URLhaus Database

You are currently viewing the URLhaus database entry for http://lekei.ca/ecard/images/css/parts_service/y5ut8akutvb3d35tipvisdkntq91_afo5x-4801493307/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	200277
URL:	http://lekei.ca/ecard/images/css/parts_service/y5ut8akutvb3d35tipvisdkntq91_afo5x-4801493307/
URL Status:	Offline
Host:	lekei.ca
Date added:	2019-05-22 22:38:06 UTC
Last online:	2019-05-23 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-22 22:40:05 UTC to support{at}grouphosting[dot]com)
Takedown time:	12 hours, 28 minutes (down since 2019-05-23 11:08:20 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-05-23	SCAN_17666461935US_May_23_2019.doc	doc	5a217e950f27df7da794e729b22980c2aa1417696ffa1ee861ce9e657fd35bbb	n/a	Heodo
2019-05-23	LLC_2910190368US_May_23_2019.doc	doc	ea6d7990cfe848b99d391ea3690e80fa14710973f3b7a3a151602e736062d3d7	15.00%	Heodo
2019-05-23	INC_05015494249US_May_23_2019.doc	doc	e3b73fc71fce5c6eb0769674687f1fc666118b06404f2f9578a2818e0cfa38e2	13.56%	Heodo
2019-05-23	LLC_797077960794US_May_23_2019.doc	doc	28398ed10fb49cc49f2cf4559ccbd2b5ce7213c0d62694dd637a5ec8d304352b	16.95%	Heodo
2019-05-23	LLC_6055473975US_May_23_2019.doc	doc	86a95894b9f4bb96a1a7c256bc95a3742349d41377b18759cb25293d6d22ce7e	n/a	Heodo
2019-05-23	Document_803575985277US_May_23_2019.doc	doc	ca1a8569a1532152068e32e0852b97e573e075c2fd8bcc34fb9fa884d67734d0	n/a	Heodo
2019-05-23	FILE_635246861553US_May_23_2019.doc	doc	e3bc63109b54ad59d61c2456ffdd5c0779b7eb114b4a5f94011657d7de51557c	36.67%	Heodo
2019-05-23	FILE_52751767223US_May_23_2019.doc	doc	267b17c740799cbb8daa7989146943ffb5a415b2fa2101ac81c7f5f5824cbc58	32.79%	Heodo
2019-05-23	DOC_482552682711US_May_23_2019.doc	doc	a4961c971e9b1e255f1a12cf6a635dbb0b4f042a0783cca374f38073b52abaab	n/a	Heodo
2019-05-23	LLC_310231402446US_May_23_2019.doc	doc	1dbd7a3e1760453301a48e728acd4d235d74af47640920b0b046de689c66824d	29.51%	Heodo
2019-05-23	FILE_7487964283US_May_23_2019.doc	doc	b3de11f2d9a35f0ab55f86928036e4da3c3112e05a0bb7c42e03ad1a670a83cf	27.87%
2019-05-23	INC_4721431701US_May_23_2019.doc	doc	7337128eb5289d453235b39cae458087abaf5f773ad087a1714a7e8701332e33	n/a	Heodo
2019-05-23	Document_020864243865US_May_23_2019.doc	doc	dd54251fb8f9186afdc65473e70d39f42bb36aa2f3eb9d1ac74c35f7cd895d78	30.00%	Heodo
2019-05-23	DOC_1284324221US_May_23_2019.doc	doc	f1f5d0478731474c23d6a4471484b540243fa3bede2c3f843396844d3061fa3e	30.00%	Heodo
2019-05-23	FILE_2281898176US_May_23_2019.doc	doc	9569dd8beeaa524e03b21f388397fac210001f7ad4723307700f37c2bce6c2d8	n/a	Heodo
2019-05-22	FILE_920105199608US_May_23_2019.doc	doc	6673817be34aa5db84a05855fa2364f04239bcb39d1956c00586357bc2e96382	27.87%
2019-05-22	INC_36079834491US_May_23_2019.doc	doc	07361938b338966720b62ffd3b02e5a956e6366404284322e59ef2d2bdd5f8a6	20.69%
2019-05-22	Document_83721563061US_May_23_2019.doc	doc	e809d5a50a913e203d75b058361082b4de50e62b68f4f8a8dda875619d4ac4d4	n/a	Heodo