URLhaus Database

You are currently viewing the URLhaus database entry for http://www.simpliaxis.com/cgi-bin/closed_sector/guarded_portal/JlHf8_lp2HetntG8/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	417390
URL:	http://www.simpliaxis.com/cgi-bin/closed_sector/guarded_portal/JlHf8_lp2HetntG8/
URL Status:	Offline
Host:	www.simpliaxis.com
Date added:	2020-07-21 23:59:04 UTC
Last online:	2020-07-22 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-22 00:00:03 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	13 hours, 43 minutes (down since 2020-07-22 13:43:15 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-22	MES 20200722 40342.rtf	doc	663a5cc4bea53e83055d9c30b3724798add62c0a512896dac94c3366578d426d	36.67%
2020-07-22	Arc-2020_07_22.rtf	doc	d89c2b2131e03e4f8eac35b8cb25de8095bafff8642629e1a4b64b391a014a77	34.43%
2020-07-22	MES_2020_07_22_GE0245.rtf	doc	79cb28f01264a585e6d085eff860653eb72ec7b1976323c1f310ff7bdf0b1598	35.00%
2020-07-22	file-20200722-0229.doc	doc	ed276b342fb1c72553926d9a0df398159658777709c1c0bad5ad18c942792d63	n/a
2020-07-22	Doc 20200722 AZ72741.doc	doc	933c7f05b56492f880e1716a1240b0bf1679fb740c973b5adff2f3575ae2a3b8	31.03%
2020-07-22	LIST_20200722.doc	doc	fb1530a751799859585501c02c6cce39addd2e4572d8df0149ae14735eb2f113	30.00%	Heodo
2020-07-22	DAT-2020_07_22.docm	doc	3a41b5672541c103127d7150bbc0b39ac13eede1d3851fc7c63484a3700f659f	27.87%	Heodo
2020-07-22	doc.rtf	doc	ad0b84b38f613391231e63d53e800947407c72b0e2b87c9a79cb58d7d3520146	27.12%
2020-07-22	Mes-2020_07_22-U49940.doc	doc	6babaa931bc26a787edf3d1d3118c0a45416f2e9deb01bc741decf522a2bda49	26.67%
2020-07-22	inf.rtf	doc	cb016de85f101cb949d1cfb72baa282d05031bb8374f148a16af68b20dc2da45	27.12%
2020-07-22	LIST_958812.docm	doc	bda45a277d1d57050ac2f680f22b728a35eb2aa5d67471ea2b55817d66a982c8	26.67%
2020-07-22	INF 3746.doc	doc	194c758a5ff19785134e06f7efa9ee11bc4e3d42cc2005d93581915fcb9ef005	27.12%	Heodo
2020-07-22	list.docm	doc	b35d6f30710cd9faba8bae89a03e685b49544da9744821e0123e6585740a0e3c	28.81%	Heodo
2020-07-22	REP-2020_07_22-713.doc	doc	d831521ed1fd89695ea1f405aea9680401dc470716ead9076e1c428afc608093	26.23%	Heodo
2020-07-22	rep_20200722_7381.doc	doc	21443c68d64ecddd740c7966067a4bed9de79aa081c06b9ad97fe8d8d0e0716b	25.00%	Heodo
2020-07-22	INF_2020_07_22_81126.rtf	doc	46ddfb783ed7cee9d4ec3196ec9297e861503dbfdf905203eca8be9bcbd448e3	25.00%	Heodo
2020-07-22	REP-20200722-967.doc	doc	8a4dd2564fb906334e1702628a5b52b6ab20497d1a5522332c4879a1eb778c7a	24.59%	Heodo
2020-07-22	List 20200722 TPW637815.doc	doc	ab94ce7c4673e1e4f599bb543f7fe1ccd17d8b3f96ca4469b82d0b98883148cf	25.42%	Heodo
2020-07-22	MES 20200722.doc	doc	a018bebb6f4d713eff5d16c6b80d20df72bab7d5e055c287018f1f842f952e1e	n/a	Heodo
2020-07-22	mes-54052.rtf	doc	737f7e0557c9203033464070e06e23e7675c8325abd0083d1ebbdaca3f7eac2e	37.29%
2020-07-22	arc-UZ058594.doc	doc	8cf9d9d42298a4668f016012416111f8bfcd129c4b0ce9050c28a283734568ad	32.79%	Heodo
2020-07-22	arc-20200722-O956623.rtf	doc	20f29a9a1184a44a6ce629ca9668c86c1e6cbd4479a1bc1c3df082d17a1762db	n/a	Heodo
2020-07-22	LIST_ORO11502.rtf	doc	3b3ce42a271462a40c4105004cfb89a39663932385eb7e1d1909966481c4b902	n/a	Heodo
2020-07-22	Mes-20200722-0468680.docm	doc	84ee9ec33d16ade130e8842b327ab3d4b8480fada3bb6fb25ad854dea738e9be	31.15%
2020-07-22	file 620008.doc	doc	67a974e69b33e54421899fd9e7ea3b833607832d2ad8f7c1d5723735f65bed82	29.51%
2020-07-22	file 953.rtf	doc	b58dbe82f7a65596a2277d1c5ef1e42945e45cd0ad84c35872e1ed404607b9b6	n/a	Heodo
2020-07-22	file 20200722 X709150.rtf	doc	ca232fffc32f90a27bb9e8f4cef3966e1e0511ea34323aa76060ac1992774a5c	28.33%	Heodo
2020-07-22	arc_2020_07_22_404.docm	doc	c20821e80c5ce943d4b87b9416329f0502a4da3c97044c8fd7016172353e1626	26.67%
2020-07-22	Doc_2020_07_22_148.rtf	doc	b9d12dfc9cfedd1db467c5663c3e1f8253748e5b4743b77fc487e6fe12ee657a	25.81%
2020-07-22	DAT-2020_07_22-D968.doc	doc	ebdc8f40febf78564180a0f4a84f3ec60622fdb13e5a18b627ecd8f86f4e1b85	26.23%	Heodo
2020-07-22	doc 2020_07_22 IGT439.rtf	doc	ecec36458fac5fdf0031917d979c2539b70801bdee88e022ee090a48109e63b0	n/a	Heodo
2020-07-22	FILE 20200722 33865.doc	doc	8d70f6580cf02bcae5c4c14396951b6e6c1ea10bcbcbb89f835c29dc7d2c8ceb	26.23%	Heodo
2020-07-22	MES 20200722 1699292.docm	doc	3e65642f10d2b821a0c08b74d0ddfd34717dca5f9918551779815db934ae7963	26.67%
2020-07-22	list.doc	doc	d7b8fec9f533a9c31e7fe587b89552973d00bff30e4c7d8f7d4f2d93bc0eda1f	26.67%
2020-07-22	doc-20200722-D9994.docm	doc	ea444cde5a8ef5b6165a348732af41e4c634669259036caae42e242c5a7c9b1c	25.81%	Heodo
2020-07-22	MES-20200722-890.doc	doc	7fb831a6988b9e816af85e485721d4e44b500b6a9d30af5b82cf9ec4d28eb584	25.81%	Heodo
2020-07-22	File.doc	doc	d3bfea33a12c522ea8faa7840613e14c78035362c064c858c1467513a68ac9a7	n/a
2020-07-21	list 20200722 520681.doc	doc	812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981	27.12%