.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31175/"
 "31174","2018-07-12 04:45:33","http://mozaks.net/imozaks/Documents/wo.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/31174/"
 "31173","2018-07-12 02:39:26","https://www.sx-zj.net/default/US_us/DOC/HRI-Monthly-Invoice/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/31173/"
 "31172","2018-07-12 02:39:21","https://urldefense.proofpoint.com/v2/url?u=http-3A__www.sx-2Dzj.net_default_US-5Fus_DOC_HRI-2DMonthly-2DInvoice_&d=DwIFaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=FtoDw-zJB1U6oMHnvDnv5XPE4nk-1jws78C28VGfoGApKVXV5MLUlNefW3g60a0o&m=qS8iZQf3b77bbBV4CE5xetvb_lJ3d6tP8YC7H7b_J_4&s=hgffFU7pH5QUrVWxahcnJCN8_J3-Kc-VY2U6jAveHTQ&e/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/31172/"
@@ -108525,7 +109075,7 @@
 "30999","2018-07-11 22:45:05","http://serv3.rttpos.com/monitoring/data/psa/maintenance/update/assets/RTT_Service.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/30999/"
 "30998","2018-07-11 22:45:04","http://serv3.rttpos.com/monitoring/data/psa/maintenance/update/assets/rttHeartBeat.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/30998/"
 "30997","2018-07-11 22:04:18","http://www.steamkopat.com/Rechnungs-docs/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30997/"
-"30996","2018-07-11 22:04:17","http://www.soulmantraonline.in/Rechnungs/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30996/"
+"30996","2018-07-11 22:04:17","http://www.soulmantraonline.in/Rechnungs/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30996/"
 "30995","2018-07-11 22:04:16","http://www.soulassociates.in/yinuawie/Factura/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30995/"
 "30994","2018-07-11 22:04:15","http://www.solutionguruji.com/Monatsrechnung/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30994/"
 "30993","2018-07-11 22:04:14","http://www.socialworkacademy.in/Zahlungsschreiben/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30993/"
@@ -109266,7 +109816,7 @@
 "30238","2018-07-11 04:05:48","http://brancerner.info/default/En/DOC/New-Invoice-AU78478-WG-7765/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/30238/"
 "30236","2018-07-11 04:05:46","http://bostcf.com/Jul2018/gescanntes-Dokument/DOC-Dokument/Ihre-Rechnung-045967/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/30236/"
 "30235","2018-07-11 04:05:45","http://borusanborufiyat.com/doc/US/STATUS/Invoice-88609766455-07-10-2018/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/30235/"
-"30234","2018-07-11 04:05:44","http://blog.embratonlife.com.br/newsletter/En/Client/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/30234/"
+"30234","2018-07-11 04:05:44","http://blog.embratonlife.com.br/newsletter/En/Client/Auditor-of-State-Notification-of-EFT-Deposit/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/30234/"
 "30233","2018-07-11 04:05:41","http://birlikbilisim.com.tr/Dokumente/Rechnungsanschrift/Rech-Nr056975/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/30233/"
 "30232","2018-07-11 04:05:39","http://binaline.net/default/US/Jul2018/HRI-Monthly-Invoice/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/30232/"
 "30231","2018-07-11 04:05:38","http://bidatools.com/pdf/GER/Hilfestellung/Ihre-Rechnung/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/30231/"
@@ -109322,21 +109872,21 @@
 "30180","2018-07-11 04:03:31","http://www.sreekumarnair.com/Nueva-Factura/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30180/"
 "30178","2018-07-11 04:03:30","http://www.socialbee.me/Invoices-form/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30178/"
 "30177","2018-07-11 04:03:26","http://www.snyderprime.com/INVOICES/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30177/"
-"30176","2018-07-11 04:03:25","http://www.smpleisure.co.uk/Invoices-Overdue/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30176/"
+"30176","2018-07-11 04:03:25","http://www.smpleisure.co.uk/Invoices-Overdue/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30176/"
 "30175","2018-07-11 04:03:24","http://www.smartell.ru/Zahlungsschreiben/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30175/"
 "30174","2018-07-11 04:03:23","http://www.skvely.eu/Rechs/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30174/"
 "30173","2018-07-11 04:03:22","http://www.skupkakorobok.ru/Zahlungsschreiben/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30173/"
 "30172","2018-07-11 04:03:21","http://www.siriweb4u.in/Factura/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30172/"
 "30171","2018-07-11 04:03:20","http://www.siddhartharc.com/Facturas-pendientes/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30171/"
-"30170","2018-07-11 04:03:19","http://www.shrimahaveerinfrastate.in/Overdue-payment-201807/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30170/"
+"30170","2018-07-11 04:03:19","http://www.shrimahaveerinfrastate.in/Overdue-payment-201807/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30170/"
 "30169","2018-07-11 04:03:17","http://www.shivibe.com/RECHs/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30169/"
 "30168","2018-07-11 04:03:16","http://www.shiril.co.in/Formulario-factura/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30168/"
 "30167","2018-07-11 04:03:15","http://www.shinegroups.in/Bestellungen/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30167/"
-"30166","2018-07-11 04:03:14","http://www.sharingdisciple.com/Correcciones/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30166/"
+"30166","2018-07-11 04:03:14","http://www.sharingdisciple.com/Correcciones/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30166/"
 "30165","2018-07-11 04:03:13","http://www.shanewhitfield.info/Bestellungen/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30165/"
 "30164","2018-07-11 04:03:12","http://www.shalbuzdag.ru/Factura-Venta/Factura-Venta/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30164/"
 "30163","2018-07-11 04:03:11","http://www.shaktisales.co.in/Declaracion-mensual-julio/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30163/"
-"30162","2018-07-11 04:03:10","http://www.sfbienetre.com/Abierto-Pasado-Vencimiento-Pedidos/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30162/"
+"30162","2018-07-11 04:03:10","http://www.sfbienetre.com/Abierto-Pasado-Vencimiento-Pedidos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30162/"
 "30161","2018-07-11 04:03:09","http://www.seymaersoycak.com/Invoice-07-2018/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30161/"
 "30160","2018-07-11 04:03:08","http://www.servizieditoriali.ch/Facturas-jul/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/30160/"
 "30158","2018-07-11 04:03:07","http://www.sercekus.com/Auftragsbestatigung/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/30158/"
@@ -109623,7 +110173,7 @@
 "29859","2018-07-10 10:05:05","http://smartempire888.gq/fo/build_outputBD3286F.pdf","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/29859/"
 "29858","2018-07-10 10:05:04","http://smartempire888.gq/fo/build_outputBD3286F.jpg","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/29858/"
 "29857","2018-07-10 10:05:03","http://smartempire888.gq/fo/build_outputBD3286F.exe","offline","malware_download","exe,lokibot","https://urlhaus.abuse.ch/url/29857/"
-"29856","2018-07-10 10:01:04","http://eravon.co.in/NDO/NDC.exe","online","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/29856/"
+"29856","2018-07-10 10:01:04","http://eravon.co.in/NDO/NDC.exe","offline","malware_download","exe,NanoCore","https://urlhaus.abuse.ch/url/29856/"
 "29855","2018-07-10 10:00:04","http://filesecured.xyz/load/servers/3D.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/29855/"
 "29854","2018-07-10 09:56:32","http://www.smsbab.com.ng/pdf/EN_en/Jul2018/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29854/"
 "29853","2018-07-10 09:56:30","https://idontknow.moe/files/yewiio.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/29853/"
@@ -109751,7 +110301,7 @@
 "29731","2018-07-10 02:38:04","http://www.ahkha.com/Facturas-documentos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29731/"
 "29730","2018-07-09 23:31:16","http://27.54.168.101/C0w9oW/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/29730/"
 "29729","2018-07-09 23:31:15","http://www.peternakan.unwiku.ac.id/fauTeLPCr/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/29729/"
-"29728","2018-07-09 23:31:09","http://www.securesharedservices.com/joiuehtr/9FEIZg6Y/","online","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/29728/"
+"29728","2018-07-09 23:31:09","http://www.securesharedservices.com/joiuehtr/9FEIZg6Y/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/29728/"
 "29727","2018-07-09 23:31:08","http://www.camataru4u.com/Hdvn97XWg/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/29727/"
 "29726","2018-07-09 23:31:05","http://51wh.top/McKisp86d3/","offline","malware_download","emotet,epoch1,heodo,payload","https://urlhaus.abuse.ch/url/29726/"
 "29725","2018-07-09 23:07:08","http://www.emrekarton.com/QY1EIRru/","offline","malware_download","emotet,epoch2,heodo,payload","https://urlhaus.abuse.ch/url/29725/"
@@ -109878,7 +110428,7 @@
 "29604","2018-07-09 20:50:04","http://www.devacatureboer.nl/p/","offline","malware_download","emotet,epoch2,heodo,payload","https://urlhaus.abuse.ch/url/29604/"
 "29603","2018-07-09 19:55:08","http://www.stepfit.co.in/Documentos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29603/"
 "29602","2018-07-09 19:55:07","http://www.vidiparts.ru/Payment-Receipt/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29602/"
-"29601","2018-07-09 19:55:06","http://www.shetakari.in/Correcciones/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29601/"
+"29601","2018-07-09 19:55:06","http://www.shetakari.in/Correcciones/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29601/"
 "29600","2018-07-09 19:55:05","http://shop.69slam.sk/Documentos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29600/"
 "29599","2018-07-09 19:55:04","http://www.sgventures.co.in/Facturas/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29599/"
 "29598","2018-07-09 19:55:03","http://www.simurgkusyuvasi.org/Abierto-Pasado-Vencimiento-Pedidos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/29598/"
@@ -109995,7 +110545,7 @@
 "29486","2018-07-09 16:34:13","http://adventuredsocks.com/sites/En/ACCOUNT/Pay-Invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/29486/"
 "29485","2018-07-09 16:34:12","http://labvietduc.com/default/En_us/Purchase/Invoice-928719/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/29485/"
 "29484","2018-07-09 16:34:05","http://epcschool.com/sites/US/Client/Invoice-566543/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/29484/"
-"29483","2018-07-09 16:34:03","http://soulassociates.in/Invoice-07/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/29483/"
+"29483","2018-07-09 16:34:03","http://soulassociates.in/Invoice-07/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/29483/"
 "29482","2018-07-09 16:34:02","http://crackbros.com/files/En/FILE/Invoice-157212/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/29482/"
 "29481","2018-07-09 16:11:46","http://imontgall.com/files/US/Payment-and-address/Invoice-07-09-18/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29481/"
 "29480","2018-07-09 16:11:43","http://innadesign.pl/files/US/FILE/Order-11951348587/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29480/"
@@ -110426,9 +110976,9 @@
 "29052","2018-07-06 18:30:25","http://www.stephanpaulini.com/sites/En_us/STATUS/Invoice-778792/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29052/"
 "29050","2018-07-06 18:30:24","http://www.srisribalajisundarkand.com/files/US/DOC/Customer-Invoice-NU-3188768/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29050/"
 "29049","2018-07-06 18:30:23","http://www.specialrelays.com/files/EN_en/Payment-and-address/Pay-Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29049/"
-"29048","2018-07-06 18:30:22","http://www.speakingadda.com/newsletter/En_us/INVOICE-STATUS/Invoice-07-06-18/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29048/"
+"29048","2018-07-06 18:30:22","http://www.speakingadda.com/newsletter/En_us/INVOICE-STATUS/Invoice-07-06-18/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29048/"
 "29047","2018-07-06 18:30:21","http://www.softwareworld.co/files/En/OVERDUE-ACCOUNT/86290/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29047/"
-"29046","2018-07-06 18:30:20","http://www.shetakari.in/sites/En_us/DOC/HRI-Monthly-Invoice/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29046/"
+"29046","2018-07-06 18:30:20","http://www.shetakari.in/sites/En_us/DOC/HRI-Monthly-Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29046/"
 "29045","2018-07-06 18:30:19","http://www.sfdcjames.co.uk/sites/EN_en/STATUS/Invoice-4625607/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29045/"
 "29044","2018-07-06 18:30:18","http://zlc-aa.org/Rechnungszahlung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29044/"
 "29043","2018-07-06 18:30:17","http://www.studentsbooklist.com/sites/En_us/STATUS/Pay-Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/29043/"
@@ -110500,7 +111050,7 @@
 "28977","2018-07-06 14:34:02","http://www.seven.energy/files/EN_en/New-Order-Upcoming/Pay-Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/28977/"
 "28976","2018-07-06 13:18:03","https://a.coka.la/Q7ghr.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/28976/"
 "28975","2018-07-06 13:12:04","https://tknk.io/QoCD","offline","malware_download","exe","https://urlhaus.abuse.ch/url/28975/"
-"28974","2018-07-06 12:57:06","http://www.mirocaffe.ro/en/images/2.exe","online","malware_download","Pony","https://urlhaus.abuse.ch/url/28974/"
+"28974","2018-07-06 12:57:06","http://www.mirocaffe.ro/en/images/2.exe","offline","malware_download","Pony","https://urlhaus.abuse.ch/url/28974/"
 "28973","2018-07-06 12:57:04","http://thehairhive.ca/bup/iipokl.exe","offline","malware_download","Loki","https://urlhaus.abuse.ch/url/28973/"
 "28972","2018-07-06 12:43:05","https://a.coka.la/2azeeb.jpg","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/28972/"
 "28971","2018-07-06 12:43:04","http://31.220.40.22/~bvcgroup/100000002.exe","offline","malware_download","exe,Fuery,Loki","https://urlhaus.abuse.ch/url/28971/"
@@ -111910,7 +112460,7 @@
 "27547","2018-07-03 18:51:09","http://sxzxgsi.com/Docs/","offline","malware_download","doc,heodo,Loader","https://urlhaus.abuse.ch/url/27547/"
 "27546","2018-07-03 18:51:04","http://www.countrystyleadultdaycare.org/Agreements-July/","offline","malware_download","doc,heodo,Loader","https://urlhaus.abuse.ch/url/27546/"
 "27545","2018-07-03 18:51:03","http://178.128.169.238/bins/sora.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/27545/"
-"27544","2018-07-03 17:12:13","http://www.leaflet-map-generator.com/Factura-pagada/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27544/"
+"27544","2018-07-03 17:12:13","http://www.leaflet-map-generator.com/Factura-pagada/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27544/"
 "27543","2018-07-03 17:12:11","http://www.lebenmann.com/Payment-docs/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27543/"
 "27542","2018-07-03 17:12:10","https://kerosky.com/Greeting-eCards/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27542/"
 "27541","2018-07-03 17:12:07","http://www.mgps.ac.in/IndependenceDay2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/27541/"
@@ -115394,7 +115944,7 @@
 "24015","2018-06-26 20:37:41","http://aplicativos.grupopaodeacucar.com.br/cds/rotulo/fbtab/ACCOUNT/Pay-Invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24015/"
 "24014","2018-06-26 20:37:39","http://beauty-op-istanbul.de/Zahlungserinnerung/Unsere-Rechnung-vom-26-Juni-Nr09838/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24014/"
 "24013","2018-06-26 20:37:37","http://goyalassignments.com/RECH/Rechnung/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24013/"
-"24012","2018-06-26 20:37:35","http://leaflet-map-generator.com/STATUS/tracking-number-and-invoice-of-your-order/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24012/"
+"24012","2018-06-26 20:37:35","http://leaflet-map-generator.com/STATUS/tracking-number-and-invoice-of-your-order/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/24012/"
 "24011","2018-06-26 20:37:34","http://bonsaiterapiasorientais.com/Zahlung/Rechnung-fur-Zahlung-041-338/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24011/"
 "24010","2018-06-26 20:37:30","http://mevabon.vn/Payment-and-address/Services-06-25-18-New-Customer-FR/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24010/"
 "24009","2018-06-26 20:37:27","http://konf-da.ru/Documentos/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/24009/"
@@ -115502,7 +116052,7 @@
 "23907","2018-06-26 17:01:07","http://www.alpha.intouchreminder.com/Purchase/Invoice-218579479-062618/","online","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23907/"
 "23906","2018-06-26 17:01:05","http://kdrecord.com/ACCOUNT/New-Invoice-CN0222-TZ-11755/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23906/"
 "23905","2018-06-26 17:01:03","http://www.alga.lt/Client/Services-06-26-18-New-Customer-XH/","offline","malware_download","doc,emotet,epoch2","https://urlhaus.abuse.ch/url/23905/"
-"23904","2018-06-26 16:54:49","http://www.leaflet-map-generator.com/STATUS/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/23904/"
+"23904","2018-06-26 16:54:49","http://www.leaflet-map-generator.com/STATUS/tracking-number-and-invoice-of-your-order/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/23904/"
 "23903","2018-06-26 16:54:47","http://kunkel5.com/aspnet_client/Invoice-26/June/2018/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/23903/"
 "23902","2018-06-26 16:54:44","http://digitalstory.tech/wp-content/Client/Invoices/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/23902/"
 "23901","2018-06-26 16:54:43","http://nincom.nl/ACCOUNT/Invoice-680832/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/23901/"
@@ -115963,7 +116513,7 @@
 "23430","2018-06-25 18:32:08","http://iconholidays.com.bd/PHzC/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23430/"
 "23428","2018-06-25 18:32:03","http://167.99.35.101/bins/yasaku.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/23428/"
 "23429","2018-06-25 18:32:03","http://argedalatpars.ir/Payment-and-address/INV2387130","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23429/"
-"23427","2018-06-25 18:18:02","http://media.atwaar.com/Documentos/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/23427/"
+"23427","2018-06-25 18:18:02","http://media.atwaar.com/Documentos/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/23427/"
 "23426","2018-06-25 18:03:17","http://argedalatpars.ir/Payment-and-address/INV2387130/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23426/"
 "23425","2018-06-25 18:03:17","http://blogs.vidiaspot.com/Payment-and-address/Order-46667948248/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23425/"
 "23424","2018-06-25 18:03:15","http://familiekoning.net/Facturas-pendientes/","offline","malware_download","doc,emotet,epoch2,heodo","https://urlhaus.abuse.ch/url/23424/"
@@ -116331,10 +116881,10 @@
 "23051","2018-06-25 04:45:27","http://pronav.com.br/welcome/config.bin","offline","malware_download",",Pony","https://urlhaus.abuse.ch/url/23051/"
 "23049","2018-06-25 04:45:22","http://bitbucket.org/danildh/softy/downloads/ddh.exe","offline","malware_download","AZORult,exe,Pony","https://urlhaus.abuse.ch/url/23049/"
 "23048","2018-06-25 04:45:19","http://indostraits.co.id/two.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/23048/"
-"23047","2018-06-25 04:45:12","http://rcsdfoundation.com/js/lib/emoore.exe","offline","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/23047/"
+"23047","2018-06-25 04:45:12","http://rcsdfoundation.com/js/lib/emoore.exe","online","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/23047/"
 "23046","2018-06-25 04:45:11","http://zigizaga.gq/logger.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/23046/"
 "23044","2018-06-25 04:45:08","http://byqgab.com/ca/z.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/23044/"
-"23045","2018-06-25 04:45:08","http://rcsdfoundation.com/images/gallery/veron.exe","offline","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/23045/"
+"23045","2018-06-25 04:45:08","http://rcsdfoundation.com/images/gallery/veron.exe","online","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/23045/"
 "23043","2018-06-25 04:45:08","http://www.kaukabphysiatry.com/hg9g/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23043/"
 "23042","2018-06-25 04:45:06","http://www.copticpope.org/7nCPQr/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23042/"
 "23041","2018-06-25 04:45:05","http://www.facebook.printuser.nl/dhxj/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/23041/"
@@ -116373,7 +116923,7 @@
 "23008","2018-06-24 16:06:07","http://indostraits.co.id/chi.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/23008/"
 "23007","2018-06-24 15:59:02","http://zigizaga.gq/Purchase-Order.doc","offline","malware_download","CVE-2017-11882,Loader","https://urlhaus.abuse.ch/url/23007/"
 "23006","2018-06-24 15:58:03","http://91.210.104.247/putty.exe","offline","malware_download","trojan","https://urlhaus.abuse.ch/url/23006/"
-"23005","2018-06-24 15:57:11","http://rcsdfoundation.com/images/ricci.exe","offline","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/23005/"
+"23005","2018-06-24 15:57:11","http://rcsdfoundation.com/images/ricci.exe","online","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/23005/"
 "23004","2018-06-24 15:57:08","http://118.184.31.215/9.exe","offline","malware_download","miner","https://urlhaus.abuse.ch/url/23004/"
 "23003","2018-06-24 07:37:07","http://indostraits.co.id/dafff.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/23003/"
 "23002","2018-06-24 07:35:02","https://comer.bid/one1.exe","offline","malware_download","exe,Smoke Loader","https://urlhaus.abuse.ch/url/23002/"
@@ -117376,14 +117926,14 @@
 "21981","2018-06-21 06:33:15","http://www.omurmakina.net/E0Qxi7iVDS/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21981/"
 "21980","2018-06-21 06:33:14","http://www.meucontrolefinanceiro.fivesdevelopment.com/gAV0sGHn/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21980/"
 "21979","2018-06-21 06:33:13","http://www.meohaybotui.com/qItjGI/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21979/"
-"21978","2018-06-21 06:33:11","http://www.melonacreations.co.za/fSlgvE68/","online","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21978/"
+"21978","2018-06-21 06:33:11","http://www.melonacreations.co.za/fSlgvE68/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21978/"
 "21977","2018-06-21 06:33:09","http://www.melonacreations.co.za/fSl","offline","malware_download","emotet","https://urlhaus.abuse.ch/url/21977/"
 "21976","2018-06-21 06:33:07","http://www.mak915800.ru/EESPQ169xF/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21976/"
 "21975","2018-06-21 06:33:06","http://www.kuteshop.kienbientech.com/9F18A9/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/21975/"
 "21974","2018-06-21 06:19:51","http://payplus.vn/asTCL6t/","offline","malware_download","None","https://urlhaus.abuse.ch/url/21974/"
 "21973","2018-06-21 06:19:48","http://omurmakina.net/E0Qxi7iVDS/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21973/"
 "21972","2018-06-21 06:19:47","http://meohaybotui.com/qItjGI/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21972/"
-"21971","2018-06-21 06:19:45","http://melonacreations.co.za/fSlgvE68/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/21971/"
+"21971","2018-06-21 06:19:45","http://melonacreations.co.za/fSlgvE68/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21971/"
 "21970","2018-06-21 06:19:41","http://mak915800.ru/EESPQ169xF/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21970/"
 "21969","2018-06-21 06:19:38","http://kuteshop.kienbientech.com/9F18A9/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21969/"
 "21968","2018-06-21 06:19:32","http://congnghevienthong.com/x9hf0FvE/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21968/"
@@ -117461,7 +118011,7 @@
 "21896","2018-06-21 05:36:23","http://aptrunggabk.com/STATUS/Account-02338/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21896/"
 "21895","2018-06-21 05:35:59","http://anhstructure.com/Statement/Auditor-of-State-Notification-of-EFT-Depoist/","offline","malware_download","None","https://urlhaus.abuse.ch/url/21895/"
 "21894","2018-06-21 05:35:46","http://adventuretext.com/FILE/Invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21894/"
-"21893","2018-06-21 05:35:25","http://202.28.110.204/joomla/Order/tracking-number-and-invoice-of-your-order/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21893/"
+"21893","2018-06-21 05:35:25","http://202.28.110.204/joomla/Order/tracking-number-and-invoice-of-your-order/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/21893/"
 "21892","2018-06-21 05:35:03","http://187.217.207.75/OVERDUE-ACCOUNT/84740/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/21892/"
 "21891","2018-06-21 05:34:02","http://185.246.153.136/AB4g5/Josho.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/21891/"
 "21890","2018-06-21 05:13:05","http://simplicityprojects.com/Q88/benucrypted.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/21890/"
@@ -118397,7 +118947,7 @@
 "20905","2018-06-19 13:13:04","http://www.hdgergitavan.com/Order/Please-pull-invoice-24402/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20905/"
 "20904","2018-06-19 13:02:44","http://h2o.co.id/STATUS/Invoice-436727/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/20904/"
 "20903","2018-06-19 13:02:40","http://www.development.fibonaccitradinginstitute.com/Jun2018/New-Invoice-IX77005-HQ-68226/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/20903/"
-"20902","2018-06-19 13:02:38","http://www.leaflet-map-generator.com/FILE/Services-06-19-18-New-Customer-JS/","offline","malware_download","AgentTesla,emotet,heodo","https://urlhaus.abuse.ch/url/20902/"
+"20902","2018-06-19 13:02:38","http://www.leaflet-map-generator.com/FILE/Services-06-19-18-New-Customer-JS/","online","malware_download","AgentTesla,emotet,heodo","https://urlhaus.abuse.ch/url/20902/"
 "20901","2018-06-19 13:02:36","http://www.bonsaiterapiasorientais.com/Rechnungsanschrift/Fakturierung-0099-177/","offline","malware_download","AgentTesla,emotet,heodo","https://urlhaus.abuse.ch/url/20901/"
 "20900","2018-06-19 13:02:32","http://www.brandstories.today/DOC-Dokument/Zahlung-bequem-per-Rechnung/","offline","malware_download","AgentTesla,emotet,heodo","https://urlhaus.abuse.ch/url/20900/"
 "20899","2018-06-19 13:02:28","http://www.infrabrasil.org/New-Order-Upcoming/Please-pull-invoice-72352/","offline","malware_download","emotet,heodo","https://urlhaus.abuse.ch/url/20899/"
@@ -118945,7 +119495,7 @@
 "20356","2018-06-18 13:40:06","http://uploader.sx/uploads/2018/5b27a58b.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/20356/"
 "20355","2018-06-18 13:34:09","http://www.expertcomm.ru/Rechnungs-Details/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20355/"
 "20354","2018-06-18 13:34:07","http://santafetails.com/Rechnungs/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20354/"
-"20353","2018-06-18 13:34:06","http://mettek.com.tr/Rechnungszahlung/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20353/"
+"20353","2018-06-18 13:34:06","http://mettek.com.tr/Rechnungszahlung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20353/"
 "20352","2018-06-18 13:34:05","http://51wh.top/RECHs/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20352/"
 "20351","2018-06-18 13:34:04","http://www.abramsdicta.com/RECHs/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/20351/"
 "20350","2018-06-18 13:11:13","http://www.comlogica.co.in/mwDwQEg/","offline","malware_download","emotet,exe,heodo","https://urlhaus.abuse.ch/url/20350/"
@@ -119766,7 +120316,7 @@
 "19523","2018-06-15 11:37:04","http://fortuna3.myhostpoint.ch/jand/cnano.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19523/"
 "19522","2018-06-15 11:36:04","http://uploadtops.is/1/f/clZMC7n","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19522/"
 "19521","2018-06-15 11:34:07","http://novec-power.com/wordpress/wp-content/lofyt.msi","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19521/"
-"19520","2018-06-15 11:32:07","http://www.cryptovoip.in/jb/DOTNET.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/19520/"
+"19520","2018-06-15 11:32:07","http://www.cryptovoip.in/jb/DOTNET.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19520/"
 "19519","2018-06-15 11:29:05","http://fortuna3.myhostpoint.ch/jand/jnano.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/19519/"
 "19518","2018-06-15 10:46:06","http://185.206.145.171/files/1132.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/19518/"
 "19517","2018-06-15 10:46:03","http://wetransfers.tk/bp/pan.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/19517/"
@@ -119944,7 +120494,7 @@
 "19338","2018-06-14 23:39:12","http://cmnmember.coachmohdnoor.com/Invoice/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19338/"
 "19337","2018-06-14 23:39:09","http://chcjob.com/Invoice/","offline","malware_download","None","https://urlhaus.abuse.ch/url/19337/"
 "19336","2018-06-14 23:39:05","http://centrodemayoreslahacienda.com/INCORRECT-INVOICE/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19336/"
-"19335","2018-06-14 23:39:04","http://ccowan.com/EWPQ30223VG/0832194/HPAB-PJX/2017-30-Oct-17/","online","malware_download","heodo","https://urlhaus.abuse.ch/url/19335/"
+"19335","2018-06-14 23:39:04","http://ccowan.com/EWPQ30223VG/0832194/HPAB-PJX/2017-30-Oct-17/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19335/"
 "19334","2018-06-14 23:37:08","http://bursakebapcisi.net/Corporation/SEWO72066379178XDU/Feb-26-2018-453694/UIV-XQB-Feb-26-2018/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19334/"
 "19333","2018-06-14 23:37:05","http://bakeola.com/INCORRECT-INVOICE/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19333/"
 "19332","2018-06-14 23:37:02","http://bachhof.de/Invoice-due-number-7221/","offline","malware_download","heodo","https://urlhaus.abuse.ch/url/19332/"
@@ -120692,7 +121242,7 @@
 "18583","2018-06-13 14:59:22","http://www.xn--90aadf0bqbco9htb.xn--p1ai/IRS-TRANSCRIPTS-062018-7398/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18583/"
 "18582","2018-06-13 14:59:21","http://www.unstolic.com/STATUS/Auditor-of-State-Notification-of-EFT-Deposit/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18582/"
 "18581","2018-06-13 14:59:19","http://carricusa.com/ssfm/ACCOUNT/New-Invoice-YF09279-UK-5830/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18581/"
-"18580","2018-06-13 14:59:16","http://www.wearebutastory.com/IRS-Letters-002A/4/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18580/"
+"18580","2018-06-13 14:59:16","http://www.wearebutastory.com/IRS-Letters-002A/4/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18580/"
 "18579","2018-06-13 14:59:14","http://www.loveid.gr/photos/portfolio/IRS-Accounts-Transcipts-062018-00X/3/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18579/"
 "18578","2018-06-13 14:59:12","http://www.beyhannakliyat.com/FILE/invoice/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18578/"
 "18577","2018-06-13 14:59:09","http://www.xn--80aalmei2ak.xn--p1ai/IRS-TRANSCRIPTS-066O/7/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18577/"
@@ -120994,7 +121544,7 @@
 "18274","2018-06-12 17:35:03","http://213.183.48.205/bins/otaku.x86","offline","malware_download","None","https://urlhaus.abuse.ch/url/18274/"
 "18273","2018-06-12 17:19:05","http://service-pc.com.ro/FILE/New-Invoice-BU21610-LI-1466/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/18273/"
 "18272","2018-06-12 17:19:04","http://www.elearn.efesmoldova.md/IRS-Tax-Transcipts-June-2018-04Y/3/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/18272/"
-"18271","2018-06-12 17:17:14","http://tutuler.com/IRS-TRANSCRIPTS-06A/7/","online","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/18271/"
+"18271","2018-06-12 17:17:14","http://tutuler.com/IRS-TRANSCRIPTS-06A/7/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/18271/"
 "18270","2018-06-12 17:17:14","http://www.demo.shenook.nl/IRS-Tax-Transcipts-03H/00/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/18270/"
 "18269","2018-06-12 17:17:13","http://www.acceptafrica.org/IRS-TRANSCRIPTS-09N/43/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/18269/"
 "18268","2018-06-12 17:17:10","http://www.egekutu.com/IRS-Transcripts-0853/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/18268/"
@@ -121174,11 +121724,11 @@
 "18091","2018-06-12 13:25:19","http://asndjqwnewq.com/lipomargara/dat.class","offline","malware_download","Gozi","https://urlhaus.abuse.ch/url/18091/"
 "18090","2018-06-12 13:25:14","http://asndjqwnewq.com/lipomargara/crypt_0001_1096a.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/18090/"
 "18089","2018-06-12 13:25:10","http://asndjqwnewq.com/lipomargara/crypt_0001_1095b.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/18089/"
-"18088","2018-06-12 13:24:53","http://zzajqwnewq.com/lipomargara/datd.class","online","malware_download","ursnif","https://urlhaus.abuse.ch/url/18088/"
+"18088","2018-06-12 13:24:53","http://zzajqwnewq.com/lipomargara/datd.class","offline","malware_download","ursnif","https://urlhaus.abuse.ch/url/18088/"
 "18087","2018-06-12 13:24:49","http://zzajqwnewq.com/lipomargara/crypt_0001_1095b.exe","offline","malware_download","ursnif","https://urlhaus.abuse.ch/url/18087/"
 "18086","2018-06-12 13:24:44","http://zzajqwnewq.com/lipomargara/crypt_0001_1096a.exe","offline","malware_download","ursnif","https://urlhaus.abuse.ch/url/18086/"
 "18085","2018-06-12 13:24:39","http://zzajqwnewq.com/lipomargara/dat.class","offline","malware_download","Gozi,ursnif","https://urlhaus.abuse.ch/url/18085/"
-"18084","2018-06-12 13:24:35","http://zzajqwnewq.com/lipomargara/data.class","online","malware_download","Gozi,ursnif","https://urlhaus.abuse.ch/url/18084/"
+"18084","2018-06-12 13:24:35","http://zzajqwnewq.com/lipomargara/data.class","offline","malware_download","Gozi,ursnif","https://urlhaus.abuse.ch/url/18084/"
 "18083","2018-06-12 13:24:29","http://zzajqwnewq.com/lipomargara/datb.class","offline","malware_download","Gozi,ursnif","https://urlhaus.abuse.ch/url/18083/"
 "18082","2018-06-12 13:24:24","http://zzajqwnewq.com/lipomargara/datc.class","offline","malware_download","ursnif","https://urlhaus.abuse.ch/url/18082/"
 "18081","2018-06-12 13:24:15","http://45.35.183.202/lipomargara/datd.class","offline","malware_download","None","https://urlhaus.abuse.ch/url/18081/"
@@ -121930,7 +122480,7 @@
 "17303","2018-06-11 16:07:02","http://mafiamike.com/IRS-Letters-June-2018-050/2/","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/17303/"
 "17304","2018-06-11 16:07:02","http://sleepsolve.co.uk/IRS-Transcripts-1332/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/17304/"
 "17302","2018-06-11 15:51:09","http://djzmo.com/IRS-Letters-June-2018-07S/95/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17302/"
-"17301","2018-06-11 15:51:05","http://arifcagan.com/IRS-Letters-062018-4265/","online","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17301/"
+"17301","2018-06-11 15:51:05","http://arifcagan.com/IRS-Letters-062018-4265/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17301/"
 "17299","2018-06-11 15:51:04","http://silkscatering.com.au/IRS-Accounts-Transcipts-056/8/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17299/"
 "17300","2018-06-11 15:51:04","http://stevebrown.nl/IRS-TRANSCRIPTS-08W/5/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17300/"
 "17297","2018-06-11 15:51:02","http://moessel.de/IRS-Letters-June-2018-09V/79/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/17297/"
@@ -121971,7 +122521,7 @@
 "17263","2018-06-11 14:41:05","http://thegilbertlawoffice.com/IRS-Transcripts-June-2018-02/0/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17263/"
 "17262","2018-06-11 14:41:03","http://luxartscreendesign.de/IRS-TRANSCRIPTS-2776/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/17262/"
 "17261","2018-06-11 14:23:19","http://kdrecord.com/IRS-Tax-Transcipts-07/64/","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17261/"
-"17260","2018-06-11 14:23:17","http://jitkla.com/images/IRS-Tax-Transcipts-04/2/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/17260/"
+"17260","2018-06-11 14:23:17","http://jitkla.com/images/IRS-Tax-Transcipts-04/2/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/17260/"
 "17259","2018-06-11 14:18:06","http://markah.com.br/irs-accounts-transcipts-028/5","offline","malware_download","doc,emotet,epoch1","https://urlhaus.abuse.ch/url/17259/"
 "17258","2018-06-11 14:18:05","http://comprealm.net/joomla/irs-transcripts-060f/9","offline","malware_download","doc,emotet,epoch1,Formbook,heodo","https://urlhaus.abuse.ch/url/17258/"
 "17257","2018-06-11 14:18:04","http://solecom.com/IRS-Accounts-Transcipts-June-2018-04/1/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/17257/"
@@ -122063,7 +122613,7 @@
 "17170","2018-06-11 09:03:03","http://mail.betr8.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17170/"
 "17169","2018-06-11 09:03:03","http://mail.gotomydaddy.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17169/"
 "17168","2018-06-11 08:53:02","http://wonderfuldavid.com/allyson/slycharleshta.hta","offline","malware_download","hta","https://urlhaus.abuse.ch/url/17168/"
-"17167","2018-06-11 08:52:14","http://www.cryptovoip.in/gy/HJ.exe","online","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/17167/"
+"17167","2018-06-11 08:52:14","http://www.cryptovoip.in/gy/HJ.exe","offline","malware_download","Loki,lokibot","https://urlhaus.abuse.ch/url/17167/"
 "17166","2018-06-11 08:52:04","http://mail.electronheaven.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17166/"
 "17165","2018-06-11 08:52:03","http://mail.artcontroller.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17165/"
 "17164","2018-06-11 08:51:23","http://mail.eduify.com/dl/facture_431977465.doc","offline","malware_download","doc","https://urlhaus.abuse.ch/url/17164/"
@@ -122269,7 +122819,7 @@
 "16950","2018-06-08 17:32:23","http://www.palavrasaovento.com.br/DOC/Invoice-94954/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16950/"
 "16949","2018-06-08 17:32:11","http://k-vet.ru/FILE/Account-75874/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16949/"
 "16948","2018-06-08 17:32:10","http://visuelle-sprache.de/GAS/ACCOUNT/Invoice-337076/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16948/"
-"16947","2018-06-08 17:32:09","http://datos.com.tw/image/album/normal/ACCOUNT/tracking-number-and-invoice-of-your-order/","online","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16947/"
+"16947","2018-06-08 17:32:09","http://datos.com.tw/image/album/normal/ACCOUNT/tracking-number-and-invoice-of-your-order/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16947/"
 "16946","2018-06-08 17:32:04","http://portraitworkshop.com/ups.com/WebTracking/AY-811582138420/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16946/"
 "16945","2018-06-08 17:29:05","http://r2consulting.net/ACCOUNT/Invoice-088572687-Invoice-date-060818-Order-no-7924318668/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16945/"
 "16944","2018-06-08 17:29:03","http://anaokulumarket.com/Client/Please-pull-invoice-059013/","offline","malware_download","doc,emotet,epoch1,heodo","https://urlhaus.abuse.ch/url/16944/"
@@ -123272,7 +123822,7 @@
 "15923","2018-06-06 14:38:03","http://billeter.net/ups.com/WebTracking/GCO-78260194951/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15923/"
 "15922","2018-06-06 14:32:10","http://vanna-online.ru/Zahlungserinnerung-06-Juni/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15922/"
 "15921","2018-06-06 14:32:09","http://antalyayedekparca.com/DOC/Invoice-433133/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15921/"
-"15920","2018-06-06 14:32:07","http://karavantekstil.com/Fakturierung/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15920/"
+"15920","2018-06-06 14:32:07","http://karavantekstil.com/Fakturierung/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15920/"
 "15919","2018-06-06 14:32:06","http://www.ppv.siaraya.com/Past-Due-Invoices/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15919/"
 "15918","2018-06-06 14:32:03","http://mebelera.ru/Rechnungs-06-Juni/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15918/"
 "15917","2018-06-06 14:27:08","http://outdoorspioneer.com/Client/INV679004068/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/15917/"
@@ -124287,7 +124837,7 @@
 "14828","2018-06-04 11:08:05","http://stemtopx.com/work/k/1s.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/14828/"
 "14827","2018-06-04 11:07:13","http://stemtopx.com/work/k/1.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/14827/"
 "14826","2018-06-04 11:07:05","http://stemtopx.com/work/k/1.docx","offline","malware_download","None","https://urlhaus.abuse.ch/url/14826/"
-"14825","2018-06-04 10:47:51","http://sczlsgs.com/Uploads/ueditor/file/20170302/d13ff63e94cc0f6d1a094df92d3c6ae6.doc","offline","malware_download","doc,downloader","https://urlhaus.abuse.ch/url/14825/"
+"14825","2018-06-04 10:47:51","http://sczlsgs.com/Uploads/ueditor/file/20170302/d13ff63e94cc0f6d1a094df92d3c6ae6.doc","online","malware_download","doc,downloader","https://urlhaus.abuse.ch/url/14825/"
 "14824","2018-06-04 10:47:40","http://cellandbell.com/xploit/zeco.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/14824/"
 "14823","2018-06-04 10:47:37","http://stemtopx.com/work/new/13.exe","offline","malware_download","exe,Pony","https://urlhaus.abuse.ch/url/14823/"
 "14822","2018-06-04 10:46:54","http://steelbendersrfq.cf/recovery/GBrX.exe","offline","malware_download","exe,Loki,Pony","https://urlhaus.abuse.ch/url/14822/"
@@ -126480,7 +127030,6 @@
 "12508","2018-05-24 13:47:04","http://142.234.200.99/~dave/1_com/2/URMYIP.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/12508/"
 "12507","2018-05-24 13:46:26","http://142.234.200.99/~dave/1_com/2/TCFPSO.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/12507/"
 "12506","2018-05-24 13:45:54","http://142.234.200.99/~dave/1_com/2/DKNTYP.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/12506/"
-"12505","2018-05-24 13:45:30","http://llhd.jp/1641/1/llkick.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/12505/"
 "12504","2018-05-24 13:45:14","http://records.sf-warriors.com/accesslogs/status.dat","offline","malware_download","None","https://urlhaus.abuse.ch/url/12504/"
 "12503","2018-05-24 13:45:12","https://tinyurl.com/y73s42h6","offline","malware_download","None","https://urlhaus.abuse.ch/url/12503/"
 "12502","2018-05-24 13:37:45","http://www.mva.by/tags/ISwift%20copy.exe","offline","malware_download","Loki","https://urlhaus.abuse.ch/url/12502/"
@@ -127257,8 +127806,8 @@
 "11723","2018-05-22 08:09:55","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-290-1/ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11723/"
 "11722","2018-05-22 08:09:51","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-291-1/dff26a9a44baa3ce109b8df41ae0a301d9e4a28ad7bd7721bbb7ccd137bfd696.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11722/"
 "11721","2018-05-22 08:09:47","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-292-1/6bf1839a7e72a92a2bb18fbedf1873e4892b00ea4b122e48ae80fac5048db1a7.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11721/"
-"11720","2018-05-22 08:09:36","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-295-1/05a00c320754934782ec5dec1d5c0476.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11720/"
-"11719","2018-05-22 08:09:32","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-296-1/05a00c320754934782ec5dec1d5c0476.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11719/"
+"11720","2018-05-22 08:09:36","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-295-1/05a00c320754934782ec5dec1d5c0476.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11720/"
+"11719","2018-05-22 08:09:32","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-296-1/05a00c320754934782ec5dec1d5c0476.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11719/"
 "11718","2018-05-22 08:09:27","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-298-1/051084202473f534605c98da8bc20f04.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11718/"
 "11717","2018-05-22 08:09:23","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-276-2/fa0cea9b855b83dc6a9f8d931882efd2.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11717/"
 "11716","2018-05-22 08:09:18","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-276-1/fa0cea9b855b83dc6a9f8d931882efd2.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11716/"
@@ -127266,9 +127815,9 @@
 "11714","2018-05-22 08:09:08","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-264-1/28140bd636324bad2f0e8394f3e7f723.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11714/"
 "11713","2018-05-22 08:09:04","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-264-2/28140bd636324bad2f0e8394f3e7f723.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11713/"
 "11712","2018-05-22 08:08:59","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-265-1/45160aa23d640f8d1bcb263c179f84f9.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11712/"
-"11711","2018-05-22 08:08:52","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-266-1/be4c49482221630647a8038ce977fc4f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11711/"
+"11711","2018-05-22 08:08:52","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-266-1/be4c49482221630647a8038ce977fc4f.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11711/"
 "11710","2018-05-22 08:08:47","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-267-1/9d166a822439a47eb2dfad1aeb823638.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11710/"
-"11709","2018-05-22 08:08:42","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-268-1/ac765e9809de73f444cd2cce04256dac.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11709/"
+"11709","2018-05-22 08:08:42","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-268-1/ac765e9809de73f444cd2cce04256dac.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11709/"
 "11708","2018-05-22 08:08:35","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-269-1/3988863fb18686dc6657245afddb597d.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11708/"
 "11707","2018-05-22 08:08:28","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-270-1/8dd63adb68ef053e044a5a2f46e0d2cd.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11707/"
 "11706","2018-05-22 08:08:25","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-271-1/a2350072233e3547a07a2b38509e8711.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11706/"
@@ -127280,7 +127829,7 @@
 "11700","2018-05-22 08:01:08","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-314-1/aab21189c136a5d741bfb97a00ee30ed.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11700/"
 "11699","2018-05-22 08:01:04","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-313-1/5c90d5c529749bc1d64268f1aa203c17.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11699/"
 "11698","2018-05-22 08:00:59","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-312-1/0b3bf879ba44b518b7b901efe5394184.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11698/"
-"11697","2018-05-22 08:00:55","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-311-1/5a5ac3721a74aa3ff99e678db2fd203c.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11697/"
+"11697","2018-05-22 08:00:55","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-311-1/5a5ac3721a74aa3ff99e678db2fd203c.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11697/"
 "11696","2018-05-22 08:00:49","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-310-1/ddbff1af87458be1cb6c8d6ae3e66b47.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11696/"
 "11695","2018-05-22 08:00:40","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-309-1/a16b750c545af3a0ba386f628020abd9.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11695/"
 "11694","2018-05-22 08:00:33","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-308-1/a60182f6f990659a3722e8b2be41fedc.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11694/"
@@ -127291,14 +127840,14 @@
 "11689","2018-05-22 08:00:13","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-305-1/ebb20174ee893c0754654668f3e837ff.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11689/"
 "11688","2018-05-22 08:00:10","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-305-2/ebb20174ee893c0754654668f3e837ff.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11688/"
 "11687","2018-05-22 08:00:06","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-306-1/b73ec148b74e72c910575210b64f0d0f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11687/"
-"11686","2018-05-22 07:59:46","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-335-1/08c3396b5dad3befa63f0eda9d4bf30f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11686/"
+"11686","2018-05-22 07:59:46","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-335-1/08c3396b5dad3befa63f0eda9d4bf30f.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11686/"
 "11685","2018-05-22 07:59:42","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-331-1/04cb105e0e58281bd94fb692191a255f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11685/"
 "11684","2018-05-22 07:59:38","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-331-2/04cb105e0e58281bd94fb692191a255f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11684/"
 "11683","2018-05-22 07:59:35","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-332-1/53d1d4bcf6b03424870c6d17ca476b00.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11683/"
 "11682","2018-05-22 07:59:31","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-334-1/ftppad.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11682/"
 "11681","2018-05-22 07:59:27","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-346-1/6164228ed2cc0eceba9ce1828d87d827.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11681/"
 "11680","2018-05-22 07:59:23","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-345-1/95a1a53b1f3309b07722a2fd5b9ad1b5.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11680/"
-"11679","2018-05-22 07:59:19","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-343-1/36ceab965bdc5b13a638ad27436caf71.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11679/"
+"11679","2018-05-22 07:59:19","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-343-1/36ceab965bdc5b13a638ad27436caf71.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11679/"
 "11678","2018-05-22 07:59:00","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-342-1/ad4c296849b12786e6b4edc8b271b3d9.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11678/"
 "11677","2018-05-22 07:58:52","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-341-1/6ec4f663e633d010e57d1c5201fa61be.doc.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11677/"
 "11676","2018-05-22 07:58:43","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-339-1/31b6c42ac6e43b3774315e7b405ce23b.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11676/"
@@ -127306,9 +127855,9 @@
 "11674","2018-05-22 07:58:32","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-337-1/829b659b29ebee7a4d6c16d16ef1ef5f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11674/"
 "11673","2018-05-22 07:58:28","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-336-1/9d033c9f9488d8300162aacc5e805c40.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11673/"
 "11672","2018-05-22 07:58:21","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-330-1/007cc81601483375bb2429f8d4ce3350.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11672/"
-"11671","2018-05-22 07:58:16","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-329-1/e52754c570bb2c47b34047d0062c6a8f.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11671/"
+"11671","2018-05-22 07:58:16","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-329-1/e52754c570bb2c47b34047d0062c6a8f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11671/"
 "11670","2018-05-22 07:58:12","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-328-1/583825e2541b0fca6429c9916786c030.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11670/"
-"11669","2018-05-22 07:58:09","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-315-1/4dfa6cc92e0ebd2c8d36cd16c864adad.zip","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11669/"
+"11669","2018-05-22 07:58:09","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-315-1/4dfa6cc92e0ebd2c8d36cd16c864adad.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11669/"
 "11668","2018-05-22 07:58:06","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-316-1/e8d2e2a7060960ac9b03fdabb37d367f.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11668/"
 "11667","2018-05-22 07:58:02","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-318-1/flashplayer.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11667/"
 "11666","2018-05-22 07:57:57","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-319-1/0b283b3ee065c2a1a5d9b5fef691be7b70cf5c5f1371f5a6653ec35a998602a0.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11666/"
@@ -127317,7 +127866,7 @@
 "11663","2018-05-22 07:57:37","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-322-1/d2e6d34475fcba320609b1eb58884525.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11663/"
 "11662","2018-05-22 07:57:33","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-323-1/06e67970894da9ae379becfa19c0ef64.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11662/"
 "11661","2018-05-22 07:57:27","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-327-2/2b48789d9272700de5405bf9a9c05204.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11661/"
-"11660","2018-05-22 07:57:22","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-327-2/2b48789d9272700de5405bf9a9c05204.exe","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11660/"
+"11660","2018-05-22 07:57:22","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-327-2/2b48789d9272700de5405bf9a9c05204.exe","offline","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11660/"
 "11659","2018-05-22 07:57:16","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-327-1/2b48789d9272700de5405bf9a9c05204.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11659/"
 "11658","2018-05-22 07:57:12","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-326-1/88d93ae49ac5b3d0750052eb4acdaca3.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11658/"
 "11657","2018-05-22 07:57:09","https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-325-1/011517b0b3c6a79d740033df71120392.zip","online","malware_download","malware,password infected,reposity","https://urlhaus.abuse.ch/url/11657/"
@@ -127557,7 +128106,7 @@
 "11386","2018-05-21 12:02:05","http://185.24.233.27/t.exe","offline","malware_download","exe,Formbook","https://urlhaus.abuse.ch/url/11386/"
 "11385","2018-05-21 11:54:30","http://uhuii.com/atulls.exe","offline","malware_download","AgentTesla,exe","https://urlhaus.abuse.ch/url/11385/"
 "11384","2018-05-21 11:54:09","http://polymage.com.cy/misc/ui/images/files/Order.exe","offline","malware_download","exe,NanoCore,rat","https://urlhaus.abuse.ch/url/11384/"
-"11383","2018-05-21 11:53:05","http://namanpoojansamagri.com/images/ERICNICCUR.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/11383/"
+"11383","2018-05-21 11:53:05","http://namanpoojansamagri.com/images/ERICNICCUR.exe","online","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/11383/"
 "11382","2018-05-21 11:48:54","http://indostraits.co.id/alexxx.exe","offline","malware_download","exe,Loki","https://urlhaus.abuse.ch/url/11382/"
 "11381","2018-05-21 11:47:50","http://74.118.138.155:8485/svchost.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/11381/"
 "11380","2018-05-21 11:34:20","http://edwinjack.5gbfree.com/eighteen.exe","offline","malware_download","exe,NanoCore,rat","https://urlhaus.abuse.ch/url/11380/"
@@ -127830,9 +128379,9 @@
 "11102","2018-05-18 12:12:18","http://mine.zarabotaibitok.ru/Downloads/Servise/Instaler.zip","online","malware_download","None","https://urlhaus.abuse.ch/url/11102/"
 "11101","2018-05-18 12:11:53","http://mine.zarabotaibitok.ru/Downloads/Servise/System.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11101/"
 "11100","2018-05-18 12:11:13","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11100/"
-"11099","2018-05-18 12:10:29","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater1.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11099/"
+"11099","2018-05-18 12:10:29","http://mine.zarabotaibitok.ru/Downloads/Servise/Updater1.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11099/"
 "11098","2018-05-18 12:09:51","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11098/"
-"11097","2018-05-18 12:08:44","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv13.exe","offline","malware_download","AgentTesla,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/11097/"
+"11097","2018-05-18 12:08:44","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv13.exe","online","malware_download","AgentTesla,Ransomware.GandCrab","https://urlhaus.abuse.ch/url/11097/"
 "11096","2018-05-18 12:08:06","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv14.exe","online","malware_download","AgentTesla,njRAT","https://urlhaus.abuse.ch/url/11096/"
 "11095","2018-05-18 12:07:17","http://mine.zarabotaibitok.ru/Downloads/Servise/jusched_srv16.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11095/"
 "11094","2018-05-18 12:06:24","http://mine.zarabotaibitok.ru/Downloads/Servise/reneme_run.bat","offline","malware_download","None","https://urlhaus.abuse.ch/url/11094/"
@@ -127853,7 +128402,7 @@
 "11079","2018-05-18 11:58:47","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X64/SystemNT.zip","offline","malware_download","None","https://urlhaus.abuse.ch/url/11079/"
 "11078","2018-05-18 11:58:32","http://mine.zarabotaibitok.ru/Downloads/Miner_Xmrig/X64/SystemNT.exe","offline","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11078/"
 "11077","2018-05-18 11:57:49","http://mine.zarabotaibitok.ru/Downloads/KM_HS/hostdll.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11077/"
-"11076","2018-05-18 11:56:41","http://mine.zarabotaibitok.ru/Downloads/KM_GS/svhost.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11076/"
+"11076","2018-05-18 11:56:41","http://mine.zarabotaibitok.ru/Downloads/KM_GS/svhost.exe","offline","malware_download","None","https://urlhaus.abuse.ch/url/11076/"
 "11075","2018-05-18 11:53:42","http://mine.zarabotaibitok.ru/Downloads/KM_GS/GS_Svc.exe","online","malware_download","AgentTesla","https://urlhaus.abuse.ch/url/11075/"
 "11074","2018-05-18 11:51:12","http://mine.zarabotaibitok.ru/Downloads/worms/nc.exe","online","malware_download","None","https://urlhaus.abuse.ch/url/11074/"
 "11073","2018-05-18 11:51:07","http://mine.zarabotaibitok.ru/Downloads/XP/Secyrityi_IE.vbs","offline","malware_download","None","https://urlhaus.abuse.ch/url/11073/"
@@ -131110,7 +131659,7 @@
 "7571","2018-04-26 11:35:08","http://steamer10theatre.org/wp-content/themes/0am.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/7571/"
 "7570","2018-04-26 11:34:54","https://gastrohero.zendesk.com/attachments/token/s3Tf3BA8bPqLAsTkhOK5Yw9fn/?name=Materialanforderungen.7z","offline","malware_download","","https://urlhaus.abuse.ch/url/7570/"
 "7569","2018-04-26 11:34:48","http://healthyfamilydigest.org/js/4.exe","offline","malware_download","","https://urlhaus.abuse.ch/url/7569/"
-"7568","2018-04-26 11:34:45","http://www.bjkumdo.com/admin/word.exe","online","malware_download","","https://urlhaus.abuse.ch/url/7568/"
+"7568","2018-04-26 11:34:45","http://www.bjkumdo.com/admin/word.exe","offline","malware_download","","https://urlhaus.abuse.ch/url/7568/"
 "7567","2018-04-26 11:34:32","http://86.110.117.192/svchost.exe","offline","malware_download","","https://urlhaus.abuse.ch/url/7567/"
 "7566","2018-04-26 11:33:19","http://weaver.5gbfree.com/mikontrol.exe","offline","malware_download","","https://urlhaus.abuse.ch/url/7566/"
 "7565","2018-04-26 11:32:18","http://patersons.info/6r22YLmSQ/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/7565/"
@@ -131194,7 +131743,7 @@
 "7346","2018-04-25 14:45:13","http://leonarda.art.br/Invoice-receipt/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/7346/"
 "7345","2018-04-25 14:45:09","http://leikvold.net/VrOAT3ZV5zl/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/7345/"
 "7344","2018-04-25 14:45:05","http://invetreaks.jp/NiyHUzQKW/","offline","malware_download","doc,emotet","https://urlhaus.abuse.ch/url/7344/"
-"7342","2018-04-25 14:44:56","http://mmmnasdjhqweqwe.com/KOM/crypt_0002_1043c.exe","online","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/7342/"
+"7342","2018-04-25 14:44:56","http://mmmnasdjhqweqwe.com/KOM/crypt_0002_1043c.exe","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/7342/"
 "7343","2018-04-25 14:44:56","http://mmmnasdjhqweqwe.com/KOM/lex_192h.json","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/7343/"
 "7341","2018-04-25 14:44:34","http://mmmnasdjhqweqwe.com/KOM/crypt_0002_1045a.exe","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/7341/"
 "7340","2018-04-25 14:43:54","http://mmmnasdjhqweqwe.com/KOM/irlashka1.yarn","offline","malware_download","emotet,exe","https://urlhaus.abuse.ch/url/7340/"
@@ -132763,7 +133312,7 @@
 "2696","2018-04-04 14:28:23","http://asdojnqweijqwe.com/NOIT/testv.php?l=obi2.class","offline","malware_download","exe","https://urlhaus.abuse.ch/url/2696/"
 "2695","2018-04-04 13:28:19","http://pwa.fr/data/Invoice_2791.pdf","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/2695/"
 "2694","2018-04-04 13:28:13","http://notredamedesmines.fr/upload/Invoice_2791.pdf","offline","malware_download","exe,Gozi","https://urlhaus.abuse.ch/url/2694/"
-"2686","2018-04-04 12:00:40","http://iol.ie/~woodlawn/dpp1.exe","online","malware_download","exe","https://urlhaus.abuse.ch/url/2686/"
+"2686","2018-04-04 12:00:40","http://iol.ie/~woodlawn/dpp1.exe","offline","malware_download","exe","https://urlhaus.abuse.ch/url/2686/"
 "2685","2018-04-04 11:56:47","http://taxiheviz.eu/8jkh873f","offline","malware_download","exe,quantloader","https://urlhaus.abuse.ch/url/2685/"
 "2684","2018-04-04 11:41:58","http://kishi73.com.br/dorogan.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/2684/"
 "2683","2018-04-04 11:41:50","http://interbanx.co.id/dorogan.png","offline","malware_download","exe,Trickbot","https://urlhaus.abuse.ch/url/2683/"
@@ -133901,7 +134450,7 @@
 "964","2018-03-28 13:46:24","http://sonropit.com/Overdue-payment/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/964/"
 "963","2018-03-28 13:46:21","http://sibim.com.br/Mar-19-11-52-46/Tracking-Number-5O55794232582631/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/963/"
 "962","2018-03-28 13:46:15","http://sfd-mobler.se//scan/Invoice/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/962/"
-"961","2018-03-28 13:46:12","http://seyidogullaripeyzaj.com/ACH-FORM/AM-724720462846707/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/961/"
+"961","2018-03-28 13:46:12","http://seyidogullaripeyzaj.com/ACH-FORM/AM-724720462846707/","online","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/961/"
 "960","2018-03-28 13:46:06","http://saungrawalele.com/INV/JFD-717527/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/960/"
 "959","2018-03-28 13:46:00","http://sape.aut.ac.ir/INV/QNY-2353065865/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/959/"
 "958","2018-03-28 13:45:54","http://safirambalaj.com.tr/Rechnung-Nr-10947/","offline","malware_download","doc,emotet,heodo","https://urlhaus.abuse.ch/url/958/"
diff --git a/urlhaus-filter.txt b/urlhaus-filter.txt
index 2cc68eae..c90325ef 100644
--- a/urlhaus-filter.txt
+++ b/urlhaus-filter.txt
@@ -1,5 +1,5 @@
 ! Title: abuse.ch URLhaus Malicious URL Blocklist
-! Updated: Thu, 21 Feb 2019 00:22:30 UTC
+! Updated: Thu, 21 Feb 2019 12:22:43 UTC
 ! Expires: 1 day (update frequency)
 ! Repo: https://gitlab.com/curben/urlhaus-filter
 ! License: https://creativecommons.org/publicdomain/zero/1.0/
@@ -7,17 +7,14 @@
 04.bd-pcgame.720582.com
 1.247.157.184
 1.254.80.184
-1.32.43.40
 1.34.159.106
 1.34.159.137
 1.34.19.87
-1.34.220.200
 1.34.238.15
 1.34.72.99
 1.54.70.28
 1.9.124.131
 1.9.178.128
-100.26.203.42
 101.200.214.249
 101.96.10.47
 102.165.32.158
@@ -26,17 +23,16 @@
 103.92.25.95
 104.130.211.29
 104.155.134.95
-104.168.149.180
 104.168.158.148
 104.168.169.89
 104.168.174.246
 104.192.108.19
-104.198.73.104
 104.203.170.198
 104.223.40.40
 104.248.173.249
 104.248.181.42
 104.32.48.59
+1040expressdallas.com
 106.104.115.213
 106.105.197.111
 106.14.42.35
@@ -56,7 +52,6 @@
 11.gxdx2.crsky.com
 110.139.168.235
 110.35.234.48
-111.172.205.125
 111.184.255.79
 111.90.158.182
 112.117.221.26
@@ -74,15 +69,15 @@
 114.32.227.207
 114.33.134.75
 114.33.174.116
-114.33.233.96
+114.34.109.34
+114.35.203.9
 115.165.206.174
 115.66.127.67
+116.109.202.44
 11651.wang
 118.163.0.229
 118.233.43.29
-118.25.176.38
-118.99.239.217
-119.254.12.142
+119.9.136.146
 12.25.14.44
 120.192.64.10
 120.52.51.13
@@ -104,52 +99,37 @@
 125.137.120.54
 125.138.144.118
 125.254.53.45
-128.199.172.4
-128.199.187.124
-128.199.207.179
 128.199.68.28
 128.199.96.104
-13.114.230.250
+13.114.47.124
+13.125.71.19
 13.126.20.237
 13.126.28.98
 13.126.61.22
-13.127.154.242
-13.127.175.101
-13.127.49.76
-13.229.153.169
-13.229.189.170
-13.229.71.182
-13.231.169.127
-13.231.226.136
-13.233.173.191
-13.233.31.203
-13.250.191.134
-13.251.184.56
-13.251.187.227
-13.56.105.158
-13.57.175.119
-13.57.29.183
-13.58.149.51
-13.58.150.48
-13.58.169.48
-13.59.241.74
+13.127.110.92
+13.127.212.245
+13.211.153.58
+13.229.109.5
+13.229.172.62
+13.234.1.52
+13.250.36.131
+13.251.144.86
+13.55.221.15
+13.59.135.197
+13.73.162.155
 132.145.153.89
 132.147.40.112
 133.242.156.30
+134.209.48.14
 138.197.206.217
-138.197.72.9
-139.59.130.73
-139.59.182.250
 139.59.25.145
 139.59.64.173
 14.183.241.169
+14.200.128.35
 14.200.65.79
-14.230.232.48
-14.37.53.247
 14.39.104.93
 14.39.241.60
 14.43.233.212
-14.44.8.176
 14.46.104.156
 14.46.154.219
 14.46.70.58
@@ -186,19 +166,12 @@
 159.65.101.80
 159.65.12.8
 159.65.142.218
-159.65.146.232
-159.65.147.40
 159.65.155.170
 159.65.185.61
-159.65.65.213
-159.65.83.246
-159.89.153.180
-159.89.167.92
+159.89.231.237
 15k.xyz
-160.16.198.220
 163.22.51.1
 166.70.72.209
-167.99.10.129
 168.121.41.205
 172.85.185.216
 173.167.154.35
@@ -212,26 +185,25 @@
 175.206.117.74
 175.206.44.197
 176.97.211.183
+177.139.94.79
 177.189.220.179
 177.68.147.145
 178.128.155.191
+178.128.238.130
 178.128.54.239
 178.128.60.85
 178.131.61.0
 178.236.210.22
-178.62.102.110
 178.62.213.188
 178.62.227.13
-178.62.233.192
 178.62.243.26
-179.191.88.69
 179.220.125.55
 179.98.240.107
 179.99.203.85
-18.130.198.164
-18.179.166.252
-18.184.158.108
+18.130.106.226
+18.130.111.206
 18.188.218.228
+18.207.109.124
 18.209.86.90
 18.213.62.169
 180.153.105.169
@@ -241,17 +213,19 @@
 181.49.241.50
 182.235.29.89
 183.110.79.42
+183.179.198.165
 183.234.11.91
-183.99.140.11
 184.11.126.250
+185.101.105.208
+185.101.105.211
+185.120.58.196
+185.135.82.116
 185.154.15.36
 185.179.169.118
 185.189.149.137
-185.191.229.180
 185.195.236.165
 185.22.152.122
 185.222.202.118
-185.234.216.167
 185.234.216.239
 185.234.217.21
 185.244.25.123
@@ -259,15 +233,18 @@
 185.244.25.134
 185.244.25.139
 185.244.25.148
-185.244.25.149
 185.244.25.153
 185.244.25.182
 185.244.25.194
+185.244.25.198
 185.244.25.199
 185.244.25.229
 185.244.25.230
 185.244.25.234
+185.244.25.242
 185.244.25.249
+185.244.30.141
+185.244.30.147
 185.244.30.151
 185.26.31.94
 185.81.157.124
@@ -285,11 +262,9 @@
 187.39.130.150
 187.54.81.180
 187.62.179.28
-188.131.164.117
 188.152.2.151
 188.161.62.65
 188.191.31.49
-188.192.104.226
 188.251.199.205
 188.36.121.184
 189.100.19.38
@@ -297,6 +272,7 @@
 189.136.143.254
 189.158.48.204
 189.198.67.249
+189.32.232.54
 189.55.147.121
 190.194.44.136
 190.250.124.10
@@ -304,6 +280,7 @@
 190.69.81.172
 190.7.27.69
 190.88.184.137
+191.92.234.159
 192.210.146.45
 192.99.142.235
 193.200.50.136
@@ -319,10 +296,11 @@
 198.98.58.235
 198.98.60.232
 198.98.62.207
+199.38.245.221
 199.38.245.235
 1lorawicz.pl
 1roof.ltd.uk
-2.186.112.113
+2.180.2.240
 2.187.249.232
 2.226.200.189
 2.229.49.214
@@ -338,17 +316,20 @@
 201.43.231.16
 201.92.187.125
 201.92.84.134
+202.28.110.204
 202.55.178.35
 202.75.223.155
 203.146.208.208
 203.163.211.46
+203.226.76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 203.228.89.116
+205.185.113.127
 206.189.112.94
-206.189.154.46
+206.189.131.31
+206.189.181.0
 206.189.200.115
 206.189.68.184
 206.255.52.18
-207.154.223.104
 2077707.ru
 208.110.71.194
 208.51.63.150
@@ -357,13 +338,11 @@
 209.141.48.246
 210.46.85.150
 211.187.75.220
-211.193.86.151
 211.194.183.51
 211.204.165.173
 211.21.205.207
 211.238.147.196
 211.48.208.144
-211.55.144.196
 211.73.73.2
 211.73.73.3
 212.150.200.21
@@ -386,7 +365,9 @@
 219.85.233.13
 21robo.com
 220.120.136.184
+220.125.225.251
 220.127.219.194
+220.132.38.177
 220.133.156.146
 220.133.245.46
 220.135.226.7
@@ -398,8 +379,6 @@
 221.121.41.139
 221.130.183.19
 221.146.91.205
-221.159.211.136
-221.167.229.24
 221.226.86.151
 222.100.203.39
 222.105.156.36
@@ -418,23 +397,16 @@
 24.184.61.131
 24.30.17.198
 24.96.119.52
-25yardscreamer.co.uk
 27.120.86.87
 27.126.188.212
 27.2.138.189
-28kdigital.com
 2cbio.com
 2d73.ru
-3.122.143.225
-3.16.101.139
-3.16.25.162
-3.16.30.213
-3.8.150.35
-3.8.39.112
-3.8.8.24
+2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
+3.87.40.220
 3.89.91.237
-3.92.174.100
 3.dohodtut.ru
+30-by-30.com
 31.132.142.166
 31.132.143.21
 31.168.213.38
@@ -447,31 +419,39 @@
 31.211.138.227
 31.211.139.177
 31.211.159.149
-34.73.163.194
+34.199.99.97
+34.207.166.101
+34.229.7.66
 34.80.131.135
-35.190.186.53
+35.183.245.54
+35.192.67.231
 35.200.238.170
+35.203.116.213
 35.204.88.6
+35.221.42.220
 35.227.184.106
 35.229.123.217
-35.232.73.116
+35.240.15.202
 35.244.2.82
-35.247.37.148
+35.245.131.38
+35.247.112.235
 36.39.80.218
 36.67.206.31
+36.78.126.219
 36.80.251.129
-37.139.27.218
 37.191.82.202
+37.228.119.107
 37.252.74.43
 37.34.247.30
+37.44.212.223
 3d.tdselectronics.com
 3dx.pc6.com
 4.kuai-go.com
-40seg.com
-41.32.210.2
 41.32.23.132
 45.239.139.18
 45.55.107.240
+46.101.213.240
+46.101.220.88
 46.101.232.155
 46.117.176.102
 46.183.218.243
@@ -480,7 +460,6 @@
 46.27.127.118
 46.29.163.204
 46.29.163.68
-46.29.165.131
 46.29.166.149
 46.29.166.83
 46.29.167.181
@@ -498,7 +477,6 @@
 49.159.8.123
 49.255.48.5
 4pointinspection.net
-5.12.208.100
 5.201.128.15
 5.201.130.81
 5.29.137.12
@@ -507,21 +485,24 @@
 50.242.141.75
 50.250.107.139
 51-iblog.com
+52.204.186.102
 52.205.176.136
 52.66.236.210
+54.172.85.221
 54.236.34.129
-54.250.159.171
+54.37.155.75
+54.83.117.78
 58.230.89.42
-59.124.90.231
 59.2.145.43
 59.29.160.214
 59.29.178.187
 59.31.110.106
 59.31.164.189
 59.98.44.226
+5cde8460-idc.optehazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 60.248.141.87
 60.250.242.72
-61.219.41.50
+61.172.11.252
 61.222.95.43
 61.42.68.167
 61.73.81.11
@@ -536,6 +517,7 @@
 64.62.250.41
 66.117.2.182
 66.117.6.174
+66.23.231.102
 68.183.157.144
 68.235.84.140
 69.202.198.255
@@ -555,18 +537,21 @@
 75.3.196.154
 75.55.248.20
 76.126.236.91
+76.144.clientjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 76.182.156.147
 77.139.74.206
 77.79.190.82
 777ton.ru
 78.186.113.86
+78.186.165.233
 78.187.81.161
 78.207.210.11
 78.39.232.91
 78.96.20.79
 78.96.28.99
 79.159.206.15
-8.29.139.221
+79.2.211.133
+79.39.88.20
 80.11.38.244
 80.178.214.184
 80.184.103.175
@@ -575,20 +560,18 @@
 81.213.166.175
 81.214.220.87
 81.43.101.247
-81.56.198.200
-82.146.49.59
-82.196.1.74
-82.253.156.136
+82.137.216.202
+82.166.24.224
 82.80.143.205
 82.80.190.27
 82.80.63.165
 82.81.27.115
 83.132.244.60
+83.166.247.73
 83.170.193.178
 84.108.209.36
 84.214.54.25
 84.214.54.35
-85.171.136.37
 85.185.20.69
 85.222.91.82
 85.70.68.107
@@ -597,9 +580,11 @@
 86.35.153.146
 86.5.70.142
 87.116.151.239
+87.241.135.139
 87.244.5.18
 88.147.109.129
 88.247.170.137
+88.249.120.216
 89.115.23.13
 89.122.126.17
 89.133.14.96
@@ -629,32 +614,36 @@
 93.56.36.84
 94.244.25.21
 94.52.37.14
-95.177.143.55
+95.179.214.247
 95.9.220.134
 98.116.131.34
 98.196.79.17
 98.200.233.150
 99.50.211.58
 99.62.142.44
+9casino.net
 9youwang.com
 Heavensconcept.ng
 a-kiss.ru
-a.rokket.space
 a.xiazai163.com
 a46.bulehero.in
+abccomics.com.br
 abiaram.com
 acceptdatatime.com
 accessclub.jp
 accountlimited.altervista.org
 acdhon.com
+aceleradostanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+aceroymagiwww.siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 acghope.com
 achauseed.com
 acm.ee
 acmemetal.com.hk
 acquainaria.com
-acropol.com.eg
 acsentials.com
 act-mag.com
+actinix.com
+actionfraud.coqianlong.watchdogdns.duckdns.org
 adambenny.org
 adaptronic.ru
 adarma.xyz
@@ -673,11 +662,11 @@ africimmo.com
 afshari.yazdvip.ir
 aghigh.yazdvip.ir
 agilife.pl
-aginversiones.net
 agulino.com
 ah.download.cycore.cn
 ahmadalhanandeh.com
 aierswatch.com
+aipctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 airmasterbh.com
 airmod.com.br
 aiwaviagens.com
@@ -685,21 +674,21 @@ aiwhevye.applekid.cn
 ajansred.com
 ajexin.com
 ajisushigrill.com
-akaneito.com
-akg-eng.net
 akiko.izmsystem.net
 aksaraycocukaktivitemerkezi.com
-aktivstroi-dv.ru
 al-wahd.com
+alabarderomadrid.es
 alainghazal.com
 alaskanmarineministries.com
 alba1004.co.kr
 alesya.es
 alexhhh.chat.ru
 alexzstroy.ru
-alfacerimonial.com
+alfaqihuddin.com
 algoritm2.ru
+alhabib7.com
 ali-apk.wdjcdn.com
+all4dl.ir
 allaboutpoolsnbuilder.com
 allens.youcheckit.ca
 allloveseries.com
@@ -715,14 +704,16 @@ am-tex.net
 amarcoldstorage.com
 amare-spa.ru
 amariaapartsminaclavero.000webhostapp.com
+amatis.in
 amazonvietnampharma.com.vn
+amd.alibuf.com
+ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 ameen-brothers.com
 amigosforever.net
+amjelectrical.co.zeasypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 amocrmkrg.kz
-anadolu.tv.tr
 andam3in1.com
 andonia.com
-andrees.com.es
 andreysharanov.info
 angelageorgesphotography.com
 ankarabeads.com
@@ -730,26 +721,27 @@ ankaraliderlikzirvesi.com
 anket.kalthefest.org
 annual.fph.tu.ac.th
 anvietpro.com
+apartamentyeuropa.pl
 api.iwangsen.com
 apk05.appcms.3xiazai.com
 apkelectrical.com.au
 apoolcondo.com
 app.myresource.center
+appinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 application.cravingsgroup.com
 aptigence.com.au
 apware.co.kr
 aqualand-chalets.com
-aquilastudios.se
 ara.desa.id
-archiware.ir
+arash.tcoqianlong.watchdogdns.duckdns.org
 arcpine.com
-aressecurity.com.co
 argentarium.pl
 arifcagan.com
 aristodiyeti.com.tr
 armand-productions.com
 arrozdoce.net
 arsenal-rk.ru
+arsenel-bg.com
 arstecne.net
 art.nfile.net
 artebru.com
@@ -762,15 +754,15 @@ asialinklogistics.com
 asndjqwnewq.com
 asztar.pl
 atphitech.com
-atreticandlawns.com.au
 attach.66rpg.com
 atteuqpotentialunlimited.com
 aucklandluxuryrealestatelistings.com
-audicof.com
 audihd.be
+aufaazkia.com
 aulist.com
 aussietruffles.com
 authenticity.id
+auto-agent24bounces.duoliprudential.com.watchdogdns.duckdns.org
 ava-group.us
 avazturizm.com
 aviationradio.plus.com
@@ -783,7 +775,10 @@ aycauyanik.com
 aygwzxqa.applekid.cn
 azaelindia.com
 azraglobalnetwork.com.my
+azubita107s3.watchdogdns.duckdns.org
+azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 babyparrots.it
+bachhoatructuyen.com.vn
 baixenoibai24h.com
 balajisewasamiti.org
 balkaniks.de
@@ -791,10 +786,8 @@ balkanteam.ba
 bantuartsatelier.org
 bapo.granudan.cn
 baptysci.waw.pl
-barabooseniorhigh.com
 barbershopcomedynyc.com
 barhat.info
-barjockeysclub.com
 barrycaputo.com
 basch.eu
 batdongsan3b.com
@@ -813,11 +806,14 @@ bdcarezone.com
 bdtube.pl
 beepme.eu
 beforeuwander.com
+befounddigitalmarketing.com
 behomespa.com
 bekamp3.com
 bendershub.com
 benekengineering.com
+benfey.ciprudential.com.watchdogdns.duckdns.org
 benomconsult.com
+benstrange.co.uk
 bepcuicaitien.com
 bepgroup.com.hk
 bero.0ok.de
@@ -826,22 +822,23 @@ bestdeals-online.co.uk
 bestsearchonweb.com
 bethrow.co.uk
 better-1win.com
-bezambici.com
 bhplazatravel.com
 biennhoquan.com
 bietthunghiduong24h.info
+big.5072610.ru
 binaryrep.loan
+binderkvasa.ru
 biquyettansoi.com
-birchgroupllc.com
 birminghampcc.com
 bizqsoft.com
 bizresilience.com
-bjkumdo.com
+bjnrwwww.watchdogdns.duckdns.org
 bk-brandstory.mdscreative.com
 bkm-adwokaci.pl
-bksecurity.sk
 blackout.pub
 blinkblink.eu
+blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
+blog.embratonlife.com.br
 blog.powersoft.net.ec
 blogs.cricskill.com
 bluehammerproperties.com
@@ -851,13 +848,19 @@ bohobitches.co.uk
 bolumutluturizm.com
 bonheur-salon.net
 bonzi.top
+bookfair.cociprudential.com.watchdogdns.duckdns.org
 bottraxanhtini.com
+bounces.duoliprudential.com.watchdogdns.duckdns.org
+bouresmau-gsf.com
 boylondon.jaanhsoft.kr
 bparj.xyz
+bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 brainchildmultimediagroup.com
 brameda.com
 brick-b.com
+brighton.infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 brisson-taxidermiste.fr
+brjsrwaco.watchdogdns.duckdns.org
 brucelin.co
 brunotalledo.com
 bryansk-agro.com
@@ -868,45 +871,44 @@ bundle.kpzip.com
 buonbantenmien.com
 burasiaksaray.com
 burodetuin.nl
+buseguzellikmerkezi.com
+businessmanagemewww.watchdogdns.duckdns.org
 bvs-sas.com
 bvxk.vatphamtamlinh.net
 c.pieshua.com
 c2c.webprojemiz.com
-ca.hashpost.org
-ca.monerov8.com
-ca.posthash.org
 cache.windowsdefenderhost.com
 cadencespa.net
 caferaclete.pt
 cafesoft.ru
 callblocker-my.sharepoint.com
 cambozseo.com
+camerathongminh.com.vn
 canhocaocap24h.info
 canhokhangdien.net
 canhooceangate.com
 captipic.com
 caraccessonriesr9.com
 careforthesheep.org
-carefreepet.com
 caringsoul.org
-carlpalmer.readeranswer.com
 carnetatamexico.com.mx
 carolechabrand.it
+cars4sale-online.lists.coqianlong.watchdogdns.duckdns.org
 carsonbiz.com
 casadasquintas.com
 casanbenito.com
-cash-lovers.com
 cash888.net
+cateringbangkok.in.th
 cathome.org.tw
 catk.hbca.org.cn
+cbmagency.com
 cbup1.cache.wps.cn
+ccomduoliprudential.com.watchdogdns.duckdns.org
 ccowan.com
-cdn-10049480.file.myqcloud.com
 cdn.file6.goodid.com
 cdn.fullpccare.com
 cdn4.css361.com
 cds.w2w3w6q4.hwcdn.net
-cedricvuarnoz.ch
 celiavaladao.com.br
 centerline.co.kr
 ceoseguros.com
@@ -920,9 +922,11 @@ cfs4.tistory.com
 cfs8.tistory.com
 cfs9.tistory.com
 cgameres.game.yy.com
+cgov.rsmart-testsolutions.watchdogdns.duckdns.org
 ch.rmu.ac.th
 chadikaysora.com
 chalesmontanha.com
+champagnerenovations.parm6web-tracking.cocomputewww.watchdogdns.duckdns.org
 championsportspune.com
 changematterscounselling.com
 changemindbusiness.com
@@ -932,6 +936,7 @@ charihome.com
 charm.bizfxr.com
 cheats4gaming.com
 chenhaitian.com
+chicagorawcakes.com
 chilenoscroatas.cl
 chiltern.org
 chinhdropfile.myvnc.com
@@ -945,20 +950,21 @@ chungchi.edu.vn
 chungkhoannews.com
 chuthapdobg.org.vn
 chuyensacdep.com
-cicekciilhan.com
 cild.edu.vn
 cinarspa.com
+ciprudential.com.watchdogdns.duckdns.org
 circumstanction.com
 citiad.ru
 cityandsuburbanwaste.co.uk
 cityexportcorp.com
 citylawab.com
+cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 ckd.org.uk
 ckobcameroun.com
 cl.ssouy.com
+claireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 clarte-thailand.com
 classishinejewelry.com
-claudiandelarosa.com
 claudio.locatelli.free.fr
 clean.crypt24.in
 clermontmasons.org
@@ -971,26 +977,43 @@ clipestan.com
 cloud.kryptonia.fr
 cloudme.com
 clubcomidasana.es
+cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+cmhmfgoutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 cn.download.ichengyun.net
+cncprocess.fr
 cngda.tw
 cnhdsoft.com
 cnim.mx
 cnzjmsa.gov.cn
+co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+cociprudential.com.watchdogdns.duckdns.org
+cocomputewww.watchdogdns.duckdns.org
 cocukajanslari.com
+coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 codebyshellbot.com
 codnit.com
+coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org
 coinspottechrem.ru
 collagehg.ie
 coloradosyntheticlubricants.com
 colorise.in
 colorshotevents.com
 colslaw.com
+com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
+com.watchdogdns.duckdns.org
+comcastbiz.netbenfey.ciprudential.com.watchdogdns.duckdns.org
 comcom-finances.com
+comduoliprudential.com.watchdogdns.duckdns.org
 compitec.be
 comprendrepouragir.org
+computewww.watchdogdns.duckdns.org
+comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 comtechadsl.com
 conciliodeprincipedepazusa.org
 conectacontualma.com
+coneybeare.coczmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 coneymedia.com
 config.cqhbkjzx.com
 config.wulishow.top
@@ -1004,31 +1027,35 @@ contabilidadecontacerta.com.br
 contaresidencial.com
 coolpedals.co.uk
 coptermotion.aero
+coqianlong.watchdogdns.duckdns.org
 coronadodirectory.com
 corporaciondelsur.com.pe
-cosmoprof.com.gt
+cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 craftyz.shop
+creamistryfranchise.com
 crestailiaca.com
 crittersbythebay.com
 crmz.su
 croesetranslations.com
 crownrentals.net
-cryptovoip.in
+cryptoholders.org
 crystalmind.ru
+csnsoft.com
 csvina.vn
 ctl24.pt
 ctwabenefits.com
 cuahangstore.com
 currencyavenue.com
-currenteventsmemes.com
 cvbintangjaya.com
 cvlancer.com
 cybikbase.com
+czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 czsl.91756.cn
 d.kuai-go.com
 d1.gamersky.net
 d1.paopaoche.net
 d1.udashi.com
+d1.w26.cn
 d2.udashi.com
 d3.99ddd.com
 d4.smzy.com
@@ -1039,7 +1066,6 @@ d9.driver.160.com
 da.alibuf.com
 dabaghi.5gbfree.com
 dadieubavithuyphuong.vn
-dafia.org
 dailywaiz.com
 danceman.club
 danytacreaciones.cl
@@ -1052,7 +1078,9 @@ dash.simplybackers.com
 dat24h.vip
 data.over-blog-kiwi.com
 datacenter.rwebhinda.com
+datacolor.omewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 datarecovery.chat.ru
+datggvoyages.comduoliprudential.com.watchdogdns.duckdns.org
 datos.com.tw
 dauphu.com.vn
 dawaphoto.co.kr
@@ -1066,7 +1094,6 @@ ddup.kaijiaweishi.com
 de-patouillet.com
 deeperwants.com
 deka-asiaresearch.com
-dekorant.com.tr
 delaker.info
 deluvis.net
 demeidenchocolaensnoep.nl
@@ -1078,16 +1105,13 @@ demo.minecraft.edu.vn
 demosthene.org
 denizyildizikresi.com
 dentalradiografias.com
+dential.com.watchdogdns.duckdns.org
 dentistaoliveriblog.it
-dentistmomma.com
 depraetere.net
 der.kuai-go.com
 desatisfier.com
 descubrecartagena.com
-detsad-kr.ru
-dev.familyhospital.vn
 developerparrot.com
-deverlop.familyhospital.vn
 dfcf.91756.cn
 dfzm.91756.cn
 dgecolesdepolice.bf
@@ -1095,9 +1119,8 @@ dgnj.cn
 dgpratomo.com
 dhoffmanfan.chat.ru
 dhpos.com
-dialloaliou.fr
 diamondking.co
-diamondzonebd.com
+diaocthiennam.vn
 diaryofamrs.com
 dichvuvesinhcongnghiep.top
 die-tauchbar.de
@@ -1108,7 +1131,6 @@ digilib.dianhusada.ac.id
 digimacmobiles.com
 dijitalthink.com
 dirc-madagascar.ru
-distro.attaqwapreneur.com
 dixe.online
 dixo.se
 dkck.com.tw
@@ -1122,15 +1144,10 @@ dlainzyniera.pl
 dld.jxwan.com
 dlqz4.oss-cn-hangzhou.aliyuncs.com
 dnn.alibuf.com
-dns.alibuf.com
-dns.fq520000.com
-dockrover.com
+doclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 docteurga.com
-doctorjuliandiaz.com
 doeschapartment.com
 dog.502ok.com
-domanhtrang.com
-domanieccy.pl
 domekan.ru
 dominicanos.xyz
 domproekt56.ru
@@ -1138,12 +1155,12 @@ donsworld.org
 dorsapanel.com
 dorukhankumbet.com
 dosame.com
-doservicework.com
+doverenewables.watchdogdns.duckdns.org
 down.54nb.com
 down.ancamera.co.kr
 down.cltz.cn
 down.ctosus.ru
-down.ecubefile.com
+down.eebbk.net
 down.haote.com
 down.kuwo.cn
 down.leyoucoc.cn
@@ -1158,12 +1175,13 @@ down.softlist.tcroot.cn
 down.startools.co.kr
 down.topsadon.com
 down.travma.site
-down.webbora.com
 down.wifigx.com
+down.xrpdf.com
 down.zynet.pw
 down1.arpun.com
 down1.greenxf.com
 down1.topsadon1.com
+down10b.zol.com.cn
 down11.downyouxi.com
 down5.mqego.com
 down7.downyouxi.com
@@ -1178,6 +1196,7 @@ download.fsyuran.com
 download.instalki.org
 download.mtu.com
 download.pdf00.cn
+download.rising.com.cn
 download.security.baidu.co.th
 download.u7pk.com
 download.ware.ru
@@ -1194,10 +1213,9 @@ dromertontus.com
 dronesremote.com
 drseymacelikgulecol.com
 dryzi.net
-dsdfgdfsdegdf.ru
 duandojiland-sapphire.com
 duannamvanphong.com
-duratransgroup.com
+duoliprudential.com.watchdogdns.duckdns.org
 dutraspedras.com.br
 dvb-upload.com
 dverliga.ru
@@ -1229,13 +1247,15 @@ dx93.downyouxi.com
 dxdown.2cto.com
 dztech.ind.br
 e-basvur.com
-ea-no7.net
+e-recht24firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 earnbdt.com
 earplasticsurgeon.com
 easydown.stnts.com
 easydown.workday360.cn
+easypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 eatyergreens.com
 ec2-13-126-174-234.ap-south-1.compute.amazonaws.com
+ec2-18-130-79-113.eu-west-2.compute.amazonaws.com
 eclairesuits.com
 ecohome.ua
 efficientlifechurch.org
@@ -1246,7 +1266,6 @@ ejadarabia.com
 ejder.com.tr
 ekosisi.com
 elby.nu
-electbloom.com
 electricam.by
 elegance-bio.com
 elena.podolinski.com
@@ -1255,8 +1274,9 @@ elitegrowth.net
 ellallc.org
 ellsworth.diagency.co.uk
 elsgroup.mk
+emailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org
+emdisalud.porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 eminyhr.com
-emregunaydin.com.tr
 en.sun-sen.com
 en.worthfind.com
 endigo.ru
@@ -1264,8 +1284,6 @@ energiisolare.com
 energy-dnepr.com
 energym63.com
 envi-herzog.de
-envi1.com
-enviedepices.fr
 eorums.org
 epaviste-marseille.com
 epta.co.id
@@ -1275,12 +1293,12 @@ eravon.co.in
 erenaydesignbuild.com
 erestauranttrader.com
 erew.kuai-go.com
+ermapictures.com
 eroscenter.co.il
+escolbounces.duoliprudential.com.watchdogdns.duckdns.org
 esence.com.br
 estab.org.tr
 esundaryatayat.com
-et-education.ru
-eticaretdanismani.com
 etliche.pw
 etouchbd.net
 etravelaway.com
@@ -1294,34 +1312,31 @@ ex-bestgroup.com
 excel.sos.pl
 exclusiv-residence.ro
 eximme.com
-expatnations.org
-expertsufa.ru
 f.kuai-go.com
+fair-watduoliprudential.com.watchdogdns.duckdns.org
 fam-koenig.de
-fantasyforeigner.com
+fangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 fantaziamod.by
+farmcomputewww.watchdogdns.duckdns.org
 farmsys.in
 farmsys.scketon.com
 farshzagros.com
 farzandeshad.com
-fashion-world.ga
 fastimmo.fr
 fastsolutions-france.com
-fatinyaroma.com
 faucetbaby.com
 fb.saltermitchell.com
-fenichka.ru
+fenapro.org.br
 fenlabenergy.com
 fernandaestrada.net
 fetchatreat.com
 ff52.ru
-ffb.awebsiteonline.com
 fib.usu.ac.id
 figuig.net
-file.foxitreader.cn
 file.mayter.cn
 file.tancyo.blog.shinobi.jp
 filen3.utengine.co.kr
+files.anjian.com
 files.fqapps.com
 files.hrloo.com
 files.zzattack.org
@@ -1329,25 +1344,27 @@ files6.uludagbilisim.com
 filowserve.com
 finndev.net
 firstdobrasil.com.br
+firststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
+fit-school.ru
 fjorditservices.com
-flapcon.com
 flechabusretiro.com.ar
 flek1.free.fr
+flightcentre.cgov.rsmart-testsolutions.watchdogdns.duckdns.org
 flycourierservice.com
 flz.keygen.ru
+folkbjnrwwww.watchdogdns.duckdns.org
 fondtomafound.org
 fonopar.com.br
 forestaljal.com
 forodigitalpyme.es
 forsalebybuilderusa.com
-forum.webprojemiz.com
 fpw.com.my
 fr.kuai-go.com
 frameaccess.com
+francetvreplay.com
 frankraffaeleandsons.com
 freelancecommunication.fr
 friendsstarintl.com
-frispa.usm.md
 frog.cl
 fst.gov.pk
 fstd.com.tw
@@ -1360,13 +1377,14 @@ funletters.net
 furiousgold.com
 further.tv
 fusioncoin.site
+futurealind.com
 futureskool.com
-fwpanels.com
 fxtraderlog.com
 g34zxc4qwe.com
 gacdn.ru
 galinakulesh.ru
 galladoria.de
+galloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 game111.52zsoft.com
 gamehack.chat.ru
 ganapatihelp.com
@@ -1378,6 +1396,7 @@ gauff.co.ug
 gawefawef114.com
 gazzi.ucoz.net
 gbconnection.vn
+gco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 gd-consultants.com
 gd2.greenxf.com
 gdn.segera.live
@@ -1390,25 +1409,29 @@ general.it
 getaddressclick.com
 gettrafficlinks.com
 gfe.co.th
+ggvoyages.comduoliprudential.com.watchdogdns.duckdns.org
 ghancommercialbank.com
 ghassansugar.com
 ghayoorabbasofficial.com
 ghazalconcert.com
-ghidmamaia.ro
+ghazaldookht.ir
 ghislain.dartois.pagesperso-orange.fr
 giancarloraso.com
 giardiniereluigi.it
 gilhb.com
 globalexporthouse.com
+globotech.blithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 glorialoring.com
 gnb.uz
 gogolwanaagpoultry.com
 golaba.segera.live
 goldenmiller.ro
-golfadventuretours.com
+goldenuv.com
 golihi.com
 gops2.home.pl
+gov.rsmart-testsolutions.watchdogdns.duckdns.org
 goworldmarketing.net
+granportale.com.br
 graphee.cafe24.com
 gratisgiftcards.com
 greatis.com
@@ -1416,11 +1439,9 @@ greatkenyatours.com
 greattechnical.com
 greencampus.uho.ac.id
 greenwhitegranit.com
+gres.czmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 greyradical.com
-groundswellfilms.org
 grouper.ieee.org
-grupomedica.equipment
-grupoouroplan.com.br
 grupporidolfo.com
 gtomeconquista.com
 gulzarhomestay.com
@@ -1446,18 +1467,17 @@ haornews24.com
 hapoo.pet
 happysunfellbach.com
 happysungroup.de
-hardworkingmarketing.com
 harmonyinternationalschools.com
 hashkorea.com
 hashtagvietnam.com
 hataydaskebap.com
 haunnhyundaibacninh.com
 haustechnology.com.br
+hazeldean.co.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 hcchanpin.com
 headbuild.info
 headstride.com
 healingisnotanaccident.com
-healthyenergydaily.party
 heartseasealpacas.com
 heartware.dk
 heatherdawn.com
@@ -1471,16 +1491,16 @@ hezi.91danji.com
 hfmid.bjcma.top
 hhind.co.kr
 hhjfffjsahsdbqwe.com
-hifucancertreatment.com
-hillmann.ru
 hilohdesign.com
+hindislogan.com
 hinterwaldfest.com
 hipecard.yazdvip.ir
 hirelocalchefs.com
 hjsanders.nl
-hnhwkq.com
+hldschool.com
 hnsyxf.com
 hoanganhvunguyen.com
+hoanggiaanh.vn
 hobbysalon-tf.com
 hocviensangtaotomoe.edu.vn
 hoest.com.pk
@@ -1493,28 +1513,34 @@ hondaparadise.co.th
 hongcheng.org.hk
 hookerdeepseafishing.com
 hopperfinishes.com
+hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 host.gomencom.website
 hoteleseconomicosacapulco.com
 hotshot.com.tr
 hourofcode.cn
 htxl.cn
+huc-hkh.orciprudential.com.watchdogdns.duckdns.org
 huhuhu.cf
+hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 huyushop.com
 hwasungchem.co.kr
 hyboriansolutions.net
 hydra100.staroundi.com
 hyey.cn
 hyper.gaminggo.website
+hyunmoon.nfile.net
 ia-planet.com
 iammaddog.ru
 iapjalisco.org.mx
 iar.webprojemiz.com
 ibakery.tungwahcsd.org
-icpnt.org
+icmcce.net
 idealse.com.br
+ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 ielectro.live
 ifpc.ru
 ignaciocasado.com
+igra123.com
 ihatehimsomuch.com
 ihsan152.ru
 ijweaver.com
@@ -1522,21 +1548,24 @@ ilchokak.co.kr
 ililform.se
 illdy.azteam.vn
 illmob.org
-iltopdeltop.com
 images.hbsc-banking.com
 images.tax861.gov.cn
 imf.ru
+img19.vikecn.com
+img54.hbzhan.com
 imoustapha.me
 impulsedu.com
 inceptionradio.planetparanormal.com
 infobreakerz.com
 infornos.com
+infunvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 ingramjapan.com
 ingridkaslik.com
 ingrossostock.it
 ini.588b.com
 ini.egkj.com
 innisfreesvn.com
+inovandosites.com.bporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 insideljpc.com
 instaforexmas.com
 instagramboosting.com
@@ -1547,12 +1576,12 @@ integraga.com
 intelligintion.com
 interbizservices.eu
 intfarma.com
-intranet.neointelligence.com.br
 invisible-miner.pro
 ip.skyzone.mn
 iphonedelivery.com
 iphonelock.ir
-iqhomeyapi.com
+iprudential.com.watchdogdns.duckdns.org
+ir-watduoliprudential.com.watchdogdns.duckdns.org
 iran-gold.com
 irapak.com
 iremart.es
@@ -1566,12 +1595,11 @@ istlain.com
 istratrans.ru
 it-accent.ru
 itechzone.ml
+itimius.com
 iuwrwcvz.applekid.cn
-iventurecard.co.uk
 ivydental.vn
 iwsgct18.in
 izavu.com
-j610033.myjino.ru
 jackservice.com.pl
 jannah.web.id
 japax.co.jp
@@ -1581,6 +1609,7 @@ jayc-productions.com
 jazarah.net
 jbcc.asia
 jbnortonandco.com
+jcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 jghorse.com
 jhandiecohut.com
 jifendownload.2345.cn
@@ -1590,11 +1619,13 @@ jitkla.com
 jj.kuai-go.com
 jlyrique.com
 jmtc.91756.cn
+jobgreben5.store
 joerath.ca
 johnsonearth.com
 jordanembassy.org.au
 jplymell.com
 jsksolutions.co.za
+jsrwaco.watchdogdns.duckdns.org
 juettawest.com
 juliannepowers.com
 junicodecorators.com
@@ -1611,7 +1642,6 @@ kamajankowska.com
 kamasu11.cafe24.com
 kameyacat.ru
 kapuaskampung.com
-karavantekstil.com
 kardelenozelegitim.com
 karditsa.org
 kareebmart.com
@@ -1620,10 +1650,8 @@ katharinen-apotheke-braunschweig.de
 kbfqatar.org
 kblpartners.com
 kdjf.guzaosf.com
-kdoorviet.com
-kelvingee.hys.cz
-kendinyap.club
 kennyandka.com
+kensei-kogyo.com
 kerusiinovasi.com
 keshtafzoon.com
 kevinjonasonline.com
@@ -1646,12 +1674,14 @@ kirtifoods.com
 kittipakdee.com
 klotho.net
 kmet.us
+kmr.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
+kmr.www.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 kn-paradise.net.vn
 kndesign.com.br
 kngcenter.com
 kobacco.com
 kodip.nfile.net
-kokopellz.4fan.cz
+koharu2007.com
 komedhold.com
 konjacteaturkiye.com
 koppacoffeebites.com
@@ -1661,9 +1691,9 @@ kormbat.com
 kosheranguilla.com
 kostrzewapr.pl
 kozaimarinsaat.com
-kpccontracting.ca
 krazyfin.com
 krei.pw
+kriziachiesa.it
 ksolare.com
 ksumnole.org
 kuaizip.com
@@ -1676,9 +1706,9 @@ kynangbanhang.edu.vn
 kynangdaotao.com
 kynanggiaotiepungxu.edu.vn
 kynangthuyettrinh.edu.vn
+l.com.watchdogdns.duckdns.org
 labersa.com
 labphon15.labphon.org
-labtalk.ir
 laflamme-heli.com
 lakematheson.com
 lakshmicollege.org
@@ -1687,9 +1717,10 @@ lanco-flower.ir
 lanele.co.za
 lanhoo.com
 laoliehuo.oss-cn-hangzhou.aliyuncs.com
-laresperanca.com
+lar.biz
 lasementera.org
 latinos-latins.online
+latuagrottaferrata.it
 laurapetrioli.com
 lawindenver.com
 laylalanemusic.com
@@ -1698,27 +1729,23 @@ ld.mediaget.com
 le-castellino.fr
 lead.bilisim2023.com
 lead.vision
+leaflet-map-generator.com
 lebanonturismo.com.br
-leclix.com
 leeericsmith.com
 leeth.org
 lefurle.by
-lehavregenealogie2017.fr
 lelcrb.by
 lemurapparel.cl
 lemycofreight.com
 lenkinabasta.com
-leogrande.club
 lesastucesdemilie.fr
 lesprivatzenith.com
+letgov.rsmart-testsolutions.watchdogdns.duckdns.org
 letmehack.com
 lfenjoy.com
 lg4square.com
 lhzs.923yx.com
-lianglinyiyou.com
 lianzhimen.net
-libdcorp.com
-library.uib.ac.id
 liceulogoga.ro
 lien-hair.jp
 lienquangiare.vn
@@ -1729,39 +1756,47 @@ light.light1234565.5gbfree.com
 lightbox.de
 lightpower.dk
 likecoin.site
-liketop.tk
 limousine-service.cz
 lindseymayfit.com
 linksysdatakeys.se
 lionestateturkey.com
+liprudential.com.watchdogdns.duckdns.org
 lisasdesignstudio.com
+lists.coqianlong.watchdogdns.duckdns.org
 lists.ibiblio.org
 lists.reading.ac.uk
 lithi.io
+lithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 live.cricskill.com
+liveaublithium.hosmarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 livemag.co.za
 livetrack.in
-lizmoneyweb.com
 llhd.jp
 lmgprophesy.com
-localbusinessadvisory.com
 log.yundabao.cn
+lojamariadenazare.com
 lokahifishing.com
 lokantuneraz.com
 lokersmkbwi.com
 londonmarathon2019.kevinmiller66.co.uk
 lonesomerobot.com
 looktravel.ge
+lotusconstructiontl.com
 lovecookingshop.com
-lsaca-nigeria.org
 lussos.com
 lutuyeindonesia.com
+luyenthitoefl.net
 lymphcare-my.sharepoint.com
 m-onefamily.com
 m.az.edu.vn
+m.watchdogdns.duckdns.org
+m6web-tracking.cocomputewww.watchdogdns.duckdns.org
 mackleyn.com
 macsoft.shop
 maf-orleans.fr
+mail-eopbgr00121.outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org
+mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+mail-qk1-f175.ameco.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 mail.amandakayjohnson.com
 mail.optiua.com
 maionline.co.uk
@@ -1774,7 +1809,6 @@ manhattan.yamy.vn
 manhattanluxuryrealestatelistings.com
 manhtructhanhtin.com
 mantoerika.yazdvip.ir
-manualquickbooksespanol.com
 maocg.com
 mapleleafsb.com
 marasopel.com
@@ -1782,26 +1816,26 @@ marchitec.com.br
 maria-tours.com
 marianalypova.com
 marinasuitesnhatrang.com
-marinavinhomes.vn
 marisel.com.ua
 market.optiua.com
+marlboropt.coemailserverhub.ccomduoliprudential.com.watchdogdns.duckdns.org
+marshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 martinoag.com
 masjedkong.ir
-master-of-bitcoin.net
+matematik365.com
 materiacomfor.com
 matex.biz
 mathkinz.com
 matongcaocap.vn
-mausha.ru
 max.bazovskiy.ru
-maxarmstrongradio.com
 maxwatermit2.com
 mayfairissexy.com
 mazharul-hossain.info
+mcdanielconrjsrwaco.watchdogdns.duckdns.org
 mcdel.chat.ru
 mcfp.felk.cvut.cz
-mclplumbing.com
 meandoli.com
+measypayascomsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 media.atwaar.com
 media0.jex.cz
 media0.mypage.cz
@@ -1813,46 +1847,50 @@ media1.huu.cz
 media1.napady.net
 media1.webgarden.cz
 media1.webgarden.es
+mediarox.com
 medicalfarmitalia.it
+medicinaonline.rjsrwaco.watchdogdns.duckdns.org
 melbournecitycollegeptyltd-my.sharepoint.com
-melonacreations.co.za
 menardvidal.com
 menderesbalabankirdugunsalonu.com
 menromenglobaltravels.com.ng
-menzway.com
 mercedes-club-bg.com
 mercurysroadie.com
 mettek.com.tr
 meubackup.terra.com.br
 meunasahbaro.desa.id
+mewww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 mger.co
-mgxconsultancy.com
 mhills.fr
 miamifloridainvestigator.com
 miennamoto.com
 miketec.com.hk
 mimiabner.com
 mine.zarabotaibitok.ru
-miniboone.com
+minenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org
 minifiles.net
 minifyurl.net
 mir-perevozok.com.ua
 miracletours.jp
-mirocaffe.ro
 mirror.tallysolutions.com
+mirtv.watchdogdns.duckdns.org
 missionautosalesinc.com
 misung.nfile.net
 mitsubishidn.com.vn
+mitsubishijogjaklaten.com
 mizutama.com
 mjmstore.com
 mjtodaydaily.com
 mkcelectric.com
 mkk09.kr
+ml.com.watchdogdns.duckdns.org
 mm2017mmm.com
-mmctalent.com
+mmedicinaonline.rjsrwaco.watchdogdns.duckdns.org
 mmmnasdjhqweqwe.com
 mmmooma.zz.am
 mmqremoto3.mastermaq.com.br
+mnarat8.com
+mnkprombusinessmanagemewww.watchdogdns.duckdns.org
 mobile.tourism.poltava.ua
 mod.sibcat.info
 modexcommunications.eu
@@ -1867,10 +1905,11 @@ morin-photo.fr
 morsengthaithai.com
 motorsksa.com
 mowbaza.chat.ru
+mox-sped.pl
 mozarthof.com
 mozillamaintenanceservice.duckdns.org
+mrhinkydink.com
 mrm.lt
-ms.fq520000.com
 mskhangroup.com
 mtrans-rf.net
 muapromotion.com
@@ -1879,11 +1918,13 @@ multishop.ga
 musicmeetshealth.net
 musojoe.com
 mv360.net
+mxd-1253507133.file.myqcloud.com
 my-health-guide.org
 myboysand.me
 myelectrive.com
 myhopeandlife.com
 mymachinery.ca
+mypayanam.com
 myphamhanbok.com
 myqbd.com
 mysuperspy.com
@@ -1897,6 +1938,7 @@ mztm.jp
 mztm.sixcore.jp
 naavina.com
 nadisportsclub.com
+namanpoojansamagri.com
 nanhoo.com
 nanokesif.com
 nanomineraller.com
@@ -1906,21 +1948,22 @@ nathannewman.org
 naturalma.es
 naturaltaiwan.asia
 nauticalpromo.com
-navegadoratt.club
-navigatorpojizni.ru
 nemetboxer.com
-nesbbc.top
+netbenfey.ciprudential.com.watchdogdns.duckdns.org
 neumaticosutilizados.com
 newarkpdmonitor.com
 newbiecontest.org
 newmarketing.no
 newsmediainvestigasi.com
 newwayit.vn
+newxing.com
 nexclick.ir
 next-vision.ro
 nextsearch.co.kr
+nexusonedegoogle.com
 ngkidshop.com
 ngtcclub.org
+nguyendachung.com
 nguyenthanhriori.com
 nhansinhduong.com
 niaa.org.au
@@ -1941,6 +1984,7 @@ noithatshop.vn
 nondollarreport.com
 nongkerongnews.com
 nonton.myvidio.site
+norchempharm.cjcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 norsterra.cn
 northmaint.se
 noscan.us
@@ -1964,8 +2008,9 @@ old.vide-crede.pl
 oldmemoriescc.com
 oliveiraejesus.com.br
 olyfkloof.co.za
+om.watchdogdns.duckdns.org
 omegamanagement.pl
-omidsalamat.ir
+ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org
 omolara.net
 omsk-osma.ru
 onetechblog.tek1.top
@@ -1978,28 +2023,32 @@ opcbgpharma.com
 opticalexpressbd.com
 optimasaludmental.com
 optionscity.com
+orciprudential.com.watchdogdns.duckdns.org
 orderauto.es
 orglux.site
 orhangencebay.gen.tr
 orishinecarwash.com
 ortotomsk.ru
 osdsoft.com
-ossi4.51cto.com
 ostappnp.myjino.ru
 ostyle-shop.net
 otterloo.nl
 ouie.studio
+outbound.protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org
+outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 owwwa.com
-p1.lingpao8.com
 p2.lingpao8.com
 p3.zbjimg.com
 p30qom.ir
 p6.zbjimg.com
 packshotclippingpath.com
 paewaterfilter.com
+pakmedcon.com
 palermosleepcheap.com
 palmer-llc.kz
 pandasaurs.com
+park-acre.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+parm6web-tracking.cocomputewww.watchdogdns.duckdns.org
 parsintelligent.com
 pasakoyluagirnakliyat.com
 patch.cdn.topgame.kr
@@ -2015,43 +2064,47 @@ pc6.down.123ch.cn
 pcgame.cdn0.hf-game.com
 pcr1.pc6.com
 pcsoft.down.123ch.cn
+pctruckinieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 pds36.cafe.daum.net
-peccapics.com
+peerlisiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 penfocus.com
 perminas.com.ni
 pesei.it
+peterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 petexpertises.com
 pgarfielduozzelda.band
 phamthudesigner.com
 phantasy-ent.com
 phattrienviet.com.vn
+phongthuyanlac.com
 pickmycamp.com
 pink99.com
 pirotecniazaragozana.live
+pjmanufacturing2fsuppowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 play4fitness.co.uk
 playhard.ru
 pleasureingold.de
 plum.joburg
-pmvc.pt
+pmpawarbounces.duoliprudential.com.watchdogdns.duckdns.org
+pocketchfangmwww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 pocketmate.com
 pokorassociates.com
 polytechunitedstates.com
 pontotocdistrictba.com
+porsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 porteous.ch
 portriverhotel.com
 posicionamientowebcadiz.es
 posmaster.co.kr
 posta.co.tz
-postvirale.com
 powerdrive-eng.com
 powertec-sy.com
 powervalves.com.ar
-ppp-au.com
 pracowniaroznosci.pl
-prdbrasil.com.br
+premereinvio.eu
 premier-pavers.com
+prenak.com
 prfancy-th.com
-princetonsuppliers.co.uk
 print.abcreative.com
 prithvigroup.net
 private.cgex.in
@@ -2059,30 +2112,37 @@ probost.cz
 projectonebuilding.com.au
 pronews.vn
 propolisterbaik.com
-prostranstvorosta.ru
-protecaoportal.com.br
+protection.ominenergo.gov.rsmart-testsolutions.watchdogdns.duckdns.org
+protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
+prudential.com.watchdogdns.duckdns.org
 psakpk.com
 psychod.chat.ru
 ptmskonuco.me.gob.ve
 puertascuesta.com
 pujjr-cs.oss-cn-hangzhou.aliyuncs.com
-pw-financial.net
+pv50p00im-ztbu10021601.ml.com.watchdogdns.duckdns.org
 pw.wasaqiya.com
+pyrzowiceekssiddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
+qianlong.watchdogdns.duckdns.org
 qppl.angiang.gov.vn
 qsongchihotel.com
 quadriconexiones.info
+quangcaovnstar.vn
 quarenta.eu
 quatanggiaminh.com
 quebrangulo.al.gov.br
 quintoesquerdo.net
+qwertynet.hupeterbeckundpartner.cporsgrunn.folkbjnrwwww.watchdogdns.duckdns.org
 rabhomes.com
 radio312.com
 radioviverbem.com.br
+rakuten-insight.cowww.watchdogdns.duckdns.orgwatchdogdns.duckdns.org
 ramenproducciones.com.ar
 rapidc.co.nz
 rarejewelry.net
 rationalalliance.com
 rc.ixiaoyang.cn
+rcsdfoundation.com
 re-set.fr
 realdealhouse.eu
 realtytraining.org
@@ -2099,12 +2159,14 @@ rensgeubbels.nl
 reogtiket.com
 repository.attackiq.net
 research.fph.tu.ac.th
+resonance-pub.watchdogdns.duckdns.org
 resortmasters.com
 reviewzaap.azurewebsites.net
 rexus.com.tr
 rhlnetwork.com
 riaztex.com
 rightsense.in
+rjsrwaco.watchdogdns.duckdns.org
 rkverify.securestudies.com
 rncnica.net
 rnosrati.com
@@ -2119,19 +2181,25 @@ ronaldgabbypatterson.com
 rongenfishingpro.com
 rootthemes.com
 ros.vnsharp.com
+rosalos.ug
 rosarioalcadaaraujo.com
 rosero.co
 rosetki.sibcat.info
 rouvamusta.fi
+royalgam6web-tracking.cocomputewww.watchdogdns.duckdns.org
 royalskyworld.com
 royaproduct.ru
+roymex.coappinformdoclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 rrbyupdata.renrenbuyu.com
 rrrradkqwdojnqwd.com
+rsmart-testsolutions.watchdogdns.duckdns.org
 rsquareandco.com
 rt001v5r.eresmas.net
+rudential.com.watchdogdns.duckdns.org
 ruforum.uonbi.ac.ke
 rumahsuluh.or.id
 ruoubiaplaza.com
+ruresonance-pub.watchdogdns.duckdns.org
 rus-fishing.com
 s-pl.ru
 s.51shijuan.com
@@ -2146,9 +2214,9 @@ sahathaikasetpan.com
 saheemnet.com
 saigon24h.net
 saigonthinhvuong.net
-sainashabake.com
 saint-mike.com
 salahealthy.ir
+samar.media
 samettanriverdi.com
 saminvestmentsbv.com
 sanatarti.com
@@ -2163,13 +2231,13 @@ schrott-stuttgart.com
 scjelah.com
 scopice.com
 scouthibbs.com
+sczlsgs.com
 sealonbd.com
 searchingforsoulministry.org
 seccomsolutions.com.au
 secondmortgagerates.ca
 secscan.oss-cn-hangzhou.aliyuncs.com
 secumor.com
-securesharedservices.com
 sedotwcsejakarta.com
 seetec.com.br
 seftonplaycouncil.org.uk
@@ -2179,6 +2247,7 @@ selfgazette.net
 sem-ingegneria.com
 sempet.com.tr
 send.webprojemiz.com
+senital.co.uk
 sentrypc.download
 seraflora.com
 serhatevren.godohosting.com
@@ -2192,13 +2261,12 @@ setupadsfile.yxdown.com
 sevesheldon.com
 sexualharassment.in
 sexyfeast.co.uk
-seyh9.com
+seyidogullaripeyzaj.com
 sfbienetre.com
 sfpixs123.dothome.co.kr
-sg123.net
-sgl.kz
 sgm.pc6.com
 sgokta.com
+sgov.rsmart-testsolutions.watchdogdns.duckdns.org
 sgry.jp
 sgventures.co.in
 shailendramathur.com
@@ -2208,7 +2276,6 @@ share.dmca.gripe
 sharingdisciple.com
 shawnballantine.com
 shaysave.com
-shbaoju.com
 shebens.com
 shellter-static.s3.amazonaws.com
 shengen.ru
@@ -2225,6 +2292,7 @@ shoreshot.photos
 shovot27-m.uz
 shrimahaveerinfrastate.in
 sibcat.info
+siddillfirststepsacademym6web-tracking.cocomputewww.watchdogdns.duckdns.org
 sieure.asia
 signcutpro.com
 significadoswords.com
@@ -2233,12 +2301,15 @@ silaracks.com.mx
 sileoturkiye.com
 sim.stikesbanyuwangi.ac.id
 simblissity.co.uk
-simplebsolutions.co.uk
 sinacloud.net
 sinerjias.com.tr
+siriusxmco.zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 sistemagema.com.ar
 sistemastcs.com.br
 sister2sister.today
+sisweb.info
+sitwww.watchdogdns.duckdns.org
+sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 sketchywireframes.com
 skexportsdelhi.com
 skyclub.club
@@ -2249,28 +2320,27 @@ skytechretail.co.uk
 slboutique.com.br
 slk.solarinstalacoes.eng.br
 slpsrgpsrhojifdij.ru
-sm.fq520000.com
 sm.myapp.com
 small.962.net
+smart-testsolutions.watchdogdns.duckdns.org
 smartdogsshop.com
-smartfit.com.pk
+smileclub.co.mail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 smpadvance.com
-smpleisure.co.uk
-smtfmb.com
 snopsd.duckdns.org
 snyderprime.com
 soberandbright.co.uk
 socialworkacademy.in
+soencmedicinaonline.rjsrwaco.watchdogdns.duckdns.org
 sofrehgard.com
-soft.duote.com.cn
+soft.114lk.com
 soft.mgyun.com
 soft2.mgyun.com
 software.rasekhoon.net
 sohaans.com
-sohointeriors.org
 solahartmentari.com
 solarium.energy
 soloenganche.com
+solvefolkbjnrwwww.watchdogdns.duckdns.org
 solvermedia.com.es
 somamradiator.com
 somelie.jp
@@ -2286,9 +2356,6 @@ soyuzhandpan.com
 spamitback.com
 sparkuae.com
 spb0969.ru
-spbllc.yelpix.work
-speakingadda.com
-speechwar.com
 spiritualhealerashish.com
 spitlame.free.fr
 spleenjanitors.com.ng
@@ -2313,6 +2380,7 @@ stablecoinswar.com
 stage.abichama.bm.vinil.co
 stairnaheireann.ie
 standart-uk.ru
+stanleyfoundatioutbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 starcomb.com
 starnslabs.com
 staroil.info
@@ -2321,7 +2389,9 @@ startyourday.co.uk
 static.3001.net
 static.ilclock.com
 static.topxgun.com
+staybigsarash.tcoqianlong.watchdogdns.duckdns.org
 steeldoorscuirass.com
+steeveriano.com
 stemcoderacademy.com
 steveterry.net
 stgroups.co
@@ -2367,27 +2437,34 @@ syntek.net
 systemtechnology.ru
 syubbanulakhyar.com
 t.honker.info
+ta107s3.watchdogdns.duckdns.org
 tabaslotbpress.com
 tadilatmadilat.com
 tahmincik.webprojemiz.com
+taiyo-gr.info
+takarekinfococomputewww.watchdogdns.duckdns.org
 talk-academy.vn
 tamagocin.com
-tantrung.com
 taplamnguoi.com
 tapnprint.co.uk
 taraward.com
 tasarlagelsin.net
 tasha9503.com
+tatgalloprecast.comsketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 tattoohane.com
 taxispalamos.es
 taxispals.com
 tb.ostroleka.pl
+tchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 tck136.com
 tcl-japan.ru
+tcoqianlong.watchdogdns.duckdns.org
+tcy.198424.com
 td111.com
 teambored.co.uk
 teamfluegel.com
 techboy.vn
+techfactory.pk
 techidra.com.br
 tecno-pack.net
 tecnologiaz.com
@@ -2397,27 +2474,24 @@ telegram-tools.ru
 tendep.com
 terifischer.com
 terrible.wine
-test.bhavishyagyan.com
 test.sies.uz
 teste111.hi2.ro
 tewsusa.co
-texeem.com
 tfile.7to.cn
 thaibbqculver.com
-thaidocdaitrang.com
 thaithiennam.vn
 thammydiemquynh.com
 thanhtungtanluoc.com
 thankyoucraig.com
 thatoilchick.com
 thebagforum.com
+thecostatranphu.com
 thedopplershift.co.uk
 theemergeteam.org
 thegiddystitcher.com
 thegioicongdungcu.com
 theinspireddrive.com
 thelvws.com
-themodellabel.com
 thenatureszest.com
 thenutnofastflix2.com
 thepresentationstage.com
@@ -2425,35 +2499,40 @@ therollingshop.com
 theronnieshow.com
 theshoremalacca.com
 theshowzone.com
+theslimyjay.ml
 thewaysistemas.com.br
 thinhphatstore.com
 thinkmonochrome.co.uk
 thosewebbs.com
+thptngochoi.edu.vn
 threemenandamovie.com
 thu-san-world-challenges.org
 thuducland.net
 thuytienacademy.com
+tial.com.watchdogdns.duckdns.org
 tianangdep.com
 tiaoma.org.cn
 tienlambds.com
 tiesmedia.com
 tigress.de
-time.awebsiteonline.com
 timlinger.com
 tiras.org
 tischer.ro
 tischlerkueche.at
 tisoft.vn
 titusrealestate.com.fj
+tku-shorinjikempo.com
 tmmaf.org
 todoemergencias.cl
 tokokusidrap.com
 tolstyakitut.ru
 tongdailyson.com
 tonghopgia.net
+tony-shoes.com
 tonyleme.com.br
 tonypacheco.com
 top-flex.com
+topreach.com.br
 toprecipe.co.uk
 topwinnerglobal.com
 topwintips.com
@@ -2471,7 +2550,6 @@ travma.site
 trddi.com
 tree.sibcat.info
 trialgrouparquitectos.com
-tricountydentalsociety.com
 trinidadnorth.com
 triozon.net
 truenorthtimber.com
@@ -2479,7 +2557,9 @@ tsg339.com
 tsport88.com
 tuananhhotel.com
 tuandecal.net
+tubdispvitvitebsk.by
 tulip-remodeling.com
+turbominebtcminer.com
 turkexportline.com
 tutuler.com
 twistfroyo.com
@@ -2487,19 +2567,24 @@ u1.innerpeer.com
 u5.innerpeer.com
 ucanbisiklet.com
 ucitsaanglicky.sk
+udential.com.watchdogdns.duckdns.org
 uebhyhxw.afgktv.cn
 ujet.infointsale.com
 ulco.tv
+ummydownload.com
 underluckystar.ru
 uniformesjab.com
 universitytransplantcenter.com
 unknown-soft.com
+unvereczamarshallconsulting.ieescolbounces.duoliprudential.com.watchdogdns.duckdns.org
 up.ksbao.com
 up.vltk1ctc.com
 up2m.politanisamarinda.ac.id
 update-res.100public.com
 update.hoiucvl.com
+update.joinbr.com
 update.link66.cn
+update.yalian1000.com
 upgrade.shihuizhu.net
 upgrade.xaircraft.cn
 upgradesoftware2017.com
@@ -2514,15 +2599,13 @@ uycqawua.applekid.cn
 uzopeanspecialisthospital.com
 uzri.net
 vaatzit.autoever.com
-vadhuvarparichay.com
 valencecontrols.com
+van-wonders.co.uk
 vangout.com
 variantmag.com
 vaws.nl
 vaz-synths.com
 vcpesaas.com
-velatoursrls.com
-venta72.ru
 veryboys.com
 verykool.net
 vetesnik.webpark.cz
@@ -2535,6 +2618,7 @@ view52.com
 vigilar.com.br
 villagevideo.com
 vinhomeshalongxanh.xyz
+virtualrally.eu
 visionoflifefoundation.com
 visiontecnologica.cl
 viticomvietnam.com
@@ -2544,13 +2628,17 @@ vorotakuban.ru
 voz2018.com.br
 vw-stickerspro.fr
 w.zhzy999.net
-w4snc.com
+wanderers.com
 wansaiful.com
 wap.dosame.com
+watchdogdns.duckdns.org
+watchdogdns.duckdns.orgwatchdogdns.duckdns.org
+watduoliprudential.com.watchdogdns.duckdns.org
 wavemusicstore.com
 wbd.5636.com
 wcf-old.sibcat.info
 wcy.xiaoshikd.com
+wearebutastory.com
 weatherfordchurch.com
 weblogos.org
 webmail.mercurevte.com
@@ -2558,7 +2646,6 @@ webnuskin.com
 weisbergweb.com
 weresolve.ca
 westland-onderhoud.nl
-westsideresources.org
 wf-hack.com
 wg233.11291.wang
 wg50.11721.wang
@@ -2571,13 +2658,14 @@ williamenterprisetrading.com
 winape.net
 winbacklostlove.com
 winterhalter-hilft.de
-wisdom-services.com
+wiramelayu.com
 wmd9e.a3i1vvv.feteboc.com
+wonderbooth.com.my
 wonderful-davinci-e6a9e8.netlify.com
-wordpress-219768-716732.cloudwaysapps.com
 wordwave.academy
 worldlinkaddress.com
 worldrunner.co.uk
+worshipwarriorsmovement.com
 wowepic.net
 wp.berbahku.id.or.id
 wpdemo.wctravel.com.au
@@ -2593,6 +2681,7 @@ wt72.downyouxi.com
 wt90.downyouxi.com
 wt91.downyouxi.com
 wt92.downyouxi.com
+www-grupotv1-com-br.azurclaireritter.cmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 www2.itcm.edu.mx
 www2.wlwv.k12.or.us
 wxbsc.hzgjp.com
@@ -2608,6 +2697,7 @@ xiaderen.com
 xiaou-game.xugameplay.com
 xiazai.vosonic.com.cn
 xiazai.xiazaiba.com
+xlv.f3322.net
 xn-----6kcabnyujk3amba3araccbdbrg.xn--p1ai
 xn-----9kccsa1afbhzcgd9a1ay5l.xn--p1ai
 xn----7sbb4abj9beddh.xn--p1ai
@@ -2615,17 +2705,16 @@ xn----7sbbdfeovrgh2b6al.xn--p1ai
 xn----7sbhaobqpf0albbckrilel.xn--p1ai
 xn----dtbicbmcv0cdfeb.xn--p1ai
 xn--116-eddot8cge.xn--p1ai
-xn--21-dlc6asabnik.xn--p1ai
 xn--42c9ajcvlnf2e4cncez70aza.com
 xn--777-9cdpxv4b3g4a.xn--p1ai
 xn--80abhfbusccenm1pyb.xn--p1ai
 xn--90achbqoo0ahef9czcb.xn--p1ai
 xn--b3cfud2a8bbhes3dcy9ig0ce4k2g.com
+xri4pork.s3.amazonaws.com
 xtproduction.free.fr
 xzb.198424.com
 xzc.197746.com
 xzc.198424.com
-xzd.197946.com
 y31uv4ra1.vo.llnwd.net
 yachtlifellc.com
 yahyabahadir.com
@@ -2641,28 +2730,27 @@ yearbooktech.com
 yemekolsa.com
 yeniportakalcicegi.com
 yerdendolumtesis.com
+yesky.xzstatic.com
 yfani.com
 yildiriminsaat.com.tr
 yiluzhuanqian.com
 ylgcelik.site
-yonetim.yonpf.com
+ymail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 yourcurrencyrates.com
 yrsmartshoppy.com
 yulv.net
 yushifandb.co.th
 yuxue-1251598079.cossh.myqcloud.com
+zajcmail-oln040092069015.outbound.protection.sketchwefair-watduoliprudential.com.watchdogdns.duckdns.org
 zdy.17110.com
 zebra9100.com
 zh0379.com
-zh100.xzstatic.com
 ziarulrevolutionarul.ro
 zinrop.com
 zionsifac.com
-ziyimusic.com
 ziziused.com
 zj.9553.com
 zoolandia.boo.pl
 zs68.com
 zschmielnik.ostnet.pl
 zxminer.com
-zzajqwnewq.com