URLhaus Database

You are currently viewing the URLhaus database entry for http://www.doyoucq.com/gtest/FILE/4hkiuibe4ugpao0a90bt93y_unks1d-136351677597/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:192530
URL:http://www.doyoucq.com/gtest/FILE/4hkiuibe4ugpao0a90bt93y_unks1d-136351677597/
URL Status:Offline
Host:www.doyoucq.com
Date added:2019-05-07 20:14:07 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@spamhaus
Abuse complaint sent (?): Yes (2019-05-07 20:16:05 UTC to victor{at}corporatecolo[dot]com)
Takedown time:1 month, 9 days, 11 hours, 15 minutes Bad
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-06-01DOC_438985437281US_May_08_2019.docdoc90177c7d1132ae75fe36f64b01e5e520180967157e656502a0aa75d92faa428dVirustotal results 42 / 60 (70.00)Heodo
2019-05-08Document_049133626352US_May_08_2019.docdoc9fca8a5a5331231d7c2e24f98c132be370fc4c1d314f6f0b674161bf086e32e2Virustotal results 21 / 61 (34.43)Heodo
2019-05-08INC_5013326234US_May_08_2019.docdocabb657219fa4293bdb3ea83eef9701a8a1b8db399122ac9b78988d2d7670f05bVirustotal results 20 / 62 (32.26)
2019-05-08SCAN_883441196321US_May_08_2019.docdocadfb40518e76da88b465cac35e6c32bb025e1f0188d96470a06ef516aef5d5eaVirustotal results 17 / 54 (31.48)
2019-05-08LLC_112254590059US_May_08_2019.docdocccf713f98bfa24d4b3aaa4ac68b4b990b777b99c20b6bb61aa6ad25538f50bb7Virustotal results 19 / 60 (31.67)Heodo
2019-05-08INC_98529309144US_May_08_2019.docdoc55b414fdc1fd75ce344a26606b4f1a0260a4867c0a35a202a08de8f3d6c2bd1bVirustotal results 20 / 62 (32.26)
2019-05-08FILE_1380681552US_May_08_2019.docdoce68497a4f031505d16b9c6c97077eafe011ca0b7a64f01baef10886dc8dbeabdVirustotal results 20 / 59 (33.90)Heodo
2019-05-08FILE_320218920658US_May_08_2019.docdoc7569c44f5d04fef27c5b9be4b22eee2f5f81edb46857e077255f4d593cf09d33Virustotal results 20 / 61 (32.79)Heodo
2019-05-08SCAN_4440426301US_May_08_2019.docdoca6654bf3a1dc1407b542532d1a9d11c30b84cdd9cc736abccfec742eb677b117Virustotal results 20 / 61 (32.79)Heodo
2019-05-08LLC_542709902095US_May_08_2019.docdoc910b21b089dd8f21d37f4a08fb65efe7d20807abedda2a694bb1bc42dbbf4b90Virustotal results 24 / 61 (39.34)Heodo
2019-05-08FILE_422313466655US_May_08_2019.docdoc56a81f054ec9d600f1085245e2cb9e6e88794c3c91069b4f088a764fa03e9021Virustotal results 23 / 61 (37.70)
2019-05-08LLC_884665855430US_May_08_2019.docdoc5610fb4f2521abbb5a78ce55ce5efaf6ea7d9c3125baeeb653e9248053417e8cn/aHeodo
2019-05-08DOC_03512547341US_May_08_2019.docdoc0f13e41640e9281bb775ba53333af8c80f0ac73b5436fb497910b3cdd397aca0Virustotal results 19 / 60 (31.67)Heodo
2019-05-08INC_465241428623US_May_08_2019.docdoc9f1c7192efe5fd241d1df09e7705fafd9356fb2e03e08e0d82ee4a26535b4ab4Virustotal results 19 / 62 (30.65)
2019-05-08LLC_338640604342US_May_08_2019.docdoc9fdc9305eec872f1ca504b377314371c1ced1b0772987356ea9fe9ab7662633bVirustotal results 19 / 62 (30.65)Heodo
2019-05-08LLC_496676965257US_May_08_2019.docdoc3e7d6e2f8a0965f759788182fd17786fa9ba5ecafdca5b71b86c737d09ace85an/aHeodo
2019-05-08FILE_005647899946US_May_08_2019.docdoc9cb9e15e944c542fc3308e7b5c9108994bc6522efa562d3c89d5b20d232a260dn/aHeodo
2019-05-08SCAN_5953151384US_May_08_2019.docdocd7fc74cd2d6f34bcc7e02522812778a91bbc6591f4805164208847add84ecf2eVirustotal results 19 / 57 (33.33)Heodo
2019-05-08Document_6757179016US_May_08_2019.docdocf431544f9099b4f86cf43b676b6be9752436fc4773cf672f23f743b17c41eb9dn/aHeodo
2019-05-08LLC_940610366244US_May_08_2019.docdocd97f2899ee64066ec4a0e641b598c9203a52800de6f3bebe11edad394043add7n/aHeodo
2019-05-08Document_2303883606US_May_08_2019.docdoc4199ac96a54a1125914dd6d442d3827273228153c600083f1ad4290c9dd2030bn/aHeodo
2019-05-08DOC_19979580425US_May_08_2019.docdoc28cd75af6569612c8dc642936de3a2680f75d49e1d38be1a3a782fcf11dedb31Virustotal results 16 / 60 (26.67)Heodo
2019-05-08INC_67432979669US_May_08_2019.docdoc71b6be26315c131c1fe9fea2b209427cc31e69b472690d38b8f32e8c8a3132a9n/aHeodo
2019-05-08INC_07486221392US_May_08_2019.docdocca79cb63740912029a80925b94cdfeb13c9ffa62743e6371de9f7ff5c49afbfeVirustotal results 18 / 61 (29.51)Heodo
2019-05-07LLC_575265789936US_May_08_2019.docdoccc5d88ce8bdcae9b0807e00ac25b8810061ef74875ce4c1e6de004b6bb42c594Virustotal results 16 / 59 (27.12)Heodo
2019-05-07LLC_5134366602US_May_08_2019.docdoce0cca29fbe79912a60ba57c8776d7f84e85495fa54a0e5244c0917df09b6b359Virustotal results 14 / 58 (24.14)
2019-05-07SCAN_2803027259US_May_08_2019.docdoc497fe0c5adffb28afd5d1add4b8fff359cd9a43fcb88aaa1f0e3ff9c30e268b8Virustotal results 16 / 60 (26.67)Heodo
2019-05-07Document_4803922940US_May_08_2019.docdocbf55a3a3036d1f003f56596666d4ee9d217fd276a3a24bf38d1eb2f4d581f149Virustotal results 15 / 60 (25.00)Heodo
2019-05-07LLC_46457155751US_May_07_2019.docdoce7f32681de1db48818bf4d4fa2fea775f9064eff9602123dc2d014d931f82d22Virustotal results 16 / 60 (26.67)Heodo
2019-05-07FILE_6437448764US_May_07_2019.docdoc9a4b3d0898fddc61f0f32ec6625a50040817f46c87e715b56ac1ba48cc17199cVirustotal results 16 / 62 (25.81)Heodo
2019-05-07FILE_8447072691US_May_07_2019.docdoce6c5cf2d7f36d84ab09e9785e24783ee44b08a299a445f514a8d8aeec7f70a31Virustotal results 16 / 61 (26.23)Heodo