URLhaus Database

You are currently viewing the URLhaus database entry for http://bodenstein.co.za/images/332LJM5/i1i9412037084114192360ftay/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:555417
URL: http://bodenstein.co.za/images/332LJM5/i1i9412037084114192360ftay/
URL Status:Offline
Host: bodenstein.co.za
Date added:2020-09-18 13:32:21 UTC
Last online:2021-04-19 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 13:34:44 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:7 months, 3 days, 4 hours, 47 minutes Bad (down since 2021-04-19 18:21:49 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19REP_74016114.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107eVirustotal results 34.48%Heodo
2020-09-19REP_VK3394860050GH.docdoc 82f568f61de9734c8e33acfb3b6f83db73cfa15b32d02ec8d126a8ce89fc054bVirustotal results 40.68%Heodo
2020-09-19T_1W5W3GQ1Q3NE374F.docdoc 7c266f2e5ff601cc96e9a3b11271921adc8347dc35f9eadfbbd514dbede04266Virustotal results 35.59%Heodo
2020-09-19FILE_84569442.docdoc 6f78fbb2d641a076bd2f40a39b2802a3ece7627b834468e1af726bc6bcec7237Virustotal results 40.68%Heodo
2020-09-19PO_09192020EX.docdoc 6ff5d18efc03d5074a5c9d0c27a7ab6738e189f681af930bed2809da5a8f7544Virustotal results 36.21%Heodo
2020-09-19DOC_PO_09192020EX.docdoc 336faca574dbafcf9eb66a5499f5b37d83a6ad046b7a8a7db5636040fa605429n/aHeodo
2020-09-19FILE_85696821836945361332378.docdoc 3304ef9cd1d55e1d892f5a18644273b8e62254f587e24e42428a460305129396Virustotal results 54.39%Heodo
2020-09-19PO_09192020EX.docdoc 20afdfa7a7c7a299565cdd046c41bcbea4b1cbdc4041edc9f0e51d52dac04a0cVirustotal results 40.68%Heodo
2020-09-19REP_RQ1227811700TA.docdoc 76908049cadf03a589e4584e32c9fdc00cfb638fa62d691d3fd7dfa3549dd318n/aHeodo
2020-09-19OG_97446255972682403775.docdoc 1c8b7f12a321e7774f3fc6ef4a68c8ab12b525d9639168bbd5ec3b67ad260c05Virustotal results 40.68%Heodo
2020-09-19PO_09192020EX.docdoc 1e3e668d4d9f8596fbdeca274a5e9ca43d2f36b0f3a620d40dcf65dc8e4cd599n/aHeodo
2020-09-1975904356.docdoc d737e6973c1db753444e7bb9eacd01acd35b8fe2e88cc795f668ff59f0ce2027n/aHeodo
2020-09-19BE6244147878ZX.docdoc b37ef41801c298349f3b8d0e7f0bf41fb621f4925fecc934cf95f84c7ee19782Virustotal results 49.15%Heodo
2020-09-19INV_BKR_090120_BSK_091920.docdoc f74bbc7638bbd37cb3f3414110b7479daa77451e7e339a3c42d8bc72f93d6862Virustotal results 37.93%Heodo
2020-09-195996314498648599.docdoc 15533d02d9310a6707f2092410bb3deff89174f7bc64f893a98e946f2ae3ba3fVirustotal results 40.68%Heodo
2020-09-19PO_09192020EX.docdoc 4165b27e5b534a04d00fd600c969784706dcd31a10beaa3b585e754f973d89b6Virustotal results 35.59%Heodo
2020-09-19WX4514056967PW.docdoc fff500c894e8ce1ddc024ef40ece32c51ed45d3d85eee507a81a1c2d0115db85Virustotal results 35.59%Heodo
2020-09-19PO_09192020EX.docdoc f3bea1e9a17c2c0596fa59400e54751f3101a0905e12055bec42c1e02ef96d8fVirustotal results 39.66%Heodo
2020-09-1909998424.docdoc b14f0e1f1d44b106d892cd44c08878b06eecb430fe4244185d68a5faa1cab7aaVirustotal results 41.38%Heodo
2020-09-19ZDJY_4294161503205682319068.docdoc 9075458c2a7a9b59a7e7f9e575757a3069952452198a9c17ce3211d3de14eadbn/aHeodo
2020-09-1950044711.docdoc a0427b223aa7c526dd3cebfcc4d97cc8a6e9d272e790a314a0ebeda94ad3f183Virustotal results 41.38%Heodo
2020-09-19FILE_169197336865400.docdoc 9836021a37477ee929f62edefd022550374c055f9629119c37decbccf76b0693Virustotal results 35.59%Heodo
2020-09-1990994217.docdoc 5236f2813e8823eddc52a679a0129cb8f0edca6ffd3d3323cb9d69b037a86853n/aHeodo
2020-09-19N_DID_090120_YTS_091920.docdoc 778c345084d688acf88bb52a9c052c1e852688885a2b4c6c3938f6f471888d44Virustotal results 29.31%Heodo
2020-09-19PO_09192020EX.docdoc 32fb5e68e6524e8f2ea13cdf8686e2f0a5fd28042071482fde48d4110a714158Virustotal results 35.59%Heodo
2020-09-19DOC_EFTAR5J70.docdoc 3d64095f4564ebc30eadbe6a61d8dd290bf34c82c7c49a9accc8179312fc53edVirustotal results 46.55%Heodo
2020-09-19MPDT_EL9452151508UR.docdoc f29d80209cde1118a9399b3937016f28ff68863180d6f36ef6d55fd099de06c1Virustotal results 35.59%Heodo
2020-09-19DOC_HM0345778045EU.docdoc 4b9de007a12dfbcc6b19f1bd5cf8d12f6ae9a7d2a3c3c04b1147e448974d9486Virustotal results 40.68%Heodo
2020-09-19FILE_PO_09192020EX.docdoc 1f267368325cfd8a9665680a987d4b866cbc949478dd3d8485e357ec821295f3n/aHeodo
2020-09-19BAL_VHJ_090120_XKV_091920.docdoc 5cc754b56ea15b372576406cb73285d5c74e09ee434b62bb955e5c02caca6b68n/aHeodo
2020-09-19PO_09192020EX.docdoc 085e7e7f6527b89c4e08c3a4094c41e50f2f10bf83f6f38feeeb5291f9ae9491n/aHeodo
2020-09-19BAL_D4R657XHM4T9PPH.docdoc aa3cdc25f8835c95178555450c3a59e80c40494e67fce018b448217410b03dc1Virustotal results 42.37%Heodo
2020-09-19DOC_EJ4XUBUFZ0XA5.docdoc eda809ad0a26585bd981ed4836c84dd4c4844d775d5ee471d3c35e980e71cd10Virustotal results 30.51%Heodo
2020-09-19PO_09192020EX.docdoc ee2bfb3bfc62ad36246c4533bb4bb8c41aa21ffeb8bd74b216d3c6088cbc7b62Virustotal results 25.86%Heodo
2020-09-19DOC_EW7128105202WG.docdoc 56813b1ff2c178be52fb844d4656d77d7d061aeeb71e90418d1665f9aac64978Virustotal results 33.90%Heodo
2020-09-1972314105.docdoc c87f8fd591bb21b8ee7da412593310605e465dc013f1607cd0f67c0e39d58685n/aHeodo
2020-09-19SQUYEY58.docdoc 9ccda2e6b37df2289f65dfac9606ad6b9a8638c5ee524ca0ed76e7db70bcba24Virustotal results 30.51%Heodo
2020-09-1906322328.docdoc 90436fd2b7dd3b53b0f9abda0a244fb004bf403720ecc01f7ffe41eb1866b36dVirustotal results 35.59%Heodo
2020-09-19VIQ_090120_RDN_091920.docdoc e1ab557b296ca131391eacfd8b4f90d7aee4de9848750b5df4b8adf770a5ca9cVirustotal results 47.46%Heodo
2020-09-18BAL_036901848043329684.docdoc 9b38f99bf028d06da1c2b0ff276857ffca68abea77256a72cce711edeb81368dVirustotal results 31.03%Heodo
2020-09-18IEJ_090120_WDP_091920.docdoc 3a245c3c3ba3257272ead17995d6b4913540dd24162a40430a05199d36f50768Virustotal results 36.21%Heodo
2020-09-18Y_13572874358092583961077.docdoc afc7650429d1bb92b43bc1bae9ac07c7e3ff7d34b10949e03b97c1a43cab0930Virustotal results 30.51%Heodo
2020-09-18FILE_PF6BZ6S.docdoc 1bf95dd5920c9ab0b519c10b39e7de04eff938ea86f834885f202a0cec87d4bfn/aHeodo
2020-09-18ZUZ_5C9PUVK.docdoc e351cb48427d30ca802f3beabc78c164446cadd34d2f040fa46a3842299b2f82Virustotal results 37.93%Heodo
2020-09-18W_PO_09192020EX.docdoc ea676e753bad13801a314d24b69b710dadbe8afbaaf399c1ad2dff18c0d7b3f2n/aHeodo
2020-09-18QL_XLEGORIG2W0.docdoc 93d817dfd2bf4e664bc17daefb9bb205e54156396a0d675a88bc250194bc7d9aVirustotal results 23.33%Heodo
2020-09-18972632116637322139141436.docdoc f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4aVirustotal results 42.37%Heodo
2020-09-18INV_R87EWDUB7.docdoc 9d18ad242b906738ecf1a87d38dfa1b46320cbed0c62244a23c7585251350efbVirustotal results 44.07%Heodo
2020-09-1841335936419605294358.docdoc c0922c3c055ffde4da5b482105dea26df27c58e1a615ec81afc024d55010f8ebVirustotal results 42.37%Heodo
2020-09-18BAL_PO_09182020EX.docdoc e3c7337d6899a5aa8ee475f563c6c84af325ac88c2a30a676f56d6182a75b59bVirustotal results 42.11%Heodo
2020-09-18PO_09182020EX.docdoc d30150c62052607c9dd68065e9bf07da7c7490bdc0be48077a770b13f28d77b3Virustotal results 42.37%Heodo
2020-09-18DOC_63544951.docdoc e6c59aa272b0319132af611954aba4331117e24c05ed652fdbf58c0ff36e991dn/aHeodo
2020-09-18INV_VC1166944767AK.docdoc 07d057a61d3df77ff64c6e81ebfa3e05ac6fb288ec8104f7b215032445fcd4cbVirustotal results 29.31%Heodo
2020-09-18K_PO_09182020EX.docdoc fe79ed4902c209d55bd37446fc8d4ce7b37f241e85e7d17264051a8cb300fa5eVirustotal results 43.10%Heodo
2020-09-18PO_09182020EX.docdoc 6f8efbd1a395cd60ea9b8707e83cc385dcd02826653fe78b0eb448d22d350035Virustotal results 35.09%Heodo
2020-09-18BAL_42638256871164.docdoc 2be116761f944e13024bcdd5438723cefa835893e4fff5b6469836a25303c683Virustotal results 29.09%Heodo
2020-09-18FILE_AREYZ9GTMY.docdoc 3b752d71ed854f4870f70aab5782715daa51d69594c62f93c34e2f0ebba6f3bcVirustotal results 40.68%Heodo
2020-09-18C_DMR_090120_KVQ_091820.docdoc 529620cd21b208f373dc72c4efcc0cf9f3ce6bfbb8bd0e44bf371084cc1bb9afVirustotal results 32.14%Heodo
2020-09-18APKG3GR4M5EG.docdoc e95b010a8ff840d370f7b1443ff23aecb562b6a5eafe6c28a393798046565870Virustotal results 40.00%Heodo
2020-09-18INV_PO_09182020EX.docdoc d07d0ed674ad854117b8fccbeeb561da2f41ed5e55d708ef7818ed882fdeb1ebVirustotal results 40.68%Heodo
2020-09-18BAL_SXB_090120_VNK_091820.docdoc 3becf7d3aed1e6a3483bdeb9eb4c6887e9eb13ed6f194315109eeb2f19ae9a07Virustotal results 23.73%Heodo
2020-09-18C_O4OF2924X098W.docdoc efcd54dbe67c5c0dcbb01abfc3f21030c54a8834d7edcdfcf1144f0b49773000Virustotal results 41.38%Heodo
2020-09-18NSJ_CX7977508952RR.docdoc de9a57408a1c753a7cabc64d88c3922102c9be764e0192253e638b4c332f3da9Virustotal results 38.98%Heodo
2020-09-18BAL_72078552.docdoc 37a0d9d6ec68559ded11b432a58dba6536644a809e72c3375dc0b656f78a4964Virustotal results 31.03%Heodo
2020-09-18REP_KS4184482423IV.docdoc 8389b0d8b9f07eb8e55e2d7c3d6bad98dc5d0c37eb030652e43b799b0a5ee5b7Virustotal results 37.29%Heodo
2020-09-18N_LXMP3WG6BTHH.docdoc a83c9759321f48ee74ffd64e1ea879f1a4e77a5c212c3a604173d38e65291c51Virustotal results 23.73%Heodo
2020-09-18FVH_090120_FDN_091820.docdoc 18b503caff600c141a8c902b753c8aeeea72206dc7884fdb2c2aaa7b36da6450n/aHeodo
2020-09-18DOC_PO_09182020EX.docdoc a17a378e78e3f2c7ad05f3802369e818c2b5669a6c4a1136d096f598417a46e6Virustotal results 24.14%Heodo
2020-09-18A_PO_09182020EX.docdoc 84015141ee67fd7d83bb8c912c6b0b32a1caf9d27e65b62d47494985973d0c45Virustotal results 32.20%Heodo
2020-09-186GAFLKB9.docdoc 7c81019f932c35ff188d4260fe0b23ba6cb27363922cbb8265a8f3121e26c32fVirustotal results 24.56%Heodo