URLhaus Database

You are currently viewing the URLhaus database entry for http://hamminkway.com/cgi-bin/esp/tgmrulcic5b6/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:441147
URL: http://hamminkway.com/cgi-bin/esp/tgmrulcic5b6/
URL Status:Offline
Host: hamminkway.com
Date added:2020-08-25 17:42:05 UTC
Last online:2020-08-26 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-25 17:44:02 UTC to abuse{at}strato[dot]de)
Takedown time:22 hours, 7 minutes Good (down since 2020-08-26 15:51:45 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-26FILE_CK4355921994DV.docdoc 73bd8ccbf6c6ab32472c5784a7979a150437174459c01a7398945c2867eea506Virustotal results 32.76%Heodo
2020-08-26PZZ_BLL06SWKQ9.docdoc af5e077f1915828d85cb8b2e854ac2c634e10cd249bc9ca36bfdce6210a78289Virustotal results 30.00%Heodo
2020-08-26INV_PO_08262020EX.docdoc 230ab4fa2ef9855a13c29c152fc59b6de56233f75e523a408a709175c7b68953Virustotal results 29.82%Heodo
2020-08-26C_9ULN4HMK.docdoc 14d43c503a1c9c5f61bcfd706d421ffca90c3f85c85dd05adc435c623d8fb46fVirustotal results 29.31%Heodo
2020-08-26DOC_FD8731594003DR.docdoc a431f7a715ae2294f803abd31c677aceded29507e07a580ed361bdb73c8ebf3fn/aHeodo
2020-08-26DHI_080120_JKN_082620.docdoc 690b7078636392724c3d0facd5199e05ec56585148bbcda6aa7f2c64f597635eVirustotal results 28.33%Heodo
2020-08-26REP_PO_08262020EX.docdoc 676c878bed2e541c7e1adcbb0f141462e8f98125e82ff705dcda881165585452n/aHeodo
2020-08-26BAL_FBC_080120_OYY_082620.docdoc 16ba108b19b54a215fdffb4ada0bf198814e65190ae73a686c300bdfb5eb2ab6n/aHeodo
2020-08-26NAHY_XC8ROKK.docdoc 0fb8cdd6e033deca3e95931c9f20ddab1df2d839911cb271774ae42cf5460094Virustotal results 28.81%Heodo
2020-08-26V_ZL18I3FXD40.docdoc 673dfbd1e8a6cae6500c6bc52686bc69101e89a34d4f579b1f3b5a45174ef250n/aHeodo
2020-08-2603554449.docdoc 0c22f0ad057fa28d31a047a34391f1275438a034d1c42d951637ee89c5252d24Virustotal results 28.57%Heodo
2020-08-26INV_VF2612801040NR.docdoc dc167ca9c82110cbd8c275bde50770d2cda4d232986e4018107994b92009862cVirustotal results 27.59%Heodo
2020-08-269NDXZIKN2CPVDC.docdoc 0322eae38619df582bc680d8fbde3a8a8f4b9e2c02b689db2d863c62f88c559aVirustotal results 26.32%Heodo
2020-08-26440826681110176.docdoc dea98698a907a95e646de347286e7bc23d8d095022a89d3e4dc22b1652eaabadn/aHeodo
2020-08-26REP_66028423121021764.docdoc 300cf0fd3de72ba9c28fc5428b8fac05aa455c7d7ffffbf3ae72db863f7fec1eVirustotal results 29.82%Heodo
2020-08-26BAL_4947728875775221.docdoc ddf500146efb671da13e611911185a3e2e1bdb538e7f41ae0eb759a38adebfdan/aHeodo
2020-08-26I_22245621.docdoc a4b0033aace38e2c6d2dfadfe6776527459551c761c232558d3c573220f5c15fn/aHeodo
2020-08-26REP_AEV_080120_MJG_082620.docdoc 4014edeacef628a8e6b950feaa547a482a43162461571eb152266564c38c619dn/aHeodo
2020-08-25PO_08262020EX.docdoc 69c3e163903f4fcf7f5a52ccc3ba9d74d72c246208f4850abffd01971a51e795n/aHeodo
2020-08-25PO_08262020EX.docdoc 966e05abf8db8638c7e4ca88db7b7943092c05b18f44597801128b6f7ba41254Virustotal results 29.31% Heodo
2020-08-25FILE_SS1848335573KP.docdoc b1e3c18649bc4cbed912ce7f0087cdba73298204214713ad1038375ad055142bn/a Heodo
2020-08-25DOC_PO_08262020EX.docdoc a60bfe31dcab8ba0730c4edb7de14a10147c618560d09a6137b8e7bb6209dbc1n/aHeodo
2020-08-25EUM_080120_DQF_082620.docdoc 1cfa8b0347632b49a79619381b1d4e69a627df9cc64c67f825d774937ccb28b9n/a Heodo
2020-08-25XIZM_TCZYSZHPKWN.docdoc edc3477618d76e98889e1be29182a8db3e21ff561eaea309e12070219788bab4n/aHeodo
2020-08-25HZ0049906139JW.docdoc 2eeec2892926e686de8fcc29fc57c57b10a4f37e49cee06ec4b5c864dcf5cfben/aHeodo
2020-08-25GRH_080120_DNI_082620.docdoc c0bc03edcf17373ca7bcc145fddea1578f8998fb6f1d400d3701ebbe4ac1c833Virustotal results 29.31%Heodo
2020-08-25PCCXPUNAUADJHW5D.docdoc 0d20df2cfdf9cf06ae715303485715ec9bf9baf96fb9e6a9f7de0bd43479e678n/aHeodo
2020-08-25REP_109690193043.docdoc 52d5f65c1708917e116f0217caac8d2a8ebdc93b3b349f9f42b7d7c1b13d69d6n/aHeodo
2020-08-25Z_RF2947773504BN.docdoc 96eef74c59d9b8b47979fbaf2552a9735dcddef28df0b5b87655a4c849f9d853n/a Heodo
2020-08-25BAL_46186471.docdoc c83c6353d36706d9ede8b73d387db5ea74ea2977900f849d802d7cf17669c266n/aHeodo
2020-08-2548273690.docdoc 2585dca9439553fc132aa07924ab669bd0ac2b0efb4dc154f3538472be3d5425Virustotal results 43.86%Heodo
2020-08-25WP_SF837SJ.docdoc d5f40d452d9a860469d5230c2770b2dd97806bcf9734af4d3f76218dba8e5c8cVirustotal results 42.11%Heodo