URLhaus Database

You are currently viewing the URLhaus database entry for https://bomba-service.md/css/DOC/u66pgpql/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	429718
URL:	https://bomba-service.md/css/DOC/u66pgpql/
URL Status:	Offline
Host:	bomba-service.md
Date added:	2020-08-11 21:46:08 UTC
Last online:	2025-08-02 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2025-08-02 01:56:11 UTC to abuse{at}innovahosting[dot]net)
Takedown time:	5 years, 0 months, 16 days, 12 hours, 48 minutes (down since 2025-08-02 10:36:10 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2025-08-02	ca58e2a2e52a2e005d216ead89a8120f5f620265a5ec9397b5fdadc1985788ed.unknown	unknown	ca58e2a2e52a2e005d216ead89a8120f5f620265a5ec9397b5fdadc1985788ed	n/a
2020-08-12	DOC_PO_08122020EX.doc	doc	7575d9ebd2153fdfbf4c1626ec4769e8cdef40ea8e2990670f1cc5cba71a2e7e	51.67%		Heodo
2020-08-12	PO_08122020EX.doc	doc	4c3eddd6a41f348b80609e91f83e3a9e22818758105ce3db1de70777baeae682	50.85%		Heodo
2020-08-12	PO_08122020EX.doc	doc	c1225a96e801b4de5bcedc55202f0c3d82b69ee6c31d748289803811a450cbb1	n/a		Heodo
2020-08-12	ZZ_XU2157449020CZ.doc	doc	b06fa4a03274712b0d1bea0d2a5d1afc2c71541acb80b1054d31b661b67514ea	n/a		Heodo
2020-08-12	TBV_080120_VWP_081220.doc	doc	e4d1deaefa7f905c5ce7490867ae09ff2d50fdf4162f102e276653c1c46eeab6	51.61%		Heodo
2020-08-11	REP_012610975429.doc	doc	1f90ccc8d181cc6f56b3c906d08d6da99f0b70301870c86084d8899983b9238a	n/a		Heodo
2020-08-11	G_58782409.doc	doc	896db11ae3dd47bbbdaef6de2e44964142461c89f1fd377015b96affcc75cf60	50.85%		Heodo
2020-08-11	BAL_LV2711150617QY.doc	doc	6ef92d63f441bea978f148ae6b93fd26d8feb4716042101e28ebacd3101f6eb1	51.67%		Heodo
2020-08-11	U_J9LZCFSGMW.doc	doc	1aac25866333e7f77dc237137353a0a65ce189972d87658229eae96e3037bc68	51.72%		Heodo
2020-08-11	DOC_2MTGXVFT2NFDW.doc	doc	1d09b28a4d454266d52d7d2e5b9aeab2bbf43839ec33c9a7221eafae3c28c067	51.67%		Heodo
2020-08-11	DJ1152500361ZY.doc	doc	6c5380e193b725ec3ea512a3146d8c0925c7c489800dad57d1b4b2f940751d22	52.54%		Heodo
2020-08-11	FILE_075084372467.doc	doc	ca30b2272a56997f03e6470ff7ef67a05a07abaaa5a436b29c936f7fc34e2dfa	50.82%		Heodo