URLhaus Database

You are currently viewing the URLhaus database entry for http://vics.com.sg/aspnet_client/995543_lNkq1v1HN_sector/external_portal/408tp2uevn7w8k_617t3v6zytuzx7/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	308903
URL:	http://vics.com.sg/aspnet_client/995543_lNkq1v1HN_sector/external_portal/408tp2uevn7w8k_617t3v6zytuzx7/
URL Status:	Offline
Host:	vics.com.sg
Date added:	2020-02-05 10:46:08 UTC
Last online:	2020-03-07 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-05 10:48:02 UTC to abuse{at}netdeploy[dot]com)
Takedown time:	1 month, 1 days, 12 hours, 2 minutes (down since 2020-03-07 22:50:53 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-07	Mes 2020_02_07 20474.docm	doc	449e2b8365dd554b9df5281be690520fc194fd1b4e74d71b3af98e04111596e3	24.59%
2020-02-07	Mes 88612.rtf	doc	5a4fc3c23be16cff577a8b9af743cdfc330a1a3a8efea386690c226398d246ce	25.00%	Heodo
2020-02-07	List-2020_02_07-281.rtf	doc	637aa5ca4158cfdea8113bdb062b8ac800b8d600a5b7e16969f7f3d4ce77245a	24.19%	Heodo
2020-02-07	dat-G8840.rtf	doc	4d46d038cd9f2a48555e70846240d75457b23f0c3a192d9a9bf8a498ea35e2ce	23.33%
2020-02-07	List QRG57653.docm	doc	006766d9879f75d74de2c385ce8418fb838989af2046d8d329ad6ae7dc6d26eb	n/a
2020-02-07	arc D8956.rtf	doc	88d2e0f1e728a7142e0fa0f277f4020c91bb5e4222ccfd8162d9e0b6beb60e5a	43.55%
2020-02-07	FILE 2020_02_07 8245.rtf	doc	60a2db35f6a200f89387811492bf70f40551c72578c80be36bc21dc7abbcce67	43.55%
2020-02-07	MES IMA7078.doc	doc	ae0dba6208040d7656556bb876279d0ee3708e7cba62fdf3777e81466021bcee	n/a
2020-02-07	List_20200207_CLT624.rtf	doc	951c41a81d18a2577f97934a32f1a28463dc7cdf7b4118ed040c35ae62864843	35.48%
2020-02-07	mes M251036.docm	doc	4de743bb5a807944570907fec4e4ca12efe2016c5c50e04f718ed117b26a76ee	32.79%
2020-02-07	file-GU684358.doc	doc	4ea3c2e1f6d051de33d5c37e2dc88e621ad3ce6404691932b5787393c76fe8a6	30.65%	Heodo
2020-02-06	Mes-2020_02_07-H0750.doc	doc	2ab5454468bf092401bb674e12f9577b0102b97450e07cc6ffdbaec61eb40953	29.03%	Heodo
2020-02-06	List_2020_02_07.doc	doc	ac7760c7ac85f9e8058a9af1862e8b503ba18efe9bf1ebfc820845a33714ea8a	29.51%	Heodo
2020-02-06	FILE 2020_02_07 1829521.rtf	doc	b7676cdb8dc6fbbbfb658a4eccf03a5c3290883a4fda239945b7a3c012950ed1	27.42%
2020-02-06	List_2020_02_07_7259980.docm	doc	b6a866cd6767e85ce9779e18601e4ff38f6a25e8bf459d47936489b9d58ba9c9	27.42%
2020-02-06	REP_2020_02_06_466.doc	doc	69caf04e8e1e56614bea23015c10066190147415d1c1699accdc79c49531cedb	29.03%	Heodo
2020-02-06	List-QKZ13759.doc	doc	e62205f9ad8ce110e6f628a4622e7f12d9db3b4c2cc100e1d464b06f2a2b0afb	n/a	Heodo
2020-02-06	Dat-145.docm	doc	548c32e1f7c11d658a1b45cc341ea2480b28c86e352baf366289aaa70a9e9292	29.03%
2020-02-06	arc MGM772566.docm	doc	3e2e9332429ca46e97d6d5b2d39864b216599b31498ebda448a3fc2adfc78a0d	29.03%	Heodo
2020-02-06	doc_9952.doc	doc	e2242f427a47cdd239a61505c64bb7956f2c451a95ae9dfcf44f845fafeab46a	25.81%	Heodo
2020-02-06	MES.rtf	doc	464e3fbff2832e347b5bfa5fd0151fbfc4f3107cf97f74b7addcbc2984b60143	26.67%
2020-02-06	INF-2020_02_06-Z639.rtf	doc	20a0926fb970d58fb5681385d5b8bbc67f1abdfe2e240c721e1034857c14cb9a	24.14%	Heodo
2020-02-06	list-409859.rtf	doc	b99125a74c2d36d2875478ee03096a69ad74f272c1ced98d2e22ea0f2a3d3191	22.95%
2020-02-06	Doc_P100256.rtf	doc	186ad5a4edbbc67f97e4c4d0236f263ae46435a2687639dba2a0a91edd0d6ce5	22.95%	Heodo
2020-02-06	rep 631545.doc	doc	5c65f21a3869e1e15433c2263d8dff3827f622520c972b12f4686250b8e68018	23.33%	Heodo
2020-02-06	rep-2020_02_06-778.rtf	doc	de051ed1500a8c104656fd5cdfc8735affb7c0bc996b98ab0872bedf6d4172ff	n/a
2020-02-06	REP-20200206.rtf	doc	d0ba1020328bfa59129c6d94b6bfd8979bd652574b24407bcfdadc75fcf28fb4	n/a
2020-02-06	LIST-177556.doc	doc	5c3ce056d5c4c031e62f29306f27698d258d673ab890eaf2c2bd06487933aa00	n/a	Heodo
2020-02-06	mes_20200206_5987651.doc	doc	fa37e0cba4786db4ba847c2e4f9b4ee78aedbf0eea4491228705fc00980af4e8	32.79%
2020-02-06	inf 20200206.doc	doc	346d01cf657414934f8c87af6f0ae07d23875f613db84e483f2174b6353ab405	33.33%
2020-02-06	Doc 2020_02_06 YJH03763.doc	doc	43e38902740c39567550fd0e4c87c00947c5fe577765eb00051f0212c05d7cab	33.33%
2020-02-06	Rep_20200206_YI3365.rtf	doc	702b22d598064f664dd6fbf97fb50364269f0215cbeabf867165861dd0b7d82e	32.79%
2020-02-06	inf-2020_02_06.doc	doc	24bc1b322505611fc96f657f00be75ad4a096d02fc3e78d4b45369b13358575f	33.33%
2020-02-06	ARC 2020_02_06 8005187.rtf	doc	58f94895848e841464a8b36d26e332a50e9b082bd7df37c1c054168929b7b34e	31.15%
2020-02-05	file 20200206 CJ21752.rtf	doc	335e92129e141d12928fdc17fbb6c1dfe8b6fa59b2ff2a4ad0c60f4f0637ee83	27.42%	Heodo
2020-02-05	DAT 2020_02_06 5282836.docm	doc	c1d36e9aab2030f23a10178cc432f92255b74c7e2382840bbae1ad7c099e97a9	26.67%	Heodo
2020-02-05	file 2020_02_05 I732008.docm	doc	1566745273aeac5249400c456f82b70e870825a50ee2457479f734c7686dfb54	26.23%
2020-02-05	REP 2496.docm	doc	47ca3de0e80a4e9571311ab0b2470ecc29d18c990b063b57aef1818e5a3c260a	26.23%
2020-02-05	rep-8410.doc	doc	c0b9c90ce017a4e5196e744c7948464ff57431da4a1d820793c5aea57cc0a095	n/a	Heodo
2020-02-05	doc 20200205 VYW6368.rtf	doc	da0b1e331a89bd28e4338a886d224c01e9194a764a6ded30bac8b16670a589b3	26.67%	Heodo
2020-02-05	File.docm	doc	20b603562ad65e466c27733e3ba8368c3ed83caeec165555f4a935ed0cc6d4b1	26.67%	Heodo
2020-02-05	File-459.rtf	doc	1d71db32310de6088f008bda0c652b8a1715c3b98c549cfca90601bdc70c59a8	25.00%
2020-02-05	FILE 31715.rtf	doc	6228be42f808ff1c2d59dc6df839b24c07a9e9640fffea33d21e69f3b2765a69	n/a	Heodo
2020-02-05	dat 1819629.doc	doc	e017e89646b0d091bc67504f4318ea078b5a279edd898f418ff735e40c432e28	25.00%	Heodo
2020-02-05	dat 20200205 6528903.rtf	doc	4a45120dce1cd34a211f66e94d6a16a0e567d8aa85527c6fa830f99691cd1816	24.59%	Heodo
2020-02-05	mes.rtf	doc	2ace029191f61ec162d3403a04de30018c667003664c72194a3fd133c86b6c72	n/a	Heodo