URLhaus Database

You are currently viewing the URLhaus database entry for https://healinghandsonthemove.com/wp-content/balance/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:422375
URL: https://healinghandsonthemove.com/wp-content/balance/
URL Status:Offline
Host: healinghandsonthemove.com
Date added:2020-07-30 20:52:03 UTC
Last online:2020-08-03 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-07-30 20:54:02 UTC to abuse{at}online[dot]net)
Takedown time:3 days, 19 hours, 12 minutes Bad (down since 2020-08-03 16:06:40 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-31BAL_800863702219.docdoc 3a41d6d1c8f3a6cc5c8df663c33ac3854169a275bed3731c2fa2536de9aae6d3Virustotal results 42.62%Heodo
2020-07-31BAL_PO_07312020EX.docdoc 98c69796d0d4c669225ea7ee1ba6fab9cd3b038014bfcdb4e95b82a7ef96d4ebn/a Heodo
2020-07-31REP_NXI_070120_VJW_073120.docdoc da59a26f771c7a720ed7c690852b971068c090d3fbad6c755e62526acff9dd89n/a Heodo
2020-07-31E_NRN_070120_JGC_073120.docdoc 7689cf53f260808946f1b53dd444210423a975b7fc7754c1fe6b04960286f9a3Virustotal results 48.33%Heodo
2020-07-3124988445.docdoc 4f63994549a6cc6004bbda6c9072b6071efed7bfbebdcb008aa3d13744f9620fVirustotal results 49.15% Heodo
2020-07-31INV_NC3296237098BT.docdoc 69549e15d0480107f2a5ca43102978b553f7770cfa252455a1e34be53f8bb6f9Virustotal results 48.33% Heodo
2020-07-31REP_FW7I7YBU6M6VAW.docdoc ba5038cd1699fcd67a0053b79048fff5b473165426cecff97e8b2f0a60057522n/a Heodo
2020-07-31FILE_5DZJBVXQBJC8QVT.docdoc c433371e8083d2992d2b56e8c6e0ec027e6096daea3729e250cd30c75ec68052n/a Heodo
2020-07-31N_PO_07312020EX.docdoc d5b15e347188c06c7829b732280cf56f551f62cbe17ca56b9cc96f5a083dda23Virustotal results 48.33% Heodo
2020-07-31T_PO_07312020EX.docdoc 49607420463039be83e2fef6d13b6998ba5829ba255f017c28ce9fbb5f45487cn/a Heodo
2020-07-31DOC_5788991597.docdoc c3ee2087183e8fc4fa6ad487d597d161b3bf5d8c3fa9b042f081d0c218d87931Virustotal results 49.18% Heodo
2020-07-31DOC_PO_07312020EX.docdoc f83d7820bb180adcbf234472afa88b0b1c5080d98c454704b13537ee050ca429n/a Heodo
2020-07-31FILE_VZK_070120_NUT_073120.docdoc 8d7f5cd06bb06193bf56a6084659355f3087b32118304efa7f736950c5c3224dVirustotal results 48.33% Heodo
2020-07-30Q_YID_070120_MHL_073120.docdoc 226d9689fcf84f7cf9decb14e3b58a86f7f82df4ad2646632444f63095544015n/a Heodo
2020-07-30PQ5121248947ZN.docdoc c36f82ea105cba4a44f73acab1118437af3aab1d9a0f306fad8180ed6fb20205n/a Heodo
2020-07-30M3F6Z86RJ7.docdoc dd4fb6c70656957415214f04b8140c86f59491dd53c396283d1968888e5a48fbn/a Heodo
2020-07-30FILE_PO_07312020EX.docdoc 087d886769130e2e66ae3c58ffae09a89067b34644d00e1b033022da3f23eb86Virustotal results 49.18% Heodo
2020-07-30INV_198796865997014530.docdoc 6021073b6ea70ee11cd7e0ed9870576731cf122279533ddaa21ff9a37be8ff34Virustotal results 49.18%Heodo
2020-07-30FILE_EIEV54S5MLQG7JJ.docdoc 938eef5af1fcb36268d2fc14becef86e477ea0ef1c824fe19c450453c5499215n/a Heodo
2020-07-30PO_07312020EX.docdoc 50237ce7bab432ebc9fdb9c0b9b8764d40d62f59367f6c32fd67cdbd428a7ca9n/aHeodo
2020-07-30BAL_PO_07302020EX.docdoc 9c61c0b32def61a884c5bc2f2ffe498b042ec64e3b3cedfc7666e8e830872a1aVirustotal results 50.00% Heodo