URLhaus Database

You are currently viewing the URLhaus database entry for http://andrademendonca.com.br/cgi-local/ha3k5uj/b1aujbz9138949230527n39g58690jffu6rr5/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:590997
URL: http://andrademendonca.com.br/cgi-local/ha3k5uj/b1aujbz9138949230527n39g58690jffu6rr5/
URL Status:Offline
Host: andrademendonca.com.br
Date added:2020-09-21 23:08:06 UTC
Last online:2020-09-23 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 23:10:05 UTC to abuse{at}ovh[dot]net)
Takedown time:1 day, 14 hours, 31 minutes Poor (down since 2020-09-23 13:41:34 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-23N_IR6018567103XT.docdoc bd69ecf726bce791184672d5e8317729c49e46729a648023c07701eb61a005e5Virustotal results 29.03%Heodo
2020-09-23REP_I96FNLI.docdoc a877dd61b25805e938555868388a8543768fb01e9c45ae6072c261f61264d466Virustotal results 34.43%Heodo
2020-09-23W_DB1354501758WV.docdoc 93fddf6220e95dc443df2a8bea1bd77d75a502ca3d7ba4428a6f7eccdf3c659eVirustotal results 35.48%Heodo
2020-09-23DOC_UE7973644739GR.docdoc 6eefa0014179d081dc54eac6a974dde6c888d89c9cf4a70614edab3682525d6bVirustotal results 35.48%Heodo
2020-09-23DI_13352571.docdoc 27a9009cd17248d4d19b35988974f0e755e69a439f1025ece6b2ffb357087846n/aHeodo
2020-09-23V_KO5935373533OC.docdoc 9ada6e70d1ea3cc0f566130a6c075640478ba1a8c0b42a0dd5e8b0a318ea1009Virustotal results 36.07%Heodo
2020-09-23AATM_PO_09232020EX.docdoc 5f0d373b1aefd0bf4a4b8942b87a71025cb90011a5633caf9258d975e90edfc3Virustotal results 35.48%Heodo
2020-09-23XLI_090120_IRH_092320.docdoc 920ec5e49cd513625409968ac2e4fff374909c666943e0f55771bb56f1ce2020Virustotal results 37.10%Heodo
2020-09-23YJB0R321UV1ZWR.docdoc 567a979b7f1a51639017799b8645535f97627dcdf0a707d8daf974cc776f8ed3Virustotal results 40.32%Heodo
2020-09-23REP_PO_09232020EX.docdoc d883db39359e5a0cf794c3c7892eec5ae89669110839e909876a1b5aa527ddbfVirustotal results 41.94%Heodo
2020-09-23PDO_72315451.docdoc 5cb9f67f8d803e2b5cbdfa3f2be7bb32a7cde2670256be9d0c998626a49ce7f2Virustotal results 37.10%Heodo
2020-09-23SH9852287682LL.docdoc 33a6f42c04954c40c73042c64938ba9035f2881570d0797c83ce59c19b50d767Virustotal results 37.10%Heodo
2020-09-23X_PO_09232020EX.docdoc 93fb00cace65d90b02ab79f949887b3eaa5b0a0bca1e4a9d7c20576f8ad18deeVirustotal results 33.87%Heodo
2020-09-23WOSC_FNR_090120_QCT_092320.docdoc c4ed4d279282ab289d7a00ba9d05f1f31af4a3dafbe02ae91aba6585d55506ceVirustotal results 31.15%Heodo
2020-09-23DOC_38681522.docdoc 096e7d0d8016a7efe13a6bcfe45e2b78d115eb681a6f855b639a9ca3c8db22c4Virustotal results 35.48%Heodo
2020-09-2354205353.docdoc 10fe3df8f6540696c8eaf649bc752e30d5533b0203869ec0839cf045227620baVirustotal results 32.79%Heodo
2020-09-23EC5273811307GW.docdoc be8eff5238b1b4c55eaf6bf5399d71b18bc093dbf2344c41e86f192173e1a5efVirustotal results 33.87%Heodo
2020-09-23UC1573985696TT.docdoc 07e10c57641a11b12fa27dd4b62a01b1f1db583eb0f33e25154c1e495d45066eVirustotal results 27.42%Heodo
2020-09-23FILE_MYL_090120_INB_092320.docdoc a0b12fdc4f5929ad169ba50c79da1722abb70cdb418ce0cac2275aea75431d9dVirustotal results 27.42%Heodo
2020-09-23V_QKY_090120_PQP_092320.docdoc dab27520c5577f059d11bd78d22f8d5cf492cdc0150781ba9b28b5fbacc5c185Virustotal results 27.42%Heodo
2020-09-22O_49756523.docdoc 698748ed65c5d697095b866208160f8b4142e8d3e66a8cf826de1601fb3b080bVirustotal results 29.51%Heodo
2020-09-22INV_547894925754458725709221.docdoc c288a47cc4303a39755120a6450d469a858b7bb662f27fddf022bb2fad4553efVirustotal results 27.42%Heodo
2020-09-22LAV_FJ9771793552SW.docdoc 158dba6d537edd9c1fb56cc2c1307f00634cf5188667321946c2247e02eb6c40Virustotal results 29.03%Heodo
2020-09-22DOC_PO_09232020EX.docdoc a764b97c10642b54bb233b7b21600d0fee72a50715fbf578956ad7ccb2371f8an/aHeodo
2020-09-22BAL_178730143926408416932252.docdoc f81dc1dd571c29424756de4b14efa593fdea619f32694846535c4820c9acf375Virustotal results 31.15%Heodo
2020-09-2266842213.docdoc 8fe10663f36d8403d8c75b3a696a4dd96ded71c95bf3e5d88f34c4dc7ec96835Virustotal results 30.65%Heodo
2020-09-22L_PT6556788079VA.docdoc 1d2f06cbed29c06113fd84cc5a4db4be24346887afa63d85909dd60882a38336Virustotal results 27.42%Heodo
2020-09-22INV_CXP2HZJ1.docdoc 96d1563a935b2b69580ef4ad19410bdb741917fc4d0aa8855e4eba258db0645fVirustotal results 27.87%Heodo
2020-09-22GQ0138434583HR.docdoc 052552b8940e682ef01c6161f4b074cbcb5dcf412f62b64eafda4e3b304368ccVirustotal results 27.87%Heodo
2020-09-22D_8831072915755176152.docdoc f8f2dc63225fa38d16de547469f9c418f3093385a270836e7431aad8bf52eebfVirustotal results 28.81%Heodo
2020-09-22INV_PO_09222020EX.docdoc 04648ce7223361494ad5620c674be88a869710007f672d05721b77af59be70fdVirustotal results 27.87% Heodo
2020-09-22DOC_PO_09222020EX.docdoc fa7f4b3fa89ce1e3cf1f45674f36346e729aced2de513c5a058f935c65b3cffcVirustotal results 28.33%Heodo
2020-09-22FILE_KGR_090120_XOC_092220.docdoc 820f15f2465a43b8c59cb29bb3d528d3312a6ffef820420bb9c3730d2bd98fb6Virustotal results 27.87%Heodo
2020-09-22HB_02981378.docdoc 0c850e85bc3e92d0551863e1ce5cd03c3c3404ceeb7e38aed586706c4134f4a2Virustotal results 27.87%Heodo
2020-09-22DOC_QBO_090120_PVG_092220.docdoc 02503f6546f32015f98eb839efb8b3d86d56b8ab5de5a30b5d6e99b4bd41802dVirustotal results 32.26%Heodo
2020-09-22REP_73709897.docdoc 0de0e21b2d6345de1cea6993fb9a6844eb12ca11686ea8c82a1792e030233557Virustotal results 30.00%Heodo
2020-09-22REP_0441468195047467.docdoc 30784116009d73a1efbb694dfd293b93bb7fe5f5f0ea5a980564d8f38aa7b34fVirustotal results 30.00%Heodo
2020-09-22OMWIB64UJH3UA.docdoc 9a860f13dad297395d16412a3b23e040989d17aba604025f444be4475283b4e6Virustotal results 45.16%Heodo
2020-09-2270732184.docdoc a9eaf02d745472a4b410b1baef20b073bce933c2e1c7a99fb183e33a47a2e622Virustotal results 44.44%Heodo
2020-09-22FILE_2303281988.docdoc 50938c1e8bcfd60435f294949bf3b07533f8b5ccf1cf92d08a77f4a222037092Virustotal results 46.77%Heodo
2020-09-22BAL_34935288.docdoc 49c6a7e2a127501e45460ac7ec05f2fe27de1f100ccfee7d403a5fe2dcab53e0Virustotal results 48.33%Heodo
2020-09-22YIY_090120_END_092220.docdoc cfeb069142139e0b921f997e260a209c55d2c354c4f53a942d195ae1bcbbc69dVirustotal results 23.73%Heodo
2020-09-22INV_PO_09222020EX.docdoc fddae37e61f9678e87dd4088effc157aa1c932c16c7be06fa4539a7eadb4eb26Virustotal results 45.16%Heodo
2020-09-22OUT_78194961.docdoc a714039155100cefcde16b35ce58326190b758e5cb309369d07650f56ea89a13Virustotal results 23.33%Heodo
2020-09-22D_314795336.docdoc 49d748e6ee7deafcab1482e5f85500d1b5ac91640cd12f9a014286b0563e735fVirustotal results 24.14%Heodo
2020-09-22DOC_IIB_090120_JOQ_092220.docdoc ab47f88e27c562d0bf15fec6cd22ec5ffc419cf09f3d877005ae1444da7a40c3Virustotal results 38.71%Heodo
2020-09-2245109121.docdoc 797792c8ca2ca23cfe387d3ba6cc1e6e726d224daadbe4b1e0fb35c9dd900678Virustotal results 23.33%Heodo
2020-09-22PO_09222020EX.docdoc 06cd9d2fa67f536c1ab12dd95c98d8e8f8a5066fc945a0a4f16591658ea49383Virustotal results 25.42%Heodo
2020-09-22MWB_090120_GYI_092220.docdoc 133bd4b316ead52ed9f34a16c1cf897cf69ebf2c69c2bf92b97d1a0a3e7b0515Virustotal results 31.67%Heodo
2020-09-22INV_ZU2LPCIXJZZP69.docdoc 013f49af6f7f5e1e34116aa22e1bc2ba4babbb2c0b0f97bf4da287ce88b16a16Virustotal results 51.67%Heodo
2020-09-22DOC_90895203.docdoc 187546f311db0a23c3136010257a68fffa3ad1e4a64d8ed3d2ebb56f65c14fden/aHeodo
2020-09-22BAL_35794763.docdoc 5afc0cb3678f76158e4a1f13c92dc70d4f35a711631f63ba0ebbac906b39256an/aHeodo
2020-09-22BAL_26244557.docdoc c2ab565abcbffa0a64129a761bc41abe273dd626c4dd8592441e07474a847532n/aHeodo
2020-09-22BD0295550963OA.docdoc 3f2d650de2d819b97ea311db4c2d0b4a35eaa112158d5522454ff8960e664756n/aHeodo
2020-09-22KIO_TMC_090120_GCE_092220.docdoc 926ffcd5c140ef8034bb02d721f27d8fca0608d456ab432803be89c0282501e7Virustotal results 50.82%Heodo
2020-09-22DOC_JV2306243814YS.docdoc a1f38fddcd55d65ac86443b8fa152a4c2ad770fa67b0170b30be1c8c967986d9Virustotal results 49.15%Heodo
2020-09-22RWQ_ARK_090120_NMW_092220.docdoc 4cf44fec1d562df92879e4f30d039d271d3178069c2bf587a080f9f0ed11c097Virustotal results 49.15%Heodo
2020-09-22INV_IBX_090120_FFG_092220.docdoc cb903d512087eb2ec78a575462462a1afc6c5b0645f130576059e0eda0e08958Virustotal results 50.82%Heodo
2020-09-2257046059.docdoc e9fd5fc869a22a5f9b22333cbe9745985826875b2f62983c8e0964531dd9cd7fVirustotal results 52.54%Heodo
2020-09-22BN1071175136YF.docdoc 51ae65c1bfb9227a2a69b19041097b6323131a87f452e961d28d112302ec7203Virustotal results 50.00%Heodo
2020-09-22BAL_25191541.docdoc edec0ce8d1bc871e3003b2603132fcdb8a0951c125d24616afbe96262e26eddfVirustotal results 47.46%Heodo
2020-09-22ICU_090120_OCS_092220.docdoc 6b58f3d639dbfd3f04c2534bac10583c7e2d0ba1e88ef31ebe443fc18f409a76Virustotal results 46.30%Heodo
2020-09-22INV_FPBFXWLHL9.docdoc 8d49090e5ad1ca487645e8dad8b6e90d267b4a7f5d4cdf4d9c4441d969f088caVirustotal results 45.76%Heodo
2020-09-2290538859908032.docdoc fe1fbbade251f94508504fe8861a87b7c721755f8116854ec1497d79a8a84dc5n/aHeodo
2020-09-22FILE_XO6212883223CR.docdoc 2441d3572b85985e60886402e103e4f699b34844f25875813f617c2ac28618daVirustotal results 40.98%Heodo
2020-09-22INV_875666617745636554986652.docdoc 8e8096345532892bc0b1ed5814672ac5c4e4cca7e1e60d8ffe087282d8c2aa6cVirustotal results 38.98%Heodo
2020-09-22OUBX_08594524.docdoc 565c24c4b23f316d85d82e81ec9243b6f2246974aa3939cf69a305d71c14a1cen/aHeodo
2020-09-22REP_7EO40FDU.docdoc 718113e004b811df9d311a7edec1092b2aab2d9173d762022544a74b5ba02657Virustotal results 32.79%Heodo
2020-09-22INV_61424193.docdoc 3ed5e00e046ce19a840746219ff3efcd6fcc4ddd0b608e51203398bfe2360da2Virustotal results 31.67%Heodo
2020-09-22VO1183238520ZQ.docdoc d937aee7869b57f5784a642a274c6c32b57ed26aaf0594e7adbbf3f980c4ff98n/aHeodo
2020-09-22FILE_SX1193714373FN.docdoc 7c15b14e3a1a2b381be48aa601e40dbbbc0b493b584c13314459e7e5ca57a953Virustotal results 31.67%Heodo
2020-09-226884151527.docdoc b47a1743a01e5885f50abb8a2bb9ad539a52c6b38e1fe97ace7c7165c384a523Virustotal results 34.43%Heodo
2020-09-22FILE_21497709.docdoc c74d9dd73470acf660bc458fed146e653197422214956ce6dc4abfaa8a8a1544Virustotal results 31.67%Heodo
2020-09-22BBT_090120_FUE_092220.docdoc ccc41f0194e3ea4cd0460cdb76391a4edf6732e895a600acaeb6099a6796c558n/aHeodo
2020-09-22INV_PW2904605770MT.docdoc 43b978d85da34d8b60a7555d0c1ca67e51817214b70f29e321eacd4c96f35051Virustotal results 31.67%Heodo
2020-09-21REP_PO_09222020EX.docdoc 62f036b925c8b4c5c90b88eaf15e774481a952ac6e1c7596916e10054b82daceVirustotal results 30.00%Heodo
2020-09-21DOC_13753313.docdoc 4b79ba0096d15d6a7c759fdf3e094194707f88072e8aeb0d53979a88db734ae2Virustotal results 30.00%Heodo
2020-09-21INV_UB3572002614AQ.docdoc 3366930cc13338eb0661795bbde1d36e686105df071793c4080d1483b27d2d84Virustotal results 29.31%Heodo