URLhaus Database

You are currently viewing the URLhaus database entry for http://microclan.com/o_9q_w5ibffiks6/report/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	426808
URL:	http://microclan.com/o_9q_w5ibffiks6/report/
URL Status:	Offline
Host:	microclan.com
Date added:	2020-08-06 23:08:03 UTC
Last online:	2020-08-07 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-06 23:10:04 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:	16 hours, 26 minutes (down since 2020-08-07 15:36:26 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-07	BAL_4NP2ZNL.doc	doc	9f76d7029906d2253cc2cb93dd63a25923a2b2878c58c02c915cf9ca2d5b3ba6	24.19%	Heodo
2020-08-07	J_PO_08072020EX.doc	doc	39f54a264c6f06a36935cc3416dff1e8e83f2c0dc205680966c8510c9dac7fcd	n/a	Heodo
2020-08-07	16193715.doc	doc	83acfc01aed8937375c8bc98733684caaa595766301ca229d41af7b2c3966921	n/a	Heodo
2020-08-07	H_04625582.doc	doc	355800b39c9720c49475816188b7a2e6d4cd8ce9777c1dcd9b6a7223a9ea00a6	n/a	Heodo
2020-08-07	HA_GORIJX7MXTV.doc	doc	fb395af7fd0491664d78c7785fea4911db3975e4a091bc5eddc50b0f3ac0fa70	24.19%	Heodo
2020-08-07	XQXK_LKI_080120_LCJ_080720.doc	doc	4c70f0ff52d6a0016178754d0223340a2b83c622c1be0d1a49656b744b4775a4	24.59%	Heodo
2020-08-07	G_NBD_080120_CRB_080720.doc	doc	8ce364928dc868c937733a95a34e468073564c6cd0ba8210831635ed02af1694	22.95%	Heodo
2020-08-07	BAL_PO_08072020EX.doc	doc	9003022268d0174373813a27761795b85bdc4972564810056d592cb380ac81f5	22.95%	Heodo
2020-08-07	A_JDK_080120_HBJ_080720.doc	doc	c25b2007d6bf55f9583da51d51090e6c145e2f1b30a05a0b0638fed6845d24f5	23.73%	Heodo
2020-08-07	FILE_OY4900379839ZS.doc	doc	57370f33ff18a79a83e7ab0a2058c0182aaf87d4f996595ed5aecbbd404b351d	n/a	Heodo
2020-08-07	REP_623522465288.doc	doc	cbef8bb9b1caac4b767ba202e8e6d41fc3d5e40a2a905062bba9bcc9233630ae	41.94%	Heodo
2020-08-07	FILE_95764770.doc	doc	eecea8fd330329b9b832be329a5ec67804ada3d27b6e7ae845f1d7493f99a013	27.87%	Heodo
2020-08-07	PO_08072020EX.doc	doc	a38fb2220dd58e6949f5e50459865bc4e17a425d8073b9bc4960a639ef33dad8	27.87%	Heodo
2020-08-07	248380234356043525268701.doc	doc	406ba28d1bd67874bfadce37b6dd1d585a96e578e84886cf956e0e5fd241dab0	n/a	Heodo
2020-08-07	REP_COC_080120_WJM_080720.doc	doc	6e72a9dc7224bc18a8ee74089430217794ccbf80832bbf920691ec7362a07953	35.48%	Heodo
2020-08-07	REP_32390926.doc	doc	2ee56c4e8d6634b957f41adcf4b67f3236267ee4fecd4a0a9262af3401bcc06e	37.29%	Heodo
2020-08-07	L_UG5274603261PE.doc	doc	741bb5633c63b4509e3d9d2345a6f940680050d6b5cfa7593482322aa6d8f8b9	34.43%	Heodo
2020-08-07	BAL_PO_08072020EX.doc	doc	cc93f31c0d302e29add795820ac93373ebe03ec88d8bd1480afa134d76b5a0a5	n/a	Heodo
2020-08-07	BAL_9917672162146637312617.doc	doc	de2e8e894a666aa181f12760177bf5ea9cdba17074cc7062f42d6c9aa82a124b	34.43%	Heodo
2020-08-07	FILE_PNP_080120_NQD_080720.doc	doc	7c80a237b2801df78492bcf3d316c32159e095e648a81faaeb8fe75752a2af1e	n/a	Heodo
2020-08-07	BAL_L1YVDE2XNK.doc	doc	c07562993077eaa86dab1d1f10e3fca325b1b999575b5a9f146003398d02bd97	n/a	Heodo
2020-08-07	INV_0641023181353061806028804.doc	doc	c01886bbf94166f4b23674f898f638ca04120c93564ed7a94407daadb704a95e	n/a	Heodo
2020-08-07	FILE_02186853.doc	doc	70bdb576c61fd1465ac3a5c01025bd1c5bc89ac4054c7473b529da4b927c1142	27.87%	Heodo
2020-08-07	CIC_080120_MCH_080720.doc	doc	5a29439105e1b8230b665913a4b5de40622cfbbfbfde619777d996b4fb4d058d	n/a	Heodo
2020-08-07	REP_GHWBO4MQU3.doc	doc	4d0b28b1f18afa99d908f7a6d885da63d1b1177d75fe27f74fe36397f7b23a7b	n/a	Heodo
2020-08-07	INV_PO_08072020EX.doc	doc	79e3c6af0316f309bc7a1ec69484749a03c9748a0d5a3d6e3407fdc259b19483	27.87%	Heodo
2020-08-07	BAL_XQ5102856129IZ.doc	doc	126ac0659681502d22c022b42a39e2cce1bf2cdf60549fe70db6f81d2cdf636b	n/a	Heodo
2020-08-07	FILE_PO_08072020EX.doc	doc	fecb2676f29ce38825312279fe154b78b32260b8e6066b148af09c6e6c16ae4e	27.87%	Heodo
2020-08-07	ZOH_080120_EZB_080720.doc	doc	c044e03957fd6c17e8f7b317bafd98bcdec8426a4817b432e29e9a2faca8ef1c	n/a	Heodo
2020-08-07	VJDS_80459521.doc	doc	afc5a12fb967ae15765a5cf5ea6b23346e63efa7ebf9ea95eb9d368a4d40234c	n/a	Heodo
2020-08-07	INV_PO_08072020EX.doc	doc	899c39cce572efb68d609a270a70dd25f3e2ca25c21b41dcf5de57f4ed377fd5	27.87%	Heodo
2020-08-06	INV_PO_08072020EX.doc	doc	b2e1c3ec5988e1bff64d6dee4fbc7f379ef509842572cbd16087d6e68323d455	n/a	Heodo
2020-08-06	DOC_12DIRAL8JCX.doc	doc	0f097be8beec4d73067d0d316876e2a2a733c369bc747831171968c5503a81ab	27.42%	Heodo
2020-08-06	FILE_TE9427565115DO.doc	doc	64dafb54d874fcf098a374328013c97ae0b1f78c8958e2865bb0d7e711db6edc	27.12%	Heodo
2020-08-06	REP_PO_08072020EX.doc	doc	b50f11d3c9824d9d8e24907a06429c04aa7f976c1941d149665c477cf46b12cf	n/a	Heodo
2020-08-06	MZ2739360020OG.doc	doc	858e1bda8036482c0e003f669fcca4873ed7d3432732db2835e050ca15121a5c	n/a	Heodo