URLhaus Database

You are currently viewing the URLhaus database entry for http://dirsantjoan.com/mails/themes/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	428212
URL:	http://dirsantjoan.com/mails/themes/swift/
URL Status:	Offline
Host:	dirsantjoan.com
Date added:	2020-08-10 10:52:08 UTC
Last online:	2020-09-04 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-10 10:54:04 UTC to abusos{at}profesionalhosting[dot]com)
Takedown time:	25 days, 3 hours, 51 minutes (down since 2020-09-04 14:45:53 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-10	REP_PO_08102020EX.doc	doc	8293d995a6640f206c9361630157b66e4c1454162aeb8fbf1f395290deadebb8	41.94%	Heodo
2020-08-10	FILE_OGD4MUKX5Q8D.doc	doc	ded2bb2f3302de6713d69aaadfa7950d2c50ec001ec7722de92f596fc1ba3782	40.32%	Heodo
2020-08-10	SQ7902155367LR.doc	doc	ad46a6a36ef9b8772c7c5b500492c34e25252e779d35d4b3aa5d54fcb1170e3c	40.98%	Heodo
2020-08-10	ZCSLASI73.doc	doc	5bda6a8a7a7265b29e8db19103395da39b962063d9cadaa193a0a1bcfda16fc5	40.98%	Heodo
2020-08-10	59896414150.doc	doc	722ed869e6d0e77b2dd1f33a633d66af3bf400a01989bb3ee4e6ff70d7b2ee53	40.98%	Heodo
2020-08-10	A_0499983068963447.doc	doc	21600f61f85f24fcc273a012d7344a44750a49d52c6ef86ef576f3d8c75cbe4a	n/a	Heodo
2020-08-10	BAL_PO_08102020EX.doc	doc	c21b7cfd3f55a901e8212e17069a59665137c71594899653a26f0b418c4ded97	40.32%	Heodo
2020-08-10	ENZPAVTCBXJE.doc	doc	c82cbe522924e150ea3b677117518f7b51d4a6c084200611e1c73c35790bbfa8	41.67%	Heodo
2020-08-10	52663313.doc	doc	5eea5c7cf7e3d325938ee78f8782ef16a30e61d440f859dae71a3893da21ecf4	n/a	Heodo
2020-08-10	INV_08796353.doc	doc	f4a3bd5e626d53658fca1aff6371dde7f7537270eb24c5532e6a1162c7527479	n/a	Heodo
2020-08-10	L_58422287.doc	doc	f602c49cb3a75d9e1621b6c62ecffcda74542f712afc23c222ea4460e3729985	34.43%	Heodo
2020-08-10	UMO_080120_LGH_081020.doc	doc	213ed96cf8cd6d7e21d5fc2c71f456d265c5897182451aacd9786625922b784c	n/a	Heodo
2020-08-10	BAL_VE3092984631XM.doc	doc	8bfc9f0131ca6f43abc2eac3a5e2345362e5c80a1d7f5ecf729811990863a1c4	30.00%	Heodo
2020-08-10	REP_PO_08102020EX.doc	doc	a9037fe87ed3a03f60771c046496bbf16e1d5646f87a7f4f59a58471050a272a	n/a	Heodo
2020-08-10	REP_59615796671881683.doc	doc	c53160bebc0aaaa274a2594c7eb4977b0626c3aa4c2e2fac71206c2a65d50da7	n/a	Heodo
2020-08-10	L_22479606767.doc	doc	c3089aae17704c9ddcc67b476b66c0a66f756ef1dad5b90062f06ec428ee5d3f	22.95%	Heodo
2020-08-10	INV_GL0970931647LD.doc	doc	2b2b4341e21f9930df58f0f4f10bd2642775d7eaba166ec686f12a411011c3a5	26.67%	Heodo
2020-08-10	T_7219418668068.doc	doc	407736ca4a4bdab4ea158b768aacc22239f4c364a9a0911bdf0531d5b6857456	28.33%	Heodo
2020-08-10	INV_UOS_080120_FYV_081020.doc	doc	f2fd01d966169cb2aff4a63e8824178f51b9dffd34001ad070b46b15522103f0	26.67%	Heodo