URLhaus Database

You are currently viewing the URLhaus database entry for http://www.basedadosempresas.pt/respaldos/ogjslu-zkm3s18l4nd-zjQ4a-xsZR8Bd/special-area/1643958184864-DR4xAWp91/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415486
URL:	http://www.basedadosempresas.pt/respaldos/ogjslu-zkm3s18l4nd-zjQ4a-xsZR8Bd/special-area/1643958184864-DR4xAWp91/
URL Status:	Offline
Host:	www.basedadosempresas.pt
Date added:	2020-07-20 19:32:05 UTC
Last online:	2020-07-21 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-20 19:34:02 UTC to abuse{at}scip[dot]es)
Takedown time:	12 hours, 34 minutes (down since 2020-07-21 08:08:06 UTC)
Tags:	doc emotet epoch1 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-21	REP.docm	doc	09d5cad4c8b70edf0e4e47c1abcbbdec9872ca65c129f100c3eaa76ff6197497	n/a
2020-07-21	Dat_20200721_079291.rtf	doc	b0feded5d896ca6ec1c0e822466119b7cde2065b91d5af1be820e77ebd581171	n/a	Heodo
2020-07-21	Dat.rtf	doc	cd7e26bbcc41d0820e6e2e0e42e56bef410264d6bcf74033fd1fe26d52b389ea	33.87%	Heodo
2020-07-21	REP 20200721 194974.rtf	doc	13c397890b517be11d097b5d6a64ead8b98a25d02bac22facef7f67acc297f35	n/a	Heodo
2020-07-21	mes_2020_07_21_OJ136.doc	doc	793132996a7b6875055c2bdbde2173f37e68ce5f04ab651acad13f84ab89cb82	34.43%
2020-07-21	Doc-2020_07_21-NWK99028.docm	doc	276568f9c3bb230aabe183dbfd02ad1c36b7aa141d382d34a839a611a422c07f	33.87%	Heodo
2020-07-21	ARC_MC575.doc	doc	9e7349a986f7139a74245edcc8f0028bd6a10f81e79a7ac8bf7134e6d4932c2d	32.26%	Heodo
2020-07-21	List 301.doc	doc	5816bc271d88617e627d64210b8ac9df417f8072b362af861ade766137eb1564	34.43%	Heodo
2020-07-21	DAT-20200721-5809.doc	doc	ace014e43d78870f28d2a732d72b60fe0c602b71dcc8771989e5cfc0bb1e0bef	33.87%
2020-07-21	doc_20200721_JTG24877.rtf	doc	3bc869822322f3e700ec706660323daeca6ea90553d0bff45ce1fdc1ad6dfcfb	32.26%	Heodo
2020-07-21	FILE_IM079.rtf	doc	122b0d68ee819b2ceb91c0b2cdcc0327860dadbb29f884a776968a58c9480ec4	32.79%
2020-07-21	Inf_20200721_OT68142.docm	doc	e2a49ec64650e56e967e8b0c31b7e21ad3f1ab14516c6dc02605aaeb90f7b87c	n/a	Heodo
2020-07-21	ARC-20200721-288.doc	doc	cc33fb732d79d3537ea595440f4b1629db7afd01f88df1ef22827dd587bccb1d	32.26%
2020-07-21	ARC_2020_07_21_6647873.doc	doc	276dfa20b9cffd3ac104aeafed599b2f70a9fd0e8d4faf1d86ffd46e8354a416	32.79%	Heodo
2020-07-21	doc-20200721-ID6320.docm	doc	176237b901fd642cfb1c3a9fd8c50cdbf0d5ec30df6c98142d3a0e48839f9d51	n/a	Heodo
2020-07-21	Rep 2020_07_21 VK96270.docm	doc	1ac71bc3a613397302fc4eefbe3d81f107740541b6a87e051b452eaa6e74f3b8	n/a
2020-07-21	Rep-20200721-23279.doc	doc	52806dd9a9f08f00c7fd38512ceeb4204d74ec64041dfee5fcc16f1ead3765eb	29.51%
2020-07-21	list 316275.doc	doc	4e34674eaa422795c92ef9cb66994e18a57553e217b4bb4de69c1369608e36e6	31.67%
2020-07-21	List_25612.rtf	doc	49b857e2068f710d1facd444264c6d8804ecc9e2ba9660953b24bbf213cc66ba	29.03%	Heodo
2020-07-21	MES_20200721_XJ6148.rtf	doc	f056f89b5a79b3878f8a263503d8aabc4a8bd21cfe12a8621dea3a9f1777efc4	29.03%
2020-07-21	doc-853888.rtf	doc	1e585df85081a824f1ec5c3f6a51599addb89b03a63bc0a5883c5f9c2d877187	29.03%	Heodo
2020-07-21	Inf_2020_07_21_YZU109.rtf	doc	99c6c8f02c2fef792bc8a5a6406b0baa294156cb38b8df191f98cfb5a90547f5	29.03%
2020-07-20	REP 440928.docm	doc	e00291bcd00edfbf9f8f55a1f34576b512404c036b744d0ce846397f8a83bb1f	29.03%	Heodo
2020-07-20	dat 20200721 565918.docm	doc	f83e32a15080c0f31451809377046083d52daef3354edecea6db6ccf4158a43a	30.00%	Heodo
2020-07-20	Mes-2020_07_21-6529.docm	doc	68f85e639cf07fc84c8204cec1bd82fd8985d854aa17d02c89b58b255b98ed48	29.51%
2020-07-20	LIST WPM964.doc	doc	a6ca24bb5b1de30cd63ecceac1727ca4102ed289d65fa05c550c4485e6ca372b	29.03%
2020-07-20	DAT-20200721-P96010.docm	doc	41d61ed5ec94c9f81d804487ad8f6132520d6ac7009a8c9a7b0c074ed0748e4e	29.03%	Heodo
2020-07-20	doc_20200721_Y130018.rtf	doc	616dde6dc6e22e28f4149e26996578dde114b40f896cee3cb36165d52ff70857	27.42%
2020-07-20	rep_20200721_5239799.rtf	doc	1269bdbbc40be92cc1f13918a692b34fdfeec466bd7d872863ecc405ff38f77f	27.42%	ZLoader
2020-07-20	mes-20200721-034398.doc	doc	c6050ddd07c6d8c4aee73c52d0e50d6056ebd5f3e82550d8c771fc4353d489fe	28.81%
2020-07-20	FILE-4267576.doc	doc	c5dc7db865c477ba217342107932a67cab54659a8a870fa16a9d2f21ec3aade2	27.87%
2020-07-20	Arc-2020_07_21-968.docm	doc	00593b1d3ba64e5ca39e6c503ab0f33dcade0d3afb65c2a73f2d4696cf8a7bb0	27.42%	ZLoader
2020-07-20	dat.doc	doc	8d861becdf66c056d51b6b585d1d2c98ec75e77bc3af28d354edb72f3ebb65ad	27.87%	ZLoader
2020-07-20	dat_20200721_8057.docm	doc	10e15c8850925b8f03210b06fdc2e0e87bd7339bf6a185992346e2063cbe1e99	27.87%
2020-07-20	INF_O43437.docm	doc	f4295c97af0389a32cb42495d1b102a8e8698e5f107c50034cee1d0ef8735a1a	27.42%
2020-07-20	Arc.docm	doc	3aedca3992d77371154f015834399c14aab576050a53efa01fb5714e01beb841	27.42%	Heodo
2020-07-20	doc_I6469.rtf	doc	dc9d3da24212096b6029163166558cefcd8b37aae588dd461d9b5c02700700af	27.42%
2020-07-20	List 2020_07_20.rtf	doc	7812b414ab8098b436f22af0523a1edb14b8af7eb4df4bac66f9268cdb074e96	n/a
2020-07-20	dat 20200720 8365586.rtf	doc	97e66ad16955f21f83dae53917dbdefba08fc07108392a96327eeef55698a04c	27.42%
2020-07-20	Doc 2020_07_20 659416.docm	doc	6b5e8002c323071f83df953f977caf3a477d1a0c7178e0795674d263bc2dab15	27.87%
2020-07-20	arc_3879775.doc	doc	ed29b479d20901bb285c8146d9a69a73a34eadaa4f6c86aca69aeefe96f4fe0f	27.42%
2020-07-20	MES_20200720_N23042.doc	doc	91c4fe9d34bcf9e830f05e08d4ff0981db5eef2c345b5c6147d697d49f80af5e	n/a
2020-07-20	LIST_2020_07_20_RUM195799.docm	doc	d15b22e83039303eb5d1e6301196c50e06877bfd99caa5ab3fb87f1d7d91fc0b	25.81%	ZLoader