URLhaus Database

You are currently viewing the URLhaus database entry for http://aquarius.com.br/9hv3/esp/EHSmAJcYxP1ic60fz/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	584732
URL:	http://aquarius.com.br/9hv3/esp/EHSmAJcYxP1ic60fz/
URL Status:	Offline
Host:	aquarius.com.br
Date added:	2020-09-21 09:40:09 UTC
Last online:	2020-09-21 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-21 09:42:34 UTC to abuse{at}microsoft[dot]com)
Takedown time:	10 hours, 10 minutes (down since 2020-09-21 19:52:35 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-21	Inf_2020_09_21_NIT56277.doc	doc	d3ff202740cdff416eec962da85987a787df2ae2fc8e6fdf4b010035594c9960	28.33%	Heodo
2020-09-21	UNTITLED-R280086.doc	doc	817dfa0131f4686e1849deaf26ff7ffe1f5b2eb30526bc09a6753ce13185f502	26.67%	Heodo
2020-09-21	mes_3125308.doc	doc	716299f97023ee3e7f0a20ad1843ee7284684da8a503b9031fdaf0aac7e81671	n/a	Heodo
2020-09-21	179_20200921_70455.doc	doc	fb5916b49a668daaac999ec4edfa053a580598228838e24dea97f07289f6a2f8	26.67%	Heodo
2020-09-21	UNTITLED 20200921 JH8639.doc	doc	fada4708605505ec08d2045110877e6a7cd8fb2037b0d9bc3c32c5607a23c21a	28.33%	Heodo
2020-09-21	UNTITLED_2020_09_21.doc	doc	0adca8f3f5265407428b7bada83845928992378c6adcfaa2126c4b04f40ea987	28.81%	Heodo
2020-09-21	REP-2020_09_21-DGO99366.doc	doc	2f702f1a2ba900b1f907315425309f855fc57073c9c5afea7bcd30e69ada2ed7	26.67%	Heodo
2020-09-21	Inf-2020_09_21-JN21066.doc	doc	66cb8b7e3c4085898b6efb2c9b2d39cb3bd28f6fab85e83e70b4e9a3f441a22f	n/a	Heodo
2020-09-21	MES_2020_09_21_EGR060874.doc	doc	80a8b5600bf204df850aadf7d4e7833263ef3c4771208d62fcb53e662007b5d3	n/a	Heodo
2020-09-21	file.doc	doc	8444b33aede1c4250ebffcce3e2abc7f96072003c7a5981b85a10bad9536ecae	23.73%	Heodo
2020-09-21	Inf-2020_09_21-1429262.doc	doc	dca654f7419186826dd804c032f8e751321489bd9949c76f41b996cd587ae19f	23.73%	Heodo
2020-09-21	LIST_20200921_3052.doc	doc	d295a4bc76b3fcc18074cea9d67ed8b169bfa0d2c88f51d09bdc56d1db74de58	24.14%	Heodo
2020-09-21	mes-20200921.doc	doc	356b82eeebe4eebc57579bc3932589783542b3b169a2f2c85dfa0c78fddb7ac1	n/a	Heodo
2020-09-21	list-20200921-30327.doc	doc	8624b86a85ad6c756c26034225f489ef15aa8cfcfdf0dafb529ab9a1718e075b	22.03%	Heodo
2020-09-21	FILE 20200921 I655.doc	doc	42f29aa41b1f7d9de698db6b2a4512a76e4c54af72ab7ce26542fc3666438084	n/a	Heodo
2020-09-21	Mes_TW9610.doc	doc	5a4026c992939e304da0cb25bcf181141d3875dec80db0003434902ca37ec64e	n/a	Heodo
2020-09-21	mes_20200921.doc	doc	c38007baa464dfca54ee9305c00ba166951dc23b5b4acf9fd9d28ae1ca04ca8d	23.73%	Heodo
2020-09-21	Attachment Z86425.doc	doc	a0953aa999c3d722ffa876f5dd3371023be5aa513d6ec18052edfcb2b7feb185	n/a	Heodo
2020-09-21	arc-2020_09_21-8513.doc	doc	6cd088d70602d9032920e91bec900e3f28ba0a38eca2b98bd6139e6e882bed64	n/a	Heodo
2020-09-21	list 20200921 AI506171.doc	doc	7a54b9e5d5090d615e8e104632ff7c966103ba016bdb7722525a3eb1aed17c13	n/a	Heodo
2020-09-21	Mes_20200921_28885.doc	doc	155fc45f0849e7a83587aedc0cb028a587bf371a518ceeebbd95492f5ee666dd	n/a	Heodo
2020-09-21	ARC-2020_09_21-7727528.doc	doc	067eb151263b210a180acec91b442c110a21200820760e17f408b1fbbfe4f67a	n/a	Heodo
2020-09-21	24240HOA-20200921.doc	doc	e31852589616b85edbf925aabe05c088a34bf27428fb8b11d1908d227b8bcb37	n/a	Heodo
2020-09-21	DAT 20200921 079.doc	doc	b556e5b6ae3087d8ffa1327e4115618e43c66602e8a877abf50d008861d7b740	n/a	Heodo
2020-09-21	ARC_20200921.doc	doc	c011f657db09823eeda192e8f301d95cd0abb5aa4fac1ef4d53c5169e951bbf0	20.00%	Heodo
2020-09-21	FILE 20200921 S19226.doc	doc	3e852ee596953598ade5ec15aca21d6360f378edb62269d0b2d2c9ae5c8d3bc7	18.64%	Heodo
2020-09-21	DAT-20200921-0492810.doc	doc	d8fa1fd9d6875f094c2397135903ec7e871ca63b06a471a6052b8cda6d7b208e	18.97%	Heodo
2020-09-21	rep 2020_09_21 779.doc	doc	197e6b7ab5d8d561afd038bad52a5be5c5f9134eb8c8d04ba5f64124c211baad	18.97%	Heodo