URLhaus Database

You are currently viewing the URLhaus database entry for https://wecare.com.vn/get/3Pgny6gwZc/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1868553
URL: https://wecare.com.vn/get/3Pgny6gwZc/
URL Status:Offline
Host: wecare.com.vn
Date added:2021-12-09 10:50:13 UTC
Last online:2021-12-09 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-12-09 10:53:09 UTC to abuse{at}linode[dot]com)
Takedown time:9 hours, 5 minutes Good (down since 2021-12-09 19:58:28 UTC)
Tags:doc emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-12-09BKWB2VZU.docdoc e167804a6f36dc99e96909bcededa8a733dd8633037b8b52e8d7881d20446c16n/aHeodo
2021-12-09TIVQ9GN2TPU46K10.docdoc d69f3a0ab3de59ef3cd8461d88492993170d51dce254ee1097cb8abf5a0bf018n/aHeodo
2021-12-09MVGE7LY5BH.docdoc 6b24094a69cf6e612d38e8b0a29ba0805cc160dc1a84be86c55dd8c7f59521a7n/aHeodo
2021-12-09UT33JBXT2.docdoc 2f3d0aff6f35dff6502af75f678a40b0705e64926d8b0c57b927a8046c0048ddn/aHeodo
2021-12-092J8R2XR86TRNUQ.docdoc 0bd193c285d357f2d8207c3e78588727dd95c81425e8ff31e4f6abb76923c470n/aHeodo
2021-12-096604M6YIR36GQY.docdoc abff6c4c0576b6f1dc50478dd91cf8aa9c1ffd442f54bf6afa9e46585c6b507bn/aHeodo
2021-12-09O68KQMIJPSH.docdoc 60070dc681a9f7c4a79a3637402a55b5c3e8fba4a2df0ce681f0b1ff311a360an/aHeodo
2021-12-09O6WYAKZ94O7VTIU.docdoc e7b9c7ae85b65f18519cf9daed5b665424eb5e90d9ea917793d93a57f0a8860an/aHeodo
2021-12-095S0VDV6M4.docdoc 77eb108ef31a5a559cd861c6fb184724a3cbacc7bf9b889d7157c2fabcee6a25n/aHeodo
2021-12-09PX0FBLDESOOSK3.docdoc 5b0eadb028eafbc9bb1285c63f7a0fc68a235c037f04e81324474972367ccfe1n/aHeodo
2021-12-0952UX6049.docdoc f37b6e26f4d57136470d7f92f9b5dceab3c31038cabb1db75f72155760bbc58fn/aHeodo
2021-12-093ZQK6Q2R5SV3.docdoc 7d50155f2fd02aa6067f653d01ca3cd296b9851974f23904b601fbffdff9fcden/aHeodo
2021-12-095C5EVWD0IAPIYJ8.docdoc 5aee37b45c0c6370d6c4b8046356675ddbe62d8cb42dfcc602bc350600df64e8Virustotal results 38.71%Heodo
2021-12-093UH94MYSL0XL.docdoc e9e88b7232ae3639e10a4b099da5c0a7e8feb75810afdc3f11bf726b2b9b3fbbn/aHeodo
2021-12-09S0OSCJX4EMQ22U.docdoc d88dd396f704e6960eb6137eb6c8ef401700c2b021f80cdaa0cfa9e34ea0ad88n/aHeodo
2021-12-09N085BI7X58MHPS9.docdoc 422cdaf95ec5f430f907c9acf9538f9b76473c10d984ea3370753d2bd8a5d7fan/aHeodo
2021-12-09YZKDB72YNH.docdoc 0be9d6cb334fc62f10b751c241c8f21645a12c17e1ad1ef4439a9ca0ef278ebbn/aHeodo
2021-12-09ZRDQZLO9SRREKGYC.docdoc f40d26895ae37340ccc04c2ce8514c7e921ec9047100bbfd7c89a7b0bba61dd1n/aHeodo
2021-12-09Z3LN9ZZ.docdoc 3b8b1b6d67f96e2a8ffe58449d0360eb577a46dcedb376d01d0f925c3e6fe857n/aHeodo
2021-12-09LLVUBI66485I.docdoc 51d5b7b3141cc6a727d7dec0bff69a5e7d551d279656b92eea68fea27b7cad69n/aHeodo
2021-12-090244E12O572W.docdoc 5a020c775495fd172147770c6d358ebee40450aa5a0d04d4cdff89a358c27fffVirustotal results 36.51%Heodo
2021-12-09N19S630Z2PK5X.docdoc f469688bceb339010e200f2aa7f2ca3417a9eaa5b326a281d26458287acec4e7Virustotal results 33.33%Heodo
2021-12-09Y8NQ0KZU69KSKGZH.docdoc fe396373a53e8edbcf5424a2448fda5d86110293ec8efd19bd4b3d025ccc969bn/aHeodo
2021-12-09N7JXT8YI5LQK2W.docdoc b686a2a27d4060e8449649268808f123dd6221556d3e38e515c9f518e607e648n/aHeodo