URLhaus Database

You are currently viewing the URLhaus database entry for http://globalsalud.co/wp-admin/50345759443532439/nEJ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:440951
URL: http://globalsalud.co/wp-admin/50345759443532439/nEJ/
URL Status:Offline
Host: globalsalud.co
Date added:2020-08-25 12:43:07 UTC
Last online:2020-08-26 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-25 12:44:02 UTC to abuse{at}alchemy[dot]net,dnsadmin{at}alchemy[dot]net,support{at}vitalix[dot]net)
Takedown time:1 day, 5 hours, 43 minutes Poor (down since 2020-08-26 18:27:51 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-26INV #0852 FOR PO #9805804.docdoc 1862df6f40d11380f7d581fd9f613d34ff81f2f61ca92d8178a226434543ff52Virustotal results 32.76%Heodo
2020-08-26Copy invoice #0216.docdoc c0c0e2330c762341e5730ec5a760583d44a73a3af816322190622e763b7cdcbbVirustotal results 32.20%Heodo
2020-08-26Electronic form.docdoc 45030405f20fc74305fd922e9af1264b991a3778289611bbd297a7773222cf74Virustotal results 31.58%Heodo
2020-08-26invoice.docdoc 315e0f63ebccef69e4a20ceb1e8f82cb05458180822e1154cf54e4e71fa9bbdcn/aHeodo
2020-08-26O00027 invoicing.docdoc b2730790a8f03c04bc5f7a9ba28c945a4466efc3dc590991dfdd5adda1929ae1n/aHeodo
2020-08-26Form.docdoc 231844bb19b23c3c8ac8288426027d4c1ce97f26ef0d4da8374c740652d52331Virustotal results 31.03%Heodo
2020-08-2600614477.docdoc 89a147dda94a3da5a3d2f0d8bc32fd5d7627e3e5f04b308e1e3136097564ec29n/aHeodo
2020-08-26August invoice.docdoc ff68e756635f289ecf5f7c71d8eba8c08e6960bd3ad907639130432a1c40dcabn/aHeodo
2020-08-26August invoice.docdoc c40321521d2ea19112d0ec97e6d9e721a8aed19d9c699b794711afca783d4616Virustotal results 29.82%Heodo
2020-08-260861473785.docdoc 41d52b654baf4fa0541dc3b212c9bf5ae77f6dfd1721729426ad85e7d8f518ffVirustotal results 27.59%Heodo
2020-08-26Payment.docdoc 9eb87797babeb94f88659bcdedc8317f7dca00c4cfb5c5834dddcba9d6ccde42Virustotal results 27.12%Heodo
2020-08-26August Invoice.docdoc d5c549eee018841e8c99ea2b6fdb5d625863689a0758458bed6ce909cf5e3e28Virustotal results 30.51%Heodo
2020-08-26Electronic form.docdoc 10c6484d9780210399108c75420e3c2a2a04f457d2c187762a3c01965ba53207Virustotal results 29.31%Heodo
2020-08-26296658.docdoc a653ed7fc7b44191a6e35885e211f29497f5a16fe3bf716c6ee745cbe315614dVirustotal results 29.82%Heodo
2020-08-26invoice.docdoc 79f58423def9ea4fe0f319ccff00e85fa230eb1dd9a3d95ee683bacd1ca7a93cVirustotal results 31.03%Heodo
2020-08-26GV00718 invoicing.docdoc cd6816d2aa0cf74845a993d21eeaee85e28d9480bd6c1322d7880b0640bd8248Virustotal results 30.51%Heodo
2020-08-26Payment.docdoc 8bf9a63b2f36c474f3f20fbc3d268d1183e77f8479ffdb272f60027db9f66cc6Virustotal results 31.03%Heodo
2020-08-26Payment status.docdoc 012064617c3b69bcf41076e01a3ae44346db3ef00153e7f114c0850e7863324dVirustotal results 31.03%Heodo
2020-08-26Electronic form.docdoc 391b29bbfeca47bf67b0fc05596c5c478efe548b39e530b8cb8d32b3f4ae6df9Virustotal results 31.58%Heodo
2020-08-26INV_3010.docdoc 13586126b01818c527e7eac512c8eafd4cf047bbd75e7b629b5e6fb6a407b500Virustotal results 31.03%Heodo
2020-08-26176225019.docdoc 30a43e3c1b38fe5a37ce0fcdcaee4cef05b4d6682e668d782131c7c54de0e292Virustotal results 31.03%Heodo
2020-08-26Inv. 006154453.docdoc 42b5ec8818761156c634688567929519114fce1416142648e9271aa22d9f921cVirustotal results 31.03%Heodo
2020-08-26PO# 08262020.docdoc ad4c1465a9c3713992b6fd761417e5c47a9986ad08c70f4551ed239fc9376219Virustotal results 31.03%Heodo
2020-08-26HR-080120 YKIL-082620.docdoc 02b772df112f40ad435b9b0abba31d1918394f14f5cadf7cce0b73a1fca06053Virustotal results 31.03%Heodo
2020-08-26Form - Aug 26, 2020.docdoc e9f2cec35496ad75bdf4de5734aa4f4f7306f46a6c5dbd03329c65a706516c3bVirustotal results 30.51%Heodo
2020-08-26Invoice 001992.docdoc 4544d813fc5b91be214eff065bf8193df36917dca2e5cbce1a6ee9a782f54d0an/aHeodo
2020-08-26U9344238691WD.docdoc f1e8c8ed894dab23c0dc79fea7ede95c07d0db4022fae65dd650a7884fc165f4Virustotal results 30.51%Heodo
2020-08-25INV #023412 FOR PO #008107111.docdoc a706a221025fb97d81b3865a7a6f78c8b2e98be47cdf04bb8d58adee50bfa85dVirustotal results 30.51%Heodo
2020-08-250018967.docdoc e3056c02d20728d79c09d5b6c78054fae5c45336ed6ac191c6f5e6802aeca1bcVirustotal results 30.51%Heodo
2020-08-25invoice #186740.docdoc d94cafbff132a1324df8774b53913b72189f9f6321c2717acb6f07bc19ef7895Virustotal results 31.58%Heodo
2020-08-25J00831 invoicing.docdoc 59319005069e45060f1134dfcae68e13dab1e0759693cec554d456275cd54105n/aHeodo
2020-08-25INV #0720 FOR PO #2157510.docdoc ac8ada90430158ae3caa1d06b5cace4d7cdcbfea53b364e0ed0cf2630a4bd256n/aHeodo
2020-08-25C-080120 FZND-082620.docdoc 8aaf1362a0f1cef78461c030cb62eee653672ea11968fbbdbf0bc04a6389cbc7n/aHeodo
2020-08-25Form.docdoc df6be1ad9996e4a055cb124d874847b3ea58ac66d554b66f675a599fc18dd4e5n/aHeodo
2020-08-2500991035.docdoc 6a7fbe4b9135fe151bb392e19483959296f6c2ba0d32b9b643c34bf208f95ac8Virustotal results 43.10%Heodo
2020-08-25invoice.docdoc 4dab2530ae7822c3716c11d719e40a98bfd60186e03ad3f970080c4fd1714a65Virustotal results 43.10%Heodo
2020-08-25Payment.docdoc 8bfc95ca63125f9802da5efe3ca4b0bb28c6706f824f07a3a2763c1523a02237n/aHeodo
2020-08-250095222.docdoc c55a6e53bf3e250023878bfb39d955c305a12cb408d96adb4ea80b0e3877edc6Virustotal results 40.68%Heodo
2020-08-25invoices 4094 & 3710.docdoc 6760a52c9132d1c0c1940505f9a4000ab19ec4e6a8a768c2b27fe98058f2d275Virustotal results 38.98%Heodo
2020-08-25invoice #688982.docdoc 20534dd8909c68caf126fbe3939fcbdcf3025961bbdfc879b4bba3349769465aVirustotal results 40.68%Heodo
2020-08-25form.docdoc 146c831956d90e947576cbea6b6f32651c14be191237572ba69f7f852e30fbe6n/aHeodo
2020-08-25invoices 62054 & 41560.docdoc 524b0f0895071e6c8461424f8ec20a6f2ed558f8330abb8f1ba2e69254120489Virustotal results 40.00%Heodo
2020-08-25Payment.docdoc 5528f557e7166989f1feab72c1308b22ee631a960ab2347eb57360f1a6f1e10an/aHeodo
2020-08-25INV #062941 FOR PO #006322573739.docdoc d199b5b943e68cf22cdbaa5e4cecc6c267e9a6a324a2b1a72bbaa74ee7a8fd0fn/aHeodo
2020-08-25invoice #2323.docdoc 5e20ed5be05ff7d43d0808d7231523d4215641f5f7772af9aa4cda041b48a100Virustotal results 34.48%Heodo
2020-08-25Form.docdoc e1640e93ca02977afd16073a217b260308474f1ccd5202aae41ef0042b215201Virustotal results 32.20%Heodo
2020-08-25PO# 08252020.docdoc 111476c32d0e598ad0de18bab0a162e4045e558632876b2150f13ff30c7aecafVirustotal results 31.03%Heodo
2020-08-25Copy invoice #1348.docdoc 295d50d54d372ac504319a9f344a80fac2c8909e5de7790cf1d7bf715e62aeafn/aHeodo
2020-08-25Inv_16075.docdoc 4fe9431e902cd92442c9c426f0eda1a079df8ab56237e172005665d8d0585551n/aHeodo
2020-08-25PO# 08252020.docdoc bccaac0fa3fcee82312feb38a0ab82e7a2f31eb7c82eb39fc3d7128770e808d7Virustotal results 29.31%Heodo
2020-08-25J-080120 XPQT-082520.docdoc 68de79ba10bf486808d0e367b6f76f843f0efe9bfc10b9edb1010d799b34abd9Virustotal results 29.31%Heodo
2020-08-25Form.docdoc 56c2dc685d2a2b80b0f5fd867987170e77f690b4c041d5df06ecc2082efa1333Virustotal results 27.59% Heodo
2020-08-25Copy invoice #576705.docdoc ca85d5d47543aa8db63235d070b95b632a977aa610c5b89915056425c8b8d500n/aHeodo
2020-08-25PO# 08252020.docdoc f538f4f5327f5842ceffab30e95f8a35f83875b34a2055e676f03ea74a74a4e1n/aHeodo
2020-08-25Invoice.docdoc d7a5eb4d5abfe99a025f7e0358e5584004a7fbd83bff49f216c1ab3d1d231ffbVirustotal results 27.59%Heodo
2020-08-25form.docdoc 63f359f5dfb8d0fd46a9f39cb954f4b4ebf58e535b34e92c0e8b3450ce31cec9Virustotal results 25.86%Heodo
2020-08-25Invoice.docdoc 1dff1fb745bdd461037fb5029670d2363bf60c397e970ee5dab111dce91a0374n/aHeodo
2020-08-25INV_57563.docdoc 1bf5d7614469da00b63a08e12e4bf47d770e513d25b3ea2b7c5d1c41efce2f56n/aHeodo