URLhaus Database

You are currently viewing the URLhaus database entry for http://wagls.com/ftp/cerrado/t7e5ecfs9-p368176qu2p-caja/41036930741-Fdxu1j/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:419901
URL: http://wagls.com/ftp/cerrado/t7e5ecfs9-p368176qu2p-caja/41036930741-Fdxu1j/
URL Status:Offline
Host: wagls.com
Date added:2020-07-27 14:02:04 UTC
Last online:2020-07-30 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-07-27 14:04:02 UTC to abuse{at}suresupport[dot]com)
Takedown time:2 days, 18 hours, 6 minutes Poor (down since 2020-07-30 08:10:37 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-29DAT-072020-5-4428.docdoc 30f3174881463b091b82e3f9f08613cfd8e3d21c16e16606d6390f8a29fc1fa3Virustotal results 27.87% Heodo
2020-07-29Mensaje 072020 494565.docdoc 8fe804416a77bba32e0c65d0aa4b17b862bbe3da25f5e27c7ff8e1685ac961c2n/aHeodo
2020-07-29DJO7499432.docdoc a212de80f47f3022f28506e19c492d021ab7da871b3d3ed7d6d8dbb774de21ceVirustotal results 26.67% Heodo
2020-07-29Mensaje.docdoc 7d8e77aafcde0852ce66e99f0281b6360b15e901ebd3d2fdad2c4fd9ec52edd8n/a Heodo
2020-07-29Info.docdoc ad228ab027631c16a85fbde6ed443dee6852a21c84abb6e34d633c962ef1f41eVirustotal results 28.81%Heodo
2020-07-294454.docdoc 8bb634c8040c0dbdc8103c0bf90ca21e4ff6d65b9f63ed5a317b6e676ed0c7c5n/a Heodo
2020-07-29Adjunto_29_072020.docdoc 4b66bb4e22f421f21ae63f70aa2f43f7952f0ff42459c7f15215a3c8615e032fVirustotal results 27.87% Heodo
2020-07-29Arch_072020.docdoc c2e47faf5a472c7ba02cc29a36639663e9c4f7c1dc0b73da066050da0fc0c17cVirustotal results 27.12% Heodo
2020-07-29Archivo.docdoc 4cad41a2c94580e73badd4c35c2282597f7708204d5214f88c3f9972e3d99bbdn/a Heodo
2020-07-29ARCH_2020_405_0042.docdoc 4a491a72d63e81fa9c3c75f9a748ed7e305415689cd5dd082c6a41e6dbc78039Virustotal results 26.67% Heodo
2020-07-29DAT-2020.docdoc dcbd36be1ae4616ac6c98ad6c842109f310fce65b680339cdee66a49bd333700Virustotal results 26.67% Heodo
2020-07-29Documento-UK-876440.docdoc 6d33d26c6514907d83ea254422280f50c6087470e0014a527536e49da0a65359Virustotal results 44.07% Heodo
2020-07-29558_072020.docdoc eaa43aeb64928ef82fd61c6979a542c208bc1f50fc986e4a8c33de9e4fbdb4cfVirustotal results 43.55% Heodo
2020-07-29Archivo_2020.docdoc 2358e95d172df16e4ee84738952acac2857dd1c6ca1fd8d4f5a1cd6d3dec5b74Virustotal results 45.00% Heodo
2020-07-29ARCH_072020_Q_48702.docdoc 18eb3a42e22bad4739e7e30656ea54d812b781b53f4bdfb702acc5e440a0b6dcVirustotal results 43.55% Heodo
2020-07-2982388 2907 072020 DSO-2611008.docdoc 820134a5637582882bafcc6aaee3741fded6acffba0751a562ebff93370f7a64Virustotal results 45.76% Heodo
2020-07-29MENSAJE_2020_UF_621872.docdoc 581b3d0fa7b6ae23cef3a8e882801014964734eb92d18b457027199033b4690aVirustotal results 44.26% Heodo
2020-07-29DAT-194_153027.docdoc b83b73c67632686490ef3198ab96f4202bf007bce5df43a744af04c764b3f258Virustotal results 43.55% Heodo
2020-07-296876_29_072020.docdoc 57762ae9b274f78f82bc45f3b59af74465d25bf85817dd487d1176b6b55813d9Virustotal results 44.26% Heodo
2020-07-29info.docdoc 3448b0512e1a0c8ec1d49cd9975755a1dab0622d094c82733af6b0c04c1c1abaVirustotal results 44.26% Heodo
2020-07-29Archivo-2020.docdoc d9315d4e23fa9464769d3b149de3bff285ec97ae7aa1b5e8c0a3fb8a80e86494Virustotal results 43.55% Heodo
2020-07-296851697.docdoc ae55f67659dd8f44ccb77fc51e56174eadb421dab3bed4f02afb2dff2c783934Virustotal results 44.26% Heodo
2020-07-293701 072020.docdoc 53236b0c820aa4108bba6680f4fdaa6ce978bb238f3420053f74424168190813Virustotal results 45.00% Heodo
2020-07-29ARCH 2020.docdoc dd24b2b705b23cf88a3a474fd9158b20f4de5128e0e8c263b52d6a7d8a8981baVirustotal results 45.00% Heodo
2020-07-29Documento_2020_711-4697908.docdoc cf836dbad525242ec7584b4d5c170887ce5140b54baf19d04cee64cf4a9a2c99Virustotal results 44.26% Heodo
2020-07-29Adjunto-2020-VK_0832.docdoc c5fe30ccdc224f47c8059f8abf775b896101e8e9d007aa2f41a9071562390b1eVirustotal results 43.55% Heodo
2020-07-29Informacion-072020-WYD_42367310.docdoc 0c080096b6a25db4db3ad88e8bfa7b0c0f5dcc39c0be67d39ef8fed5aa2c40faVirustotal results 40.98% Heodo
2020-07-29file 29 2020 NM_822924.docdoc a9089c8bcd79952f1a685be193816ad0b38833e532bf89a6e1944ba326747a17n/a Heodo
2020-07-28LEB515475 57-5109.docdoc 325920b97d41c998226446ee607fbd82941d96284d94e1f0ba5e209885f36caeVirustotal results 40.32% Heodo
2020-07-28Adjunto_2020_24/9004.docdoc 54a962d82de3bdeb06f38850bc6cb537b3d35c6d95c97b7b1ccbc4948e0fb3e6Virustotal results 40.98% Heodo
2020-07-28ARCH_2907_072020_4-44156.docdoc b08aee092cb3defc671949d65b32da80150ad60e64554f24eb25bea83ade4708Virustotal results 40.32% Heodo
2020-07-28Info_072020.docdoc bd5cbc8583305658dc0266f8fbfced9e57e41d459fb3120bff3df95fcacccba9Virustotal results 41.67% Heodo
2020-07-28Info_072020.docdoc bd5cbc8583305658dc0266f8fbfced9e57e41d459fb3120bff3df95fcacccba9Virustotal results 41.67% Heodo
2020-07-28Info-2020.docdoc f37ae711b262ab3caff91d44e0ef517c066e9eafcff80cef84ac904d8efad0aeVirustotal results 40.32% Heodo
2020-07-28Mensaje 2907 RMJ_2288544.docdoc b6277264511a02af2111a576b9bb860665865b9fbdf30b99add2b0f5aec1f307Virustotal results 40.98% Heodo
2020-07-28Datos 2020.docdoc 512cb67ea40e81f91dab3435a017a749de9037f41a74c93505f0d6b0dbdd69daVirustotal results 40.32% Heodo
2020-07-28Adjunto 3/78322.docdoc e1b5563d7cab0b153d4f5c25faceaed78fe39f3310de6e84c4e111ef5a6bf3b1Virustotal results 40.32% Heodo
2020-07-280128-2020.docdoc 9105db623fde6fadcd51e258a21e1e0f15747c2f86dd1305467fbcb55895fdc9Virustotal results 40.32% Heodo
2020-07-2818.docdoc cac82767427ea3ebfc0e8f64c5f3d58bfb5a97ba333bf935631b378ac7e0378eVirustotal results 41.67% Heodo
2020-07-28Archivo.docdoc 520dceda4d730597f5aff75722920634f8ab6da43c38382e2745d664faa65b6cVirustotal results 41.94% Heodo
2020-07-28Arch_2020_HEX/584979.docdoc 4fa3db5f1db73e8a740c861d684c92f641076801c8430193e022a01e1e44ec71Virustotal results 41.94% Heodo
2020-07-28DAT 072020 7-93578018.docdoc c21f42935d235f3eb3bb7c37df37484273c3b7a5b83b8de3c5187150df25a3dbVirustotal results 42.62% Heodo
2020-07-28ARCHIVOFile 2020 MFZ-14477564.docdoc 7c91ca6956e0430bc2d4abb390650f3b92961c93f12f0d1da0410d68da768d81n/a Heodo
2020-07-28Adjunto 072020 4215.docdoc 2c08dd8d76220e75360438dfc6211357fe013525c32c839df3070b40d0f211f6Virustotal results 45.61% Heodo
2020-07-28INFO.docdoc 75e56956026c96623f0bf37ddf77f557ee8a7a67b66dd78ce46f9741d6eb0157Virustotal results 41.94% Heodo
2020-07-2809091_2020_59-603724.docdoc 951647176f6bd4cc42c106ebe9e5a386a6a5213ba218d29c5e0b8b7c7ecac82fn/a Heodo
2020-07-28ARCHIVOFile_2807_65686.docdoc 1151e7ac96e0e3b70a1ffaee5c9b97aa4aed6e2140e17ec6799b568a578c2870Virustotal results 41.94% Heodo
2020-07-283209901-2020-758/66526.docdoc 683a2ea0b3953d097f3252a5334c7651d31c5fbe2264867e637cd30cc20140b0n/a Heodo
2020-07-287525 072020 403-07731.docdoc 7062f6009b062252fc3dd1ea29d46265a166398e42cd997b8a8f72b1bb231350n/a Heodo
2020-07-28ARCH.docdoc 158fdf3094384b4ecf3ee77431720a6bb83c64ec46654f962933020abcbcf008n/a Heodo
2020-07-2853009_072020_90/4769.docdoc 908a0bbf1325c3cf140c6919b3956ceb806b6bf72eb154c28728e90e0cdb5739Virustotal results 37.70% Heodo
2020-07-28ARCH-95/6523.docdoc da39c8cba72d0e21b873c18e2717dfa3514d955ae45232c1896fae95b36990e3n/a Heodo
2020-07-28W118601 072020.docdoc e5f6a20cc4552998abf67e0a471984fa25e7b9d712a9df15094e120db72a334eVirustotal results 39.34% Heodo
2020-07-28010.docdoc bc8ed220d589f5b992b17855748e438261a53484daa608dddf8def5be64e0804n/a Heodo
2020-07-28INFO.docdoc 96b92a507285aec2864fccdab3cd183d2a4fda565c812dc189511a085c96f0bcn/a Heodo
2020-07-28DAT-28-2020.docdoc cc3a8745c156028bc6398c95a8cc04ab5c49680b413566682103ca41e8816061Virustotal results 40.00% Heodo
2020-07-28265079 93037.docdoc c9edcff144b42d51f5e3fa6a6b81bc616a2569a9273535ae31a8d529f1494c9eVirustotal results 41.38% Heodo
2020-07-28Informacion.docdoc c886af6a164ef32164d83f2dbaa1d353aafb9289858ea9bb2e78674b4ed9e632n/a Heodo
2020-07-28Datos 2807.docdoc 49a829db25a031f897c810bec82adf3f2af0166b1d5043dcec07db0ba72546b0Virustotal results 38.71% Heodo
2020-07-28ARCHIVOFile 072020 KH/721717.docdoc 0086265c2f4da7654f02494ee0cbf199fc621cd86d4d0b7ed80b5af62252209en/a Heodo
2020-07-28Info 2807.docdoc d50606e53c27b5e7138d2be53d6a9a60ff578c5435394e7abd8692d19a31f013Virustotal results 39.34% Heodo
2020-07-28DAT 28 2020 92626656.docdoc acec963e779118129ab1450f03547773c0d1cda2ab9743f070195752d1c74ae6n/a Heodo
2020-07-28Adjunto-072020-J/9152.docdoc 9b99486eed10794305fde884a8485b04d32bbf215cc45559bcd7e74ff2a753d6Virustotal results 39.34% Heodo
2020-07-28Datos WO_89839.docdoc cf18e1a6342f94e888186b84b0c81c120ab3cfcb3023234fc4ae013dfafe734fVirustotal results 38.33% Heodo
2020-07-28FILE.docdoc 1c648236392b6af46a065a1053a547456076ac083b0ebe9c699d8511ccc2af69Virustotal results 37.29% Heodo
2020-07-28Datos-AVF/7100.docdoc 98512d3cdde2d7ee7c25a7498e0b82cfe878002aeeb60bc8d9c1c77aa8230541Virustotal results 36.67% Heodo
2020-07-28Datos-2020-861/59214.docdoc e4f202476429f6ff5d69372983be2a0efe9e6ee8dfe8f2f466d235974421b2ebVirustotal results 36.07% Heodo
2020-07-28FILE-0/160013.docdoc 9a607d7180b06b7e61ac102458c6319f79e974e4bad33d27ee757a66c18f7f11Virustotal results 36.67% Heodo
2020-07-28mensaje.docdoc c777c2cbf20f13d04f0e4c21bd8ba2bc44cea5e4b2992ae58a6d6dfe6fb53465Virustotal results 43.55% Heodo
2020-07-28262095_28.docdoc 6387bc4484750efab15cb9bc530a51f91ce86e20e43c10d496b70b4e3afd99bcVirustotal results 44.26% Heodo
2020-07-28Adjunto_2020.docdoc ef6ef0f8ef438897b207562f0d8b11883e9f757636f1a59848d19d93549a1eeeVirustotal results 45.00% Heodo
2020-07-28Arch_2020.docdoc f17c0f459fab0492c863e99c1a5792ad48d11acddb5e049a6b4c39f99ce8b344Virustotal results 43.55% Heodo
2020-07-28ARCHIVOFile 072020.docdoc 5d30cf78ec026213975d6d3450f121e6eeaa19836c38bbdccb18827071c6aa45Virustotal results 43.55% Heodo
2020-07-28170_072020_8/34433720.docdoc c2c286c513606c5ebbc5bad98047dc2c6887966b0a3e972c7fc53bc25e1584beVirustotal results 43.55% Heodo
2020-07-289373036-2807-072020-LU/5472.docdoc 6f752dcbe61a11bdfe7b1b0d52104ba5efec6539f9588696876a091ae7feba58Virustotal results 45.00% Heodo
2020-07-2800-072020-UKQ-71897.docdoc 21dce6efb379371051277359737d8c090f5bd3feb2322f04fadc8c1da068432dn/a Heodo
2020-07-28WL262681_2020_061-2253.docdoc 88f424caef167c363184d8497774224063f29ad00f73366ac8d1cfe921b19741Virustotal results 44.26% Heodo
2020-07-28Documento_347322.docdoc 3117731e93abddbeef527b2dd61a88aef23e0ff72b289b0b92e56432b31f3b3cVirustotal results 44.26% Heodo
2020-07-28373_072020_HTI-05796.docdoc ff97460ec476ba0b1dc6bf5044dc590c950725e79412fb75bcb38f37bf94e227Virustotal results 43.55% Heodo
2020-07-28file 072020.docdoc 0eac07138b228f378cdcf932ae99d43434a3a644db3255f402e18a63335e9ff4Virustotal results 44.26% Heodo
2020-07-28Datos SJQ/53155.docdoc d579e990b4b7d3f7232f569d7bcb7f6f783d8019f52490d87a83c675e80570dbVirustotal results 45.00% Heodo
2020-07-28552970-2020-PZC_8487.docdoc ae7f037dd7436f637bbb6f62f4a44f2dcf5ddbe56fa25edd87e054d203e34d27Virustotal results 44.26% Heodo
2020-07-28Info_072020.docdoc 9d32f23c8c61faa7b6ae9f24670750fe5414927f4755d59c5bb178b8bb4e0deaVirustotal results 44.26% Heodo
2020-07-28Arch_072020.docdoc 65750bf28b7d4acf01b9eb045e261c88920a881299f29c97aff7ff4d42be2104Virustotal results 43.55% Heodo
2020-07-2858-072020-Z-1664952.docdoc 8a738f0c09ef1ecffd48c04ce0e800a62aec2caaf3744b21f3a90bc56487e8dfVirustotal results 44.26% Heodo
2020-07-27Informacion_28_104_50929.docdoc 80c2733aec99f5aab73c4555949f84ae4ebf7369955d07fa9a0c4a8d06265fe3Virustotal results 44.26% Heodo
2020-07-27Info_072020.docdoc 89c0676d70b229ef63b2b04b4a00aec67e5b583e4d8ca3eb06434f7fffae1dbbVirustotal results 44.26% Heodo
2020-07-27MENSAJE 072020 47/64433693.docdoc 110958842970c18b548f32979e2f8dda09be2245e346597e747d1268e4439987n/a Heodo
2020-07-2765-28-072020.docdoc 6318006343841f00c3c81c36a2259fc2744780c8d0ea1de93d8920116f8dd2acVirustotal results 43.55% Heodo
2020-07-27Datos_2020_3-14737.docdoc d5c02f77a90c627c04faa9dabbeb7271d11a7df0749d07af987994c830ea0657Virustotal results 45.00% Heodo
2020-07-27Adjunto_28_072020.docdoc 1a96354d5160003954ee2b2cda62e5aeb5d637ff5783111aa169ec5c84b4a422Virustotal results 43.55% Heodo
2020-07-27ARCH.docdoc fa3daccc5bb500ad9b60a7054441ea832c9f792285acbe3dfdb188763bac9019Virustotal results 43.55% Heodo
2020-07-27mensaje_2707_I_87133697.docdoc c5bbf4092543589c22f0825343fa7ce06916a0f4a79eead16b2319086e03753eVirustotal results 41.94% Heodo
2020-07-27Mensaje 2020 7-61255999.docdoc 634731a2765578bad80e3cf351ef63fdbe03ca53bce6ec8687b8e13b75ad9bc0Virustotal results 41.94% Heodo
2020-07-27ARCH.docdoc f931ecdd63fddb3597805575a952305d5133e29719432007fbf0bf2d37e0ceceVirustotal results 41.94% Heodo
2020-07-2712-27-2020-3/9784767.docdoc 65bc27ac659338c83741ef7a00c599b3f1ecf6c307dd84f27eb5c6487f2257e9Virustotal results 37.10% Heodo
2020-07-27Datos_2707_YFB-681510.docdoc dee964f3eb065733c0d32ba6cc16b04fdb9a15d2c6fb04ee22666cfbd5679b99Virustotal results 37.10% Heodo
2020-07-27DAT-PI_6995.docdoc c95c6090d09b2bf633a11416fcf5b7793e2e36ff56f7324d043fa17731018f8eVirustotal results 37.10% Heodo
2020-07-27Arch.docdoc 75af9f618187e9e35ba6a45e94f3354542bc1d6c96ef9f77032c1a134719d786n/a Heodo
2020-07-27Datos.docdoc 8fa61c14b58506dfe1b7a3c3c12fd9c1f2f04a9bd6dcaa601e0abbad0fd5407eVirustotal results 38.33% Heodo
2020-07-27Info-27-67/8696.docdoc 2724e74f2e646517bae6fd23be4ef265cbd04e28b2a8238f81ee1d0ce0ebe8b7Virustotal results 36.07% Heodo
2020-07-27info.docdoc 12640f681aae67bb84177408d00d8b24b3427fb85efa12d176c943942b07e992Virustotal results 35.48% Heodo
2020-07-27546920-2707-2-65120070.docdoc 9dd13bb601afbcbe03fed0a99989e254717b41c6b831355db9de12ef0e4d938fVirustotal results 36.07% Heodo
2020-07-27537458-2707-2020.docdoc 913be8d61bfdbdeb2f1aa10c49f6544a4d2197f63b54091e84123912f00d258fVirustotal results 36.07% Heodo
2020-07-27Adjunto_27_2020_203_85309726.docdoc 3460f0592a41ef9b4590e874f0ccd62c553c91b4db676ba2adee16775379457eVirustotal results 32.79% Heodo
2020-07-27145_072020.docdoc de789cbfc5169d49474acaac683d4bf3b7449dff7bf55258fbda7eb007368ef6Virustotal results 36.67% Heodo
2020-07-27XN09424.docdoc bfca279bb8db5d556ef1272ae6d22e8974a474312b200d0b53f4b3af79e63a6aVirustotal results 34.43% Heodo
2020-07-27FILE_2707_AJ-29511472.docdoc 97d97623838ca0309b52374cbde712237cf5dbc88231ca253ec423645d49dd88n/a Heodo
2020-07-27INFO-072020.docdoc 98c11a216bdc4d5e83ebf6c0d5302d5947a9e15469c2f1cce3f772cb6a7e6f10n/a Heodo
2020-07-27Documento_WY_360529.docdoc a911a65d3a705d3dadbeaa13d2ac9f652c8e8980b4ee5a84870c360c57ea351aVirustotal results 35.00% Heodo
2020-07-27009 2707 072020 S-91686417.docdoc 29e44bfb19aab7ad4512bd7070682c8de6f6336b3edde32f2d853c0cc20d6fddn/aHeodo