URLhaus Database

You are currently viewing the URLhaus database entry for http://optimus.com.sg/FkPsC-SqrERvbzowgsd-box/open-IUTtr-AuSuyDJ2/bCikjbUIzO-McpjsvxM/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	435241
URL:	http://optimus.com.sg/FkPsC-SqrERvbzowgsd-box/open-IUTtr-AuSuyDJ2/bCikjbUIzO-McpjsvxM/
URL Status:	Offline
Host:	optimus.com.sg
Date added:	2020-08-17 22:59:05 UTC
Last online:	2021-06-26 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-17 23:00:03 UTC to noc{at}usonyx[dot]net)
Takedown time:	10 months, 12 days, 19 hours, 46 minutes (down since 2021-06-26 18:46:18 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-04	File_2020_08_20_48552.doc	doc	737957e8b794197c244408e968cc0845a6991f3117923ee93a3a4d545a4fdc18	n/a	Heodo
2020-08-19	File_2020_08_20_48552.doc	doc	0cd31f3fe195cfa0c025d27c1cf6ad200d8228b2fff802412181fece4bbf5155	28.81%	Heodo
2020-08-19	Arc_20200819_G4573.doc	doc	d6d457be164cb42cce5e01d69219ecdf8a62761f5c4d4c2319bf536a86b57477	26.67%	Heodo
2020-08-19	File_20200819.doc	doc	d44c11183816caefd543eb56f87fc0fe17898ff2f05f42ef617fd3fc067b7d22	25.86%	Heodo
2020-08-19	rep 20200819 XUW400772.doc	doc	305cb6c8382b96303f2a72bf13d1c5396188b06612236babedc20ab620eddba1	20.00%	Heodo
2020-08-19	Mes-2020_08_19-03160.doc	doc	8f73ccc50ddd45b9ae2f651ab2b4bd7b773920b14e7ff44f075c9756b4b87458	18.33%	Heodo
2020-08-19	Dat-420307.doc	doc	7188e193d43acfad3ceb469a0ab2beaea0a5443ca212331380a725e0a5390f73	18.97%	Heodo
2020-08-19	MES_850.doc	doc	a0096856f8887d5cdf7d5f2e6805694ac96da153aaaa326ef25ee058e6c6a683	45.00%	Heodo
2020-08-19	inf_20200819_287571.doc	doc	4d3b86d9dc87fa84b6283d3c9ef68a508bd41eb8f2930650cecf08f2ae86c2b3	47.46%	Heodo
2020-08-19	ARC_20200819_846.doc	doc	eba02aeb5ab35694f34f8048ad03accea87abc6915db54d0905d905a155901ff	45.76%	Heodo
2020-08-18	ARC-20200819-YZZ5940.doc	doc	5644494f53e0f58e39e8c623b06d33e093d920e7728632366beaa74ce3ce75a2	43.33%	Heodo
2020-08-18	MES-20200819-T123.doc	doc	6132aba12180382af533725faf927cabd7a505b31e5d2991b94ffba400bc48c5	45.76%	Heodo
2020-08-18	LIST-20200819-38792.doc	doc	1ca6da8b43ba7b1689cb52dcfbfcc137ef89ea587a6a39460e440166d13f1e81	44.83%	Heodo
2020-08-18	REP T78177.doc	doc	1a8c5bc937330472d676469e981466649ed28cae04d2f3273b0648e96ee6609e	43.33%	Heodo
2020-08-18	Mes-2520.doc	doc	de7d72e073b61d24137abfd27fe66238449d71dc609887dcb78cca6b90ffe2b6	43.33%	Heodo
2020-08-18	LIST-20200818-CDT477079.doc	doc	c2c31857eddef908bb15ebce07f54e91a068ffff5b92014fd70c1d5ce8f34cd6	40.00%	Heodo
2020-08-18	Doc V762616.doc	doc	b5fc512f17b6959fef800f246c73b92f91a86868468e1a4786c4cba27ffeb10e	28.33%	Heodo
2020-08-18	MES 239.doc	doc	9c15628b7f9ccd992e7ad94e5cef540478ff00a894a4c401f34aebad4708b4bb	22.03%	Heodo
2020-08-18	INF 20200818 845.doc	doc	98ff1d26226bc654bacac7dc85fd4dc8ac6988dbb67d4997b98f07f328a02f6b	21.67%	Heodo
2020-08-18	Mes.doc	doc	9f1df99d205063984fcebb467c9a0f5e788e1fc90b2e9438d7837423c46faf0e	22.95%	Heodo
2020-08-18	list 20200818 C472391.doc	doc	d5af23a4a20609570d4b1cdb956d22513915178d14f35d7fad5dfff86f25c664	45.00%	Heodo
2020-08-18	doc_2020_08_18_AM127013.doc	doc	26919d2560f6e6e4b5c44add2fdda04f676163a1085799bfcacaec874289f126	45.90%	Heodo
2020-08-18	file_EVI4195.doc	doc	716cb0fed68d3999a988461ba151d314310471e1ff5e5267419ad5f378da2150	42.37%	Heodo
2020-08-18	File 2020_08_18.doc	doc	92bd87c0eed15bf75f7c61b1879280e25a7997a4afe7c804c82a3902f51d46c1	41.67%	Heodo
2020-08-18	rep_20200818_387968.doc	doc	488ee38649eb1ebbf32991529e437aa3cff1d1f4db7948ffa4d4c7c5186cc6f5	41.67%	Heodo
2020-08-18	MES_768779.doc	doc	e976f7e4de4c0bedc4e4bbc27752994f9110c050508b106611f035260551a8e0	41.67%	Heodo
2020-08-17	LIST_2020_08_18_UZ1998.doc	doc	2e363ae514de57da55513b7e9b5499e658bb254447ad4bac734032c94faed259	40.98%	Heodo
2020-08-17	mes-20200818-9492436.doc	doc	faffee3625908bf1e2cb82c961bd1d777beeff0f87166e3aedc6fa984834c42f	41.67%	Heodo
2020-08-17	Rep_7377.doc	doc	5f0f7cccdbe15b26ad3d18fe0dc9c31aba891cea529b65e56c7dda35fa776c0c	42.37%	Heodo
2020-08-17	Dat-CNI0855.doc	doc	246461495bf7fc58bafe93aa9bfdc0a9d3ffcd74b1050d8816847b9c37ee029d	40.00%	Heodo
2020-08-17	Mes 20200818 JI272.doc	doc	6535313a52f000bc92afec62f22968677544878c5cf2109e862e72f7c441dda0	37.29%	Heodo