URLhaus Database

You are currently viewing the URLhaus database entry for https://x4fire.com/blogs/esp/vu9r6qq23764271tsp86uzd8492tr0/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:590089
URL: https://x4fire.com/blogs/esp/vu9r6qq23764271tsp86uzd8492tr0/
URL Status:Offline
Host: x4fire.com
Date added:2020-09-21 21:19:37 UTC
Last online:2020-09-22 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 21:20:23 UTC to abuse{at}infortelecom[dot]es)
Takedown time:20 hours, 11 minutes Good (down since 2020-09-22 17:31:44 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-22FILE_41838019.docdoc 23a32424f52a62dd54142258c844bd16a2589596c63976a06ce5df12e618d6d3Virustotal results 25.00%Heodo
2020-09-2266521855.docdoc 50938c1e8bcfd60435f294949bf3b07533f8b5ccf1cf92d08a77f4a222037092Virustotal results 46.77%Heodo
2020-09-2207503171.docdoc 16e58be61afe2d7b3d8b921e05f4e72ff5bd396480f6b904a915cabbd7985044Virustotal results 22.95%Heodo
2020-09-22BAL_IN3799657024BK.docdoc cfeb069142139e0b921f997e260a209c55d2c354c4f53a942d195ae1bcbbc69dVirustotal results 23.73%Heodo
2020-09-22FILE_05490408.docdoc a714039155100cefcde16b35ce58326190b758e5cb309369d07650f56ea89a13Virustotal results 23.33%Heodo
2020-09-224212426741429166945603.docdoc 651691dcf8a659de6cc317f73356040f9fe108f7afcfcf13f037cb8ca348f061Virustotal results 25.86%Heodo
2020-09-22FILE_HV1M0B4G7A.docdoc 5c67a313b984dab65ca85a5fbc4fafa12240ffeb66fd25b980a691a56d98b1f2Virustotal results 37.10%Heodo
2020-09-22REP_PO_09222020EX.docdoc 5198b4873ceb26dded6feda7695b385661ccba5f67da958a973af8f970480857Virustotal results 22.95%Heodo
2020-09-22A_YV2353445972CT.docdoc 06cd9d2fa67f536c1ab12dd95c98d8e8f8a5066fc945a0a4f16591658ea49383Virustotal results 25.42%Heodo
2020-09-22NQX_090120_GTH_092220.docdoc 818b06749e98293ab2cd52b9c405ada1373ce68de595d2087cf854cb74e15632Virustotal results 32.26%Heodo
2020-09-22BAL_7544824261299303.docdoc 013f49af6f7f5e1e34116aa22e1bc2ba4babbb2c0b0f97bf4da287ce88b16a16Virustotal results 51.67%Heodo
2020-09-22INV_97956815.docdoc 533065377a65412c45ed0c0492f8dd3470f7a6cbe80e8c60ce3745bbb72f4061Virustotal results 50.82%Heodo
2020-09-22INV_PO_09222020EX.docdoc 5cc7d1e73511b36eb3ae34e14a8a6eb95e201da4e57a4c7cbb02f475bfe521e0n/aHeodo
2020-09-22219998151522552.docdoc 5afc0cb3678f76158e4a1f13c92dc70d4f35a711631f63ba0ebbac906b39256aVirustotal results 50.82%Heodo
2020-09-22INV_923078337667528.docdoc 4fd47f6362c18cb84870b1ec539061b4151310f6ff481c6da680eee64f41a4c5n/aHeodo
2020-09-22ZLW_GZ2817499224WJ.docdoc 93a7db3b30b3932ef64df2df75da8cfee86d8012a58ac1636487956edb74cefcVirustotal results 49.18%Heodo
2020-09-2270214264478847371.docdoc 2a015f2abc55dcffd1ce46798d54c98d3c4f5b2aaed71c349a21e7a0abc3a792Virustotal results 50.82%Heodo
2020-09-22O_5215421114029642.docdoc 7fed177a6d039f59eb4c6332a8a46818b463e43f6267f271dd4f9b9807eb8844n/aHeodo
2020-09-22FILE_17731836375177365903808.docdoc db850ad7899f9d7b77e6a749543643030596ff548f4ebc57d463cac0a52a6ef3Virustotal results 49.15%Heodo
2020-09-22DOC_P8YLEYVG.docdoc f7d185bc2085e44ced3ed36baa71b29f5a9264496d2a184762afbe0469d50448Virustotal results 49.18%Heodo
2020-09-222JIGZ099W.docdoc e9fd5fc869a22a5f9b22333cbe9745985826875b2f62983c8e0964531dd9cd7fVirustotal results 50.00%Heodo
2020-09-22O_JRVCVYKL9M552.docdoc 51ae65c1bfb9227a2a69b19041097b6323131a87f452e961d28d112302ec7203Virustotal results 50.00%Heodo
2020-09-22BAL_1780500121387811947004.docdoc 2009f9056e90d2564b967fa225b898cbbdb0cd957efec3b1211b18925d410695Virustotal results 49.15%Heodo
2020-09-22W_PO_09222020EX.docdoc 82ee0aaf1860f296d29b1bc6ee17d5a1dece0f0e62ad7a8c10e436a4f0e8cb26n/aHeodo
2020-09-22MW8082284233HW.docdoc 8d49090e5ad1ca487645e8dad8b6e90d267b4a7f5d4cdf4d9c4441d969f088caVirustotal results 45.76%Heodo
2020-09-22H_KSJ_090120_OBU_092220.docdoc f129b606d5d067271568f8e80b03f9cf21754b288f67e302ffaba3aa3d679d3cn/aHeodo
2020-09-22FILE_PO_09222020EX.docdoc fe1fbbade251f94508504fe8861a87b7c721755f8116854ec1497d79a8a84dc5Virustotal results 44.07%Heodo
2020-09-22INV_PO_09222020EX.docdoc 49a1ffaa1b08021d92dd0139fad4b585e8b601c2ca7c74eca69ea9f3ff06ad79Virustotal results 40.00%Heodo
2020-09-22FILE_PO_09222020EX.docdoc f574d141e50f5f004b6d5b2932ce746ef012404c5bf46933947ad0ce3b397665Virustotal results 40.98%Heodo
2020-09-22BYVI3E8FV.docdoc 9607e3321e8b588ead936b5c46607981cf642a9a5abc9a7d1d0f7474dea3b6faVirustotal results 37.70%Heodo
2020-09-22DOC_95406719.docdoc 1641648fe63168cf2ed5116f47b0afc9684ef697c8f7506f952bdc909f915bd3Virustotal results 32.79%Heodo
2020-09-22TZY35DKB7MRZ.docdoc 3ed5e00e046ce19a840746219ff3efcd6fcc4ddd0b608e51203398bfe2360da2n/aHeodo
2020-09-22BAL_GJ4676262366NJ.docdoc d9f03fa12161b634159a69d97eaf66f6e621ecf8cea896527a14510f0c7e4ad4Virustotal results 33.33%Heodo
2020-09-22BF8060140723OL.docdoc d1083829516cf0b07a7ebf52d747d76ab73da99f9cb042d583f241687917a433Virustotal results 33.33%Heodo
2020-09-22BAL_PO_09222020EX.docdoc b9ae26c8fc56943d82223a7d3c26671f4247a42d3d56fc25a455217cb84674b7Virustotal results 32.79%Heodo
2020-09-22BAL_PO_09222020EX.docdoc 23184d215b3db4bb670b2c1e70e1b7f81760cdec7e35b8a0a90cebc4a6797eccVirustotal results 31.67%Heodo
2020-09-22INV_PO_09222020EX.docdoc ed6598e7e6d37524439397ed78a735fe41117f47c0964cba780b5800d4eb5146n/aHeodo
2020-09-22BAL_077474743940.docdoc e524098185428b7b654e227e927a95c9c89d92f8c735079341529233b7f5ebe9Virustotal results 31.67%Heodo
2020-09-22MK2958922012TE.docdoc ce04dad796a1819d846a6a981c97426c43b0943deed734991bc6780eb54ba074Virustotal results 30.00%Heodo
2020-09-21L_XEK_090120_NZO_092220.docdoc 0ecb8f0ac3c2c27f213dff3752b70d6832343dd6e1ef7e95e066e0446ef384f8Virustotal results 31.15%Heodo
2020-09-2195753845.docdoc 3366930cc13338eb0661795bbde1d36e686105df071793c4080d1483b27d2d84Virustotal results 29.31%Heodo
2020-09-21REP_SHGEZ5C.docdoc 1c32c9f78e41111a64f8b70991f12d32e3baaf7def1f2ec157245644d8e4ddf3n/a Heodo
2020-09-21CK_11669041.docdoc 5bb3e05266ae1854d7bd5732eface0a2f45a896e99c1d0ae15f6e70423b2a2d1Virustotal results 32.20% Heodo
2020-09-21FILE_KHE_090120_BNU_092220.docdoc 539412deaa4405005d8f402fe43a5cffb4c1163e751e9cea52651a6a0f924086Virustotal results 31.15%Heodo
2020-09-21FILE_FGS_090120_FJT_092220.docdoc 1ee23bc9e2a3807499d0fd736a4503235cc2d46e14429f19ff423fb2095bc38bVirustotal results 30.00%Heodo
2020-09-21BJDYRP6OHFGE.docdoc 9f3a5491d61d0e1c05f436639b20d24b38465f96aecdda836f9fe292d1af0b34Virustotal results 31.15% Heodo
2020-09-21INV_75C0ZK6VO5AYMPSN.docdoc 778a7dec2a3a0d2021406e3186ff559dea78e4a07678dbf5619e3cd6d7d8217dn/a Heodo