URLhaus Database

You are currently viewing the URLhaus database entry for http://seatrade.com.eg/index_files/closed-o2z-17xm2/verifiable-portal/bkhs1-x930491v// which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	426757
URL:	http://seatrade.com.eg/index_files/closed-o2z-17xm2/verifiable-portal/bkhs1-x930491v//
URL Status:	Offline
Host:	seatrade.com.eg
Date added:	2020-08-06 21:55:49 UTC
Last online:	2020-08-13 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-06 21:56:06 UTC to abuse{at}tedata[dot]net)
Takedown time:	6 days, 6 hours, 7 minutes (down since 2020-08-13 04:03:52 UTC)
Tags:	doc emotet epoch1 heodo Quakbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-08	FILE 2020_08_08 807537.doc	doc	ba50483a5407dc7d213263534638c2e4e0445d9d06f977dc496e979beda32f33	45.76%	Heodo
2020-08-08	arc_20200808_RD593.doc	doc	31674d9d2a53c9407819aec8731838ed678f2d3317a2a4a47680fcea72536fe0	40.98%	Heodo
2020-08-08	rep-2020_08_08-867918.doc	doc	ce5d6aa5b1cfe76e48ec485669e784f6e6fa115c5c008cd89c499726b2a74652	40.98%	Heodo
2020-08-08	arc 68112.doc	doc	424cf5c4a91c06c70e70f85621afca02a6335435bc3aca17a07b860ca1d9cfb2	43.10%	Heodo
2020-08-08	mes 2020_08_08 176248.doc	doc	7db111b6a3b2b44ddb5ce3413643af61cc16843c9921e8fd636a7d8cfb7894d6	40.98%	Heodo
2020-08-08	arc-203.doc	doc	f7d99e7dccbb7f860f4188ef450ddaa922d31492887b916a96a802c556303f5f	42.62%	QuakBot
2020-08-08	Doc-470991.doc	doc	62112657085b9dc12429d5002978a67b6a792db61dca0bfd23db9d5370717ec5	n/a	Heodo
2020-08-08	FILE 2020_08_08 8381.doc	doc	d840943a1f750210b98a2f26d5852b1c58ce7e454a38b38884f0b5371ec1198a	40.98%	Heodo
2020-08-08	FILE-2839761.doc	doc	e49e34bfeed9d527f6a2c80df9f388d89705278aafa1aa2b250556754ac38944	40.98%	Heodo
2020-08-07	REP-2020_08_08-811.doc	doc	e8cfc1ea617361564b695bbb732436a5b497bec2660b878ca91e398406298900	n/a	QuakBot
2020-08-07	dat-2898046.doc	doc	acf64b8e97e3201f06314a33733d479adef77620d8c569663be2e02c3ef38e98	33.87%	QuakBot
2020-08-07	doc-671.doc	doc	d44dbb7dff5cb10abc9c612c5b8a79f2b57a93a11cc8f8da66d9879ab5bc8dc3	33.87%	QuakBot
2020-08-07	Dat_6460382.doc	doc	7ba25693e2acb9afa6c453839ed62fb82efd94369f13a1549a0b57b8949cf0cc	33.87%	QuakBot
2020-08-07	Mes-Q8059.doc	doc	cb1f2bf4578f29a20e8d2870d56795a1b2ebc499d05b0b2398af82735726cb6f	34.43%	Heodo
2020-08-07	list_20200807_452537.doc	doc	420cf1f6784246f59cc804ab9685106d033fb5d1d8d3e76558418bc0786f7b69	29.51%	Heodo
2020-08-07	Dat 2020_08_07 UZX0506.doc	doc	bb249753b6fd6220b43602a1122cd458d29055d3e37603c1a3a1e2f21a81366e	26.23%	Heodo
2020-08-07	rep 20200807 J996112.doc	doc	a288dd3026142c4fb729f070fdb05a968a11a0cb77d24bdcc066866ac51eb936	26.23%	Heodo
2020-08-07	DAT 20200807 7359142.doc	doc	3ec975d212b214553bac033787cb72d8310c493b5261f76b8ba3b5421b9f31e1	26.23%	Heodo
2020-08-07	arc_2020_08_07_LNI23043.doc	doc	3915157ac78131871b91bc6eec62153f53f74c5f6e7b6c23451f4b55688a14cf	n/a	Heodo
2020-08-07	arc 2020_08_07 5547590.doc	doc	c9446d50702574217eb30ddf8a9f1752c77215b5a1d6a451532920aa2a8ad5e5	n/a	Heodo
2020-08-07	arc 20200807.doc	doc	1cc3fe55cd9952581cd54ff7b1a12d5a7a2aa90d760fda8b9a6b2ea8d010e1a7	44.26%	Heodo
2020-08-07	arc_98209.doc	doc	e3cfb2e0648535875890582842fe912425271c2dfaeb7c1ef7f982a9ac41c18f	37.70%	Heodo
2020-08-07	File-20200807-939806.doc	doc	fe032b45e17799af19f0dff52340131849e761ed8072baa910c48854206f12b6	36.67%	Heodo
2020-08-07	DAT_2538.doc	doc	2a7f0551cd0fa000ed5992db4346987430e32084240b9eb53ad0369763734b71	33.87%	Heodo
2020-08-07	doc_20200807_5600271.doc	doc	50142b56616f33de96a00f3619a900237753bb4552fdd62f220ae93fb25cbf3c	35.48%	Heodo
2020-08-07	inf_2020_08_07_DJS888855.doc	doc	017a10a1811401d7e7500e1b999024f7188b0636a16751e309fe8dc474232b95	30.00%	Heodo
2020-08-07	ARC-2020_08_07-OI9503.doc	doc	a9f3247aa61118e5538983621ebddd91a88c6fef1097fd3f142ce169b078cd7e	29.03%	Heodo
2020-08-07	inf 2020_08_07 074770.doc	doc	9f0042355df96916dafb4a7e119ef22bfdd051653c32c759b005bf61a57e0324	29.51%	Heodo
2020-08-07	Inf-20200807-3248.doc	doc	b8dacf3ee73cdfc545f0e66e81dd8331ad345136a5a94dcc78f387bc7dfbea3f	29.03%	Heodo
2020-08-07	List_20200807_5430060.doc	doc	2d9e8d19691ccc198cf997196c54e831404e2577b1bd3c17ae29b1c78b0f95a8	29.51%	Heodo
2020-08-07	MES_20200807_LP623061.doc	doc	36cf71324f57ceb43b443ab2e5d0670e4adf672165537042e46c23de797186d2	27.87%	Heodo
2020-08-06	Doc_20200807_PVM8038.doc	doc	3a17dd818992725fb9bf1c2e0d4d18141f5b9fe15a184e7ebac32b935fe7e60f	26.23%	Heodo
2020-08-06	INF.doc	doc	2c5b7f8488ec8abc944d1a90f84293494cb7c6dea6cd23bad40fce8429f41442	29.03%	Heodo
2020-08-06	inf 20200807 6346723.doc	doc	834ae3e3344f994a972b0a6dd3850fc3a7d26a9d1ab48ed2c3ec49e34239147e	29.51%	Heodo
2020-08-06	MES 2020_08_07 KTV753916.doc	doc	d21fb5ef05cc6d7375ad67529c3b74d7111dff2fd9a11ce6944a25e4dc2463c0	25.81%	Heodo
2020-08-06	dat_2020_08_07_L0007.doc	doc	a1668530748354caf4b83b007f729aa168414a2e53c2c87bc4043bdd0c7a3c06	25.00%	Heodo
2020-08-06	dat 2020_08_07 RRW168.doc	doc	8989fda20d2ffeb4bca5052e486138e63f7fcf59540b73732e15e29c6e70adda	27.87%	Heodo