URLhaus Database

You are currently viewing the URLhaus database entry for http://hafizbhai.com.pk/wp-includes/Reporting/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415934
URL:	http://hafizbhai.com.pk/wp-includes/Reporting/
URL Status:	Offline
Host:	hafizbhai.com.pk
Date added:	2020-07-21 10:11:06 UTC
Last online:	2020-07-23 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-21 10:12:04 UTC to abuse{at}a2hosting[dot]com)
Takedown time:	1 day, 14 hours, 22 minutes (down since 2020-07-23 00:34:21 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	BAL_IY6499833957RH.doc	doc	daa624b964e78d640d7be3b509121048114a186d6e9982ef7a9498d81373f90d	39.34%	Heodo
2020-07-22	AQ5609215966QV.doc	doc	8d8a0dbf9e0c219b594762d88e79b8502dc3ef9699906a21ae3be4224fca3659	39.34%
2020-07-22	DOC_024170320832030854750896.doc	doc	dc64f5fcc0fc06d6a8295b3ea6e102f8dd0162749a7d2c1b46e43da7861b8e2a	40.00%
2020-07-22	BAL_PZ7776751254OM.doc	doc	d6dda19b45b3e10925dfcab7b4c0060f7cc816d29ccfa5b68e8f45bd7c69192b	37.10%	Heodo
2020-07-22	45057590.doc	doc	52d614878963e173c2d71c4a5acb9362518cda99df23bd2d1525f50f93eccc0e	36.07%	Heodo
2020-07-22	PO_07232020EX.doc	doc	f1ebb4160dba56424b98b04a121a56dbe21ad5e7a2c4bb3816f2dc0eaf0e3afd	37.70%	Heodo
2020-07-22	98932141.doc	doc	fe236d1160de3bfa6f16325da55c3b58e62bb19f27f67a942f2b9ca9580e9043	36.07%	Heodo
2020-07-22	X_MZZ9A5ZM0K.doc	doc	a914487475ef707218bacbce31e5c3a0d485b9945956c0caf374ab9a445fe52c	37.29%	Heodo
2020-07-22	FILE_92288990.doc	doc	a55fc6835fd7688e8c1525b6b557dc4c04f7a3500683bc2e271bee96215904b9	37.70%
2020-07-22	DOC_PO_07222020EX.doc	doc	218a9eeb52984bfb956e887df5190845197214a6819f3d2c448ca8e6fba15bf0	38.33%
2020-07-22	39458590.doc	doc	0c133bcd327858b979c14422ac2623c0efef1dabc588f2e775e58049bacf093e	37.70%	Heodo
2020-07-22	DOC_AYN_070120_PNI_072220.doc	doc	e36be98a3e3d568430d52706ee06d935e126942b2a5c2453f5478d8c0d58acb7	40.98%	Heodo
2020-07-22	02584489.doc	doc	3989307ebddd245bda87431ce5df1c47f236f62ffddbd75ea3d36a68ab9fc77a	38.33%	Heodo
2020-07-22	FILE_HN8798087519FR.doc	doc	f7f27a3ee79d21573753f3396406b68389ebaf2be1a2ac471782f685ff8c4c19	38.33%	Heodo
2020-07-22	1RAJIS94O.doc	doc	bff462e527dc2bbfbc6af92e64f4d57c7587401687561163e0a6a3ec37414d68	36.67%	Heodo
2020-07-22	DOC_14136156.doc	doc	4c7f6d77fb55c752c9ad7df4e0c01004af98e5e21d9d0520158fa59f4e80c98b	31.67%	Heodo
2020-07-21	7SH7G70B.doc	doc	036ad59b6976510e9ff4cf18b0c06525921206e2fb2d09135c41308923ff5d80	25.42%
2020-07-21	B54DJBD2OVP8HOD.doc	doc	9219b02f05ac45df25ea9a7cab876c9836470d4f1b13a2652d25169d50e2fa84	24.19%	Heodo
2020-07-21	88206869.doc	doc	443699b3e3b9a7f6acc2e21bce3a2bfab58a5fc166c408de2a1d5c8f57ed7376	24.19%	Heodo
2020-07-21	V_PO_07222020EX.doc	doc	a6f854e3c35ea6d6a5cc1ae65197f94c8274c5e72b7641cd8ab8f0537a05c9f4	24.59%	Heodo
2020-07-21	72448073.doc	doc	7e47c58806cf3cae28917cfb1b478bbbaaeea2623cd694c12056b2f2aafc7d48	25.81%
2020-07-21	D3IU681.doc	doc	c0af5b3ed8e1c92c57aa0e1b6f60d24b4ddc6a95ae92906d793d88413fa9904d	24.59%
2020-07-21	JEK_070120_DQP_072220.doc	doc	eb1f5512e10d3a5224fa2b7a8d42a8b6fdb1b4fa705c24514c2b04fa6fa3bda1	26.67%
2020-07-21	REP_PO_07222020EX.doc	doc	bfb0b36ae7105ad67727e68789279e3550b6750177ae7c2fc1007438f686f070	26.23%	Heodo
2020-07-21	DOC_NDR_070120_QKN_072220.doc	doc	eb3009e003594f7c6d5a2c373db44fe65d9acc0be9c31c317bf9ebfad08e633e	25.81%	Heodo
2020-07-21	BAL_UKC_070120_IWR_072220.doc	doc	02cc40096e839991167c564f9400c8819c43bd631b93289839ca05cb5fc47cea	26.23%	Heodo
2020-07-21	DOC_7EQ0G1NT9.doc	doc	6616cbabce1dd4cb3515191b2ed913e01a7ffc8b1cff8ec410600930bbdf7f3f	26.23%	Heodo
2020-07-21	DOC_LO5824212973TH.doc	doc	5966dbc11d924231b5d148a1a821154f88e469adcb6e884d4dd5102c9e598e9f	24.59%
2020-07-21	REP_IWN_070120_UMC_072120.doc	doc	4fef736949eab2f9ad2e19b472ca28945327a76babb1f6038f3b297652843fed	32.79%	Heodo
2020-07-21	REP_RST6IJW0TID32.doc	doc	6c7f4d1d0a33793b058d45416bb3b5f59335d5785f80855611d2c428a98069da	33.33%	Heodo
2020-07-21	T_65688408.doc	doc	c10a582916f0da5e84bc38c9cbfbd8bc5b42f1626d9ccebffda99a7a48b90fc9	29.51%	Heodo
2020-07-21	INV_PQD_070120_WCN_072120.doc	doc	b2dcd1d5ee235a978ccd72a68fa2448f80577a051cf78c994fb62d41e7932e39	31.67%	Heodo
2020-07-21	INV_NYSNELFC01VK91.doc	doc	ae05bbf93f84ba4d8d7a381e054068ada3d40e739ad130cb190cf2521ff6a24d	31.15%
2020-07-21	INV_NYSNELFC01VK91.doc	doc	ae05bbf93f84ba4d8d7a381e054068ada3d40e739ad130cb190cf2521ff6a24d	31.15%
2020-07-21	REP_REE_070120_MFL_072120.doc	doc	03834f35738222e0d152ad49bbae5475aeb7a8f202a28b4d47cf9896f5f0ce1e	30.65%
2020-07-21	XNG_070120_XLD_072120.doc	doc	cead2b444fb70319f7ad607f10b254f3888d97ee61adb8a5be9492f259718ec9	31.67%	Heodo
2020-07-21	REP_LW7475552062QY.doc	doc	5c56000b7e9d8c48861c7efcd1c571d46422515ea68d7df4aa94ca04235595b6	27.87%	Heodo
2020-07-21	RJJ_070120_EQP_072120.doc	doc	9730ab9a8c60bf06cd93ddc13f7a80f30ce61e20782b9ff1c85dbeff59e3062b	n/a	Heodo
2020-07-21	REP_YX4131166770JC.doc	doc	26d6a947ace5dc20b8511699014a7230d627b181f37246807ea85cdeadea61fe	n/a	Heodo
2020-07-21	HP0332824100CY.doc	doc	a547e8b7c9cf7ab9e96a2cd8588f00521ec2aad0dd0b2f54029e1e3c2d214451	29.17%	Heodo
2020-07-21	DOC_BFT_070120_UTM_072120.doc	doc	28d652dc57d7025b36ae37336947faf6ebf313cdcbdecbd236dedef9323f2b16	26.23%
2020-07-21	405675138671091324824.doc	doc	8f5c9735c5189f1b809aba58ae06fa7432eaff2ca15ec97d918d82dc6082a69b	24.59%	Heodo
2020-07-21	XSX5HZ0RHI9CAQ.doc	doc	76f26be5906a8e19f05aaeb83beb7822cd9f6dff18f4b66782023d320e84c36b	n/a
2020-07-21	DOC_PU5510320814YF.doc	doc	4501457e1fae31cb83a1d2818d169525f75627a017efc573932fd412e6e2c406	24.59%	Heodo
2020-07-21	INV_81520632.doc	doc	4163072e693ca124bd607a03cbc36727c53fecafd484d49e92403ac82db83736	n/a	Heodo
2020-07-21	96017140.doc	doc	c1d1210982635dadb2f24475c235301c47a2929b5b3caa913ebdad6df34a0c71	n/a
2020-07-21	32300107.doc	doc	6ea128ea049d2ebacb539514c677bb05791d9844046f47e6e1e3dc783f2942fb	23.73%	Heodo