URLhaus Database

You are currently viewing the URLhaus database entry for http://cricketodds.in/_r/LLC/l1tgqp2tyn-000622/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:438315
URL: http://cricketodds.in/_r/LLC/l1tgqp2tyn-000622/
URL Status:Offline
Host: cricketodds.in
Date added:2020-08-21 15:35:29 UTC
Last online:2020-11-06 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-21 15:50:04 UTC to abuse{at}liquidweb[dot]com)
Takedown time:2 months, 16 days, 21 hours, 50 minutes Bad (down since 2020-11-06 13:40:37 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-22J-080120 YILG-082220.docdoc d264878eae29d3da022f38e67a38560346ba42cbb6dbebbf0e6c852c666fb1acVirustotal results 42.11%Heodo
2020-08-22form.docdoc f65bcddf3b315035a672d4f3fe0f72e84729ae4659a329ab27bf4d51007fe274Virustotal results 37.50%Heodo
2020-08-22INV_442788.docdoc 51bb6063711677f1823d4b10c0ae073a340c8392a7b233485d1e181fab2197fen/aHeodo
2020-08-22INV_8523.docdoc 564105a864ba17349c0c70d8c11883b4edaf7b9f653bc074d57ec92e33923d61Virustotal results 36.21%Heodo
2020-08-22August Invoice.docdoc 5d343c4cc60ceae7c55758376842b90845f6d3dd1d7ab8fd2bed44ee745bf527Virustotal results 37.93%Heodo
2020-08-22Payment.docdoc 88fafca4b3195bc1843721aa1d78221a5d05be8d88f43ceb0e85aab917c67a43n/aHeodo
2020-08-22invoices 7055 & 61299.docdoc 27e2a7ad7764b75f11753d945f9b7b087f89fa4b8b9bc1198bf7992c7c85d1e8Virustotal results 37.29%Heodo
2020-08-21Form - Aug 22, 2020.docdoc 31ef2257cdb7b9006892fb9754673511beaf648f6c3a899b9bff3031310a9acfVirustotal results 37.50%Heodo
2020-08-21084218.docdoc c7abec97a993780d8d6bdd8fbc2a7c77bb49fdd61e57637ac36ecefc9f748350Virustotal results 35.59%Heodo
2020-08-21invoice.docdoc e5c9f8c0ccfa47835d30be512636ad1b0e40d75587d5a309f586b67796aae5cdVirustotal results 33.33%Heodo
2020-08-21INV #4915 FOR PO #00870513481616.docdoc 75afa5e681f780ff3ac189da47ea1eddeba7face6bc94ac9d07db672b9c00ef5Virustotal results 32.76%Heodo
2020-08-2100563555.docdoc 43057d3c74a6fbe3be2660879e861ae3d0b2118866abb1e3fe8bc169c526d957n/aHeodo
2020-08-21August invoice.docdoc 214116ae52ad96af88fa41e0ea271fecb493e2afbc403bc3ca2c184ffd03d996Virustotal results 32.76%Heodo
2020-08-21Invoice #6008.docdoc 9e8252eaa40d9995798d1c88f2ee30e36cac7ac88bbddd38c4dd2d4c8d19385cVirustotal results 32.76%Heodo
2020-08-21Inv. 71135.docdoc b99da0701a16d0df2895790bf84db62ee0da6b42fa8ea0c2a5b103a131d98f13n/aHeodo
2020-08-21ZD6815015070RJ.docdoc dfb4a0445bee97a362ee8ea96a3cb6444bc3ef4b7c96beaa5edf0508e6343c56Virustotal results 25.42%Heodo
2020-08-21Invoice 008848949.docdoc fa793702b351ab1f22fa5ff1d20c7f6bf822bd6954f637389577767a163275bdVirustotal results 25.86%Heodo
2020-08-21Copy invoice #995702.docdoc 78a36b1f41b0c09c31d6bc4665036ff311e872b98404bb726312e26f0d559803n/aHeodo