URLhaus Database

You are currently viewing the URLhaus database entry for http://vics.com.sg/aspnet_client/Documentation/kk5u94eubp2/rqa2-115415060-06611-03wbpd-gwft/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	266150
URL:	http://vics.com.sg/aspnet_client/Documentation/kk5u94eubp2/rqa2-115415060-06611-03wbpd-gwft/
URL Status:	Offline
Host:	vics.com.sg
Date added:	2019-12-10 17:21:28 UTC
Last online:	2019-12-20 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2019-12-10 17:22:08 UTC to abuse{at}netdeploy[dot]com)
Takedown time:	9 days, 14 hours, 47 minutes (down since 2019-12-20 08:09:13 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-12-12	RD8JTN5ETOLA.doc	doc	154c628b12c02c216b617539c2dcf70eef480dda7676d45e5274169a6a4692c0	28.33%	Heodo
2019-12-12	2KHRTOF.doc	doc	23a235da917fdb7cd76c1ee6dd6d23c26bf327ee2d683ffc3dea63399f8f2afb	30.51%	Heodo
2019-12-12	30144676.doc	doc	cd9fafbae1765254701fe1ed8e741e933871c9982e881a17fca79bd8c40d8dce	n/a
2019-12-12	DOC_PO_ 12122019EX.doc	doc	7880cc42f78ce37e1603207a15bb0471e309eb5fedc7fa51abbefd09e357efcb	28.81%	Heodo
2019-12-12	REP_PO_ 12122019EX.doc	doc	15d655db81abf803aa22bb3129e3f12caac4a096d6ccd5965016154ee7676293	n/a
2019-12-12	08203366.doc	doc	f88fb648fa7609df0db8aff38f0007e84edf34538a05e40fd68610739aa8724e	45.90%	Heodo
2019-12-12	62097190.doc	doc	a7feb13fcde7026f34f534d7cba0254dbaa73cd900db12319766d6eccbfd0ed0	44.26%	Heodo
2019-12-12	REP_RF7329504688JG.doc	doc	b28fc69d273968f02c31bbe4816ae98283fbc79eb4c265eee822d6027c4ea025	n/a
2019-12-12	29399271.doc	doc	e0fd2fdc26869f285127622c05a135f251e83e589e2567e1aea88c55c4bb2723	42.62%	Heodo
2019-12-11	DOC_PO_ 12122019EX.doc	doc	ba8a46dbbb037ccf3e0a61a8586f83dab16705872f382c5535d25789f4bfa0cd	42.62%	Heodo
2019-12-11	PO_ 12122019EX.doc	doc	2e223a084ed2f30f0660abc902d8f008019363b8a0fb9de3310ebef0a09ef9c4	40.32%
2019-12-11	FILE_FSZ_120119_PLX_121119.doc	doc	4d4b0cda820338f50cfbceb7a169454606d778da165cd1e2edc5475cb29ed37c	39.34%	Heodo
2019-12-11	GO1217543224CT.doc	doc	38857232b4512724195ed04484ac12a0f7c9484030e07a148683257a640738aa	39.34%
2019-12-11	65271509.doc	doc	7e1d00309eea1fc1fe48534d56fe03636e597009a864a98df4901649caac304f	39.34%
2019-12-11	E_XIV_120119_XLK_121119.doc	doc	e1665e777fd175ef7df8bc28ac37d369648b9b18db55beb6c289baff0d985fb2	37.29%	Heodo
2019-12-11	PO_ 12112019EX.doc	doc	ce9418b561864d7c255df7ad7d281a844d33343319a65aa4adc964b27c66cffb	33.87%
2019-12-11	KR_1299988735770330761335731.doc	doc	b4eaf914ccc446ead4b90498e82aede354a3f4235774baab829ac5cde833771b	29.51%
2019-12-11	B_PO_ 12112019EX.doc	doc	fd7dc893434af1ebadb16503d302d46d256311b3fe4d7b93456f9bbc2030943c	27.87%	Heodo
2019-12-11	63067394.doc	doc	2e0838a8b30aefbe23c45954f5bc35d663e7be2ca00f246b6bf735a6d5efde21	25.00%	Heodo
2019-12-11	DGY_83113759552667969217.doc	doc	90348b4d3ac94dbc837178f28d608e0d5f841267ac43e98cfa355e8973c34896	49.18%	Heodo
2019-12-11	REP_BW45BE5GGH.doc	doc	f5611c378395ec709c8d53b044b5e5c7eb33eb9ee2c49363330618c368666532	46.77%
2019-12-11	T6NN24OJXJA.doc	doc	1a15dbb9573d4715318740a3d2a70ae5fd0d3ed5d3f349dd68ff15fc8f65d3f2	44.26%	Heodo
2019-12-11	7883941024137774459257.doc	doc	7dc82afc58fb81a256c24db77f61c5f95de8a9792502edc42fc84692572fcd97	40.00%	Heodo
2019-12-11	I_PRK_120119_FEW_121119.doc	doc	ececa128a027e4dcbd41d97bc3378c242a9701e8c583b0587b867621efb1503d	35.48%	Heodo
2019-12-11	539189987.doc	doc	adb56550e01e0f40b85119ccfb67cacc100e0e353656ea29b36d5250d7e14e58	34.43%	Heodo
2019-12-11	A_PO_ 12112019EX.doc	doc	4face44e712880190ed46611d9e2c94b7fddc704e8580accb2f4fec0e02692dd	31.15%
2019-12-10	831132970874729.doc	doc	95ea8af7b6daa10fb5d0b502c3ef0b00ebabe9dc3ea809fe677b9bead870b93c	30.00%
2019-12-10	FILE_ZKRZ70PHBFG.doc	doc	993cc455bb335be039181dd68dc3a3a3055ac4538fe1322cf56707fd280561c1	29.51%
2019-12-10	IFP_120119_NTB_121119.doc	doc	44fbf4ea9f5e37e0eb42081211baf00263af7403ebb3691ba77e977bc488da4c	26.23%	Heodo
2019-12-10	8U3536NEH.doc	doc	79980573c87918e781880976d396cf833f330ce4e2939f607a928df75e925503	29.03%	Heodo
2019-12-10	FILE_PO_ 12102019EX.doc	doc	e08a5706703d512c76401c996b99b7a296d82d74c744c878f796eb60853ee537	29.03%	Heodo