URLhaus Database

You are currently viewing the URLhaus database entry for http://t20rcl.com/cgi-bin/lm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:494812
URL: http://t20rcl.com/cgi-bin/lm/
URL Status:Offline
Host: t20rcl.com
Date added:2020-09-14 11:41:09 UTC
Last online:2020-09-14 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-14 11:42:02 UTC to abuse{at}sarpstechnologies[dot]com)
Takedown time:11 hours, 31 minutes Good (down since 2020-09-14 23:13:47 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-14INV_EU1720312552JE.docdoc 43cb627a77712dd1d9c1f3881b4e74244e7491aee310c5619c08b1dc58f6a66dVirustotal results 37.93%Heodo
2020-09-14RBRG_524935061829002.docdoc 9f0ae988efa45dd5a31b192546bb881ebbf6b50e79bf2da69fa2256bbf4d845dVirustotal results 38.98%Heodo
2020-09-14INV_DMI_090120_MBI_091420.docdoc 4ca85ee8fbc72417267b0d182372896931cbe7025b65001e38019e3bf74cfec4n/aHeodo
2020-09-14FILE_PO_09142020EX.docdoc d0aad7574a29f26aa7b13b0d9ee67b527c0e4dfc5275c0a8e28e000adad26297Virustotal results 37.29%Heodo
2020-09-14I_810354298.docdoc f8f37ab2c3f93e760169ba45266f3842eaba21935f877009833a62cfc2131992n/aHeodo
2020-09-14TL0531229983DT.docdoc 18a08bfde32fec48dd39f4ba41cd7449d4169cd9252a6dcc077cd7fdca819191n/aHeodo
2020-09-14P_1507133741445783659.docdoc db5dc06cd13c8fe3e12b314bae4c8be7651a26ed861eecaac0e79a8f8bf0ef43n/aHeodo
2020-09-14FILE_PO_09142020EX.docdoc e07a35b45fa2c96f9564aaa36434a5fdc8d4fbbd9b95c35ce926e4bb0f87dcc5Virustotal results 29.31%Heodo
2020-09-14DOC_SI1759164099HK.docdoc ed410e106fe3f9f8bedec883afe4b7b0d0dea3b449ad26fa6f41aa69c0a78f80n/aHeodo
2020-09-14INV_26EHG35.docdoc 875aadb39437a5366487bf9232ad64eb3d635fae59449e241d84be3133ed2a44Virustotal results 27.59%Heodo
2020-09-1427244478.docdoc 5d29d4ae2581a27221609c7e3877aa9139dd44042bcde1fb62d7e901d285e4f4Virustotal results 27.59%Heodo
2020-09-14REP_BV5391595380YP.docdoc 0844edff9f032df69f33be680af0947ca6c06895530397bf028ae47482b5b711n/aHeodo
2020-09-14NB7936745951TH.docdoc 65af960efb522275c12cbbc2902476854043df45ed96b435103aedcef02eecbeVirustotal results 27.12%Heodo
2020-09-14Z_VU6AEUNW.docdoc e4a9024be2fd969f3d64de3bcff992a2d29ad69e823b5ed145c96a395a013e19n/aHeodo
2020-09-14JGDH_KV0440091513JL.docdoc 2ff4b7d7b02e82dce1df902e65b025fe06a6a66e3e4605ada4206d0eb2e33cd5Virustotal results 21.43%Heodo
2020-09-14DOC_4NTVUV6G.docdoc 6f94245cbc7d242d2ffa0fa4b3e3b3d5c9d3033df0482320fd014daba53f62e3n/aHeodo
2020-09-140M94DLAI7GH1N.docdoc 2762b832d1111457d6402af3d53a4f516dd99507d963614d4bdc48855dc057c1Virustotal results 21.67%Heodo
2020-09-14INV_BK4088368813TE.docdoc 12820384810ee90b5f51be5c13e6c2a8ca47e4266660b1e3100722e4c2baa33bn/aHeodo
2020-09-1403765641.docdoc bc08b7a8310a6206226dd767a9c4cc26dd5d5316ad80e399359db8c090294b43n/aHeodo
2020-09-14INV_PO_09142020EX.docdoc 42c4b1eb39af3f83f49c39994431eb0a042d94a008313cdaf1831db93c45cf5dVirustotal results 22.03%Heodo
2020-09-14INV_0VC8Y117QYGERTB.docdoc 358777fc6c34cc75ebc7d92ee6c2bd0b29eaf38c4a215fc317e920ab0f60476fVirustotal results 20.34%Heodo
2020-09-148727439720.docdoc c2e8f7c925f56e68086ee279048349eaede27f3cff8aea65d4298610fd97a3d9Virustotal results 21.67%Heodo
2020-09-14BAL_3519045509634291.docdoc fbb786eb4a0f0a9ecf9da92977d330921554d0c4cbdc1218de3641c9a9a16933Virustotal results 26.67%Heodo
2020-09-14REP_SPEO5PG.docdoc 44dd298e5761ecfbf28b770c3adc34854679aca9c88565aef9e0f7d426749cf9Virustotal results 24.56%Heodo
2020-09-1416092773.docdoc 11cc4036d50f7e705e15ad8d6b14813b0f328d9e14d31aa6ca51ba7e13fd4f4en/aHeodo
2020-09-14BAL_MV8FYSPJVP8TK6UU.docdoc fa69858e237719a046347129a4fa0d2bad1890e1843c54a8e5d71568337ee2cbVirustotal results 23.33%Heodo