URLhaus Database

You are currently viewing the URLhaus database entry for http://aws-and-infra-dmain.xyz/wp-admin/parts_service/Z7PeCYa1uMnI/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:560063
URL: http://aws-and-infra-dmain.xyz/wp-admin/parts_service/Z7PeCYa1uMnI/
URL Status:Offline
Host: aws-and-infra-dmain.xyz
Date added:2020-09-18 20:07:05 UTC
Last online:2020-09-20 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 20:08:23 UTC to abuse{at}amazonaws[dot]com)
Takedown time:1 day, 21 hours, 8 minutes Poor (down since 2020-09-20 17:16:44 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19UNTITLED-2020_09_19-ZSE183323.docdoc 1d13a0fe58c9b38ffc4121ee00cb8c1c7bd55d755cc87f610fb1a3c306204474Virustotal results 37.29%Heodo
2020-09-19list_2020_09_19_5895110.docdoc c67445bd4a7a3846de10ecccfc8117f4c144d3c2cc2ed29bbd934d3e06dd7e9bVirustotal results 34.48%Heodo
2020-09-19File.docdoc 006e64b6cfe2567e6bc6685453e8009b6b2bee02a0ce99713266b04087241d0cVirustotal results 32.20%Heodo
2020-09-19Inf_20200919_038.docdoc 610c4e7f9d0c567d7d8a230edc8cbe856baae5fb20c5fbebe2a43c7c7d007feeVirustotal results 24.14%Heodo
2020-09-19rep 2020_09_19 KC138132.docdoc 0b20a73da9e858ca63b3e038817d2cd82a98535eb4ed6c1dbb214e3e066bede2Virustotal results 23.73%Heodo
2020-09-19DAT 2020_09_19 C0535.docdoc 9e398469dae4d767b068930ed48a2283bade08114e66f158454ede4cf08d5bcfVirustotal results 20.69%Heodo
2020-09-19LIST_05892.docdoc 7da90a568b11f5619217fc3f607646d3fba7a56ef64303b2ab72b8751d9308fcVirustotal results 22.41%Heodo
2020-09-19UNTITLED RNY5986.docdoc 0b58ba1859d47221ab95122240157d9d4bc885723fb94b700f1c36cb28edf3c6n/aHeodo
2020-09-19INF_2020_09_19_HB370.docdoc 85c0fbbdc250f9ddf13c8a438a1c90ada6ff0e475cddaa45cbdbcfdf18c9dab9Virustotal results 22.81%Heodo
2020-09-19Untitled-2020_09_19-6417027.docdoc 0d6380a49e7088513773efca368acb3a783954a2d4df49ea9b730c9e49969458Virustotal results 23.73%Heodo
2020-09-19Dat_20200919_INO644.docdoc c23cc89488404b578a22052d1d946ea0e421961bb77a5c4b002d890506c2aba6Virustotal results 24.14%Heodo
2020-09-19MES_20200919_J161892.docdoc 906eb841dd00ed7c09bdb5dc7c0d3722f6313536e45201301a2db07d0fe04beaVirustotal results 23.73%Heodo
2020-09-1979711_2020_09_19_YF78322.docdoc 606c981a35630090fe7df6ea2bd78be7c01eb20f5d266ba2432b209e9bf26eb8Virustotal results 22.03%Heodo
2020-09-19REP_20200919_31064.docdoc 7de7c890bf221f642348c57fd51a9d1ebac44cf9e5136ce1f0a12c7e587e69eeVirustotal results 22.03%Heodo
2020-09-19Inf GB349992.docdoc bad0da6e5c3252214e74c5ebd3ebca1b19331a5dc3c62d1b0c400f8ad73303a7Virustotal results 23.73%Heodo
2020-09-19Attachments-2020_09_19-88128.docdoc 2cbeb14e3ad7c8a795f7454334ae6793f020780e53173535e65ddee8c2a717afVirustotal results 24.14%Heodo
2020-09-19Mes-2020_09_19-5882736.docdoc cab5f70f9a6d1f300828e8c715696273befca7a141ca5e75b69b5a408ee432b2Virustotal results 30.51%Heodo
2020-09-19Doc-20200919-5460.docdoc 7914bb6c3d6664a065cdb3f06cfc21a7f85fd7423e3b5af3468245d1f03edf5cn/aHeodo
2020-09-19LIST H8290.docdoc 7d635d13a89e28fd6b0237c35f566e2be9502c55ae2dee5b94c1b5281c018152n/aHeodo
2020-09-19Inf_2020_09_19_4327339.docdoc 32f41a25d60eecd90e5e66e0ac2850bd6fbe4f97ddb2dd1e1c3998ab3089f391n/aHeodo
2020-09-19VFW59472 20200919 D02799.docdoc 0f8726a2e1ed31116d9cf065548921ba480bafb9467bbbccc96ec094859734e7n/aHeodo
2020-09-19DAT-J174.docdoc 4c294575dcf08d7b4946e3d8d883d7a62ab36dd5170bf983df08adf59d7414dcn/aHeodo
2020-09-19Doc_VK119.docdoc d2f7410370f98bd4b8df1da90c315498ed40486e84d2c1a4951935f642fb8d3cn/aHeodo
2020-09-19INF_20200919_P29783.docdoc 678355b541ffa2eb21d7b767a9e6039f3447aaaad39161002cf3b66c1d44c1dcn/aHeodo
2020-09-19UNTITLED_2020_09_19.docdoc 34d91dd2c961c7932b2e9f2a6ce803cdd745ef4d3b0fd60d429858237f8e45dan/aHeodo
2020-09-19SNY141-20200919-596879.docdoc 614c62ac24ffd787e87c3f0be186188b9c87530dcc81b1559e388c1e06d1e2c7n/aHeodo
2020-09-19List-20200919-542.docdoc 93e1254e65773ffb3d3f3aeeda414a5356482c00d5ecc36dcd385158ac7c8fb4Virustotal results 22.03%Heodo
2020-09-19doc 20200919.docdoc f5ca634bdeacd64ccc52ea932bd221762cc68524fcef2df96c77ecd777d16670n/aHeodo
2020-09-19List-20200919-0528.docdoc 6584db21f3b24953242d8d42e4ffa62e8026aebaea9f5c6b5cae066f4c279370Virustotal results 22.81%Heodo
2020-09-19Rep-2020_09_19-4428.docdoc a6d4e72568e642cf4b7ebface0d1efd59bb14b348af845c74bd132af71733f53Virustotal results 23.73%Heodo
2020-09-18ARC_GRQ1578.docdoc 9cfbd2b1385991e74144b32795611bff463960304a0bac67116378ec94caf271n/aHeodo
2020-09-18REP-915617.docdoc 2a3e7c662c026f10d65fedffc2f513a8683860a3448c822016d34579120dfb36n/aHeodo
2020-09-18976702-2020_09_19-4671.docdoc df50fc4b87844f590011e4655d981e4aa7d498dec2d0940b554aea8538567352Virustotal results 22.81%Heodo
2020-09-18FILE_40336.docdoc f56906e33a9a9bd3b074b3b5c24c2e98ba58817c4c61452977054f27d0d9312dn/aHeodo
2020-09-18ARC-20200919-FO405.docdoc f13c7662ae4f7890dcaaeffec05902dec857b5cc7f106b1002c1b595add9912an/aHeodo
2020-09-18LIST 2020_09_19.docdoc 8de922c73adca515635e350e8e59e9e2470d9baab56386d9e8f3b3f9b6bfb701Virustotal results 22.03%Heodo
2020-09-18file_0985486.docdoc 7234cb8db24e20ba0abe1fb9f9a177573e1e83122a6f3b8debd45e34b67a7775n/aHeodo
2020-09-18File_53688.docdoc 5f947b8388016997bed38166706bb096d920127a6a8c7823ff7dcebcaba8f81eVirustotal results 27.12%Heodo
2020-09-18FILE-12733.docdoc 94cbcca1d095e7f389dc8a63c2efe17bf54bbbdab3b2ae794b6093bd8d65e9cen/aHeodo
2020-09-18rep_2368.docdoc 923692821eb7f6837085e7bef93e95d87c7d841697e21fa1730ee5d217312f14Virustotal results 28.07%Heodo
2020-09-18Z4485_U9812.docdoc 62369ff5907322b724aa7887f89b56d02ca2c5e1388236064005e7c9d8451dc0n/aHeodo