URLhaus Database

You are currently viewing the URLhaus database entry for http://litbau.com/ys3vxrgwv/private-7v-yvpdlqrawy6g/individual-5558535845-XwqruEyS/1zdlekxbvl3o8-23u1y2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	300474
URL:	http://litbau.com/ys3vxrgwv/private-7v-yvpdlqrawy6g/individual-5558535845-XwqruEyS/1zdlekxbvl3o8-23u1y2/
URL Status:	Offline
Host:	litbau.com
Date added:	2020-01-28 22:17:06 UTC
Last online:	2020-01-30 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-28 22:18:02 UTC to abuse{at}iv[dot]lt)
Takedown time:	1 day, 11 hours, 11 minutes (down since 2020-01-30 09:29:04 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-30	List-20200130-089274.doc	doc	23b0933587b2ce021d44e764dcdfb9961d967b9e9490d154457df7e420cf9fa4	25.00%	Heodo
2020-01-30	arc_24093.doc	doc	4932fd4b350016a8ffd5945209efaabc177ab4bb83e310f2896d29c02e0a612f	25.40%	Heodo
2020-01-29	File-2020_01_30-7477.doc	doc	0c899fbd963450fdf0d3d487fd91c0ef00e8c4191115d99d58a6b75476b06254	22.58%	Heodo
2020-01-29	Inf 2020_01_30 XG4025.doc	doc	f3e0ea1e9f70b58a16ab7b737be16e81a1868a88fcdd4de0c1fb6c4a3aa6b3b9	40.32%	Heodo
2020-01-29	doc 2020_01_29 ZBB007551.doc	doc	e49d66744b97eaa47dae870c0fdd5f6b3a52e1b2245e8567ffa6b8a344663fe8	34.92%	Heodo
2020-01-29	Arc-20200129.doc	doc	49e28f382793143c68d57be83f8e7252dea8674a30f06b9063dd9ccfc4f25e85	33.33%	Heodo
2020-01-29	ARC 2020_01_29 V09813.doc	doc	49725f6641477d5fcdc1933e66eb652922a1e1264277a6aef8069967eb0084f0	30.16%	Heodo
2020-01-29	ARC_4886.doc	doc	b09c8d39fe17d600ac2beffd9540076f55d944b41ae3c11b26600252a272b3ec	26.98%	Heodo
2020-01-29	File-20200129.doc	doc	5ae7e30b55476614975a3dcc125e78cc5e84eb3a8c413ce9a42be9d99ed7150f	24.59%	Heodo
2020-01-29	ARC-20200129-S9256.doc	doc	41f2df35fe03375e39b939c95142a9c04e1613e60bcdeb4f50ea339349d04243	26.98%	Heodo
2020-01-29	dat 2020_01_29 BZL522.doc	doc	0b0243567f8017cba7be007b4d797731af10a9c7e9971cb09881d0a646bf88a2	30.00%	Heodo
2020-01-29	INF 2020_01_29.doc	doc	6765421b973c2bc3603b0f52f3ed514310bb83b678823614f845b6d4b1cbedc9	26.56%	Heodo
2020-01-29	rep_20200129_F02944.doc	doc	8c178af12cf53e214a99e4c9125f73724ad6029bfb2e095b3c6257cb3a25109c	27.12%	Heodo
2020-01-29	Arc_2020_01_29.doc	doc	236377595fd82bce012119ea70446676759bc46b7fd57587a294ddc9d08f0e39	n/a
2020-01-29	doc 20200129 822.doc	doc	94e0d6de6118c26179d6f05dd39b5583f1fe79c66151f666734b93a655a71930	23.81%	Heodo
2020-01-29	REP-739.doc	doc	c2b2cd3b90f72db2fc325fdac1161626765153b7cb874ee42bea9fe3caf0eb6c	25.81%	Heodo
2020-01-29	rep_20200129_OU76816.doc	doc	fb8b1e69574f8ec2121b612f1339a516d01536a2174f432585e94c98fba7ab8b	44.44%
2020-01-29	Inf_7418379.doc	doc	085777a85dd9b9d62ecf918d0cda586ecae8d0b32af5aa6182d85c77a8a571fd	42.86%	Heodo
2020-01-29	Arc-2020_01_29-895.doc	doc	f5c5c5efd56a06272577f6aa8fde6fe22660095ec9332d7449f3e0769fa11b8e	42.86%	Heodo
2020-01-29	list_8360960.doc	doc	d0587297f7b5699b364592f59c0d93057b42defb42c714d6381d54a6142953ed	44.44%	Heodo
2020-01-29	List 20200129 9662327.doc	doc	5ed01ecc76724ef8dff654d4ef2b359c600c6dd3da2481677304b851d0c752b7	43.75%	Heodo
2020-01-29	Dat_276.doc	doc	85359d87138be58de0c049e5c520f4de37adde9310893971769a0c640ba0a0fd	44.44%	Heodo
2020-01-29	mes_1855447.doc	doc	99f4cbe6a9549c0dd8d99cdbee3c8ffe2c85d61f8a3cc94d1e57a962e4497be1	41.94%	Heodo
2020-01-28	INF-2020_01_29-6059.doc	doc	a5b8d8907e0cf3e09b5a2e7bd993dca67975830d84b0ff832334fdafe4f656d3	39.06%	Heodo
2020-01-28	file-20200129-95040.doc	doc	723c79b0fd3f8496faa71fc20d19efcf18be9557f4a4858ec6ff651bd49cbdc4	41.94%	Heodo