URLhaus Database

You are currently viewing the URLhaus database entry for http://hganny.com/2016-17/docs/23yw64695587956197a8pw346bklcz94a/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:555399
URL: http://hganny.com/2016-17/docs/23yw64695587956197a8pw346bklcz94a/
URL Status:Offline
Host: hganny.com
Date added:2020-09-18 13:32:07 UTC
Last online:2020-09-21 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU002943397 created on 2020-09-18 13:34:06 UTC)
Takedown time:3 days, 2 hours, 8 minutes Bad (down since 2020-09-21 15:43:01 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19INV_BW3982193605ZK.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107en/aHeodo
2020-09-19BAL_543775278.docdoc f4914cbba852a170c0da8d021e223ecd72be23357cf6dfaaac21d926ab043885Virustotal results 35.59%Heodo
2020-09-19INV_AX4116973805VI.docdoc 6f78fbb2d641a076bd2f40a39b2802a3ece7627b834468e1af726bc6bcec7237Virustotal results 40.68%Heodo
2020-09-19REP_PYA_090120_UFL_091920.docdoc 6ff5d18efc03d5074a5c9d0c27a7ab6738e189f681af930bed2809da5a8f7544n/aHeodo
2020-09-19WCC_PO_09192020EX.docdoc ca235f31bad34b88fa114fb3657583c68ff80a1c5fb637b51b4338fbe6134f94Virustotal results 34.48%Heodo
2020-09-19REP_PO_09192020EX.docdoc 2bdb231a4e071c32f3734fa0ac5a13e5463ad6aea21e4a089fe1a1c69a56d372Virustotal results 36.84%Heodo
2020-09-19MJZ_090120_ZWY_091920.docdoc 20afdfa7a7c7a299565cdd046c41bcbea4b1cbdc4041edc9f0e51d52dac04a0cVirustotal results 40.68%Heodo
2020-09-19K_PO_09192020EX.docdoc 69a7764872a4adde097d4595c00bbaa60a1c1147c462d9fc47a4456decc6f3efVirustotal results 40.68%Heodo
2020-09-19REP_301824586221292369776.docdoc 1c8b7f12a321e7774f3fc6ef4a68c8ab12b525d9639168bbd5ec3b67ad260c05n/aHeodo
2020-09-197612979347294244098.docdoc 7a015b6833969e6837d78d58ac9b507cdf02d2272798f7cef35fdf534b58b52aVirustotal results 40.68%Heodo
2020-09-1965937236.docdoc d737e6973c1db753444e7bb9eacd01acd35b8fe2e88cc795f668ff59f0ce2027Virustotal results 35.59%Heodo
2020-09-19Y_09448427.docdoc b37ef41801c298349f3b8d0e7f0bf41fb621f4925fecc934cf95f84c7ee19782Virustotal results 49.15%Heodo
2020-09-19BAL_5XJOLFCRM.docdoc f74bbc7638bbd37cb3f3414110b7479daa77451e7e339a3c42d8bc72f93d6862Virustotal results 37.93%Heodo
2020-09-19FILE_XMCGZ8XYFJ.docdoc e6d5b55a935e9959a5ba804422f473784371966923f5dd6a5ead212ef5bee845n/aHeodo
2020-09-19FILE_PO_09192020EX.docdoc 7c391c5dde83d6bcb96a44a794bdced0a65235c65e6ee19d33bd602b09df433fn/aHeodo
2020-09-19REP_PO_09192020EX.docdoc fff500c894e8ce1ddc024ef40ece32c51ed45d3d85eee507a81a1c2d0115db85n/aHeodo
2020-09-19BAL_05562806.docdoc f3bea1e9a17c2c0596fa59400e54751f3101a0905e12055bec42c1e02ef96d8fn/aHeodo
2020-09-19C_PO_09192020EX.docdoc 53c798816c0299b0b57dfc31682d5bc2a73573f248e05ce8b5427b1b9d908150n/aHeodo
2020-09-1915738603060855.docdoc 9075458c2a7a9b59a7e7f9e575757a3069952452198a9c17ce3211d3de14eadbn/aHeodo
2020-09-1978364726.docdoc 1fdd870e2f8e533d5592145cd1fc37281bd190265fb33663d5f8b0bbab9e8e53n/aHeodo
2020-09-19DOC_THU_090120_UBK_091920.docdoc 2f74b7cb39258bea3019a9fc83f6fdcd6ed4e675e175236ae83bf0ea02af0e0eVirustotal results 32.20%Heodo
2020-09-19675222340838894.docdoc 7991a69a5cbfa005b7685a29ded3f4f849b24fed6a340cbba97dc86d6db9b0a6Virustotal results 35.59%Heodo
2020-09-19TBZLOG7J1KH8.docdoc 665e6d41d9f3986a71b02da9888ec9a5eeb00da227377007e6f3df8c0a703466Virustotal results 46.55%Heodo
2020-09-19FILE_PO_09192020EX.docdoc b1be0fa6951b0252445d71a28ba08ada17974551790e1c61194c013249c97425n/aHeodo
2020-09-19NEIO2YKE4JO.docdoc 7a41acc2bae61a34f8177e8d2cfa0b5f268c583906f678bd7331d9aca266f238Virustotal results 41.38%Heodo
2020-09-1972471008.docdoc 90e191cad172245af9b6ffe8c5ca065163bb8ae54f8a3b6c573663f7179dc471Virustotal results 45.61%Heodo
2020-09-194495303709661563820.docdoc f29d80209cde1118a9399b3937016f28ff68863180d6f36ef6d55fd099de06c1n/aHeodo
2020-09-19FILE_0758792092267534725.docdoc 4b9de007a12dfbcc6b19f1bd5cf8d12f6ae9a7d2a3c3c04b1147e448974d9486Virustotal results 40.68%Heodo
2020-09-1906308657560105.docdoc 87888ab358912c8c811b942e25e6e58df8ad065a33cb1041ae790d60cfad79den/aHeodo
2020-09-19REP_CL2026217748WL.docdoc 5cc754b56ea15b372576406cb73285d5c74e09ee434b62bb955e5c02caca6b68n/aHeodo
2020-09-19269900728.docdoc 085e7e7f6527b89c4e08c3a4094c41e50f2f10bf83f6f38feeeb5291f9ae9491n/aHeodo
2020-09-19FILE_77Y02DD7MG48QC.docdoc eda809ad0a26585bd981ed4836c84dd4c4844d775d5ee471d3c35e980e71cd10Virustotal results 30.51%Heodo
2020-09-19PO_09192020EX.docdoc abedf8ebece852bb37a29e46ef57ea6685752259f7a642b458e8b3d3d57a5b34Virustotal results 32.20%Heodo
2020-09-19HUP_QL7272439036JH.docdoc 0549a96b45be7693d38af5e4063355260635db3e33191b92e82e43c49eda7901Virustotal results 38.98%Heodo
2020-09-19BAL_AN5349771416OZ.docdoc 61e0ad6b0713f35c85474bdccb13d97ddbc1f384dbad75c364224d9b65c1bf51n/aHeodo
2020-09-19INV_17109038999.docdoc d59d39c60431ec6eecee3ee2b23f4ef8b22020fac5da115f07105432a953fa09Virustotal results 37.93%Heodo
2020-09-19REP_PO_09192020EX.docdoc 6d6118565c7f02eda347f3b1b2b485893fbb020108df5e61fd06966bfb1ee2bfn/aHeodo
2020-09-19INV_WUI_090120_IWE_091920.docdoc a6a8b9e3e602b8727f2687f6906dbc66a534b711594e7064776f9128f0582e0en/aHeodo
2020-09-18FZE_090120_MZZ_091920.docdoc a89a3fb97be7cefc4d26bbdfb463943abc4b7a4ad8f448b559cabed432592458Virustotal results 35.59%Heodo
2020-09-18REP_98035829.docdoc afc7650429d1bb92b43bc1bae9ac07c7e3ff7d34b10949e03b97c1a43cab0930Virustotal results 30.51%Heodo
2020-09-18INV_NV4713185405ZN.docdoc 1bf95dd5920c9ab0b519c10b39e7de04eff938ea86f834885f202a0cec87d4bfVirustotal results 32.20%Heodo
2020-09-18CWB_ATQ_090120_VVX_091920.docdoc e351cb48427d30ca802f3beabc78c164446cadd34d2f040fa46a3842299b2f82Virustotal results 37.29%Heodo
2020-09-18BAL_26163897.docdoc 4a0e1fa1af2997f150fe806a7ff482e45c83132a101a0808e8ced6e543de770aVirustotal results 31.03%Heodo
2020-09-18XH0829684042FE.docdoc f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4aVirustotal results 42.37%Heodo
2020-09-18INV_WO1LFK56YA92B6ZY.docdoc 523f29c1434d7c2b71f1516c5c73cf9bd1546f0669e730fdf9282641ced7cfd4Virustotal results 44.07%Heodo
2020-09-18FILE_39625004.docdoc c0922c3c055ffde4da5b482105dea26df27c58e1a615ec81afc024d55010f8ebVirustotal results 42.37%Heodo
2020-09-18BAL_34954983.docdoc e3c7337d6899a5aa8ee475f563c6c84af325ac88c2a30a676f56d6182a75b59bVirustotal results 45.61%Heodo
2020-09-18REP_19497356.docdoc 38e7fa7dcfa64e6daecea109f43d9c5cc104cf0bc66873449b03ebe6eb6df03aVirustotal results 31.03%Heodo
2020-09-18REP_UEV_090120_WLK_091820.docdoc d30150c62052607c9dd68065e9bf07da7c7490bdc0be48077a770b13f28d77b3n/aHeodo
2020-09-18I_RGL_090120_QZY_091820.docdoc fbb0768a54c96daabef7659e5ec321d26211a023027f8beb9b9b5bf49f36d583n/aHeodo
2020-09-18INV_KH6010000890UL.docdoc fe79ed4902c209d55bd37446fc8d4ce7b37f241e85e7d17264051a8cb300fa5eVirustotal results 43.10%Heodo
2020-09-181A4GMCB79IBL.docdoc 6f8efbd1a395cd60ea9b8707e83cc385dcd02826653fe78b0eb448d22d350035Virustotal results 44.07%Heodo
2020-09-18REP_PO_09182020EX.docdoc 2be116761f944e13024bcdd5438723cefa835893e4fff5b6469836a25303c683Virustotal results 29.09%Heodo
2020-09-18GLN_090120_STC_091820.docdoc 529620cd21b208f373dc72c4efcc0cf9f3ce6bfbb8bd0e44bf371084cc1bb9afVirustotal results 39.66%Heodo
2020-09-18B_69170036.docdoc 44d4976bc8ad95cb80cd9b350019c4de005d25635e4ae09d20d131c3e0b4a6f7Virustotal results 29.31%Heodo
2020-09-18DOC_GNJ_090120_UBX_091820.docdoc 7b2741d8a1eefed939245c6e4fa381d3c3e0a2279397d4fb05f9f99c67a140f8Virustotal results 40.68%Heodo
2020-09-18D_AZ3669063807PB.docdoc e2860c0869c119f7e37d4013db5d459bbfcfad7fb9c90767134135a988939a86n/aHeodo
2020-09-18774120573503434580764.docdoc 579285f801aa56caaaa76f453da00a891c2d2bbe85a4d34c9c5ca47c5db15981n/aHeodo
2020-09-18217501481099293.docdoc b525847655a58e746a7e416a39cab7b90b6a71a6228f915657e78f00799dddffVirustotal results 40.68%Heodo
2020-09-18M_74737450.docdoc 8e6917775061726117ba0af2dc4c999bc58202d2841fe93554cbd5241a66c985n/aHeodo
2020-09-18REP_RD4504684883HT.docdoc 14d4a9b0fcaf5e4ca2f256c713a3d11328f128ce09841b02479238cd866b9f11n/aHeodo
2020-09-18INV_UTM_090120_FQK_091820.docdoc 4b4a38291be76ce02d9bd99092102eb3a5e0c9ee814e9fb7d6c3df32d24f6186Virustotal results 23.73%Heodo
2020-09-18BAL_FWF_090120_DBB_091820.docdoc 13aab947e9fdbb36ecff78349f1c9de33441db50e5de1f273a73ed0c2a539db8Virustotal results 24.14%Heodo
2020-09-18BAL_PW0893700495TD.docdoc 1d55fdd4f6aa4b5c9cd2c2403b68667142a71582d3021724542c6c0582de0ce2n/aHeodo
2020-09-18INV_27938044.docdoc 8e5ac6f2951e0bfdd5e7c036075f4f8706bdf1a1639c43372f38fc91047d0a4cVirustotal results 33.90%Heodo
2020-09-18INV_FK7934168127AO.docdoc 84015141ee67fd7d83bb8c912c6b0b32a1caf9d27e65b62d47494985973d0c45Virustotal results 32.20%Heodo
2020-09-18YUX_090120_NYN_091820.docdoc 7c81019f932c35ff188d4260fe0b23ba6cb27363922cbb8265a8f3121e26c32fVirustotal results 24.56%Heodo