URLhaus Database

You are currently viewing the URLhaus database entry for http://aviationinsiderjobs.com/wp-includes/RjLWsBm299/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:270365
URL: http://aviationinsiderjobs.com/wp-includes/RjLWsBm299/
URL Status:Offline
Host: aviationinsiderjobs.com
Date added:2019-12-17 05:53:03 UTC
Last online:2019-12-20 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?):mail Yes (Ticket DCU002179274 created on 2019-12-17 05:54:04 UTC)
Takedown time:3 days, 16 hours, 6 minutes Bad (down since 2019-12-20 22:00:41 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-12-19Bonus Payment Notification z355574384.docdoc 9fa4c0914f66b7c702ea440242e5440bc2d8ce34e416887139cfcd0c92919fd4Virustotal results 27.42% Heodo
2019-12-19Pay Payment f12150.docdoc 1316399f83cd2feb390a8416d544825ecebcdb410cdcc9bac129e86a541c300bVirustotal results 26.67% 
2019-12-19Bonus Payment L62.docdoc 774f0f0b0829895a4c1914b73083ef0cbb9da307e94a9c65042b3f6886caa376Virustotal results 27.42% 
2019-12-19Pay Payment SoOo540.docdoc efc63c54fcad9a31e5861a998a765a7f9e67a409fbd30309c6bc39d370c2ff87Virustotal results 22.58% 
2019-12-19Bonus Payment Notification abA136.docdoc 3c47a5a63882474ccbcb63598b16794958794cb2b5f415e1d4d0675b673f3bbeVirustotal results 24.59% Heodo
2019-12-18Pay z2843077.docdoc e53d3339ee612429756f0e834cad59b64c04a1938ce1d84a1ef2de07a5b5d021Virustotal results 25.81% Heodo
2019-12-18Bonus Payment Notification cY75612.docdoc 5c4067c6b3ce43cec290fcc8dd853baf88c85718fc005c1d60668bda4b3213deVirustotal results 26.67% 
2019-12-18Bonus Payment dP49033.docdoc ef2fd04a42f7b3d461233d8915768f6d393c72834a607abe0a80a21e09ac8ecaVirustotal results 25.81% Heodo
2019-12-18Bonus Payment Notification Vz8243025.docdoc b876adbd09fe56662ea445866c391063a16f866a4160c6842e8ffa33c3b56338Virustotal results 25.81% Heodo
2019-12-18Bonus Payment Notification E71697.docdoc 77ee0b338fd5c8452fcc00f1cf300873f80aa4ec5efd58bf29f7d279d7bbe79dVirustotal results 22.95% 
2019-12-18Bonus Payment Notification CK396823820.docdoc 099d9114cf9b28c2283d5da4550cec51027a271f0773a2af0f45e9249ee2da81Virustotal results 26.67% Heodo
2019-12-18Bonus Payment Notification lj4728705.docdoc cbf00c3856deae07bf9e14f5fd51a20e0c97a5d0fb97fdbfc0d1eaf3dd85f659Virustotal results 26.23% Heodo
2019-12-18Bonus pef63540.docdoc 6518a33980088438ec42795c45feb2e51a50cd618a406fbb6e60d60e523d6189Virustotal results 23.73% 
2019-12-18Notify px544.docdoc 40d849e2395d17451536943b6d8ad8655c9ba860d2151bfdb7d6cd0b3512ca75Virustotal results 21.67% 
2019-12-18Bonus Payment Notification p199580137.docdoc 5b281e3da52b533526e1e65746b8df24b33dde2f8f6f8700bd78823edb47f5d7Virustotal results 37.10% Heodo
2019-12-18Notify zf472273530.docdoc 7ecd418f499c379ce5e26a430ee6b3c012aba02686a78c7bb652336666fa8873Virustotal results 43.55% Heodo
2019-12-18Notify 78008.docdoc a3586470404b553e9048f8b822a362d419e170a2249ee10965f8f597d12a60feVirustotal results 41.94% 
2019-12-18Bonus Payment Notification 772366439.docdoc f9f3246f6b1f4eb2e10885ef3c59bb6b72c7e0e956ddc3532fa81f880e1b683dVirustotal results 39.34% Heodo
2019-12-17Bonus Payment Notification 376664.docdoc 2a35f5a41927fe28f3db7c4b39b47277ef3d46234aa686d6297d4a27f8524359Virustotal results 37.70% Heodo
2019-12-17Bonus 741.docdoc eb758f084bcbf7486daab6d90db673776f225a12c5d35a5aaa0993f8419f2dbdn/a Heodo
2019-12-17Bonus Payment vst009670.docdoc a0ec5ab66a2fff1c36584488a9dfb25563d9558af4f8c39fe4ef9778c47c4a2dn/a 
2019-12-17Pay 80486.docdoc 33821a7b9610eba85ebced0fe580db2d633a0927356b3c31197f2ce9f4cdfff3n/a Heodo
2019-12-17Pay Payment 695.docdoc 29d697765067c3697dfb256faa280ce17731733a0aae35d2e86cba06d898ad2cn/a 
2019-12-17Notify 788851.docdoc 4debd65e5eae6541f0ce1a0e039ccb8a59438c9cb515820b6260f77b08f02065n/a Heodo
2019-12-17Bonus Payment Notification N50677.docdoc 6b7c34d5cb597e4144608ceb867fe0ba1ff6a94564da88d1db8cbd050397bc90n/a 
2019-12-17Bonus Payment Notification P189316.docdoc 11609d6fef162c18390a302feed05a4ecdb2967762a2dab7dadca59a5526efedn/a 
2019-12-17Bonus Payment Notification M855900016.docdoc a1e17db1817375edd6735f442bb2e7778952f5bce34d02f42059aeea8f672e11n/a Heodo
2019-12-17Bonus Payment ZQ0296.docdoc 9dc1afce7d2bd7ec6d7b0da2d7eff6b3dcfe34620272b3620ae299e4396a5e3bn/a Heodo
2019-12-17Bonus wv42849299.docdoc 7100103fcd10dfc0a5773f8c3bd74ff8a0a5c7aecdc2c77ddf5fced772d01c30n/a 
2019-12-17Pay DTu99654.docdoc 61238acfcc8bdd6c0bfdb44167021cd20457a4b50e10e0aa4eac11a9172dc59an/a Heodo
2019-12-17Bonus Payment Notification P195408464.docdoc 976a87c807cc6916b189eee5139dce17380aae5b911ab3ab7c62c2f1b73e2f87n/a Heodo
2019-12-17Pay Payment ZL72884426.docdoc 7e076bec50d066d433553b8134f680ecb65ec425a10535dd8ccb52d6da3e16d0Virustotal results 19.35% Heodo
2019-12-17Bonus Payment KR735989.docdoc a0a0e9f2908955f2e6533d1c10a96868fa4992f37397a64071260f4726b602aaVirustotal results 33.33% Heodo