URLhaus Database

You are currently viewing the URLhaus database entry for http://automaticrefreshments.com/wp-includes/closed_section/special_83Zpi0EmmM_BYtzBGgpFIv6/nCcKo8gh0UC_IidG6pNl8hfk/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	429354
URL:	http://automaticrefreshments.com/wp-includes/closed_section/special_83Zpi0EmmM_BYtzBGgpFIv6/nCcKo8gh0UC_IidG6pNl8hfk/
URL Status:	Offline
Host:	automaticrefreshments.com
Date added:	2020-08-11 13:30:17 UTC
Last online:	2021-05-25 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-11 13:32:03 UTC to netops{at}singlehop[dot]com)
Takedown time:	9 months, 16 days, 21 hours, 2 minutes (down since 2021-05-25 10:34:29 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-13	Dat 2020_08_13.doc	doc	a80167588c3be944d4f987a8513d6fdd57c0aa40d46983323537be8bec6808b8	26.67%	Heodo
2020-08-13	dat-20200813-KCC64033.doc	doc	6cd21dbe92a2a7da27fbf887670d2cb0c0dee42e29cd7c77b55c528c3290bf6d	28.33%	Heodo
2020-08-13	DAT.doc	doc	6ec6d45a56a019b13a8ab1e1c3baadaf527068d99cc1e640801f34f9aea32c11	26.67%	Heodo
2020-08-13	Inf 23668.doc	doc	c62a518ca9ef501b1280c2228b3010d2cd95cf5edbdc697620d8fdcf58884e8e	28.33%	Heodo
2020-08-13	FILE 20200813 UY524021.doc	doc	5d621088961412e1b6d53afa8deaddf2677283556ab355494d79359b90f19ade	26.67%	Heodo
2020-08-13	REP-2020_08_13-748230.doc	doc	5c70b1d9be2e62d3cb581708789ffcafdc47ae8733f09039db0c3c7bfe9041d9	51.67%	Heodo
2020-08-13	rep_20200813_HDN128.doc	doc	72e0dcb7ceafbb3ee2d41faff4ee6c655af8448b09c2f46a10a27385d350be26	52.46%	Heodo
2020-08-13	Arc-2020_08_13-1578.doc	doc	15fcaee9a8e41a757dd602917216618eec6c936b4b66d78a02f3443cda6a34c5	50.82%	Heodo
2020-08-12	dat_20200813_2946.doc	doc	508b0f1d8e5ede23aa2da775ab08b29c3be1fea89e1d2646c00c0b3c3570af5b	50.00%	Heodo
2020-08-12	List_2020_08_13_713482.doc	doc	93038076936e036e53a02867d6ec372304df2638bd700bb923f54bd20c5f2f7f	48.33%	Heodo
2020-08-12	mes_2020_08_12.doc	doc	986acc515daf31c8bd8d424f27e1307eab1f51a043c896ffeb2cd94df1eed8a1	49.15%	Heodo
2020-08-12	Mes 2020_08_12 3742733.doc	doc	8bb4fbac4bb4cbb5c642813460290a1802663991d8e3ee092172d6e381a6622b	49.15%	Heodo
2020-08-12	FILE 2020_08_12 CL10139.doc	doc	623465220d4d4d4e975bdabeb93d3fba141ba28b54394250b066cdc693a0eab1	48.28%	Heodo
2020-08-12	list 20200812 648.doc	doc	2422c30dd203e8ecad236795237c40fe7882df559a3eae1ef37ff6f520c8e3ec	48.33%	Heodo
2020-08-12	list-615649.doc	doc	0a2fb529473b1340196d1f0e98caa568208f26a280f1bc09523963eead8b88d0	49.15%	Heodo
2020-08-12	DAT_2020_08_12_727612.doc	doc	0edd83d6241bde9df2e081ee1bb0d99c5ca4046d18c94390a197f0eddf6c7769	40.00%	Heodo
2020-08-12	REP-RGO2772.doc	doc	185c97b2a868dacf03c3029c5a8cc2a6bff259dbabf1e2ec84e439c12dced57b	40.00%	Heodo
2020-08-12	mes AT6798.doc	doc	47e47e675b3be3bb61c420cbc18a30eb62d3056f6e5fe7f5cbe6a874ba64ddea	37.29%	Heodo
2020-08-12	Inf-20200812-2780.doc	doc	22d5bcf65dec583782e51f67e601a8e90d5deb8ba7cf1fb547feb1915c04961a	31.67%	Heodo
2020-08-12	arc 2020_08_12 783245.doc	doc	a42edb781d488bcb95cf8395c95f235ad425f492e7d3e004f83ffba92c4264ea	29.51%	Heodo
2020-08-12	list 20200812 F217.doc	doc	529f5cb7ee87dc5785c7b396e7f5e22d013f6e056f2abc8f20f4c34975749830	29.51%	Heodo
2020-08-12	Dat_2020_08_12_141207.doc	doc	190f772a7ea521f53b7cbaf3e731b68571e773fb30a877c44756067305251e86	27.87%	Heodo
2020-08-12	REP-20200812-501.doc	doc	c3c294923b097cfe13d18c61ec3f8862ad52e37a5f0e416399f16db51af7de25	28.81%	Heodo
2020-08-12	inf_2020_08_12_S6831.doc	doc	148d419381f7fe5907fee5bc4d2fcdb00a856e711419ba4be9dc26f5aa1279c1	28.07%	Heodo
2020-08-12	MES-20200812-63352.doc	doc	9f7495532d0874059f82a57757803faf785c53c312b19a228ec4755531fa09eb	28.81%	Heodo
2020-08-12	LIST O10593.doc	doc	c34fe3db4b741714880c52b08c381fe4677163a89768217244f7a935e1a7dbde	29.31%	Heodo
2020-08-12	INF_20200812_UTI477.doc	doc	f5ec89a6e0a9e6f12727251ded2279035d817716542203ea13f4de99606a8974	29.31%	Heodo
2020-08-12	LIST.doc	doc	02fd4f173197311ebd535d86f831bf279a030eac5d9ac5b3c6faf80c02efd8be	27.87%	Heodo
2020-08-12	INF-2020_08_12.doc	doc	16b1a2608a3fb3030eb55c06c4fba55b308753907c915bc6caed2bd397c65390	52.63%	Heodo
2020-08-12	ARC-2720.doc	doc	c30b857008bc6b53fb616886dad4d854bf462ec2be976cf9f383d8b92844deff	50.00%	Heodo
2020-08-12	dat_2020_08_12_J38200.doc	doc	52b725e19110d9c7b614784f84880a6f9e181c033ba521b012662ada81fc1cb7	50.85%	Heodo
2020-08-12	Dat-2020_08_12-X773.doc	doc	2d9d999204b6190a6e91bc1da7b0330466f17a916b33c2cab9bd681bc5060e10	48.33%	Heodo
2020-08-12	DAT 20200812 026.doc	doc	e49959014262227a3e6ca5bc2937e6afab83a251fc694000d1a3d38e7814d9dc	50.85%	Heodo
2020-08-11	arc-W2180.doc	doc	79c47358c6ca784a93b378478cf157a96b6810484e3fa17d544d8ab047274c17	50.85%	Heodo
2020-08-11	Rep-4788168.doc	doc	db647367365410a0e5641b0f84a8b1ca4da7a3266d34b01971653e29821aba39	50.00%	Heodo
2020-08-11	List_20200812.doc	doc	0241b1ed7a1656dab5d9fe64b7e59fec547126495769ca53d78220090b494889	49.18%	Heodo
2020-08-11	FILE 2020_08_12 6077198.doc	doc	8f5d6af71053c703ef6ac42971b9c19766bb0682e793b8f295af1453eccb5023	49.18%	Heodo
2020-08-11	DAT_2020_08_12_204.doc	doc	062afd98270aae9eadeb47e14d2270691b2254239006bed96b4a65eda4df5ff5	50.00%	Heodo
2020-08-11	mes_2020_08_11_4356.doc	doc	451bca8e554bd014a470e34371b661882e6e304e90c5e5a370332ff189ac92c1	41.67%	Heodo
2020-08-11	List 2020_08_11 IVS24961.doc	doc	669795b953f2d46ec362bc03adae579299f4c4a42392c7cbdfef5ab5b54b5ec1	37.70%	Heodo
2020-08-11	Inf-2020_08_11-7254819.doc	doc	1da87bf7cde42012d6ef60a19e839e43b5cf12ca5942cd31c40cc0ac0e31da49	40.68%	Heodo
2020-08-11	Arc_2020_08_11_NR66811.doc	doc	418eeb7ae0db2b02c5717e9db6635d4164c49b94b435a006d2b447258f71a9ab	40.00%	Heodo
2020-08-11	arc-2020_08_11-3925322.doc	doc	b27de5accc5440416824521c2e1ea63ede6b2c5658f5e01a0472db9789a1729d	38.98%	Heodo
2020-08-11	dat_2020_08_11_5424.doc	doc	5c7e33c23d454291dacaf4ae431d451d0659a56b3cf2e2a0ed82002b5ee21bdc	27.87%	Heodo
2020-08-11	Mes BOE536762.doc	doc	e88661edaef5ba52119e7e534f5f57ef20bc565182ae01f2555032268b02fa38	28.33%	Heodo