URLhaus Database

You are currently viewing the URLhaus database entry for http://mendozagroup.ca/wp-includes/browse/3fudmxND5hxBr/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:603302
URL: http://mendozagroup.ca/wp-includes/browse/3fudmxND5hxBr/
URL Status:Offline
Host: mendozagroup.ca
Date added:2020-09-23 05:23:07 UTC
Last online:2020-09-23 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-23 05:24:10 UTC to abuse{at}iweb[dot]com)
Takedown time:14 hours, 55 minutes Good (down since 2020-09-23 20:20:05 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-23Mes-NLB45679.docdoc c53d8edf475ff674233e2780b4393eeca0983f983463ca9a6dc2167e67b39526Virustotal results 16.13%Heodo
2020-09-236620B-20200923-92186.docdoc 1c6f1adf025aa22bfccdd948291b2582cf41b886a4fe6a066ba1329cb1e58d55Virustotal results 17.74%Heodo
2020-09-23arc 5271.docdoc 043e784bb77e64b58ffbee762edc43a23422b9400cf0dbfe1287a4074ce64e7an/aHeodo
2020-09-23080-M634818.docdoc 137969b43ff49ee728cf114339900f0418015a763f4fe624336f95db0cf5c450n/aHeodo
2020-09-234765272_433659.docdoc 957944949144aa50332b399c749e9238e7427ba59f416382b329a813ba58317bn/aHeodo
2020-09-23FILE 2020_09_23 JBO773733.docdoc bebee598fd9db0422f7b3c74ae63723523019b6b1151b3b229f6d101b1eb8480n/aHeodo
2020-09-23Attachments 20200923 45791.docdoc f3bff2146ab25f4f0f412c2fd7838a651680ce694b4cbcc5b0137dc5a16bfe8dn/aHeodo
2020-09-23LIST-W024124.docdoc 33d2fd697a8c2c1c25324389d7d7fb90188fbb99fa0b4a662878b7aceae8c6c2n/aHeodo
2020-09-23List Z65695.docdoc 3914db52e0f2cfa1bed3a07be890fa7e9622471366d7e0e681c94c360dab04d0Virustotal results 24.19%Heodo
2020-09-23dat-2020_09_23-HY908537.docdoc cbcf169ef81ebb6ff607f88b8a05590d501c70fe69aac3bf69db17c15587ad87n/aHeodo
2020-09-23File-K99682.docdoc 388f962e7a559e7b2c97684fc711132a9859a847abe8893c649cfe87919a32caVirustotal results 25.81%Heodo
2020-09-23list_2020_09_23_7482.docdoc b3d65a2c55563656ddd7488aca206a0a27fb5feb52e52830aec1988e96ade840Virustotal results 25.81%Heodo
2020-09-23Dat 2020_09_23 6912.docdoc c93e96002e6926d37574ee7c43277336b3e33749eb169c7be0ab4e4ca47bde5eVirustotal results 25.81%Heodo
2020-09-23List_20200923_F12888.docdoc 69082a96641cd37bbe3bde03b8edec5d31d89ef339240f8234a4b025e4323f13Virustotal results 24.19%Heodo
2020-09-23File-889.docdoc d4dff148c130a6e3e0d944a665973ccf262c6cbd24a43f586d4e93e05f9900dcn/aHeodo
2020-09-23FILE 2020_09_23 0592.docdoc b9ca959ac2d459b40232da6b96372a28fb5881cb7b1659cf6547e39fe8c2ad65Virustotal results 26.23%Heodo
2020-09-23LIST_20200923.docdoc 8b325fb501e6ccef51fd001b0841c524018bc29a230fa989db00f3447496b3ben/aHeodo
2020-09-23LDX0567-20200923-A369.docdoc 97ee15aec9942138dbaae6def6b0c9de2c09cda6a79f682badead8d02c3d72c2Virustotal results 19.67%Heodo
2020-09-23ARC-2020_09_23-QW5543.docdoc 0990a5ce9af5ef021c1ff33b8203d94b316af05b9cc835d92d94d50fd19c2bc2n/aHeodo
2020-09-23Dat L420.docdoc bf62cdbe7b5e4207ff3acb0aba88b0180f584c4a1a7d3eb14dc3d66c27fdbe21n/aHeodo
2020-09-23List-20200923-TXH16175.docdoc 81b4ff2f6c57e5858dfad271d4f4f0492f41cc41882f8f2c950b146dbfda51d1n/aHeodo
2020-09-23File 20200923 187.docdoc d077391f811e9aa25621f5140c96860cdda3b56bceaf5245e4d4cbc6a961e6efn/aHeodo
2020-09-23Arc-20200923-0879292.docdoc 0c2f0e779e16a329037da7e3ba3b8c89fe246e93d8bc3beb6de83daf2c4d9e2cn/aHeodo
2020-09-23Dat-2020_09_23-013.docdoc 4f09397b6219cc33b6d317121c35865043663d6bead47a855a9d33820f8f49fbVirustotal results 29.03%Heodo
2020-09-23Arc_N449834.docdoc f45a45fe0b9b279c6941ec5956a271d1e7bf706c54b2a744f1606237721ccbc8Virustotal results 30.00%Heodo