URLhaus Database

You are currently viewing the URLhaus database entry for http://nuglox.com/wp-admin/multifunctional-section/q0s4cbbkdmr-8st8wz-869034-Cioi8tEV/07884100175-YVjhsW7f7iocKk/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	416205
URL:	http://nuglox.com/wp-admin/multifunctional-section/q0s4cbbkdmr-8st8wz-869034-Cioi8tEV/07884100175-YVjhsW7f7iocKk/
URL Status:	Offline
Host:	nuglox.com
Date added:	2020-07-21 18:55:51 UTC
Last online:	2020-07-24 03:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-21 18:56:05 UTC to abuse{at}a2hosting[dot]com)
Takedown time:	2 days, 8 hours, 12 minutes (down since 2020-07-24 03:08:13 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	list_V263706.docm	doc	9a3ea141f8d72bc76545f030fe43d91476ce753bd525ed872269184599692c81	42.62%	Heodo
2020-07-22	Rep 20200723 FDH027979.docm	doc	b936ca1824141941696f21188294398f23a5bf8f6dc5211f7a89d68996eb1496	39.34%
2020-07-22	REP-YOZ74126.docm	doc	85c9b8464b14bbfbc90c01fe540a9ba134191dd42668aebfb5c09e35b1887dc0	39.34%
2020-07-22	dat 2020_07_23 KX090477.doc	doc	8fba8be080f896187be7d544013e3a3b8f26704a23d447ae88a76bbcc11c917b	37.70%
2020-07-22	mes-OB6912.rtf	doc	093cc1977c0adf342635037335e8d76802041ca0b406c065ee63bb3c4b0d30aa	37.70%	Heodo
2020-07-22	Doc JD70361.rtf	doc	06ea16c8f47256c5551752bd00c34d5cb30e9b5ea7daa3434e35ca178ca75c2b	37.70%
2020-07-22	mes_2020_07_22_286720.rtf	doc	5adde0f4c764095e874bfe5c58bc665bfa26b074fa84231ec735009f84a1313e	37.10%	Heodo
2020-07-22	DAT-2020_07_22-3547.doc	doc	61ac92f083c25879585954c7ade43b7b17fefbfadc38a09fa9793f769f33f9f4	36.07%	Heodo
2020-07-22	Rep-682.doc	doc	3cdc4b152007b8583277c7ae4ad9e2df4b455d70ea68db4e16537a0354c97362	38.33%	Heodo
2020-07-22	Dat 20200722 OU5921.rtf	doc	00f9030cbfb095139a4e8f6fc9e282149fb32fa202c75dd95063951b237bdcb3	38.98%
2020-07-22	List-20200722.rtf	doc	f20360cd3061597269d3c295d95bab2703ac3dec8db564d56299e29db66601f8	35.00%	Heodo
2020-07-22	Rep_BC432057.doc	doc	3a41b5672541c103127d7150bbc0b39ac13eede1d3851fc7c63484a3700f659f	27.87%	Heodo
2020-07-22	ARC 931.docm	doc	9d678fbeffe8eb971ce79fed03f575d8712e98b080969dd2aac8e4ede327b43c	27.59%
2020-07-22	Doc_AZL613129.doc	doc	cb016de85f101cb949d1cfb72baa282d05031bb8374f148a16af68b20dc2da45	27.12%
2020-07-22	doc-2020_07_22-01748.doc	doc	bda45a277d1d57050ac2f680f22b728a35eb2aa5d67471ea2b55817d66a982c8	26.67%
2020-07-22	FILE 20200722 GP538388.rtf	doc	3df05f387f43858fdc3530301f6dc27b9ac2a89560059a40ee635b6a1f25497f	26.67%
2020-07-22	inf_20200722_J40823.rtf	doc	457abf24cbef9694782bedcaeaecba529fb45b9839e4ef469f7fba267758ccde	27.87%	Heodo
2020-07-22	mes-Z605.docm	doc	d3d731e1c5ed00a3123112f5f1b4d029a74b742ddf0b5a2639209b85f2930b18	n/a	Heodo
2020-07-22	INF_20200722_B875647.rtf	doc	21443c68d64ecddd740c7966067a4bed9de79aa081c06b9ad97fe8d8d0e0716b	25.00%	Heodo
2020-07-22	MES_74394.rtf	doc	3ddd3251b6460b9b8fc544ad79d56857861363651da3d1b0c4054d54777366e7	25.00%	Heodo
2020-07-22	List-2020_07_22.rtf	doc	656f9f7c087bc9a3d272d1aea2c369dcfa89d33e5fe59b61e4a57d7b181904d2	n/a	Heodo
2020-07-22	ARC-20200722.rtf	doc	64bd75d17119d13674e5414b25e5d2cc4fd8f76b0af8721fcaa0fba000570dae	25.00%	Heodo
2020-07-22	MES-20200722-TC1837.rtf	doc	a018bebb6f4d713eff5d16c6b80d20df72bab7d5e055c287018f1f842f952e1e	25.00%	Heodo
2020-07-22	dat 20200722 AQ064.doc	doc	737f7e0557c9203033464070e06e23e7675c8325abd0083d1ebbdaca3f7eac2e	37.29%
2020-07-22	dat-20200722-NLH959.rtf	doc	8aec85cd8e1f0f312d2a3442272e4634ea845690457c6a516b51378c868a1c34	34.43%	Heodo
2020-07-22	list-2318537.rtf	doc	20f29a9a1184a44a6ce629ca9668c86c1e6cbd4479a1bc1c3df082d17a1762db	33.33%	Heodo
2020-07-21	REP 2020_07_22 5359385.rtf	doc	b88eeea6841abee77c07e6b5243d98213c6997de1033e14ddec0cf10b9b11c35	26.23%	Heodo
2020-07-21	List 2020_07_22 322885.rtf	doc	db88b385b97b7038cd233960f7f99ce350a72a3eecf6bbbcb227645f111d4e7c	n/a	Heodo
2020-07-21	inf_YP466.rtf	doc	ca4ae10db92df8cf44bacee70e7560ae411a37d1559687ad47687282ca447526	25.81%
2020-07-21	Arc_2020_07_22_193.docm	doc	96f45a5c51839644dbf8e9f7ffaa226944422285dd997fc0ff8c23a883b18410	n/a
2020-07-21	INF_20200722_LSM5071.doc	doc	8aa3e958943656f026b02437d4c84ed9268018560390b8ab0d9807c7b23c8b41	n/a
2020-07-21	doc_2020_07_21_4765.docm	doc	150a88b5563c954af14fe5765edc790b73360e570b2a163a7930c0253e10d9e2	23.33%
2020-07-21	dat-239.doc	doc	a498a07bd860a86bd937ea230aea64bdbc55c3040d90c13e57a2670608c1af3f	31.15%
2020-07-21	dat-239.doc	doc	a498a07bd860a86bd937ea230aea64bdbc55c3040d90c13e57a2670608c1af3f	31.15%
2020-07-21	dat_2020_07_21_5605.docm	doc	31f2efffc02e6ee0f8a7339acbb1eb5aa9faa94b66709417b22f4c2fbc77e7d2	n/a	Heodo
2020-07-21	list-20200721-LDF8789.docm	doc	9e5640f95155193ba256e171fa3c82d7ee336931c3b88e12f1678197ba4d3081	31.15%
2020-07-21	ARC-3071960.doc	doc	050da6467ba07b4ad283cb19242ba04f2ad1abf3220c2eae335a348c061b49af	n/a	Heodo