URLhaus Database

You are currently viewing the URLhaus database entry for http://imdavidlee.com/wp-content/gnwl7ww5xqwm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below may have been used by bad actors to spread malware, the URL seems to be clean for a long time. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	421359
URL:	http://imdavidlee.com/wp-content/gnwl7ww5xqwm/
URL Status:	Offline
Host:	imdavidlee.com
Date added:	2020-07-29 11:26:10 UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	No
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-31	CCUW_30857756396.doc	doc	98ee1381f134eaedefa2baef746295a547b2a4b7468ffbf5a9834e65a71c7c8e	n/a	Heodo
2020-07-31	KG4183233558FZ.doc	doc	fc3c1f705804f55dc1f8b04d0b13754b08fb42b0b18ad84507df6c8c00f9d946	42.37%	Heodo
2020-07-31	27031497.doc	doc	9c184a50a28234ea058519a136d7e474a3e8fa0d75828d3b5167ff02cbf87b8f	40.68%	Heodo
2020-07-31	FILE_PO_07312020EX.doc	doc	d16b927f320789a0f78711597d65115dbc22b1b12ff7b3c0d1d0cb50dbb6374a	42.37%	Heodo
2020-07-31	WJJ_070120_PDZ_073120.doc	doc	e3ffa6100001a0b693fd8e169864c93f0a6fd4c1d3430e669cd053d7fd344c8b	40.98%	Heodo
2020-07-31	PO_07312020EX.doc	doc	8afe98872ea0efe6299cbf4f831ad02539622489b559304862d2a460cfadaa48	41.67%	Heodo
2020-07-31	VPE_070120_ZOY_073120.doc	doc	7689cf53f260808946f1b53dd444210423a975b7fc7754c1fe6b04960286f9a3	48.33%	Heodo
2020-07-31	FILE_PO_07312020EX.doc	doc	582a1cef0fa903d6e306172892c6ec7fc72bed9ac3fa49364da864273c260db1	n/a	Heodo
2020-07-30	WBXL_JWV_070120_SGR_073120.doc	doc	29bb463a499d45a2b27d4f278b883361ed66aacd2f6184c93f79f9ba5df2fc53	50.00%	Heodo
2020-07-30	48570619.doc	doc	2d012d692c59e956fc3552506e7371b94304a7a3521e61a693ad3309cd6d12f1	49.15%	Heodo
2020-07-30	REP_90703735994387910063702.doc	doc	9c61c0b32def61a884c5bc2f2ffe498b042ec64e3b3cedfc7666e8e830872a1a	49.18%	Heodo
2020-07-30	INV_17592921.doc	doc	b3c476526978c5ce2f22627e47f21fdd3a16f03b166965bac3be05ca29b80575	n/a	Heodo
2020-07-30	INV_0PVDLP0INBL.doc	doc	af343e685d3c5d32a0336f1e4fae3d77e6ef090ac8dd238150bc8b56cb8b5239	48.33%	Heodo
2020-07-30	BAL_PO_07302020EX.doc	doc	b7c80485c06d98376a33061daffa3a5da0b493251d67b50832d2dff57354ff87	n/a	Heodo
2020-07-30	DOC_375789838447271004.doc	doc	07e776c54df1af3395854812f0a6b7915acfa69f07c466e088eab9655d99d886	49.15%	Heodo
2020-07-30	INV_PO_07302020EX.doc	doc	c84cabbddd69bdc825d121fd233f8f07c123bf60bf294b6fd253506e21432501	45.90%	Heodo
2020-07-30	FILE_8JRUKZW.doc	doc	b4891111091f062e79d0ee997b7422c1681080f74a0d0b14dad258caf0e1c162	43.33%	Heodo
2020-07-30	DOC_CXP_070120_IZI_073020.doc	doc	5dddb0f8334f1eee3b80fdbcb7f9f503331b2611e2a48edbf29f1bfc2f9ac586	n/a	Heodo
2020-07-30	1L3ZVJG4VO1MR2.doc	doc	26ee82fd3c7a09364a517fc987720670881990bcf6b7215b6032a3895a884793	41.67%	Heodo
2020-07-30	IH8050306418EI.doc	doc	4aba2e5191d8c4ecb8bd1d24c7032629caa3eb84c7d1399b103f99ac43c00f7b	42.62%	Heodo
2020-07-30	REP_AX7850179705FA.doc	doc	6dd19eefd49748972e3b786c5f0bf83bc9686e1a74b67dc286cfbc09224ec503	40.98%	Heodo
2020-07-30	057511353346.doc	doc	83df298646a7ee7eb341e606b340fd4daf3c0bc2e3d1f7003509e9cf2a155616	n/a	Heodo
2020-07-30	FILE_XBP_070120_VGW_073020.doc	doc	93d7bd64d847e2401e73045f5f3b1e714a1d0251a00934d7cf7b266d82931921	45.00%	Heodo
2020-07-30	REP_67709169.doc	doc	bc06aea71e46ed5e64ca7cf24f3b794f46b9371d1df13696a3dfe4096a3bb6ac	n/a	Heodo
2020-07-30	3SKEXLL9Y4.doc	doc	13e73da4adc126fa03c4f6e776fd1e257e0f3a50809ad6b9402d9498da8a5ad1	45.00%	Heodo
2020-07-29	H_9813730964.doc	doc	cb4750ddc6268762d29e9a7f31c375291ab9212cb5fb7f237b07610277735637	43.55%	Heodo
2020-07-29	RZR_070120_BSR_073020.doc	doc	0bb41da3d7f6f972f06276bd500f8c8c520928871f48a3751835a23497658939	44.26%	Heodo
2020-07-29	BAL_EKF_070120_FEH_073020.doc	doc	4c150acb0d92b9e8436a9f48659b5b8a5292e85a18107f3b9479ae8918619bfd	44.83%	Heodo
2020-07-29	REP_5904471964.doc	doc	ea1d07ae55467195b610358c91f9d4cb4f280d055e9a86158339ca3bdba8ca15	38.71%	Heodo
2020-07-29	87J0V22T0VBKS82.doc	doc	9699d65df4c2fe82af8b8dbfe2a0b1165432346f1be0417429b127a7d7346558	36.07%	Heodo
2020-07-29	PO_07292020EX.doc	doc	a1337b78d948a4c579b396e2c35ae69111e6af596065944b6730552491a80d21	35.48%	Heodo
2020-07-29	LY2117649124RJ.doc	doc	16f48852b646cab90797038aae4ecb796a246b881639100a6535548ab71c5923	n/a	Heodo
2020-07-29	XH_WO8626351984WO.doc	doc	654835f742e937f66d6567d0bcca1a30e828fa5f56db1f432cc54901d7222dc1	n/a	Heodo
2020-07-29	DOC_1PZ8IKH7DZ6.doc	doc	05612fc5c4f0acd9a581eca6977bc24478a500aa78b12f94579a7d056a9282ab	36.67%	Heodo
2020-07-29	PO_07292020EX.doc	doc	018beffb57923eb38dac054bea5fce0c4e9aca87f1971e226c7a7bacad5606b7	36.67%	Heodo
2020-07-29	INV_HYJ_070120_NHM_072920.doc	doc	50b748b79bdb99370387508486bfd607f302fac6a15eb7e899c6d07c520fa245	34.43%	Heodo
2020-07-29	RJB_XUHC704D86OQJK.doc	doc	9e9bcedb989bda32fb610816c436af0667eb5c22bb6a3d20fb4bd426dbee88ad	n/a	Heodo
2020-07-29	INV_PO_07292020EX.doc	doc	c2ac2bba78f3f27d36a97f527237ad4454b85b03bd0d8a1bd3c47c161c99aa5f	n/a	Heodo
2020-07-29	BAL_59687238.doc	doc	6fcef674d71a2312e60cde434fdbd6632c320cfe7326d26463e3caae788de434	27.87%	Heodo
2020-07-29	DG4055160768GX.doc	doc	5a959afcb67ab697d8f53e2e91f7424fb274bee1600360681f6b61c26e377fd7	28.33%	Heodo
2020-07-29	RUHW_FD5412850386OQ.doc	doc	86a19d14ed46ea211980091b62fc7f000d5c8881d4d34dca2d35f8fb35e00a4c	28.33%	Heodo
2020-07-29	INV_RJD9BJPW7XTXZ.doc	doc	85f5f165c013ebedbdf66b63720dfb1604b37f17bffa05a46cb46d229f19bf72	26.67%	Heodo