URLhaus Database

You are currently viewing the URLhaus database entry for http://osbm.ro/cgi-bin/Overview/pplvck/uscu4568177866ksubrtnn01ly/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:513430
URL: http://osbm.ro/cgi-bin/Overview/pplvck/uscu4568177866ksubrtnn01ly/
URL Status:Offline
Host: osbm.ro
Date added:2020-09-15 11:02:04 UTC
Last online:2020-09-17 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-15 11:04:17 UTC to abuse{at}gtstelecom[dot]ro)
Takedown time:2 days, 2 hours, 27 minutes Poor (down since 2020-09-17 13:31:44 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-16INV_83693751.docdoc 55caf48be5ac9c86baa0a943d9733131878d5b4316acdaeb3f9fc054a2e3bd38Virustotal results 25.42%Heodo
2020-09-16576084659982047064724.docdoc 0e0913f7c913e70406fdc7b5e47f2455d7152c4e461770cc1b9bee581491fab9Virustotal results 25.42%Heodo
2020-09-16INV_PO_09162020EX.docdoc 4f21e25c362b1dc72f9dd3b2b0910516918a46a4016a631a2ee276493d7d160dVirustotal results 27.59%Heodo
2020-09-16WMSE59OA.docdoc 4a42864618e8b860f0cc23b81a63cfeb95e60a000bac0acb3edd4294f8531329Virustotal results 25.42%Heodo
2020-09-164NEXIXX.docdoc 1e89a5f9dafcd1d66bcda4eb3a8e391448606ae28a808d4f723c1decc91292c4Virustotal results 25.42%Heodo
2020-09-16FILE_2799550742035310.docdoc 716dc594b3320a3bc8601253c2e46721df663c180acbb2b8e62c64f7362b06a4Virustotal results 22.03%Heodo
2020-09-16FILE_ZB2887537293VN.docdoc 8398f9c5f37ef0558a84d839ee7058340351a71fe4cf26d2590652a5a66857f8Virustotal results 21.05%Heodo
2020-09-16FILE_AJDNNSIAG6Y.docdoc 6578fea012e69eb51d9527777ef8c0a05c0e125586536d0f865a2e0ca949f57bVirustotal results 20.00%Heodo
2020-09-16TUL_UD9620813895IZ.docdoc feb760d598f3b0a810214edcedd3e0ccefa48d12ba8c1dfb200aea8d382b4070Virustotal results 20.34%Heodo
2020-09-16AJ_PO_09162020EX.docdoc 09c3f3aad8f9bc8f65a86d581ecb23b0a6262a9e28d5c5e19750e6770aa5e40fn/aHeodo
2020-09-16INV_7436626351329500.docdoc 85e8c954fc64556cac2d3c01b725c69f7b2640b92ee156c1875c02f923db643aVirustotal results 20.34%Heodo
2020-09-16S_PO_09162020EX.docdoc ca193911fda7f38dae553f8746afb6e4021eb40f46144ae77d2c8883da2c3d82Virustotal results 20.69%Heodo
2020-09-16REP_XA3447280206DK.docdoc b0a0b8c0689039bcb63108626720aa99a3bf7a6b09f92dba5ac5243bdc3e61deVirustotal results 20.34%Heodo
2020-09-1664482763.docdoc 3e62fb780c0ad60d1b4e8a1cf6e61782262a3376a1b6552c72c17df57d5375eeVirustotal results 20.34%Heodo
2020-09-16FILE_23104012.docdoc dcfdf9a342db69a880c3acc43b01f2e3f04938ed129c9b3597ee7aad3377f25dVirustotal results 20.34%Heodo
2020-09-16INV_HL0UYDJ5YH3QEUOZ.docdoc b1d829eedc175dd7e2278966693e67bb2bba46c38b17a2f53b198ea4369997cdn/aHeodo
2020-09-16H_HN3186174834AX.docdoc 1bb4012e89aef09b80eda22d99a564f0d3e923f96cbf25dc4a78ff6de6dbb31fn/aHeodo
2020-09-16FILE_3794065758937279098617537.docdoc 0dbd4a1c724732ed63f98689408f3fc72fe81f5c82ceca3ac7c45f111965e4b3Virustotal results 33.33%Heodo
2020-09-16PO_09162020EX.docdoc 357de09bd2572ca949d4409cad4cd61b57666b750ce0caaf51241eb4725a473bVirustotal results 32.76%Heodo
2020-09-16VS6028742177VM.docdoc b75415103d2353ac48eeb8630f5fb9c840dc5b1653351fd68b9a18b4bd070b5cn/aHeodo
2020-09-16SUP_AAB_090120_HKH_091620.docdoc f8033b99d4728d0e4ad633cd47aa7df527d0cfe6aa3808bbb2f120f4f6c7d931n/aHeodo
2020-09-16KXW_11476229544599540736.docdoc fbe1133ef2dd689ebe616ac9a5013fc0788d7427697a118bdbda6aa1eaada5abn/aHeodo
2020-09-16ZD_DT4092361912TZ.docdoc 305d99490d1652cba0e4ee0e78bbc8ecc201e44033a823f4cdbbfa5c43c41c51Virustotal results 32.20%Heodo
2020-09-16B_5XS2IDIH4G.docdoc 0db5f8d914e43863feb97b598b9d216663ef184121d7d2fedee37f04325c1dfbVirustotal results 32.20%Heodo
2020-09-16C_07867969267574058675924.docdoc 1b3feab547c227fce46787527a728a57b05f236dc7f3be77bade5b9e661017b4Virustotal results 32.20%Heodo
2020-09-16G_DV4874737853VC.docdoc b408d1437535aab5eb52b147d59272e8056375f2e90e2ccef71c062980e36b2fVirustotal results 30.51%Heodo
2020-09-16DOC_ANO_090120_TWJ_091620.docdoc 5e96a02fb1ec1284bbdd4f122425a6f635312ee541211269b39acd5addd3dd5aVirustotal results 30.51%Heodo
2020-09-16PO_09162020EX.docdoc f6aeaefccc4efba1167df73a2a3ba80a76c030c8278f7e8466c4d3dc7cf0084fVirustotal results 30.51%Heodo
2020-09-16YEVC_76878695.docdoc a643c8295a70cc3882662f7eac8da65ca398f824961fcd9a47454364138218e0Virustotal results 28.07%Heodo
2020-09-16PO_09162020EX.docdoc eb6bbcf1755a8438e950e632c5e1330ff4c78dc8849914d2126abeb732ec4360Virustotal results 27.59%Heodo
2020-09-16INV_D9KMNVBRH9V7.docdoc aff9c4fbadddf0c2b4c80320ddb1809027d157508adbf5e5f12d88db367c782fVirustotal results 24.14%Heodo
2020-09-16BAL_WUESINE9R2HLF.docdoc 57f88105c170f6a9c0718d37fc98fc60ebc7eecbd83b74780b5284d5412ff8adVirustotal results 25.42%Heodo
2020-09-16BAL_VXZM7DU.docdoc c8c52e1ff627d998a9a7ab47afecc546bab7e768dddab4862fb9f2d0b25fc070Virustotal results 25.00%Heodo
2020-09-16DOC_UPC_090120_UOD_091620.docdoc 4d6b056c7bab909b0af3f0a3a24f5b7fbc4453e31746d29c0c3d60122def5705Virustotal results 25.42%Heodo
2020-09-16DOC_AB7465281256ZK.docdoc 3b610a0aa4890a007dcf6df33178a042c25d7ae68a3fdff4d368a5728f811a78Virustotal results 25.00%Heodo
2020-09-16DOC_04742428515.docdoc f8b89f97feff5649f70d133e5a998bb941c042aa450267dafba9ed28a95b7f59Virustotal results 25.42%Heodo
2020-09-16LHE_090120_ZRC_091620.docdoc d4b79b30c6abd6633d513bd08d8b3b9b3de6f0705245b72b3e2ee09e0d03746fVirustotal results 25.86%Heodo
2020-09-16X0GVYJRIJ.docdoc 9a29066aa3490e60be3e563dadcd9f7ef75e6eef752abd1bd40ab5323a57a83eVirustotal results 25.86%Heodo
2020-09-16BAL_TM3SQR0LK3P7.docdoc a4161a1c0ab452048658bdf4e30fe550fe9da9f47ea4525fdb2858949f42887eVirustotal results 32.76%Heodo
2020-09-15N_SMT_090120_NDL_091620.docdoc aee8c2cd0f5858f9d9f402974a799cfa4ba52786593ce6681014c289e75f58c8Virustotal results 27.12%Heodo
2020-09-15W_826875767688301802.docdoc fca275c16aa901a7fff33e9ab6ef4a73787f1020eabc602bfdd18bb08c4e78fcVirustotal results 32.20%Heodo
2020-09-15AG60XUF38I32DGQ.docdoc 879cb07fa12e39fbaafbeef54a8c988ee57a673fb57a02099a1f6bb733318c44n/aHeodo
2020-09-15C_HZA_090120_WNE_091620.docdoc adbca35477fb3a09c475fd0866dc9150946d2e4bd9b05650f9f066118659df26n/aHeodo
2020-09-15945053517245588.docdoc 588439f42539c073b150e685ee9d555a0012c8bfbd92b3bb4091b6ba21ed3d6dVirustotal results 25.42%Heodo
2020-09-15DOC_8472243672178385343497.docdoc c4daeb1197761ad6ebcf922fd44f7f3aed5d49a64e107dc1d79340f2a0b2ca36Virustotal results 25.42%Heodo
2020-09-15INV_2107158818.docdoc 722e0b21752c8eb64fbb26fcf4ef9ab58f89050b3b690fa97b068eae6a0b522fVirustotal results 25.86%Heodo
2020-09-15LI5282253944OO.docdoc 9656f634b78c149e6a428cb521d7a9ae339fb27e467de4ab2d6131cc7673021aVirustotal results 25.42%Heodo
2020-09-15INV_4884150677383418572767049.docdoc b08ba532b43fe11e03765134c030e9f47fcd626ebc014e8b2d1d3cf4cd7f1074Virustotal results 25.42%Heodo
2020-09-15FILE_PO_09162020EX.docdoc b0ee242bd63c84fc1dc0a0688e6c44566078121fa2b637d55dc0584e5952c27aVirustotal results 25.00%Heodo
2020-09-15F_GVF_090120_ZRR_091620.docdoc 507e2356293102846a1fa73ec4869b6f98ecb3ef5b43f4d5261562eae848b613n/aHeodo
2020-09-15PO_09152020EX.docdoc 5184e08e6c595ddbb60b6ac4030286b2e70fa5ee7567cb0360b2a66ec04f8d89Virustotal results 25.86%Heodo
2020-09-15IH1556384229ZN.docdoc 17ee903ed9c7b72546d333ce76b2e0996a4688e758937667ff466bb3ff005c00n/aHeodo
2020-09-15INV_IK3396168887HZ.docdoc 5764303dc206274cefe1d8317b60d9cbf0f363db9b2735feb2cab9133b8b8921n/aHeodo
2020-09-15J_237739252666708540865.docdoc 8869192957c4d226cae4679243a3a7ac5a193866a2e1048e37ca60f29d9af28aVirustotal results 26.32%Heodo
2020-09-1549228564.docdoc c6cc0bc5f638343530d50e465ee7b0a2cf952d971f2d50d1b26c5ff8d2068280Virustotal results 31.03%Heodo
2020-09-15AR6206684196TC.docdoc 2606beb5d1d6e2ffb46e2b77e75b5e8154a29510f08728d4317515292ca7d1e0Virustotal results 32.20%Heodo
2020-09-15A_76054568.docdoc 3a27d228a126b4876ded1657ddeebfc55df1277042bb3c9e8a88af914fead10eVirustotal results 30.51%Heodo
2020-09-15L_PO_09152020EX.docdoc b98c6bb5f406dd831d675d835a86587322ffbbcf4e47b5a01c471fad167f8cfan/aHeodo
2020-09-15FILE_AAJ_090120_YON_091520.docdoc 933b3518041b978efa6f14e957c5a72dbd62b3e460129c2eb6904ba09c1b8f17n/aHeodo
2020-09-15B_882354471054.docdoc 1566f358c08b612008f380dbf93ae439bedd0b527deb8bfa5ca732264e37af87Virustotal results 26.92%Heodo
2020-09-15CM6XG9ZCIG3Z.docdoc 82caa6df7c863666c0e05d0b5220c9327d0223159c178a97d69f79a7a271d6bcVirustotal results 30.51%Heodo
2020-09-15RQD_090120_QTC_091520.docdoc a0717611fe03a6c29521881be56f81ec03ade7808b63895b52565ad690e95234Virustotal results 30.51%Heodo
2020-09-15BAL_229628810262398.docdoc b6ef89ad934abd3b5e218a5e4b798f80446809c13aa649cc8062453da031a33dn/aHeodo
2020-09-15DOC_5M4U2S5GN.docdoc 33163e89d4430eb23360add971fa52651aac6d7f2212ea3bab450dca4eaafff8Virustotal results 31.03%Heodo
2020-09-1519972820.docdoc f52574630b28b46badc771430bea7ed4811951b7ac44b12af4cf6497f1afff4fVirustotal results 30.00%Heodo
2020-09-15JUC_090120_ZBE_091520.docdoc 34c57cf72a0605b4e2839e24ba06beed39f76ecd580db06b134be4c6d351684dn/aHeodo
2020-09-156NLKZ6YDLMF.docdoc 84a3218db211f14f6afaf90ced3a518193158b80bbbf43bbf82a955d6064fa2dVirustotal results 28.33%Heodo
2020-09-15YDRK_56118873978318328902695.docdoc 119508e9f0c2fbc111a973f8e972b864be6a314ed3718115e8fd5ae29f70962eVirustotal results 29.82%Heodo
2020-09-15REP_SW3825422610CL.docdoc 45add26a1868ac12bd1c2d6f44460f28a1e211c19c70cf4bb5fcbf2414ae2006Virustotal results 28.57%Heodo
2020-09-15ESU_090120_GNR_091520.docdoc 9aa6d84f75ffca251bb16890d6587306d655a61bc218cf7459688ba4526090b8n/aHeodo
2020-09-15INV_71475714.docdoc e13fe582fb3f540b7bae68b1aab1cdc1f9e872dffc0f73bc14f04287c66cc813n/aHeodo
2020-09-15PO_09152020EX.docdoc f4071e6170511cfc0e65803cd404a878571d1c8cad7c3742b846e7585cc6b546n/aHeodo
2020-09-15PO_09152020EX.docdoc 5d4bee6f5bb0d02b980f21c2ae731bd12d5de2e2810058e6098fc888a7cc6f7bVirustotal results 29.31%Heodo
2020-09-15PO_09152020EX.docdoc 2231867f5f922d40ae930f032654dc95e2966b101a79e3f6a4f86ccc3d46b084Virustotal results 23.21%Heodo
2020-09-15REP_MFJ_090120_YBD_091520.docdoc 7e7d1803366d468d089ff0c15817cc44e03d3cc5109473086a613b68cf5cde80Virustotal results 37.93%Heodo
2020-09-15FILE_ZT3546971970PJ.docdoc f6b411752457e67af88361dab260e090f3eab65cc6c2ca63f8e2ee7b81a398cbVirustotal results 40.68%Heodo
2020-09-15N9D92QUES.docdoc 4e80a09ed0a4a98e6f2891d07eb2f4f8de63314c22c8d00cf0ed87c5d55a1e7dVirustotal results 30.00%Heodo
2020-09-1569868576.docdoc 356d47d62853cdffcc77d94782e286aea2cb43b33cfc90bd957d65bf9edf8c05Virustotal results 27.59%Heodo
2020-09-1586607516.docdoc 1c71f8ea6feb7151e43dd7a022fed82103545c6e079231fd59df26e00bcdb66bVirustotal results 27.12%Heodo
2020-09-1536727850.docdoc c5d3e05040b167eefc00d3bbe6cac732b32b88aac3d3c6b7a640e8abbd9ef10bVirustotal results 26.67%Heodo
2020-09-15Y_PO_09152020EX.docdoc a27e34af3dd6de2bd605581cce065e11a651c8ee0544d3ea0d7419a9a3daa3feVirustotal results 28.81%Heodo
2020-09-15T_PO_09152020EX.docdoc 0a027ac005f0ab69b76b7587c1f5ac68377f933bb7d7aed7741899867ccd0032Virustotal results 24.14%Heodo
2020-09-15TU2W797UKLDYJS.docdoc 79ba5a7a70056da57112bee19e3bc8f985e7b22339162bbdefcfb0084f8889ban/aHeodo
2020-09-15INV_416506861110896964.docdoc 79a46789e71cdf1123ee030b076bc802e69e91a0e789d74f2de290ff9a9e71beVirustotal results 27.12%Heodo