URLhaus Database

You are currently viewing the URLhaus database entry for https://ravenssus.xyz/wp-admin/eTrac/04cgabzs2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:588274
URL: https://ravenssus.xyz/wp-admin/eTrac/04cgabzs2/
URL Status:Offline
Host: ravenssus.xyz
Date added:2020-09-21 18:06:06 UTC
Last online:2020-09-22 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 18:08:05 UTC to abuse{at}choopa[dot]com)
Takedown time:19 hours, 45 minutes Good (down since 2020-09-22 13:53:43 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-22BAL_67E7ZO7V5ENT2X.docdoc 76fcaae92b446ead7ab43381902c83a62e16ff65b64003efbac7fc051a00f36eVirustotal results 23.73%Heodo
2020-09-2261207507.docdoc bc0f5f88362b75c7201dc63b3d17719f927c8791a0cbacacf5963e829151d072Virustotal results 26.32%Heodo
2020-09-22INV_PO_09222020EX.docdoc 013f49af6f7f5e1e34116aa22e1bc2ba4babbb2c0b0f97bf4da287ce88b16a16Virustotal results 50.85%Heodo
2020-09-22YEG_090120_DDG_092220.docdoc 5b38fc0a82ee2bad1bffc097d51204cfc0a8891028bbe88ccc02e3aeb5bdc701n/aHeodo
2020-09-22BAL_QSN_090120_WBR_092220.docdoc 5afc0cb3678f76158e4a1f13c92dc70d4f35a711631f63ba0ebbac906b39256an/aHeodo
2020-09-22DOC_PO_09222020EX.docdoc d17b89409f739bcfb27d21410a0a0f54ef67d6c62c72af4d53771bf64c145faen/aHeodo
2020-09-2298054725.docdoc 38f1b170bb971a130f88c65c81b00d2ef29a3e9acb9ef22cfdfd9be5555211d2Virustotal results 49.18%Heodo
2020-09-22DOC_WF2423329332JJ.docdoc 217d5eecc298ade36d2d72125e1af3685ad38b4c4dfb8c1a289c97a33dd7c641n/aHeodo
2020-09-22DOC_ONPND3S.docdoc 258b7ae46c098ad84ebaf19af2fb44f2768f506175e4682bda531b63d347dbe5Virustotal results 49.15%Heodo
2020-09-22FILE_LB0138419356IB.docdoc 1e077de7f01a0d239a1aad3c66e1399b709836c2a325f5838bd75a45e90f83feVirustotal results 48.33%Heodo
2020-09-22451828173145484079.docdoc 786c261badc6c7bf63d5d39f4777269b81a0e4b2df5040b22a912e8b86f5ed49Virustotal results 49.18%Heodo
2020-09-22REP_82151208.docdoc cb903d512087eb2ec78a575462462a1afc6c5b0645f130576059e0eda0e08958Virustotal results 49.15%Heodo
2020-09-22REP_4420742065198157224090.docdoc 0c1cc5960132333aeb60b0be9cbebd1dd6111da0266048bab71719914353e512Virustotal results 48.33%Heodo
2020-09-22FILE_931182476031935924659.docdoc 51ae65c1bfb9227a2a69b19041097b6323131a87f452e961d28d112302ec7203Virustotal results 44.26%Heodo
2020-09-22NIZWO7U.docdoc edec0ce8d1bc871e3003b2603132fcdb8a0951c125d24616afbe96262e26eddfVirustotal results 47.46%Heodo
2020-09-22BAL_OHJ_090120_SCC_092220.docdoc 1e31391e20889b755f6f5c06597b3173f49065e7743274c17e28f5bedb95672cVirustotal results 48.33%Heodo
2020-09-22KD_NZXXGFIRR5MZTM.docdoc 8d49090e5ad1ca487645e8dad8b6e90d267b4a7f5d4cdf4d9c4441d969f088caVirustotal results 45.76%Heodo
2020-09-22INV_RQ1112196657NM.docdoc 57ba4b4fdcb75beec5d6d63154dfda3510f28ac094da0ca819dd8677ca37a924Virustotal results 42.62%Heodo
2020-09-22REP_HKQ_090120_RLJ_092220.docdoc 49a1ffaa1b08021d92dd0139fad4b585e8b601c2ca7c74eca69ea9f3ff06ad79Virustotal results 40.00%Heodo
2020-09-22BAL_NRC_090120_VXM_092220.docdoc 3329e54a271ff895664104546d9af52c00ce1284be48322d3ebf1cc34db74169Virustotal results 39.34%Heodo
2020-09-22DOC_PO_09222020EX.docdoc 9607e3321e8b588ead936b5c46607981cf642a9a5abc9a7d1d0f7474dea3b6faVirustotal results 37.70%Heodo
2020-09-22MZR_090120_QGS_092220.docdoc 565c24c4b23f316d85d82e81ec9243b6f2246974aa3939cf69a305d71c14a1ceVirustotal results 35.00%Heodo
2020-09-22PO_09222020EX.docdoc 1641648fe63168cf2ed5116f47b0afc9684ef697c8f7506f952bdc909f915bd3Virustotal results 32.79%Heodo
2020-09-22BD_CW2424591996UO.docdoc 3ed5e00e046ce19a840746219ff3efcd6fcc4ddd0b608e51203398bfe2360da2n/aHeodo
2020-09-22WT2400181220BO.docdoc d9f03fa12161b634159a69d97eaf66f6e621ecf8cea896527a14510f0c7e4ad4Virustotal results 33.33%Heodo
2020-09-22REP_RGT_090120_DHN_092220.docdoc bd38c9ebc5f59c75025f18cb277410b634a0bb913fd8258f370c98984b724adan/aHeodo
2020-09-22INV_7241840578742.docdoc b47a1743a01e5885f50abb8a2bb9ad539a52c6b38e1fe97ace7c7165c384a523Virustotal results 34.43%Heodo
2020-09-22DOC_ER2660700924TD.docdoc 6696d2b4bda784271bb22b8bf2ee6db7547f366940a5bba7444ec265cbc1b0e1Virustotal results 31.67%Heodo
2020-09-22BAL_AR8LTIW5XL.docdoc ed6598e7e6d37524439397ed78a735fe41117f47c0964cba780b5800d4eb5146n/aHeodo
2020-09-22CEHC_24289093.docdoc 0489a6b94e2c6206bd2730cc32c8f873d1ac1af2ad02bdb69a77a8078460741cVirustotal results 32.20%Heodo
2020-09-22PO_09222020EX.docdoc 1f334e20b45cf7543e44000e09943a75200b0ede54423ea0d4b7b263f721fc3cVirustotal results 31.15%Heodo
2020-09-21REP_287415641287690405465183.docdoc 602746041c972299de2505980a9346450f01f8a0818a85acc682f66491a1d8a0Virustotal results 31.15%Heodo
2020-09-21U_MTN_090120_MPP_092220.docdoc a09dd0e095d93b68eb0713e31e92eb9caee82983e99ddccdb71177216cc52f30Virustotal results 28.81%Heodo
2020-09-21FILE_PO_09222020EX.docdoc 0b406d237fa37888f1acd0ffc4b59577ffd5e45b792a835c2141483e2206ce9cVirustotal results 30.51%Heodo
2020-09-21INV_240483320128461455647198.docdoc 3366930cc13338eb0661795bbde1d36e686105df071793c4080d1483b27d2d84Virustotal results 29.31%Heodo
2020-09-21FILE_RI8468465276AM.docdoc 5bb3e05266ae1854d7bd5732eface0a2f45a896e99c1d0ae15f6e70423b2a2d1Virustotal results 32.20% Heodo
2020-09-21DOC_16012645.docdoc 453c3ac3a5da64e336f00f48a7e77a64a0d1a69b2bb227fe318abd0e873501abVirustotal results 31.15%Heodo
2020-09-21BAL_V5TTCKXI.docdoc 1ee23bc9e2a3807499d0fd736a4503235cc2d46e14429f19ff423fb2095bc38bVirustotal results 30.00%Heodo
2020-09-21MSX1KOO.docdoc 9f3a5491d61d0e1c05f436639b20d24b38465f96aecdda836f9fe292d1af0b34Virustotal results 30.00% Heodo
2020-09-21N_52283995.docdoc 778a7dec2a3a0d2021406e3186ff559dea78e4a07678dbf5619e3cd6d7d8217dn/a Heodo
2020-09-21F_11017713.docdoc 292a48621b6f7863d1a7d04f25cd2c6ddbcbf5abac1282941d3ba20ae076b776Virustotal results 27.87%Heodo
2020-09-21JX_4209303130500.docdoc 975dc69d842139da08be3809afd9ac58e5602992470fa173c085c3a6f8fac214n/a Heodo
2020-09-21X_59463598.docdoc de5a99df71dcf0a0f4f26778402621776b679e781c84b9da01211d651d7693abVirustotal results 29.51% Heodo
2020-09-21YS0498352035XG.docdoc 0375b4835fb4def35254dd37af3b71c8c92dbafb8af44ccf8f7ff85e3751ffb7Virustotal results 29.51% Heodo
2020-09-21A_NWHCE2CQ0C1HRJ5E.docdoc 9ab90c1d6e1536e7095428f0775e5f86f67f20ed84d0b5046a00327db43115beVirustotal results 26.67% Heodo
2020-09-21R_PO_09212020EX.docdoc 4a56cc36977e419b49db6fa5eb0d8b67e62501dbb620c4f9abb24d6debf03ac1n/a Heodo
2020-09-21Z_049876036179522904341443.docdoc f87c10d05f454254da53ad0717ce0f42871dd7293e1b24157355fc0544ac8926Virustotal results 24.56%Heodo
2020-09-21S_PO_09212020EX.docdoc 440034152cddc398fca416b327b6ae5ec04f6bcf5838e8ad698b247faf5d0c1aVirustotal results 27.59% Heodo
2020-09-21DOC_BMT_090120_HYS_092120.docdoc b446e1f7810a4bbd7e7b28125c2226d9998a12086945c37647e3a43db0a5ca65n/a Heodo