URLhaus Database

You are currently viewing the URLhaus database entry for https://doktortj.com/content_files/a6Fjp2SIn9UcCrBcZZ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2125399
URL:	https://doktortj.com/content_files/a6Fjp2SIn9UcCrBcZZ/
URL Status:	Offline
Host:	doktortj.com
Date added:	2022-03-31 19:42:05 UTC
Last online:	2022-04-05 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-31 19:43:06 UTC to abuse{at}idnic[dot]net)
Takedown time:	4 days, 5 hours, 21 minutes (down since 2022-04-05 01:04:53 UTC)
Tags:	emotet epoch4 heodo xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-01	HC-581066248496.xlsm	xlsm	7e16b96f674b1b3fa812fb1720851a37cb88e781ae92220bb858320fbe62c331	39.68%	Heodo
2022-04-01	QOB-8539392.xlsm	xlsm	12defc6352bb846667f7048ac22b5ba0a7bededbfdc06aba79c5629671d59f33	44.44%	Heodo
2022-04-01	XW-81452953.xlsm	xlsm	f732de85cedc648c0aa6fe976bc90b56fbbd78c9458986d67c94873a64ca035a	n/a	Heodo
2022-04-01	MC-8779671.xlsm	xlsm	0eef88b56a2aefc11d6c2fcc94f775230aeb9afbbcef74adad0e2e2c409151e5	n/a	Heodo
2022-04-01	IK-036658995833824.xlsm	xlsm	f8f5316e59f479286d96010874074660c5afe3ddbbf1bb382c468904b9667595	n/a	Heodo
2022-04-01	FY-273561228103633.xlsm	xlsm	4d52dfe6d7f72aada80362bf080ef49a439b176e7c488de69e8d6cc39feefb9c	48.39%	Heodo
2022-04-01	IAT-115548704.xlsm	xlsm	2b24ae43b66b722398ecdce2eda45ce724f63487f3059dffa976479d26a9f3b7	n/a	Heodo
2022-04-01	LJN-1283975834513.xlsm	xlsm	61635512bee4cff899365f4b237bb10933734ba71146cc0cd7f7692508f2b26b	n/a	Heodo
2022-04-01	QUQ-5354428.xlsm	xlsm	4e6c2dd2bb0183aa17caa2084632719d1b9d42cae3e0c96f6770b216822b8d01	46.77%	Heodo
2022-04-01	ABL-549793558707.xlsm	xlsm	2c4b41fdeef820de3df320cf56f01c1fd68bc513eab0a09ce944de90245da0eb	n/a	Heodo
2022-04-01	SZF-3817287646.xlsm	xlsm	73dc0a16c8430b50b28054c9e0b1e54cc8174554e7b63b4e2fa4be17c3cac1d6	40.32%	Heodo
2022-04-01	WW-0535268.xlsm	xlsm	2a6631c9dcb2385c65248a43d84d9d2063d4c0bec3ef9325c437a5ee31ef4dd6	39.68%	Heodo
2022-04-01	NM-520359083.xlsm	xlsm	033009536542621d4d21d3368787a56ecdf807bccc352f8014ebf00a5a57c6f6	n/a	Heodo
2022-04-01	PD-2285325218.xlsm	xlsm	b67f378396a813307cf0d9d7c4f272be83010272fcfa9af1791b517cf4f1ba05	n/a	Heodo
2022-04-01	EQ-30205954518741.xlsm	xlsm	a4653047d35b63e4cfb6020be4149b484aa5e68354d53a9da860dcc3cdeef038	n/a	c8fc17ff030feb3383d8889f69abbb
2022-04-01	YRC-74645141309.xlsm	xlsm	7865998de760d97246decb7fc619579d9389e6c2cdf72097738e48a74a0bafe2	n/a	Heodo
2022-04-01	QA-8069906106187.xlsm	xlsm	55af29e8285944f573d931d856bd099dac92ab1868000f8346d13a0bce7f1e3d	n/a	Heodo
2022-03-31	YPU-95667205229034.xlsm	xlsm	3cea415c72cf99f730ca00ed40940ba35c82dd2582786d91fb329459f88328ef	n/a	Heodo
2022-03-31	XK-760400062.xlsm	xlsm	5fb54e96fe17c395fa69dc06933558b083ae9cfb1391218f12c539c2645a8311	n/a	Heodo
2022-03-31	NV-155937607.xlsm	xlsm	f4e10c5743205f55ce4eca43f3741f71ecfdca9391ae883123c3372d5daae4b1	n/a	Heodo
2022-03-31	LNC-1345501063503.xlsm	xlsm	441ae7dcf7d20f39dce4201542202d7c62c067457d1476c2bda9c819979879eb	40.98%	Heodo
2022-03-31	ED-2932395128354.xlsm	xlsm	886b5540d8a7234ca4d384341ef859f08d555dcf16aeb021075140bb81459b9a	n/a	Heodo
2022-03-31	JW-140892357264.xlsm	xlsm	10281dd74601704b43cbce7093951762bfb6cc0402f747ba01250b2ebc438c27	n/a	Heodo