URLhaus Database

You are currently viewing the URLhaus database entry for http://sabsapromed.com/wp/alfasymlink/root/dev/shm/OH/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	302202
URL:	http://sabsapromed.com/wp/alfasymlink/root/dev/shm/OH/
URL Status:	Offline
Host:	sabsapromed.com
Date added:	2020-01-30 05:55:05 UTC
Last online:	2020-01-31 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-01-30 05:56:06 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:	1 day, 12 hours, 24 minutes (down since 2020-01-31 18:20:34 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-31	Invoice-FB546_777697.doc	doc	82fabfb5c99fcb09f2a636f41f6be0189789ccfa0860ecf8f4f4e2f54ecbe0c1	33.33%	Heodo
2020-01-31	Invoice_K0_745398.doc	doc	e01b9d1ec39ab6b746fab54011b045e107974f3d979db52766632eec495d9b59	33.33%	Heodo
2020-01-31	INVOICE T4_3354975.doc	doc	6fdc7cfb6df1cc8fa285d4b835fda141f246bc515b015593b6389ca4e0dbd5b9	21.88%	Heodo
2020-01-31	INVOICE TNTQ7255_82602057.doc	doc	b7240479fd2d092d581c72b25531ea78df9956fb2ea6457b82a34c9c45986bb6	20.31%	Heodo
2020-01-31	INVOICE-JECX8245_438070.doc	doc	e1fe6aa5e952e7f904ab79438277216f1af38d9073fa0f7656c8bbfec0ba6639	20.31%	Heodo
2020-01-31	Invoice-WKH30_533477441.doc	doc	e37ea56013de3f5e376abe94907f943d3d382cac1855f56a3841694118a80c80	20.31%
2020-01-31	Inv-2838_072125.doc	doc	fc244aba71a46c59805f50c5e9bfbed39277b6c94199062748330ab074a89a11	20.31%	Heodo
2020-01-31	invoice DHDG732_51529930.doc	doc	be01ef4cec3047201557beeb873ae6db08a7a0b8a3c726a10c97319b5d887a1d	21.31%	Heodo
2020-01-31	INVOICE-SY2_8258989.doc	doc	20b28afc2522751b35f0817e2d57aba7efb439f7da97ea5f87a7a948072a4b5c	37.10%	Heodo
2020-01-31	Inv-X130_22516457.doc	doc	095ae16ea2f042c2a67c760867b9e383168a9e69f35af9c53e3e42f118d8f087	34.38%
2020-01-31	Inv-7_79641740.doc	doc	8a06475b5843111147926b32b1aecdad3780400157cfae38379d64a78b36139f	33.87%	Heodo
2020-01-31	Inv-RG97_09684188.doc	doc	9931f06412385e83080f75415b9fba75bafafe36cb481e478b635d4dca29d0f3	33.33%
2020-01-31	Inv-E529_36609131.doc	doc	e663621ff749e2033b4a4cda21d7cb98e6a4efbb1c21080b5238c718e9000b4f	34.92%
2020-01-31	invoice_2544_708740620.doc	doc	2a154df78f570ed8acf939ecc71aa078e047b4a0b7cadbcc449df5c0d3f0f665	34.92%
2020-01-30	invoice DBR20_511855.doc	doc	528605cd4609d0d5cf1b221aa46efc0d8d75cbee20e5a26390b9adabe412138d	34.38%	Heodo
2020-01-30	Inv FGCM4237_834968.doc	doc	7d6d03203cda13942959101d4487c86fa9d270163e2d4800debe50da466398a0	34.38%	Heodo
2020-01-30	invoice_M028_7630759.doc	doc	55e09691a61d983f8bb5cb7d81ca1c07171d3248c62cfcd4f3b1a89f5e9a66f1	33.33%	Heodo
2020-01-30	Invoice BDI4067_2100071.doc	doc	0cd2361c959ed9e7e67f305e10241dac8c04cf6aa8816a02fa0ecd57f3b8e66e	35.00%
2020-01-30	Invoice VXK9298_705692428.doc	doc	c0ef60e9ae4ffd63004837885e296e68eae72f32531f67e363d5715b86d63da5	39.68%	Heodo
2020-01-30	Inv-799_08188015.doc	doc	4b8c920544a36d2b2fe8e35aafddad4a1052e8cced8e159cf4b9753d1c1a82ee	38.71%	Heodo
2020-01-30	invoice-4123_867400.doc	doc	d56e776237f0e2f1be46e032a21e425c59b7e0269fdb96d3cf6ec91326785b19	38.10%
2020-01-30	invoice_BIGV0_22719894.doc	doc	f274292ec06934b8c2417a6103a2558010703119785efb96e2443e57f4e1c658	34.38%	Heodo
2020-01-30	Inv IQOC63_9052486.doc	doc	9440498706f2d925d78ed85c677ee615fe3fdf05c7188cf59cadf543e59e0c32	32.81%	Heodo
2020-01-30	invoice_EAA0_46721000.doc	doc	55f8abe1aef52cd16f277aa39133736e083cd33b4d8e8599df61b13e1bf9f3f9	31.15%
2020-01-30	Invoice L8995_554441258.doc	doc	5452b9448c3310adaa86f6020c32d6ae4727fce5049f613ad9242e2f35e94eff	26.23%	Heodo