URLhaus Database

You are currently viewing the URLhaus database entry for http://leapmom.com/ukeol/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:562350
URL: http://leapmom.com/ukeol/swift/
URL Status:Offline
Host: leapmom.com
Date added:2020-09-19 01:33:06 UTC
Last online:2020-10-22 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-19 01:34:26 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:1 month, 3 days, 8 hours, 56 minutes Bad (down since 2020-10-22 10:31:12 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-1964143536.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107en/aHeodo
2020-09-19FILE_63039705760245788839.docdoc f4914cbba852a170c0da8d021e223ecd72be23357cf6dfaaac21d926ab043885n/aHeodo
2020-09-1966382127.docdoc 9f77870d3740686f81155c4cca802ccb196cdd875714ed8e25d9a920d2d2adb4n/aHeodo
2020-09-19REP_PO_09192020EX.docdoc dd1eb5d6665fa95590fbb058fdfb8311563d8d5b62f6b8b538cb33c967f22362n/aHeodo
2020-09-19PO_09192020EX.docdoc 2bdb231a4e071c32f3734fa0ac5a13e5463ad6aea21e4a089fe1a1c69a56d372Virustotal results 36.84%Heodo
2020-09-19Y_61994769.docdoc 20afdfa7a7c7a299565cdd046c41bcbea4b1cbdc4041edc9f0e51d52dac04a0cn/aHeodo
2020-09-19QS4240221078DX.docdoc 0fad7aa076137ca0eea07801301e4a9799bfe63d5f5ac04aa449db6fa4201512n/aHeodo
2020-09-19REP_5882625713.docdoc 35b7b5b1fcf159556bb2f5363ef7d7ac72b3f4d1e9357d0e2a452b8c99bfd0e5n/aHeodo
2020-09-1998661741.docdoc e5d9bb556a385de29f04eccbf388a0e8f73f556394bfcaff0a6c7ffb15e85a48n/aHeodo
2020-09-19PO_09192020EX.docdoc b19f8522e5a2528e85dc936c8c83e1a9ed3bed5055ca06a67433b2b5201fb1den/aHeodo
2020-09-19BAL_JGH_090120_GKT_091920.docdoc 161a56d18d19f07897fe02a41e186be65f9bb1d33230e6bc26787c0d5a20231en/aHeodo
2020-09-1908365025.docdoc c066bc4500ead9e0889bdaa4bc27671470aaed708c36824216e519d2b9325dfen/aHeodo
2020-09-19L_PO_09192020EX.docdoc 15533d02d9310a6707f2092410bb3deff89174f7bc64f893a98e946f2ae3ba3fn/aHeodo
2020-09-19LMQ_090120_GBC_091920.docdoc 36156e8a513ab8e144b478cbcdac6ed738f83e03ce174a02228593813a701692n/aHeodo
2020-09-19INV_BZ1765576711PS.docdoc 4165b27e5b534a04d00fd600c969784706dcd31a10beaa3b585e754f973d89b6n/aHeodo
2020-09-19BAL_DJRWMFYJ0LPA.docdoc 1963ec47acb4c6d57b2e6d75de7d45de3b479c9f24760d5a0456a3accc66ddb0Virustotal results 42.37%Heodo
2020-09-19REP_623281933406293744981.docdoc 5b0a648192c791817089baf85e77206be78ec6b2fc7924b465bb1bd718d78b56Virustotal results 32.76%Heodo
2020-09-19BAL_PO_09192020EX.docdoc b8818fbdeecde51adf7270365592b9812f1e323c4cdbf81f12885c590727d3f2n/aHeodo
2020-09-19REP_JZX_090120_BCD_091920.docdoc 1fdd870e2f8e533d5592145cd1fc37281bd190265fb33663d5f8b0bbab9e8e53Virustotal results 53.33%Heodo
2020-09-19INV_PO_09192020EX.docdoc a0427b223aa7c526dd3cebfcc4d97cc8a6e9d272e790a314a0ebeda94ad3f183Virustotal results 41.38%Heodo
2020-09-19REP_IIM_090120_HYW_091920.docdoc 9609fd808a397cc58e8735df095c890db77e5ee974c087fe02834d1a04900b3en/aHeodo
2020-09-19R_R2LX5JWJ.docdoc cda0f300f10989d730a1ea43471dfadb97cb10e13a73fbabeb565b5fbfd6bc30Virustotal results 45.76%Heodo
2020-09-19X4Q16M7G617U4.docdoc 778c345084d688acf88bb52a9c052c1e852688885a2b4c6c3938f6f471888d44Virustotal results 29.31%Heodo
2020-09-19FILE_5925923751953112.docdoc 7a41acc2bae61a34f8177e8d2cfa0b5f268c583906f678bd7331d9aca266f238n/aHeodo
2020-09-19NQMLZYHRQBKK.docdoc 9126b6cf6a48ccd803d63160fbb3bf6dd1329fc766e2c660732b8a72d07ae0b2Virustotal results 38.98%Heodo
2020-09-19K_353329380725642498.docdoc 7032382798471056e86e6737c338291cdd791a526f78f36db74900e9a5293e4bn/aHeodo
2020-09-19L_MCT6GPNPTH0EY.docdoc f45366fd48bfadbe704572fe3f559494d82fc82a99673cf792e760777f56ece1n/aHeodo
2020-09-19H2X43BGX8K.docdoc 87888ab358912c8c811b942e25e6e58df8ad065a33cb1041ae790d60cfad79den/aHeodo
2020-09-19Y_067871851647.docdoc 9cd1ed00043bfb185a3b497fb855abad25261f016f8882ae085daa73ffb32deeVirustotal results 46.55%Heodo
2020-09-1989933261680925211256115.docdoc 5cc754b56ea15b372576406cb73285d5c74e09ee434b62bb955e5c02caca6b68n/aHeodo
2020-09-19DOC_WAV67SWY3C.docdoc 3f8ac48efd3eef3c80e8979f8cf9bbf0e0d98511a42e7517063cebdf73789e60n/aHeodo
2020-09-19REP_TTC_090120_DIU_091920.docdoc aa3cdc25f8835c95178555450c3a59e80c40494e67fce018b448217410b03dc1Virustotal results 26.32%Heodo
2020-09-19BAL_S8NYV47CZTSM7.docdoc 283fa803d0bcd99ac43b6d04b267e8fe8de71ea98d41f73ff426fc27fcba6dc2Virustotal results 35.59%Heodo
2020-09-19INV_4417358095415.docdoc cfa732f080d66f4255202de5836aedb5332dbe226ea5ff3e49c926ee56519cddn/aHeodo
2020-09-19ZJU_PO_09192020EX.docdoc c87f8fd591bb21b8ee7da412593310605e465dc013f1607cd0f67c0e39d58685n/aHeodo