URLhaus Database

You are currently viewing the URLhaus database entry for https://nysos.se/xppw/swift/tf3bc105833715978whwjajiwthmi/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:435576
URL: https://nysos.se/xppw/swift/tf3bc105833715978whwjajiwthmi/
URL Status:Offline
Host: nysos.se
Date added:2020-08-18 11:10:04 UTC
Last online:2020-08-21 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-18 11:12:02 UTC to abuse{at}digitalocean[dot]com)
Takedown time:3 days, 10 hours, 12 minutes Bad (down since 2020-08-21 21:24:02 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-20REP_NSNL9DKZVFDR.docdoc 5eff1093e24ee606d863f4ec5bb81f0147a2a15eed4dcc9195277c98fef61cc0Virustotal results 20.34%Heodo
2020-08-2003300343.docdoc 9d16f88a28ea8179370449febcee048852a5f25b9211111c3f4666efd59a5cc6Virustotal results 20.00%Heodo
2020-08-20REP_AB3H42C9W708F91.docdoc b3cf4a0833d4e2f90e6c3e9d199128272cc2d62f3ec2a3c4516e9f5b7fcfeaaaVirustotal results 20.34%Heodo
2020-08-20DOC_ZSO_080120_VGF_082020.docdoc cc9254149ac0a5f25e859e00fd4ae509b05a23e42d49708d4c0a15e4628b1c66Virustotal results 20.69%Heodo
2020-08-20INV_76922519.docdoc 5d3beef0242dc0de22d84070c113bcc9b3927d40772dbd6da912611a24792a60Virustotal results 20.00%Heodo
2020-08-20D_AQGKEC8D5DHHR9Z.docdoc 585b05b7cdcc1b787976148634705260c8a3587b39e91e95d0c8ebbf5fcb7015Virustotal results 43.33%Heodo
2020-08-20BAL_PO_08202020EX.docdoc 3adba5d0d3b9f8425b3f663d9a4e49ea5d5effd605916f354e932e1fae4486e4Virustotal results 41.67%Heodo
2020-08-20TM_TM5YSPNOC580H.docdoc b1a3a3654d76f8eeaf84cff925c62e4f349407617da64a11c91b03851f5cf209Virustotal results 40.68%Heodo
2020-08-20DOC_58496063.docdoc 7db98c5dd25366b108f368bf466ec5c8150e52fd5a135c50f7ed9db682fcf3acVirustotal results 40.68%Heodo
2020-08-20OIA_249731144568414800.docdoc be4d090fe53cdad0fd9dcb56ac3cde1af3c9ad19d5e1a8976a02b154d2d9940eVirustotal results 40.68%Heodo
2020-08-20REP_EAJ_080120_DZL_082020.docdoc 6caf84cf6a6cadcdf4aa5f45a9f87b63c16cdf6486f53279c0ce48676edfc142Virustotal results 41.67%Heodo
2020-08-20U_PO_08202020EX.docdoc c5efc23a6bc4da1660b4c6c3b4755581990f7c00591cfdce1350df652c03a3f6Virustotal results 40.68%Heodo
2020-08-20R_00619133.docdoc 28a20d1749e1a04f9f1a3b039848a6bbea1a51f656aed41cc4dc53d7f5b0244dVirustotal results 40.68%Heodo
2020-08-20XS6T8CHTTJA1RL.docdoc 29524d934f54a27deecaedd3e58de8a4490eddc04ac913bcb37c3ca1354c5b06Virustotal results 38.33%Heodo
2020-08-20INV_PO_08202020EX.docdoc fd5697cbe13a39316aa3bb5a556294913f66b029ece0dfa4c3dcfb9f8fee28e5Virustotal results 38.33%Heodo
2020-08-20FILE_PO_08202020EX.docdoc eeb0a1417b5106cfb471ec4c6404b1acaeee3e4acfd04ae2748adee4ed69812dVirustotal results 37.29%Heodo
2020-08-20FILE_BUE_080120_XEN_082020.docdoc 275e276c98e61d33c2852f27d543c9cda4212aa16383e36b2e3651a28070a8fcn/aHeodo
2020-08-205818637765353.docdoc 60bb16533f938460519528657d8b785485622e3471330a87fa5894fed506eed8Virustotal results 38.33%Heodo
2020-08-20PO_08202020EX.docdoc d302615d23c61c639ad53db79f2e5e6e3aedb53e0404821c5c02064f7913910fVirustotal results 38.33%Heodo
2020-08-20MEJ_PO_08202020EX.docdoc b32f302c129728edd895136f299f0e68031f9554b42be4fd2dd35f80a9b2a750Virustotal results 38.98%Heodo
2020-08-20D_UW3233392919XK.docdoc 41cc9ca7bdb7317cd1210327b98f8bf3a0e65a91808c5465ae1036244bcea4e6Virustotal results 36.67%Heodo
2020-08-20VK_13459577.docdoc 55331316e54ab36eb7336aa61737b9a5305f6088e61159bb9c270c859847f363Virustotal results 38.33%Heodo
2020-08-20INV_LMV_080120_POR_082020.docdoc dc0906f6b1aeb1ff73385574f107d1c15e854ecb3a2d9b58cedd78f5b3984874Virustotal results 35.00%Heodo
2020-08-19FILE_HT3GL3BCB.docdoc 5bbab5eced851e6bd35aa4ddd992a84f707bbd76ce0850920c5a5bd21378b61dVirustotal results 37.29%Heodo
2020-08-19A_319645764372712965.docdoc 06212a633940e412d08fe257dc44e835d74a44b32a8792643dbc963f5002005aVirustotal results 30.00%Heodo
2020-08-19FILE_T5DW7SQQYX.docdoc ee0c184cdb3791d36a47a1d945aab42379266c4cc4ea6cd88c316ace9deb8826Virustotal results 28.33%Heodo
2020-08-19IIM_080120_UWP_082020.docdoc 038f9798da3df2c253620a2fd844e48c6d1a331e314d44196df45b0f9bedffdeVirustotal results 27.12%Heodo
2020-08-19DOC_ZZX7SOFKJYVV.docdoc 293921527da71236ef9e13d2b761e81efe85607ab084b379dd797bc3b6a31218Virustotal results 16.67%Heodo
2020-08-19JCV_080120_DNW_082020.docdoc dffce4f3af033dddc15747bb720fb0bd4358e29dffa6c674242ce4350b44af48Virustotal results 25.42%Heodo
2020-08-19INV_UNB_080120_TYY_081920.docdoc e10fd6b719ccb741ff632f1141214caa698376417f9615419d85d200cff1bf6fVirustotal results 16.67%Heodo
2020-08-19DOC_VM9634291559AJ.docdoc 1d0d782d8396cb7c83be29d2f7baf7413db37d06555a498f8a89d075dbf163dfVirustotal results 15.25%Heodo
2020-08-19DOC_6404133604185092873695.docdoc 7feab4f1f35adcc7433afdbf4448e5b79996fbe150dfe6e0f708a6c13ce86f7bVirustotal results 23.33%Heodo
2020-08-19DOC_UX7027716159BJ.docdoc 1714cec2ab4f18617debde539893ee139cecd7dc387542884dd3d95c3d0ad583Virustotal results 23.73%Heodo
2020-08-19DOC_46960317406.docdoc 50260ee06d348c3d5c3830b2f828e96107107b0577e81ce93d8abb8c6780d076Virustotal results 22.03%Heodo
2020-08-19BAL_32773528.docdoc f0a8ac44de88e568c8758ef8d4c1fc77b88d80a19045c8b48676c7f7714cb615Virustotal results 23.33%Heodo
2020-08-19BAL_D4R657XHM4T9PPH.docdoc dd78931e61aef620ed1e6125100a60d7dd95ca7865ffb9599bf1cdf27937f597Virustotal results 25.00%Heodo
2020-08-19FILE_NUF_080120_WCT_081920.docdoc b4319c87f6557ca9768ff78abfa16c323c6ed7de149f3f741c390bfd70cfb22bn/aHeodo
2020-08-19W_PO_08192020EX.docdoc e183c3f0f8273c75705155e62882128907ed26de07e70a64480f752db751b492Virustotal results 23.33%Heodo
2020-08-19Q_88674830.docdoc ed6f742fc6e103f092e9fd9301bf4ec786e88abca3ec1593661c4083f398616dn/aHeodo
2020-08-19T3430RD9MA07.docdoc 76b5b8d527359fb1183fc7e4e4eb0dc5369aa0126843b1ec8d04f73c658e0b15n/aHeodo
2020-08-19REP_206334121762990438103.docdoc d9d8ec245eab78761795bfab0930cb5dd903e1157eec18a517b867e004191413Virustotal results 18.33%Heodo
2020-08-19INV_ZG8203798035TG.docdoc 627b49f0092b200a0b8d4fcaa8e324a834cb12ae1b712050e2551a8d1976b407Virustotal results 16.95%Heodo
2020-08-19DOC_NGL_080120_ZTY_081920.docdoc a47b7f6d9af6602b2dac196cb0faf5414e8a3d7f94604f937e2e66f19fd17b61n/aHeodo
2020-08-19IG8826091669WE.docdoc 8cec3b93eff7809fb7cd1ac496b3c62702625511c0f52ac2aa79894af7801ad0n/aHeodo
2020-08-19TQQA8M1043QO.docdoc 01904ce332b0495cab01f41e3742febdd74e840052009501262bee8ec8528a76Virustotal results 16.67%Heodo
2020-08-19REP_PO_08192020EX.docdoc 8fa3388c004c72bc132d2ae9af6e47729f3e30ec0337e69115fbf3b2d2b4260cn/aHeodo
2020-08-19W_GRJ_080120_JVZ_081920.docdoc bc5f7faf4b9266301e7e8bd3f6ad494c0b34e984278b3a484c6c46d845d9a28fVirustotal results 16.67%Heodo
2020-08-19CD_SE9047336528OF.docdoc ee7fba4103591bdb24625094a6325f7d1bc7371f7e5a4c119cdcfe56a88ec967n/aHeodo
2020-08-19JBR_080120_TTG_081920.docdoc ae8e0b13f8a5e5b92a659fa5609b31a27b976210d50d3bc6f1e3c3cebb292519Virustotal results 15.00%Heodo
2020-08-19BAL_89863807434.docdoc 031a67c034a76b31c3fa139f4bbe570bc3a74c61c3b901164fb60733db2db9a1n/aHeodo
2020-08-19C7A4UL1ZOKNGYQH.docdoc c6c4ba6bead64d98f91dca8dbc28c67ee9be3a3c5b9de2e50dd98c7c11349cb0n/aHeodo
2020-08-19O_40177694368864.docdoc ccb2eeb74e4295cc786dee710d39ea735540fec1d56385abcd861a0cf3ed025eVirustotal results 16.95%Heodo
2020-08-19INV_PO_08192020EX.docdoc b8c1128b7d39be46714c9587319843af8e486469144b9fe1a9b4e9e5bdbf2301Virustotal results 16.95%Heodo
2020-08-19BAL_PO_08192020EX.docdoc e1ad58fc89b2089ce1478cd296d226c1152315a2b047c86d84819160061e1dceVirustotal results 16.95%Heodo
2020-08-19INV_PO_08192020EX.docdoc 74c71e841348fffe1f1a1bddbd7db99dcefdb48c019b49fd480dd8975a482cf3n/aHeodo
2020-08-19DOC_YBD_080120_MWQ_081920.docdoc a870134516045438396843914d05ac0216cddc2cf87cd1d9b40e275ae4f572afn/aHeodo
2020-08-19BAL_IDB_080120_ZXK_081920.docdoc 1cebaf9cbe29d2c61ad56dca8d497607287435c75f9585dd3288fb0a7e0c73ebVirustotal results 18.97%Heodo
2020-08-193271594928.docdoc 6a5ecf7dfa844149f405476219f41fc9b8de66e61a0c91285858c8ed994d8d65n/aHeodo
2020-08-19INV_ONQJJHZJS80SWO.docdoc 0099a00ee33efc8e25e68b3bd2862656ac4819416a7ce5252da75b326480ece2n/aHeodo
2020-08-19GBJ_080120_TKC_081920.docdoc aa1d2dcc15933f18170f40f70938d143402811f0a42e8b0e8d5b0b9db4469603Virustotal results 18.33%Heodo
2020-08-19817583185321923615364.docdoc 409122eb219c5db47542b67fd19278d68e792c7b5a9d4d221a3ba140e0bfd947n/aHeodo
2020-08-19AGA_080120_TJK_081920.docdoc a3cdf0d9417faf332e124ab24792ff79fdd1dcd6f24bfb381b70d9b735e6cf18n/aHeodo
2020-08-19DOC_PPG_080120_UMZ_081920.docdoc e7b5571f8fcba096c1240aec4d940d600588432e00c3f22504711fc6b240f8bfVirustotal results 18.33%Heodo
2020-08-19L_ZH3L819.docdoc 8cb099dfe32cbfe60c289a8b7c4aea909b9a0ee9fdd5a757bc169147fcc9445aVirustotal results 18.64%Heodo
2020-08-19REP_PO_08192020EX.docdoc dac9381a81d9d239f2a341b839cdcd469921f650f74da24535abe92d78951118Virustotal results 43.86%Heodo
2020-08-1913632060.docdoc a1b39bb8e04288328a8785f48219abb0b12a2a6330e2192973405a2bf6682644Virustotal results 46.67%Heodo
2020-08-19ZSOO_RT5123974131OU.docdoc a3773aee947b0fdf4bb4d2a48777f6e8e4a83beb62f033efffbb0b487bef2e8fVirustotal results 48.28%Heodo
2020-08-19Z_047816190804745145441.docdoc 4e187ac73b149abc0e10adc49388c872b2bf2dc68d4a7285586ce13e3b6bf427Virustotal results 47.54%Heodo
2020-08-19FILE_SNM_080120_KPY_081920.docdoc 882600fee7e0ea4b30699f07b2c5237c9cb80b2ed0bdd471d055f7b450565272Virustotal results 46.67%Heodo
2020-08-19DOC_EC8HPQQB.docdoc 1e5fdb496c17dd55dfc3e32231d286de4334d59bcc313b939202c4f8ae2abecaVirustotal results 46.67%Heodo
2020-08-19X_PO_08192020EX.docdoc 6ad811a3072f008affd2450407d0a37d9d45166d41c8fedc1d1e0ae2b61c77e9Virustotal results 46.67%Heodo
2020-08-199LC2APUQML11TMPG.docdoc 4fafaff4c35c7050da039eba46004fb4df1789b0f4cb103ecaf05d4fcf0834beVirustotal results 47.46%Heodo
2020-08-1927382136276604.docdoc 8fb8f3fa5d462f85628b0330a2096b4ac02c1c469729a17c59f34f252b737b5cVirustotal results 45.76%Heodo
2020-08-19INV_VU0PTKKW49.docdoc 77da6b15c6aba0dd430e50f7372588fa39691b2cdd9f90f3d71a36445b59f30cVirustotal results 44.07%Heodo
2020-08-1943253833.docdoc fbf8375b991d64aa1173b7a2d5792b19bdc39b63df4d483e9ac99f47157f3446Virustotal results 48.21%Heodo
2020-08-19I_PI1983354957NQ.docdoc 13ecb0280410d83e2d67d9f049fe85af186a0c9959c316c90f3ec327a9ab244dVirustotal results 46.67%Heodo
2020-08-19DOC_PO_08192020EX.docdoc 9cbc258b5f93fe39609cced6c936d4529b4b3ba671125e8ad51eba9085dbd3a5Virustotal results 45.76%Heodo
2020-08-19BAL_966904265394896161391608.docdoc 546326b982f8d4e1c2af1b80d268127974403aae48e453ff6d8f1820120a8d0fVirustotal results 45.76%Heodo
2020-08-1977361252.docdoc 94fe6d0cc1723a60d8965c606027ad0283a60c1f4677cf33c8cb85fd202bbc60Virustotal results 46.67%Heodo
2020-08-19953748787649563.docdoc fededa8f56c791fe22493104398edd8f25c5b47a5668857fbbe72e6ee16ede93Virustotal results 45.00%Heodo
2020-08-18REP_63139551215160061590.docdoc db2013508bc3e41f1f93da8cc42b9edcae448ab5eefe05b364e1ce01247dd763n/aHeodo
2020-08-18BAL_032868463.docdoc 6c9d3d58e28a1e8bbf0d1c77a0bbb7f6c71a55ac204041c9f1f8e372b19df91eVirustotal results 45.76%Heodo
2020-08-18S_853155291047649.docdoc b3c49f6fc4bccfb7209cc9da0e7092c623b21c438cf4ba36d18d3473015ca2aan/aHeodo
2020-08-18TICME0ECTEAIE6P.docdoc 7f32822db30d0d6ab9d5ef5dd261b4629d251e40b69b860a30fa476c0e7b8d0fVirustotal results 40.00%Heodo
2020-08-18IL42ZB1PEL.docdoc 6cbbdaa0e24876ae422d284449759d09a5bba350158e7e489ae806620bebb00bVirustotal results 40.00%Heodo
2020-08-18FILE_048022497267446655.docdoc 7457d0d48a6875b4b70d817d7542bdd94e000e4293907a48b014189b5e7bada5n/aHeodo
2020-08-18007408299164.docdoc 87becefe3e3cd497258a1bfe5a143aa5f119ddb98b934070d60c747f85529fa6Virustotal results 40.68%Heodo
2020-08-18FILE_PO_08182020EX.docdoc ebd963ca8395c76b57e615461fe021e7c8055b6859298a2a330fe489ab34d692Virustotal results 37.93%Heodo
2020-08-18REP_GVQ_080120_OHG_081820.docdoc 460a8e4f639b96c10e0094ce3aceeb1f60278284a1d7b27e3b16fd4b76744636Virustotal results 40.98%Heodo
2020-08-186782848062550703174378.docdoc 801bc5af1dd1dcee180728a22dc08e6a43622b62fdd21c4d95b06895b62bebbcn/aHeodo
2020-08-18PO_08182020EX.docdoc 2e671edf471827a78f9327e215f9bcf6dda0f639706319263dfe9cb37d0241a2n/aHeodo
2020-08-18EV0283225304KH.docdoc fef24e0c24fefb1c867b231cecb3ca9fcfd7322a0df4f1d47be8c48000fb0ba5Virustotal results 40.68%Heodo
2020-08-18DOC_VIR_080120_MOJ_081820.docdoc 40bf45a0f3955cc2cb68375dd18ebe4bfbf79a8c1ced852bfaab79bcb58eb4bbVirustotal results 38.33%Heodo
2020-08-18REP_GTL_080120_KES_081820.docdoc 09678d5cea929e16b8f453e3513797f71da2fe7808472b8273fe9010c9b0025an/aHeodo
2020-08-18DOC_7815922635.docdoc bdb11339f1bd60995f4f996322b18b502f9fd561ba97b25fbb7e290f03c44e28Virustotal results 35.00%Heodo
2020-08-18DOC_0368015513188671068856.docdoc 2d39a2c3798256d5fe256cc31b187ea8d4304b72a38c6c03f7646c74d84f19e2Virustotal results 30.00%Heodo
2020-08-18DOC_SPL_080120_BVI_081820.docdoc 0cef6300d4ff34161fe15685c7de03dd6663177b6ca1d87df136eb05e9daf650Virustotal results 28.81%Heodo
2020-08-18FILE_2927036870196567.docdoc 754ff57c9f03bc4578bf62ce834db479d379858c30b0e0d120c71970c58feffcn/aHeodo
2020-08-18COLL_69112474.docdoc dfed9e8647309077d764a8c15df25211f499a739dfbc8caf3035bdcaeb1d460dVirustotal results 21.67%Heodo
2020-08-1884195081.docdoc 1bd70dc84522b79f56c90126e0135d75cb385aa343b4f67ec56921fc62e62d8an/aHeodo
2020-08-18DH_BY2948268572NY.docdoc 44c35dfc240d0a7b1e3f6bc332fd9d0c031adc6e918604b6b88a9b9cc70d9f20n/aHeodo