URLhaus Database

You are currently viewing the URLhaus database entry for https://www.thermalswitchfactory.com/99jxom2/kEVK-qhBI6_EIj-8P/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	167309
URL:	https://www.thermalswitchfactory.com/99jxom2/kEVK-qhBI6_EIj-8P/
URL Status:	Offline
Host:	www.thermalswitchfactory.com
Date added:	2019-03-27 18:28:11 UTC
Last online:	2019-04-17 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-03-27 18:30:03 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:	21 days, 3 hours, 52 minutes (down since 2019-04-17 22:22:57 UTC)
Tags:	emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-03-29	2019_03_NT643429049334172934___88317251093499041163.doc	doc	c76605838dcf51882c817190fb690280fa6a777d100f60e55d67047250cb516c	21.67%	Heodo
2019-03-29	2019_03_US826393545___40476970826740.doc	doc	b707e23ae5aee2659daa0b4bb50c72d654c6d9a3efac0fb2b9ae75b5f1f1d39e	21.31%	Heodo
2019-03-29	2019_03_87221750052859___956799248343948.doc	doc	6e59d87e781c3e31484aaa4bc02a78033751069f0c3a9ed871aaee3c41ea673b	21.05%	Heodo
2019-03-29	2019_03_TGPD4003960891029___355560553691382.doc	doc	9394fa9d8a0b1a890de21f503494d53874b2aeabbd76e722811df0dfff1b7d32	21.67%	Heodo
2019-03-29	2019_03_INSTR63455520655950___1723373069476217.doc	doc	558cfe4cfff4823414f02afe85768443f30ba17da372e342a3c3f8e70ac2e4d0	22.41%	Heodo
2019-03-28	2019_03___US___INSTR358428274___5660281868225.doc	doc	fbd0e3251cf537e34b027caf6ff191c7ba0bedefbff64fed270b3c5d72fe84a7	20.69%	Heodo
2019-03-28	2019_03___US___US82905590611194446___9997779756309166.doc	doc	7d805fd6032eb14134efe16f128638bb6ea296911ad55fac6340ace72707f251	20.00%	Heodo
2019-03-28	2019_03___US___US0501434532278477063___6840037957864120.doc	doc	1da44ccc2eb250ca1283e6b12e92d326169112ae88c9b1b9800fa1868257628e	20.00%	Heodo
2019-03-28	2019_03___US___PAY7062282113577721___355674747.doc	doc	084d0997def7560fa87cb31751f21177cc3d0efc904a4901472b2cdb5225ee5c	20.34%	Heodo
2019-03-28	2019_03___US___US27122148691628556534___593363921679.zip	zip	8d6a2e28961121c3e85e1a6d8c48a8555344965c33d7357162a0d8af2fec09e0	n/a
2019-03-27	2019_03___US___VD28073938453___666771344.zip	zip	6e52aabcb7b2864610f11a998139b2c5b86b477e1e9292bdbea4b38938f09f1c	n/a
2019-03-27	2019_03___US___ACC5796633482790047___50859084645.zip	zip	a5e0949e4f5b3a4ace72a67efef902b21c73ff5f6c7dadd7f7002af7d9872b57	n/a
2019-03-27	2019_03___US___1179122616939___07359339800219608.zip	zip	40af3d57113c052df15ae019302c4b0d11573b92d884d19f4d646703d934e45a	n/a
2019-03-27	2019_03___US___UMEDS4528813182883566___350880718324313.zip	zip	50a8b7a8d647b3959d959af591e12b4ab54537790a1f690097d6d12e4f03718c	n/a
2019-03-27	2019_03___US___PAY8799764336___7348516179598.zip	zip	34051cc371432023327fbc6540a69000a6502ef7b8a9545e81a1e39c26e9821b	n/a
2019-03-27	2019_03___US___42366927275112___15750130449.zip	zip	7f312820f08c66378e24a1c50f4b9ca7260c95d78d11d0a9dc343d4abb3915e7	n/a
2019-03-27	2019_03___US___739443868___4762319092794.zip	zip	3774046d2fda61d96085d94516d056a38e1b07d729c4db34a052e0d3f392946d	n/a
2019-03-27	2019_03___US___US18010849274530992970___2584118856384.zip	zip	6231ce3889db18ed0ba02185d7b2efaa5476b201a0bd18315388d822fb7c9a20	n/a
2019-03-27	2019_03___US___INSTR28661025699058757915___004281010608228.zip	zip	4c8372cb0e64b9b81b5739b67099908bb9fab369c791fb811569ed3d93985b30	n/a
2019-03-27	2019_03___US___INSTR9557926193387845___49534515502.zip	zip	da7abca7f87d06b70d0ad97e96bbd7b54f7b1b4460b36df192a99153ab9dc13a	n/a
2019-03-27	2019_03___US___INSTR78693283941568310011___500325849787806.zip	zip	d70e487f3fae46cd02703cea6d79bf1be2afdc2bf4d35c07dee977cbb3560f71	n/a
2019-03-27	2019_03___US___PAY3762036144825179___131399945.zip	zip	964f83c51a0cd03be9d4a366530ba70eb10d381459de81cccb5d14c753bc391d	22.03%
2019-03-27	2019_03___US___SC13189375717___25289640786022777890.zip	zip	ce31415531f8761721106f735ab33f6e2b7417d7db16ae67002a15d07f2193f9	n/a