URLhaus Database

You are currently viewing the URLhaus database entry for http://psotm.pl/wp-includes/closed_zone/interior_area/963338392_kCrsPUBs/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	414157
URL:	http://psotm.pl/wp-includes/closed_zone/interior_area/963338392_kCrsPUBs/
URL Status:	Offline
Host:	psotm.pl
Date added:	2020-07-17 17:41:27 UTC
Last online:	2020-07-20 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-17 17:42:11 UTC to abuse{at}home[dot]pl)
Takedown time:	2 days, 14 hours, 56 minutes (down since 2020-07-20 08:39:09 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-18	DAT-20200718-69615.doc	doc	8a20c5d41b0ea80165d9d900936696ea0d6e1aff5e22ec84913d2a8663f4c063	43.55%	Heodo
2020-07-18	arc_2020_07_18_9566754.docm	doc	40ff69629d016b471e8d629757c3cd4ab76c1958b851d9484fe5b9f12bd05b20	44.26%	Heodo
2020-07-18	File_GM4968.doc	doc	7b109398cbf73b6ad4911a37a8599dce651c0580ddbf0fb4bd7d6ca4d429b245	n/a	Heodo
2020-07-18	MES_2020_07_18.docm	doc	fdb43ef55c448c1ddfb8f3f4285691274726e0ebea7bb77329da28e47d9e9eb1	n/a	Heodo
2020-07-18	INF-2020_07_18-7484.rtf	doc	d83dda004c1f5cc3b6af587c3ceace1bb5f2e76e8cdb013a30c0078e100b2e07	43.55%	Heodo
2020-07-18	File_20200718_31477.rtf	doc	49b1db3ab05041bbb1b9a2cd6c9b4e33f1c3dc4771d4e5b35ca7e19135c5006f	45.00%	Heodo
2020-07-18	mes_XI75102.docm	doc	98ff83d44d2a1d8e59aa9c90d56ac4c6fb1bc08ccf6320d7e0956075e7f8d059	n/a	Heodo
2020-07-18	List_20200718_R52099.docm	doc	0282a9682b4c3f016f4cd84847a3973d205972a75993feb753b575895a162a46	43.55%	Heodo
2020-07-18	inf-Y1209.rtf	doc	f6059b68359fc971b85eaf15867042805b0246083140729de8830fc239c0a4ed	n/a	Heodo
2020-07-18	Mes-2020_07_18-838.rtf	doc	0f62fa0eda89b4c7e9907ff92c9cbfcc2639c16eb162c40311c4bf40396c47e4	42.62%
2020-07-18	Dat 20200718.rtf	doc	e4f83f5b3d38b5bbe3b2372980bdb5303c74b1938b66e40288e0ad6c2c79d9b7	41.94%
2020-07-18	Inf-874086.doc	doc	25bda46f24b9ad3a6070206abdb225178d5c0372e2ac3cc27657dff36eedd7d0	n/a	Heodo
2020-07-18	MES-562.doc	doc	2f2bf71ff720e834455f232dad3c4c5a0b4e7a0160fe14230fd7d73e3b394883	27.42%	Heodo
2020-07-18	FILE 2020_07_18 QV902300.doc	doc	1fe6bff652bd2ae7803b24a5de11039367bea29f7f8cfd00bf212cbc841cd784	n/a	Heodo
2020-07-18	doc-20200718-773.doc	doc	5239c9a098468e61c38a839792ada20222fe9fc976df4b9605c5232033be081d	41.94%	Heodo
2020-07-18	doc O719.doc	doc	db7f888bc27f3625e1d2aa8dcd1f473d1b6c3f18425041aeb9d6317a5cf977c4	n/a
2020-07-18	rep_2020_07_18_245454.docm	doc	10c77e4b6a5839e58d182a67152db5b25a31e943cb0fa06ce266b27e8c4d06e3	n/a	Heodo
2020-07-18	File_2020_07_18_83022.rtf	doc	44737c7b4475fb2a259af5c0b23c7f14945dda0d119491a61f2004f59cce8105	n/a	Heodo
2020-07-18	LIST_2020_07_18_R1997.rtf	doc	b5e3dc0a53062058a2b13ef1d82f7c2b7ff5fe9452fe4cfd534eb6acc3844a26	40.32%
2020-07-18	Rep_2020_07_18.docm	doc	c4fef70e62aafcefd6600e91edd401ccd941dae7472d89fd2cb164219eeb34f3	n/a	Heodo
2020-07-18	File-2020_07_18-602589.rtf	doc	f821386a84c5ca5ce96218b63990b6ef7ba0016e43aae95ebd78c9bda997b6f0	39.34%	Heodo
2020-07-18	Arc-2020_07_18-OIP518523.doc	doc	91c02fe37317be17fd879fd63a10cd9da611ae6098948f77ccdcdc94f83b5cca	38.71%
2020-07-17	MES-20200718-WFL68859.doc	doc	d0a6228f0457c0dab131d8c3cbcc69b48575c993d2c1e3745087337415144d9c	37.29%	Heodo
2020-07-17	inf_2020_07_18_H286487.rtf	doc	2fb80003eee9d2ded738ae5260c96a5b0b71ab7620f7b2e2d74344de868027d4	38.33%
2020-07-17	ARC-2020_07_18-214752.doc	doc	2fdb794642d195e0cf37d232ed02d37ed74b1b5ffa324fc9251b5cca3de8ed2f	37.10%
2020-07-17	REP-0746.rtf	doc	d12ad51a2c2b91323324d970ffa092041ec804bd5a52d66c75ba5af96b22afac	n/a
2020-07-17	FILE PFQ009.rtf	doc	3f054364f4de6d79966887c8d95c9c4bbe25fbb622c1163ff73ac7d345f73731	33.87%
2020-07-17	mes-0601509.docm	doc	bca758b7d4b4ef0f896d55923f06614531cb7f2372d99536a5edd0aefd217c1a	32.26%	Heodo
2020-07-17	List_2020_07_18_QDS8089.doc	doc	4f650fae13b2f497c92dd327ff98b5126875ea6741d5e9db7f7f74bb2e471f83	n/a
2020-07-17	Arc.docm	doc	4efb5eea71e20c735df86a96e1cc7d69fc118ba4e71b69c98811dbe49742b755	29.03%
2020-07-17	File_109713.docm	doc	15823fbaaec62d56050309844e01b51c68e70ea470896e571eb673938c147a81	n/a	Heodo
2020-07-17	Mes 2020_07_18 P71036.doc	doc	3f69f8a5d85615b90542b5460bd5298315e40c5e29978ab420bb67620f2422c1	27.42%	Heodo
2020-07-17	arc-IXI991508.docm	doc	49088549ea21b7efe6c56213380cbb654728fc95e51aef16b0b44ae181907e03	27.42%	Heodo
2020-07-17	List-2020_07_18-725708.doc	doc	0fcd9e5cdbfd7704545e03dd7c7a3deef28f11ae26911b0f86b20687fd46d2dd	27.42%	Heodo
2020-07-17	File.doc	doc	7314748358ee31f8fdfdc7972cb282d8675c0e843b07383c52e124ae3b937a7f	27.42%
2020-07-17	LIST-20200718-ECW320.doc	doc	328a1ddb0998b010e99d5314354fa47de97745a0e09b6682e043ffba500f19cf	n/a	Heodo
2020-07-17	Doc_2020_07_17_979454.doc	doc	a64f2f02a7bb03fb55ca2a301f702c810582b38347ba2d3aff39c93e40df5d3f	27.42%	Heodo
2020-07-17	ARC_MX4318.doc	doc	deb9182b6e138520576458d85048d5069a4e20f11acf4938b081ba4e8765365c	27.42%
2020-07-17	List 2020_07_17 FF12888.doc	doc	770fd6643c934cc3aa0fddf589d643b7b59e18a005ff89fc9113bd8181c21a2f	27.42%	Heodo
2020-07-17	Rep-2020_07_17-NOH224.docm	doc	fc5976ea9262dda7f7fe8f62ede24a9fdfbed454fe8b0679e2e15a64243afd17	27.87%	Heodo
2020-07-17	list 20200717 52110.doc	doc	5e20f76a136e863a01416716795a90ee97d009b2ce86b33ad78019ee5ea647b5	27.42%	Heodo
2020-07-17	mes 0235.docm	doc	493accf3563320001bb8c5d727fb01bd790bdd20df7f179b12e771330274ddfc	27.87%	Heodo
2020-07-17	DAT-20200717-O865755.doc	doc	e90c88a5cbec9eb57a69658a28abc2a72c188a4d8b491e8df5b855fbb1ba950a	26.67%
2020-07-17	DAT 20200717 187.docm	doc	ef1f1a7527cab97e8d41b6308210121f218d42c9c052f000d0eee0e79924ab7f	n/a	Heodo
2020-07-17	Rep_20200717_C1757.doc	doc	7472c7e89fb0f2d1c2c6b136bc5f151624ac96b92297bc63baad78b84d7d4e07	n/a	Heodo
2020-07-17	list_2020_07_17.doc	doc	f3e53a7b56004f0f594f871c8a7018cc9fda70e48cba425a53373eb52c5bec46	n/a	Heodo
2020-07-17	File-20200717-FPH5558.docm	doc	b559130a7e571ca280d62de701538c0b16f51cb8b29c0cf49fb6ab023c34e98c	24.59%
2020-07-17	MES 20200717 727652.rtf	doc	1a9f759bb9bd81dec9e2703f6969d9e4f7698200c8a5589e6c22bda4cbafa086	22.41%	Heodo
2020-07-17	Doc 20200717.doc	doc	91912df5301c614ae4b9eeac155f25f93b243a8176975524fd84f1782fb9040c	25.00%	Heodo
2020-07-17	Doc_20200717_CVE754.rtf	doc	d04e0e7daf8c94bfba623e60a2eff22f97e5b71026cac2acff4c2e77f835efc6	24.19%
2020-07-17	Mes.doc	doc	61f184050c876f25f8c486f3efbdb25230876854fa9dd371610d212f7c738850	24.59%	Heodo
2020-07-17	rep W56789.doc	doc	517476e80a66768db74eae2de0226011892f476ba4fd6fc971a1066a66d6149a	n/a
2020-07-17	MES_2020_07_17_8655608.doc	doc	811764707e5bc193447a4f036205ff93e720d5944ecadf19e6ffbcec65d94b2a	n/a	Heodo