URLhaus Database

You are currently viewing the URLhaus database entry for http://comobiconnect.com/school/report/qsemfjbaiu5/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:288494
URL: http://comobiconnect.com/school/report/qsemfjbaiu5/
URL Status:Offline
Host: comobiconnect.com
Date added:2020-01-14 20:33:06 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Blocked
AdGuard :Blocked link
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2020-01-14 20:34:03 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:1 month, 13 days, 11 hours, 12 minutes Bad (down since 2020-02-27 07:46:26 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2020-01-16RP_PO_01162020EX.docdoc 04f9f55431447d7883e90bd069374664ee86a0e19ec02d57eea1a0f7d3d80adcVirustotal results 36.07%Heodo
2020-01-1648682245.docdoc 1c02dab9393f09bb8a56db95cf9d11f282c6a68330cc72b13148b20e1bb8bb5fVirustotal results 35.48%
2020-01-16FILE_LT7335274797MB.docdoc 67e4ad463f707098e9dd3aa9ef44543687de41237cb6bd15500e428aa17c34c7Virustotal results 31.15%Heodo
2020-01-16DOC_LB9302935861TY.docdoc d2ce1838da599f490397183272a746696999155f408cdd5da5d82c3ae1df24faVirustotal results 29.51%Heodo
2020-01-16SW_PO_01162020EX.docdoc 3c99ebde95d760948c4ff5db925c0272ec89b8409d698aab26e5785a42c88243Virustotal results 26.83%
2020-01-16ST_JVZ_010120_KRS_011620.docdoc 22dc9f78c85957d143023f3158871b265b6fe8c1deacfafd82fe231a24e7cbd4Virustotal results 26.23%Heodo
2020-01-16RP_MB5968570656HI.docdoc 3680aa11022e65dc0aa9498b0bacd2abf101723c775c04b4e5616eb8884b7ef7Virustotal results 25.42%
2020-01-16DOC_CCI_010120_VRZ_011620.docdoc 743632f16eaf4dffd8109a5ea7c14e341db9af20a96f44838a046b9c6b183fdcVirustotal results 25.86%Heodo
2020-01-16BAL_688057975261990977591.docdoc 8a116004b69dc5979fc68fe9cf6a97d53ad4a41283415596f2cba5e136950711Virustotal results 27.42%Heodo
2020-01-16RP_NRJHL9FC6.docdoc 21222de7dc129cc2ceb960d884aab5660f053b0186d85f48f302257ae6075bd5Virustotal results 25.00%Heodo
2020-01-16REP_VDW_010120_YIU_011620.docdoc a7d3f5474bdca4af088225b9280da969e8678960b6768ab6944a72866252c9dcVirustotal results 25.42%Heodo
2020-01-16BAL_26450748.docdoc 8cf507a5d6fd40526c9419ace90c17b9d91a6949229cd0f5c8afa750836dcf62Virustotal results 24.14%Heodo
2020-01-16DOC_ZM99IQITBG5YJ.docdoc 771ad3b2889d51eae42be0c3c53f7ab24667105d94fcd6e6dc93bca8ebbfcd85Virustotal results 44.26%Heodo
2020-01-16ST_UHA_010120_EBZ_011620.docdoc bbc7c13dbd64502c59d3890785c0a821310d29c04a915a23e62c31ed0756aea9Virustotal results 42.62%Heodo
2020-01-16PAY_TBQ_010120_EPV_011620.docdoc 95b02c0e112270751b5fe7a49866ed9d31594f0b8d26e823e2242bcc3b902b26Virustotal results 42.86%Heodo
2020-01-16INV_23FTKXJQ0PJQ.docdoc 13aa89755abbea10d5958e7b1d6d8440f1b6cb0d866e6ae70de9a7513e80e409Virustotal results 40.98%Heodo
2020-01-16PO_01162020EX.docdoc 01d706d0a5e27c62abe9a72200925c5e23ed3c309ea88354dfcb55b36437c3eaVirustotal results 40.98%Heodo
2020-01-1585095452.docdoc 8a8e9cf03bf716afc717c9f37e86050a9d95c576836b48423d8c1b495831a54aVirustotal results 40.00%
2020-01-1522369528.docdoc c1c7fc8ee76da4f1696fa2d918472cacd777e5fe281acbaec5d12a85d98fcab5Virustotal results 33.87%Heodo
2020-01-15BAL_IV0656954104HB.docdoc 7a06b573bf30a70a524d8cafbaddcd46d90593d6d7bde1d6339b533e3c01a1e9Virustotal results 33.87%
2020-01-15RP_SA7423605787TQ.docdoc 60d2c8f3e62e237ab3c9d9f1e822485b7cb0751b9c389cb2230222adfd189a97Virustotal results 32.79%Heodo
2020-01-15SW_68313265.docdoc d497afabc9f95e52de2b44e62a03de53764ad772a44b5435500de43e92434a9fVirustotal results 32.20%Heodo
2020-01-15LI5771576414BK.docdoc 287ae14e3b1562662edbf0da35eff337a49d911c07fb02c48b681dc3cb8aa7bbVirustotal results 33.33%
2020-01-15D_04076149324601.docdoc 1ed83f7ed0265fbb7fa1006f405773d31c4b7069ebfbbb6086f0196160f3d143n/aHeodo
2020-01-15DOC_QNJ_010120_FGI_011520.docdoc 23f9f4c3fa726a9b81dc0c06b81c8e3424d251dc412c8ccd81a89c7aa269e4d6Virustotal results 26.23%Heodo
2020-01-15BAGM_VNN_010120_FXS_011520.docdoc 4f0095c259ca3e1e3f0cbbf9295f33bbeefdf8271b1f3d8b97ee9ba5626eb8e6Virustotal results 21.67%
2020-01-15ST_PO_01152020EX.docdoc 2d5822aff83315cc778085dcd69fd73f82a4cfe94592529b93dacb256fb97713Virustotal results 21.67%
2020-01-15ST_XGM_010120_QFZ_011520.docdoc 0e0a399c81d33e87b7aab322fbf562d8c4aae27cc067a553ee092f13bc71221dVirustotal results 24.19%Heodo
2020-01-15RP_MKA_010120_IZV_011520.docdoc ae23c3284230d31527a8b2f8a4721cfa9d31535c93604fcd9be10894eeffc01bVirustotal results 18.33%Heodo
2020-01-15REP_7YUNGRF77U7V.docdoc 9982b18660c6aa9b8419bd84843d2d578fd2afb2516782ac69f0e7f8eee4efb9Virustotal results 18.33%
2020-01-15REP_477647975982868499.docdoc e4fa19c4736ffb554aacdb6de08c4ad081fd55105dddc85b31eac5c6082e601bVirustotal results 18.33%
2020-01-15SW_Q3M16OT602DVFU.docdoc d3edd09e8e4e9e89dbff176e69131f189175abf1a598c18593a3bb194fc45c2eVirustotal results 37.10%Heodo
2020-01-15INV_9490449060.docdoc 632e28a523c920e3035782ad086e6d3f0e39445486e86e7ce6a05c0e4f337292Virustotal results 31.03%Heodo
2020-01-15FILE_YRS_010120_BIN_011520.docdoc 53316d2f235578afb76c4e839aa953af8e9dfb9e6b17307c324a88e42d7e47f2Virustotal results 32.26%Heodo
2020-01-15RP_48087369.docdoc 0edf4c05fd5e483a3ca303151f3f58c87155ae9f1cec75be9ffd0aaad884f4f9Virustotal results 29.51%Heodo
2020-01-15REP_11166464.docdoc 556f0f62580588094bb0d595bdbb880b58a48148af61569258c9a84653374cbbVirustotal results 30.65%Heodo
2020-01-14DOC_PO_01152020EX.docdoc bbf79cb4aa35f097ee65fbf27c2808626e53c4460eeec58c2a828aa669b50b74Virustotal results 26.23%Heodo
2020-01-14PAY_GVT_010120_HZL_011420.docdoc 6ea68ce4d24f0f499b02dc10acfa5ba8a428ce1eef46e6423899ce4be5f31b4cn/aHeodo