URLhaus Database

You are currently viewing the URLhaus database entry for http://sanitaco-ge.com/wp-admin/lbuxud-u5vpt-csbmjw/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	192228
URL:	http://sanitaco-ge.com/wp-admin/lbuxud-u5vpt-csbmjw/
URL Status:	Offline
Host:	sanitaco-ge.com
Date added:	2019-05-07 10:01:07 UTC
Last online:	2019-07-24 03:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-07 10:02:02 UTC to report{at}parspack[dot]com)
Takedown time:	2 months, 17 days, 17 hours, 42 minutes (down since 2019-07-24 03:44:18 UTC)
Tags:	emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-07-23	n/a	unknown	66555f72d5c44763da225ffb4f8dad14fa9972ff418b95dbf786899bb31508d6	n/a
2019-05-07	Rechnung_9480867143DE_Mai_07_2019.doc	doc	0aaeaa93626bdc87153bcbd213712de5c3fa7f98f2455f1e6e5cd2f46c03b0d3	23.73%	Heodo
2019-05-07	560888684378DE_Mai_07_2019.doc	doc	d03ddc2c08bf8f628391f11e3317eed49399191e723cea20b242df780118e1fe	25.42%	Heodo
2019-05-07	Dokument_3596100612DE_Mai_07_2019.doc	doc	60b17d785dbd6e4dbee37c553fa9a5617c7d23bda1841de3659b72d910733d3a	26.67%	Heodo
2019-05-07	Dokument_2396380334DE_Mai_07_2019.doc	doc	222ce422ca63999aef3b717a2e9eeb0c9d72599815c4f478597d451aeadfdb68	27.42%	Heodo
2019-05-07	Rech_47586064610DE_Mai_07_2019.doc	doc	51dd24ccbe52ae79f2325057045832374d3c494ecf7c6839778846c72f86653e	25.86%	Heodo
2019-05-07	67091209705DE_Mai_07_2019.doc	doc	e9771e82271beb5c983f81566668f27bb2b45d500277e14612dc3cd86ac4b9c8	25.00%	Heodo
2019-05-07	7545691991DE_Mai_07_2019.doc	doc	28e68b85f1bb66d9f63b619a9751c51f270b12f221ed712b879ee9c8c4963140	25.42%	Heodo
2019-05-07	9530483274DE_Mai_07_2019.doc	doc	f12242ba8f3516adfe65d5e5754e1f910ba29a5a6acc66df4af5b85e8cdc1a6c	25.81%	Heodo
2019-05-07	Rechnungs_Details_834432103688DE_Mai_07_2019.doc	doc	dc48ee3072f61d701ee3becc3537339fe28e663ab42fad5d075bb0043993d4ce	n/a	Heodo
2019-05-07	Rechnung_417038317157DE_Mai_07_2019.doc	doc	946b744200b26a382c2490ac1b26a042bc52f6fc5cf04b082cfa038426ca15da	25.42%	Heodo
2019-05-07	Scan_86514138323DE_Mai_07_2019.doc	doc	644eb7976025866cb83fb07f99802dabb9ab0100acb262c43488b5c63a068e9b	26.23%	Heodo
2019-05-07	Dokument_1756574019DE_Mai_07_2019.doc	doc	8f0d1f5f9444e54e4d5e9b991b587b672650a440350b2412dcc9c876df527ba9	27.87%	Heodo
2019-05-07	288945000175DE_Mai_07_2019.doc	doc	a192842d57adab5cc7c559ccd9abe97be948c88de2e6abd3e9c2bd82c639892d	27.12%	Heodo