URLhaus Database

You are currently viewing the URLhaus database entry for http://dikshadayal.com/cgi-bin/DOC/zbwuau20952393493919am38ynji5qqw/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:453692
URL: http://dikshadayal.com/cgi-bin/DOC/zbwuau20952393493919am38ynji5qqw/
URL Status:Offline
Host: dikshadayal.com
Date added:2020-09-05 01:56:21 UTC
Last online:2020-10-06 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?):mail Yes (Ticket DCU002910225 created on 2020-09-05 01:58:05 UTC)
Takedown time:1 month, 1 days, 15 hours, 26 minutes Bad (down since 2020-10-06 17:24:38 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-21INV_PO_09052020EX.docdoc 959d296702bb93dbe1f8661d4294812b4d0c2c443c7e2a46dc94c7ed7b8d9af4n/a Heodo
2020-09-21INV_PO_09052020EX.docdoc 6b92b4c99de7c0f2ae6213b3e9c38fafcf9ba9e534e20c1f21b3d287b9e34744Virustotal results 29.82% Heodo
2020-09-16INV_PO_09052020EX.docdoc 7fb5ce626ca48c2cbbab8338edab056150d542b52eabb75e44dca509e9bdaf46n/a Heodo
2020-09-15INV_PO_09052020EX.docdoc 8e58ef603e84c39d48e99d2454a404b862476c4875ebc87043faf6561fa8ce35n/a Heodo
2020-09-14INV_PO_09052020EX.docdoc 6c8f9c6eb9b676f3578ce8cab169769a2fdc7f3cb2c5c011f2586e5a745afcd4n/a Heodo
2020-09-11INV_PO_09052020EX.docdoc ccb90a24e4856008f8db75bac0ec4dafb7822a654c9cc2bb449610c4b911b184n/a Heodo
2020-09-10INV_PO_09052020EX.docdoc 81c84d5cfab0bba7e599ca15be20378572daf14b8336d12e7c4b9f4235239d8cn/a Heodo
2020-09-09INV_PO_09052020EX.docdoc 3f8daa1fc4771c457e560340a09cec2f3595bb20fc5292cff1b67a956ddf3176n/a Heodo
2020-09-07INV_PO_09052020EX.docdoc 24ca912b83af5ac9f1eb637d4c287b072904047cadc41a693b5af60612e4caf2n/a Heodo
2020-09-07INV_PO_09052020EX.docdoc 047c149dd389eb9ec337c6984b40bd950459d1da6a04fbcf18bad84f707a4ac7n/a Heodo
2020-09-0559981998.docdoc 8b23e164f16ba0caed21611db9782895ac3a6a1f5b30a16e7cff6a2f8e3c3008Virustotal results 21.67%Heodo
2020-09-0559981998.docdoc 8b23e164f16ba0caed21611db9782895ac3a6a1f5b30a16e7cff6a2f8e3c3008Virustotal results 21.67%Heodo
2020-09-05INV_CP9364182156VS.docdoc 908698080dcf9229ad6d3a5b3faa55ad9f3499129372a809d011b6d24ba9d445n/aHeodo
2020-09-05REP_WD7842994724BY.docdoc 4163030917532af42a4ea2c38086ff49766a928281c4269bdf298879f9e01d51Virustotal results 41.67%Heodo
2020-09-05BAL_122706004330123.docdoc 2e997a833026463ee1ddc2b571d97d90c94ac88cdb614cc5e5803d48b640391cVirustotal results 43.33%Heodo
2020-09-05DOC_839433628763928179.docdoc 9dec32ba9b743147a0bb4ae8041825a74aed44d6dba4f1ace85a6a008227cb0cVirustotal results 41.67%Heodo
2020-09-05INV_PO_09052020EX.docdoc f2c72c50487b631344d96edddf586d9e99c4685edb37450bade175f676504f32n/aHeodo
2020-09-05XKSX_JS8533262565FT.docdoc 52dc2d3655da2e0bec58667337f8c1b82e08d7eeb4a73341345f236d3321e9d7Virustotal results 35.59%Heodo
2020-09-05888019358059323.docdoc 7a30501200d16da77107068379331700e901268be067ce701617b4df11238b75Virustotal results 21.67%Heodo
2020-09-05FILE_IY1903210770WK.docdoc c52e2df61b4f195341a6891702424f8b9798ae3cf5a0a29e6978bfe4bc47b6ean/aHeodo
2020-09-05PO_09052020EX.docdoc 8d8cc6bdd5c9ff157d1d4967a626d0638a66654fc8ed2af24e807dbc11746e43Virustotal results 31.15%Heodo
2020-09-05BAL_PGP_090120_URP_090520.docdoc 916a9fdb4940cd7596a9604a95e7af177de4c28e90bfa8c2c98d836e82aab78cVirustotal results 21.67%Heodo
2020-09-05REP_PO_09052020EX.docdoc 8dadb1448be18ff1a6f7368dbef2f14f940b87b1d8133d3a8ef264d547457451Virustotal results 22.03%Heodo
2020-09-05PO_09052020EX.docdoc 53ce3cc79fda9e0a7f82873c3b94b8dfc7d31d3eab577ee54707cb8c1ad10585Virustotal results 32.20%Heodo
2020-09-05BAL_ZPZ6P30Q.docdoc 7332b5582ed72e5d0f8ddd61b24b1329f4a0e3b5083cbe586c00e49f88e04b46Virustotal results 22.03%Heodo
2020-09-05REP_14723785.docdoc 60b865bf47919000a88deabae15f03836f7a97fded9224d81a04722c88461f93Virustotal results 31.67%Heodo
2020-09-05DOC_06586749.docdoc 13ad6c45f7189df1c3e34c5d0f1b0688a5c6bed6688be2ab02294bd75dcc80efVirustotal results 31.67%Heodo
2020-09-05GIZJXOM.docdoc 3c0391237b2adda4499615dc19541883ee3a71e7c2db9eb3b3eb02f1b15d8578Virustotal results 31.67%Heodo
2020-09-05BAL_UX4691629047QW.docdoc f6dbabd3bbe35e52a24bdc676ac827f6631ddbe77e52afd53bdf3204b02f97c6Virustotal results 31.67%Heodo
2020-09-05BAL_PO_09052020EX.docdoc 56c847d2b7384b5406bac28244f2abc04230c231e066dfb357bbf635c1d9d368Virustotal results 30.51%Heodo
2020-09-05FR1222932153TH.docdoc 2ab1b7c9f559d5e8de517a4ef7e9a74f42734af66db94ae3e2a28825fc7f30f9Virustotal results 22.03%Heodo
2020-09-0523121858.docdoc a28bed0e6c711eeb502a3010ff335a7ea57b90b01015b2272fed8989245ba6dbVirustotal results 25.00%Heodo
2020-09-05U_VRS_090120_HJL_090520.docdoc f9ef3bfe7d720474ddaeb7e816e38478952790b9b70acac27a93a3ff3603ff24n/aHeodo
2020-09-05BAL_YOB_090120_UZV_090520.docdoc ebfcd70ebff55e62fec45d3a0788f6e8c9c17580d337ada36af00299b4fc89f6Virustotal results 24.59%Heodo
2020-09-05C_40422541528.docdoc 9ad810cd693a0eca802f2ece316a557f035008c8279573f03873351d0b13d5f2n/aHeodo