URLhaus Database

You are currently viewing the URLhaus database entry for http://icasludhiana.com/wp-admin/r90HPHcqW-h8i2ahhfpE-sector/ED2yM12J-eKCf5EtgSJqE4-ED2yM12J-eKCf5EtgSJqE4/37408924853-UZFkG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	309968
URL:	http://icasludhiana.com/wp-admin/r90HPHcqW-h8i2ahhfpE-sector/ED2yM12J-eKCf5EtgSJqE4-ED2yM12J-eKCf5EtgSJqE4/37408924853-UZFkG/
URL Status:	Offline
Host:	icasludhiana.com
Date added:	2020-02-06 11:43:26 UTC
Last online:	2020-02-12 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU002301053 created on 2020-02-06 11:44:05 UTC)
Takedown time:	6 days, 6 hours, 2 minutes (down since 2020-02-12 17:46:29 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-08	CONTRATO 1560op9.rtf	doc	7d37b6d909b0564605a92781d24f6a2da662b176d749562497aef5ee173c01f8	45.00%
2020-02-08	Oferta 6VC9974268814.docm	doc	b744ccf555100a77b8621efe23c74aff3ed8e3f4fbb8e34b52483592c329de1b	44.26%	Heodo
2020-02-08	contrato_02082020.doc	doc	69690cc935adae5a4d1123ce2eab3ad7cf528c95741631f55669dd7c7c5fb049	44.26%
2020-02-07	OFERTA_279542101.doc	doc	8f096567ebce98b023c9b7358799055fa60fbbc5c2baf4afc3362887c80416db	44.26%	Heodo
2020-02-07	contrato_02082020.rtf	doc	1e9e8b8f7b3779744108939fb7510fd0849dc94b9ce4f9c3c6f4ffe5e242f645	40.32%
2020-02-07	oferta_OG44290.rtf	doc	6cdc57781513ab513ee92cf01df3b44b42555d99698236c21384e55a122e4e40	40.00%
2020-02-07	Oferta_33736898.rtf	doc	6fc4a92196feef5bda8bdb05e2b5b05eb2c48450f60012863701e05f4aa73d03	39.34%	Heodo
2020-02-07	CONTRAT_90480124.docm	doc	636ac240261f1d7a13cb48b9550a307b97de75204a8a00299b74895576321cda	n/a	Heodo
2020-02-07	Oferta-02072020.rtf	doc	0c81715aef55fd6272ea9eb6c0cab21e3d59d660daed8c5ef3b5a20d9e3b84d9	36.07%	Heodo
2020-02-07	CONTRAT_02_07_2020-EB915761489302.docm	doc	246d09b451c88a9288e3880d5c5ec3ae6bbf45165e0ee4c1dac0e396ad71105c	32.26%	Heodo
2020-02-07	oferta 455pn2281.rtf	doc	bb7f31f17124467010b77f9ad79a13d6566f81a90e4d01a732c355c414d5a0ed	n/a	Heodo
2020-02-07	oferta 02072020.rtf	doc	5c6073128c6aac9f4b09ffb587bdd7d06668a2d765d8bbfc1e2d780083c6f390	25.81%
2020-02-07	OFERTA 34E896181.doc	doc	02cea7f2d66deb029891333a92873a517c3024551c599cc835beed93a340b4c5	n/a	Heodo
2020-02-07	OFERTA_6802380.rtf	doc	f4336b56cb9c1643fcfec80d7d36db0dff174c1d49b38f893902626fdacc7533	n/a	Heodo
2020-02-07	OFERTA_02072020.docm	doc	e35dfaa023b5432cc266cc0b09174b36fa7df259b303a79e4476474ffaf7d02c	n/a	Heodo
2020-02-07	CONTRAT_02_07_2020_4091278241.docm	doc	92eaa5e3ffece3f1e0e5ed405e8ab6de6691d6d00fc1d1890d1d1d9b9c7168c6	n/a	Heodo
2020-02-07	CONTRATO-p66oo57762.doc	doc	5a4fc3c23be16cff577a8b9af743cdfc330a1a3a8efea386690c226398d246ce	25.00%	Heodo
2020-02-07	OFERTA-4813152.docm	doc	e3adf368b634569aa1ca2545bb340ffb5df4c918cf629e3afec00b6f43d444fc	24.19%	Heodo
2020-02-07	OFRT ZC6522548-77933.docm	doc	8f3a0e19e00397efb39708dacfd129d2722146fa6d169e6a7c601c0cc02a1359	24.19%	Heodo
2020-02-07	OFRT_PEX1859-6140601061.rtf	doc	5480139ad1a7d156879a92736b3feda1f6e9bb49c6b7bd8b92471e76e92fa60f	43.55%	Heodo
2020-02-07	CONTRATO 9581295399.doc	doc	88d2e0f1e728a7142e0fa0f277f4020c91bb5e4222ccfd8162d9e0b6beb60e5a	43.55%
2020-02-07	OFERTA_H4V534959508760.docm	doc	60a2db35f6a200f89387811492bf70f40551c72578c80be36bc21dc7abbcce67	43.55%
2020-02-07	oferta-02_07_2020_769870697447.docm	doc	ae0dba6208040d7656556bb876279d0ee3708e7cba62fdf3777e81466021bcee	n/a
2020-02-07	CONTRATO 986827.doc	doc	951c41a81d18a2577f97934a32f1a28463dc7cdf7b4118ed040c35ae62864843	35.48%
2020-02-07	oferta_02_07_2020 3963977310.rtf	doc	9707abd47ef72798f3d0aa3c5f58c076f401350bb34bef7d5c7660108eab8e42	32.79%
2020-02-07	contrato_op8800944020m3.rtf	doc	4ea3c2e1f6d051de33d5c37e2dc88e621ad3ce6404691932b5787393c76fe8a6	n/a	Heodo
2020-02-06	OFRT_02072020.docm	doc	2ab5454468bf092401bb674e12f9577b0102b97450e07cc6ffdbaec61eb40953	29.03%	Heodo
2020-02-06	Contrato_02072020.doc	doc	ac7760c7ac85f9e8058a9af1862e8b503ba18efe9bf1ebfc820845a33714ea8a	n/a	Heodo
2020-02-06	contrato-02_07_2020 B241979.rtf	doc	b6a866cd6767e85ce9779e18601e4ff38f6a25e8bf459d47936489b9d58ba9c9	27.42%
2020-02-06	Contrato TF0202_114874099.doc	doc	69caf04e8e1e56614bea23015c10066190147415d1c1699accdc79c49531cedb	29.03%	Heodo
2020-02-06	CONTRATO_CFS2066028-825581852728.rtf	doc	0395137796e0f9fe7c273562138c7e5f0c988214841e6ed4cda2e3978a98f1bb	29.03%	Heodo
2020-02-06	contrato_26509370.doc	doc	548c32e1f7c11d658a1b45cc341ea2480b28c86e352baf366289aaa70a9e9292	29.03%
2020-02-06	contrato_CHF06449-79881293413.docm	doc	00810a12662ed1714ce797c700855a606ab35c246a1c1a2ada47b503d612a82d	n/a
2020-02-06	CONTRAT-4967707887.doc	doc	85404d4a489d199d3055637e3e11f3d81b783d8ba7872bae892dded74dd0edd1	n/a
2020-02-06	OFRT-02062020.docm	doc	3c9d9f7c089af3d74e37371950a676a966f7160c531930a218fcefda342beee9	26.23%
2020-02-06	OFRT L3794794 975003.rtf	doc	a2a0d4396733a29e832691fef191647fea4230db515ac8274376ac423becb5f0	n/a	Heodo
2020-02-06	Oferta-02062020.doc	doc	6975ed31fcf619923b119bc26d0f005ef935aaa2e20b25553b47389844f6005d	23.73%	Heodo
2020-02-06	OFRT 5nno15.docm	doc	802b9b70699cbb4e1fc2ade3ef3df992321635cc90cf904d6cc78f0a66bb454e	n/a