URLhaus Database

You are currently viewing the URLhaus database entry for http://flikh.com/flikh/6718-yp53b-vlpzyo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:159789
URL:http://flikh.com/flikh/6718-yp53b-vlpzyo/
URL Status:Offline
Host:flikh.com
Date added:2019-03-15 05:23:12 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-03-15 05:24:03 UTC to abuse{at}alterascape[dot]com)
Takedown time:12 hours, 4 minutes Good
Tags:emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-03-15425720901404.docdocdfdd975cd860626d4edcbc854d8b867fc2d05a953524884d4cbb75cc72ff9b4fn/aHeodo
2019-03-15PAY67361990263674231120.docdoc2c26a0a8a62cccc87a258f73ac8d0a3ed16b75ae85923251140d14b174fa200cVirustotal results 13 / 56 (23.21)Heodo
2019-03-15PAY659250990557518401.docdocf123c3f1bb4c1bb17297cf1b7d6f247a20e84d06a4888e50461d846621e6fcbeVirustotal results 13 / 60 (21.67)Heodo
2019-03-15US15331199887513.docdocab64cafb80f50f8178f035adfa03d893da9db01cfaa47ff2fbe15be89014b86bn/aHeodo
2019-03-15ACC290258455938301494.docdoc56443b5dcae8501d615a7b2982bdb51c47bb7fe239224ea898da35bcad6511aaVirustotal results 12 / 55 (21.82)Heodo
2019-03-15SCW83103434477756072953.docdoc98dd2b2f79cf4d684466ef6f3eb60c6cc5380f3482f10ed3adb93ce5c5783760n/aHeodo
2019-03-15QAG15541990932240987684.docdoc40f585459627ac46733137a24070168b295c44af801e144b8c3a4295a11713ebVirustotal results 14 / 58 (24.14)Heodo
2019-03-156837607794.docdoc688a43d13e6e2705c89c40d50d19439b6115957c819de8aed256b213303d0be8Virustotal results 12 / 57 (21.05)Heodo
2019-03-15INSTR2532765294.docdocf08b97e6d49b39e6b582adb71eabd39278c242625c31530c6cf9d79120a92a5aVirustotal results 12 / 56 (21.43)Heodo
2019-03-15GM3356261198.docdoc73133e1ac9f4b0354b9e32b8c15bd19b0a47773dc7e200c133b87f7e250ccf00Virustotal results 12 / 56 (21.43)Heodo
2019-03-15INSTR2446334840534950897.docdoc78475fe5467a1edc384b7c514bb877dc39be78037462809c4200b70ddeb93fafVirustotal results 12 / 55 (21.82)Heodo
2019-03-15US37392019299.docdoc6687c785ca45539ea76158d1af08f3e58031d01130cb76d510863f786aebf4fbVirustotal results 13 / 59 (22.03)Heodo
2019-03-15INSTR51878674158.docdoc3e8d1d3cbecdc6d8de0d0331bf79ebb6ff555b575e2e91c66f2040bd9f744a3eVirustotal results 13 / 59 (22.03)Heodo
2019-03-15US299465470217.docdocfb46729bc2d71e7467f8fbb25a967882172b8de20b7777729593ed18ec2be2ceVirustotal results 13 / 58 (22.41)Heodo
2019-03-15807373394873042.docdocebd2e95e7f136fa2274b9f0711394a78252c3f146aef707f75e6b81d8483d9b0n/aHeodo
2019-03-15PAY70161465130698.docdocc7a16fe65d845ff45e5896b2b46510ca06c295e5fdb87b3089f2164d56f96fe4Virustotal results 13 / 57 (22.81)Heodo
2019-03-15ACC599757032.docdoc2669686968d5761cbd9ccf6cfb1e2cbf2b36b174c9b7595b15b82971ad131573n/aHeodo
2019-03-15US2745459489697888974.docdocec6c34b5caf9381cd07ac2f6ed1320707e64e5ab77b19751d89116d1c81fc00aVirustotal results 19 / 56 (33.93)Heodo