URLhaus Database

You are currently viewing the URLhaus database entry for https://twentyfour.co.il/test/docs/osE1hYiMxXkbtfVgu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:532454
URL: https://twentyfour.co.il/test/docs/osE1hYiMxXkbtfVgu/
URL Status:Offline
Host: twentyfour.co.il
Date added:2020-09-16 13:54:34 UTC
Last online:2020-09-17 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-16 13:56:07 UTC to abuse{at}amazonaws[dot]com)
Takedown time:19 hours, 44 minutes Good (down since 2020-09-17 09:40:23 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-17file-20200917-K42729.docdoc 7bf316c85c4d21cd3cf7dfbfaa10e44484322e4697b8783838b3dbd3ef225a2fn/aHeodo
2020-09-17DAT-BUD1755.docdoc 60b7c0ca863b5e725fef0972fe2b8f961fef11d410535b9c1a4cbafe12684497n/aHeodo
2020-09-17DAT-016.docdoc 1d0eb0bcc259726383e2d351d1fbcfb5cfd92fce33941766914bd0c987b85f81Virustotal results 31.67%Heodo
2020-09-17DAT_071740.docdoc ee9bf2f3b61b6d28c5bc8efd4fc0ec22b9e726913c0827f421de885700c2abeen/aHeodo
2020-09-17FILE_2020_09_17_4729867.docdoc 3efda29907b74c348feb380198e81f82dfe13f13cf585d8738dc6a8d134ddafdVirustotal results 29.31%Heodo
2020-09-17MES.docdoc 2cb207ab66e30c595eca873c8715faa371afeba1dd6ba8465e08029c874dc812Virustotal results 30.00%Heodo
2020-09-17Doc_2020_09_17_YU72377.docdoc 21625460051d884ab1a873d7dcf891f3b5a6672d35a8fead960161cdaa8ca94cVirustotal results 30.51%Heodo
2020-09-17MES-0919027.docdoc e60fedb3fe078220df81cb794e6309555223d7b6024c1566ce99b8518840c396Virustotal results 30.51%Heodo
2020-09-17file_20200917_5490.docdoc 254a33e1b25338514edd5ba6d1d64f958a599a411ae5e53777ac52cc6aee8258Virustotal results 37.29%Heodo
2020-09-17doc-2020_09_17-5881.docdoc 0dbad315cddc667cb29f30d02de18c3d5ff0547e0814c5170510ba1a11766b7aVirustotal results 37.29%Heodo
2020-09-17List 441.docdoc 1f78ddc5ed3c3410d1dae6bbdf7801d065a07f11d652a3275d86939253a064c0Virustotal results 37.93%Heodo
2020-09-17Dat-2020_09_17-P950.docdoc ffd80122044b9108a17b1c9f057aaea0d1baae187063fc22c16db963a2b71e3bn/aHeodo
2020-09-17LIST-2020_09_17-M21827.docdoc 530fccb7e7dd4a6fbb7cad9093452f103e951bcfb762d58889a98ce7a5bb785dVirustotal results 37.29%Heodo
2020-09-17Attachment_44292.docdoc 35088b84f2026bcbde876c9c9188d18287ccaf07b304b1fa9910f476c7aa36a7Virustotal results 37.29%Heodo
2020-09-17Attachment 019796.docdoc 84c4bededfcf319c65e87c3d55ebeec4d882c316c89e9716e5c29b9cf37a1821Virustotal results 33.90%Heodo
2020-09-17Mes 2020_09_17 LR6992.docdoc b65fc0d82786a15ce9e6a028e521d79621c24ceae0da0ec61aeb703ed6921e94Virustotal results 33.90%Heodo
2020-09-17Untitled-20200917-58453.docdoc 9d74d4c490b8d1894ba95fece089f3917ca557122da591a3176f6e8bb182a926Virustotal results 33.33%Heodo
2020-09-17rep 2020_09_17 4168938.docdoc 8276711c50ee244236dd639fa767cd234f01e188f32bbe46b1ab5933a2e7a85cVirustotal results 32.76%Heodo
2020-09-17Untitled_8360.docdoc a10287b95075632ae5434563b27c8d5040127c955643bc255f9b617834969547Virustotal results 30.00%Heodo
2020-09-17125 944592.docdoc 52d1e34446e3375a5113383a78e7bc3a0a6c4a1791c2ef347e56564217852ca0Virustotal results 31.03%Heodo
2020-09-17MES_2020_09_17_6154049.docdoc e778b3db0521e8c8b9f7429eeaafee991bca2bca736c3a9330e0252dda698f66Virustotal results 30.51%Heodo
2020-09-16DAT_D9613.docdoc 7970fcfdac90cf00463cbe1bd52b65de61382f75f5fbe7bdfd457aea3893e244n/aHeodo