URLhaus Database

You are currently viewing the URLhaus database entry for http://ozbio.com/wp-admin/T0vx-CASer7vxXKw-module/verified-warehouse/18pf6n-75s6u13773vt7/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:307021
URL: http://ozbio.com/wp-admin/T0vx-CASer7vxXKw-module/verified-warehouse/18pf6n-75s6u13773vt7/
URL Status:Offline
Host: ozbio.com
Date added:2020-02-03 17:34:07 UTC
Last online:2020-02-04 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-02-03 17:36:02 UTC to abuse{at}abusehost[dot]ru)
Takedown time:22 hours, 25 minutes Good (down since 2020-02-04 16:01:09 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-02-04REP-LP960042.rtfdocx 71504ffb2ac7323b2da494aabf013190544db3e4230b363b639d68878aaf77dcVirustotal results 36.51% Heodo
2020-02-04FILE_2020_02_04_7119789.docmdocx 167323f590c8eea01e897581a3de8e00606c176ff6518fd3ac0a3d64dd2e7d9aVirustotal results 36.07% 
2020-02-04List 20200204 JH348422.docdoc 4797cddac2f4b88206c147e98842f78fb081f26db474df81a02a7a05c59865ben/a 
2020-02-04Rep-2020_02_04-FA135.docdoc 7769ae1cce4e29c3e8bd982600d46a07804c1f66a2772bf00ea100aa24c227baVirustotal results 40.68% Heodo
2020-02-04File-20200204-IUD8217.docdoc 06ef3b76fdfb2eccd0a672a1023ffeff68a0dea6d2a4da527eaa596842391fc1Virustotal results 38.10% Heodo
2020-02-04Arc-2020_02_04-3982.docdoc 8143fbcde0aa33fda4259a4da03b0f205f9577ebc92d9dc186cb20a1219de133Virustotal results 38.10% Heodo
2020-02-04File 20200204 319600.docdoc 821d5e01c6a22bf01f87a2cc063615e17a74dd2599e21bb6ec2de779f77c8d08n/a 
2020-02-04LIST PUO294.docdoc b5bdbfe46cbe25168c809c0da1cd3018bef7e7821ead2808e7b22f4a01d76a34Virustotal results 38.10% 
2020-02-04DAT-2020_02_04-5327.docdoc 3d78b8943ee63fbf0eea864676e6cc25a64863d53c9252807f5cfd86ebe3c4fbn/a Heodo
2020-02-04file 2020_02_04 SZB339132.docdoc ce8eb63345280d1325f0c238ee972e035dae857560a8092478c2d7029db2b81cVirustotal results 34.38% Heodo
2020-02-04Mes_2020_02_04_L5354.docdoc 96ca41fe85593ec2adee71cbe9ddeae3c084689d3bd049ba0b3a548895583c11Virustotal results 33.87% Heodo
2020-02-03REP 2020_02_04 F96945.docdoc a958c01598fe12500a80df8027f579420835f95b60f2d55b885127d396e6196bn/a Heodo
2020-02-03Rep-20200204-16641.docdoc d48d382a360c44f8990a525f7ee79c00056b9091d438e3d641396d8353374bben/a Heodo
2020-02-03Arc.docdoc 638b50da8c574f4785910dca412d1afe1520c754d676c4f8838455d0de5d637cVirustotal results 32.26% 
2020-02-03Dat_2020_02_03_1103.docdoc 0d7ea58a5c9c2e9c564452f61b6fdc2c2a590d27f718ff40d270537518afb93bn/a Heodo
2020-02-03ARC 20200203 939827.docdoc aa645c4db88eaf6ca752a4c4ff090e64b9aa941e60da6fd52817305597b64a56n/a Heodo
2020-02-03Rep 2020_02_03 DP2935.docdoc 3d60a61d4322a42b51cb54e9a972edc6a630a3885f4095ff9803fac7f554dadfn/a Heodo
2020-02-03ARC_20200203_NO308280.docdoc d9e235dd6ed092152c7d24f09642ca8cf0bce79b139edebcb39b571d4b7853d8n/a Heodo