URLhaus Database

You are currently viewing the URLhaus database entry for http://performanceactive.com/xsell/OCT/6255965737760uwmoylv2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	420619
URL:	http://performanceactive.com/xsell/OCT/6255965737760uwmoylv2/
URL Status:	Offline
Host:	performanceactive.com
Date added:	2020-07-28 11:06:09 UTC
Last online:	2020-08-07 03:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-28 11:08:02 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:	9 days, 15 hours, 56 minutes (down since 2020-08-07 03:04:44 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-30	DOC_4HIA2SGGQBCE1.doc	doc	18190f715f0c05ac6e28e0fa78c58fe7a1f6a0733be72ea6494e4340611c2194	40.98%	Heodo
2020-07-30	INV_YTE_070120_DLN_073020.doc	doc	00812e8bf247cc4740941ed973f367678110761be944eef39e69217fc78412cb	41.67%	Heodo
2020-07-30	Q_IDD2KG1RVVKYD.doc	doc	fc6275a02a2f5f20f9c833dd916d5180987e67d941c5b7cbd14e09f66e4147d8	40.98%	Heodo
2020-07-30	R_XG5674622710CH.doc	doc	beb8b4ce59c55378b8be7421c85d203146858f1b7470942590d417ad208b02a7	40.98%	Heodo
2020-07-30	F_W8FHJRL3VI.doc	doc	ede4d3f3f62948285291afc16d31abd1c17c5f9db3ceb0e376151913977749ce	n/a	Heodo
2020-07-30	19583111.doc	doc	2fa814dd0c5fd6baf41a1dff861eee948734721c6155c4812ca40945d7432a07	40.98%	Heodo
2020-07-30	BAL_588252549727743.doc	doc	fd2c870bab01edcb6af885cc070a9ededf595bb1b3613b83fb9313a3caf5e014	40.98%	Heodo
2020-07-30	RS6500193959DB.doc	doc	fd052d7b77fd112247dd93e3ff96b40e88c95d0cdc0adb5b81a49e91d5fd754d	46.67%	Heodo
2020-07-30	XINV_ESG_070120_PES_073020.doc	doc	5c46767fc0c57e8f2edbec2b4ec57ea8c1e3b2f070b4a79e786b15f28ceeda11	44.26%	Heodo
2020-07-30	INV_PO_07302020EX.doc	doc	bc06aea71e46ed5e64ca7cf24f3b794f46b9371d1df13696a3dfe4096a3bb6ac	n/a	Heodo
2020-07-30	REP_APVIA1MA9VXQXOX7.doc	doc	13e73da4adc126fa03c4f6e776fd1e257e0f3a50809ad6b9402d9498da8a5ad1	45.00%	Heodo
2020-07-30	REP_PO_07302020EX.doc	doc	d643b83d5c405b9ec31fc661b83e10d495518afe7ab286b15c07bccfc7490614	45.00%	Heodo
2020-07-30	REP_02434039.doc	doc	876916b9592c5282a236605b7027f048d30f6b75e47dc12e7d5687f27a3e58e7	n/a	Heodo
2020-07-29	FILE_82852384.doc	doc	ef354afa479fb3c2a19622cee6c8b67e9b54ff16871ace2f97bf8cf992883da6	43.55%	Heodo
2020-07-29	JV6276923909EN.doc	doc	89b8e39fe7d385d95028dd98f22acbeab0045bf3be2c62108962316db2ec19c6	n/a	Heodo
2020-07-29	61190703.doc	doc	67c5a90d4ee5e1cc1015bde3eee2d7e55f0d79c96418c74824260adc38c28ae9	44.26%	Heodo
2020-07-29	BAL_343340403201751105.doc	doc	ea1d07ae55467195b610358c91f9d4cb4f280d055e9a86158339ca3bdba8ca15	38.71%	Heodo
2020-07-29	VAE_070120_YOR_072920.doc	doc	85586aed0ec99352b1a7641827523f66047222df673d56eaef2318e8cfe5d325	36.07%	Heodo
2020-07-29	27280845598.doc	doc	9699d65df4c2fe82af8b8dbfe2a0b1165432346f1be0417429b127a7d7346558	36.67%	Heodo
2020-07-29	BAL_PO_07292020EX.doc	doc	38c7641f84de0551bd18ecfaebf19f21d99a1e740b6dad360238b096124e87de	35.48%	Heodo
2020-07-29	14264732.doc	doc	bf3fd8c2ed0676122a6ef0ba1e01f28237e3b6f574b59b11d03a75cc5c683248	36.07%	Heodo
2020-07-29	XFF_070120_MHT_072920.doc	doc	018beffb57923eb38dac054bea5fce0c4e9aca87f1971e226c7a7bacad5606b7	36.67%	Heodo
2020-07-29	NY9431963299NY.doc	doc	ac9e2f9c90f1ed60a92877da43dca2649167e79de7a185a03fdf6870ae5e771a	33.87%	Heodo
2020-07-29	E_3020871375003400.doc	doc	4a406747cc4af71f72229df7ddbd5c6858984101d67e93ab864273cdff151823	n/a	Heodo
2020-07-29	REP_ZH1757638964WU.doc	doc	c2ac2bba78f3f27d36a97f527237ad4454b85b03bd0d8a1bd3c47c161c99aa5f	n/a	Heodo
2020-07-29	DOC_13918976.doc	doc	9f9215921096d47043aaa2f2bba439f4279458c4a60bc192ff0200ca4ecd1a07	28.33%	Heodo
2020-07-29	FILE_13030878.doc	doc	ea0c4bf37a77d48ec55e6fd331d26c6efd0c643194ff2c6919b8f975f0562e7d	n/a	Heodo
2020-07-29	G_952930349.doc	unknown	35882c33b875d15f1c62d995a525bdbf80355da1abfef138e5b369c5543b2ac9	n/a	Heodo
2020-07-29	W_AX3883679250EN.doc	doc	d760a46487725541e8c44463c4330d83efb97f55a550e307000db217380797e3	27.87%	Heodo
2020-07-29	INV_92002974.doc	doc	de26db90a47a147773f2f26730984929f9a89483907f77015ea5c5a20236183d	27.87%	Heodo
2020-07-29	INV_37053047.doc	doc	3ff753b8bc5e2168abf096605061a3a0791cd60801a9b7b35a89744ea362c197	27.87%	Heodo
2020-07-29	INV_CFN9M897.doc	doc	7492ce7e990e0dc53f8108d30122c4b86311af2b0ed423b25e42e0871fb2f0f2	27.87%	Heodo
2020-07-29	VBCP_PO_07292020EX.doc	doc	c973cb08af272436c10c7665181ab3cb5ca566f5ddb70644ca92882b87d2b29b	n/a	Heodo
2020-07-29	Q_OQN_070120_XSF_072920.doc	doc	9ab92090f841355a66c7a8807dd706180f5326f0ac8711a80b36953821641740	26.23%	Heodo
2020-07-29	INV_PO_07292020EX.doc	doc	95ddeb5b478660d0b266b024dd44aebd724fed9224811a72568ad27a0d3de832	27.12%	Heodo
2020-07-29	0VF99VRVRW8BPJO2.doc	doc	4dbbad92c8a96176270226654745d40e4df036d5e94064fa8784f48fb3124b7c	27.87%	Heodo
2020-07-29	MT5369145050VD.doc	doc	a1774a6485655119ea70b0979992d361b648420fb0b003439e52adff57c241ba	48.33%	Heodo
2020-07-29	21061201.doc	doc	63b027fb3e70f8211fd1d27de7a473d4a8e4d4f7e19774275ac6a60f8b6e5fcb	50.00%	Heodo
2020-07-29	DOC_JKMDTQ3KIX.doc	doc	9e3690a0a71dc239833dddc5b2aa94983eec61d88a636aa96f12bcfac9898592	41.94%	Heodo
2020-07-29	49347305.doc	doc	8592e77c1c48d939b205ebf81fe0b5903ed8d37d9738f02db0360c37442133dd	40.98%	Heodo
2020-07-29	PO_07292020EX.doc	doc	feea2193fa8429572e0d346487c4e58bffd2c6cfc320d05054411a8df5c3e0d3	n/a	Heodo
2020-07-28	Y_16482168.doc	doc	3b22de2133662d6bc3110543625e64f9db12f61bd4b994f2042897181b970547	42.62%	Heodo
2020-07-28	DOC_01036098.doc	doc	0f3d19d2092e84e52aa8eec6d932f177849ae15bd1febf920b40e980de9aeb97	40.32%	Heodo
2020-07-28	ANS_070120_NVX_072820.doc	doc	5f8afeaecb819560a5cebd56fc5eeba473f564b4dcc9cbd45858c7f2c372920c	41.94%	Heodo
2020-07-28	BAL_WTX_070120_SRU_072820.doc	doc	271265337665d4b6dcfeba3d1e2acf6de92e94f23c3c82b272dfac52c38fa571	43.33%	Heodo
2020-07-28	N_PO_07282020EX.doc	doc	d2cda43e36e25599ff5b2db7bed64985a55b6d99a7238942028a2fcc4acfa3d3	43.33%	Heodo
2020-07-28	BAL_LPG_070120_DGN_072820.doc	doc	9c8f04c408fe3170c3f9d50092fa7bc79b072ac1bfe7c985dd2887d8581242f0	n/a	Heodo
2020-07-28	REP_HTQEAXU6PUM.doc	doc	1b9bb9d81eed1ad129c4638a163e37f9053f673136aebb0dca08af3c3460dcf6	40.00%	Heodo
2020-07-28	REP_36043371.doc	doc	2099d5d04c39f86f1da8058861951deb8c6ef875e5a77272709f711e80a3d998	n/a	Heodo
2020-07-28	BAL_DFQ_070120_MNE_072820.doc	doc	aa5f1c9ba21577549daac728f105950663fa787b94f266a50602a7ba43772e99	n/a	Heodo
2020-07-28	BAL_TT6UY1E609HIS2YQ.doc	doc	7880dbee79353af6a070ba20eda972b3ef7abad67d3c309d064ced44676ed6e4	n/a	Heodo
2020-07-28	INV_QZT_070120_VYO_072820.doc	doc	88bea3cf547c2635af27e2c05d6b034f48116570cbf09b34b316c4804b53374a	n/a	Heodo