URLhaus Database

You are currently viewing the URLhaus database entry for http://relvinsglobaltech.com/cgi-bin/common-zone/individual-gw98zV-skh6hKEpkzSjjS/5jhxzgq5l-w354/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	300531
URL:	http://relvinsglobaltech.com/cgi-bin/common-zone/individual-gw98zV-skh6hKEpkzSjjS/5jhxzgq5l-w354/
URL Status:	Offline
Host:	relvinsglobaltech.com
Date added:	2020-01-28 23:22:03 UTC
Last online:	2020-01-30 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU002283389 created on 2020-01-28 23:24:04 UTC)
Takedown time:	1 day, 17 hours, 12 minutes (down since 2020-01-30 16:36:23 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-30	INF_20200130_W344981.doc	doc	27e174efb0d6e8b05cf666fd50c3163d91cd9bc9416197af58f70c1f027d2a0e	32.81%
2020-01-30	FILE-AOA7935.doc	doc	2d865b1d71a6827ca4eb3b7f884d08cc2acbcea2e862ce53a15cea4128959e8c	30.16%	Heodo
2020-01-30	REP-20200130-6918505.doc	doc	767b17c9708aa05e3d52db97aa2842a873f2cf8e9d75f19e3e8c84fd32442e32	25.00%	Heodo
2020-01-30	doc 2020_01_30 4418.doc	doc	7099bcda5f0b4caadc077f6bc794a4dc8933e66863535f49c23c8b19ec793b7f	28.57%	Heodo
2020-01-30	Rep.doc	doc	6686a87ce4ec03815de4f384705a2a876aee4195ecaabf95d727a6d63030d4e8	29.03%
2020-01-30	Dat_11505.doc	doc	1db0c100dfea192f88767bedda9beef583fcfb5c7797f32d7f93dcf045d3239c	25.40%	Heodo
2020-01-30	Inf_20200130_P4773.doc	doc	23b0933587b2ce021d44e764dcdfb9961d967b9e9490d154457df7e420cf9fa4	25.00%	Heodo
2020-01-30	doc_2020_01_30_GW8052.doc	doc	9770154f6b54c8685ee215a2ddb8c8c91d95c59768711dae07d13a0d7619a70a	25.81%	Heodo
2020-01-29	file-2020_01_30-651095.doc	doc	0c899fbd963450fdf0d3d487fd91c0ef00e8c4191115d99d58a6b75476b06254	22.58%	Heodo
2020-01-29	LIST-20200130-RTJ3683.doc	doc	2c7a2ffff7a4a2fcb7a86235dafda3b02ce67330155e00a22408d6c14b2f5caf	40.32%
2020-01-29	MES-20200129-176916.doc	doc	de39c0b0ba341eb6a6c1cc3bff5a3dede93907976a77563396df5165f422ac7f	33.33%	Heodo
2020-01-29	Arc-2020_01_29-C6016.doc	doc	7e8c0e91d30b485bed7963d9d3169c243edb3f5f2ce5e8049df4731007ea4d61	32.26%	Heodo
2020-01-29	inf-A257.doc	doc	49725f6641477d5fcdc1933e66eb652922a1e1264277a6aef8069967eb0084f0	30.16%	Heodo
2020-01-29	LIST-20200129-RR8595.doc	doc	c0ebbfa695c1e2d054d32b340956dfffb4c155a4e420caaf593b0f1bbccbbd18	27.87%
2020-01-29	INF_OOS1591.doc	doc	7caba02f08e117aabc3a0f109c1e5d565c3fdf3aec3ae0c90d0d78a16b6c2a8e	26.98%	Heodo
2020-01-29	DAT.doc	doc	41f2df35fe03375e39b939c95142a9c04e1613e60bcdeb4f50ea339349d04243	26.98%	Heodo
2020-01-29	DAT MND824.doc	doc	0b0243567f8017cba7be007b4d797731af10a9c7e9971cb09881d0a646bf88a2	30.00%	Heodo
2020-01-29	FILE-20200129.doc	doc	6765421b973c2bc3603b0f52f3ed514310bb83b678823614f845b6d4b1cbedc9	26.56%	Heodo
2020-01-29	Rep 20200129 K99514.doc	doc	a4edb0742bb50f5c20c88508ef0dd1028d985dcf0b9ced6c6c9bdf800e1c6748	25.40%	Heodo
2020-01-29	list_20200129_944784.doc	doc	9e66ad03e7885710b534addc2f0c5637987970b3c6185b27cb42a4fcfa06dfc9	24.19%
2020-01-29	doc-11343.doc	doc	94e0d6de6118c26179d6f05dd39b5583f1fe79c66151f666734b93a655a71930	23.81%	Heodo
2020-01-29	Rep 2020_01_29 OH88253.doc	doc	7c22eab322ac6b786498c54df9abb223c3466203f681028b1023147f081fd6ca	n/a	Heodo
2020-01-29	inf 20200129 653386.doc	doc	fb8b1e69574f8ec2121b612f1339a516d01536a2174f432585e94c98fba7ab8b	44.44%
2020-01-29	FILE_2020_01_29.doc	doc	085777a85dd9b9d62ecf918d0cda586ecae8d0b32af5aa6182d85c77a8a571fd	42.86%	Heodo
2020-01-29	arc-20200129-6539.doc	doc	8c05cb88caacbc8eb0e4a1e79a0d1a707959b45fb39f5e694923b6b069ebce75	43.55%
2020-01-29	Inf 20200129 5321.doc	doc	6a23106b558df36e6d88bb5b5dd187430087eff0c8a2ca1586f8538e8259e01d	n/a	Heodo
2020-01-29	doc_20200129_212861.doc	doc	5ed01ecc76724ef8dff654d4ef2b359c600c6dd3da2481677304b851d0c752b7	43.75%	Heodo
2020-01-29	file-T115.doc	doc	85359d87138be58de0c049e5c520f4de37adde9310893971769a0c640ba0a0fd	44.44%	Heodo
2020-01-29	DAT-IZ212620.doc	doc	705a21a458e18ec2353f1141cd6971cd6ffe76398c6c0bffea9c4f3e2c370c87	n/a	Heodo
2020-01-28	rep_658.doc	doc	823c46a2cd9f3c41e6795ce6489cee5478c80ae57a213d3fa40f9f10fa2dd6ae	41.94%