URLhaus Database

You are currently viewing the URLhaus database entry for http://www.mjhl.com.mx/fonts/uatir68/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	426895
URL:	http://www.mjhl.com.mx/fonts/uatir68/
URL Status:	Offline
Host:	www.mjhl.com.mx
Date added:	2020-08-07 02:14:34 UTC
Last online:	2020-08-07 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-07 02:16:02 UTC to abuse{at}tierpoint[dot]com)
Takedown time:	7 hours, 4 minutes (down since 2020-08-07 09:20:43 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-07	I_DA5882479162FW.doc	doc	57370f33ff18a79a83e7ab0a2058c0182aaf87d4f996595ed5aecbbd404b351d	n/a	Heodo
2020-08-07	INV_41888549.doc	doc	b6b363c0540264d6b519df4131b781a081197728b39d1c4c9ad07a23ff710c6a	n/a	Heodo
2020-08-07	PO_08072020EX.doc	doc	eecea8fd330329b9b832be329a5ec67804ada3d27b6e7ae845f1d7493f99a013	27.87%	Heodo
2020-08-07	FILE_PO_08072020EX.doc	doc	cd07bca598555bc44ea79d384318d90cd653d87390dc8fe65fdf356689ef0c40	27.87%	Heodo
2020-08-07	GIXVLWK9T3.doc	doc	6c4a14d2b2f97b27137e3c7c90515100c71e1377f33bb71d7a20dac1b545bbff	n/a	Heodo
2020-08-07	DOC_KA6874353437ED.doc	doc	6e72a9dc7224bc18a8ee74089430217794ccbf80832bbf920691ec7362a07953	n/a	Heodo
2020-08-07	FILE_259554832.doc	doc	2ee56c4e8d6634b957f41adcf4b67f3236267ee4fecd4a0a9262af3401bcc06e	37.29%	Heodo
2020-08-07	V_3IRTH3I3LH.doc	doc	1362eb5c759d65c30ec4701769d5559f5bc1950d618ff4d17939fc69f4fb104f	n/a	Heodo
2020-08-07	ZC3659454452FO.doc	doc	15d5b530fc0ad80480b103eae2029965b8f09020e5470c60d8dd5e0e6d53a124	n/a	Heodo
2020-08-07	07395942.doc	doc	de2e8e894a666aa181f12760177bf5ea9cdba17074cc7062f42d6c9aa82a124b	34.43%	Heodo
2020-08-07	H_PO_08072020EX.doc	doc	7c80a237b2801df78492bcf3d316c32159e095e648a81faaeb8fe75752a2af1e	31.15%	Heodo
2020-08-07	BAL_JQF_080120_YXD_080720.doc	doc	4b1b6f5ab3d49093211eab8cbec1b072cabe87aac46a3079e562b382bee3b7ed	28.33%	Heodo
2020-08-07	O_11278327.doc	doc	c01886bbf94166f4b23674f898f638ca04120c93564ed7a94407daadb704a95e	n/a	Heodo
2020-08-07	FILE_KJH_080120_KYI_080720.doc	doc	3d7b7ad00c7e9a6d87ef11c07fe21e309833898b96f68aa5a7f1269a828c5226	27.87%	Heodo