URLhaus Database

You are currently viewing the URLhaus database entry for https://bangkokcityjewel.com/cgi-bin/ag6884ym/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:426383
URL: https://bangkokcityjewel.com/cgi-bin/ag6884ym/
URL Status:Offline
Host: bangkokcityjewel.com
Date added:2020-08-06 15:51:04 UTC
Last online:2020-08-28 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-06 15:52:02 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:21 days, 9 hours, 36 minutes Bad (down since 2020-08-28 01:28:50 UTC)
Tags:doc emotet link epoch2 heodo link Quakbot link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-18FILE_67227612.docdoc 274a4a43c73146474792e4027e59c62a74d50880eb7ea20bb84e40abf6df99acVirustotal results 63.79% Heodo
2020-08-07FILE_24259261.docdoc cb11b1caf24c2fcb7392f2eebaca5b10cc06dcd73edb88a8aca3bd89e80bdfe7n/a Heodo
2020-08-076TBTT39PE9ACJJOG.docdoc dabb3f4f3ae3da4229bf916e441721824d55fdf215943ef573664f2e6ab24e54Virustotal results 25.81% QuakBot
2020-08-07604769260.docdoc 12c13b352ba28fe4d4f492f9938a727d01596e908b438e160f970b716ef350b0Virustotal results 27.87% QuakBot
2020-08-07RGK_080120_TRJ_080720.docdoc 8d55b8a46ec6f0fbe33e6081e392bfdec82b3f59ad1754c6fbf88013dd55691dVirustotal results 26.23% Heodo
2020-08-07REP_EYW_080120_JPB_080720.docdoc 22dfe0c94909b2d896f1e8fc556aae5ebe6f0e34e855052507917fd0211f6af1n/a Heodo
2020-08-07DOC_UFR_080120_CYD_080720.docdoc 39f54a264c6f06a36935cc3416dff1e8e83f2c0dc205680966c8510c9dac7fcdn/a Heodo
2020-08-07REP_LJ3740489560KC.docdoc 266f1dda33c84e9fe52431486debbb7854deb10b46cd1f6be9b2fd6bca527e99Virustotal results 24.59% Heodo
2020-08-07JSNUEL56240S.docdoc 22c64ac7a89ab8a195cf01ac7fe65b95cfb560eb85d98fe16f7b5b0e5db27538Virustotal results 24.59% Heodo
2020-08-07REP_08773527389048745797021.docdoc b672f5abfd74991cf8744157fc0642f98c9e09c872d637548b932582b74cc4b5Virustotal results 22.58% Heodo
2020-08-07REP_I2LJY9I8Q1WPWE.docdoc 7a9aaf7c88beede675f2bfcf41eb3465eb7767b67ca8dde58ab2af7021d1cb4dVirustotal results 24.59% Heodo
2020-08-07REP_PO_08072020EX.docdoc 8ce364928dc868c937733a95a34e468073564c6cd0ba8210831635ed02af1694Virustotal results 25.00% Heodo
2020-08-07KVQ_080120_BJY_080720.docdoc 9003022268d0174373813a27761795b85bdc4972564810056d592cb380ac81f5Virustotal results 22.95% Heodo
2020-08-07DOC_7Y2KQ6YOG2OO82C.docdoc 848159e2d023ddbb3136a1a30ae91e9dad7900c86b3efd66d8670436e9bbea95Virustotal results 24.59% Heodo
2020-08-07TII_080120_MEE_080720.docdoc 57370f33ff18a79a83e7ab0a2058c0182aaf87d4f996595ed5aecbbd404b351dn/a Heodo
2020-08-079248727112719789497.docdoc 92b580f1a19c92e5f54c6a8e881f8b8694aab87b99e79990afba016e9a14dfe6n/a Heodo
2020-08-07N_USP_080120_DBZ_080720.docdoc 14df5a4c49d31640d9608852d16eb2683e5d89fae28185fb7faf8eaf9c1eed54Virustotal results 29.51% Heodo
2020-08-07FILE_95768247.docdoc a38fb2220dd58e6949f5e50459865bc4e17a425d8073b9bc4960a639ef33dad8Virustotal results 43.55% Heodo
2020-08-07INV_PO_08072020EX.docdoc 6c4a14d2b2f97b27137e3c7c90515100c71e1377f33bb71d7a20dac1b545bbffVirustotal results 36.07% Heodo
2020-08-07962955486744.docdoc 6e72a9dc7224bc18a8ee74089430217794ccbf80832bbf920691ec7362a07953n/a Heodo
2020-08-07INV_PO_08072020EX.docdoc 5e89bc017e7a38d1eb536a9e13016e2e817af06107fa55bcdae82bfe5e20b2d9Virustotal results 33.90% Heodo
2020-08-072SCJ2GU1X.docdoc f2407024ce93276967b90d0690236b8d95e0fa1eb20c328084d59bd2f27850e4Virustotal results 36.67% Heodo
2020-08-07SI_LFV_080120_TLI_080720.docdoc cc93f31c0d302e29add795820ac93373ebe03ec88d8bd1480afa134d76b5a0a5n/a Heodo
2020-08-07DOC_UUQ_080120_YPL_080720.docdoc 1f9e33a57b23fbd4e8d3247381170d6e5fffcd2e1da2d436898bd33877057d9en/a Heodo
2020-08-07K_523248740.docdoc 4b1b6f5ab3d49093211eab8cbec1b072cabe87aac46a3079e562b382bee3b7edVirustotal results 28.33% Heodo
2020-08-07M_NN9JSHZJ8H2OL.docdoc e302459e39df80f53582e6613f56b1157f8c198075ff65e2dfb5d69f336e5daeVirustotal results 25.42% Heodo
2020-08-0782686217.docdoc 70bdb576c61fd1465ac3a5c01025bd1c5bc89ac4054c7473b529da4b927c1142Virustotal results 27.87% Heodo
2020-08-07FILE_AC0524025889BD.docdoc eccaeceb3d8c7bd64c70811d74bb4a94d033f558f5d10864b7d9224605ecbb09Virustotal results 26.67% Heodo
2020-08-07BB3715554115MD.docdoc 4d0b28b1f18afa99d908f7a6d885da63d1b1177d75fe27f74fe36397f7b23a7bn/a Heodo
2020-08-07CXXVNV6.docdoc d01c8f6276d006be38cb7a690d45041052dc157de49f18c0539bde4b53bd6a4eVirustotal results 27.42% Heodo
2020-08-07TJ_PO_08072020EX.docdoc 126ac0659681502d22c022b42a39e2cce1bf2cdf60549fe70db6f81d2cdf636bn/a Heodo
2020-08-07INV_10864429506.docdoc d1a9ffa1566f0dc17eaee7771d4b8a88af8c5d57481bdd3d57fc858cdb5faadcn/a Heodo
2020-08-07LA5905348269GZ.docdoc 900718ee868a4b5cbd08d7ace9025a5fcb821139170628df57c44e739a01dad4n/a Heodo
2020-08-07FILE_PO_08072020EX.docdoc afc5a12fb967ae15765a5cf5ea6b23346e63efa7ebf9ea95eb9d368a4d40234cn/a Heodo
2020-08-078629164874698729793277452.docdoc 899c39cce572efb68d609a270a70dd25f3e2ca25c21b41dcf5de57f4ed377fd5Virustotal results 27.87% Heodo
2020-08-06SDS_PO_08072020EX.docdoc b2e1c3ec5988e1bff64d6dee4fbc7f379ef509842572cbd16087d6e68323d455n/a Heodo
2020-08-0620958250.docdoc ebf75695d493b7e4fc6f08fe275fb2fb1acda454ddadff7161de42dec0df342cn/a Heodo
2020-08-06F_TT8313518424PX.docdoc 64dafb54d874fcf098a374328013c97ae0b1f78c8958e2865bb0d7e711db6edcVirustotal results 27.12% Heodo
2020-08-06FILE_99597354620668193417.docdoc b50f11d3c9824d9d8e24907a06429c04aa7f976c1941d149665c477cf46b12cfn/a Heodo
2020-08-068276829709537391142389.docdoc 482bdf529303b816ba84503cf9f6e2b4f339b81d01f1350c3af7565d7ab1f0d8n/a Heodo
2020-08-0680541017.docdoc 2632f54ff03da6748cd94b4dfa7c750dcf28976dc3c60983e594c50cfd49496fn/a Heodo
2020-08-06FILE_PO_08062020EX.docdoc 6404a5a49751db7e1c82b5bdffadd5171eea2b5a4b43f9b77afb50b2095df09dVirustotal results 24.59% Heodo
2020-08-06Z_18684020.docdoc 029bf73542d9022cd3f392bd4d73755c89742f31fd24a4d3207fa960a4839bd5n/a Heodo
2020-08-06DOC_TF4674395872VD.docdoc ef6c1ffd05150882bfc54a821a952bd6f743e63a03c52ed1564f9ca8549299ceVirustotal results 24.59% Heodo
2020-08-06QOI_UXAUIZ0GFJSN1T.docdoc c587f3652820270bba59542522120672e8e95522ddcf9ef94ada4b00271b3bd7n/a Heodo
2020-08-06ABZES0BFV93ZT.docdoc 3d7b0b0b8db48edd63f38207860a39c39f05ca912545fae115149ce35b949740n/a Heodo
2020-08-06BAL_UO6JY0RB6I1.docdoc 2da17d7865ed7dc5d2f59f2899832de079f556e08e9b4944669771070ec95dc8n/a Heodo
2020-08-06A_PR9262012105OV.docdoc 49293332112aac8e7324c776e9ea01df8d9c3029f9d89b1883863fa4ac4335ccn/a Heodo
2020-08-06R_ZFQIPOPT06MHY0R.docdoc eadc186cfe8e3c19ea300adfa281efef73f5792352852efab0420e0389b49bb5Virustotal results 22.95% Heodo
2020-08-06PO_08062020EX.docdoc b27f4ef8f5469f85fe50a642dcc5fee52880b25c23819000768cbd8055093726n/a Heodo
2020-08-06BAL_PO_08062020EX.docdoc bb602d79341451698628307e329d7effecfc741d8cce9a03023082cca9e7fd6bn/a Heodo
2020-08-06V_9788500925944509469.docdoc 90349a6fef59a2961f650f14597c52d61bcc6b18d8017591106c662239d21a8eVirustotal results 21.31% Heodo
2020-08-06REP_0548047967445353.docdoc 8dfc9301200294d18edadcff9e243522a1a82a3378e5a874e18dd11a47204a34Virustotal results 21.67%Heodo
2020-08-06OX1062898483AD.docdoc 98826e022ea7e43c4ca336a98b7dfb45866836324f79e8e7af3eb4af39686c22n/a Heodo
2020-08-06JUOIGJ3ND6AQZMU.docdoc c7600a3fc42b6fed1538b5fe0a9d93a62b124e58f5c96b976422f1670cab0016n/a Heodo
2020-08-06INV_1551221038455407113476.docdoc 082b3011f9082a24a8638f4c1e707ff092cc1461362041ae4e3e621be475b1b5Virustotal results 21.31% Heodo
2020-08-06DOC_53703972.docdoc 0e8d808e9a3e02e0b852937546533d4db4998eb34528f7551ff1e253be968eb3Virustotal results 20.97% Heodo