URLhaus Database

You are currently viewing the URLhaus database entry for http://sansorescontabilidade.com.br/wp-snapshots/eTrac/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	539628
URL:	http://sansorescontabilidade.com.br/wp-snapshots/eTrac/
URL Status:	Offline
Host:	sansorescontabilidade.com.br
Date added:	2020-09-17 00:16:04 UTC
Last online:	2020-09-17 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-09-17 00:18:25 UTC to abuse{at}hospedagem[dot]net)
Takedown time:	13 hours, 17 minutes (down since 2020-09-17 13:35:44 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-17	80716688.doc	doc	5550d9e16cad7854633fe0ca4c7315a5595cdb78147360f022c916fb27890aa6	32.76%	Heodo
2020-09-17	PO_09172020EX.doc	doc	9ffdb4d90517b3838da2fe89fe09c33a7351ab0d5b14173bf9674c01c88c1a7a	31.67%	Heodo
2020-09-17	E_JJN2ZR86W1SC.doc	doc	1da1190d2c7472ff429ae35611b7120698dca55175d1c298e68f24f33fc4caec	32.76%	Heodo
2020-09-17	ZBWA_HD5X9QMNCMMAS2P.doc	doc	9af94d901782b57efcfe1221696091455a812897cb8a8707d72bd554841ce526	n/a	Heodo
2020-09-17	REP_KMK_090120_ZUH_091720.doc	doc	786d28cd90e9a2bc887c9cbf4225a7fed95a3e28b07ced5f8c932e1f1e673b66	32.20%	Heodo
2020-09-17	BAL_LPL_090120_TNK_091720.doc	doc	5a9d0acacf9a1616330ac1559a2243f80f03ec322e564298c0cff70b28014a7c	32.76%	Heodo
2020-09-17	DOC_MF4864016700VT.doc	doc	a5ecfee423f7cf0ff0efb76f20542df38a7d88230a256aa5e343d1040950e5b8	32.20%	Heodo
2020-09-17	PO_09172020EX.doc	doc	dcd3e00d8637a9ba1d0bd4b50e2895294c67b06017af07497a032472d7ade91a	n/a	Heodo
2020-09-17	PO_09172020EX.doc	doc	dcd3e00d8637a9ba1d0bd4b50e2895294c67b06017af07497a032472d7ade91a	n/a	Heodo
2020-09-17	K_MNA_090120_GDS_091720.doc	doc	a646a759b53cde465f66a1cabf6363c9b826f10073a766cdfff2a015168ae2dc	n/a	Heodo
2020-09-17	GPN_BQM_090120_JOX_091720.doc	doc	08ea41da443b28325813eaf4915479f7b46fb810c9abb7ff732f3da617f9aaa4	35.59%	Heodo
2020-09-17	BAL_197725493565568.doc	doc	fa191cce995bce7e56b494fa94b13859f68f274e86a7aceadbac93d6778ad84b	35.59%	Heodo
2020-09-17	FILE_5847012339202475611.doc	doc	9d101c9ae5aad02aab0e581cf566b9cf7e1f0e39db512e79045e651ee42ab9a6	30.51%	Heodo
2020-09-17	FVJZED4.doc	doc	983df755ad1ff2fcd969c936320a9571908168ddbff5caa34b63ea51be406312	35.59%	Heodo
2020-09-17	76361575.doc	doc	ac629bfa977c9c601f69581348de29fc7da506da5a9b40c3c9111d37dbc3076e	n/a	Heodo
2020-09-17	MC0QLZP48OB0LN.doc	doc	4cd9f43484e69a009522a8853514539c74fa5b59f03f86c34a85037ff3076a55	n/a	Heodo
2020-09-17	DOC_57914623.doc	doc	fd0f987936c01acfb91bb84e9e9c3e6f425f55d07887f14ee595ec418d252849	40.00%	Heodo
2020-09-17	XKW_090120_RDV_091720.doc	doc	51d460db7db57fd212907c9aed23bba4891c43175f73978da2c791c60a412c43	n/a	Heodo
2020-09-17	Y_PO_09172020EX.doc	doc	aee3fb0f9a09817e17c7844a0ed7f8c34fbd6c30a83fa529ebe838670c0c4a21	n/a	Heodo
2020-09-17	FILE_SLCVWHEBABR97.doc	doc	55830632b4ab2552e0bd05b69d7e03291c05b89c3f4a37dccb611ec180d70721	38.98%	Heodo
2020-09-17	BAL_BBM_090120_SPB_091720.doc	doc	9e4278eac329ac03d6c9b60c69594f50d2efb41914b428309216bdfe5ae15904	39.66%	Heodo
2020-09-17	FILE_PO_09172020EX.doc	doc	d15ec5002184364b882e5c3dc5c4fad1d083eeac52de352b2d263205c92e3165	n/a	Heodo
2020-09-17	62807957422249156.doc	doc	8d1ff2bacfbda66fbafa8dd2c05aa1912c32f694f2d0aaac4ac43897edcb677f	31.03%	Heodo
2020-09-17	58FOZE8JV.doc	doc	bcf9a2940f9615487667d5d0edb9dfcb6e5917b328bc56ada5fe0d5b9f43a9c7	34.48%	Heodo
2020-09-17	FILE_34062321622624253.doc	doc	8bed6a4e027b38076c316eb5378c9d60d8fd9305217dba0e315e93974091667c	34.48%	Heodo
2020-09-17	1022974256598884.doc	doc	e09973ac979e2a9efbdb59ea10416f8714545ff719579b21a48327219a3ec797	28.81%	Heodo
2020-09-17	BAL_PO_09172020EX.doc	doc	6758d3603f3eab05e72d8c9e6f7714f93f572ca89397a5018c8104d0c6099810	28.81%	Heodo
2020-09-17	BAL_124511543197.doc	doc	a2d7a015bbf13ab37b0062c97dce2a11c02f0657166b6fb813780017ba5de723	35.59%	Heodo
2020-09-17	REP_PO_09172020EX.doc	doc	be4589b5f647c7b97fdc399757c263c8fbe549218e25eea82148ad48f7fa5017	30.51%	Heodo
2020-09-17	REP_89019027.doc	doc	b1e7a7277e944331a98e7ae6a5910af8b595bf329d5da053469800cdf447f2c8	33.33%	Heodo
2020-09-17	PO_09172020EX.doc	doc	6d9cad95f8aa3d8219f21391e294a8dedbde904308f501b7f4be63eb92a8dcf4	33.90%	Heodo
2020-09-17	INV_PO_09172020EX.doc	doc	76bf8d09a314a6ed1f11e8794d3027fcedcc3762677e37d8f7a304e4d370837c	27.59%	Heodo
2020-09-17	REP_43596545.doc	doc	1a487a6af75caefff2748862adf7200a692c1e5f6453c1d86ebceab252b5bd66	25.86%	Heodo
2020-09-17	TTN_090120_YUL_091720.doc	doc	409d5db4ee06957895e043e25c81a8d9b2438a172c248bfc3f149c6c947e3ce3	26.67%	Heodo
2020-09-17	INV_89346594.doc	doc	39c83fd21ce730714e93e6bbe85f21770a761285c3fd1b2b2473e00644785e82	27.12%	Heodo
2020-09-17	BAL_IX9356888862FU.doc	doc	d30169f108ec72fbaf16bb8726e798602988e1c42a7b3020b0ef0ad0572f9625	25.42%	Heodo