URLhaus Database

You are currently viewing the URLhaus database entry for http://werkhanden.nl/blogs/FILE/694s3g8st/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:419898
URL: http://werkhanden.nl/blogs/FILE/694s3g8st/
URL Status:Offline
Host: werkhanden.nl
Date added:2020-07-27 13:54:09 UTC
Last online:2020-08-13 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-07-27 13:56:02 UTC to abuse{at}caveo[dot]nl)
Takedown time:17 days, 5 hours, 28 minutes Bad (down since 2020-08-13 19:24:38 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-290270441768732813441.docdoc cc3af3d4840f3820521e7e5c73ad6b354dbf075fa505448fc5860aae3f64f570Virustotal results 27.87%Heodo
2020-07-29DOC_UF0632282633WA.docdoc 35882c33b875d15f1c62d995a525bdbf80355da1abfef138e5b369c5543b2ac9Virustotal results 27.87% Heodo
2020-07-29REP_2677464422467.docdoc 5a959afcb67ab697d8f53e2e91f7424fb274bee1600360681f6b61c26e377fd7Virustotal results 28.33% Heodo
2020-07-29DOC_06252228.docdoc 87846423e23b65549e326d1a999fd89c7e93f2ebb0e94b45a3d1e9a808611c2fVirustotal results 28.33%Heodo
2020-07-29PD7821920260FR.docdoc 1257945161cce1eb5a26d2ae6cd6d914e96eb7e505d3f37a281f2d091e2a7a32n/a Heodo
2020-07-29DOC_7450175620094853.docdoc e8f499a49f0182ca1b86f7b7795f561d6739caf6baf7f884357657be05fc68bbVirustotal results 27.87%Heodo
2020-07-29DOC_979220444.docdoc 8ae3245b9d11f03d3275763f2cb4bcd2f27af42a9b03eafa5829b0dfdf47003cn/a Heodo
2020-07-29BAL_RCZ_070120_WIP_072920.docdoc 07e52d952fad4d01da29f568d5fcbe57574ab3f02abea82936716fc9c1671b2cVirustotal results 29.31% Heodo
2020-07-29INV_PZVKEZLQ.docdoc 10361963fee9e09d6ecba109538947570bb5bc47275c46101f018ad1913138bdVirustotal results 26.23% Heodo
2020-07-29DOC_BBL_070120_VKP_072920.docdoc 9ab92090f841355a66c7a8807dd706180f5326f0ac8711a80b36953821641740Virustotal results 26.23% Heodo
2020-07-29NGPF_LZ9641514831SA.docdoc fccf70d8d89e60e1121cdc6b1ea78acec628a2f192e60810ec0948a20808fcafVirustotal results 27.59% Heodo
2020-07-29BAL_H1NI4YBGNVJM1HDP.docdoc 3954d7ecbe1e1a217e5d56ecafc9c2826b44af54c583298491928f6d54da05c1Virustotal results 50.82% Heodo
2020-07-29REP_FOS_070120_JKO_072920.docdoc 9e3690a0a71dc239833dddc5b2aa94983eec61d88a636aa96f12bcfac9898592Virustotal results 41.94% Heodo
2020-07-29FSQ_KY9590534035TH.docdoc 8592e77c1c48d939b205ebf81fe0b5903ed8d37d9738f02db0360c37442133ddVirustotal results 40.98% Heodo
2020-07-29S_334135166411.docdoc 1f19f1cc91f28959e4f1a099b4f6d11a2dfd3b5d5ecf73f596b764dfdc356b57Virustotal results 42.37% Heodo
2020-07-28SZ_55024366555909.docdoc 9e2785a9cb319ef1e1ae50d46ca804ae72583b7910a6c8fcd6bdafc8fd8ce956Virustotal results 40.32% Heodo
2020-07-28BAL_CIR_070120_DQL_072920.docdoc 9ce021e6a7338e5f83393a0847938227389e03db802ee8144d3dd1c4ba77e4a2Virustotal results 40.32% Heodo
2020-07-28BAL_MXH_070120_HQS_072920.docdoc 63c74b892d39492d60408cece9e71cc78d5bb63eb8f598ad5d4f1f375c2745fdVirustotal results 40.98% Heodo
2020-07-28RH9247337339DZ.docdoc 32631dfcd1e0a725b4b51420531bfa589d3dcb19269f060e7a7083332d537fa1Virustotal results 40.32% Heodo
2020-07-28DOC_DJ1979243814TZ.docdoc 3b22de2133662d6bc3110543625e64f9db12f61bd4b994f2042897181b970547Virustotal results 42.62% Heodo
2020-07-28DOC_DJ1979243814TZ.docdoc 3b22de2133662d6bc3110543625e64f9db12f61bd4b994f2042897181b970547Virustotal results 42.62% Heodo
2020-07-28FILE_33CNZWE2SWUMLR.docdoc 9248ac75d96a989a81fa34deae23b61606c85b648e9435620a13d2fd9495d511n/a Heodo
2020-07-28INV_40370988.docdoc 97d5842fe4efaef26c0274fe3aecd3a2218c4aaa83693f46788da63b6b9a5a25n/a Heodo
2020-07-28HFA_070120_MVT_072820.docdoc 9ba684d3bb94c46b9c7476bf8ea2ecba98cc9e6975bb465242081e17e69ff0b1Virustotal results 40.32% Heodo
2020-07-28INV_ZJ3601541664SG.docdoc 7fb4e339a1a6b0505110c9ea8c8e9d5fc9fb700bda6e1e78abb978c9d275fb5aVirustotal results 41.67% Heodo
2020-07-28DOC_HKH_070120_UND_072820.docdoc 9bf049c3356bbba6bc9e82bd698a785902daf6069e90ac638d402f83c4cd9d59Virustotal results 40.98% Heodo
2020-07-28OG0545878343NQ.docdoc eb11c0db3709ec548111c9a73f9f42712d81eb94d097b939a860ec951ebd699bVirustotal results 39.34% Heodo
2020-07-28COE_070120_VXW_072820.docdoc 56650f736f77513505c612b3819459a834901d554f183da8bb88d880f5445af9Virustotal results 41.94% Heodo
2020-07-28BAL_JOZ_070120_MVR_072820.docdoc c0abfc654f0e7e781bed0aaae89924773004af65aa46af36b80189f7368edb64n/a Heodo
2020-07-28V_SIL_070120_CSE_072820.docdoc 5283ef7002c6e2613eb9674633a5359d32f5888d98f81a76bdd13458c289f563Virustotal results 44.07% Heodo
2020-07-28INV_2374172394192272802.docdoc 0a2818ce9bfd7f5eaf2b201eeea0b4e9f4d110587584ed13017b1574324b099fVirustotal results 42.62% Heodo
2020-07-28REP_00874326.docdoc 55677077478fe1e1ccb1eb668fd20da87b77668e9a5ca12ea061ad59341e0693Virustotal results 40.00% Heodo
2020-07-28PO_07282020EX.docdoc 9c8f04c408fe3170c3f9d50092fa7bc79b072ac1bfe7c985dd2887d8581242f0n/a Heodo
2020-07-28FILE_TJS_070120_OYR_072820.docdoc d3348b8a1cf0e49ec9002c8b05f875258c4549f94cbc0950ac9feb6ed35b5689Virustotal results 38.71% Heodo
2020-07-28JS9192841757JC.docdoc 4fdb97a98c47101b9d2c0308f3c3a9d4fd53c97fd7a0d7937ee3f292c51f8757n/a Heodo
2020-07-28CBF_070120_WTW_072820.docdoc d831fb7e6ca7099b615f50a60fca9d58ca6307bb95d592dfdd1c793b267f7f86Virustotal results 39.34%Heodo
2020-07-28YUD_PO_07282020EX.docdoc 69314a5a40529facfde61bb78562869e4ca9a67ba69a3028d376a265e174ea6cn/aHeodo
2020-07-28DOC_RMF_070120_DQN_072820.docdoc 2840dbe68611c23040d1bcd78b9473dcd48de959c93280ee78f105b5af51fe75Virustotal results 37.70%Heodo
2020-07-28INV_PO_07282020EX.docdoc 8b8b2829eec27c2687e1e4dfb190e65d66875564f241e73d6229909a552a510cVirustotal results 40.68% Heodo
2020-07-28B_NDF4408D0MA.docdoc 26906041efdeafb6c1754eac8dff97abf079148816f1121ef92bfaed0a6e9991n/aHeodo
2020-07-28CE2209271595JD.docdoc 20d81ffc64ba89a114dc4ee30c643d555945ab0ec0f3a17c96b56d6087ef3b13Virustotal results 47.54%Heodo
2020-07-28J_34800649.docdoc 91805b9712b722f752def66b365b56fac9bfb43b35185b628770b8470b5ddfc3Virustotal results 43.33% Heodo
2020-07-27REP_M5FU7YP0.docdoc ec58eee07fffa7a7af0387949a025a2ed4f748060d7420dc53316cb6b9a332e3n/a Heodo
2020-07-27PO_07282020EX.docdoc bbf1da4131b3b508272428af648b22533a0add8b66f8b09f4570c1d799434a76Virustotal results 43.33% Heodo
2020-07-27BAL_1387343745582691196.docdoc 9e6b07432484371908b25279a80c78f3f717726fdc1cee80af1458b9dcdd92bfn/a Heodo
2020-07-27970075472859214715.docdoc e014e7351a4ad87f016b72570a6ea61c63069ef368ef1501bf75c019760740d7Virustotal results 40.68% Heodo
2020-07-27W_AL2037712120PF.docdoc d3ee72ffbd93738908ddb2ee2fe2330cdc187dde05a8aa4d8ebcf62bf5c521cdVirustotal results 40.32% Heodo
2020-07-27REP_PO_07272020EX.docdoc 2317a555c5aabac7a3b94757661b5ca7f25d7612b4c4a93df00b35fa56fd8e9eVirustotal results 40.32% Heodo
2020-07-27478971140999.docdoc 703e88d42ddaf81697ed66c7c12f25c7d9c07d07d21ab99953ee6e25ee4c7062Virustotal results 39.34% Heodo
2020-07-27ZYC_070120_MYG_072720.docdoc 13d7c7fcf925089145ba48d21b26bd672ce6184d990dfb487c149d912d4cd347n/a Heodo
2020-07-27BAL_ARKWLVA8HXNK8WM.docdoc a2567b74182ca4bcd6e1d71b9d97079c0e9e0b0e311f994050401968d53b2a41n/a Heodo
2020-07-27REP_PO_07272020EX.docdoc 8e8c8d6fbb0a1654fc7c5b17303cd74e708db925ed43edb75424d088dcd64a2bVirustotal results 37.10% Heodo
2020-07-27J_PO_07272020EX.docdoc 73f18a8c44cf04ebbee8f78a84fb27af4e997c7fbf96c64f9a766abf558c6ee2n/a Heodo
2020-07-27BAL_QS5686570353MO.docdoc 0025810e6ef737b9e29a4ce80ea3f4092120c88840fbdfc4e02c27c11f0e0a21Virustotal results 36.07% Heodo
2020-07-27Y_XTL8CUZJH20K4.docdoc b466b6838413f70d7d45be04456491e75140bf1180eb7a2162049fad1bbdb8e0n/a Heodo
2020-07-27BGG_9498903373869.docdoc c990553caf786b8c95f0e8357fc0e5f81c153f9463af808381b108779bd7b50dn/a Heodo
2020-07-27FWFQ_HDY_070120_RRP_072720.docdoc 6c5d170321bd2c9bbf26d6d710485bc49663952dba2726292b8a2118390319efn/a Heodo
2020-07-27INV_H2YRMWJOSNG3KUL.docdoc 7ca74b3c7abb4df9b42143995e6df94e5cdc55a6736e58abee7a70bd20032c47Virustotal results 35.48% Heodo
2020-07-2733076222258582302874.docdoc cce46da95472c73a2b5454ca83c55e19d71835c8c152eba821cf97e9f7bbc1adn/a Heodo
2020-07-27REP_28136173.docdoc 9f2af6ce30c83a7a9ffa60abec4aea20dc46d3ba79c249e1e010c5a0cdeb5d87Virustotal results 36.67% Heodo
2020-07-27I_62283060.docdoc aa15b2714319bb57b8f6dc0c835ee0bfd4337365f299c881a7be1257885d360bn/a Heodo
2020-07-2711084176.docdoc b803304b0bf47d3a92cc4791296f5b9edaa19daa461dbc627b04010d6ccc2a37Virustotal results 36.07% Heodo
2020-07-27DOC_ZZ5671627350PP.docdoc 3cf61a296bfede013dd706c4d3b8fb9849df2e5caecfb0a5cb45551b0b94a31fVirustotal results 36.07% Heodo
2020-07-27B68QGRJIEPUDP.docdoc 02a8d27299fc6e7b5683da67992da160a28ee1a8d16a6b283b1283b4b117c4b6n/a Heodo