URLhaus Database

You are currently viewing the URLhaus database entry for http://bergdale.co.za/wp-includes/sendincencrypt/legal/ios/En/032019/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:153767
URL: http://bergdale.co.za/wp-includes/sendincencrypt/legal/ios/En/032019/
URL Status:Offline
Host: bergdale.co.za
Date added:2019-03-06 22:56:06 UTC
Last online:2019-03-11 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2019-03-06 22:58:02 UTC to abuse{at}optinet[dot]net)
Takedown time:4 days, 15 hours, 17 minutes Bad (down since 2019-03-11 14:15:47 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-03-08Encrypted_message_8874351329.docdoc ef7c742f61c466d5d77ac86b31e2b9f7e2a535104020b3bc7de2ccd03a94c959n/a Heodo
2019-03-08Secure_mes_39027922.docdoc 56af49edd7b00a2dad749776515c6a14e09d63aea601395e3c167b97b1fd804cn/a Heodo
2019-03-08Secure_Email_file_868502865.docdoc f2ed7bb68389423fb8d241cbf63546f4e21a52fa65317e19b9e298f4a18bcf2bVirustotal results 27.78% Heodo
2019-03-08Secure_mes_9176888252.docdoc 4fb55c90599b0abe1a2677a6b813d6f43336b2014e14d993f79a4e5014b81a9cVirustotal results 27.78% Heodo
2019-03-08Secure_message_257144000.docdoc 93c291b0d5725580609b7af4c20d787a71f244c7dea1a51e05dbe27f642ac079n/a Heodo
2019-03-08Secure_Email_file_064076732.docdoc 6176a8eb2818932d336455a12a1517cd4eaab7bef99f263e55bb66722a714fe5n/a Heodo
2019-03-08Secure_Email_file_18520038.docdoc 66fd72d2fcd11f4b369903f28687f701c0e8c165da481c28216e8950c027b100Virustotal results 31.58% Heodo
2019-03-08Secure_Email_file_003454251.docdoc 8deea743467e95136dfa0114c8297d7ea034ebd4ddc596b07b4f6c9bca70189cVirustotal results 27.78% Heodo
2019-03-08Enc_message_67109850.docdoc 5b772f6b3d2f6e23cb781a0f2bd53e219da83441b11f71fcb92b22e44f9055d8Virustotal results 27.59% Heodo
2019-03-08Enc_message_4231100114.docdoc 7e5cf9bae19a82d8a8c9982656c86428306a62bccdcab6b46f867a296656cc37Virustotal results 27.59% Heodo
2019-03-08Encrypted_Email_file_7790504777.docdoc 7fe1ae520a0804f86537ed35cbccb2e066cb33bc78ad9d969043bffcd5377423Virustotal results 27.59% Heodo
2019-03-08Encrypted_message_50379765.docdoc d0bb4dbd29ba4a8a3673650acde2fdf389705b95b29c6ec1d01a356d96ed6b85Virustotal results 25.93% Heodo
2019-03-08Enc_message_188137775.docdoc a9101fb79a8217a8656e29dbe0c65d3b5245979e31f810d963cad0e0fa303d1bVirustotal results 27.59% Heodo
2019-03-08Enc_message_849119748.docdoc 8c4b4a770505ec33acb77078563c15e3bd3270a6c772f68aad78adf6fc524579Virustotal results 29.31% Heodo
2019-03-08Secure_mes_52205511.docdoc 0f68f035991bc2559d7d06ae07571e49745d46f1690d12758dec39c572cc1e4cVirustotal results 29.31% Heodo
2019-03-08Enc_message_6115075126.docdoc 8ecbea15be645ca63bb9dc055627c78578cc5e582724ec6db03fc8dc78c49c0bVirustotal results 27.59% Heodo
2019-03-08Encrypted_message_120888542.docdoc 490b957ea496a5d66d0fff7248577a51f13879455e8c04da2f5be2760e34701en/a Heodo
2019-03-08Enc_message_8443921857.docdoc ae4a1b0a6e544f646f5825200275321bc2a81524e0498211b8ae4380a799839cn/a Heodo
2019-03-08Secure_mes_3019747118.docdoc 9c0166f87e7bcc8585c45ba133d0c080b6c7c2b15072635a3bf0589df1cb30bbVirustotal results 26.32% Heodo
2019-03-08Enc_message_561067402.docdoc df5be85b50ff9adaf13a28a70d45eda86654ee94a7244e52ea3cfcd631a6c2d9n/a Heodo
2019-03-08Secure_Email_file_349656206.docdoc a9709e436dca26c8295491673c2bb5bb0c828417dd647b351c7a760190303302n/a Heodo
2019-03-08Encrypted_message_9476458014.docdoc e0ec0c34c253ca24b9c5bc073e1bcfab2e1277bc225f8614a86447238d672299n/a Heodo
2019-03-08Secure_mes_850767796.docdoc 686b74116fbf142696a2a324a888f15d06114fa3f441207e642213f0049b7b12Virustotal results 24.53% Heodo
2019-03-08Encrypted_message_8497210774.docdoc eb4a1752171b0ce8a145510e95399ad4f2190431a1ea0618c66dd75f875faf9bn/a 
2019-03-08Enc_message_407540937.docdoc 674ff37406bc313bec7cbe68760bff2f8231391613b8c72e1f399989ca103adfn/a Heodo
2019-03-08Encrypted_message_404173321.docdoc fcbd8812d247ed0105b053d8361f42d9d17811308706b1e5ecdb1d5ce22fc34dn/a Heodo
2019-03-08Secure_mes_3278039668.docdoc bc2a94679f8ddec5fd9c29be022d9f288d79e227d2876e5d0db7597dd672a94fVirustotal results 26.32% Heodo
2019-03-08Secure_message_028836290.docdoc 543c860b7e9698dbf98db2325d9a99fff72b0f98684bdb7539d08f5affb08546Virustotal results 25.00% Heodo
2019-03-08Encrypted_message_7003512262.docdoc ef1be53df4b6aba4f43e86a7ee2c8d02bc4981ac6d129df3cb9a53b63abfd9bfn/a Heodo
2019-03-08Secure_mes_46073544.docdoc 4f772a0ca2f6cb545820cd0ef0bde058e2a8a06158d3a1a7bfa5fc21334797f6n/a Heodo
2019-03-08Secure_mes_375980326.docdoc d33f7702d9a99fb891424d9bd2eda097d271b6b0b0a1b29c146afd6799dc5f54n/a Heodo
2019-03-08Enc_message_482400174.docdoc 1d27a1cffd9dea525ae345daa662ad8944d27c0e42785ea542ef0514697d6858Virustotal results 24.07% 
2019-03-08Secure_mes_682401232.docdoc a75bab79acd6be7dffc4b2717a5257d34ac8ac180cad63bb4fea6517bebc65c9n/a Heodo
2019-03-08Encrypted_message_204300829.docdoc e77bf37e4c30639b30690a92285ee4df5df5484ba5a7a84cad68f7c9bc9984edVirustotal results 31.03% Heodo
2019-03-08Secure_mes_2808266503.docdoc 4289a51b6543bc74580644984be3627327e2cc0a980f69d07245447f9e55f914n/a Heodo
2019-03-08Encrypted_message_715994118.docdoc 3c07899957b4500a67e0106736679363be684adbfe01002cda1d70819e3d64d1n/a Heodo
2019-03-08Secure_Email_file_513725073.docdoc 241ab13c1886afcc0ffff9567f0a41ac863a6c26a13729574f7e50e20c0d0721n/a Heodo
2019-03-08Secure_mes_269724089.docdoc 47313ae4624a6125fb4226674c0651b60880628c64f433aaf07a3d291d6e1707Virustotal results 33.33% Heodo
2019-03-08Secure_message_4136270139.docdoc 58d747b1915ea11ef7df577f0b09c55493187d7c9f7276fce183bb34a431e735Virustotal results 33.93% 
2019-03-08Encrypted_message_468006388.docdoc 4e4dc45d7d8e7cef090dd87bfb1d8e7e74340ec4640ea28ec79c42e5a436911fVirustotal results 33.96% Heodo
2019-03-08Enc_message_267057766.docdoc f813ba8109fa9197bfc593ed11ed5ef2a327ed5eb72bf46a61beb0a5aca7b954n/a 
2019-03-08Secure_message_216454515.docdoc 88b8bd95a66a4c98c9a24119a465b32e6ea72f5ea43efbb1be27da3cda5e2588Virustotal results 33.96% Heodo
2019-03-08Encrypted_message_98931277.docdoc e408a7a533890f58b03c9558e9f3eedde3917df47f8502c2ac669ba0479ecee7n/a Heodo
2019-03-08Secure_mes_36496052.docdoc 631d7c927378cc83593d353b242cdd28ffda717aa669f5efe3a574b126065a13n/a Heodo
2019-03-08Secure_mes_573667655.docdoc 6caf84488f293458b109a1d477bd1230a5feed4e9b9df4267219cfddfb483342n/a 
2019-03-08Secure_message_610059502.docdoc e7ba408f485826430a57cad8cf0240b714f1c6a099f97afadff7e41ed69a2670Virustotal results 35.09% Heodo
2019-03-07Enc_message_64909564.docdoc 5087985b3ac7b85851f5818131aa21f2cc6e6e2d04bd5195899d8434d56ca346Virustotal results 30.36% Heodo
2019-03-07Encrypted_Email_file_586728935.docdoc 796027d77d8f8d01b48d634bd3814c98d2de7a747ab1b9fb2f771759b05ec3efVirustotal results 35.19% Heodo
2019-03-07Secure_message_043146938.docdoc d11de50ccf6e60d9fa3acfb4265adbfbf21fc85a1f77e30e3ecf894deba25d7bVirustotal results 29.63% Heodo
2019-03-07Secure_mes_25803902.docdoc fdc33fe021b8e817f6ffc8098a573d16e66da47696bfef030f2e62031a38e4d5Virustotal results 25.93% Heodo
2019-03-07Secure_message_57871904.docdoc 42eac4d0ff65d910c380eeb9293d1513dfd86443ad93061ee6b33a773da0b33aVirustotal results 26.92% 
2019-03-07Secure_mes_4378681971.docdoc 8d79efbf13c344c171e893d3493baa1678a56d4ea91de03ff9093124d500378aVirustotal results 27.27% Heodo
2019-03-07Secure_Email_file_1598227279.docdoc 9d2f461038779c2e84bc23fd9e18fd5bdbe0f563eb6ee2dee899fb898702cf29Virustotal results 17.86% Heodo
2019-03-07Secure_message_09352753.docdoc 45776dd096ef3f8ca8d5dcecbdec58874b37d5af4487551e547bf4e49b43bb41Virustotal results 20.69% Heodo
2019-03-07Encrypted_message_7559380121.docdoc 14caf67bd9136bcbd77bc76c0789d21b8acb65d313e53a0555259e5070e79b53Virustotal results 18.97% Heodo
2019-03-07Secure_Email_file_5772275506.docdoc 78d3bf462116415f008c6676a71ce66f2b6fbf902cc1629ecb90d57ed46fa52an/a Heodo
2019-03-07Secure_mes_07152969.docdoc 34dd1fe0374ce3e969229223ea1692a1c0d345d92a186f54e310ca4952fbac3an/a Heodo
2019-03-07Enc_message_68615396.docdoc 474e6447f8ae6a09da055b0292e6a600e1383d45ef35710493639e77af645a8dVirustotal results 17.86% Heodo
2019-03-07Secure_Email_file_49515638.docdoc ff7418230b939c94de0b20494402ce44d34aeed003872595901b57142fdc3d2eVirustotal results 16.07% Heodo
2019-03-07Secure_Email_file_6211270617.docdoc 4c982658609190b97d24a0d993fbb8e8d91328e5c924fbaea84f25207c6dff9bVirustotal results 18.97% 
2019-03-07Secure_Email_file_351456065.docdoc f8805f389bec623cdcf480dd23cdd31d7cb91604f451b04500d425240a8728f6Virustotal results 16.36% Heodo
2019-03-07Encrypted_message_54762091.docdoc f23fa8fc04bcf6feb55136efe26950608bfcbad7ce49ef73bba36873ad84c9a5Virustotal results 16.67% Heodo
2019-03-07Secure_Email_file_172918598.docdoc 346e4fe996199a776885c8499b28138c8b0e539ad5754d25351bdcdf16f768dcVirustotal results 16.67% Heodo
2019-03-07Secure_mes_94144373.docdoc ef123208e736851fc25c0b6842e9e259848edbb1aebb444d82bdcfd21b73690cn/a Heodo
2019-03-07Encrypted_message_402616530.docdoc ddfd7c9429afe8454ee680dafffaa5b8ade16654ae2cce6af4608a75f6283ab1Virustotal results 17.24% Heodo
2019-03-07Encrypted_Email_file_3515943874.docdoc 4608b789323fe7b1ff7d918d04a57ece00bfee85b4f491c86e4d11120109a13dVirustotal results 19.64% Heodo
2019-03-07Secure_message_9061131921.docdoc 7923d91d3cf7ea67c0edb794b97033351e52eac8c0bbad261dcb0b3d5a8075d8n/a Heodo
2019-03-07Secure_Email_file_9305237945.docdoc f6d17c7234c366cc969e77112bb4752900fc0aafdbd0ab5fb80026b227727d44n/a Heodo
2019-03-07Secure_mes_0470349815.docdoc 129d4bb4fc6a1247be8dd9fb9a9519709e68d081ad5dc50d91d4e2aa33f1636dn/a Heodo
2019-03-07Secure_Email_file_82593175.docdoc af67ee463e2a8de3c1556ab443cc06e60ab3304a98f162c41f507660e67c598dn/a Heodo
2019-03-07Encrypted_Email_file_4656418482.docdoc 819076d858f945c1230e48fdadf34f204de99e7107cfe0fd0cccefc3cdeb8996n/a Heodo
2019-03-07Secure_mes_72134363.docdoc 31a3f322e34ea56459d746b957864a54d377dc934fd0f7de153d509f92a1704bn/a Heodo
2019-03-07Encrypted_message_609027753.docdoc c2a61549735600faae077332042d94f311e0e30e4e30a60f2ea09ba2674306can/a Heodo
2019-03-07Secure_Email_file_6763610198.docdoc 0a60b80b45d50e0649e6a348e2186a4f2edc2f9abf4cd3a827b44b3251766d36Virustotal results 14.55% Heodo
2019-03-07Secure_mes_9482222348.docdoc f0d9381b818d0220d0c725ff488e488828332c4a1e5561ab34398ea3359ea309n/a Heodo
2019-03-07Secure_Email_file_0251590887.docdoc 2c5e46ad55e44d005f7eb39a5a0967bd984ab5e331044b2498b7a2159f69b331n/a Heodo
2019-03-07Secure_Email_file_74447937.docdoc 639b1b9e46e5d7674d942c5a447b0fce0d19372e343b9eaf730a104a847de26en/a Heodo
2019-03-07Secure_message_9388321516.docdoc 7cd3b353d16cc7d5bb78c0a82d3ae96bb31042399348607d0b3faa3b8929cdd9Virustotal results 20.37% Heodo
2019-03-07Enc_message_67749520.docdoc 068fd5faecd0443857a31230f3de8b1d4a5b5d6d156e23fd52c3fc8461e727a4n/a Heodo
2019-03-07Enc_message_84813403.docdoc 32dc7b0d81391b605335fb4fcf96c044d81028c83e29b8dd3249e279140dac18Virustotal results 19.30% Heodo
2019-03-07Encrypted_message_4379032699.docdoc 2c9cee90673f5c46c52dda89fd60a9120eff8106e38ed147d39b99e564b6339dVirustotal results 19.30% Heodo
2019-03-07Encrypted_message_2280652420.docdoc 9ff92628798eeb45a5fa8b8ceccaf412004fa83af7e4cf10d67b91def29c0c8bVirustotal results 24.56% Heodo
2019-03-07Secure_mes_900364275.docdoc 7fe5588e14e3e6c6994f7f970f95a57c8df3cf9702353c3ab38a4a857e03ca43Virustotal results 18.52% 
2019-03-07Secure_message_8182977997.docdoc 26a4058835160c6df2397ff70b0a23998e5c17a0b920bd307cadf67935311ebcn/a Heodo
2019-03-07Secure_message_478702631.docdoc 508698721286ed9cec798459793fd3d323a15db13b86c2965a83b163c638ebfeVirustotal results 20.37% Heodo
2019-03-07Secure_mes_9906884600.docdoc fa6104f7061212dddab6251d502eb12656e47d4f4a31e3bef9a6aa9e2984e403Virustotal results 18.97% Heodo
2019-03-07Secure_Email_file_993640481.docdoc a822627a75d5fe19fb73e5e52ff7d226bd362593b72d0d50030a47de520a442fVirustotal results 19.64% Heodo
2019-03-06Enc_message_283299628.docdoc c0d497ed93cdf3f86d01f5ce8836f975a5f74d44132f468d112c10324cec0aecVirustotal results 18.97% Heodo
2019-03-06Encrypted_Email_file_1677541815.docdoc 70ece93a1769f7def79e34832f7c1435bdc9ccccec17bd8e677a2e7eec3b29c9n/a Heodo
2019-03-06Encrypted_message_1910311075.docdoc 88d9a8b9a9acb3015c90671e09e42ad30698778edbb841ae96427bd35de3fa09n/a Heodo