URLhaus Database

You are currently viewing the URLhaus database entry for http://hccsouth.myap.co.za/wp-admin/zpi0yf-xkas-01/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	307949
URL:	http://hccsouth.myap.co.za/wp-admin/zpi0yf-xkas-01/
URL Status:	Offline
Host:	hccsouth.myap.co.za
Date added:	2020-02-04 11:27:12 UTC
Last online:	2020-02-28 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-04 11:28:08 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:	24 days, 1 hours, 51 minutes (down since 2020-02-28 13:19:52 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-06	INVOICE R5_08553818.doc	doc	6f2348d8a57193b749e7d6f280092c70d37e793b14f39be69bc976bab84958db	21.31%	Heodo
2020-02-06	Inv 2_79399878.doc	doc	67617db60beb8c4cce54db289e3d3a8406049516de95ccc8940b0d1735caa144	20.97%	Heodo
2020-02-06	invoice_SOS37_778661016.doc	doc	fd7c8c6cf457d1d127ee24d40ea990ccae1f8f8e8c648e61c760124a04dd4941	22.95%	Heodo
2020-02-06	Inv 0_9790739.doc	doc	5f1d9dff136888c71d8b157e91821d73a94faa92af1bdc04912d223b7b1de32d	31.67%	Heodo
2020-02-06	invoice_KUXC1_9931419.doc	doc	aa1a76b81c26b3039f992fa97b4738751e8bd457072a3c63260ce986b96488ed	33.33%	Heodo
2020-02-06	Invoice OZ5_723323575.doc	doc	9eca08bea00fec73f8bdc769abf28f857d39de7d922c4d0dfd4017dc5981d2b0	33.33%	Heodo
2020-02-06	Inv-NNQZ0029_286856.doc	doc	c7b6f46f5a55f557c829d3a1e6d171b7fc2577517bd72b3219b805304f56a2fd	33.33%
2020-02-06	invoice-3060_329405956.doc	doc	a6f19dca43628c0760f4bc6d493a9607e9d9ab713610dbd09c19d7670ee49cb6	31.15%	Heodo
2020-02-05	invoice_L2870_368247.doc	doc	fbc7e227ec8bd45144bdd33ac13c8a9b563282ce2c47bed6f613e71ed22dea4b	26.23%	Heodo
2020-02-05	invoice-MKG2_730101354.doc	doc	4c81ae4043b5ebb941a22c4511a4757a6a0ca5a842660b5c1ea31c57955800c5	26.23%	Heodo
2020-02-05	INVOICE-US394_781675871.doc	doc	9f6e3884e315de26a6adb8852faeaba696904331425f2e25144be6675f9f1cce	26.23%	Heodo
2020-02-05	Invoice-LCR5523_999862820.doc	doc	ad495b7efc571f2027ae5d71d64f570d3120edb60cefb029658e4b6ec588e4b0	26.67%	Heodo
2020-02-05	Inv RRE01_545337558.doc	doc	bac64a981e3fddb119868ac4b6c14005db9b3c64f608849911d6c08947267dca	n/a	Heodo
2020-02-05	Invoice-235_76692968.doc	doc	80ff1f7758139fb61d82afe12894afc778068701ba7fc6acc78f1e05b8e6d90b	26.23%	Heodo
2020-02-05	Inv X8021_044245249.doc	doc	2592177b8fc2dad7890e1d568a33bde6b00c015fc0c96dbccf47299f5f0953b2	27.87%	Heodo
2020-02-05	Inv ZX0510_790361.doc	doc	553bb18cdd7ff56366cb6f9509373cc5c6e58e24d1056bafe7e9bde95f6817d7	26.67%	Heodo
2020-02-05	INVOICE_A71_1660888.doc	doc	3d86715a18dc19cdf1364d58ff7deee2c387cde502de5b43166a7c0d98b2a24a	n/a	Heodo
2020-02-05	invoice-UW4_8188282.doc	doc	dc0402b2e8b444ac6695dd0686b697822b5c339fb556f63aaf4cb4dce9354572	27.12%	Heodo
2020-02-05	INVOICE-UQH2310_228743369.doc	doc	6e4f1e55d03c7f87e1640ee1dba3bbbf7f3d01655098885ef1db6e84a5947292	27.12%	Heodo
2020-02-05	invoice_XN8875_714413.doc	doc	cd7205a871273f045d8ee2a8621fcd7dd7778e062e3598507c21ffb656752721	33.33%	Heodo
2020-02-05	INVOICE_494_793793.doc	doc	d753eaf7b22aea01dd44dfba5b9fc26ebb5677f4a713b4afa69d8c34efe836f0	33.33%	Heodo
2020-02-05	Inv_EJ356_5947754.doc	doc	471942cfd9aa93923bc0f054e64201217913ae24a3e192919207202918c628fc	32.26%	Heodo
2020-02-05	Invoice_MAJP3489_096688892.doc	doc	50ed2de7492f944d8a34c9d454c3757a58d26078f91dd5de90ac595eb6279dc7	42.86%	Heodo
2020-02-05	INVOICE_T1_3721625.doc	doc	4887e700c4997ddaab9733c0dc0696a27e93eb2c02e2839119c077c2b92fd2d6	34.92%
2020-02-05	invoice ZO453_015408.doc	doc	fe95a5f68fe689f22c1ba6e479febd867fbb29760f0063700ad27d7d8b482d67	34.92%	Heodo
2020-02-04	Inv-0088_42479772.doc	doc	c01faf044c1df797bde7ae50e931236add55e532401115f33435ad6802eeb184	33.87%	Heodo
2020-02-04	invoice-JPBJ284_6847519.doc	doc	0b2ca06ad6086c411fe61f2b5a791d8fa9336d920a8c39214db4c4b05e69a3ac	n/a	Heodo
2020-02-04	Invoice-MC89_97871057.doc	doc	41aea47e36728ef17f91fb0ed0239001ef742699f4e187e54d4e107680725a5e	34.43%	Heodo
2020-02-04	Invoice_CKD101_814847250.doc	doc	9cf373c9a2dc126d14647d1c4f9bd6a554335f4f00f76b6ad0ce24dff7d1c054	33.87%	Heodo
2020-02-04	Invoice-MF882_987825.doc	doc	cf00a0e13bdc326ecf08bd0238ee35c3600642133c7f84f69b0434aa63bfa291	33.33%	Heodo
2020-02-04	INVOICE-M1_902313.doc	doc	b4c3990e73035881f982534ee5ccc3a30f80b58c625e28b6f68067c223589fc1	31.75%	Heodo
2020-02-04	INVOICE-I1_654776273.doc	doc	40c57139f9fe475f5e06542c48aac3476cd943f3530f73ef44a60db380bf9e04	38.10%	Heodo
2020-02-04	INVOICE-QUCV748_9862620.doc	doc	cf761039f6144534194bd9b3c7b79c189a433742c439a379d11e351c6b46263b	n/a	Heodo
2020-02-04	Inv-ZK9504_1419175.doc	doc	1173cf1516a39c758a543aa77e5efb97ae7c0405e4d4921939f774fe9a48be41	38.71%	Heodo
2020-02-04	Inv-Y320_739347.doc	doc	b38620f90ec6f200c3c194fb6ec3444c55f50151f4a47cd6ff0eba0bc12a03ca	n/a	Heodo
2020-02-04	Invoice_IHS443_30770238.doc	doc	c6f67345d51de31d968f542885d815a518e46ae16c2629694893cceceb18ff3c	n/a	Heodo
2020-02-04	Invoice_MZTW9_2421062.doc	doc	073c64aace2e395d927a52fac9abc86ab289aaaa00bebe880dc097c54e8cbb78	n/a	Heodo
2020-02-04	INVOICE GLKQ79_3226791.doc	doc	f243a8a66b3734ae705e62579b6520ebd361bf4f5b5b51462032c3c2261f8841	35.48%	Heodo