URLhaus Database

You are currently viewing the URLhaus database entry for http://megalighthotel.com/c9tf/Reporting/7quko4w/48nq901592667146945knvqa9hg12ico/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:597799
URL: http://megalighthotel.com/c9tf/Reporting/7quko4w/48nq901592667146945knvqa9hg12ico/
URL Status:Offline
Host: megalighthotel.com
Date added:2020-09-22 15:04:10 UTC
Last online:2020-09-25 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-22 15:06:11 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:2 days, 22 hours, 55 minutes Poor (down since 2020-09-25 14:01:17 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-2461759741.docdoc 77a72a7f45a2e516a520ecb15d79adaa7213cb9778309de61bc9dd2a8a2e5891Virustotal results 21.31%Heodo
2020-09-24L_3X8NBRORX58U0HGT.docdoc f2621313b9111b762e3fdf55bb9e64523d3a6ee50a09b193cc339ab22a42cecfn/aHeodo
2020-09-24REP_PO_09242020EX.docdoc d0ef85eed2f1afb6cfdbb09ccad7eb677bb731e080ebd4975734a2e996f08581Virustotal results 38.71%Heodo
2020-09-24C_Y3P3I8VIM.docdoc 4e227495a216d86b2e51164a32e9ec057c53cc5e829107af1aeb4ee9764bbdccVirustotal results 36.07%Heodo
2020-09-2490942774.docdoc 353903d7b90942b9e45059e7a1ea56eea91c412f5cf0864982870f55f9e61e98n/aHeodo
2020-09-24BAL_XJH_090120_VTT_092420.docdoc c157afe5eb9208b3fe20c864292c3f7a3c1eb02486f1a6b31fd8ef0349a9f3faVirustotal results 36.67%Heodo
2020-09-2467120579.docdoc 7aed739ebb48064d94fa17f51816a7d3f4414ec8d578a6bde0830e844055e971n/aHeodo
2020-09-24FILE_28252249.docdoc 505eba500eb177462772c3c20029c6a8da6ebae013e23593e8647b31eca13dedVirustotal results 37.70%Heodo
2020-09-24LKU_090120_YWQ_092420.docdoc 79a7d433152a96d54a0687fd65dae6aab97a6af26dd206692bf88636977729a1Virustotal results 35.48%Heodo
2020-09-24BAL_PO_09242020EX.docdoc 7f480dae416960104d9733a280be27c1a6381c1a310cb1f7b7b4acb7aa83fcdbVirustotal results 36.07%Heodo
2020-09-24UBS_OMU_090120_ZDW_092420.docdoc a5be49695d9d336e787b37a7a4955307a263c426f7cae3cecdd69d2bfe026585Virustotal results 32.26%Heodo
2020-09-24PO_09242020EX.docdoc 0185c23ef468c062bc446ffc87e7af495c49e991d0a24c67634d8f0cd3d8bf8bVirustotal results 32.08%Heodo
2020-09-24DOC_25369577.docdoc 9ca8f66ca174af2d6d9944b2cfda4685bd8710217610c24b6332ae5436c52405Virustotal results 30.00%Heodo
2020-09-24PO_09242020EX.docdoc a6bdea3758ccb519e3736628a467290a74b47562f8a489e89346642276c9f177n/aHeodo
2020-09-24INV_CK4770486807YT.docdoc 1cc5edeae07046d2a02914d85adea7d129c619124b76e405e99f63acb512503cVirustotal results 29.03%Heodo
2020-09-24DOC_NZ3D9ZXYEAJTE6Z.docdoc 097a3af6719d48a0d83d9c75a6e8edc0d4cbbfd508488a6bc28c27fd21b3e7d3Virustotal results 28.33%Heodo
2020-09-23REP_PO_09242020EX.docdoc d74a0a2af76d37b9621074bc15dee942c972ea0fe761110f8767c1b836dec555Virustotal results 29.03%Heodo
2020-09-23PO_09242020EX.docdoc 904d90bfbc81471348f882ff514202163724e2e016e942a659e5e7cacfe5c9fen/aHeodo
2020-09-23BAL_XCA_090120_ZNU_092420.docdoc 13b44fe04aec7fdc7dce67de3a987317ad25ab9301110382847ca08bd645f2beVirustotal results 28.33%Heodo
2020-09-2383PMHEZ.docdoc 76435bca763f869f80daabd795435e20bd52e2cff25a5594ccc20c8be946a2e8Virustotal results 37.10%Heodo
2020-09-23XM2067454270NX.docdoc 15d9c4a8449193c0406c1005887328daa93d847ea063f9097f0eee39bc404df0Virustotal results 37.10%Heodo
2020-09-23BAL_PO_09242020EX.docdoc eabfce0e3ace401756754cf86b0f1b5f1057f2a9466eb1b74c4bb1cc0c134d71n/aHeodo
2020-09-23INV_PO_09242020EX.docdoc 0bab9cd9401d43739be303f2f040aa4559bdcfce229754a8c6f2758d3046b54cVirustotal results 35.48%Heodo
2020-09-23CZ4FUDVM0.docdoc 887fa6a834121789518a2119d59559b212de2d235e454fd67d1e000e8ee7df1dVirustotal results 32.79%Heodo
2020-09-23FILE_07534688.docdoc b2f9a597db846fff8f8fed8d950d0b3be1f06ba1dfe8add6aef001f6d469acfaVirustotal results 34.43%Heodo
2020-09-2303426195.docdoc c987b077ae0b47cf29fddf96a9339df37f08fc068fc536cd8728d5e75c827ecaVirustotal results 33.87%Heodo
2020-09-2390194477.docdoc 275e74c921d4676893e049215cd0a40ade4ca28564af84272af361f86f62283aVirustotal results 33.87%Heodo
2020-09-23J_UF3762492473JZ.docdoc 18aabb0ff9adb2600243c3be590c57bcbeada6451b8ab0d190c1756430730e2fVirustotal results 33.87%Heodo
2020-09-23BAL_YRZ_090120_EJP_092320.docdoc 22aa434e3a4d0f635bf148f1f870c5a5a3847bcf2517470e76299e86dd047320n/aHeodo
2020-09-23DOC_58438088.docdoc 4b0e29a0d673d560b6df4e53351b808d2e1fc353ccf87d6488ab1a387056212eVirustotal results 37.70%Heodo
2020-09-23BAL_61890834.docdoc f904f6ea55a2ffa9e89e1a8f27bb59581c275bf9e914d4a7047fc65c9a7c6895n/aHeodo
2020-09-2306632350736302658.docdoc 8e5061f5e4e9ccedd7ff53ed54e71fd8aa5b7f0233554264714dd85d6554dd49Virustotal results 36.07%Heodo
2020-09-23PJ_768381436556.docdoc b4d30637f602e11b142982fa161a7f10f1f9f2c0dc53c4b92c0a3b2d4cc51974Virustotal results 32.26%Heodo
2020-09-23QGZV_PHD_090120_YPQ_092320.docdoc 48fb9960d4880303b9ac71ab8d6d52f5853ad6b0520aa8a6ebc470ddcbd3085fn/aHeodo
2020-09-23FILE_13758026899754.docdoc d3cf2b43d2a246e276c8ca88790a65e01e230e8c8c39127d094f43247e2f0175Virustotal results 33.87%Heodo
2020-09-23NETV_08958179.docdoc 8f58229ee88c03984d543e38f3a6c941ade770afd39c50199efb29993357db30Virustotal results 33.87%Heodo
2020-09-2311425874.docdoc 8e12da0d14bfcd77133c21065f6b32fd171fdf8ca5f94b6c2aa11d1c0d3f30dfVirustotal results 22.03%Heodo
2020-09-23UY_PO_09232020EX.docdoc da4ac5f39651115952df54281588b4d3c682fd42b1b6a7a98a06f369d7177ed2Virustotal results 32.79%Heodo
2020-09-23PO_09232020EX.docdoc 33debf417ff359cd96e0bb0884610933181957da9e965e52c2f02a2c698ac306n/aHeodo
2020-09-23BAL_89024896.docdoc 0d15d81842c24d36b2e24fc1f2d8eeca0cb46f6afaa26190d26a0fce7480a855Virustotal results 33.87%Heodo
2020-09-23REP_HSW_090120_ZXV_092320.docdoc a877dd61b25805e938555868388a8543768fb01e9c45ae6072c261f61264d466Virustotal results 34.43%Heodo
2020-09-23DOC_791258816112.docdoc 93fddf6220e95dc443df2a8bea1bd77d75a502ca3d7ba4428a6f7eccdf3c659eVirustotal results 35.48%Heodo
2020-09-23Z_PO_09232020EX.docdoc 50c9d530111fe31904255db5abdbabd939542a19af71c656dcdfd44c9fe2b4b0Virustotal results 36.07%Heodo
2020-09-23FILE_QZ7797775638ME.docdoc ddf9cd73acc0f44cf4ae5e63e11779ce316031dced2882ea971ecc4a99a37b80n/aHeodo
2020-09-23DOC_493486254.docdoc 5a6efe389fc1530d950fe7f4032d8f0c585eb3c4ccd412e20bcae526b12691b6Virustotal results 36.07%Heodo
2020-09-23SY_PO_09232020EX.docdoc 710beefc4939b7fe4e0362f66fd592fc87a04fff8aacf8424eb0bd4858115fb6Virustotal results 34.43%Heodo
2020-09-23REP_OTQ_090120_NCR_092320.docdoc 5f0d373b1aefd0bf4a4b8942b87a71025cb90011a5633caf9258d975e90edfc3Virustotal results 35.48%Heodo
2020-09-23INV_79162838.docdoc 69c8a52193abe2bc88f50c8148f109627cb56b3dae0b2a0ab1ed528d5b4cd559n/aHeodo
2020-09-23DOC_CMS_090120_EWR_092320.docdoc c118e4b8dce9cf6e593a4ce06e9352d91200eefd7d939af1e1fb8891671620fcn/aHeodo
2020-09-23BAL_PO_09232020EX.docdoc 6d73594fd12ced84821a81b0917e31c3e1f2881c0cb5168fbab81aab82e12eebVirustotal results 30.65%Heodo
2020-09-23PO_09232020EX.docdoc 33a6f42c04954c40c73042c64938ba9035f2881570d0797c83ce59c19b50d767Virustotal results 37.10%Heodo
2020-09-23PO_09232020EX.docdoc 660f78796bad236818c239f650cb2139c4b079a2f0f5dfd4d0bc59eed2b85035n/aHeodo
2020-09-23FILE_GAD_090120_OSR_092320.docdoc 93fb00cace65d90b02ab79f949887b3eaa5b0a0bca1e4a9d7c20576f8ad18deeVirustotal results 33.87%Heodo
2020-09-239353400614938418915.docdoc e757a53e573f1584dd56ed851acc303473be8922e8f879bd1dd8f9b8dbec4eadVirustotal results 31.15%Heodo
2020-09-23Y_AFS_090120_OYV_092320.docdoc 23bc63af094f80c54cfecb85f86f0b2f1975ae55f29d9d66ea61d6612c36a567Virustotal results 37.10%Heodo
2020-09-23FILE_AI9IG6VV4HG.docdoc b84c54a1704a22ceac88f79804b5a23b2a64547cadf21d76291d01f84b0e77d6Virustotal results 31.15%Heodo
2020-09-2355975194.docdoc 96d1563a935b2b69580ef4ad19410bdb741917fc4d0aa8855e4eba258db0645fVirustotal results 27.87%Heodo
2020-09-23N_03968655.docdoc 052552b8940e682ef01c6161f4b074cbcb5dcf412f62b64eafda4e3b304368ccVirustotal results 27.42%Heodo
2020-09-23PO_09232020EX.docdoc 1c64de03ffee1b612358e9f45424fa90efb35ee3f384839c5d48f8932bdb23a9Virustotal results 31.15%Heodo
2020-09-23Y_PO_09232020EX.docdoc 98f1a8a99449cb92a1d946e110ba5decc069079ddd01fe5ded4bc075313f3bd6Virustotal results 30.65%Heodo
2020-09-23W_OYT_090120_TQL_092320.docdoc 04648ce7223361494ad5620c674be88a869710007f672d05721b77af59be70fdVirustotal results 30.65% Heodo
2020-09-23Q_PO_09232020EX.docdoc 526a3a875236eb66c2fa9894594c30025d794c8ecbe0dde1fd873dedfab79497Virustotal results 26.23%Heodo
2020-09-22DOC_599374006008.docdoc af31068680a432b4d1d2164488f6353795fbb745479373bbafc6a60e9cf25169Virustotal results 30.65%Heodo
2020-09-22M_PO_09232020EX.docdoc cc43bfd0ea39a3afc6283e4734d480bf62fbbb227016a5cb42d288a8f5f3c956Virustotal results 27.42%Heodo
2020-09-22DOC_42785513.docdoc eec6b346639f5aa9208c2fbc57161a281b1f72b3902a41ffdfe3a3a5b1ae3a3aVirustotal results 30.65%Heodo
2020-09-22Z_4571936733.docdoc 096e7d0d8016a7efe13a6bcfe45e2b78d115eb681a6f855b639a9ca3c8db22c4n/aHeodo
2020-09-22REP_63515553.docdoc 10fe3df8f6540696c8eaf649bc752e30d5533b0203869ec0839cf045227620baVirustotal results 27.87%Heodo
2020-09-2298A7FI8LKVOCBY6.docdoc 07e10c57641a11b12fa27dd4b62a01b1f1db583eb0f33e25154c1e495d45066en/aHeodo
2020-09-22BAL_276555696963802921.docdoc 8545f8aee7ed198b20effca9952996d49c5b91811a6dc47bdda10aa92e633938Virustotal results 28.33%Heodo
2020-09-22PO_09222020EX.docdoc b9230204a6b5bb648c78437d34a9350a40aa179243813ecef19402cd1f319b96n/aHeodo
2020-09-22DOC_92801467.docdoc f8f2dc63225fa38d16de547469f9c418f3093385a270836e7431aad8bf52eebfVirustotal results 27.42%Heodo
2020-09-22DOC_ZME_090120_TRV_092220.docdoc fa7f4b3fa89ce1e3cf1f45674f36346e729aced2de513c5a058f935c65b3cffcVirustotal results 28.33%Heodo
2020-09-22B_LB7331095687MT.docdoc 65da347c17ea74a9ddd129c6a7d05a42b72f4d4588b3d53e70ce9e96a118cd69Virustotal results 27.42%Heodo
2020-09-22KN_YS6443046722XO.docdoc c288a47cc4303a39755120a6450d469a858b7bb662f27fddf022bb2fad4553efn/aHeodo
2020-09-22PO_09222020EX.docdoc 02503f6546f32015f98eb839efb8b3d86d56b8ab5de5a30b5d6e99b4bd41802dVirustotal results 48.39%Heodo
2020-09-22CE4816943247IZ.docdoc 9a6b203c12f1d1c246e01f1027af5b250945a7be48670d3a36e23638e53b44a7Virustotal results 32.26%Heodo
2020-09-22SRK_090120_RCF_092220.docdoc d75a00b374e19973a894a4dba2d79f146e8f3745a82478ec933f2fd58471786fVirustotal results 46.77%Heodo
2020-09-22DOC_PO_09222020EX.docdoc 944e1d93b3a20dd3f16bcb0a36fafcfb833c3a86dccd514d812e830a9a78c6d5Virustotal results 26.23%Heodo
2020-09-22REP_47163848440865823.docdoc 2bf3d0be0ec0aaaf33db1bbe5cd306e4f922dc550013d001e834f25ad4897e2cVirustotal results 28.33%Heodo
2020-09-22BAL_YJ2WBA1WPH5218.docdoc 280a1aaaebe209d8b8f7a652fd2f9f9efbbb3a6731328ee3d5da4caff1bfb02aVirustotal results 23.33%Heodo
2020-09-22FILE_YDUOXN1OPQ.docdoc 50938c1e8bcfd60435f294949bf3b07533f8b5ccf1cf92d08a77f4a222037092Virustotal results 46.77%Heodo
2020-09-22K_PO_09222020EX.docdoc f8268201b25212a26e7e88ac111369a98dc7773599dec9742198ad00e0bbd2fcVirustotal results 23.73%Heodo
2020-09-22INV_PO_09222020EX.docdoc fd679813e3de5262b5b1bb4e046e63a87edeb9c7251d50613f7093bfc93d4989Virustotal results 24.19%Heodo
2020-09-22DOC_SUA_090120_PHX_092220.docdoc ed99c9abc8576f9e4b692791c175a4ecc473f7d0ef399133d6bf21bf533a2e1aVirustotal results 46.77%Heodo