URLhaus Database

You are currently viewing the URLhaus database entry for https://leapmom.com/ukeol/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:560996
URL: https://leapmom.com/ukeol/swift/
URL Status:Offline
Host: leapmom.com
Date added:2020-09-18 21:33:06 UTC
Last online:2020-10-22 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 21:34:35 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:1 month, 3 days, 12 hours, 39 minutes Bad (down since 2020-10-22 10:13:37 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19C_VDICX4Z6E7ENVZ.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107eVirustotal results 34.48%Heodo
2020-09-19REP_30112244.docdoc 2219a032fd67333ac69e83d15651054f5fa2ebf7711e2ff700faf7cf27bb18f1n/aHeodo
2020-09-19INV_PO_09192020EX.docdoc 6f78fbb2d641a076bd2f40a39b2802a3ece7627b834468e1af726bc6bcec7237Virustotal results 40.68%Heodo
2020-09-19FILE_CH5702078500UR.docdoc 6ff5d18efc03d5074a5c9d0c27a7ab6738e189f681af930bed2809da5a8f7544n/aHeodo
2020-09-19REP_PO_09192020EX.docdoc dd1eb5d6665fa95590fbb058fdfb8311563d8d5b62f6b8b538cb33c967f22362n/aHeodo
2020-09-19PO_09192020EX.docdoc 2bdb231a4e071c32f3734fa0ac5a13e5463ad6aea21e4a089fe1a1c69a56d372Virustotal results 36.84%Heodo
2020-09-19KNY_PO_09192020EX.docdoc 3304ef9cd1d55e1d892f5a18644273b8e62254f587e24e42428a460305129396n/aHeodo
2020-09-19Y_61994769.docdoc 20afdfa7a7c7a299565cdd046c41bcbea4b1cbdc4041edc9f0e51d52dac04a0cVirustotal results 40.68%Heodo
2020-09-19QS4240221078DX.docdoc 0fad7aa076137ca0eea07801301e4a9799bfe63d5f5ac04aa449db6fa4201512n/aHeodo
2020-09-1998661741.docdoc e5d9bb556a385de29f04eccbf388a0e8f73f556394bfcaff0a6c7ffb15e85a48n/aHeodo
2020-09-19INV_87477073.docdoc bb671b26a57e497dd769b55a4401db0186621a028301d9d577717b6f4186c3ecn/aHeodo
2020-09-19BAL_JGH_090120_GKT_091920.docdoc 161a56d18d19f07897fe02a41e186be65f9bb1d33230e6bc26787c0d5a20231en/aHeodo
2020-09-1908365025.docdoc c066bc4500ead9e0889bdaa4bc27671470aaed708c36824216e519d2b9325dfen/aHeodo
2020-09-19Q_PO_09192020EX.docdoc c48a51d8de6403e9edfbd7add130002b895655dfbe014581e64d0fd7bee83155n/aHeodo
2020-09-19WT8451132328GJ.docdoc 7c391c5dde83d6bcb96a44a794bdced0a65235c65e6ee19d33bd602b09df433fn/aHeodo
2020-09-19REP_QD3158314201IX.docdoc fff500c894e8ce1ddc024ef40ece32c51ed45d3d85eee507a81a1c2d0115db85Virustotal results 35.59%Heodo
2020-09-1929753337.docdoc 918a64048af4a066fdd935050729fcc70f074457f2943f59469ee5f3bdb0a70dn/aHeodo
2020-09-19BAL_0734122680198962011997.docdoc 53c798816c0299b0b57dfc31682d5bc2a73573f248e05ce8b5427b1b9d908150Virustotal results 34.48%Heodo
2020-09-19REP_73434349686379688303449.docdoc d0916058bac3e5720c7979d05019d5fbffb9f64eb341116f0d3febff67abea01Virustotal results 35.59%Heodo
2020-09-19INV_PO_09192020EX.docdoc a0427b223aa7c526dd3cebfcc4d97cc8a6e9d272e790a314a0ebeda94ad3f183Virustotal results 41.38%Heodo
2020-09-19WU0256586355HP.docdoc 7991a69a5cbfa005b7685a29ded3f4f849b24fed6a340cbba97dc86d6db9b0a6n/aHeodo
2020-09-19FILE_HQY_090120_XFS_091920.docdoc 86b1a6a408c5639132533fa3f488087c8f0a47c3c1a5b57cb8edaba5501166f9Virustotal results 35.59%Heodo
2020-09-19R_R2LX5JWJ.docdoc cda0f300f10989d730a1ea43471dfadb97cb10e13a73fbabeb565b5fbfd6bc30Virustotal results 45.76%Heodo
2020-09-19X4Q16M7G617U4.docdoc 778c345084d688acf88bb52a9c052c1e852688885a2b4c6c3938f6f471888d44Virustotal results 29.31%Heodo
2020-09-19FILE_5925923751953112.docdoc 7a41acc2bae61a34f8177e8d2cfa0b5f268c583906f678bd7331d9aca266f238n/aHeodo
2020-09-19NQMLZYHRQBKK.docdoc 9126b6cf6a48ccd803d63160fbb3bf6dd1329fc766e2c660732b8a72d07ae0b2Virustotal results 38.98%Heodo
2020-09-19U_OCV_090120_OED_091920.docdoc f29d80209cde1118a9399b3937016f28ff68863180d6f36ef6d55fd099de06c1n/aHeodo
2020-09-19WZZ_090120_VPT_091920.docdoc 4b9de007a12dfbcc6b19f1bd5cf8d12f6ae9a7d2a3c3c04b1147e448974d9486n/aHeodo
2020-09-19H2X43BGX8K.docdoc 87888ab358912c8c811b942e25e6e58df8ad065a33cb1041ae790d60cfad79den/aHeodo
2020-09-1989933261680925211256115.docdoc 5cc754b56ea15b372576406cb73285d5c74e09ee434b62bb955e5c02caca6b68n/aHeodo
2020-09-19UMJ_090120_OUY_091920.docdoc 7df3447e0e3af084cc5d6ad9a9f333ac88e09c1d60c0f9c0f00fcccb6d04b708Virustotal results 33.33%Heodo
2020-09-19REP_JOD_090120_RYT_091920.docdoc 8edaaf5279e9bbfba0c2952d8545563f327f0648035e56774baef612d4777aafn/aHeodo
2020-09-19REP_TTC_090120_DIU_091920.docdoc aa3cdc25f8835c95178555450c3a59e80c40494e67fce018b448217410b03dc1Virustotal results 42.37%Heodo
2020-09-1985930861.docdoc ee2bfb3bfc62ad36246c4533bb4bb8c41aa21ffeb8bd74b216d3c6088cbc7b62Virustotal results 25.86%Heodo
2020-09-19REP_41878319.docdoc 99eda692ad8e7b4355aa54a8bbe79740fedcf0500c775ade59cd67ed7c7ecaaaVirustotal results 41.67%Heodo
2020-09-19INV_85667408.docdoc 0549a96b45be7693d38af5e4063355260635db3e33191b92e82e43c49eda7901Virustotal results 25.42%Heodo
2020-09-19FILE_572919512904283938467.docdoc 30ee1918a15e45641f559b5bda9985c8aceb4a0e4e64e49de6364d24982556afVirustotal results 37.29%Heodo
2020-09-19REP_PO_09192020EX.docdoc e701c5716c99c6e1549951ed3f1eeffb8b4a9625d8dadb55251998b731c7a109Virustotal results 35.59%Heodo
2020-09-19TVQ_090120_JDV_091920.docdoc e8ba52929c7417d389ec7c09ee6326be03a51186987ca74d8ef79a98803150b5Virustotal results 25.86%Heodo
2020-09-18G_2609320360820850033.docdoc ec0a9a535ccb576248f4c7900428f2a898853aa83d6cdff165a23414125d8a68Virustotal results 25.42%Heodo
2020-09-18REP_JPOC1QY6XXL5DRX2.docdoc 3a245c3c3ba3257272ead17995d6b4913540dd24162a40430a05199d36f50768Virustotal results 36.21%Heodo
2020-09-18REP_84819419.docdoc afc7650429d1bb92b43bc1bae9ac07c7e3ff7d34b10949e03b97c1a43cab0930n/aHeodo
2020-09-18D_SDD_090120_QRS_091920.docdoc 1bf95dd5920c9ab0b519c10b39e7de04eff938ea86f834885f202a0cec87d4bfn/aHeodo
2020-09-1863701038431519218.docdoc e767562438c04ed2d3dee57114d125b4446278c036106d12eb8e7fd9d9a93940n/aHeodo
2020-09-18UK7278698880TQ.docdoc 51a455b1fd51bbbeddc6805c7d1304d1100dabc2c5611401df5b4f834f62b07aVirustotal results 38.98%Heodo
2020-09-18H_34848265.docdoc 93d817dfd2bf4e664bc17daefb9bb205e54156396a0d675a88bc250194bc7d9aVirustotal results 23.33%Heodo
2020-09-18H_81931243.docdoc f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4aVirustotal results 42.37%Heodo