URLhaus Database

You are currently viewing the URLhaus database entry for https://cordwainer.in/Categorymap/yr44bjezt2h/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	534528
URL:	https://cordwainer.in/Categorymap/yr44bjezt2h/
URL Status:	Offline
Host:	cordwainer.in
Date added:	2020-09-16 16:47:03 UTC
Last online:	2020-09-17 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-09-16 16:48:03 UTC to abuse{at}hetzner[dot]com)
Takedown time:	18 hours, 11 minutes (down since 2020-09-17 10:59:55 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-17	TIW_090120_NLQ_091720.doc	doc	b929bd8a5f5519a7f5322a0bb13f74878a3782bbd4635c67427720c671c1c80c	36.21%	Heodo
2020-09-17	DOC_89818172.doc	doc	a7da541fe6a93fc3adee9b55d8cb93d8236d1a1922d9d02a0894192fa03ba909	28.81%	Heodo
2020-09-17	440472199861588722064.doc	doc	9d101c9ae5aad02aab0e581cf566b9cf7e1f0e39db512e79045e651ee42ab9a6	30.51%	Heodo
2020-09-17	Z_5301396183624327026.doc	doc	425cf69c1c8cf4327ace3bad807a83df91fcc0692bd45dca12e840eb562931d9	30.51%	Heodo
2020-09-17	RQ6739946855VP.doc	doc	00f42d9a9acefed89581ed82845dd70bf86cca472f771ac1f7ca4bf48e7b2274	n/a	Heodo
2020-09-17	FILE_IZ8095264304MQ.doc	doc	659c4699e6a320caff348ac1cde249623855464851d5700d1792e5c583bf9b7b	31.03%	Heodo
2020-09-17	20041290.doc	doc	5973dddd2d358abc25401fc5c27a37b589d47d6224f5041925b3bbda7dac4e6c	31.03%	Heodo
2020-09-17	PT_HP7018452841JG.doc	doc	fd0f987936c01acfb91bb84e9e9c3e6f425f55d07887f14ee595ec418d252849	40.00%	Heodo
2020-09-17	DOC_424638668850934184566.doc	doc	dcf52647f987ed5fd370ecf3ddd3dedf9c3bcda6c29057f5464d8222839fc45c	40.35%	Heodo
2020-09-17	DOC_7078503070619165849668186.doc	doc	f2a510e8f473e3fcdd0bf937cf48caa1de525420bf83a3b465eeaaace00d0d09	n/a	Heodo
2020-09-17	O4B9IW4XECX.doc	doc	eb98563615a73e1f825ce4384b5d7fc0c105dbeef47c1ecb14e35c7f231725f9	38.98%	Heodo
2020-09-17	10542691.doc	doc	9a88ee70e3fe3b917d0907d5061182917ad1a2fce66ea4cea78b8a9e870be220	38.98%	Heodo
2020-09-17	68138453.doc	doc	d15ec5002184364b882e5c3dc5c4fad1d083eeac52de352b2d263205c92e3165	n/a	Heodo
2020-09-17	686910341991.doc	doc	0c2e3b86f744311a9e0cfeff0f0a7c22284b08cde0cc7437289d9c416eaf4f69	n/a	Heodo
2020-09-17	9CSWELC3QLIUI61.doc	doc	8e99f89167350bf2a136c964cc8a1321455466a47090ff97ea49603c3290e95d	36.67%	Heodo
2020-09-17	FILE_L05HODAOYWL.doc	doc	dd23280d910c4837432dc4777c8745528ecfa70dd49e3fe22fcd4314a7d1e229	37.93%	Heodo
2020-09-17	DOC_EEO_090120_TKP_091720.doc	doc	6758d3603f3eab05e72d8c9e6f7714f93f572ca89397a5018c8104d0c6099810	38.98%	Heodo
2020-09-17	INV_YA3170133176VT.doc	doc	d9a35783bb245b622048384501eb1c30e098c547b4d3079e0c8d01e06336464c	36.21%	Heodo
2020-09-17	DOC_PO_09172020EX.doc	doc	1a945df2c4c5399840e2cdcc623c15e12451e66db694d71f26bd718dc8628993	33.33%	Heodo
2020-09-17	XS9239326219RU.doc	doc	7bfbc615a14c1b8e533da21f2d1838f5e3c52ada91bdcbe8b6574195850b9bf3	25.86%	Heodo
2020-09-17	X_93569771.doc	doc	6d9cad95f8aa3d8219f21391e294a8dedbde904308f501b7f4be63eb92a8dcf4	33.90%	Heodo
2020-09-17	V_PO_09172020EX.doc	doc	3cf8f34ba881699b5932783c60c591a6b88b1523d772b1fa292425764b0aa3f8	28.81%	Heodo
2020-09-17	INV_89706165.doc	doc	76bf8d09a314a6ed1f11e8794d3027fcedcc3762677e37d8f7a304e4d370837c	27.59%	Heodo
2020-09-17	T_92444727291194.doc	doc	1a487a6af75caefff2748862adf7200a692c1e5f6453c1d86ebceab252b5bd66	25.86%	Heodo
2020-09-17	XXKX_19559449.doc	doc	d55ed14cb859a16cddd063eefbcc2fbc78b5e75f2b964eb1f33e1954ce9f0c71	24.14%	Heodo
2020-09-17	5326275502647550196028.doc	doc	2bc521550fad4a12b0bb8f34a8958db7b2f5b50e9f8579d30d814cee697ab694	25.42%	Heodo
2020-09-17	INV_TYZ_090120_QGK_091720.doc	doc	6d27f5af653565630751a1ab0faa64d0c28949cfdceef04b4c543a0b4a7666f3	25.86%	Heodo
2020-09-16	II4617100146ZH.doc	doc	fcb293cfa69d4cbbc6afa71ad0a6456746863f91a54c2af300ca91c088f9c2f4	25.42%	Heodo
2020-09-16	DOC_PO_09172020EX.doc	doc	f656f7fc2ac175767aea79393803f493b18211403a390c2daf9c5dae720e26e3	25.42%	Heodo
2020-09-16	4NNBOI7C89OIJTW.doc	doc	e7631c5a69f76fea0835835a14a8e885f2f3b0c0dec2d577278e70d3776eb0a5	26.32%	Heodo
2020-09-16	INV_AC8354841668DT.doc	doc	73158e3c574c5cfbe98520ebb3b8c4270609205751d997b87414e5a43980f960	25.86%	Heodo
2020-09-16	TM_UT6054164881XN.doc	doc	409d5db4ee06957895e043e25c81a8d9b2438a172c248bfc3f149c6c947e3ce3	26.67%	Heodo
2020-09-16	PMEP_DHTRF0Y7245.doc	doc	7a8024cf777ab45c5c969c5efff3dd4f289bc22baf1c91bd884fc2d29435c884	25.86%	Heodo
2020-09-16	INV_76CXPYWN.doc	doc	2d28945e5e6a8cb9f9e82d32bbff50d953e72e8f55c46e910c596d92bf646963	n/a	Heodo
2020-09-16	PO_09162020EX.doc	doc	8f96a4ee289f6093a2f1afe8c584cba4a802c054ef22fde70d451254191872fd	n/a	Heodo
2020-09-16	33652354.doc	doc	1ecaceaeb20649c823b3a63accf639925ba8e4c350b2509496c04dbd622d5d4e	n/a	Heodo
2020-09-16	PO_09162020EX.doc	doc	bdaa75534d024a0bf2fb586f5f1f81f78e42b92858a51b651541537908519075	n/a	Heodo
2020-09-16	QR_QM1WHW63LYK.doc	doc	b2bfefad5d4d6a3dff230f61a9c4b055d5ae4b37b8fecca5550317c89f615504	25.42%	Heodo
2020-09-16	BAL_APK_090120_QZH_091620.doc	doc	b88f5009f8b75ec0a35f549fa777d05a819b0ca478eedb65a7b0a9fd01d51e30	n/a	Heodo
2020-09-16	PO_09162020EX.doc	doc	e247f4f69c1be4c95bdf6687e2ae1adbd1635c126ace3b544ad989024da5fb3c	n/a	Heodo
2020-09-16	REP_85033221.doc	doc	d1df096853342d0030f71b7be3c608ee35fd1c81bce971a45e00b001a7d85d3b	25.42%	Heodo
2020-09-16	REP_PO_09162020EX.doc	doc	9ca5390e9af21757dc77575f56e9d0528c527843951ae719c3aedd2d8680ce7a	39.66%	Heodo
2020-09-16	FILE_IEG_090120_JET_091620.doc	doc	da87185fb8a79bff00dfd7aa5d3a7798054a8b1c882b4a25180cbac2b863f2c3	38.60%	Heodo
2020-09-16	U5URPIB.doc	doc	278fc88598a0bfe49be55465fdb975272c6315e3845d604caba7631cc5f32595	38.98%	Heodo
2020-09-16	BAL_33747110153016510470.doc	doc	9c5ec196eabe90d83815fe7015b5334c7fd6bbd350de085a69e022a0fc32ad8c	38.98%	Heodo
2020-09-16	AD9941137699RU.doc	doc	89e280d00eba5184867b52270ea583f8bda9161dcb52921411e456747741e571	n/a	Heodo
2020-09-16	47553685.doc	doc	e9e98328d96157a0fd47c6abe8d1d60d8521171a61378aded651b274a0619993	n/a	Heodo
2020-09-16	Q_PO_09162020EX.doc	doc	4d88090314c39059da536bb37270cdf7ffadeeda4ea768b55dcb9f2b807586f4	38.98%	Heodo
2020-09-16	BAL_CYG_090120_HXH_091620.doc	doc	9c7a17b3e9bd6913701b7e8dac9cf2408ec57752e2c2515ba3e1b917fe40659d	39.66%	Heodo