URLhaus Database

You are currently viewing the URLhaus database entry for http://blog.micmek.com/eztzb/docs/zk0h2tf88805536878987ukkf2y9jpfgojb/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:495403
URL: http://blog.micmek.com/eztzb/docs/zk0h2tf88805536878987ukkf2y9jpfgojb/
URL Status:Offline
Host: blog.micmek.com
Date added:2020-09-14 12:30:36 UTC
Last online:2020-09-16 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-14 12:32:05 UTC to abuse{at}amazonaws[dot]com)
Takedown time:1 day, 23 hours, 3 minutes Poor (down since 2020-09-16 11:35:20 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-15Y_QHT_090120_WVP_091520.docdoc 16db7d9a589765bb9cb295fa084d5a72c59383a39d4a0f16bd8d67a0856a5df3Virustotal results 51.72%Heodo
2020-09-15MQD_090120_WJV_091520.docdoc e4fef3fac02d6446ba2e8e83cb1b661aeca814d908e8b1c256a138f350f2d57aVirustotal results 50.00%Heodo
2020-09-15VLJ_4193373323233226430.docdoc de02d9146a26c11acbc68e2907bd4de495ebdb00f30a30c1293335b3831c2a89n/aHeodo
2020-09-15ATF1JEMLYW1.docdoc 702bb18956c03e76973b7b64978c4b5749dbec33a6029901864814e9f79d0c22Virustotal results 49.12%Heodo
2020-09-15BAL_PO_09152020EX.docdoc 807bf4c0dd85eea9b4ea5c41fab297064a1a79599cf41ee23eddea254c4f5692n/aHeodo
2020-09-1533484575.docdoc c04692ca49de637108b680642a6954eb9a3209037eaa0ff6de22cc7d5bc03aebVirustotal results 48.28%Heodo
2020-09-15FILE_DSZ7HD9K0HASO736.docdoc 2d762ab029ed06e534d2fe01860356c294460430b467b6cc9ae3968bfe0d39b7n/aHeodo
2020-09-1538828352939.docdoc 5abfa0ce738ab27aa9b0500e4f341086d84c14031941b842341e5edf4d6cf3d8Virustotal results 45.76%Heodo
2020-09-15BAL_30745941.docdoc 11457a99a5505f705c398e4e05548708cc0ca4e18748421ea1374c0f410eb5abVirustotal results 44.83%Heodo
2020-09-15BAL_PO_09152020EX.docdoc 221d824e80d3e36d5d0f52d1a0160382272e6d733a596f2eef49140f3823ad4bVirustotal results 45.76%Heodo
2020-09-15INV_FV2093529586ZB.docdoc b88899521ee567759e0fac13799c699cba70ecde7b93dffb60872939de858a03Virustotal results 47.37%Heodo
2020-09-15SXD_090120_NHK_091520.docdoc ccc9ea68df213a152feb8f3b7b4381d502ff957fd113af34cde9a3f956b5af6en/aHeodo
2020-09-15O8IOG5ML.docdoc bdc5631818335d59a977eee0b55578254df73a429b5c6a2d24b1956194e29c66Virustotal results 45.76%Heodo
2020-09-15FILE_74342106.docdoc bb9f602ad96cbe273388a0693171c3973e1353bef3ceff859abf378ee3ec09f1Virustotal results 44.07%Heodo
2020-09-15BAL_986862022242171784744055.docdoc a5339cde30bc4e023fab90f875aa0511e8b74c3b8bd6e019c39b91eb35c64f27Virustotal results 44.83%Heodo
2020-09-1557988727.docdoc e159458d4bc5114c9261dfedaff530c0bea0b0d109555197f3fb7747692e538eVirustotal results 35.59%Heodo
2020-09-15S_FJP_090120_VRO_091520.docdoc 9922b76bfdc024016dde4bbdb94099ac4a6ed95e4843cad3a7c5e1869dbdaef8Virustotal results 39.66%Heodo
2020-09-15DOC_OO4536399477UE.docdoc 44236fdb8ec07c8a77ac57d61c6b810631a70d5195df5dd25347705191cbdfdfVirustotal results 42.37%Heodo
2020-09-15TPK07KKA.docdoc de00029610205b79cb29eb6b18eb08b9f3e7841d4866828148b0e8f3b2750c1eVirustotal results 42.37%Heodo
2020-09-15PO_09152020EX.docdoc a4486575da11821fe28dfc285d3e4b93f37d127adc771887dcc7b3eb17c24546Virustotal results 41.38%Heodo
2020-09-15FILE_PO_09152020EX.docdoc 96e9194d08285c4dae093f6075771fe0f21778e87b190999a06e84e9d5aef3ecn/aHeodo
2020-09-15JPZ_090120_CKG_091520.docdoc e534714104dce95e26cb8d7d6f9025c18e27c6106ed4727b430d97f861f6294cVirustotal results 42.11%Heodo
2020-09-15H_LU4155891050ZF.docdoc a0317339838e6999848a008692eb356adc893034fca1c323524533514cff15ecVirustotal results 42.37%Heodo
2020-09-15INV_PO_09152020EX.docdoc 8aaac3ba7ee1eea4f407286fb7974879a2cc0baf38d4de3d7add15df3ba2bee6Virustotal results 42.11%Heodo
2020-09-15KRPG_NZ7ZD3A.docdoc d1561f797d8c7b185a29acca5b8b8db71f711dd129448acf96d3ac1d0c23d0a0Virustotal results 40.68%Heodo
2020-09-14INV_VA4136316252NX.docdoc b1519746d2c2a349f5fd48d89760bc67161a6474005f9060909bcf2e2c3fa1c2Virustotal results 42.11%Heodo
2020-09-14X_ULI_090120_CQX_091520.docdoc 2b8668a2cbfcf9b88c18995f1f415540b05b7668e8493f0ea171097b7e34261an/aHeodo
2020-09-14DOC_8051546293084810.docdoc 5e9694ee68dfea978dbc805fe72b5788f079caf4dc6e7cd66c811286bf943772Virustotal results 38.98%Heodo
2020-09-14FILE_5859653378885.docdoc 693f393b73fba1545bbfed68995e08a5501d14fbb9904c4411e27245b75aef91Virustotal results 35.59%Heodo
2020-09-1432315634541.docdoc 5f31da31a925d5eddfcd8a434b8adb8329c95b9ef397d6d4b0c3cf33c44787a6Virustotal results 33.33%Heodo
2020-09-1428891932.docdoc f0e0bd710b0178b6000d573906078f6906c0cc4781b7634a9e0dd95d33785aa9Virustotal results 26.32%Heodo
2020-09-14T_02401221.docdoc 4d58f9bc9cb9c71282fc9003acfff87afebaa80186b02cbd42d663d20eb5c43aVirustotal results 30.51%Heodo
2020-09-14DOC_9JO1Q9DPL.docdoc 022b2176a60a0c1a4b01973a41185035d1f0b6bac6eaf5992554cdd42883565eVirustotal results 30.51%Heodo
2020-09-14INV_PO_09142020EX.docdoc 44cca8cba5ff51e2195e4c42279930fec3adf0cec60c38f0827e18f52070cd95Virustotal results 25.86%Heodo
2020-09-14PO_09142020EX.docdoc 25495bfd60e1250a8ff4fe5bc5f0360ec275594ca52f86be9d2cef2d2c134734Virustotal results 27.12%Heodo
2020-09-14FILE_08045746.docdoc 0652ccbe39403ce0a719d26d57155d72e04ef355cf1d151799daec8d9a57edebVirustotal results 28.81%Heodo
2020-09-14INV_PM2427647658WQ.docdoc 4fc87eaceb8a28438c11db4d8d8e414209746b17753952a9d1a61a0c148055dfVirustotal results 25.42%Heodo
2020-09-14QR_DJF6XLGNWNM7NLXU.docdoc b86d9e2cdba854df265e294a80f0de997998b62a7ad1fbb72a58d5bbbdc9372aVirustotal results 40.68%Heodo
2020-09-14VSE_PRT_090120_DYZ_091420.docdoc 43cb627a77712dd1d9c1f3881b4e74244e7491aee310c5619c08b1dc58f6a66dVirustotal results 37.93%Heodo
2020-09-1490779741.docdoc ea21cbd27a7e5277f33342e457c3d6950bf5e3b88f2389d8359cbf7e3ae518bbVirustotal results 38.60%Heodo
2020-09-142957339645592277357610710.docdoc 796be372786267239ea478d2b4acb8c5c1f6b4fb8e6f31a3a104bb12f29705fdn/aHeodo
2020-09-14H_40400228.docdoc c1fe84c5bc07595ed1c451c7cd8d61f681f1252325096963b580e974a54dac0en/aHeodo
2020-09-14BAL_8944601132.docdoc 968f255a72c41d86299b48628eb79d831741596e1383081eebaf08810ecaacden/aHeodo
2020-09-14KN9738112060ST.docdoc 2a3b8ac232c62d1a8020778231c0385bbc08ad42e9bed9599296e8f05bbf9b7cn/aHeodo
2020-09-14PO_09142020EX.docdoc c00f71aa11d985aea1c21773b324acf797938df4c75dd63d882d4e6150775864n/aHeodo
2020-09-140401376970010139725244625.docdoc db5dc06cd13c8fe3e12b314bae4c8be7651a26ed861eecaac0e79a8f8bf0ef43n/aHeodo
2020-09-14S_BL5776998261BI.docdoc 57a86884de3a12e1b3b6bbd6596903706148a2c98c90827974c176979e8d1bb6n/aHeodo
2020-09-14OI4092573313CE.docdoc ed410e106fe3f9f8bedec883afe4b7b0d0dea3b449ad26fa6f41aa69c0a78f80Virustotal results 28.81%Heodo
2020-09-14QOJV_LSH_090120_EVH_091420.docdoc a7a9ba166406bf42b11025e3c7e259c3866c29146ffd296dcbedbff60d3f09a6Virustotal results 27.12%Heodo
2020-09-1418831550.docdoc a153e7d47a196c8848cbd1aa6b81d15adb43a1cc0c6402dca515ea34723c0ca9Virustotal results 27.59%Heodo
2020-09-14DOC_ZSUZHUC7MV.docdoc e9a3a2eb9b02296a904f3cc9a84e7ff9c09023ec9852bc89194a098441660e7dn/aHeodo
2020-09-1460458595.docdoc 6854581e81ae31b87095df739754ed6a3a572cbce33781e25b646a150e39505cn/aHeodo
2020-09-1430646774409524437240.docdoc 979b409188d97c556d5d9bea690f767ad8b8c4a6158913070cbf7005058b209eVirustotal results 25.00%Heodo
2020-09-14BAL_TSI_090120_UIC_091420.docdoc cfcf57cba19a0007077044365e06c2d6adb3e658011379a7e16796b25072d391n/aHeodo
2020-09-14INV_89212170.docdoc 6c582c81ef9f686301cf1a663938a08c6f793a3f45403b3d4d87da94d5eefc00Virustotal results 22.03%Heodo
2020-09-14FILE_02288385.docdoc 2762b832d1111457d6402af3d53a4f516dd99507d963614d4bdc48855dc057c1n/aHeodo
2020-09-14DOC_61427623.docdoc 8479daca0fc8e5a71c4658b54796c49513f4c6b45d048438213ec781db114c6bVirustotal results 22.95%Heodo
2020-09-14V_PO_09142020EX.docdoc bd3461849b4d660b627fc4a1ff34e6dcc2b26ce09e69643366c02d920f8c49d9Virustotal results 23.33%Heodo
2020-09-14INV_16874570.docdoc 21bdbf6ef88670da6f32d97e4d4d1ddaad79bbee1a8d10d476ef78b5a63e14b3Virustotal results 23.33%Heodo
2020-09-14BAL_PJD_090120_CDH_091420.docdoc 3df3dbd30ceac68478a45ac4777aa409218d8ba43eed7546cd42682c95c17478Virustotal results 21.67%Heodo
2020-09-14Z_PO_09142020EX.docdoc 506bd0bf18d33b2e92b6638ec09ed0af6dcedffe870c41063f7845695e19fbc4Virustotal results 22.03%Heodo
2020-09-14GLE_090120_JHO_091420.docdoc fbb786eb4a0f0a9ecf9da92977d330921554d0c4cbdc1218de3641c9a9a16933Virustotal results 23.33%Heodo