URLhaus Database

You are currently viewing the URLhaus database entry for http://duck.org/images/Reporting/jj8g03q/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:419856
URL: http://duck.org/images/Reporting/jj8g03q/
URL Status:Offline
Host: duck.org
Date added:2020-07-27 12:53:04 UTC
Last online:2020-07-28 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-07-27 12:54:02 UTC to abuse{at}servercentral[dot]com)
Takedown time:15 hours, 35 minutes Good (down since 2020-07-28 04:29:43 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-28TGD_070120_EBO_072820.docdoc 20d81ffc64ba89a114dc4ee30c643d555945ab0ec0f3a17c96b56d6087ef3b13Virustotal results 42.62%Heodo
2020-07-28BAL_64828823.docdoc 3bd36ab32026af0a6cb457a12a0ba75df13d8e6a288da64ca838af0bef9c2e24Virustotal results 44.07% Heodo
2020-07-2809936970.docdoc 4b0e153c6b865d8301d0b569169faf4acbe77703f624f14215b5b5b04759462bVirustotal results 42.62% Heodo
2020-07-28H_TEW_070120_BQI_072820.docdoc 1e687ad756dada51e71738e9b4af3eedc481d865f7df0bd32500ea50bd16233aVirustotal results 42.62% Heodo
2020-07-28XR_12826536.docdoc 9811d379398e1720f5eea242d0d007c3190bfc61a28ad236f23cf78e0ffb13faVirustotal results 43.33% Heodo
2020-07-28INV_14718639.docdoc 8cb2ee65b209dc77c33984c49bd4ed006fddd9fb40132c166c494f47cafbd5bfVirustotal results 42.62% Heodo
2020-07-28BAL_643499474841462550.docdoc 29c42aa5892fede943d2975f64abfccbcc8cfa164a85e278753f970a17d010den/a Heodo
2020-07-28BAL_CM2685664923UD.docdoc 2b4263841c81074211dd59e820bf05562e5c59be8d38bf8791a0a21753cdf504n/a Heodo
2020-07-27INV_QGR_070120_KMN_072820.docdoc dd1fe9f11a267149ce356a768d071605c1972fd10d1f7a57a29fe8a2c8fb41c1Virustotal results 41.94% Heodo
2020-07-27QBH_3616487936555796176578556.docdoc 3e21349ba3bf686515975146afcebe14651b2304ec58b47bea6b87b5fbc79a69n/a Heodo
2020-07-27PO_07282020EX.docdoc 2bd01d881217785295064f5e2d94720a9d0952d1ee3888349b008bce7cf5dd8fVirustotal results 41.94% Heodo
2020-07-27V_PO_07282020EX.docdoc 0a2efb0dfe85f3fb776bdfaf83eb0b8b4f17d2f52d4a75552928b1ef7ff1f76dVirustotal results 41.94% Heodo
2020-07-27R_15788832.docdoc bbf1da4131b3b508272428af648b22533a0add8b66f8b09f4570c1d799434a76Virustotal results 43.33% Heodo
2020-07-27REP_86813696.docdoc df3f07a28988e65741321c968afd02eaf8a49fa2dcf2e2f2685d04e13a236122Virustotal results 42.62% Heodo
2020-07-27U_27600976526555542964573.docdoc e014e7351a4ad87f016b72570a6ea61c63069ef368ef1501bf75c019760740d7Virustotal results 40.68% Heodo
2020-07-27L9ALRXV95B2QF.docdoc b055c91beadcc69f982e372bba82ce74efcb003bb9c2fc772efae1a27beb3387Virustotal results 40.32% Heodo
2020-07-27FILE_NNB_070120_OXQ_072720.docdoc 5d08f7fb64c5fc4af654eed617b862ed33cd458b34326c027882d886627f96d0Virustotal results 40.32% Heodo
2020-07-2744287155.docdoc 2317a555c5aabac7a3b94757661b5ca7f25d7612b4c4a93df00b35fa56fd8e9eVirustotal results 40.32% Heodo
2020-07-27EWB_070120_LOI_072720.docdoc 0da558e5de9d2aa59b4abce50bfae6b5d6100210944d4d9f863751cf5049ab89n/a Heodo
2020-07-27X_T5ZD7CLB8TKHJ16Y.docdoc 13d7c7fcf925089145ba48d21b26bd672ce6184d990dfb487c149d912d4cd347n/a Heodo
2020-07-27PO_07272020EX.docdoc a2567b74182ca4bcd6e1d71b9d97079c0e9e0b0e311f994050401968d53b2a41n/a Heodo
2020-07-27BAL_XQI95HSKGPJ9X7.docdoc 91152b36ee00554ccc94b6fb23b7594abb8cbb67e4e0165a858aeaaf1efbae24n/a Heodo
2020-07-27FILE_16047104.docdoc 73f18a8c44cf04ebbee8f78a84fb27af4e997c7fbf96c64f9a766abf558c6ee2n/a Heodo
2020-07-27DOC_900312546.docdoc ae3fe22384694c5fb3e90b4187e3766f58f0a7cacd0d60df5b5928b8cb380c69Virustotal results 36.07% Heodo
2020-07-27DOC_PO_07272020EX.docdoc b466b6838413f70d7d45be04456491e75140bf1180eb7a2162049fad1bbdb8e0n/a Heodo
2020-07-27AM3XI1F8PLIY0SO.docdoc c990553caf786b8c95f0e8357fc0e5f81c153f9463af808381b108779bd7b50dn/a Heodo
2020-07-27REP_YKUACEQUOHBS.docdoc cf253830c0484f6a93945b844e71d9d20ebe95c0a8e699fe12be87b07d04959eVirustotal results 35.48% Heodo
2020-07-271019959354413.docdoc 7ca74b3c7abb4df9b42143995e6df94e5cdc55a6736e58abee7a70bd20032c47Virustotal results 35.48% Heodo
2020-07-27FILE_70987111.docdoc cce46da95472c73a2b5454ca83c55e19d71835c8c152eba821cf97e9f7bbc1adn/a Heodo
2020-07-27INV_PO_07272020EX.docdoc 9f2af6ce30c83a7a9ffa60abec4aea20dc46d3ba79c249e1e010c5a0cdeb5d87n/a Heodo
2020-07-27INV_YE6B8XT4L0PO3U.docdoc aa15b2714319bb57b8f6dc0c835ee0bfd4337365f299c881a7be1257885d360bn/a Heodo
2020-07-27REP_89113497.docdoc a3ec06a728376f04f1b1213d11e1e858ede852ceff4b0a0edfa271e43da2172bn/a Heodo
2020-07-27BAL_PO_07272020EX.docdoc 4bf023382638c6775d7fd65eb79139545c67ac070bbee3fe3f6e7ebd8b0ab1f0Virustotal results 36.67% Heodo
2020-07-27FILE_40080408.docdoc d1f1e456cdbd8b54f3f7584340c7846baace23a2097ed2de44057a637d60717dn/a Heodo
2020-07-27ZH8712913334LM.docdoc b803304b0bf47d3a92cc4791296f5b9edaa19daa461dbc627b04010d6ccc2a37Virustotal results 36.07% Heodo
2020-07-27DOC_L10BFKSI.docdoc 3cf61a296bfede013dd706c4d3b8fb9849df2e5caecfb0a5cb45551b0b94a31fVirustotal results 36.07% Heodo
2020-07-27INV_IM8463418233YC.docdoc ffcc77d43111d72c984db59cf32499affcf2cacef63bee20c75969a0e2b8eb59n/a Heodo
2020-07-27DOC_EI4407682854JI.docdoc 3814e4ad351972666953e1063e2bcda836b705e2ad1b7d736ebe667072f45c5cn/a Heodo
2020-07-27BAL_NF7878955460RV.docdoc 7035a4e25fed7143de04fc5805e8947ccb614b71fab84eba9012d49d24ff6a91n/a Heodo
2020-07-27DFEE_PO_07272020EX.docdoc 93086a3823e0587704a52306fd0442d424855e4f5233eae0cd14ec0586af7759n/a Heodo
2020-07-27REP_97709724040542083.docdoc d5fcae8da6eb3ba0e7ec2cd8c0c7e483303cf86e330dba325033894e7b3dcb54Virustotal results 36.07% Heodo