URLhaus Database

You are currently viewing the URLhaus database entry for https://magnoamericana.edu.mx/wp-content/FMzpnvht/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	417633
URL:	https://magnoamericana.edu.mx/wp-content/FMzpnvht/
URL Status:	Offline
Host:	magnoamericana.edu.mx
Date added:	2020-07-22 02:08:08 UTC
Last online:	2020-07-28 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-22 02:10:09 UTC to abuse{at}1and1[dot]com)
Takedown time:	6 days, 19 hours, 35 minutes (down since 2020-07-28 21:45:43 UTC)
Tags:	doc emotet epoch3 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	INVOICE-PV5121_658045.doc	doc	548e4293f740ef77ecf074a7e8eb5ee8659eb565fd08db697ca873dc770c11b0	46.67%	Heodo
2020-07-23	Inv-FH6284_189778820.doc	doc	cf2ba9c49c359ebc0d9ce182b928db8e967b6720c8d531c8366b2420ce778d21	42.62%
2020-07-23	Inv-FD8696_73667901.doc	doc	fd1b363068e21fa7a3e86cc0aa6134bfa46a640d70bcef686f19f57f54340f6b	44.26%	Heodo
2020-07-23	Inv-8023_6595276.doc	doc	178044a701a9ec991aaa5694350ff4ee08ef6f723628b3277c9a24627c4c8d1b	44.26%	Heodo
2020-07-23	INVOICE G9974_328747120.doc	doc	a7eba5ce690c5078cfc8875f5a8a07cdf7b8fe15a427b22b2620462b04c4558c	42.62%	Heodo
2020-07-23	Inv V5_504308.doc	doc	df314d2431bc91e51d22c2f55c6b9de5577ac0129f93014698c3e17546ae0867	40.32%	Heodo
2020-07-23	Invoice-MY55_953123781.doc	doc	3ca7f44149bb7302e4e24ee98c1720865e34416a3cc52d005b3a52fa51ff415b	39.34%
2020-07-23	Invoice CG0_5015188.doc	doc	908cb95829b5e7219efcf041c922c2633fe8c1bd3b38a4ea6536d80dddef9a54	40.98%
2020-07-23	invoice_D42_014874.doc	doc	abbc35112edb6b5259ca0c4d807e75f7faf0e59f60b86ba07082acefd30a9f82	40.98%
2020-07-23	Inv_SK679_5958206.doc	doc	5da4ed7ce6e6938d87f5b5d3add5191ebefb861c31ad2d43146c8cba80302610	40.68%
2020-07-22	INVOICE ZC5057_7651414.doc	doc	1038e244b3cda47068c4265401d36e8f73b0302a098dfebb6ddf4316a1e88f95	37.70%
2020-07-22	Inv_R6_848370322.doc	doc	73ca49f367f9ccc5d7afeb6979409e1e116a8ff24d143b7cda1482204e8a12c2	41.67%	Heodo
2020-07-22	INVOICE 049_4901181.doc	doc	a673367d1b59b0dc8e2baadcc7b82bab3cd5366208e024034a3f982be198b3a3	46.67%	Heodo
2020-07-22	INVOICE XSE828_517876615.doc	doc	2dd601a0f08f05e611caf1e1cbebd3ad136e29621b3987ffdb734a7bb27f7407	46.67%	Heodo
2020-07-22	Inv-KAZK998_5884211.doc	doc	37a8b5c5329497b21a600a6f9f8f7f3473738d3223b61fcabf5adb9b8967b922	44.26%
2020-07-22	Inv-160_308568780.doc	doc	4713ef31d9799b4d35e8444bfbc38699633d2b3faf9e3dbf730badcba5ee7e96	45.00%	Heodo
2020-07-22	INVOICE-0_72902664.doc	doc	f7f4e28f2fe978fa38da4ea0b8619d0930d59ceac2156a78b8d45936eee6f898	45.00%
2020-07-22	invoice-2418_779826.doc	doc	8aaea2227bcc24ea490c2eb6d0ab20fee60990d4c9e86fbf7b2b9d669d2c2629	n/a	Heodo
2020-07-22	INVOICE C331_1086236.doc	doc	50d702efc9b1c24c7958be8fa37f14e8343d36ef16d5de67c4aee63bb6d00047	45.00%	Heodo
2020-07-22	Inv-610_491270.doc	doc	62ad8ba146bad8695793483ab3a14ff790cd87f9a35e5657f0ff7d124acfc3fd	45.16%
2020-07-22	invoice DIWU3337_877129.doc	doc	4866f8481b362767c8c58bb2ba099270e314d22c1d09df4e3afcf0d6038961d7	44.83%	Heodo
2020-07-22	INVOICE-884_302006686.doc	doc	c89b170fea78126847d599a493f18d47d967ca36d121d9e9ed71fb87e37172e2	44.26%	Heodo
2020-07-22	INVOICE-PYRF208_535256381.doc	doc	47be8acdf14103a9c4f2b0e6b620ee5740669dd045e17a688e2480097be809b0	40.98%
2020-07-22	Inv-L4715_247019.doc	doc	9f61c634155e4c4c25cda79ab4da536afe7bfeeb879754985ea6bb196ee0272d	38.33%	Heodo
2020-07-22	INVOICE-Z5_448347029.doc	doc	393ac27aa81e021260be2c3de9507d953b3d57f2dfd0ebee96d4a18af210b982	28.33%	Heodo
2020-07-22	Invoice 0171_5234672.doc	doc	7ae185c406aed21110fcff1723a4499ed2cb4795b450ce5c394f5d19d9a00e4d	35.00%	Heodo
2020-07-22	INVOICE-JT1034_394472057.doc	doc	8bf0f63918707260860836fd1bae7c3366cd110c8a1299c064475020d837311b	35.00%
2020-07-22	invoice-9_94454979.doc	doc	80b76f063e5e981ab8806e6514ecb0f9e63dddc5593ded7c0ff726d31e39347d	32.76%
2020-07-22	Inv STAK57_95207993.doc	doc	eb3418a0c1e947d887954e4db54c16f1ca081af7dee17386a4736313e0990f9b	29.51%
2020-07-22	invoice 621_4263227.doc	doc	9c36f76e927ccde32781becbf6a3a8ee5d2b843d19172105b9b9610680e3d82d	30.51%
2020-07-22	INVOICE HCSF8206_6790363.doc	doc	957cebb6f6751d4233f9c5ee7a4f3c1bd643257070d4bd13eae482daf82dece6	29.51%	Heodo
2020-07-22	INVOICE_0_5901954.doc	doc	ebec52367d97dba5b80f400a05312189219712c682f4e3cdff9105afd7191d19	28.33%	Heodo
2020-07-22	INVOICE ZK97_60101259.doc	doc	f7668e2f4e40c50b6fa62b37e39899c5f7c5f742f9cd72840d3c9c1730928509	29.51%	Heodo
2020-07-22	INVOICE_2439_736968793.doc	doc	bc1674694af57a7a421c131be6eb3403a2d2392a862aaff679ac7d2087690953	28.33%	Heodo
2020-07-22	Inv-08_484966897.doc	doc	02c7fd8ed2ff395eb8c7eb3caca1e0cec299f4db7480e6d19829069ce541bc7d	27.42%	ZLoader
2020-07-22	Inv-J8126_14513619.doc	doc	0f2039a528f454dc85d45347c05e3deeed35f371d829ed160143b2cda326accb	26.67%	ZLoader
2020-07-22	Inv-CLXK1_6835939.doc	doc	962dfcf9dbe2a5f4e39e1ad1100caa0da7d50a87928be0985eb4014a51f3ebc5	26.67%	ZLoader
2020-07-22	invoice_42_77966067.doc	doc	4ffc8b69abd31fb168b42cc8255e26a2e707abe4d8b94e0285364d094c70f0e0	26.23%	ZLoader