URLhaus Database

You are currently viewing the URLhaus database entry for http://wmarge.com/uploads/protected_box/additional_area/z3ocQ_7HNwpcmdx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	428287
URL:	http://wmarge.com/uploads/protected_box/additional_area/z3ocQ_7HNwpcmdx/
URL Status:	Offline
Host:	wmarge.com
Date added:	2020-08-10 12:21:34 UTC
Last online:	2020-08-13 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-10 12:22:04 UTC to abuse{at}contabo[dot]de)
Takedown time:	3 days, 8 hours, 15 minutes (down since 2020-08-13 20:37:47 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-13	DAT_2020_08_12_2090.doc	doc	2d9d999204b6190a6e91bc1da7b0330466f17a916b33c2cab9bd681bc5060e10	62.71%	Heodo
2020-08-12	arc_2020_08_12.doc	doc	e49959014262227a3e6ca5bc2937e6afab83a251fc694000d1a3d38e7814d9dc	50.85%	Heodo
2020-08-11	arc 2020_08_12 V89680.doc	doc	d40d7449bd164c54c479521c994e6ae599167b6fd97761ff3eb41fcadefafd3d	50.85%	Heodo
2020-08-11	list 20200812 FN352041.doc	doc	d135bfa839f7aced43217658d78cc59d8c51a7120940e59b3c805612e1b276ee	50.85%	Heodo
2020-08-11	Dat 099.doc	doc	0241b1ed7a1656dab5d9fe64b7e59fec547126495769ca53d78220090b494889	49.18%	Heodo
2020-08-11	inf_20200812_444.doc	doc	8f5d6af71053c703ef6ac42971b9c19766bb0682e793b8f295af1453eccb5023	49.18%	Heodo
2020-08-11	Inf 20200812 BSR7079.doc	doc	593a1eee983e1c66c480fc52ce564f0ebb60c48d5cadef3f5ed4367d32f1112b	50.00%	Heodo
2020-08-11	Doc-C135.doc	doc	07f39454d9ab2315ef4e0f48ab695529cfb64a76c9b792050e6c8cb4f75b856d	49.15%	Heodo
2020-08-11	DAT 20200812 HA466706.doc	doc	fd98e040494ec96249be1460752ad33da1d1a230de136873e2c99e72fdbc336f	50.00%	Heodo
2020-08-11	File 20200811 5316933.doc	doc	13114e608a7cc05973b50935d669f9bb5a135bee36e1f29a47243cdcb3cd7401	46.67%	Heodo
2020-08-11	INF_20200811_N529411.doc	doc	1bd68b07b524ffb4ddcd903f20522ebbaf7108f9f695e901551f5d4f90013345	47.54%	Heodo
2020-08-11	Dat_2020_08_11.doc	doc	505bf00a3f0c6b5d8ececc410f78de1bdb0fffc8fe7a3324166448fbb3a213f0	46.67%	Heodo
2020-08-11	ARC-20200811.doc	doc	669795b953f2d46ec362bc03adae579299f4c4a42392c7cbdfef5ab5b54b5ec1	37.70%	Heodo
2020-08-11	file-2020_08_11-25300.doc	doc	1da87bf7cde42012d6ef60a19e839e43b5cf12ca5942cd31c40cc0ac0e31da49	40.68%	Heodo
2020-08-11	ARC-2020_08_11-UFU305.doc	doc	41a14ae8992338c85b383362556c69ed34ef79be6782f91011a521681efea640	40.00%	Heodo
2020-08-11	doc 1963.doc	doc	43dfe63eff9212397ee2b7be571cd22d59ee8e88b32968034a655193a6ff6b71	36.67%	Heodo
2020-08-11	File_2020_08_11_3158504.doc	doc	0c2fd444f2fb9f77cde4f5629c19ea2ff814f7cda10a63a6bc6227d3ce403b4b	36.07%	Heodo
2020-08-11	doc-20200811-4943821.doc	doc	c3832fbc9a1ddc68c6e46a3833639941057f03d5a0382d4987e72a406da4d1dd	36.67%	Heodo
2020-08-11	Doc_2020_08_11.doc	doc	3f42c82f2f7de6ef82c2ecb7cd33aead81989314771113ca39e4b739a0d8f4ad	35.00%	Heodo
2020-08-11	INF_2020_08_11_LGH080402.doc	doc	bef25908178e50a5ea5c9427e2d767e442719458414443980f1d1454659d4804	32.20%	Heodo
2020-08-11	doc_B2781.doc	doc	443267f63d955561b6da7e86366dcbd233c605fb7eb3b92e5863f7482738e692	32.20%	Heodo
2020-08-11	Dat-021.doc	doc	203612e1ea608a05ef054fe7c5b92486cad9b0ff50b0c9a65ad953d96f596b3d	29.51%	Heodo
2020-08-11	file_2020_08_11_SM09128.doc	doc	252db122a1b30ce47b633f1131fad749c4e0fd1f6f4c9ade52bd27774d41ed62	30.00%	Heodo
2020-08-11	dat_2020_08_11_1364.doc	doc	5c7e33c23d454291dacaf4ae431d451d0659a56b3cf2e2a0ed82002b5ee21bdc	27.87%	Heodo
2020-08-11	File_2020_08_11_UIW05074.doc	doc	b6996cae658283af7922ab5b0c3a2e16fb4fafbe641c818ff651053bb7836342	25.00%	Heodo
2020-08-11	DAT 2020_08_11 8732.doc	doc	23315f65b06123e965e1949c08085c097b3efc919a3807955cd3e1acc596e809	25.00%	Heodo
2020-08-11	inf-2020_08_11-869.doc	doc	b9d7c3f1fc34b47554d301ba8d6d5a60e86fb6db50fe0d212aeae580a8c38840	25.42%	Heodo
2020-08-11	Inf_20200811_HQ27679.doc	doc	f680090987b21b32b1b79195b479f3bb74ae2e1507572e091736a055335597bd	24.59%	Heodo
2020-08-11	Inf_63997.doc	doc	9715534fe73d1a63f33ee24b769c7a8dfdadedb96b0c0e52fe0fa713f889d37c	23.33%	Heodo
2020-08-11	Arc-2020_08_11-AX24574.doc	doc	5920c7e4ce5cd003b9b0fc667cf8b9414312502656caee024acae86456e58ce0	25.42%	Heodo
2020-08-11	DAT_20200811_2601.doc	doc	e110bbd4a3f29fa7c662bf2dc8a9c59cdf48bca88ea30bbb6d4ff9e1a84dabef	n/a	Heodo
2020-08-11	Dat 20200811 G823.doc	doc	9ef7fa8efe7c59b7cdbd9d44134d7876fb641fd6cbd2b1aaa1fadab058c7e4ef	22.95%	Heodo
2020-08-11	INF_20200811_889.doc	doc	d4050a58a41dd6772a72b9db7e54c8edcbf596762283a46a9a04ee37952ce224	23.73%	Heodo
2020-08-11	doc 20200811 5764.doc	doc	b1528ebc856d5dccf38a0f758121c3e2b97f527b661f447c4ccecbf2332ac804	23.73%	Heodo
2020-08-11	Arc-8465.doc	doc	eaa9a3fa2103d303ee4a16d7a20d7fa41d0047bd31a6bd1e1a6718cf4df41881	22.58%	Heodo
2020-08-11	REP-7570.doc	doc	bac9a9d3b5783ae78298bfd2e768bbca94c8d87986fc65ffe746ed49ccd32c6c	23.33%	Heodo
2020-08-11	Dat R007.doc	doc	ad8ecc85066be281b996f847814e7770dd2316faeaf97406e310db7bd1e3498f	20.97%	Heodo
2020-08-11	file_20200811.doc	doc	12587249744f2253a36fa401256c0bfe0d806185522023bd4862720f14b9cb15	22.95%	Heodo
2020-08-11	list-1354580.doc	doc	ac20765cdf4d1038df199a09c940feba4bb9cafde628ca8abbd316fd299463b3	23.73%	Heodo
2020-08-11	arc-2020_08_11-939668.doc	doc	c63d69fb1a335468a6aeebc2b8af051bf71cb55b4808a17409b332fc70728b8c	44.83%	Heodo
2020-08-11	DAT-GQ8389.doc	doc	9cc9ffc477277e4e3f239e9614780f61763818b20a39f9bbdd64fc1b3239b42a	43.55%	Heodo
2020-08-11	Mes_2020_08_11_KD234.doc	doc	fce0f3d055c058d10eaff76ccd0a00bc87a7fb733b1ce6894e486b39ebf6793f	42.37%	Heodo
2020-08-11	MES 2020_08_11 652958.doc	doc	cae649fa4834fbe773a6759d1c55036ab5a152fa90aa2f64b7751e50b3e7deeb	43.33%	Heodo
2020-08-11	list_20200811_9020730.doc	doc	353b24cd1dbb7be15133b64495afbbd1846a83e775870f07cef1efc21c411ddf	44.26%	Heodo
2020-08-11	FILE 2020_08_11 GDQ204170.doc	doc	bd21c54cff53a13d78966917cf55e87135e7020967d2416f6a0b259beba63dba	44.07%	Heodo
2020-08-11	Rep BC848.doc	doc	ee1ee54baff4c78ecda5e4b6ff18630ad8152cabe662ac370b7d814ee6d457e4	44.07%	Heodo
2020-08-11	dat 2020_08_11.doc	doc	1d6d7c0058e45499315faa839a5d61667865f8b11c4ae4038f23e60cbfa8a8ef	43.55%	Heodo
2020-08-11	list_2020_08_11_XY762.doc	doc	493101a81b243bc896303e65c73263b1664d1887fd631666fbf895c875db3dcc	43.55%	Heodo
2020-08-11	INF-CKO877.doc	doc	e4790d41e27c6978baf5ccf9461b74b1e9606fdc7edcb4d2022edafc3d8a6fd6	44.26%	Heodo
2020-08-11	FILE 20200811 F416.doc	doc	13c77da9bbdaea66303dfe4cfcb8b5a9f8eae8d46f1e710ab6574c73b2c1d91e	44.07%	Heodo
2020-08-11	FILE.doc	doc	ce70fba1cd6c71bfbc91162f8e5d6f99e03ffba2db898e1088139f06cef9c304	44.26%	Heodo
2020-08-11	file-20200811-093.doc	doc	bda55acb649535e7d61133cf076b1604f3da829aa4d7b45a7bf3ba27466d9c3a	45.76%	Heodo
2020-08-10	arc-2020_08_11-5796022.doc	doc	1ff50f088800028624af3ad83890529e6cd409d4c797d27b35f77e33fe36793e	40.00%	Heodo
2020-08-10	doc-20200811-523270.doc	doc	cfc2a440a24b787cb600844f671424763ef7221b253df29119f44be5f6e0b48b	40.00%	Heodo
2020-08-10	Arc_20200811_BVE4474.doc	doc	021b9f28d85d3c2f0ae4137982daa4ddf1bee1fbc756952a3cd4caf0503ffeac	40.98%	Heodo
2020-08-10	arc-2020_08_11-083045.doc	doc	cc915da7e58c724b0602504598bbad14ca38c5ab5323a50095fd1fae2fb9d62b	40.32%	Heodo
2020-08-10	dat-20200811.doc	doc	57ceb97127a173ae60027dba4b90aca54c66a1b120c77c875faaed74b93a5f22	40.98%	Heodo
2020-08-10	arc_O322503.doc	doc	3b59369e3166425caaacc1f0c00428539ecec010f83337e7af44a660bc6c7735	40.00%	Heodo
2020-08-10	FILE 2020_08_11 29210.doc	doc	76bd88e8ff88b6c78c4f5a2c133e2462a8c36abe34ca709a89c1c8199271307d	40.98%	Heodo
2020-08-10	inf_2020_08_11_1732027.doc	doc	5c5c196f98303cb83fe01bd0c601c680ca5b4d5fc5d194a31da99bb0492bcda6	40.32%	Heodo
2020-08-10	INF_2020_08_11_75892.doc	doc	00a5dac35c1407506376d2c973fe96bd386abd44446ded18aa36d986009ff2d3	40.00%	Heodo
2020-08-10	list_20200811_2517.doc	doc	8c6e70e36629b376e399237d925f93bd2cd7839a7e02ba7e76c11afdaf82a4ad	42.37%	Heodo
2020-08-10	Rep VZ4929.doc	doc	5582753e9a4a5198d5bf0714cb285794ee9959a83dfa4f6b320ead8ead8da209	40.68%	Heodo
2020-08-10	REP-BS9995.doc	doc	c8ef61881c416a829a8aef596ec7665390bf5ea0dd7f5fbe08bd0a198bd6bcc8	n/a	Heodo
2020-08-10	REP 20200810 6727912.doc	doc	bcb9d74a9abe1771e3619aaff40ab73fb482a38cdfcf9d24a78fff78a635deec	40.98%	Heodo
2020-08-10	ARC_20200810_426.doc	doc	c48b063432f8c4c36dd9ded23c887ae172b3627e38c9443057fe642dbcaefdee	40.00%	Heodo
2020-08-10	List OB4134.doc	doc	5d65fe8e1743f0bc40290185bc0184e487a14435204b1f4b3dc13a81dce3575c	41.67%	Heodo
2020-08-10	dat_6654.doc	doc	d01565a0f885f2a3bd841d050ff389dc27915e3181026e4c7c833ae5b0af72d2	40.00%	Heodo
2020-08-10	ARC 2020_08_10 JX31634.doc	doc	098876500a634aa472d3871b18a4ad318ee13f16787cd4abc0f17172bd7a9b6b	41.94%	Heodo
2020-08-10	Arc_20200810_JDC9137.doc	doc	e42916c5e331a2413e73c301c841ad80390d43a786987b27c0825c9bace9b1d3	43.33%	Heodo
2020-08-10	Rep-20200810-2499.doc	doc	8641d44f1d6d745099cee15a65f849a2cdc8f197bbd3b6ab628908ac967af7ba	40.98%	Heodo
2020-08-10	list_20200810_7117319.doc	doc	03c3b83396d5866a19b8173b63e93341e1fb76a16e082ec63d43b8db44d2b9be	41.67%	Heodo
2020-08-10	dat 2020_08_10 CL020529.doc	doc	cc150d98c77467413cca20e24af2ba69870168fa8a7793d89a2ca28cf926323d	40.98%	Heodo
2020-08-10	Dat-2020_08_10-320.doc	doc	17e64d4370b3832c6f833e6dda968f88a53e39acd56665e1511d8efeafc4c978	40.98%	Heodo
2020-08-10	mes_20200810_V801751.doc	doc	26c0eda17c5ff7c88858beb7a132b30d9075607bdf525019481fd9db5b8cb158	40.00%	Heodo
2020-08-10	arc_20200810.doc	doc	17d98dbfc17369c1682f83dd9af21acb340af79d94f5b1cd0d774bca229b57ae	40.32%	Heodo
2020-08-10	REP.doc	doc	89e6528d812e9c5ebd232efc41db376df49a2e62f631d7bc6687ce1e4505f900	40.32%	Heodo
2020-08-10	MES-20200810-551.doc	doc	0d7254d03f1bc024880861da0e91b0d9ffa356e6f9ac24a4361b453f4ca5d770	40.00%	Heodo
2020-08-10	dat_2020_08_10_73932.doc	doc	a911b368b94dc3e0fb269c4d07d39d833670469f5a55427786035059cb194a67	37.10%	Heodo
2020-08-10	REP 20200810 7570736.doc	doc	45c4190948b0c2820d9f66648aa3c78b09071303b6dbbba413464384ce5d5f72	33.87%	Heodo
2020-08-10	mes 49649.doc	doc	89d64653ee0c99479f754d1fab19c2f114a1e7bfa9a9b56962605cd4cd4dc7e3	n/a	Heodo
2020-08-10	REP.doc	doc	1ffeeaaba729ae71d1ace58dd6403d93cf036e5faf59f53b19437b2e5bb2a26a	28.33%	Heodo
2020-08-10	INF 20200810 ARN850.doc	doc	254be797ffbf8675b2ea4ba0e525fe4be49e809bf39ec4d8edebd9be0a548468	27.87%	Heodo
2020-08-10	MES_20200810.doc	doc	fea75486f779a09cc13afd43618fc5e3fb34dd21ad064fd50b17f9ba0efb21e4	24.19%	Heodo