URLhaus Database

You are currently viewing the URLhaus database entry for https://geeksquadusa.info/wp-includes/OCT/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:514002
URL: https://geeksquadusa.info/wp-includes/OCT/
URL Status:Offline
Host: geeksquadusa.info
Date added:2020-09-15 11:49:36 UTC
Last online:2020-09-17 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-15 11:50:23 UTC to dcundiff{at}a2hosting[dot]com)
Takedown time:2 days, 9 hours, 10 minutes Poor (down since 2020-09-17 21:01:16 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-16BAL_FL0757676256PN.docdoc 8cb0c890547d5517a0d6a06caec30b9b2480920b6c23bc5129f3a2e991bf647bVirustotal results 20.34%Heodo
2020-09-16DOC_931A4019S39S.docdoc b7d7c443145be4e2543b2786517f68cfef114f06e7c276368a6046c98963b766Virustotal results 22.03%Heodo
2020-09-16REP_21062246.docdoc b8684570ff020824676af136d3c0076181180c4d7abe963ffb04a340ecb68186n/aHeodo
2020-09-16REP_EJV_090120_HGN_091620.docdoc 30f103a39f5ac055f29f5b9364d03f9777737256ea1096c2cb957cd5285ea8b8Virustotal results 20.00%Heodo
2020-09-16FILE_6MPEMF9D7.docdoc 733150afe58d633a7748c6b98f7f64f72685083f5b0535ee970260073452bc1dVirustotal results 20.69%Heodo
2020-09-16PO_09162020EX.docdoc b0a0b8c0689039bcb63108626720aa99a3bf7a6b09f92dba5ac5243bdc3e61deVirustotal results 20.34%Heodo
2020-09-16FILE_NM1640890884EP.docdoc 02be4df68e31c4b3e1357d80caa4f107b113888ff35908ef3d8c4eaa057731b5Virustotal results 20.69%Heodo
2020-09-16DP4630513985MH.docdoc aebb79d00a5e16152918873b637b5c9a059d85715ebaadaea301faf34273ce01Virustotal results 19.30%Heodo
2020-09-16GHQW_RHK_090120_VLB_091620.docdoc abd53fd5f66e4ea484f4c037e59274f3933de850d9e618d2cc9123d48a571affVirustotal results 20.69%Heodo
2020-09-16BAL_KNW_090120_VGH_091620.docdoc 1bb4012e89aef09b80eda22d99a564f0d3e923f96cbf25dc4a78ff6de6dbb31fVirustotal results 33.90%Heodo
2020-09-16I_78463106978.docdoc 901353bf497a3403db274b0c2175a9e1dfc3a0f60720e0dabb97619da3cde741n/aHeodo
2020-09-16PO_09162020EX.docdoc 0dbd4a1c724732ed63f98689408f3fc72fe81f5c82ceca3ac7c45f111965e4b3Virustotal results 33.33%Heodo
2020-09-16WXTCX4QB.docdoc 357de09bd2572ca949d4409cad4cd61b57666b750ce0caaf51241eb4725a473bVirustotal results 32.76%Heodo
2020-09-16G_EKG_090120_VLF_091620.docdoc b7ef6487132afa596eee56ae8e75e130b2cb003eb1f2b2a765401d651fa6a61bVirustotal results 34.48%Heodo
2020-09-16FILE_1Y95E1IPEVKH.docdoc f8033b99d4728d0e4ad633cd47aa7df527d0cfe6aa3808bbb2f120f4f6c7d931Virustotal results 33.90%Heodo
2020-09-16INV_765521669753707441302.docdoc fbe1133ef2dd689ebe616ac9a5013fc0788d7427697a118bdbda6aa1eaada5abn/aHeodo
2020-09-16RDS_090120_FYC_091620.docdoc 0db5f8d914e43863feb97b598b9d216663ef184121d7d2fedee37f04325c1dfbVirustotal results 32.20%Heodo
2020-09-16I_TU4885432513VM.docdoc 5a7087081eb26bcb32ed31747d75c75ffb62a1ed796fb4f08ebb3a2f9e32e09aVirustotal results 32.20%Heodo
2020-09-16BAL_AYKOR1KTMSSB18ZR.docdoc f612c549bdd3f599721c805169c70aa6e0b6f144a0a58a323f0d59d11f23b45cVirustotal results 34.48%Heodo
2020-09-16P_CII_090120_TXU_091620.docdoc 67cb2e599dc74d3e6f8048e4f19b08bb8852579326ae869f8c39fa818ef144bcVirustotal results 30.51%Heodo
2020-09-16PDF4OR6HB.docdoc f6aeaefccc4efba1167df73a2a3ba80a76c030c8278f7e8466c4d3dc7cf0084fVirustotal results 30.51%Heodo
2020-09-16V_PO_09162020EX.docdoc adbca35477fb3a09c475fd0866dc9150946d2e4bd9b05650f9f066118659df26Virustotal results 30.51%Heodo
2020-09-16INV_9539626424436902661.docdoc ede79cad6b8517c5d9a8ce2fa49a478bf40491b3295b2d348c418589f100e877Virustotal results 33.90%Heodo
2020-09-16R_15041937.docdoc ed810a173660499c4d9356a3183b890ec5f2d2c6dba475ff95a77ac09d81378aVirustotal results 25.86%Heodo
2020-09-16REP_O3Q8X3BMUT8X.docdoc aff9c4fbadddf0c2b4c80320ddb1809027d157508adbf5e5f12d88db367c782fVirustotal results 24.14%Heodo
2020-09-16DOC_54626261.docdoc b0ee242bd63c84fc1dc0a0688e6c44566078121fa2b637d55dc0584e5952c27aVirustotal results 25.00%Heodo
2020-09-16FILE_HI5377869903MS.docdoc 507e2356293102846a1fa73ec4869b6f98ecb3ef5b43f4d5261562eae848b613Virustotal results 25.86%Heodo
2020-09-16J_DD2062638495LP.docdoc e6f1e7b2859714d5a971f9bf49e595cd31bbf292fbda1b9e5928fa031cfc7275Virustotal results 25.86%Heodo
2020-09-16INV_MRC_090120_MSU_091620.docdoc 5184e08e6c595ddbb60b6ac4030286b2e70fa5ee7567cb0360b2a66ec04f8d89Virustotal results 25.86%Heodo
2020-09-16TS_KH4229552121EC.docdoc d413b9053b30e18ef4358645da23d5c4f74ab8d57d2d78a6e7d423103985b071Virustotal results 25.86%Heodo
2020-09-16R_JS3251246041AT.docdoc f8a35f4ee5b56117d206ece5cd25afb33aba58cbfb3c32748018d4424f212bddVirustotal results 25.42%Heodo
2020-09-15W_PO_09162020EX.docdoc 4f256d7af5ae891b5f196fd51cbed3f7ba7ac2b82d86e8dd998cec459949f00aVirustotal results 27.12%Heodo
2020-09-15OE4634935298MU.docdoc 8869192957c4d226cae4679243a3a7ac5a193866a2e1048e37ca60f29d9af28aVirustotal results 26.32%Heodo
2020-09-15FILE_SIX_090120_NJM_091620.docdoc 1b3feab547c227fce46787527a728a57b05f236dc7f3be77bade5b9e661017b4n/aHeodo
2020-09-15GBX_8GLJ5DHLT2.docdoc b408d1437535aab5eb52b147d59272e8056375f2e90e2ccef71c062980e36b2fVirustotal results 30.51%Heodo
2020-09-15INV_XO2OJ9CXA9BAM0R6.docdoc ade1729cdf53dd56b39ae9440ccb71670f42e5f8fd2b0a564f11aa404c2d427eVirustotal results 30.51%Heodo
2020-09-15055924149735297.docdoc 350cf5c830bdf242f41ea336e2803b83af81ba91751cb13c418e5cff3674d95fVirustotal results 29.31%Heodo
2020-09-15FILE_391369276887355.docdoc 8e6f30327f622ec5f0e0af698a465ea3e932a184bd57077e5561244208e45f8dn/aHeodo
2020-09-15T_06177394.docdoc 57f88105c170f6a9c0718d37fc98fc60ebc7eecbd83b74780b5284d5412ff8adVirustotal results 25.42%Heodo
2020-09-15D_CHVJBXBUORGA.docdoc 7ed2061c4e694c21459db2c680fc101f2f2ed9bb6b8b8768a3bfc2b19ca14ef5n/aHeodo
2020-09-15BAL_PO_09162020EX.docdoc 1fdc71b89f5d3b5fce037341692415964a8c4141c9579be50045bf9d2e309afdn/aHeodo
2020-09-15S_PO_09152020EX.docdoc d4c8ce2687fd07ab7c3991cab5500c05e719381d7906228371f0457d260ded94Virustotal results 25.42%Heodo
2020-09-15DOC_30777260.docdoc f8b89f97feff5649f70d133e5a998bb941c042aa450267dafba9ed28a95b7f59Virustotal results 25.86%Heodo
2020-09-15QYG_OYR91QPI.docdoc 607bf68103d9158e576beb6c3a4b287bc5f5283c5871075a532d44efa448b9a0Virustotal results 25.00%Heodo
2020-09-1514361094.docdoc 1e8efc4f5bc3f4c1233e6072bba8d608c2c37a722e84f3a69a5776225d962922Virustotal results 23.73%Heodo
2020-09-15FILE_KM828REQAII.docdoc aee8c2cd0f5858f9d9f402974a799cfa4ba52786593ce6681014c289e75f58c8n/aHeodo
2020-09-15NK3PAC22NJVDXPJA.docdoc 82c25613755c7a3a9737fe08cbc7fae6d75faa2807218b65d6b5a6dfb1bbff67Virustotal results 32.20%Heodo
2020-09-15BAL_VTZLDIA6W8.docdoc ae651bbc1bb9cb216ddeae09b03346aa86c991c00d59ad680a83343eac0d4da2Virustotal results 32.20%Heodo
2020-09-15Z_MOIQRJ9T7NT.docdoc ce54926c6e6bb51a9f76b70e433f6745eaa79038969f753b14bce036ccf55c76Virustotal results 33.33%Heodo
2020-09-15X_VLR_090120_MRT_091520.docdoc b98c6bb5f406dd831d675d835a86587322ffbbcf4e47b5a01c471fad167f8cfaVirustotal results 32.20%Heodo
2020-09-15REP_01533913.docdoc c8410c8dd820bc1e8805ba93260cd2fb0f7707d75573915bdb97ea2a01b66ea8Virustotal results 30.51%Heodo
2020-09-15BAL_WAYMZP210E94ZS9A.docdoc 933b3518041b978efa6f14e957c5a72dbd62b3e460129c2eb6904ba09c1b8f17Virustotal results 31.67%Heodo
2020-09-15IC_4606005819531805.docdoc 6e6f6b58f145fa06be9bbb1ec69b77c97ec6d245e71fbf4a6b7ad3004ba035a2Virustotal results 31.67%Heodo
2020-09-15PO_09152020EX.docdoc 29e6800b32fe83e4c3eea894351d851e0ba7013aa256aa96ca27b0423fe084d8Virustotal results 30.00%Heodo
2020-09-15O_61362968.docdoc b6ef89ad934abd3b5e218a5e4b798f80446809c13aa649cc8062453da031a33dVirustotal results 31.03%Heodo
2020-09-15INV_06459565.docdoc 33163e89d4430eb23360add971fa52651aac6d7f2212ea3bab450dca4eaafff8Virustotal results 31.03%Heodo
2020-09-15FILE_79607561583563339373.docdoc 81e8f540b8a75bf2da7b2ee0fb9d7e1b7795a0794fb9527722022322f056ec75n/aHeodo
2020-09-15TDE_MOQ_090120_TTP_091520.docdoc bf726f4ccf307b79f32d968b3ec5145392bd3237ccf42905e75fa215cac2a476n/aHeodo
2020-09-15BAL_IDJ_090120_JLX_091520.docdoc 444ecd76408121efb70dedd5886e0d2042b0afcd9ad85a940eb6e027f7651082Virustotal results 30.00%Heodo
2020-09-1511401926.docdoc ce5e15ba45fc795c949cf8454ef415ac43d6ec2c3cce937ee1df06346e64deeeVirustotal results 28.81%Heodo
2020-09-1555625448.docdoc 0ec418e8980ab3a6855c2e01e16335d606b8f8b54a4eb3dd9e3ac41201668ffcn/aHeodo
2020-09-15BAL_17286193.docdoc 45add26a1868ac12bd1c2d6f44460f28a1e211c19c70cf4bb5fcbf2414ae2006Virustotal results 28.57%Heodo
2020-09-15G_OSX_090120_ZQQ_091520.docdoc fda02bec817e33a0eb6c4f769013fb985dedd41c73e728f9db5d7ff9e76cc93bn/aHeodo
2020-09-15REP_78475345.docdoc e13fe582fb3f540b7bae68b1aab1cdc1f9e872dffc0f73bc14f04287c66cc813n/aHeodo
2020-09-1583466426526974777125.docdoc 5d4bee6f5bb0d02b980f21c2ae731bd12d5de2e2810058e6098fc888a7cc6f7bn/aHeodo
2020-09-15BAL_PO_09152020EX.docdoc 86e5592a5a53eba6b534b450d5b736eff616b1453a741d713aceb18d55557483n/aHeodo
2020-09-15INV_1VIQ0FMRL8Q2TE3E.docdoc 0fb32d14c44e30aa5e3f3aefb634a5414cfa213f97ad3b129d3c18dcf8e7ff61n/aHeodo
2020-09-15BAL_412672544154181732465.docdoc d590291ac7dd3e6a44554bafcd4bf1bafffa63e97ae93a536a420a3378ecec21Virustotal results 30.51%Heodo
2020-09-15549951856656177042163338.docdoc 4e14eaff86f204c98eb2c3e3f1c819d230863f05ee0c1e9e5ac35ae3cceb507eVirustotal results 33.90%Heodo
2020-09-15REP_80094267.docdoc 356d47d62853cdffcc77d94782e286aea2cb43b33cfc90bd957d65bf9edf8c05Virustotal results 27.59%Heodo
2020-09-15ARHP9BMZ2O.docdoc 5f5e03528d71d6b4ca5fcac04fadc482d9f2d6640c96ebbb54b05e9030f179e9Virustotal results 27.12%Heodo
2020-09-15FILE_95029437.docdoc 2cde4939f797633de929427a46005c56edcb0480a7a87e6194df70cbe707bc7eVirustotal results 30.00%Heodo
2020-09-15BAL_093374490930466212144.docdoc a27e34af3dd6de2bd605581cce065e11a651c8ee0544d3ea0d7419a9a3daa3feVirustotal results 27.59%Heodo