URLhaus Database

You are currently viewing the URLhaus database entry for http://www.cbi.com.eg/6gh4_a3_iu570s/swift/u40167212463868vil630xodp6xbqtp/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:435599
URL: http://www.cbi.com.eg/6gh4_a3_iu570s/swift/u40167212463868vil630xodp6xbqtp/
URL Status:Offline
Host: www.cbi.com.eg
Date added:2020-08-18 12:01:13 UTC
Last online:2020-08-27 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-18 12:02:05 UTC to abuse{at}tedata[dot]net)
Takedown time:8 days, 21 hours, 1 minutes Bad (down since 2020-08-27 09:03:27 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-20I_DB2171657753YD.docdoc eebc92b1f64ac4a4ab57c2a531acb939b1a0b56874856ed89def89b1e7df4051Virustotal results 21.67%Heodo
2020-08-20PO_08202020EX.docdoc 41cc9ca7bdb7317cd1210327b98f8bf3a0e65a91808c5465ae1036244bcea4e6Virustotal results 36.67%Heodo
2020-08-19FILE_06078950.docdoc 06212a633940e412d08fe257dc44e835d74a44b32a8792643dbc963f5002005aVirustotal results 30.00%Heodo
2020-08-19D_PO_08192020EX.docdoc 8fa3388c004c72bc132d2ae9af6e47729f3e30ec0337e69115fbf3b2d2b4260cn/aHeodo
2020-08-19LSPV_VY2968031593FT.docdoc d054c0a4a703726e52aaa5f6db946aefbc777af3e84c0bef5d5cfa5f7dbfe034n/aHeodo
2020-08-19INV_OEO_080120_XOZ_081920.docdoc 74c71e841348fffe1f1a1bddbd7db99dcefdb48c019b49fd480dd8975a482cf3n/aHeodo
2020-08-19FILE_66593747.docdoc 5ee8314065d14a3a3a5b81dcc72ecdcf770103b6d6fbd433eb4a6f41a9dfed1dVirustotal results 17.86%Heodo
2020-08-19AV4W26NEMO.docdoc e7b5571f8fcba096c1240aec4d940d600588432e00c3f22504711fc6b240f8bfn/aHeodo
2020-08-19BAL_YQ7093765105FQ.docdoc 8cb099dfe32cbfe60c289a8b7c4aea909b9a0ee9fdd5a757bc169147fcc9445aVirustotal results 18.64%Heodo
2020-08-19OYH_080120_CYQ_081920.docdoc 9300711f5a35bc33dab0314d010f858ea9385b9b41b60e8db605a367ee901d57Virustotal results 48.21%Heodo
2020-08-19INV_WC2223615791PF.docdoc 0e79daf2a9f00edeae140c5e513dfe381e03f54ae3fec2dae7b2bd9f005b4f6fVirustotal results 46.67%Heodo
2020-08-19INV_UBJ_080120_LNM_081920.docdoc fbf8375b991d64aa1173b7a2d5792b19bdc39b63df4d483e9ac99f47157f3446Virustotal results 48.21%Heodo
2020-08-19DOC_WF2834732821CK.docdoc 9cbc258b5f93fe39609cced6c936d4529b4b3ba671125e8ad51eba9085dbd3a5Virustotal results 45.76%Heodo
2020-08-18REP_SR7MBW9.docdoc 6c9d3d58e28a1e8bbf0d1c77a0bbb7f6c71a55ac204041c9f1f8e372b19df91eVirustotal results 45.76%Heodo
2020-08-18M_ODR_080120_YPC_081920.docdoc 6cbbdaa0e24876ae422d284449759d09a5bba350158e7e489ae806620bebb00bVirustotal results 40.00%Heodo
2020-08-1849860091419358168.docdoc cab6349ac0df4084c7ff95a5e68f961048537236c2602cd3aff11482fb0d0af0Virustotal results 40.00%Heodo
2020-08-1841238077.docdoc 455f2ce2d5b18bbce7c1ff8a8eec0e143f98fe0c1e0a4d289aee56f5f8e33e4bn/aHeodo
2020-08-18L_RHA_080120_VHC_081820.docdoc f13b6d284eb7046fcbacbc7d199359ef96282da973fb4baee25c10fe1f96d9b9n/aHeodo
2020-08-184128310855414950272067.docdoc 2afd7cea805a330a133af9bf275a0d23de175b15c5cb194c042da07bc59f2cfdVirustotal results 40.00%Heodo
2020-08-18REP_MVO_080120_XJV_081820.docdoc 9c44c80515e97bcea6d0ecb7465ea920e4515d1c244dee409b2a3467b6815a50n/aHeodo
2020-08-18INV_PO_08182020EX.docdoc 09678d5cea929e16b8f453e3513797f71da2fe7808472b8273fe9010c9b0025an/aHeodo
2020-08-1897950025.docdoc 010999a8438ea40d8012240b03d2ced196d695c0e6ddcdb43bca7d28693c16dfVirustotal results 35.59%Heodo
2020-08-18BAL_24069784.docdoc 77300670b06067855e3c1d1b58df8a505ec1598099aa1a03970407a2798336c7Virustotal results 22.03%Heodo
2020-08-18DOC_PO_08182020EX.docdoc 6aa53c3c65f9c3a8cfd6530a40f273750c496da314b2959db2a05776f82d67a3Virustotal results 22.03%Heodo