URLhaus Database

You are currently viewing the URLhaus database entry for http://megalighthotel.com/c9tf/esp/7ayqcf15cgx6/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:559685
URL: http://megalighthotel.com/c9tf/esp/7ayqcf15cgx6/
URL Status:Offline
Host: megalighthotel.com
Date added:2020-09-18 19:31:09 UTC
Last online:2020-09-25 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 19:32:03 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:6 days, 18 hours, 36 minutes Bad (down since 2020-09-25 14:08:16 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19DOC_52W701WRZLKBH5.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107en/aHeodo
2020-09-19DOC_HY127X60IJGJRIX.docdoc 2219a032fd67333ac69e83d15651054f5fa2ebf7711e2ff700faf7cf27bb18f1n/aHeodo
2020-09-19GBY_090120_ZXZ_091920.docdoc 7c266f2e5ff601cc96e9a3b11271921adc8347dc35f9eadfbbd514dbede04266n/aHeodo
2020-09-19P_49535047.docdoc 6ff5d18efc03d5074a5c9d0c27a7ab6738e189f681af930bed2809da5a8f7544n/aHeodo
2020-09-19FILE_7028509370986480762651.docdoc dd1eb5d6665fa95590fbb058fdfb8311563d8d5b62f6b8b538cb33c967f22362n/aHeodo
2020-09-19AH5BGIL6JPDJG.docdoc ca235f31bad34b88fa114fb3657583c68ff80a1c5fb637b51b4338fbe6134f94n/aHeodo
2020-09-1900019385.docdoc 6551f8c92068a9f5857920d06ee67a6c00db576cdcbf7901a645b734994a0e8bVirustotal results 41.38%Heodo
2020-09-19K_67970326.docdoc 0fad7aa076137ca0eea07801301e4a9799bfe63d5f5ac04aa449db6fa4201512n/aHeodo
2020-09-19Z_33404972769106.docdoc d7f9f33aa1e41e5cf3ed675039323eedced58cb2e29f20b2fb2b6df79ab141d2n/aHeodo
2020-09-19QW6347011391PP.docdoc 75f538b2ff372af6854b172dc78aea754ea64afc283c47f6c1b5bba657e9cac9Virustotal results 33.90%Heodo
2020-09-1925841049.docdoc d737e6973c1db753444e7bb9eacd01acd35b8fe2e88cc795f668ff59f0ce2027Virustotal results 35.59%Heodo
2020-09-19INV_762935464569041.docdoc b37ef41801c298349f3b8d0e7f0bf41fb621f4925fecc934cf95f84c7ee19782Virustotal results 30.51%Heodo
2020-09-19B12CRMCT2FGKHMLP.docdoc f74bbc7638bbd37cb3f3414110b7479daa77451e7e339a3c42d8bc72f93d6862Virustotal results 37.93%Heodo
2020-09-19REP_89195882880564712192.docdoc 32d451b2bae3e18f7c033f617f08f633bbe77e2bd4a98bd72d6fccb66ff80900n/aHeodo
2020-09-19DOC_24084338.docdoc 36156e8a513ab8e144b478cbcdac6ed738f83e03ce174a02228593813a701692Virustotal results 37.29%Heodo
2020-09-19BO_09161632.docdoc 7c391c5dde83d6bcb96a44a794bdced0a65235c65e6ee19d33bd602b09df433fn/aHeodo
2020-09-19Y_CG8399023485IE.docdoc fff500c894e8ce1ddc024ef40ece32c51ed45d3d85eee507a81a1c2d0115db85n/aHeodo
2020-09-19QM9206925705MP.docdoc 5b0a648192c791817089baf85e77206be78ec6b2fc7924b465bb1bd718d78b56Virustotal results 32.76%Heodo
2020-09-19DOC_09444971.docdoc 53c798816c0299b0b57dfc31682d5bc2a73573f248e05ce8b5427b1b9d908150n/aHeodo
2020-09-19BAL_UNY_090120_IZW_091920.docdoc d0916058bac3e5720c7979d05019d5fbffb9f64eb341116f0d3febff67abea01Virustotal results 35.59%Heodo
2020-09-19DOC_WFC17M1CTXQ.docdoc 1fdd870e2f8e533d5592145cd1fc37281bd190265fb33663d5f8b0bbab9e8e53n/aHeodo
2020-09-19FILE_GXE_090120_VYL_091920.docdoc 86b1a6a408c5639132533fa3f488087c8f0a47c3c1a5b57cb8edaba5501166f9Virustotal results 35.59%Heodo
2020-09-19BAL_JOORN24DAN60JQE.docdoc aae82415f0c1d33438261bb6ea1039cdff8bccc786541f5177e6938497f5b2d1n/aHeodo
2020-09-1960528165.docdoc 73620e838eb9f25fb84489e5a9b183790be59e762fb7aa8cd65a6958e83a00c0Virustotal results 40.68%Heodo
2020-09-19PO_09192020EX.docdoc e04d0fb983378ed4932296cee99a78050dc18fa6b09cd6fb726eb90978a6d6acVirustotal results 31.03%Heodo
2020-09-19DOC_461925685614649701922.docdoc 3d64095f4564ebc30eadbe6a61d8dd290bf34c82c7c49a9accc8179312fc53edVirustotal results 46.55%Heodo
2020-09-19REP_8800456562947.docdoc 90e191cad172245af9b6ffe8c5ca065163bb8ae54f8a3b6c573663f7179dc471Virustotal results 27.12%Heodo
2020-09-19REP_5FHNYMFHH1W54M8P.docdoc f45366fd48bfadbe704572fe3f559494d82fc82a99673cf792e760777f56ece1n/aHeodo
2020-09-19J_PO_09192020EX.docdoc a750366c2526e29a08f729005ab062b1a98ae9774f4c3d0ff22d881c67405c41Virustotal results 41.38%Heodo
2020-09-19DOC_00834584.docdoc 375b8adece65a4d295e2b9104fb0e7fa3c3c7cc7ebb3dea4607776d050029316Virustotal results 27.59%Heodo
2020-09-19DOC_91276042.docdoc 8edaaf5279e9bbfba0c2952d8545563f327f0648035e56774baef612d4777aafVirustotal results 31.67%Heodo
2020-09-19INV_9696333948217400.docdoc d20baee3b136e9ccf09f5dd19ddf745c78f62622f6449979fd30940853bdb70bVirustotal results 35.59%Heodo
2020-09-19NRN_QMYK62G4KPSQ1.docdoc cc21dad99db9fe14ebb5e963372e9b2bb57c453683119891b367387d06f812edVirustotal results 40.68%Heodo
2020-09-19INV_UZDP9IW6K0KVQ.docdoc 283fa803d0bcd99ac43b6d04b267e8fe8de71ea98d41f73ff426fc27fcba6dc2Virustotal results 35.59%Heodo
2020-09-198162737059266462.docdoc 56813b1ff2c178be52fb844d4656d77d7d061aeeb71e90418d1665f9aac64978Virustotal results 33.90%Heodo
2020-09-19UE0708499770ZE.docdoc 61e0ad6b0713f35c85474bdccb13d97ddbc1f384dbad75c364224d9b65c1bf51n/aHeodo
2020-09-19DOC_B7N0FKMUHQ.docdoc e701c5716c99c6e1549951ed3f1eeffb8b4a9625d8dadb55251998b731c7a109Virustotal results 35.59%Heodo
2020-09-19PO_09192020EX.docdoc e1ab557b296ca131391eacfd8b4f90d7aee4de9848750b5df4b8adf770a5ca9cVirustotal results 47.46%Heodo
2020-09-19BAL_32756459555.docdoc a6a8b9e3e602b8727f2687f6906dbc66a534b711594e7064776f9128f0582e0eVirustotal results 30.51%Heodo
2020-09-18895789927679432189.docdoc a89a3fb97be7cefc4d26bbdfb463943abc4b7a4ad8f448b559cabed432592458n/aHeodo
2020-09-1821274712.docdoc 3a245c3c3ba3257272ead17995d6b4913540dd24162a40430a05199d36f50768Virustotal results 34.48%Heodo
2020-09-18BAL_PO_09192020EX.docdoc c536931bec7f39621f1f86cd9b7b49ba58e35ba7a7f6ce7b92724de491137e3dVirustotal results 38.98%Heodo
2020-09-18DOC_AJ6440535365HO.docdoc af7a05d648d4175f924ff2431748c2bf40e15eeb256d2135bfeba80f4adbd149Virustotal results 24.14%Heodo
2020-09-18DOC_PO_09192020EX.docdoc e351cb48427d30ca802f3beabc78c164446cadd34d2f040fa46a3842299b2f82Virustotal results 39.66%Heodo
2020-09-18CUTD_YH2584410942ZE.docdoc 4a0e1fa1af2997f150fe806a7ff482e45c83132a101a0808e8ced6e543de770aVirustotal results 34.48%Heodo
2020-09-18O_PO_09192020EX.docdoc 6a500490be1db393b419c4d2dc1bd43557bd87fe40b7b996037834fb137d8d0eVirustotal results 31.03%Heodo
2020-09-18DOC_870803104188.docdoc c78cf5346497f3b9c5cb2f0734b631178c25eb818adf58b25aba4c7d6313f442Virustotal results 42.37%Heodo
2020-09-18371CHC2Q60.docdoc 523f29c1434d7c2b71f1516c5c73cf9bd1546f0669e730fdf9282641ced7cfd4Virustotal results 44.07%Heodo
2020-09-18D_22AGOFLV5H2ZBZJ.docdoc 2207a632a023bbb96b9b2e0dc6b930a3c725420713dfce30b4b47c7fa3a46932Virustotal results 43.10%Heodo
2020-09-18WUA6EJ1A6UA.docdoc e3c7337d6899a5aa8ee475f563c6c84af325ac88c2a30a676f56d6182a75b59bVirustotal results 42.11%Heodo
2020-09-18FILE_AEMJ612OWM98GT.docdoc 33099cd71cd92838445b2b6beaab0d5f29220c7866510e1a83dd32c0779c91a8Virustotal results 36.21%Heodo
2020-09-18ZN5038830984QO.docdoc e6c59aa272b0319132af611954aba4331117e24c05ed652fdbf58c0ff36e991dVirustotal results 44.07%Heodo
2020-09-18BAL_GX9765858308GA.docdoc 4000d1ab30db6a5d94686c02f9a7e6e687231ff9bfd42bf56e3f9f1e8750ede2Virustotal results 28.81%Heodo