URLhaus Database

You are currently viewing the URLhaus database entry for http://g4osj.co.uk/cgi-bin/DO/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:429986
URL: http://g4osj.co.uk/cgi-bin/DO/
URL Status:Offline
Host: g4osj.co.uk
Date added:2020-08-12 06:47:21 UTC
Last online:2020-08-12 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-12 06:48:11 UTC to abuse{at}aptum[dot]com)
Takedown time:12 hours, 49 minutes Good (down since 2020-08-12 19:37:31 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-12invoice-P5-42883241.docdoc 42eacf30bc2f17cd5c7fab970199ff08189d908cfdebacb920bbb88c356d92cfVirustotal results 50.00%Heodo
2020-08-12InvH77174665016.docdoc 773bbccfa255f100e61a8949ed19308ff66fc817fcc06e34e5d1aa2d8746ca7aVirustotal results 45.90%Heodo
2020-08-12InvGN948751912216.docdoc 1bf7159812124e19faf31cbed4b558aa9fa78b5f1a0562cad0dac81865d03094Virustotal results 43.10%Heodo
2020-08-12invoice_3283_293273.docdoc 5e184d8704ede4a488ad00aadff4c69488878a947bfa597c985c0fc18a27b67en/aHeodo
2020-08-12Invoice-Z5545-5951667.docdoc c102796100c9ad169e5143468690d684c40e15c056d3ee79d66b8fa33900af61Virustotal results 36.67%Heodo
2020-08-12Invoice-PZ6822-476236772.docdoc 46fed267e7c6021ed463ca677ae1723631dea7e71a831436e0dda8fed9cbb552n/aHeodo
2020-08-12INVOICE-WSW8707-066159146.docdoc d38dd6d1f7f64159fb3a29df7e5c78123b2cae316e479623072837fd852874d8n/aHeodo
2020-08-12INVOICEGGY1870596686888.docdoc 5acefebbcc9a92b556c6f81e212c7db449fe2692e8877039dd7b6a920f8e5172Virustotal results 31.67%Heodo
2020-08-12Inv-931-758878.docdoc ff221a284fd083c8237994b7d76266e8b511f3527870c52fd78063362bd20803n/aHeodo
2020-08-12Inv Q93 045222506.docdoc a4b8da2397aa872bf9a58f4ccc3aac1d9048af566659687b5cd8cc7c1c72b7f5n/aHeodo
2020-08-12Invoice-610-21563933.docdoc abf3c79157fd476523d528ab58b49382769b7b8b4e4f4fea54da0a1b59acae9bVirustotal results 30.51%Heodo
2020-08-12InvXJXT5692069043864.docdoc d6c4a3410d36bce07e246d0b655afea143675c193b0f2fc70203cae64f830c47n/aHeodo
2020-08-12invoice-EMW5-10462347.docdoc bb9849f9f4c689bb27b0e6c8fbec953f376327e5fefbf2bb960f0409b992c31en/aHeodo
2020-08-12INVOICE YKKI6180 653560384.docdoc 1af40a543a8e3a920a6db9c8262b3c0cf65edda39d0870d790a9d76c619a64ben/aHeodo
2020-08-12Invoice_Y6_186243.docdoc a9bae6fbce3ef6ebff32ad675adac80338a738edb330fdfd1e6dd09f7e35adf0Virustotal results 27.12%Heodo
2020-08-12INVOICE-DJ4-462197923.docdoc 3c56ab23c5ab8dfe63118ca765d541c2776e7636b60323d32a813440d46d3651Virustotal results 26.23%Heodo
2020-08-12InvoiceI6757171.docdoc 2e14835f7cd7d8bb7f880071df115af636431e09b33325fe63f62df4f17988b5n/aHeodo
2020-08-12INVOICE-GU7-88613878.docdoc 0c8168de8059f07bdf21871e0043fb09e40f7788a4c6028ea4e69db047a17563Virustotal results 28.81%Heodo
2020-08-12invoice-3-600351354.docdoc 32750365d68890d9071db244c4b3534a22dc90130e47ca9dfb21d81277678528Virustotal results 28.33%Heodo
2020-08-12Invoice-663-256636144.docdoc 3878a507270346a9cb72ef10f715fea30a403ceb12326e565fcf4e03abb874edVirustotal results 27.12%Heodo
2020-08-12Inv_LC98_4839587.docdoc d8c9580c0c9f2bb8a4e50b71b6bf047c9a5aa42f2fbc76b4315fc8b2bd90fef1Virustotal results 27.59%Heodo