URLhaus Database

You are currently viewing the URLhaus database entry for https://blivegrp.com/wevqp/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:515410
URL: https://blivegrp.com/wevqp/swift/
URL Status:Offline
Host: blivegrp.com
Date added:2020-09-15 13:51:13 UTC
Last online:2020-09-16 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?):mail Yes (Ticket DCU002937291 created on 2020-09-15 13:52:06 UTC)
Takedown time:21 hours, 21 minutes Good (down since 2020-09-16 11:13:26 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-16NVAD_38041289.docdoc 6166313f65b115a61aa233fc6f476490bf8ebb4d5e8fb8790bec568541b2c561Virustotal results 20.34%Heodo
2020-09-16BAL_4K7KIGEPV.docdoc a77ef77d33744bee43471f6efd79797f4e3b790cb616c1a01e546f03a4e960f7Virustotal results 20.34%Heodo
2020-09-16EWXE_PO_09162020EX.docdoc 8b484c91782994539291e7b9d577270efdff9bd2f8c25bfcfb043e3edd0f1e7eVirustotal results 20.34%Heodo
2020-09-16FILE_PO_09162020EX.docdoc e94ff7ee99e57be629d1e0f2be3bada9aa1ae3c87560e031697f35d0d1799945Virustotal results 20.34%Heodo
2020-09-16W_EA3500393796NH.docdoc ae431c5920941951a5f48a3dfeea0729513e6fe01f6641fa747033213df45ed6Virustotal results 20.34%Heodo
2020-09-16DOC_XP1B5DF.docdoc b0a0b8c0689039bcb63108626720aa99a3bf7a6b09f92dba5ac5243bdc3e61deVirustotal results 20.34%Heodo
2020-09-1678618156.docdoc b465429729fe580c1862844b5e743b4913418b2bde007ae65a8b150f3defe751Virustotal results 20.34%Heodo
2020-09-16VGHYBX931A4.docdoc a7f50bf321bf73c7af879ec128a67f16868adbb11239f8c21520fb3ba193eff8n/aHeodo
2020-09-1643545174.docdoc b1d829eedc175dd7e2278966693e67bb2bba46c38b17a2f53b198ea4369997cdVirustotal results 20.34%Heodo
2020-09-16Z_HH9682434430HB.docdoc 1bb4012e89aef09b80eda22d99a564f0d3e923f96cbf25dc4a78ff6de6dbb31fVirustotal results 34.48%Heodo
2020-09-16BAL_IS7697559750BO.docdoc 32b64c216d2a44427fdf3edfe941de9017c0ac4864f88a73a252fd4256c7024cVirustotal results 33.90%Heodo
2020-09-1632961402.docdoc 38ecd62b04b76c28921cd29f65b7ccde2a36b4414a258682357c05b925825953n/aHeodo
2020-09-16REP_PO_09162020EX.docdoc 357de09bd2572ca949d4409cad4cd61b57666b750ce0caaf51241eb4725a473bVirustotal results 32.76%Heodo
2020-09-16INV_GC7553052933KZ.docdoc b7ef6487132afa596eee56ae8e75e130b2cb003eb1f2b2a765401d651fa6a61bn/aHeodo
2020-09-16PO_09162020EX.docdoc f8033b99d4728d0e4ad633cd47aa7df527d0cfe6aa3808bbb2f120f4f6c7d931Virustotal results 33.90%Heodo
2020-09-1664R34ZSA5.docdoc 0db5f8d914e43863feb97b598b9d216663ef184121d7d2fedee37f04325c1dfbVirustotal results 32.20%Heodo
2020-09-16INV_3017071535903254.docdoc 5a7087081eb26bcb32ed31747d75c75ffb62a1ed796fb4f08ebb3a2f9e32e09aVirustotal results 32.20%Heodo
2020-09-16REP_81639828.docdoc d4b79b30c6abd6633d513bd08d8b3b9b3de6f0705245b72b3e2ee09e0d03746fVirustotal results 25.86%Heodo
2020-09-16FKM9R9E.docdoc d413b9053b30e18ef4358645da23d5c4f74ab8d57d2d78a6e7d423103985b071Virustotal results 25.86%Heodo
2020-09-16DOC_PO_09162020EX.docdoc 1e8efc4f5bc3f4c1233e6072bba8d608c2c37a722e84f3a69a5776225d962922Virustotal results 25.42%Heodo
2020-09-15INV_80209972479373667001.docdoc aee8c2cd0f5858f9d9f402974a799cfa4ba52786593ce6681014c289e75f58c8Virustotal results 27.12%Heodo
2020-09-15REP_53450822.docdoc 1b3feab547c227fce46787527a728a57b05f236dc7f3be77bade5b9e661017b4Virustotal results 32.20%Heodo
2020-09-15DOC_PO_09162020EX.docdoc cef5fe8cb42c84d6b646353c977ec12cd7118000eb906b2ff5625158c998c8b5Virustotal results 27.12%Heodo
2020-09-15QJK_090120_NPS_091520.docdoc d4c8ce2687fd07ab7c3991cab5500c05e719381d7906228371f0457d260ded94Virustotal results 25.42%Heodo
2020-09-15DOC_KEQ_090120_PUF_091520.docdoc 8803b647321791051baa9ae249b48b03143908965ed583a37b955bf28c6a1c77n/aHeodo
2020-09-15FILE_S0QY5MMPKL6Y.docdoc 17ee903ed9c7b72546d333ce76b2e0996a4688e758937667ff466bb3ff005c00n/aHeodo
2020-09-15RUKZ_YMGQ924Z7.docdoc 5764303dc206274cefe1d8317b60d9cbf0f363db9b2735feb2cab9133b8b8921Virustotal results 25.00%Heodo
2020-09-1563751066.docdoc 629e1a081ae300a6d2f05af5d3062f2b48e11d58f2589a4dc44c4f79c9c32c87n/aHeodo
2020-09-15REP_CXOSHLW8Z.docdoc c6cc0bc5f638343530d50e465ee7b0a2cf952d971f2d50d1b26c5ff8d2068280Virustotal results 31.03%Heodo
2020-09-15DOC_52497185.docdoc 2088edeb14b235a68f1d6c36b0f0538fd4850dc4001d21db0a5c147916f8124cVirustotal results 32.20%Heodo
2020-09-1517622501.docdoc 1c6ce51748a1b4bdc97378a6091b03df69c39d6ec6185382608edd0355ae0bf5n/aHeodo
2020-09-15FILE_PO_09152020EX.docdoc 99cd329144ecd59f0a395fb6b78ebc0e16c295cbb98369baad836540e2037af9Virustotal results 28.07%Heodo
2020-09-15FILE_WJYTFH2.docdoc 234abcda5234527fd9e5441e8bcb123edbc786548ab844a1b481642bfa9a4e29Virustotal results 30.51%Heodo
2020-09-15REP_B1Y02I2J.docdoc 82caa6df7c863666c0e05d0b5220c9327d0223159c178a97d69f79a7a271d6bcVirustotal results 30.51%Heodo
2020-09-1595323523428420481184757.docdoc 29e6800b32fe83e4c3eea894351d851e0ba7013aa256aa96ca27b0423fe084d8Virustotal results 30.00%Heodo
2020-09-15IAH_090120_KTT_091520.docdoc ba34bf775daa42ec9022cd46e6fc17cc035d968b15fd48a74a765e88acaec39aVirustotal results 30.51%Heodo
2020-09-15DOC_28968160.docdoc 33163e89d4430eb23360add971fa52651aac6d7f2212ea3bab450dca4eaafff8Virustotal results 28.81%Heodo
2020-09-15BAL_PO_09152020EX.docdoc f52574630b28b46badc771430bea7ed4811951b7ac44b12af4cf6497f1afff4fn/aHeodo
2020-09-15D_XS0801476943LB.docdoc daeeeaf46ab956a95350b3dd00a6e610465b0cb7828c6c924413573804524099n/aHeodo
2020-09-15INV_SN2062068694GA.docdoc 84a3218db211f14f6afaf90ced3a518193158b80bbbf43bbf82a955d6064fa2dVirustotal results 28.33%Heodo
2020-09-15DOC_884813019331938069013708.docdoc fda02bec817e33a0eb6c4f769013fb985dedd41c73e728f9db5d7ff9e76cc93bVirustotal results 28.81%Heodo
2020-09-15BAL_XLP_090120_HRF_091520.docdoc 9aa6d84f75ffca251bb16890d6587306d655a61bc218cf7459688ba4526090b8n/aHeodo
2020-09-15X_900752151.docdoc a90cf1cb6d035bbb6b3ff86c2b93faa430ecce7ced8293cf7938bc913218084fVirustotal results 28.33%Heodo
2020-09-15DOC_AY6866878759CQ.docdoc e7ed07eae8640c7a6c9f7d1b9bb20cebbe19084744e8c2d12a088f70e8bc8d74n/aHeodo
2020-09-15BAL_8065324948417226456185.docdoc fd847c1ac2582df7fc923b1a1c5a5ab3c065151c082c2a2ed29b36210f899d07n/aHeodo
2020-09-15UWAPV72Q.docdoc ac25deaff3c5f73148b9ab0a424b5f1c7200c74671d6d101da13ce64ef248510Virustotal results 38.98%Heodo