URLhaus Database

You are currently viewing the URLhaus database entry for https://b.fherf.com/s2cxmd/Document/0etps0w/n9wd0108520392550wg4m1oxf/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	522227
URL:	https://b.fherf.com/s2cxmd/Document/0etps0w/n9wd0108520392550wg4m1oxf/
URL Status:	Offline
Host:	b.fherf.com
Date added:	2020-09-16 00:02:06 UTC
Last online:	2020-09-26 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-09-16 00:04:55 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:	10 days, 16 hours, 6 minutes (down since 2020-09-26 16:11:39 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-18	REP_ESH_090120_LMR_091820.doc	doc	c63f6783c00a837e235c2c2405fccfe135bf4358704dad7525b4660588e6ed3a	36.21%	Heodo
2020-09-17	INV_08108433.doc	doc	36d46656d6969e3946e5b7d590c3f84bee9577d16dc333b05a115c41760636b7	35.00%	Heodo
2020-09-17	BAL_3475775614.doc	doc	0606ba599bf7a4fca591dc6e4c5b29805cb37284a37a2cefd0f5237a52ce46ac	35.00%	Heodo
2020-09-17	Q_HQ3GN85S5R5PAMU.doc	doc	3d0e327579a0412b41e40642776caf0be54df0872df9e9ce553e048802249ac0	33.90%	Heodo
2020-09-17	L_67750999297806026674010.doc	doc	24b4b9f235edf4c63faa8b1722508868d0727dd455e4abcbdaf1ac38eb379dfe	33.90%	Heodo
2020-09-17	UU_07336537331082.doc	doc	11cfbdf8ce4f99c93816a1ed7ff7410d051b0cc978efc9ff9fa824db596374e5	n/a	Heodo
2020-09-17	DOC_PO_09182020EX.doc	doc	9c119c1d39a1e41201dfbb087466fa543558f959d147c3e8ef77650beaff2d9f	33.90%	Heodo
2020-09-17	FILE_7797021492710.doc	doc	794d05a964943c6e59eef584b6bd5ee060dec7907a990ec1a0d71260e641c74d	47.46%	Heodo
2020-09-17	BAL_505240382763554498139470.doc	doc	cc63dfcd6635c5015409c3a12a978b586bf9c3ae9c8c9ed0af8dca8c7384350a	41.67%	Heodo
2020-09-17	FILE_52155331.doc	doc	30fae41cd15ad7341c7e91b9e003b523538a2b23f9afa8d601ec22cdb738526b	42.37%	Heodo
2020-09-17	U_PO_09172020EX.doc	doc	46ed6bbe96a97f0da9479591c55394830ccd60524bcfa7b78b035514fb9a8eba	39.66%	Heodo
2020-09-17	INV_419895457623532158.doc	doc	28e0ec9faec8fb63dd3210568b84e14423b5bfe6e353859a2da0fadc23b3e8dd	36.21%	Heodo
2020-09-17	INV_968523019647570.doc	doc	55e876b6274746f9d8486bee3ae8b45b9fac29272c39e6d09ec38a93903d3dec	35.59%	Heodo
2020-09-17	BZ_ZOY_090120_XHJ_091720.doc	doc	14650f22ccd9ac8f4effcb6415afc3ee21a1a681e0d621888dd3e28a30e9e237	36.67%	Heodo
2020-09-17	FILE_PO_09172020EX.doc	doc	1df5b6fa599fb3c788702a36ea699399ccd479a07f4dff1b7372b1bc6fcf6968	37.29%	Heodo
2020-09-17	FILE_PO_09172020EX.doc	doc	fabd2f3729de07ef5f673b245597b0d770876cb520d02fe15d4e9e62c7c7efde	32.20%	Heodo
2020-09-17	PO_09172020EX.doc	doc	33c51d58c2e4bbbfceeedd8f100ddadf9be5354f98a497c5d5a0db849a51562b	31.58%	Heodo
2020-09-17	2395588998644328123.doc	doc	1da1190d2c7472ff429ae35611b7120698dca55175d1c298e68f24f33fc4caec	32.20%	Heodo
2020-09-17	BAL_PO_09172020EX.doc	doc	1416fbb0d1f2c204801a510618e8135a3d21a605d397a155e41f4d9d242aa9d9	32.76%	Heodo
2020-09-17	PO_09172020EX.doc	doc	9858faec65e0756d0003cfd8bcf4e322ebb83c537243e039ae6e43b4893c514d	32.20%	Heodo
2020-09-17	INV_PO_09172020EX.doc	doc	86c6d2a8e253f6f718c9c33f90a752c85aa9fc47c5a0addf2d8da2e16a5683c0	30.51%	Heodo
2020-09-17	111541715712813.doc	doc	24d870441096e99a67d348025f42e44c531b85ccc3a98c5f138e666ec44dcb46	31.67%	Heodo
2020-09-17	INV_50544416367838730856.doc	doc	dcd3e00d8637a9ba1d0bd4b50e2895294c67b06017af07497a032472d7ade91a	n/a	Heodo
2020-09-17	OX5733900869SZ.doc	doc	46b9776b6dcbbc272429563afe8cbf980019b5a57e1a4625c5495dd553ef439f	35.59%	Heodo
2020-09-17	DOC_GR3A63FFE9.doc	doc	27eba47f653b19797edea37d8dbf75215328081ca3b6abb42719eb226a877a5d	30.51%	Heodo
2020-09-17	INV_4D953LCSQH32W.doc	doc	c3398d0143d68598160025f752138b7d986b35d277e83d05c6afeca8f7cced55	36.67%	Heodo
2020-09-17	GOC_090120_GLH_091720.doc	doc	425cf69c1c8cf4327ace3bad807a83df91fcc0692bd45dca12e840eb562931d9	36.21%	Heodo
2020-09-17	REP_9WL1NZ2BWQZZ842Y.doc	doc	79d28b1f906f26beea84fa259a3953fa6fedf70176ec6a5bcd77e724f4d326ab	n/a	Heodo
2020-09-17	G_IBO_090120_YPD_091720.doc	doc	00f42d9a9acefed89581ed82845dd70bf86cca472f771ac1f7ca4bf48e7b2274	n/a	Heodo
2020-09-17	BAL_Y7YEGKGKGR7E.doc	doc	ff3fdeea7e84bb9d7ed41ba9195b3fd153b59b5b108babdf4946abd95d17aa8b	32.20%	Heodo
2020-09-17	4JLR6IHYX0F8Q9.doc	doc	5973dddd2d358abc25401fc5c27a37b589d47d6224f5041925b3bbda7dac4e6c	31.03%	Heodo
2020-09-17	INV_JU3120720432MH.doc	doc	fd0f987936c01acfb91bb84e9e9c3e6f425f55d07887f14ee595ec418d252849	40.00%	Heodo
2020-09-17	DOC_UANL97C5X18UYED8.doc	doc	dcf52647f987ed5fd370ecf3ddd3dedf9c3bcda6c29057f5464d8222839fc45c	40.35%	Heodo
2020-09-17	FILE_LWL_090120_OTQ_091720.doc	doc	595abb95ad8bea9fcd875fee5c21baaf5f829e997eb430384a8fd7f43da2e0cf	38.98%	Heodo
2020-09-17	D_87578743881659186.doc	doc	55830632b4ab2552e0bd05b69d7e03291c05b89c3f4a37dccb611ec180d70721	38.98%	Heodo
2020-09-17	V_AM8549880846OX.doc	doc	73ad18478fb2dc515c21ae65ae67658d0bf5c43e86ab24685f4f5d71a592f78e	38.98%	Heodo
2020-09-17	INV_PZC_090120_ILE_091720.doc	doc	093ca9b873eac37c451077497250eda40c15ef31aefd41593a79f206a45ff6b2	39.66%	Heodo
2020-09-17	OU_PO_09172020EX.doc	doc	8d1ff2bacfbda66fbafa8dd2c05aa1912c32f694f2d0aaac4ac43897edcb677f	35.59%	Heodo
2020-09-17	BAL_38210161.doc	doc	f3905c73171c859ac62800e08e653b667959363d0f57538eb82202c92543f12e	35.59%	Heodo
2020-09-17	BAL_52115506.doc	doc	163a09323a2678ec297914024703f458b53d81470967ee69eb352bb51a5d4f92	n/a	Heodo
2020-09-17	REP_PO_09172020EX.doc	doc	b16adf0d1893ff9c5ccdcc3c1ab65b9b3f8c570cdd9bb139f238f4be5b89cc8e	34.48%	Heodo
2020-09-17	REP_PAPSYPLK9IBJPLQ1.doc	doc	d9a35783bb245b622048384501eb1c30e098c547b4d3079e0c8d01e06336464c	n/a	Heodo
2020-09-17	HSYJ3PUVO1.doc	doc	1a945df2c4c5399840e2cdcc623c15e12451e66db694d71f26bd718dc8628993	31.67%	Heodo
2020-09-17	REP_0C35ZF7U.doc	doc	8f30ed97624714bbc4dd8ce51400050e106aef3630f8510ffd8195e28c9ea6e9	33.33%	Heodo
2020-09-17	WPNF_MZ1349126930BG.doc	doc	57e1942e529266771688a423f03e005f8ed47584381f2a38e92e4045550d657c	33.33%	Heodo
2020-09-17	DOC_94781372.doc	doc	76bf8d09a314a6ed1f11e8794d3027fcedcc3762677e37d8f7a304e4d370837c	27.59%	Heodo
2020-09-17	621380692176192.doc	doc	528a62bc2a5bb42529a57abc0367b0a612ebe84f846906aa5a6737e759d6ae84	25.42%	Heodo
2020-09-17	GK_R4LSCPN6KA4F181.doc	doc	4fc07945a17ff1e3422b0c95992fa2750006aeb21b1e886f0c2876d4ef69a14b	25.42%	Heodo
2020-09-17	BAL_61552253.doc	doc	85ecc831aac84128028e315d8229777d99b91e6adba5a437b18e0f2a3c34e76e	25.86%	Heodo
2020-09-17	Q_PO_09172020EX.doc	doc	d30169f108ec72fbaf16bb8726e798602988e1c42a7b3020b0ef0ad0572f9625	25.42%	Heodo
2020-09-16	78885280.doc	doc	b2bfefad5d4d6a3dff230f61a9c4b055d5ae4b37b8fecca5550317c89f615504	25.42%	Heodo
2020-09-16	INV_OMYD4U3NEC1IREC0.doc	doc	73158e3c574c5cfbe98520ebb3b8c4270609205751d997b87414e5a43980f960	25.86%	Heodo
2020-09-16	36174504.doc	doc	a9c8d3bb56d6abf69a804578bde7b85ae2717ff03d86c79d9f96d313d82552b5	28.07%	Heodo
2020-09-16	X_PO_09172020EX.doc	doc	f8be1cb32fdc9776f4b599f4b99eb0315d3fccebbdc850498b96f6a65fe9e02c	27.12%	Heodo
2020-09-16	FILE_97614565.doc	doc	1a487a6af75caefff2748862adf7200a692c1e5f6453c1d86ebceab252b5bd66	25.86%	Heodo
2020-09-16	S_YK3435519619BX.doc	doc	409d5db4ee06957895e043e25c81a8d9b2438a172c248bfc3f149c6c947e3ce3	25.42%	Heodo
2020-09-16	R_LL2750314062ZH.doc	doc	98b7ab7a1185220c44567c8e6562c858a1aa47058efd0113421a2f4d7fa63231	26.32%	Heodo
2020-09-16	PO_09162020EX.doc	doc	8f96a4ee289f6093a2f1afe8c584cba4a802c054ef22fde70d451254191872fd	n/a	Heodo
2020-09-16	DOC_8M4FACSOZ3H94.doc	doc	c0418ebecc711ff38d29eb29f832c78c462b0c3f55201223702aac43a15f8e1d	25.86%	Heodo
2020-09-16	RQY8CO98ZZ.doc	doc	f656f7fc2ac175767aea79393803f493b18211403a390c2daf9c5dae720e26e3	n/a	Heodo
2020-09-16	BAL_IJ3717485054OH.doc	doc	fd4fb3464a7f787ee4d5b1795fe7b4d8ffde4a1683fc6620602fb78ba52f52a9	n/a	Heodo
2020-09-16	PO_09162020EX.doc	doc	c95b5dca5208b5d4dea488991b6cae5bc1d6e7686af278285ea7e77a3b71cd03	n/a	Heodo
2020-09-16	INV_ZSLHLSGR01TYJ7P.doc	doc	7ad1bb86cc5ab4b2563548f2fc53faf9ed64e5216c895c9a425aea815a45b6b4	n/a	Heodo
2020-09-16	DOC_PO_09162020EX.doc	doc	d7f12b14c351620ca64769a126560507c4746cc966510d04d0fa882e521128c4	41.67%	Heodo
2020-09-16	REP_ZPL_090120_FZP_091620.doc	doc	37af168ebcdcec12d2835ecc3a569839ed4660717927ae3ab0cc6a4b8a733012	38.98%	Heodo
2020-09-16	FILE_UA3708496591QM.doc	doc	679e5f33c444b178b0da6da41a58b4590f05e7c464293e3b1d8f858dbe157124	41.07%	Heodo
2020-09-16	DOC_JC2043339649IE.doc	doc	b114281a6664f44018353cae8a6f00cea1d34854e2942f01a9e027d2ab333b9d	38.98%	Heodo
2020-09-16	N_IS0412552077SL.doc	doc	c94ba7222039884690f7049f607f0059bc3e2f965a11e75f937cfe271bfd96e9	n/a	Heodo
2020-09-16	FILE_PO_09162020EX.doc	doc	e9e98328d96157a0fd47c6abe8d1d60d8521171a61378aded651b274a0619993	n/a	Heodo
2020-09-16	BAL_VE1345222213YV.doc	doc	234a1653236e959e6329aec64c1de58538db56e66156f95517c05b62487d70ff	38.98%	Heodo
2020-09-16	D6QPWO4GE7ISQ.doc	doc	b9a6ff1bdbfdc506e17b3e590738e75cae3ce59614c8a77074df2b1d2abc3801	40.35%	Heodo
2020-09-16	U1L59QFPMS.doc	doc	02451c13f63ed93c6ed0c0e4a3025100834fd59eeaa78acff45d726c056b2293	38.98%	Heodo
2020-09-16	GUR_090120_TQS_091620.doc	doc	3cddfe22684c82c3eeeb0d3c0c8745719dcd417db42c4ea6774c9a10d1a88f3b	39.66%	Heodo
2020-09-16	BAL_PO_09162020EX.doc	doc	d84e8e3441cf862fa793eb241277718737789cb1e43d92be3b8510f8bdaeddc1	37.29%	Heodo
2020-09-16	INV_0405686894.doc	doc	0745a0b546e98bc288370d0b4faace44a060f1abb905403e159b812b2d694a7f	36.21%	Heodo
2020-09-16	26724035.doc	doc	a424bb668e3635e2ea396355dcc0b960f919760ab25aab75f0e36c95feb46c12	32.76%	Heodo
2020-09-16	INV_35976872841992371996.doc	doc	0c982fd7e6da85d772a410a46a6569667df380d6fd19d4c597ca1a0f30c140ac	32.20%	Heodo
2020-09-16	FILE_PO_09162020EX.doc	doc	5aa5a3b76812b8b3edc3768f494fd3550f5088d44872ac9f4bbabb99137427f1	25.42%	Heodo
2020-09-16	BAL_6336373433.doc	doc	d568208ba08c7d30eea80ea82899d3af70f76cbfb55c2c0700fa48c40f5aaaa5	25.86%	Heodo
2020-09-16	86723641.doc	doc	7d29e749c79d53fc5303ab43bed236a5f884e21617771cce4518860bd7bec1f3	25.86%	Heodo
2020-09-16	WQ5502113399DP.doc	doc	8df40fea0429dee60fdf8fa354db52ddf3cbe643cd5945d226b5eedca75bd659	25.86%	Heodo
2020-09-16	RBJ6JJ2F.doc	doc	a8dab829058b2200575ec6773790780a48c8d38587dcd02bc094c9084cd57eb1	28.07%	Heodo
2020-09-16	FILE_603652135.doc	doc	4cc531c7241824525205b57dd2b2ab65b3d2d37861becf043ff065f0a091dbdc	27.12%	Heodo
2020-09-16	FILE_YTGB500DJCW4RB.doc	doc	0e0913f7c913e70406fdc7b5e47f2455d7152c4e461770cc1b9bee581491fab9	25.86%	Heodo
2020-09-16	EMGT_JB3FI0H.doc	doc	ff707add1c74a6d7884de1fdbca86c891861883fccab90f4ef5f97130f95d825	n/a	Heodo
2020-09-16	SLGA_YBD_090120_HZD_091620.doc	doc	4a42864618e8b860f0cc23b81a63cfeb95e60a000bac0acb3edd4294f8531329	25.42%	Heodo
2020-09-16	0068132122983978516.doc	doc	1e89a5f9dafcd1d66bcda4eb3a8e391448606ae28a808d4f723c1decc91292c4	n/a	Heodo
2020-09-16	D_EU8793207413XL.doc	doc	716dc594b3320a3bc8601253c2e46721df663c180acbb2b8e62c64f7362b06a4	n/a	Heodo
2020-09-16	DOC_D5XM5XPSMQTHSI2.doc	doc	4127d459a04c32375faea92c1b93077f9a79c1c7ffff36dd050303fe2c295bcc	20.00%	Heodo
2020-09-16	J_PO_09162020EX.doc	doc	1d74eaf6b6fc4ebf83fa4325a27d62ee8f999df2c277d2357b777471f1b35bd4	n/a	Heodo
2020-09-16	INV_058526017558537277461885.doc	doc	8b484c91782994539291e7b9d577270efdff9bd2f8c25bfcfb043e3edd0f1e7e	n/a	Heodo
2020-09-16	BAL_PO_09162020EX.doc	doc	09c3f3aad8f9bc8f65a86d581ecb23b0a6262a9e28d5c5e19750e6770aa5e40f	21.67%	Heodo
2020-09-16	BAL_CXM_090120_PZH_091620.doc	doc	30f103a39f5ac055f29f5b9364d03f9777737256ea1096c2cb957cd5285ea8b8	20.00%	Heodo
2020-09-16	DOC_PO_09162020EX.doc	doc	733150afe58d633a7748c6b98f7f64f72685083f5b0535ee970260073452bc1d	n/a	Heodo
2020-09-16	INV_2807011655328077.doc	doc	a28a23ca128d4219c14856421649e8be9836b60650040fba71022341d239b6fa	20.34%	Heodo
2020-09-16	ND0528677359FC.doc	doc	44927564de41b160f9e8d17034e9a21927e2e0b9fc2a429c4560e5c6be524793	20.69%	Heodo
2020-09-16	27376497.doc	doc	aebb79d00a5e16152918873b637b5c9a059d85715ebaadaea301faf34273ce01	20.34%	Heodo
2020-09-16	QBWWWHIBF.doc	doc	abd53fd5f66e4ea484f4c037e59274f3933de850d9e618d2cc9123d48a571aff	20.69%	Heodo
2020-09-16	GVP_0297808324511729543.doc	doc	1bb4012e89aef09b80eda22d99a564f0d3e923f96cbf25dc4a78ff6de6dbb31f	33.90%	Heodo
2020-09-16	BAL_NPCEVVC9XG4JU.doc	doc	901353bf497a3403db274b0c2175a9e1dfc3a0f60720e0dabb97619da3cde741	n/a	Heodo
2020-09-16	REP_27495557.doc	doc	38ecd62b04b76c28921cd29f65b7ccde2a36b4414a258682357c05b925825953	n/a	Heodo
2020-09-16	INV_PO_09162020EX.doc	doc	1b96135a2846d7a48ebfda9e2ca65dd11d6820c9fb6f1ef9a9b2b15395cf48c9	n/a	Heodo
2020-09-16	INV_9KTV7SE.doc	doc	0baae239cc9292a22eac63fb292ef0261437ef05c3ae2f0b402dee533bc9fdd3	34.48%	Heodo
2020-09-16	QM_065534680320360646550.doc	doc	b55bf8d95ff3a2bbad6b0601a57de2a479f99a33add787f61befe740dad11b66	31.58%	Heodo
2020-09-16	RA_40105459.doc	doc	62fd09a1ff4be50f0ef342f12c9551165d6f9743f510cadc096752e52e0b296e	33.90%	Heodo
2020-09-16	06477380.doc	doc	f875df5ff3a0ae34e7f9c96c6d419326c5411a29964693ced9a875ab952484d2	32.20%	Heodo
2020-09-16	DOC_20025109.doc	doc	b408d1437535aab5eb52b147d59272e8056375f2e90e2ccef71c062980e36b2f	30.51%	Heodo
2020-09-16	INV_5255464381647985567995.doc	doc	5e96a02fb1ec1284bbdd4f122425a6f635312ee541211269b39acd5addd3dd5a	30.51%	Heodo
2020-09-16	58948952.doc	doc	f6aeaefccc4efba1167df73a2a3ba80a76c030c8278f7e8466c4d3dc7cf0084f	30.51%	Heodo
2020-09-16	FILE_051838579021661.doc	doc	350cf5c830bdf242f41ea336e2803b83af81ba91751cb13c418e5cff3674d95f	30.51%	Heodo
2020-09-16	DOC_0167374405651894.doc	doc	cef5fe8cb42c84d6b646353c977ec12cd7118000eb906b2ff5625158c998c8b5	27.12%	Heodo
2020-09-16	FILE_49078300.doc	doc	ed810a173660499c4d9356a3183b890ec5f2d2c6dba475ff95a77ac09d81378a	25.86%	Heodo
2020-09-16	DOC_AG9977746902ZQ.doc	doc	aff9c4fbadddf0c2b4c80320ddb1809027d157508adbf5e5f12d88db367c782f	24.14%	Heodo
2020-09-16	MW_0397948954.doc	doc	57f88105c170f6a9c0718d37fc98fc60ebc7eecbd83b74780b5284d5412ff8ad	25.42%	Heodo
2020-09-16	C_QWL_090120_JEY_091620.doc	doc	7cec88df6a841fbc1251142492e673c8a2cddc58f21d6fd402f8167ee96e194c	25.42%	Heodo
2020-09-16	M_00591779.doc	doc	4d6b056c7bab909b0af3f0a3a24f5b7fbc4453e31746d29c0c3d60122def5705	25.42%	Heodo
2020-09-16	8XX5V2TN5R8ZNQNG.doc	doc	3b610a0aa4890a007dcf6df33178a042c25d7ae68a3fdff4d368a5728f811a78	25.00%	Heodo
2020-09-16	A_CQJGR0O.doc	doc	d4c8ce2687fd07ab7c3991cab5500c05e719381d7906228371f0457d260ded94	25.42%	Heodo
2020-09-16	KLD_090120_YBV_091620.doc	doc	5184e08e6c595ddbb60b6ac4030286b2e70fa5ee7567cb0360b2a66ec04f8d89	25.86%	Heodo
2020-09-16	D_CH1965060425QS.doc	doc	9a29066aa3490e60be3e563dadcd9f7ef75e6eef752abd1bd40ab5323a57a83e	25.86%	Heodo
2020-09-16	LFX_090120_ZHZ_091620.doc	doc	9380f9cd5f7294278d3ae6cf6e6a6b7ac08e815a2649e50d5ad1bb16b9ac0bff	25.42%	Heodo
2020-09-16	DOC_CHOZ6N9FKK5.doc	doc	5764303dc206274cefe1d8317b60d9cbf0f363db9b2735feb2cab9133b8b8921	25.42%	Heodo