URLhaus Database

You are currently viewing the URLhaus database entry for http://simplydone.xyz/wp-admin/https://FILE/GXWQflVDeC/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:496864
URL: http://simplydone.xyz/wp-admin/https://FILE/GXWQflVDeC/
URL Status:Offline
Host: simplydone.xyz
Date added:2020-09-14 14:11:05 UTC
Last online:2020-09-15 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-14 14:16:10 UTC to report{at}hostiman[dot]ru)
Takedown time:22 hours, 2 minutes Good (down since 2020-09-15 12:18:48 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-14KYQ644 73250.docdoc de5ff2a86b9b97821a627ee23d91fecfc32dcb3d5db129604ca5c47f4feb102bVirustotal results 25.86%Heodo
2020-09-14Untitled-2020_09_14.docdoc 621854be435f34253592256072e4f2096b4563da99bb985bfe8f72101513aa53Virustotal results 26.32%Heodo
2020-09-1420501911_3939.docdoc 04c3ce2f282ed4ed9c831c5caff0edc29324dbd2eb39817fc6ed53683c5e0933n/aHeodo
2020-09-14List_20200914_P724129.docdoc 30c24452fe4cbae0d507fcd57055a6172174abbb6ecdec68304f244d67a152aan/aHeodo
2020-09-14LIST SNQ55188.docdoc 0550e42b951f268a6645fba06b0586997fba7d6e8a514f8e0014581e4c34c190Virustotal results 24.14% Heodo
2020-09-14YGE98320-2020_09_14-7227174.docdoc 566cd4d5b217367ca4bcd3a8083b4b0d9d54a60999a8ca7d736d696bef39e9e3Virustotal results 23.33% Heodo
2020-09-14Doc_2020_09_14_ES047632.docdoc 63ab439cb5788c279996c35d7e41341081f97dadb4b255653cb11194a9368465Virustotal results 20.69%Heodo
2020-09-14Rep_DV733414.docdoc d14ca2a26f3320ae83ccf62d1671ae05864f80b048af7781992fbdd253d243d7Virustotal results 20.34%Heodo
2020-09-14Rep 9586532.docdoc 83467069c2ec2cbe80e57095585d63441d9ebb7ade6e634ebc31eab616f5580en/a Heodo
2020-09-14Inf-EJN729608.docdoc c97df0581f5b0b143567afac2ce6e6580a80ab58c283cbb27e706dbbc194bbe1n/aHeodo
2020-09-1479770-Z555.docdoc 3ab666907d1caac6699ea16ad02a0143d9478daeabc0fb3e5bd94199cb787774Virustotal results 20.34%Heodo
2020-09-14UNTITLED-553.docdoc 383354c8056fb386a9af9f40c354846726ff04165ca01390075eeefad8c28faaVirustotal results 20.69%Heodo
2020-09-14Attachment_X03595.docdoc 922d0848bdeb45de8993cf7663e729ccc87c4b6f7c93ece47472e9cd8cce416aVirustotal results 20.69%Heodo
2020-09-14mes.docdoc 29fae22a3d389dcd55e32178409f0126f48256a32c56a8722a46466fa711f327Virustotal results 20.34%Heodo
2020-09-14FILE_WL9021.docdoc c10c5243885706282a292c88ce519427d115edbc902b77dfa717be2204d55e9bn/aHeodo
2020-09-14Inf_2020_09_14_833841.docdoc 0b783948053f5f1dadd529527bbbea3e2ed5e25f1cfa250aca3b6620aac9c26cn/aHeodo
2020-09-14ARC-S16984.docdoc eedba6a1fec17811ed9e71674bca1376d7ae271b00bb6f4c3cff98b375b500a1Virustotal results 18.64%Heodo
2020-09-14arc-2020_09_14-1702.docdoc 187fa0dab36761ca47536194dd03effaad31c46e27cefa4aa4dc1206f3f5526an/aHeodo