###Bundle details and download
https://www.extrahop.com/bundles/mitchell/russian-dns-queries/
###Description
Malware components can run DNS lookups on the “.ru” TLD to exfiltrate data or look for command and control servers. This Bundle takes DNS queries for “.ru” domains and ties them back to the clients making the query.