URLhaus Database

You are currently viewing the URLhaus database entry for http://revasa.org/tmp/htum63ickwvw2_mhnfd_ou75xck_n1wgs6x/verified_area/99030729526277_lfI0z4F/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	290019
URL:	http://revasa.org/tmp/htum63ickwvw2_mhnfd_ou75xck_n1wgs6x/verified_area/99030729526277_lfI0z4F/
URL Status:	Offline
Host:	revasa.org
Date added:	2020-01-16 13:09:04 UTC
Last online:	2020-01-21 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU002250563 created on 2020-01-16 13:10:06 UTC)
Takedown time:	5 days, 5 hours, 6 minutes (down since 2020-01-21 18:16:30 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-18	1640870493.doc	doc	fb680f476f064419b4c691854253bfbed052197faafca93d027f487c8de86785	43.33%	Heodo
2020-01-18	71921959.doc	doc	5bb8b7197cc1e9717f275644d2d24e4c332776ec9da58322e3d1520bf2d18e55	43.55%	Heodo
2020-01-18	048895_4322.doc	doc	62b022e2b76591b3fee3ea7beae1e637a41da7267015ec25d9a365945f8d78a2	42.62%
2020-01-18	3851947733_919192.doc	doc	ebbb837782d0d30f64b1ccfaa8e9341a2dd3b57860cb3aab2e2a70d5720fb0db	41.67%
2020-01-18	8310874.doc	doc	19deab1fc1945adade539c30a56072a4d9b385269373863b48a7fc7c630d4d5f	38.98%	Heodo
2020-01-18	Untitled 1906-788592028.doc	doc	723e18efedff5086e5ee078490176f0c7e408ebec167c0ee458c9976c3745a48	36.07%	Heodo
2020-01-18	75535-10985810.doc	doc	d7fe6ff20340dfb9d230b942efbcdab3cb343970179df1bee04611d3ca437d6c	31.67%	Heodo
2020-01-18	Attachment 223-323967349.doc	doc	238bab953f2c2d203f0c9729219776b1fe8880134ba9cf70d27d881f36ce675f	28.33%	Heodo
2020-01-18	Untitled 279845_289.doc	doc	e727d11b8218fe3115606fc4fc0cd4affe8bc9530fa7e629a19380988ba2d761	23.33%	Heodo
2020-01-18	8083059152.doc	doc	3dcfa444ee0d6d689cd49d3a1caa17a03e26275d6abd1867aa326c71af003f05	24.59%	Heodo
2020-01-17	Untitled 9489743.doc	doc	55fb1dfe0bfb184bb5a2ce7845745d8221dec92ffca0470f1bdf6d839e2168b6	24.59%	Heodo
2020-01-17	12920313_204.doc	doc	662c45aa9a011fd5404b6d5ea8d2bb53a0b723d8fcdca58a66dc66aa6561b0ea	20.00%	Heodo
2020-01-17	95886.doc	doc	b9c15d055c517660d17d42e9339bee94435bac3f675cf54f3174efaf73cad47a	20.00%	Heodo
2020-01-17	933422.doc	doc	8d77fbfde4154039eb777662ec81f00efe1af55007fa31f260105a798d76ba63	19.35%
2020-01-17	UNTITLED 25938-42922470.doc	doc	0e72c865b959ff343bcaed54902d52456bbc305790fcb1b268babb4d7a0b1086	22.95%
2020-01-17	7193.doc	doc	1bbc0ce582ee84fb4c7f3e05261073b9323dc1456546cc6cceaa2a303ed038e3	19.67%	Heodo
2020-01-17	UNTITLED 72599433_1675.doc	doc	46ea2710d8a7879256b328b5e5d93d1c3d784d463a093cea5cadf590da608876	21.67%	Heodo
2020-01-17	7718086.doc	doc	6e6f3a8a41c935b71774bf8e2626d22f8a9e945be48d32174dd7dc8d4479df4d	18.03%	Heodo
2020-01-17	00676-015483.doc	doc	4926c006521338ee85d1c82e53db2c39908c6e427d7570cfda91eebfd40b04eb	22.95%	Heodo
2020-01-17	288592680_299126.doc	doc	864bcee1306de68b08f3c62b7d089cbab146fd47295aeefc4184bd1663c21a51	24.19%	Heodo
2020-01-17	Untitled 2901582_892293.doc	doc	a45dce53a3e6f9efbd71ffa07fabe3f67bbd2c4fbe7852123172e4a0405aa71d	19.67%	Heodo
2020-01-17	Untitled 249655.doc	doc	45ad69ac7aa3f078459f549ef7c94acd552b8bfb363353cde37f2075fc40c937	18.33%	Heodo
2020-01-17	Untitled 56532.doc	doc	0910756013c93bd04bb0df0b501ac958c61e561bf65b445b4b0a56e597a1310c	18.33%	Heodo
2020-01-17	Untitled 0895.doc	doc	a792e4587dd96394395bc194ba91b9b1ea7e6df65f3191ee4d5d3f9dad0954a6	20.00%	Heodo
2020-01-17	351.doc	doc	17e6fbbc141f6b7e27df7ddeb423b4aee5adfecd80db00b9990b85ca7d75fa88	18.64%	Heodo
2020-01-17	30777804.doc	doc	c5a39e53a413699b4b2b145e631810d46fa5d66b2bac69c770f15535d3f2461b	n/a	Heodo
2020-01-17	1063584.doc	doc	142c2efda50596eb5d5e050338142a7c86a5030a0c4bd1095bb30cbe0f722e1e	40.98%
2020-01-17	47585.doc	doc	6869e0e17bfecfa73511915e8a93d1a0d31a2cc85fd41c15879dba1825fd0d0f	37.70%	Heodo
2020-01-17	54619-8556547277.doc	doc	de8f84ced2a3a6a85aeb9ff016c38d519a51898a16fb059a6555f9df453c4595	36.21%	Heodo
2020-01-17	223328564_96804.doc	doc	49a2ab600f53f77b09bf90962731f7559940c6dba4c5151d67ff9bd581082d9e	n/a	Heodo
2020-01-16	Attachment 164094.doc	doc	d745ac31ffb2ab613d0ff90f9aae6bee492e6d2457e4460ede41711b9de6ab83	37.10%	Heodo
2020-01-16	72652.doc	doc	eaae7b7b5698c3222b2e1732f334dcf7b81a41dc9418fb078e83f5764ad9a8ca	37.10%	Heodo
2020-01-16	UNTITLED 9461.doc	doc	367beb7944831570410dcff59d7e8b2d5cf1074dd1ca52dee29f0dfc9785bfdd	35.59%	Heodo
2020-01-16	Untitled 70957-2348742.doc	doc	5c7d1bb4615145100fa04561534873729b8e59bc84d8fa7850575d16e4c003f6	32.26%	Heodo
2020-01-16	Attachment 9746947-57099836.doc	doc	c51484b41d584a47f9b626e5ec3b2f9a97085a03cfa45cd983a5af494ffc9746	32.79%	Heodo
2020-01-16	Untitled 689689.doc	doc	56503e659d69adad5ac525757b9150c95dd7a7f9a7eb202cc0adf485cb72646a	29.51%	Heodo
2020-01-16	4605501_920.doc	doc	6ab08d34634ed795167bd4958ff7d1eb30025d103150d61406c1ae39394d4f76	27.87%	Heodo
2020-01-16	9021934.doc	doc	5d5612495672290f7983ed6633dde72e45569deb927fd2c4b3e2fabaa342170b	27.42%	Heodo
2020-01-16	UNTITLED 718-998380.doc	doc	0ad8ae3b0babcb2ea99f2fc44d5b09fdec97843c55bdb1df4ae3a441ca2251e1	25.81%	Heodo