URLhaus Database

You are currently viewing the URLhaus database entry for http://xclusivemarine.com/wp-includes/swift/lg1852113160006au1pf6cu0jk3r35ks3i/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:495662
URL: http://xclusivemarine.com/wp-includes/swift/lg1852113160006au1pf6cu0jk3r35ks3i/
URL Status:Offline
Host: xclusivemarine.com
Date added:2020-09-14 12:52:04 UTC
Last online:2020-09-18 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-14 12:54:38 UTC to abuse{at}digitalocean[dot]com)
Takedown time:4 days, 10 hours, 27 minutes Bad (down since 2020-09-18 23:22:02 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-18BAL_7926849319563790245133812.docdoc b302a1eeef8f5cd1872495d2788353da5171c2713cfd2b6bceada2e14583af25n/a Heodo
2020-09-16BAL_7926849319563790245133812.docdoc 992b383f57a808f3aa5963a6c2f45db3a78125642a4841e726b1df94c128b60bn/a 
2020-09-16BAL_7926849319563790245133812.docdoc 64d6a7b21cdd1515b65403eb752f5cee673355aef4a027a2170fd3600b5b6b0en/a Heodo
2020-09-16BAL_7926849319563790245133812.docdoc e255be03a8f265a066057638661ec215653c49dd1dac6983f0271d32c491817bn/a Heodo
2020-09-16BAL_7926849319563790245133812.docdoc ef642411bd6aa321da3bbcd315f3f685309f3c719f5ba83f97dbffdbb1f22224n/a Heodo
2020-09-14BAL_7926849319563790245133812.docdoc 43cb627a77712dd1d9c1f3881b4e74244e7491aee310c5619c08b1dc58f6a66dVirustotal results 37.93%Heodo
2020-09-14J_WW7NA8Q.docdoc f90da3a95eb5cda8091517c76ee5bf6c38a18c4974d6b882eee3c3a8863fce3an/aHeodo
2020-09-14N_II0889849463PS.docdoc 92851cb764419d8ba397bd68f8a097ac8cd0faeeac231c1348fc7ab7172aee64Virustotal results 37.29%Heodo
2020-09-14YHLQJ5VPYU6HF4HS.docdoc 4ca85ee8fbc72417267b0d182372896931cbe7025b65001e38019e3bf74cfec4n/aHeodo
2020-09-14TS_EMA_090120_GFE_091420.docdoc c1fe84c5bc07595ed1c451c7cd8d61f681f1252325096963b580e974a54dac0en/aHeodo
2020-09-14H_ABZ_090120_DOT_091420.docdoc 2a3b8ac232c62d1a8020778231c0385bbc08ad42e9bed9599296e8f05bbf9b7cVirustotal results 32.76%Heodo
2020-09-14W_VSD_090120_WLQ_091420.docdoc 493f41475530b76b9d0d6620de2763277bdaa51bbe084ec12fff5853fa44c208n/aHeodo
2020-09-14INV_54693498.docdoc db5dc06cd13c8fe3e12b314bae4c8be7651a26ed861eecaac0e79a8f8bf0ef43n/aHeodo
2020-09-14BAL_78203356.docdoc 57a86884de3a12e1b3b6bbd6596903706148a2c98c90827974c176979e8d1bb6n/aHeodo
2020-09-14FILE_TT2680308807JL.docdoc ed410e106fe3f9f8bedec883afe4b7b0d0dea3b449ad26fa6f41aa69c0a78f80Virustotal results 28.81%Heodo
2020-09-1402589886.docdoc a3f6b39e72cc5764544ad0f6abcdddcabce1f34999a2d78268a80c5b4f8546f2Virustotal results 27.12%Heodo
2020-09-14GW3508933262SR.docdoc c337bb16756fc3e3e080c725f6b9f3835b7277c26e3c9203be11189c6dae201dn/aHeodo
2020-09-1462EIUVRKP1.docdoc 8b92293792b289249b31bcb9f2904fea4360b6d0fa95b90b8e03a6b4d9691fd5Virustotal results 27.12%Heodo
2020-09-14B_PO_09142020EX.docdoc 346dbc5c545a8aa10d846ccb8ba758c8dd8a42aa1b64b46d835109529d0ee51bVirustotal results 25.86%Heodo
2020-09-14DOC_11245759937991572780.docdoc cfcf57cba19a0007077044365e06c2d6adb3e658011379a7e16796b25072d391n/aHeodo
2020-09-14FILE_GH4201183936ND.docdoc bf5e604c3ef6c684bb10f3877f5aaad357943c8b08c0ef560972419d1d80f43aVirustotal results 23.73%Heodo
2020-09-1488806833.docdoc e080d3e47109955d920cea3412153304a44c6675154bdb704180405f9f36b099Virustotal results 21.67%Heodo
2020-09-14FILE_PO_09142020EX.docdoc 4a170e1b7b96802b718b6797122f073cf61e00a248332de84ba29c4c7a2cf30aVirustotal results 22.95%Heodo
2020-09-148TTHI6HG0.docdoc 42c4b1eb39af3f83f49c39994431eb0a042d94a008313cdaf1831db93c45cf5dVirustotal results 22.03%Heodo
2020-09-14EI_LO7291328190JS.docdoc 358777fc6c34cc75ebc7d92ee6c2bd0b29eaf38c4a215fc317e920ab0f60476fVirustotal results 20.34%Heodo
2020-09-14BAL_PO_09142020EX.docdoc 089bf49461e57f29762b5c1f0b89fd5db567a615c5fde7cc529369f7472f8f3dn/aHeodo
2020-09-14FILE_8754915241547855036087.docdoc 663763805d81c999ba2f5a0322bdad57efca054cd220332897d9519583ec296cVirustotal results 21.67%Heodo