URLhaus Database

You are currently viewing the URLhaus database entry for http://lesantivirus.net/css/esp/LvxnSHShDjxTiArIvTtXhDOGX/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	199219
URL:	http://lesantivirus.net/css/esp/LvxnSHShDjxTiArIvTtXhDOGX/
URL Status:	Offline
Host:	lesantivirus.net
Date added:	2019-05-20 22:04:06 UTC
Last online:	2019-06-10 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-20 22:06:04 UTC to abuse{at}peer1[dot]net)
Takedown time:	20 days, 22 hours, 31 minutes (down since 2019-06-10 20:37:35 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2019-05-22	LLC_62642800615US_May_23_2019.doc	doc	d114e27589e87ca1abd0757a3d0fecc6969e6124a9a2cf04389e7238f3df50fb	23.73%		Heodo
2019-05-22	FILE_93013448501US_May_23_2019.doc	doc	ab023ef17d1e240fa48ae909198065b48330d0bd40ad687f971d35687f5415b3	20.34%		Heodo
2019-05-22	INC_33166042282US_May_23_2019.doc	doc	26d7367b1d273cb322009012ddb87783848dd4fa735aa1f482da9c40441e835e	20.00%
2019-05-22	INC_123151374921US_May_22_2019.doc	doc	08b89f7dd8d503646629fb64a6aab677838de6c3b62eebcb5ca701d0ce0f6793	n/a		Heodo
2019-05-22	Document_0485672156US_May_22_2019.doc	doc	cf10a832675c6d6596534ee54d73881d982b386a32e95fe9d1d46705bad98c1f	20.34%		Heodo
2019-05-22	INC_949304404340US_May_22_2019.doc	doc	7d0923b53a0b3d5661862319bbe51c6966edab527975d5b042654c69e8bbe233	25.86%		Heodo
2019-05-22	Document_0496678948US_May_22_2019.doc	doc	3563cf7755d4fc579fbc7124d9c0b63f0a64d9c74189717bb8cfe5f9ff3c50a9	23.33%		Heodo
2019-05-22	SCAN_73273405486US_May_22_2019.doc	doc	7dae05d83daa72f99809fb010a118480affc08180c4caa231c448cbc76195e86	24.59%
2019-05-22	LLC_812366179479US_May_22_2019.doc	doc	25f4071a90f7e80f134b0ba8fe760d6e9716190e05eb389d1e76afa1476b13ee	n/a
2019-05-22	FILE_963835885869US_May_22_2019.doc	doc	170b532a9f1afdfdb29e89a41bb63b6f7c799c76fef06eda8fc283ba0baf0318	16.95%
2019-05-22	LLC_173667223671US_May_22_2019.doc	doc	71ebb8d941e8b8abb4219a3e40ff4c04760977c1f4f2ca1b0f6d541824a3c91b	18.64%		Heodo
2019-05-22	LLC_3173515954US_May_22_2019.doc	doc	b40d0ea033292b780a5aafc16811b20547d28a7ec3ffd6dcd8c5a0a743a5af8e	14.04%		Heodo
2019-05-22	INC_08101368321US_May_22_2019.doc	doc	4f7f219d375bc3ebed80364b10d6a78ce2acb7a1557771a30e87e293b1a42793	14.04%		Heodo
2019-05-22	SCAN_7512246353US_May_22_2019.doc	doc	7030efddb877d4a5fcd97afd7f7b794de9ae52a946df6b324c64fbc73d375cd5	15.00%		Heodo
2019-05-22	FILE_78703994209US_May_22_2019.doc	doc	6945f7a54982bfb544fb5d4a7f1541077ffa536c03c88916e2659581f4b8017d	28.81%		Heodo
2019-05-22	Document_8203537558US_May_22_2019.doc	doc	da04060d26560c26772b15ecd9b471dd42da0faea141d6e0b43d76dab52fe674	30.00%		Heodo
2019-05-22	Document_38943828218US_May_22_2019.doc	doc	741a1ec554f7f6aa8a3f2d98391ac1cbbbcc41a2d5baee77255cd40cdb4390cf	22.41%		Heodo
2019-05-22	FILE_38178076565US_May_22_2019.doc	doc	592fa05b9548b6e0fed37fbf7997119d96a43c4e1ad80ac7ceebcdf494707247	23.73%		Heodo
2019-05-22	INC_3930225481US_May_22_2019.doc	doc	dcec12383d8ec6559e7c02dcc48c302861fb5537a843fb773380367e982ca16a	20.00%		Heodo
2019-05-21	Document_0700445627US_May_21_2019.doc	doc	728d0def3186dc60e0b0ae365fe750930be37151b1a1e8165a25288026dd2b16	18.03%
2019-05-21	LLC_2090038473US_May_21_2019.doc	doc	1fed16048c546058c202c2e4ac47e2724345734bc81e2ddd417470bbde6a458b	18.64%		Heodo
2019-05-21	LLC_872515697251US_May_21_2019.doc	doc	b2d41d179fd265f8c043a1e1320dbd29da3cc2f969b0608843c3ec8461aea9c1	18.33%		Heodo
2019-05-21	FILE_76846054107US_May_21_2019.doc	doc	5dc74367c0888088fb09a1a4528071ed03d5a911f49b77278c2768799494e42b	18.33%		Heodo
2019-05-21	FILE_52759879596US_May_21_2019.doc	doc	43214f8a94c8b6ab6e615e19deee6da3f3f1492e090cbeea4c216ff17d3cec7c	17.24%		Heodo
2019-05-21	FILE_8298263274US_May_21_2019.doc	doc	d3ac2a40b74f11795c013911171f27ae3cc66c23fb836105b3417e93c8d6530e	18.64%		Heodo
2019-05-21	FILE_7633073898US_May_21_2019.doc	doc	3107bec7fa6f9a0def69ab8138e924f921d8434e9e07b4aa0aed8e5473a34ced	n/a		Heodo
2019-05-21	LLC_11896025561US_May_21_2019.doc	doc	751d2fb9c58cca3176b5a0052b76ed9943ca49fdfba93624162a2934ab79e070	18.33%
2019-05-21	SCAN_2440808638US_May_21_2019.doc	doc	9733c729501430b4d4df9ac843c4ee8e700fb9986e3e0084c450a8842f8dbc80	18.64%		Heodo
2019-05-21	INC_855598014149US_May_21_2019.doc	doc	9f7521fc26126b288e5680cc9e5f4d5c48b2cb0f00330e1c967cc19b43544a5c	18.33%		Heodo
2019-05-21	FILE_88898388140US_May_21_2019.doc	doc	56c3ed80ab25a9d8f9be95a185904784cb4f3317ebeba195c74e411374cf38a9	15.79%
2019-05-21	INC_88581261628US_May_21_2019.doc	doc	7ab11f10f3e8c44689c783fa8a81a4cb8198c8c4c590ee3b8a7098cfab26926d	16.67%		Heodo
2019-05-21	FILE_36962876879US_May_21_2019.doc	doc	c7fc9b8dac0a223d3dc280f2a3b161b2592304a055a1f6c9dcb385e329d44a4b	16.95%		Heodo
2019-05-21	Document_963981329316US_May_21_2019.doc	doc	4058c92ce66ee6c95a068c47aa7c881305e2e84ac60d8b8f52d0735b42605686	15.25%		Heodo
2019-05-21	FILE_71773991288US_May_21_2019.doc	doc	e3a0c9da4600559e06487c241e247cd54062c0dc80e05a5554229213494ec110	n/a		Heodo
2019-05-21	LLC_7078182759US_May_21_2019.doc	doc	76458b834de22f4dff0ef5087e8ce583339ff73fae4018094b371b281c3bb5c7	16.95%		Heodo
2019-05-21	Document_422883375031US_May_21_2019.doc	doc	e34fa966fd234ccbb5a94a53017bf89970e4e43a4fc5bfa3b7b8fe604db1f937	20.69%		Heodo
2019-05-21	SCAN_44522359886US_May_21_2019.doc	doc	689d76f9ef4bde4a011d61442bd18dc415a674a87972aaa49b737508a0930a74	18.64%		Heodo
2019-05-21	INC_265962651826US_May_21_2019.doc	doc	6229dffd0610efac2db5dac33334b46c30698582062a60c4f9447b3be6f14b69	20.69%		Heodo
2019-05-21	LLC_406876421742US_May_21_2019.doc	doc	5d3db0571515aa9b19b344165c634c68d507c046a93331f8073b2675d24f431c	n/a		Heodo
2019-05-21	FILE_93516043351US_May_21_2019.doc	doc	62b58695b0d8584c62dc127ef605a5ee3abe122c846fd2cd7ae97a9d36f56a74	n/a
2019-05-21	INC_88389163168US_May_21_2019.doc	doc	2fe4bd0c37b3fa4dceeebfdfae4aca917bc55f1b7b0d3537536be992a08f9025	18.03%		Heodo
2019-05-21	LLC_54576041932US_May_21_2019.doc	doc	202be157735b59ca4177cf51b06f7ace6f78b11b35fd45310234431d2225ead8	17.24%		Heodo
2019-05-21	Document_526511685901US_May_21_2019.doc	doc	9c28f718776486585c6ee04b36ca06ce00705170553e6e6e52f8b38dee40888f	n/a
2019-05-21	Document_097997860228US_May_21_2019.doc	doc	739add20d743a8d00b6fc26c0e0985b6876748fe5fee82b81c62b49cb151f571	36.07%		Heodo
2019-05-21	DOC_14254471290US_May_21_2019.doc	doc	f3a34ec584abd1dcdad7c65782cba7b633124e29a05649adb97b0e6492f37e4f	31.58%		Heodo
2019-05-21	SCAN_6915575247US_May_21_2019.doc	doc	a044a40de89da2345b2ebe7ba33c7cfd51693afc8e070bbb90158f4a21be57a6	35.00%
2019-05-21	FILE_54891323319US_May_21_2019.doc	doc	31d241738b7f029d100af0d13b0822647caf41e507612398ce3c5017c67532e2	32.20%
2019-05-21	LLC_4968867455US_May_21_2019.doc	doc	55da62fdf470a46c62d6189c5f83b709563510689c96b67136c15ca6411aa845	33.90%		Heodo
2019-05-20	Document_47415291311US_May_21_2019.doc	doc	c204f878c7b3aa06ee3fce9b8fbb6ee3f8397577af54ed2a6492283253b35eb1	30.51%		Heodo
2019-05-20	DOC_8125743675US_May_21_2019.doc	doc	283d6dad28c745cee59164b405b3521c144aad24ca59b7c867b87399d72add8e	33.90%		Heodo
2019-05-20	LLC_160086971275US_May_21_2019.doc	doc	46de4a22e963ff2f3a810faf1c0fad46c36b32705c54d51408274d18f6e686b3	35.59%		Heodo
2019-05-20	SCAN_760768545187US_May_21_2019.doc	doc	6523b344eb8dd9b3f099f0aa25fa2d9bfa16d9c1caa56695204091791a88b7cb	28.33%
2019-05-20	INC_8184716664US_May_21_2019.doc	doc	e7aefcf97bad9e796337a954117569c61e8faf1ebfb08839199604b9aad34305	27.87%		Heodo