URLhaus Database

You are currently viewing the URLhaus database entry for https://41-tee.com/stagingtest/closed-uETvL8dn-8N7tNAyCQRJ639x/additional-LEAIrx-D8XDmihNTQHPP/l0cLifJA5a-n5gLKpe1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	416405
URL:	https://41-tee.com/stagingtest/closed-uETvL8dn-8N7tNAyCQRJ639x/additional-LEAIrx-D8XDmihNTQHPP/l0cLifJA5a-n5gLKpe1/
URL Status:	Offline
Host:	41-tee.com
Date added:	2020-07-21 20:54:04 UTC
Last online:	2020-07-22 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-21 20:56:03 UTC to CloudFlare Anti-Abuse API)
Takedown time:	12 hours, 50 minutes (down since 2020-07-22 09:46:34 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-22	Inf 20200722 FZQ34696.rtf	doc	2c4e45b6dfc2f55b3415713f49dbef1b0e251948f58a9197bfc346153c547b29	n/a	Heodo
2020-07-22	doc 20200722.docm	doc	46ddfb783ed7cee9d4ec3196ec9297e861503dbfdf905203eca8be9bcbd448e3	25.00%	Heodo
2020-07-22	DAT-20200722.doc	doc	8a4dd2564fb906334e1702628a5b52b6ab20497d1a5522332c4879a1eb778c7a	24.59%	Heodo
2020-07-22	REP-20200722-W864.docm	doc	4db416be55570ba71279738d715adc20cb5c44d1d0725b6ddd828b5daa6cf345	n/a
2020-07-22	INF_2020_07_22_S84939.docm	doc	3550a00d6cf8efb047a97d984cc26719d87014434ff444e3b70427e1b1670342	25.00%	Heodo
2020-07-22	mes-U7668.docm	doc	737f7e0557c9203033464070e06e23e7675c8325abd0083d1ebbdaca3f7eac2e	37.29%
2020-07-22	dat_20200722_017.rtf	doc	8cf9d9d42298a4668f016012416111f8bfcd129c4b0ce9050c28a283734568ad	32.79%	Heodo
2020-07-22	FILE_20200722_003554.rtf	doc	20f29a9a1184a44a6ce629ca9668c86c1e6cbd4479a1bc1c3df082d17a1762db	34.43%	Heodo
2020-07-22	List 2020_07_22.rtf	doc	7eb51f8c4719f0171a98650b63385c15908628fc4ef7838c410fc53c46a0b8a6	33.33%	Heodo
2020-07-22	LIST_20200722_86823.doc	doc	3e24c4373b1e2ba1e3d16925cd0d4a1752452402ae4aaa8ad8ce498bbff5335c	26.23%	Heodo
2020-07-22	INF_20200722_OX5359.rtf	doc	365f2b2480d704ba0fa82cf5c25d92895a3518ed02ec36ff5f150cfe091b3574	29.31%	Heodo
2020-07-22	file-2020_07_22-NHY6873.docm	doc	28e77291fea150f98e5ed9a57a4d4074ff204abc6e20218a7e67bb0e4b6e23f4	27.87%
2020-07-22	INF-2020_07_22-3713.doc	doc	c07649d058f6470af27cb972b0a9306496e2641bf959dd66206f3feff56b83c1	28.33%
2020-07-22	Dat-20200722-UOS018.docm	doc	c20821e80c5ce943d4b87b9416329f0502a4da3c97044c8fd7016172353e1626	26.67%
2020-07-22	DAT_EH396.docm	doc	b9d12dfc9cfedd1db467c5663c3e1f8253748e5b4743b77fc487e6fe12ee657a	25.81%
2020-07-22	REP 2020_07_22 53089.docm	doc	3374b8c7bab8c4d65f45434d84b29231b7a403d578c2b123e75507b6bbe14653	n/a
2020-07-22	Mes JRS037.doc	doc	ecec36458fac5fdf0031917d979c2539b70801bdee88e022ee090a48109e63b0	n/a	Heodo
2020-07-22	arc-20200722-W799.docm	doc	5ba62e60945b4eadc0eaa81b0f2b31ce3b6d8c785130a6000ce906dafef73afc	n/a
2020-07-22	DAT 20200722 844.doc	doc	a726db669cad36b2fd25878a66e81894a830c83827693b16c8e8e44b832036c3	n/a
2020-07-22	REP_20200722_46226.docm	doc	d7b8fec9f533a9c31e7fe587b89552973d00bff30e4c7d8f7d4f2d93bc0eda1f	26.67%
2020-07-22	doc 2020_07_22 018.doc	doc	ea444cde5a8ef5b6165a348732af41e4c634669259036caae42e242c5a7c9b1c	25.81%	Heodo
2020-07-22	file 2020_07_22.rtf	doc	7fb831a6988b9e816af85e485721d4e44b500b6a9d30af5b82cf9ec4d28eb584	25.81%	Heodo
2020-07-22	mes 9038243.docm	doc	d3bfea33a12c522ea8faa7840613e14c78035362c064c858c1467513a68ac9a7	25.81%
2020-07-22	REP-2020_07_22-R53867.doc	doc	812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981	27.12%
2020-07-21	file_2020_07_22_313.docm	doc	435f4fc1e9a6888f671e834bbdce6aafc5928c7dcffbbbe728f18573b73da965	n/a
2020-07-21	Rep_2020_07_22_334927.docm	doc	f03863257ba6bfc7e029c245f3dd3f892fe5a6aed79b625b2c7314f3398b723e	26.23%
2020-07-21	rep_2020_07_22.rtf	doc	c1cc356eaf49711b7673b9c27f015163363a60417ad3b9b7e6883015b65d80d8	26.23%
2020-07-21	arc_2020_07_22_NN74671.docm	doc	cbccd20b9bc23454ec01bec4a0094e77dcc43d577666259f8d97aa30a118ac35	26.23%
2020-07-21	Mes 2020_07_22 426.rtf	doc	2027e8348e8d2f364d55b2bf47f9a4b37fd2ff7aabdda5ed056e3f6cd42cf777	26.67%
2020-07-21	INF_BVI99525.doc	doc	139f5bcf4c7fcbe0a8a5d940c5d38dd847e2c979df74dcf680208e73b8ac668d	26.23%
2020-07-21	Rep_20200722.doc	doc	205a04626bdf6f3da605d8f8ba60126d02451085528330524d899a38520be8c3	26.67%
2020-07-21	Inf_2020_07_22.rtf	doc	6852b34db0c7a6150c1095a704236a1938b4ed46cd9d7bdfd412555ebf61890a	n/a	Heodo
2020-07-21	DAT-20200722-DVF231.docm	doc	b88eeea6841abee77c07e6b5243d98213c6997de1033e14ddec0cf10b9b11c35	n/a	Heodo
2020-07-21	FILE-LMJ930575.rtf	doc	ca4ae10db92df8cf44bacee70e7560ae411a37d1559687ad47687282ca447526	25.81%
2020-07-21	dat O261958.doc	doc	c14b2e55a66651e287542e13c52b9e5490534ee0d55cde933f5b6f0744ca27f9	26.67%
2020-07-21	dat_2020_07_22_779234.rtf	doc	8aa3e958943656f026b02437d4c84ed9268018560390b8ab0d9807c7b23c8b41	n/a
2020-07-21	FILE_20200722_UHV15679.rtf	doc	1b88521e38b8901eb1b7a1dc126f5bae2eb93721382646537f5c42931d1b8890	n/a
2020-07-21	Rep-2020_07_21-23968.rtf	doc	d5b6bfc0a618556e352b6b7d14f137866ecd2fdeed6e9f7699c3f82480328bd7	26.23%
2020-07-21	Inf-20200721-BWE6752.doc	doc	027cf34a6a8fff410f854e0f3ff8d251e2d36e744f08b60df6c0b6dc5e9dd5be	26.23%