URLhaus Database

You are currently viewing the URLhaus database entry for http://myofficeplus.com/cgi-bin/3719631970052877/ly9d9l9q344y3kfkzqh7639xmj4_he0tqx6-489057542617/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	243795
URL:	http://myofficeplus.com/cgi-bin/3719631970052877/ly9d9l9q344y3kfkzqh7639xmj4_he0tqx6-489057542617/
URL Status:	Offline
Host:	myofficeplus.com
Date added:	2019-10-11 12:34:40 UTC
Last online:	2020-10-09 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2019-10-11 12:36:20 UTC to abuse{at}ihnetworks[dot]com)
Takedown time:	1 year, 0 month, 4 days, 8 hours, 55 minutes (down since 2020-10-09 21:31:29 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-10-12	42557186357_KUI.doc	doc	a85cc2088eaf316b8fcf3c7f33996b1acf93f99f820eaa9dfac83d0637adc9ce	29.31%	Heodo
2019-10-12	7125280264225443_10122019.doc	doc	e2d82d020fd7232a66a9a6f7a2fb934b1a2d4a037f1dd4126babf91176510f22	30.19%	Heodo
2019-10-12	KGE8TJJ7U0BG17.doc	doc	0c01946813b8753e6cf65804400eba28db24416f4dec1226f33f7221614b286a	29.82%	Heodo
2019-10-11	ZLU_10876774147.doc	doc	ca180a6decf05edb03c9aef8d56b1e8b545f38408cba5c5caf7c32e595d29f21	28.57%	Heodo
2019-10-11	2225196628319201_Y.doc	doc	8fc91396de84667cf2570c5dca848ef3cb311577ab76b0203f5c1d5fba6e052d	27.78%	Heodo
2019-10-11	9293351889552526_10122019.doc	doc	fb061b509b6a0106c5449a238778280039d47483a92d722caddea5281015d945	27.78%	Heodo
2019-10-11	CUX_40577620292_10122019.doc	doc	8bc9d6efabe570091d4541daaa54b9814b2d55cdaf155488f5286d9edca2df76	27.12%
2019-10-11	NR_5565856461_UV.doc	doc	5af4fcfe23eb4ce9738f9f72bbde073fe7ebd4ecfbfcd6bbf61387c173af2e12	n/a
2019-10-11	KY_SGQTFIFV7.doc	doc	ea6bc5ebef37957c7b126709b815f29dc69fb9c93da40df01f014ddd1cfa13d6	n/a
2019-10-11	VOQ_4601717252779.doc	doc	6c40b99efdc13e711630891e543dabc5eba99684fcd57494d0dd101001ad5715	25.42%
2019-10-11	SL_OO7KXZGJEU88_10122019.doc	doc	1b21cf35d5bf666e300a8b9e47ecf065e5e2cac0eb4ef6b3057a82bf7719bbbe	23.33%	Heodo
2019-10-11	PS_61330593165400091_10122019.doc	doc	f4a09b29ddc5d848f3953849f26e8e7877c116b3771c13ed753c2c53b2574b06	n/a
2019-10-11	YIL_0287551980786892.doc	doc	5ada1f249afb0dab78e36e9ef60a134dd593275d1f25d51ce200eb0073a168a9	21.82%
2019-10-11	RC_R760WY2224B80P_EGQ.doc	doc	e18cacb96140723e9e564a2c6be2ddc1c25e77f97cbb4bf28db7e7f9b988872f	22.03%	Heodo
2019-10-11	6JAR8T4ZEW7PRM_Y.doc	doc	2a8ddad526a2bbf57fa9566d00c6347684f427d9c16f7244dd0bed0ea64572a5	22.03%	Heodo
2019-10-11	JCI_8120297617072.doc	doc	ac09b44ff4ed151a614ec4a9536d13cbdb632a604758f91494303647040f3799	21.67%	Heodo
2019-10-11	FN_25437615231992063_10112019.doc	doc	2227247f2e71f3d0f6446c7c81e21dd83dd5842574a81e29e4432706c697cdbf	20.37%
2019-10-11	6171470489.doc	doc	fb07adaeb148b28d5c804a4f9098931f9ff141b7bd1476b420d11ff22d904440	n/a	Heodo
2019-10-11	16077950701.doc	doc	69fb35201338e07002d6ac1cc263714c5beb5ea8e0717a0d4f9a35cfe903a2f0	20.00%
2019-10-11	RXH_254557361579.doc	doc	de9752e65eef8e813a25cd7daf3e54bec2c0ea8bc4dae4052991b87971034e9f	n/a	Heodo
2019-10-11	LK_U0VDFXV8NGH.doc	doc	9e1d7cd63b0edcb4b3c4b1c86ecf477245ba82b4291bf26484fe2dd6cd9d12a1	22.03%
2019-10-11	PPDXQA2X2IWAB54.doc	doc	c96e123865ea3b3cea184bd021ff5c2242dbc0a9b30cd2e916af7bc936c711ba	n/a	Heodo
2019-10-11	DJ_93796992168_10112019.doc	doc	efbf4355ea2b430cdd94e8320aeb3f84e2c3ffdfe053d292b1ac3d6a463ec2f1	n/a
2019-10-11	FM_122978129438_HOR_10112019.doc	doc	0c7c14abb4d1bf673ff07c232b994279e316a77465b4b4ef041fbe17d51bde96	n/a
2019-10-11	YL_RTDBQB8XAI0SVS_E.doc	doc	0c8bbc97828005bee9e7a2cf4887665e56a4a6755983424cc087a3a3ff58c672	n/a
2019-10-11	DZ_223219939486.doc	doc	76a62f7e63606a966378d9f3ba8fcec5a7cbb1e67caf749a9cc77e20092aed08	n/a	Heodo
2019-10-11	8541459679963_N.doc	doc	8f5f8f2799851e1a63fc6bd93499c0ee6f967604fff74612a0caf411d51372e4	18.33%
2019-10-11	1488877567.doc	doc	1f08e5bd06d1bde318055f626dff14677005ec9200c533c74a98cc68ff1b648b	25.86%	Heodo