URLhaus Database

You are currently viewing the URLhaus database entry for http://catswiz.com/wp-includes/multifunctional_026716895_Ag7s5YR/close_profile/mlb8hgo4kg8d_806tx14/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	427211
URL:	http://catswiz.com/wp-includes/multifunctional_026716895_Ag7s5YR/close_profile/mlb8hgo4kg8d_806tx14/
URL Status:	Offline
Host:	catswiz.com
Date added:	2020-08-07 13:41:06 UTC
Last online:	2020-08-14 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-07 13:42:04 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	6 days, 17 hours, 29 minutes (down since 2020-08-14 07:12:03 UTC)
Tags:	doc emotet epoch1 heodo Quakbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-08	doc 704838.doc	doc	ba50483a5407dc7d213263534638c2e4e0445d9d06f977dc496e979beda32f33	45.76%	Heodo
2020-08-08	mes-20200808-DCH665.doc	doc	dbbfe251ebab8c3e19de23d3e0aca5661d1e893f34b9a123699fa7f2d3d5b8ab	42.37%	QuakBot
2020-08-08	FILE.doc	doc	31674d9d2a53c9407819aec8731838ed678f2d3317a2a4a47680fcea72536fe0	n/a	Heodo
2020-08-08	mes 20200808 S5389.doc	doc	86acafea38ec22e96a57c45f6289fc758fe4e54d8d82f55dba08f604bfe29632	42.37%	Heodo
2020-08-08	Arc-20200808.doc	doc	a5b4fca70c16e40a7c4bad03de3c8f0448aea24ebbf989026202c94a9eeee7f8	40.32%	Heodo
2020-08-08	Doc.doc	doc	4be780211b5eeca427c252f629f2ed5b1e7062193463819a056e705ffa9df1ba	41.94%	Heodo
2020-08-08	list-2020_08_08-H871.doc	doc	ce5d6aa5b1cfe76e48ec485669e784f6e6fa115c5c008cd89c499726b2a74652	40.98%	Heodo
2020-08-08	ARC 244.doc	doc	cb59fe31661123327d6efebb10d883b195b318c6da1739d129dfe2616eb3a7a2	42.37%	QuakBot
2020-08-08	doc 9564656.doc	doc	a2c4d99f84b10b57c46b0bd1ea0fdd817fbaec3ca977b5b71f62b8ad2896f3d7	40.32%	QuakBot
2020-08-08	Doc.doc	doc	7eb59e041da8977c3bd1f5e50484f6026ebf4a8dd24f4e9cf391e991650f373d	40.98%	Heodo
2020-08-08	arc-2020_08_08-E5138.doc	doc	7749011322a1fa88e88ac29e4663fc961f0b6ca6432e1257aefaceb28252a4c3	40.98%	QuakBot
2020-08-08	INF-2020_08_08.doc	doc	93ec25c002b55c38fb31a036675ae4137bf12ddff82518ecd596e4282c2d08d5	44.26%	QuakBot
2020-08-08	File_20200808_69689.doc	doc	59353bd2a96cfde81847bcf1480a531f68a1fcf0738161455a352c5b9babe28f	44.26%	QuakBot
2020-08-08	Arc-2020_08_08-I48043.doc	doc	4749be0b925b0d49c831813a68772865cc0448b80e10fc43d06b81c93c5c9e34	44.26%	Heodo
2020-08-08	arc 20200808 50891.doc	doc	2ef95fd9c222a0b299b53659e79526a1281e9d076b75aafaedb447034237ba36	44.07%	Heodo
2020-08-08	dat 20200808 7302629.doc	doc	1ec0aea3e7613086f550e01f5014835b55ac12b7d35ad781c2173dd150a0eeba	41.94%	Heodo
2020-08-08	dat 2020_08_08 X271112.doc	doc	8d118098701f23422ec3560934134ab170767e28ea66c8a336be4dc8ec102987	44.26%	Heodo
2020-08-08	ARC 20200808 VS98548.doc	doc	b53199af61de887966a39331aec0a4572deb4044b309a735a63ed90911032cf1	43.55%	Heodo
2020-08-08	inf_20200808_WV1867.doc	doc	f7d99e7dccbb7f860f4188ef450ddaa922d31492887b916a96a802c556303f5f	42.62%	QuakBot
2020-08-08	dat-20200808-469.doc	doc	a0106e59dd260be14700f439f7a350fc5c02d1c3f1eea2c3da779ea8edbdee42	42.37%	Heodo
2020-08-08	ARC_20200808_683.doc	doc	68fa39fdeeb2482b9dbec2a1c2a7649e0a1e4b883528ef42b407a240bac4065e	40.98%	Heodo
2020-08-08	doc-20200808-DA104089.doc	doc	62112657085b9dc12429d5002978a67b6a792db61dca0bfd23db9d5370717ec5	n/a	Heodo
2020-08-08	ARC 20200808 OWB354.doc	doc	d840943a1f750210b98a2f26d5852b1c58ce7e454a38b38884f0b5371ec1198a	40.98%	Heodo
2020-08-08	Rep 128202.doc	doc	a671e2959966d9a945046df0dd4a878fbe99b378e108e50c8de5a2746ce7dde8	n/a	QuakBot
2020-08-08	Arc_20200808_ZIP81822.doc	doc	999698b5ddcc7f3b457aa5504fadf382046c692cd623f345e198e80e9823501e	n/a	Heodo
2020-08-08	inf_GWC351558.doc	doc	a06d116a6a22a8bf4413f8be14dc63fced336358a21a7711ab9ac2f94da681b2	40.98%	Heodo
2020-08-08	List 2020_08_08.doc	doc	e9bf95d02c5b2b1e8ac21c595cce59294b8a54da32e71a619cdf2ed03448dc96	40.98%	QuakBot
2020-08-08	Dat 4021.doc	doc	501893610fc7b68385c512147e464fd30fbe631de1d21b4b7f2f89bbc7583e81	41.67%	QuakBot
2020-08-08	file-20200808-2411083.doc	doc	eece4ec540e8ae52c63b4384986f2de0003b5b51d486ee8602de1709feb06dc4	n/a	Heodo
2020-08-08	List 20200808 91868.doc	doc	e49e34bfeed9d527f6a2c80df9f388d89705278aafa1aa2b250556754ac38944	n/a	Heodo
2020-08-08	MES-2020_08_08-6270.doc	doc	132a79f10403808ae939cca854d6eb7a7f061536f04f3d1b735c0284ac46b163	40.98%	QuakBot
2020-08-08	Inf-2020_08_08-K337.doc	doc	a737ca74e110edc3bf6b03a41b8f19a2e7c5b5e3ca563480e94efc99a1be9f0a	40.32%	Heodo
2020-08-08	mes-20200808.doc	doc	63c966c20ccc686dfa62a5063bff299d385ea9f159cc9a5b79dc59063fb9514f	43.55%	QuakBot
2020-08-08	List 20200808.doc	doc	ec11d3cebaa5d4d05ef93c8b88ab79e34d82fede8daa5a821d119d12de060ffb	44.26%	Heodo
2020-08-08	FILE 714.doc	doc	f3be0b911d44447b80b1337f332187ad596fbfe6a0739cdacdd2f9d759e12114	40.00%	QuakBot
2020-08-07	ARC 084736.doc	doc	53ac99d5826bd318da8d98fc65d4b28ee61fd3f4cf67cdf387cc88e35a0fed86	n/a	Heodo
2020-08-07	Dat-20200808-1424.doc	doc	5d2b88e4fefb1593bca1de5b27276ba0d00140416c91339fc6fd44431c8ccbd9	40.00%	QuakBot
2020-08-07	DAT 20200808 B9878.doc	doc	e8cfc1ea617361564b695bbb732436a5b497bec2660b878ca91e398406298900	36.67%	QuakBot
2020-08-07	File-2020_08_07-255.doc	doc	b73f780a433d41cd9d6d0046f85474514b51eb5471e34e530974673c6579eb1a	35.00%	Heodo
2020-08-07	INF-6866367.doc	doc	646ccd64823cfa77dbb491953dde3333f48c8c19ac7a2753088a96dce8b0d397	33.90%	Heodo
2020-08-07	File-20200807-817873.doc	doc	4b39fa084ea8f5d975c810381f01d41410db01bb2491e4b3466dd97647f1685b	n/a	Heodo
2020-08-07	Dat 20200807 TD0316.doc	doc	72e7b1f1f982d507c7ffcce28b3d49cd61c6ae305f47ade10cb7da5f3210ba5a	33.87%	Heodo
2020-08-07	Mes 2020_08_07 V589.doc	doc	7ba25693e2acb9afa6c453839ed62fb82efd94369f13a1549a0b57b8949cf0cc	33.87%	QuakBot
2020-08-07	File 2020_08_07 16214.doc	doc	04e31098de3a144363fe9cb747c4224f1de0da6875fc56d20c10c1d2ee9f708c	34.43%	QuakBot
2020-08-07	arc GH6302.doc	doc	d30fd458f190f862617c0b08d5cc7d7368f2dec8903b2caa0f8aacb6b498edb6	29.51%	Heodo
2020-08-07	Dat 20200807 249543.doc	doc	612b33cca81c88e812436d48c987273b54a73bdc04a908102beac2aaf50b5825	n/a	Heodo
2020-08-07	REP 20200807 G8769.doc	doc	e3fcefe4f56ac0b117abaaf8fb063b466bdfa3a115a2992daa4cd928cf46b3ce	27.42%	Heodo
2020-08-07	rep_54219.doc	doc	69831db688744f625614a4e2ac33c2ef43314a1d0b7478ad88dfec441d669122	26.23%	Heodo
2020-08-07	Mes_2020_08_07_269.doc	doc	5080eb6df265a19a54691328b412d3f78cee2e6e21284f98c03a973300334a72	26.23%	Heodo
2020-08-07	list-2020_08_07-14644.doc	doc	b4bfa9abdc1af9d31045f6c98499ccfa5e332945a2b269c064bc108023673a2e	n/a	Heodo
2020-08-07	dat-09421.doc	doc	ca95b922acfba5578896b90cbdc3b3d3de8d53377340e35e5649c63d1f8a7bb7	26.67%	Heodo