URLhaus Database

You are currently viewing the URLhaus database entry for https://jygasoft.com/wp-admin/private_resource/verifiable_area/946338247_dembyve0x/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	417705
URL:	https://jygasoft.com/wp-admin/private_resource/verifiable_area/946338247_dembyve0x/
URL Status:	Offline
Host:	jygasoft.com
Date added:	2020-07-22 08:03:04 UTC
Last online:	2020-07-29 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-22 08:04:02 UTC to abuse{at}microsoft[dot]com)
Takedown time:	7 days, 15 hours, 14 minutes (down since 2020-07-29 23:18:26 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	FILE-20200723-1904769.rtf	doc	aec05999d3751d7cfd9ade2316388ee6da303748401fb7eada3edaf2b37a18a3	43.33%	Heodo
2020-07-23	DAT 20200723 GB946234.rtf	doc	b60064c8db21645429edab0b94dcb5dc93c7325774e13b65c0bd79497eef8296	44.26%	Heodo
2020-07-23	Dat_2020_07_23_RP02414.rtf	doc	b27dff26a97f18384d8db6b7e5a3c5006d66ed61bba5313f802ebf96543c1c5e	44.26%	Heodo
2020-07-23	Arc_2020_07_23_02438.doc	doc	1a49241764ba049de98c9d050dd57d0c9089402768b9a1206e09dedde0282d0b	44.26%	Heodo
2020-07-23	Inf.rtf	doc	c685dc92b2f626e331f4d31a5db4b218823c143b7c5338fe29b8518455179cfa	43.55%	Heodo
2020-07-23	Arc-20200723-0260815.doc	doc	e73f1ef263f3c13e83599b2740bddf21cac0115e8a8da4a0c728e024efc669bf	44.26%	Heodo
2020-07-23	doc 20200723 GR94692.rtf	doc	0f79dd6c7bd7490955e93399a3e660272c22f6f7f5e97a24ff33d1d1af714941	45.00%	Heodo
2020-07-23	Dat_20200723_X0019.doc	doc	34184c5992ed62afbaee71a96232106fc41857b255341becc56b01722b343c3f	n/a	Heodo
2020-07-23	Arc-2020_07_23.docm	doc	c16f62ec18e9ca91236dfbab6da3e98fc15a8574e3c66dcb4c652ba820bac07f	45.00%	Heodo
2020-07-23	DAT-326.rtf	doc	57c916ce284fef78cf597e34daaba2cf0aeed7a30602b72dc93b8ec0a1aa8cc9	44.26%	Heodo
2020-07-23	Rep_2020_07_23_NOD504052.docm	doc	c4ddc964c0d911deab5fe24136c588c63d4fe247aeedd42d0ea37491e44af3e5	44.26%	Heodo
2020-07-23	INF 2020_07_23 815784.rtf	doc	4e765584956c4f9fe770cd92e1d32522023508d48ba53b6ce7ace6c04d4e8d83	43.33%	Heodo
2020-07-23	LIST_86830.rtf	doc	cec6250fbf5fb227dd2bdf92b7031f41fa3d65fe1f1d5a441229c14913884ea0	43.33%	Heodo
2020-07-23	mes 2020_07_23 20304.rtf	doc	3871eed6206b0a99254d0c9687c02a628857c89231e009285a476dacff80d98d	43.33%
2020-07-23	rep 20200723 Q179385.doc	doc	9a3ea141f8d72bc76545f030fe43d91476ce753bd525ed872269184599692c81	42.62%	Heodo
2020-07-23	rep_20200723_86187.rtf	doc	49700dd4aae08be36bff9524c53990a3f170568a9e5e56b7148ef982d9f3bcb2	42.62%
2020-07-23	Doc-0979.docm	doc	f07f1ea8f243baad0226c6de69f32eabbcbad57b7a06b840428ef9298b24be1d	42.62%
2020-07-23	ARC 2020_07_23 AU6641.doc	doc	f5a1617ace3c119f8b0da4e5f5d71a16ed13263569af554bb722341c3fe2a67a	44.07%
2020-07-23	List OBE083.doc	doc	e881a58826ad79a56fff01bc459089e0e02bcaa8071bbf4737279a153c4c60ea	n/a
2020-07-23	File 2020_07_23 887694.rtf	doc	e4c0c53d2566fd3d639ce00a49816d813b56df5c37b964bbc9a551a411f8873c	40.98%
2020-07-23	inf.docm	doc	5d72371a45cf75d1eff6513b68a6b70f35b1723e1ddfdbbf6ff59c62c9770068	40.32%
2020-07-23	List-2020_07_23-YRQ818.doc	doc	b936ca1824141941696f21188294398f23a5bf8f6dc5211f7a89d68996eb1496	39.34%
2020-07-22	REP_2020_07_23_0975.docm	doc	85c9b8464b14bbfbc90c01fe540a9ba134191dd42668aebfb5c09e35b1887dc0	39.34%
2020-07-22	Inf-B08766.rtf	doc	8aa7ea8c9d1c9de29d54f88600c9ffc99c05fafa3017b298e03b7cbc73ddf5e7	40.98%
2020-07-22	Dat-QE083.doc	doc	7b0a43ed14a889ff1b2f26657bc4453ef52f45ffa85ed059e8109ce860239530	37.70%
2020-07-22	dat E578156.doc	doc	86ef20dcbdc30f082e16816d3281b197b1e34d03d05c1098a867b9d840802cab	35.48%	Heodo
2020-07-22	LIST 20200722 F66656.rtf	doc	e11c9ba64714228bf279f8f486767e6c73cfa9103641d0295bec1dbf6e7bad2c	40.00%
2020-07-22	FILE-2020_07_22-2282.doc	doc	cf53854628d9e95bf9c5b164c75908fcd42e2de87401607eaa617f331d376864	36.07%
2020-07-22	REP_20200722_IQO7842.docm	doc	96836e41326e43b6568b375f848f490a866b35aa2247df397caa46a4f00961d4	37.10%
2020-07-22	MES-20200722-CER17274.doc	doc	3cdc4b152007b8583277c7ae4ad9e2df4b455d70ea68db4e16537a0354c97362	38.33%	Heodo
2020-07-22	list 20200722 IQU15288.doc	doc	b30860973bcdcd040d50b0bb6c2ea01eaba9b34856e80b02074b7366a047438e	n/a
2020-07-22	doc-RFG548.doc	doc	7e1e28f3605a3ed7b5c08f64e8b18ac845ca5545d5369a4d5bc62c4d496b6f10	42.62%	Heodo
2020-07-22	arc_20200722.rtf	doc	f075848ad6d384c4cf68d031f2acb0454e37bc993fc8fba6a111d8e744fac9df	n/a
2020-07-22	dat_0919171.docm	doc	9ce36189cada197a884a87961974fc599b3c72a353a59e3470c0f08ad67646e8	46.43%
2020-07-22	ARC_20200722_498492.doc	doc	1a1a63c15492564a8a28122abb9e6e957ea626c145b1e2712a5cc9f4c10c7b9b	44.26%
2020-07-22	inf_20200722_2911893.rtf	doc	bce88cb5c4bb7331cb4cdb37a1d9d122bf444785670578109715ea8a54c74dcc	44.26%	Heodo
2020-07-22	INF_2020_07_22_400145.docm	doc	846a3c8292824fe60dad21c3e4372eb2232b0aa6a5b82485c583395b2311b7f6	44.26%
2020-07-22	Mes.doc	doc	8348f38db09c088226b5f6570310fdfc148cb480fa9f6231ad6262701e3d5bd6	40.00%	Heodo
2020-07-22	arc_20200722_Q478.doc	doc	933c7f05b56492f880e1716a1240b0bf1679fb740c973b5adff2f3575ae2a3b8	31.03%
2020-07-22	Dat_20200722_VK5650.rtf	doc	fb1530a751799859585501c02c6cce39addd2e4572d8df0149ae14735eb2f113	30.00%	Heodo
2020-07-22	Inf 2020_07_22.rtf	doc	6babaa931bc26a787edf3d1d3118c0a45416f2e9deb01bc741decf522a2bda49	26.67%
2020-07-22	rep-2020_07_22.rtf	doc	3f0439068eefa5ef762b899f9eb133708916084d5e2f79a0344093fb19c3c026	30.00%	Heodo
2020-07-22	Doc_20200722.doc	doc	194c758a5ff19785134e06f7efa9ee11bc4e3d42cc2005d93581915fcb9ef005	27.12%	Heodo
2020-07-22	MES-2020_07_22-RPA409.doc	doc	4ef2c8006cf9685f61441f329dbce4b1cfab1f70eb6709bf48168b31c42eba0d	26.23%	Heodo
2020-07-22	MES-2020_07_22-A419873.rtf	doc	4a208003acf718f4503edc32f76f194bbe6169c8a1863c6b3b3846ae863552d4	24.59%	Heodo
2020-07-22	Doc.rtf	doc	8fc3728262050ae04e3d6c7b00f1a0147b1d144b1439d1ad5b03ac195364c2f3	25.00%	Heodo
2020-07-22	File 20200722 CQ0778.docm	doc	a018bebb6f4d713eff5d16c6b80d20df72bab7d5e055c287018f1f842f952e1e	25.00%	Heodo