URLhaus Database

You are currently viewing the URLhaus database entry for http://www.hekahealth.org/wp-admin/rrWxo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	429241
URL:	http://www.hekahealth.org/wp-admin/rrWxo/
URL Status:	Offline
Host:	www.hekahealth.org
Date added:	2020-08-11 11:38:14 UTC
Last online:	2021-03-16 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-11 11:40:14 UTC to abuse{at}a2hosting[dot]com)
Takedown time:	7 months, 7 days, 8 hours, 2 minutes (down since 2021-03-16 19:42:34 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-12	INVOICE-YMNP4175-172433.doc	doc	742ca255c3695ab5ede04269aa36aa0ae82b7279c2c85fe147da3f90815dba3c	30.00%	Heodo
2020-08-12	invoice GJWT8 8195786.doc	doc	442d54fce5427cd402e0493b67cd5638f3b9386dd9bc95a981ee18c2a89d88e3	31.67%	Heodo
2020-08-12	invoice-RNE9-4156895.doc	doc	b06e62505b71b7c8f9877cf99eff81c680cc21dc871069cbd98141bc77e6a4de	31.15%	Heodo
2020-08-12	invoice-TJZZ1704-70926964.doc	doc	e7c01fa90a3164924439c7e9579e0f4228a4ed9fa320d2ee564d2f2a7f5f5139	29.31%	Heodo
2020-08-12	Invoice_OEP6948_622915536.doc	doc	f3390052891e7cf3c580921e2522e4a8fe5aec87e6c819a16e738ab283ff586b	28.81%	Heodo
2020-08-12	Inv56446293.doc	doc	02d47faf3570a6ecec0501092d7f4edf16ec2d36f64d65812fa7157b1583c4c7	30.00%	Heodo
2020-08-12	INVOICE 312 328171101.doc	doc	ba509a28def7c42418eb07fad9b3b9a48c8fa178ec6896c528ef6be0d80d93ea	n/a	Heodo
2020-08-12	Invoice_T614_2744456.doc	doc	77f2d55af24e0033ddfd1c7f9efd2a9956224f5a2d20bc0fce95f6f3da3d1ad0	30.51%	Heodo
2020-08-12	invoice R5 935054441.doc	doc	049dc856ae4474fbda10bd89613b8d85183f1a2336964cf7ab366a993c8b5631	30.51%	Heodo
2020-08-12	InvLWZZ9946317339.doc	doc	a9bae6fbce3ef6ebff32ad675adac80338a738edb330fdfd1e6dd09f7e35adf0	27.12%	Heodo
2020-08-12	InvVPCU09576779.doc	doc	3539ddd1054e2a1d5373b18b892b3590663ae620ff5b2648fbef023018964b91	28.07%	Heodo
2020-08-12	invoice W2 147518919.doc	doc	58edf47f141b8c219872bbd283da43f0565980ce3872b0d0233932201921f12d	30.36%	Heodo
2020-08-12	Invoice-POBR0-614870016.doc	doc	b74bc1955f1702744859175d34fb8b0407e5ab4a2c7efe48764535007444d693	28.33%	Heodo
2020-08-12	invoice-JTK58-5456149.doc	doc	67f8bf7d4315c662fef2cd8677c13df8c32bce2d486e47610402d81436c1f696	27.12%	Heodo
2020-08-12	invoice_59_5304394.doc	doc	6c818eb9af4ba3479156ffdddedf9e68f03dcc98579d8a7df9cdac88c483335d	25.00%	Heodo
2020-08-12	Invoice ZV201 451847333.doc	doc	17a0a5dee2e6cfda254eb826cb317a6b65e7dca543f512967086340cd367582f	53.33%	Heodo
2020-08-12	Inv_HCTW8254_729030256.doc	doc	414fc538cb963c4536c7fb1f90c7b953d2481601dbbc6f17a9f97d9b85a4edd5	50.82%	Heodo
2020-08-12	Inv YTE65 145049.doc	doc	14d93df0399c7d05a889be5ce346344db476d9f2cdd29e15050da09fdac9a621	54.24%	Heodo
2020-08-12	Inv3121599082.doc	doc	49f84ff8599ef44db2d0ee39c6a82739d5a9d663c0b011960b67747dead85d57	51.67%	Heodo
2020-08-12	invoiceS818798709058.doc	doc	2af6225a3063a9ae0fc86eeeee41ed900c7b3451d72514b215516935500e5109	54.24%	Heodo
2020-08-12	Invoice ZR5306 7545303.doc	doc	9b6d187849d9a7145a75ce48447c2233436112426c805497bab8c1d342fef6d4	52.46%	Heodo
2020-08-12	InvDOZ79841784.doc	doc	25e3c7f92b7b6c4d2a0bf01c2e0375ff93d1547ce1ac973169615136f290835d	49.15%	Heodo
2020-08-12	InvSLL884903148365.doc	doc	5ed47d47ebc0597edf84ae0658438eff8b3241ae47a071fffd0144e1c074d560	52.54%	Heodo
2020-08-12	Invoice-UX618-24867367.doc	doc	843b812d3b7326a6483d4b0062efba730edd7b2b6880fd6f9126309d8d498ca5	53.45%	Heodo
2020-08-12	Invoice_9321_7976765.doc	doc	c57f8830d597b05f0dbf9031092be52ed1ce11f9f75f530bfd698f46f624901a	52.54%	Heodo
2020-08-12	Invoice-RSEQ0-885909.doc	doc	252a44229413353042efc9846e4521a6c230832832d0d7efd0bb8b2677026afb	53.45%	Heodo
2020-08-12	INVOICE-V1-9980314.doc	doc	6e9b1ad824b0bc35792a2ec92fabb0456af70c654e99e5f6d0067903f3c771ce	52.54%	Heodo
2020-08-12	Invoice_669_62443362.doc	doc	c9a3637927d6c089d282b7e5f89be7e0269eb7fd1e823cefe8844e25153f2cd2	51.72%	Heodo
2020-08-11	INVOICE-VO0-856831.doc	doc	d1ada929c1d864f25ddf89d90029767d6c3b46a1bcd2f20cc967703c3d84bf5b	50.00%	Heodo
2020-08-11	INVOICE-C7545-795453.doc	doc	96c6a329f0da6f8cb3e414f2bde2a0084912d8de0f46d04f69f613f061c0ccbc	50.85%	Heodo
2020-08-11	InvNDV464733340.doc	doc	cbf6ee8e987a618ed4bbc8efb689fab62d912808ce3d959106e7697637d3a217	50.82%	Heodo
2020-08-11	InvUUCO677506353129.doc	doc	4e7dada550866484045928cef6fdd4d7ccb5d19d79febe490ed7da33d3491b01	50.85%	Heodo
2020-08-11	InvoiceNV72312589403.doc	doc	ba9a8497f8d62ce6e51e23f89f045998e57f187f7b8b9ff3168e5289d1758e80	50.00%	Heodo
2020-08-11	Inv-Z8668-821124196.doc	doc	cbb857ef4e6a3fd6c97835111cd57faa9a633931718e00486d9d6ab47dbc88c0	51.72%	Heodo
2020-08-11	Inv VAZ39 24186824.doc	doc	98c981a420851abdca6108f1264153f000a93d4efb36a2df630d0fb91c63aaea	51.72%	Heodo
2020-08-11	INVOICE_N86_1724005.doc	doc	ea0e231650f67ff86e5c2fff93a6e712213ebfc379ffc5998e30da121679d06a	49.09%	Heodo
2020-08-11	Inv-24-54192866.doc	doc	4ce8a32a7d3405a784a5a896b2faeb1ae1c73f9201af0716bffd10fb59e38ad9	47.46%	Heodo
2020-08-11	invoiceSHZP58357774.doc	doc	cb5234b6061bbdf400ee2833eaeba7a4f39a5d883194f1c0bf3c317267799d27	45.00%	Heodo
2020-08-11	Inv-Y944-858699711.doc	doc	7d920c5f7bd61fd5654014e11949e391003f188c96fcfdea3e32c9d2d046db10	38.33%	Heodo
2020-08-11	invoice-C23-264757555.doc	doc	800e57c4ad645349b6c44afc8fe14062e1f9ab0b9073ae5b69b17bb231eaf189	37.70%	Heodo
2020-08-11	invoice_113_728618.doc	doc	2357f42f582d5ac9f33dec658a1d79498afde67b80fbc7c557df394cf60992d3	n/a	Heodo
2020-08-11	invoice_UZ3_936127.doc	doc	adb26ad83ef85f269e46bf0219eb870350556bfb3317da039b196c487279d318	n/a	Heodo
2020-08-11	Inv-B42-0060805.doc	doc	81a81cd7bd810ce513cc65228f2046fdaa21f79402d31a76221873894c844982	n/a	Heodo
2020-08-11	invoice TWNS267 8862308.doc	doc	003987cf80ddeb4dd704742521844c36a1b64224ca8a8aecb5d30986db8b3dd7	37.29%	Heodo
2020-08-11	invoice HO277 332644.doc	doc	70a726919b0c5a17e38584cf3948fe775e56c0927430ada9bfdcb609da988b9f	36.67%	Heodo
2020-08-11	InvoiceG3890518804.doc	doc	82f07a41d75f7fbed08df507a83ec451c223e71abc6b9214afd44b7a65d474eb	31.67%	Heodo
2020-08-11	invoice R8 3823800.doc	doc	4ed6407bac7a7d0e0122dd585bd1479764cebff3701d3e6bce6f59fd8698378c	31.15%	Heodo
2020-08-11	INVOICE TXQV2095 942775.doc	doc	04f7553b46f71decfd022eb6049fbf4c560a3e16fa5574ace26be93a5082265f	n/a	Heodo
2020-08-11	Inv RZQ8 317267.doc	doc	14fe6848c9e9d259a4a759007d8e94ac036f915729ebff2bc0c7dde587114fca	30.00%	Heodo
2020-08-11	Inv-1-588473835.doc	doc	967fbc0e69125bfbc6f105548d8ee18d4c48fbfbe51d3611d7829011caac4bd8	27.87%	Heodo
2020-08-11	Invoice_UZ18_697281806.doc	doc	521ce598b022564001f8325d028beb08bd8ee8ce7fb2ca81422ae6e70ee7bd8e	27.59%	Heodo
2020-08-11	invoiceAX8301221022.doc	doc	308776ef21bcda26451f03a7a8118d4958b54327cb29028c5dce5cdbcba05303	26.67%	Heodo
2020-08-11	INVOICE-FY06-101162821.doc	doc	9ed9fa41129afe8c8a1ec3caaddfde55f0a18096d71441cadd12152bb4a8d7b1	26.67%	Heodo