URLhaus Database

You are currently viewing the URLhaus database entry for http://freespiritmind.com/MASD/HowTo/css/sites/2kl8ks/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	431412
URL:	http://freespiritmind.com/MASD/HowTo/css/sites/2kl8ks/
URL Status:	Offline
Host:	freespiritmind.com
Date added:	2020-08-13 01:13:03 UTC
Last online:	2020-11-04 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-13 01:14:03 UTC to abuse{at}liquidweb[dot]com)
Takedown time:	2 months, 23 days, 18 hours, 2 minutes (down since 2020-11-04 19:16:31 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-15	REP_SEV_080120_MXH_081520.doc	doc	4a289795d29da9959564874ec87406a7d6551b9b1da8fdcf5e16239bc9ad981d	41.38%	Heodo
2020-08-15	EXO_MAT_080120_HJP_081520.doc	doc	02e13d73ecd528b2cf8e528ad97ffd6dae1b2e3e6e443fe37a6877919d9de1c1	40.35%	Heodo
2020-08-15	88746362.doc	doc	54dbee04e1a8be9667ee3dbf32776d28accf056a4ae1fe5c4aedd385cdae52f2	41.38%	Heodo
2020-08-15	HK3965884372SS.doc	doc	44ef4816b21c73b87d04300872b580c122b8119f6dbc65bbc305deb69b2ea5ef	40.35%	Heodo
2020-08-14	REP_OKB_080120_WZP_081520.doc	doc	75a72a41ab01b2732ce7d72f8099772cfa9eeffd6de415ac468e8f979c38d466	40.68%	Heodo
2020-08-14	JP_HRJ_080120_HKB_081520.doc	doc	c837fd8744bd36a0ac0a3a3f11e102063d60651777ee888c2f3f8e83c54a6483	n/a	Heodo
2020-08-14	DOC_AUC_080120_UHW_081520.doc	doc	0cd795725b21f243b5cff4763ba2e4dedc6f00fbb694073be30aeffe8cb36462	40.68%	Heodo
2020-08-14	DOC_16228401.doc	doc	025ef755f910aeb461ef36e7993d5201b78cb2aded971137274727ec619d72a1	38.60%	Heodo
2020-08-14	PPM_PO_08152020EX.doc	doc	6c2eba2dcea75385e146eb28ffde0be82b8b78f4d943bda7462eebfb283e6c34	39.66%	Heodo
2020-08-14	78356268470402424832.doc	doc	6e96e2303752d7e34731990434dfdef76b5c3712f4f23129a66435a002b25f5f	40.00%	Heodo
2020-08-14	INV_0029998723547500.doc	doc	edcb3cab2e16ae9281fd584303fc716ed35608369a30bfd9de27c636e997396a	38.98%	Heodo
2020-08-14	XEVY_8244909434585319756928367.doc	doc	96b6cab1427a652a35407967a7c4f7e6bb2bd63159d8e2510793ea9b9e76093b	38.98%	Heodo
2020-08-14	DOC_WQ7879441986XH.doc	doc	9f1eb23ca90933aace0c718c815307e1c8e1b391f2c1dd106a9dd69067c53477	40.35%	Heodo
2020-08-14	REP_PO_08142020EX.doc	doc	87257c3d34ffa05f4d177c92995d8a973b2ebcdcf8ff92e46c85fc42dbef7724	38.98%	Heodo
2020-08-14	DOC_03LSP8C1FM9K.doc	doc	3a6a5e8fabf3eba8321844d7c90ffa39fa7a8aa698d2ad2d99f108799e516840	41.67%	Heodo
2020-08-14	BAL_81439488624601290.doc	doc	9ac39257848f5230280cdf36073427054ed0e00f5d7cc1647f125fcb5f663e22	30.51%	Heodo
2020-08-14	REP_58879045.doc	doc	7a64f22546075f7c16e338a3f061015107732fb18889ea9ad7d1a66ee5177e00	31.67%	Heodo
2020-08-14	BAL_KK0443416138ZX.doc	doc	195495f81ec757b286d74776c59ace3b717a02c3f357abc851fe9702008f66f7	31.67%	Heodo
2020-08-14	UD_3OOK9XJK.doc	doc	9bc2c51adb6a04d981daca7d7a3bb1b02d21b3197ef7c1142f0c1391542af422	31.67%	Heodo
2020-08-14	LS7590676429KK.doc	doc	64ba6f5e621c011742a0ca7ba63a9416866e59ac3eb1aabaa6b355e2be4d11ff	29.51%	Heodo
2020-08-14	FILE_ANS_080120_TZC_081420.doc	doc	2958931d81ad10eb95bb3fca9457a800e9b4a9459d2727f30cb5d49d7bed0527	24.59%	Heodo
2020-08-14	DOC_43454386243.doc	doc	50afdf615c61c6f3704012b743bb7434c4999239e7f1a975600f3aecdfc93943	23.33%	Heodo
2020-08-14	FILE_40953952.doc	doc	03b564a9e15d001e6a2c08962ee25d99e595b4aee559c6ea7a7dc99b96cec92d	23.73%	Heodo
2020-08-14	XX7023612203TA.doc	doc	3949030f76ff6b3522aa805a451313ab179bd113f785e3a2ec1fc1d474619708	24.59%	Heodo
2020-08-14	NKR_FRB_080120_QDC_081420.doc	doc	24798df3b8b05d774f455725548251d62206a0f8498f29914f75dd7086d28389	23.33%	Heodo
2020-08-14	RU_QKD5YE1ZG.doc	doc	443bc7ea2da243b9cbee67539dc163b1f99967ac38471bc13aea2e25944a8d22	23.33%	Heodo
2020-08-14	ADFU_PO_08142020EX.doc	doc	96f59bca8595a038060796914e67d8cffa29ba30a4139ccc9da3cd889b1f5f36	24.14%	Heodo
2020-08-14	DOC_6LTOEU9VTHHQ.doc	doc	8877a28036104574726011685f484c4bab9130f19e059e7a2dd35d62f6161d65	23.33%	Heodo
2020-08-14	DOC_PO_08142020EX.doc	doc	bb3f1de1929aa472d3dac314f3f6ceaf8e2afdf9b95f97d844bfa70965d8783e	24.14%	Heodo
2020-08-14	DOC_IRL_080120_RHK_081420.doc	doc	ce9ff1845b08d7610cd9a181ced3676fc04452e4d019ef14a48d59634b45cff1	23.73%	Heodo
2020-08-14	FRC_080120_IOZ_081420.doc	doc	92386e2f315d649c3565cbcd1df211f967b66594ff68453608b6125236b55a53	23.33%	Heodo
2020-08-14	INV_SA6504004032AJ.doc	doc	015676bf9d7c61adca32bbb32d96fa37a913a64442c577859be0e39884752bb3	n/a	Heodo
2020-08-14	HG_DK3151623947VA.doc	doc	33fbdc20f3885a3d8af503c38d711e04b952263269a898c8d6cccb5cf7b352df	24.56%	Heodo
2020-08-14	O_PO_08142020EX.doc	doc	f92c670905c9b92334b90a5f812306d265e6e9e54c7b4ad16847d5c6234cb670	36.67%	Heodo
2020-08-14	INV_G19MV7893CDXK0T.doc	doc	e3492d2065690769a6a42df6b2d8f81e652704ea415f5438639668d023f8fd2c	37.29%	Heodo
2020-08-14	REP_QW1717913959WK.doc	doc	022d18a79ba451e68a02a8c682623c79c30125f85a0735fe5453ba1232ffbc25	35.00%	Heodo
2020-08-14	0403990170663.doc	doc	9d8cb204b05c50b29d5686326f0332cfa34a339234c12d448aa14d010d0a41d6	37.29%	Heodo
2020-08-14	40929609.doc	doc	3435e343b0a6c8e9196499ac3dd741f97bc11a10039d254d98a744d6fcbe3d2e	35.59%	Heodo
2020-08-14	FILE_49815118.doc	doc	0928f7c9c557d9e232052edc5377f9986651f02861f1f90ae67a9bcdf3caa375	36.67%	Heodo
2020-08-14	INV_87797715.doc	doc	94c8419a57e163d01d78932f2246ad3427a18aae25869403b06980ba98cd1fcd	36.21%	Heodo
2020-08-14	WZYZ_86630751.doc	doc	7f0cfcaba7df4371efff36fa780cd28015c7c1694c8792fa2f56dd86b7ce8989	35.00%	Heodo
2020-08-14	16655722.doc	doc	6ab2c399c8174e97809e728dc331f229df5e7d30dba04a5b1658ff245c45a657	35.59%	Heodo
2020-08-14	DOC_1793563556230.doc	doc	13425d91c0471208df6a06b23e5f176fea8637422e82c95f1ecd534aadda855b	36.07%	Heodo
2020-08-14	V4CEFIWSH7O.doc	doc	a15a56ccd22c0949e8a50eeab2620d8613e5e5b23964c90ae1c08e2908063682	n/a	Heodo
2020-08-14	P_DDU_080120_WLE_081420.doc	doc	d4fade764b1ae03f546843ff7b67176a1d7fca0c1cad66455d0770c364b5746e	36.67%	Heodo
2020-08-13	FILE_R14XEK08C8Q8K034.doc	doc	ae007fe87d30f9b482a9a7525e1ccd6b8a482bd23635156170ae371339d27341	36.07%	Heodo
2020-08-13	BAL_LDN_080120_GNO_081420.doc	doc	d70047b36eb96337b545ff3355409a4722a374e18f8e5955fdbdac3b835f81f1	36.67%	Heodo
2020-08-13	FILE_ADB_080120_POJ_081420.doc	doc	0eebb848380c00975634d13afcb080cb6fc678874057e01d2024589bc443d5a4	37.70%	Heodo
2020-08-13	REP_CN0041710524RK.doc	doc	b09ffea78607901b053dcdc38df094dd8b5a4eaee6e3495f944a14e36cad2485	n/a	Heodo
2020-08-13	BAL_PO_08142020EX.doc	doc	a54d64f137fed12ad381046f13c34ed6e31b194d4574870aecea8be459a49382	37.29%	Heodo
2020-08-13	REP_79834869.doc	doc	40fa25d14444c5f0471cb5e33a8397ec008ad42615aefa558366173602afc62b	38.33%	Heodo
2020-08-13	645908174623162794406.doc	doc	659a89fe80ca3cdd88f5cd70c4fd18c6061b708da2489d7b0eb57ba2c0d0db55	n/a	Heodo
2020-08-13	REP_345690455339.doc	doc	c1374662d877c5c9cc7485f3581c2287846b3e282b25c2820a550ecd8fa83a65	36.67%	Heodo
2020-08-13	DOC_SUF_080120_OSU_081320.doc	doc	7b99b98d51fbd00badb479a3ad6e932681f26678e6749ca34706b8ce2b610400	n/a	Heodo
2020-08-13	CIM_VB3518984200GW.doc	doc	15e32f7a4675db4e399e6ac32e7b9b98197aeb89dc371330c21678abcbe13262	n/a	Heodo
2020-08-13	DOC_PO_08132020EX.doc	doc	92b38ca67d00bffc28647167730cef8ea6123542c4123464f1c565e59186b871	n/a	Heodo
2020-08-13	L_283385906495457511.doc	doc	3f54dbc7d7efc9342ac4ae143a7e38bb8d4138d9106817ab2f5ae7ac6b95f277	36.07%	Heodo
2020-08-13	INV_TTV76XU49.doc	doc	ea4ab11724bb19ff8c0451069a27cfc6b2de7b7ad0254edd07f3036c265a066f	n/a	Heodo
2020-08-13	MRR_080120_WNP_081320.doc	doc	f959a3ec8067a6967f047b19554210234638a6ac9b0bac85e006979f09c33d11	n/a	Heodo
2020-08-13	RR8845167056IN.doc	doc	83a588405ba4fa2d574428210c47f3cb4a9683985d14a8b6746bd13d4651fbf3	n/a	Heodo
2020-08-13	78577604.doc	doc	964bb9e35389ab3548e2500223110b3ed04c0615a423017037d0c9985e784d52	32.20%	Heodo
2020-08-13	INV_LN0096594491MS.doc	doc	e075507a16b93d21aa9bf0848bd5299ef87fe338654ca4e30075fb8677475c50	31.67%	Heodo
2020-08-13	BAL_882138106252823920183400.doc	doc	1d76d6caaf25aedb9a6b4a416eda1a0f237ef09b5100d844a54ed3290242e251	n/a	Heodo
2020-08-13	UP1424867057EA.doc	doc	0532eadbdda96ceadb7250d379491c1bb64d6d40b96bc71d551268896fd4bdd6	28.33%	Heodo
2020-08-13	77802380.doc	doc	8a0a74b31fb30ce1a4adbaa3945c4186c7d467268e76b9ca802905b7cf5fa54e	29.51%	Heodo
2020-08-13	BAL_LDGKUNX.doc	doc	34cdb3854071dc86030fc69f90094d0ecc4064d54c2f6c5c2ccea449991908bb	n/a	Heodo
2020-08-13	WR_Q1Q88HXB.doc	doc	4b99e8df8f724bfea2f32a9274cf4aa0f41b3e57a2b1ec753b17514149c670b2	n/a	Heodo
2020-08-13	T_H26OLBD51VXWBMG.doc	doc	bd7871f1fceddc02727f3be310e4507aa75ac650a9319a03989d0a1c18bc74cd	n/a	Heodo
2020-08-13	INV_52254438.doc	doc	44a4e9297c1d0191631e49532aa755b5a7928836c63b7a9f37deb77293cf2ec7	30.00%	Heodo
2020-08-13	QBSC3UPPQA.doc	doc	09bd7f442749dac84e11577aa507719969f7eac112f256a50e5b9e8d823a3b78	26.67%	Heodo
2020-08-13	REP_IVM_080120_TQB_081320.doc	doc	11115387b71ec2162713a34b3ced799ace3def99ab9e495234326a68ae1f6ef9	28.81%	Heodo
2020-08-13	93988285.doc	doc	bedf54726f739f906db66965be55e05516b933ce872264751f3dd48f5b9db8fc	26.67%	Heodo
2020-08-13	BAL_PO_08132020EX.doc	doc	52426d2c2644ab78cd7fbe3a9e0d19acbd34903d9f62d42fe2e999b964e3eea7	29.31%	Heodo
2020-08-13	BAL_80021002186465.doc	doc	0c4015de45653ee2f8fc6e338461a2377e14139b1ff879df5a2fe1d3c200a15e	28.33%	Heodo
2020-08-13	REP_PO_08132020EX.doc	doc	d366a539f2295b53ca4674d4807b866b78979fda3a5d80e006ce2aaf2e1c24c7	30.00%	Heodo
2020-08-13	QW_A1XLXV2MYGFLKE.doc	doc	57077fbea2ccbc5464be5b94b7e01a59f4b28e6658a7a432645380f6413e8a00	27.12%	Heodo
2020-08-13	RBB_080120_RFT_081320.doc	doc	1a457779d9b645e40120f23efa5aef5b0b97308f610fea5a06377c0603636f98	25.00%	Heodo
2020-08-13	RBB_080120_RFT_081320.doc	doc	1a457779d9b645e40120f23efa5aef5b0b97308f610fea5a06377c0603636f98	25.00%	Heodo
2020-08-13	61921318.doc	doc	e1bf8d2efe529d4cbe16fa5c6f747b604e88d6ffbeec9742a7617aa8617a9133	26.67%	Heodo
2020-08-13	PO_08132020EX.doc	doc	1ac4188f22c717e76b493881ab12ef60e719cb86d2e5289f743b42b338cb5b96	26.23%	Heodo
2020-08-13	M_70969197640311004469700.doc	doc	9806f54f8d2769646e6a9caee3f1c15a1b47f781be6eef64c390d6e9ee867bd4	26.67%	Heodo
2020-08-13	BS7395182367UP.doc	doc	a8bba76a96bc1cc1852b0b70a3e75776d9dda9cdd9a5978c25f38dd031cd1d4b	26.67%	Heodo
2020-08-13	L_XA5225009282MW.doc	doc	ba510b5a0f97430a09efbd12acbb4c1be869e71e678adf5fa0b5498fb477068e	28.33%	Heodo
2020-08-13	INV_V6PQC156.doc	doc	f3288815441008b2291c6b17d597d58fe606f7475c4641bacba49ad56c1b1142	52.63%	Heodo
2020-08-13	REP_18937736821646.doc	doc	5d05496cf28924d44375333ce8c68c5919abc9cc35ba4e8c9a35d02ea07cf5c0	n/a	Heodo
2020-08-13	OYFL_28706610.doc	doc	aa6d1d92278957eef1af09829bba94b4b37a84b56cb33e65cd070f7ada92e244	51.67%	Heodo
2020-08-13	FILE_782742453081934041122.doc	doc	a5f57f7cf9288f13cd7e297715c8e108eb7cafb64d3f8241811e872196857d08	n/a	Heodo
2020-08-13	FILE_ZM3498280790BV.doc	doc	c2bb5e128810c06abd15ad3ef0bc95622c20da154ca500892972305c94feabed	n/a	Heodo
2020-08-13	PO_08132020EX.doc	doc	6550fdf4a650ec2917c0b2fc6c67f8c51beff7636703f7730b0da66be006d78c	49.18%	Heodo