URLhaus Database

You are currently viewing the URLhaus database entry for http://sevryugin-vg.ru/wp-includes/available_5kgtuwg1h4vic08_3xi26/verifiable_cK8VTSq25K_vgBEdMCnhO5/bE7zR4Gixwt6_9zisMyay4/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	416629
URL:	http://sevryugin-vg.ru/wp-includes/available_5kgtuwg1h4vic08_3xi26/verifiable_cK8VTSq25K_vgBEdMCnhO5/bE7zR4Gixwt6_9zisMyay4/
URL Status:	Offline
Host:	sevryugin-vg.ru
Date added:	2020-07-21 21:14:44 UTC
Last online:	2020-07-22 12:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-21 21:16:04 UTC to abuse{at}uavps[dot]net)
Takedown time:	15 hours, 2 minutes (down since 2020-07-22 12:18:51 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2020-07-22	LIST_20200722.docm	doc	623c4ed3bff71e9b92646983452b40e40499ac21f3a3aa0647bbf37d3581b909	32.79%
2020-07-22	Dat-20200722-6941432.rtf	doc	0f118e682037e3a2415cb85caf3c45494072c60591a6a8ddb51a1a0d3b07eac5	31.03%		Heodo
2020-07-22	arc_31129.doc	doc	bcefdd2db5550c86f7721b4324328f45370dd06b6fc7434278387d60ab7443a7	27.12%
2020-07-22	LIST 20200722.doc	doc	ad0b84b38f613391231e63d53e800947407c72b0e2b87c9a79cb58d7d3520146	27.12%
2020-07-22	Arc_GBC403314.doc	doc	9d678fbeffe8eb971ce79fed03f575d8712e98b080969dd2aac8e4ede327b43c	27.59%
2020-07-22	arc_2020_07_22.doc	doc	80f335e6ac6c351ae23e40d64dc9539009aaad764770364ce4d82cf144b89353	26.67%
2020-07-22	Rep-20200722-H030.rtf	doc	bda45a277d1d57050ac2f680f22b728a35eb2aa5d67471ea2b55817d66a982c8	26.67%
2020-07-22	Mes.rtf	doc	3df05f387f43858fdc3530301f6dc27b9ac2a89560059a40ee635b6a1f25497f	26.67%
2020-07-22	list 20200722 4018604.doc	doc	b35d6f30710cd9faba8bae89a03e685b49544da9744821e0123e6585740a0e3c	n/a		Heodo
2020-07-22	file 2020_07_22 Y73995.rtf	doc	d3d731e1c5ed00a3123112f5f1b4d029a74b742ddf0b5a2639209b85f2930b18	n/a		Heodo
2020-07-22	Arc 20200722 NL929.docm	doc	21443c68d64ecddd740c7966067a4bed9de79aa081c06b9ad97fe8d8d0e0716b	25.00%		Heodo
2020-07-22	inf_20200722_94644.rtf	doc	3ddd3251b6460b9b8fc544ad79d56857861363651da3d1b0c4054d54777366e7	25.00%		Heodo
2020-07-22	mes-2020_07_22-60911.docm	doc	8a4dd2564fb906334e1702628a5b52b6ab20497d1a5522332c4879a1eb778c7a	24.59%		Heodo
2020-07-22	file 2020_07_22 797333.doc	doc	4db416be55570ba71279738d715adc20cb5c44d1d0725b6ddd828b5daa6cf345	n/a
2020-07-22	file_2020_07_22.docm	doc	5f8f03dac259139c91440fac04597d61760db8a622f10373db2ee788bad842c3	n/a
2020-07-22	arc 2020_07_22 369.docm	doc	737f7e0557c9203033464070e06e23e7675c8325abd0083d1ebbdaca3f7eac2e	37.29%
2020-07-22	list-2020_07_22.rtf	doc	8cf9d9d42298a4668f016012416111f8bfcd129c4b0ce9050c28a283734568ad	32.79%		Heodo
2020-07-22	rep-20200722-P449.rtf	doc	20f29a9a1184a44a6ce629ca9668c86c1e6cbd4479a1bc1c3df082d17a1762db	33.33%		Heodo
2020-07-22	mes ZVB9223.docm	doc	8d1821f632281bc6414b1ee6ddf74b2e0cf8ce5daffcc0481d0228a2078f1fac	26.23%		Heodo
2020-07-22	Dat-WT328.rtf	doc	e70e7b20d9e23e2639abe447b3d8d93dd81d0aacf5a4805f4a39a1a6f042a068	n/a
2020-07-22	inf 2020_07_22 NGA47470.doc	doc	3374b8c7bab8c4d65f45434d84b29231b7a403d578c2b123e75507b6bbe14653	n/a
2020-07-22	Mes-1285049.doc	doc	5ba62e60945b4eadc0eaa81b0f2b31ce3b6d8c785130a6000ce906dafef73afc	26.23%
2020-07-22	Dat_2020_07_22_EH506.doc	doc	8d70f6580cf02bcae5c4c14396951b6e6c1ea10bcbcbb89f835c29dc7d2c8ceb	26.23%		Heodo
2020-07-22	dat 2020_07_22 RB7911.doc	doc	a726db669cad36b2fd25878a66e81894a830c83827693b16c8e8e44b832036c3	n/a
2020-07-22	inf.rtf	doc	ad71158fd2fa3ad570d1764feac2737214e1900c2ddcce1c9b7d1e347a53e357	n/a		Heodo
2020-07-22	LIST 20200722.rtf	doc	ea444cde5a8ef5b6165a348732af41e4c634669259036caae42e242c5a7c9b1c	25.81%		Heodo
2020-07-22	File 20200722 QJ461293.rtf	doc	7fb831a6988b9e816af85e485721d4e44b500b6a9d30af5b82cf9ec4d28eb584	25.81%		Heodo
2020-07-22	file-2020_07_22-N80634.rtf	doc	d3bfea33a12c522ea8faa7840613e14c78035362c064c858c1467513a68ac9a7	n/a
2020-07-22	Dat PJW173.docm	doc	812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981	27.12%
2020-07-21	File_20200722_SJY84888.rtf	doc	435f4fc1e9a6888f671e834bbdce6aafc5928c7dcffbbbe728f18573b73da965	n/a
2020-07-21	arc_20200722_M729922.docm	doc	3ef294ca4013371b69d6af647114806b71bb3dc07fd56f12c078703411d61b3d	25.81%
2020-07-21	ARC-2020_07_22-FD87567.rtf	doc	c1cc356eaf49711b7673b9c27f015163363a60417ad3b9b7e6883015b65d80d8	26.23%
2020-07-21	INF 2020_07_22 KD32585.docm	doc	cbccd20b9bc23454ec01bec4a0094e77dcc43d577666259f8d97aa30a118ac35	26.23%
2020-07-21	doc 2020_07_22 E32450.docm	doc	2027e8348e8d2f364d55b2bf47f9a4b37fd2ff7aabdda5ed056e3f6cd42cf777	26.67%
2020-07-21	mes_49875.docm	doc	139f5bcf4c7fcbe0a8a5d940c5d38dd847e2c979df74dcf680208e73b8ac668d	26.23%
2020-07-21	File-0800618.rtf	doc	205a04626bdf6f3da605d8f8ba60126d02451085528330524d899a38520be8c3	26.67%
2020-07-21	file_2020_07_22_L21499.rtf	doc	6852b34db0c7a6150c1095a704236a1938b4ed46cd9d7bdfd412555ebf61890a	26.67%		Heodo
2020-07-21	FILE-20200722-061.rtf	doc	db88b385b97b7038cd233960f7f99ce350a72a3eecf6bbbcb227645f111d4e7c	26.23%		Heodo
2020-07-21	list_ACW745966.rtf	doc	fa7d276dec85ff7ee463b66c21669f79147f0a35da770d7503547d768e8968b6	n/a
2020-07-21	INF-2020_07_22-I07749.docm	doc	96f45a5c51839644dbf8e9f7ffaa226944422285dd997fc0ff8c23a883b18410	n/a
2020-07-21	Mes 2020_07_22.doc	doc	6ecd03bfb72de9f29bc5556f07f77b6a3ca030b9e385fe6b910678d2c8da855c	26.67%
2020-07-21	Arc_20200722.docm	doc	1b88521e38b8901eb1b7a1dc126f5bae2eb93721382646537f5c42931d1b8890	n/a