URLhaus Database

You are currently viewing the URLhaus database entry for https://www.thebermanlaw.group/wp-content/FILE/9GAhnKQW/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:184508
URL: https://www.thebermanlaw.group/wp-content/FILE/9GAhnKQW/
URL Status:Offline
Host: www.thebermanlaw.group
Date added:2019-04-25 09:26:06 UTC
Last online:2019-05-05 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2019-04-25 09:28:04 UTC to abuse{at}siteground[dot]com)
Takedown time:10 days, 9 hours, 14 minutes Bad (down since 2019-05-05 18:42:15 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-04-27Document_8698507278US_Apr_27_2019.zipzip 21f31ffc89bc043e334500b904c139ca61b9a34f9c9dc56965befba6426a68e4n/a 
2019-04-27FILE_5520804106US_Apr_27_2019.zipzip 72ded17c23bb7e6fdf97474b7c64dfe79f821bb0e429254be5a515eddac8c007n/a 
2019-04-27INC_6777109359US_Apr_27_2019.zipzip 0cd5e318ec44b25f41fd30b323f4a9fa16f110e1e30f72f38395adcefcc36d05n/a 
2019-04-27SCAN_99994213236US_Apr_27_2019.zipzip b92764e7a321c4389a3937d6c46803754b2592759ce287b4ae3ef9ee70262cddn/a 
2019-04-27Document_8552274481US_Apr_27_2019.zipzip 4bec2c1028a04425582a69c702d9668026b634f39644234f651dce179da3725en/a 
2019-04-27INC_9470846550US_Apr_27_2019.zipzip 03bd4dd55cefb552fdfabf4fc9503736d397116f71e1d92b51ceaaff166d536an/a 
2019-04-27SCAN_52430216250US_Apr_27_2019.zipzip dfa4cc8fc84655bf75181dc38a56df9b8badea187615655020c14ce8db2d00b9n/a 
2019-04-27INC_048164516042US_Apr_27_2019.zipzip 0a31794b6111cc84e7ce70c110b91e31de05eca9b6e42011429a6a488646d639n/a 
2019-04-27SCAN_26612104993US_Apr_27_2019.zipzip 1113e835d4a6f2bb6d04646fa04170654eabd81417d2889cfe8f5f0b0ad38a98n/a 
2019-04-27Document_666084761858US_Apr_27_2019.zipzip ad7a45ead78429eb06181907dd8710d01bfef714259f4225945380981c3b0e3fn/a 
2019-04-27FILE_973618838953US_Apr_27_2019.zipzip cf14b571f18a239d57af24dbe2a8835e7dd08c448e5b26a1a9a52ac55dd9cb0bn/a 
2019-04-27DOC_1930614868US_Apr_27_2019.zipzip c7ef585fcee7ab17989cabc7d61c770cb85383502f5a8403b798c5d981d83266n/a 
2019-04-27Document_0014518019US_Apr_27_2019.zipzip 94a2f5b10dc3fea6dc099814868a052ed803d97edcf742813f1c39662a49773bn/a 
2019-04-27SCAN_570452529552US_Apr_27_2019.zipzip c57705db867f4fe71a9c2dff2776066c45759713f4f37a8959165dbdd00d90afn/a 
2019-04-27Document_1312648080US_Apr_27_2019.zipzip e18d6fbe0cbb5c4dc5bdd0d5d5e5f353f13d87a8ae0c661cad2851512e32e10cn/a 
2019-04-27INC_8728139784US_Apr_27_2019.zipzip da3deaf021b3a33ac4cb6f5126dd1fd82ba05e2c63ce78a426f5a143da2214f2n/a 
2019-04-26DOC_94492607029US_Apr_27_2019.zipzip 602654448d3eec12309cbb00c34b8143707c0f9d6cf3003669641aad5275e5f9n/a 
2019-04-26INC_3914845953US_Apr_27_2019.zipzip c0dbbfad868de28b82f02675321aee0bdad3fb71c7255fecd7ba424b8b193dcan/a 
2019-04-26DOC_20516279209US_Apr_27_2019.zipzip a3588040fb63c4bddcbebbd42760354bd6d3b4b56e7f954ede45a949e3805ee4n/a 
2019-04-26SCAN_7756356279US_Apr_27_2019.zipzip ae0d607f02891f36d35466f0d3b9c745b510ebc744d068fccd6b5416badad887n/a 
2019-04-26LLC_73748775031US_Apr_26_2019.zipzip ef28659359d7743be1c9a1f0038ca471e2bf730cf0b7e9294aa8ba3cb5343dcdn/a 
2019-04-26SCAN_888953322819US_Apr_26_2019.docdoc fcc56f6e583e33f8314001d67db823ecb4f6f98434ed54174aa4af4c507bd4bcVirustotal results 29.51% Heodo
2019-04-26Document_261305708234US_Apr_26_2019.docdoc 1b6780bdf158e5db38f844964fee58e27eb788ee24d330675660cd5cc4cab119Virustotal results 32.76%Heodo
2019-04-26SCAN_634140204525US_Apr_26_2019.docdoc 1f36292a0e7afdabbe9490a5ce10e366a117dae1183e7ae81b87adb87634a79aVirustotal results 28.81% Heodo
2019-04-26FILE_798646480839US_Apr_26_2019.docdoc 9049cacb9b93214f569c423cf18420357bf81554083f9cbf7c6484331f7aaecbVirustotal results 30.00% 
2019-04-26SCAN_6578036840US_Apr_26_2019.docdoc 38d9c3be5eb69fb82acac3e1b81a75d785d7a1c5c4e1f1634dfabafacaab8766Virustotal results 29.51% Heodo
2019-04-26INC_0515642116US_Apr_26_2019.docdoc 28b73ffab30e520bf8cee7181ed94476c94c2648431f771aae0403242a3092b1Virustotal results 27.59% Heodo
2019-04-26LLC_446895992053US_Apr_26_2019.docdoc 2d8657ddef24bf6a614be6b191d81d604035ef998633bb52ca99eeb390630d81Virustotal results 29.51% Heodo
2019-04-26DOC_7694239967US_Apr_26_2019.docdoc 40121175d7fe805e2ea631b67816f3654435477eded7315895dccc5643be856eVirustotal results 27.87% Heodo
2019-04-26Document_35161691567US_Apr_26_2019.docdoc bcbddb19b9eedaa9fbb39c88c56342bcaba9ac9611043831cf6a246de2452cd9Virustotal results 30.51% Heodo
2019-04-26INC_556477205058US_Apr_26_2019.docdoc 796993d4f3251d60c9b534c46b937021e646bac58e42ce21fddb008acc3a73f0Virustotal results 29.03% Heodo
2019-04-26LLC_383008730910US_Apr_26_2019.docdoc 77ccc470c377e4a22e0091d0abd3f91cec17b6e06c0e17d8f87dbbbd735bfe0bVirustotal results 32.79% Heodo
2019-04-26DOC_11458927324US_Apr_26_2019.docdoc 9fe28f27c0db9df3580f65069affb7f47171d910f69035ffdeeac5a545ab4ec9n/a Heodo
2019-04-26SCAN_08235811977US_Apr_26_2019.docdoc c55389fe950755876432b9ffb73aaeb902f64bedd444217137445a2e87de5f0aVirustotal results 32.26% Heodo
2019-04-26INC_0853250450US_Apr_26_2019.docdoc f5bdfcce3d7b96d9ebfb828380002a8541c41c353dda36edd8c467618d471fb0Virustotal results 32.79% Heodo
2019-04-26LLC_7222249418US_Apr_26_2019.docdoc 6f5795d34e8fa33548042554f0b05b6e79e9a68783f28a196476261a0de0e068n/a Heodo
2019-04-26INC_794306976273US_Apr_26_2019.docdoc 407f21c8583dbf70a0069162b9f7c0ec142b63e05d4d94ec8e4c85345bf759d9Virustotal results 31.67% Heodo
2019-04-26DOC_641535155568US_Apr_26_2019.docdoc 9ec754906cd974949805241075b0309f01f428c0dffc53b4aaff2e43a79265bbVirustotal results 31.15% Heodo
2019-04-26FILE_6266004793US_Apr_26_2019.docdoc b6027234bbbfca5ce87c4757557f0a4a9ed2c54960d915eb215722fa703191f7n/a Heodo
2019-04-26FILE_178887504651US_Apr_26_2019.docdoc fd84376ecb2845381d03f46851fb6328f5c0f26c51fb515c74f21b2326031630n/a Heodo
2019-04-26SCAN_60833281040US_Apr_26_2019.docdoc 601804d1434691765b258649f0a9c8924bb1b28b5ff0dc2bafb3039b2c78f6a3Virustotal results 30.00% Heodo
2019-04-26FILE_2454510558US_Apr_26_2019.docdoc c22381c768d93356bda637be73a296a73f5b51756cff0c9d0eee0661e2e967a9n/a Heodo
2019-04-26DOC_17622109763US_Apr_26_2019.docdoc 8065d2137332893c6e189b09a0e6b480e2f2955e827e0b67e4418e6a268da467Virustotal results 32.26% Heodo
2019-04-26LLC_826884868931US_Apr_26_2019.docdoc 7a6a2c210aefa9f680207555c2b909616b54e3999945d22a47241c2987debd7bn/a Heodo
2019-04-26LLC_428226555340US_Apr_26_2019.docdoc 79aa4c12cd7acda388199e7e59ac3481b7e738ae2b3a43ac06bf08dd8f6b4419n/a Heodo
2019-04-26Document_794490734609US_Apr_26_2019.docdoc 7b793df9dc306e78aec1741d9ef0f38a9e7b5677bac66779c18de85334ad953dn/a 
2019-04-25Document_221514992774US_Apr_26_2019.docdoc 828b7e9914f932108e52249577fa80987f20ebda94b8654fdc2964baa4d929a4Virustotal results 33.90% Heodo
2019-04-25SCAN_910347381754US_Apr_26_2019.docdoc 67d05dd367015c892e3f0f50e5737a5138f00f626a134a85f1c2a6496132e691Virustotal results 31.67%
2019-04-25Document_866999600905US_Apr_26_2019.docdoc 7218111a64d849c230b9d6d315953fd4eacad8211eaaf6f03c1fc25414fdb608Virustotal results 29.51% 
2019-04-25LLC_359083961795US_Apr_26_2019.docdoc df0fb247a70c89c6562901405d16cc4d36f5052d95ecedc5b9ed5185a0125f91Virustotal results 27.42% Heodo
2019-04-25LLC_9111311599US_Apr_25_2019.docdoc a11052d85933b9ebe77b92056e6efbd89393fecb51e3f0fd80a4cfa946cdb7d5Virustotal results 27.87% 
2019-04-25Document_3355113873US_Apr_25_2019.docdoc 863bef93f145d590c49616b371a74a51cca7eaddb9be7b6a55d1d1ffd5f15cbdn/a Heodo
2019-04-25FILE_55118782925US_Apr_25_2019.docdoc 64f50f8c4e9bd7b196aa3d88694280da4762e02157d0f53ac68ca37e86d9e6f2Virustotal results 30.00% Heodo
2019-04-25LLC_758723122040US_Apr_25_2019.docdoc 6e63ea61f944615450899ffdd9a9444c1051c7a66f3e5a089c4a6ed2da6e6ff1Virustotal results 29.51% Heodo
2019-04-25INC_70335366409US_Apr_25_2019.zipzip dc3ed71863ce05abc24064fb1d1bce46e54e7950387982244541eb29b6fe7553n/a 
2019-04-25LLC_2027537163US_Apr_25_2019.zipzip 6f55a4876468a3ba0e583cd8359c95062b71c359a764bb3e6bd35342a9d39411n/a 
2019-04-25Document_5207007591US_Apr_25_2019.docdoc 3d3d72d079ac4d6709a8fe663e2e3f3426e0d4e132615036c46b23038dc0cebfVirustotal results 37.10% Heodo
2019-04-25INC_18479372577US_Apr_25_2019.docdoc be6473351331956dc550f794617da15925785c04c3c8bb63f998ef08b032aa2aVirustotal results 33.90% 
2019-04-25FILE_6468157246US_Apr_25_2019.docdoc d3c085cb5444dd3bee1f04a36f095305000b3e22f59738a4cf3b370c1d203863Virustotal results 33.87% Heodo
2019-04-25LLC_713083428770US_Apr_25_2019.docdoc adb17498e7aef92a20608d0899bca2e9c61c730889b3105e8e56517bb54217bcVirustotal results 35.00% 
2019-04-25INC_448105452918US_Apr_25_2019.zipzip 06582521b171154693398fff5ea9603476880d6847e015a6d938bf45147b3ba7n/a 
2019-04-25LLC_319719013272US_Apr_25_2019.zipzip 3a556aab6ee2a8d1e54dc4ef444f9a0a39c0c6bafbdd127b9b9099846ebe0259n/a 
2019-04-25DOC_7086603110US_Apr_25_2019.zipzip 76e1ce94414f3effc821401f8a0ba2734beb36ecfff0e4871572af049c1c22d8n/a 
2019-04-25INC_5882962082US_Apr_25_2019.zipzip eda8dca6f16d8e5a4c38dcf82b95b2e2a8901c32525a3ec9d8063f51c60d12c2n/a 
2019-04-25DOC_677054481538US_Apr_25_2019.zipzip 99a20e7ce858b09a816de2843152a4b2f6560c492f0362deedaa779196a47d52n/a 
2019-04-25INC_278627316940US_Apr_25_2019.zipzip 369563e7a41868f46396a457378c9b73dbcae9a9b095e256c4e83b477dd3999an/a 
2019-04-25INC_38843107280US_Apr_25_2019.zipzip 838367779c6c02bdeeebe9880122bcc37b7ea1b1bf549535416f7bc7a0826c0cn/a