URLhaus Database

You are currently viewing the URLhaus database entry for http://globallogistictrans.com/wp-includes/Documentation/1euygyb7j3r/t479009581661420480205qh16faw75b/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:607596
URL: http://globallogistictrans.com/wp-includes/Documentation/1euygyb7j3r/t479009581661420480205qh16faw75b/
URL Status:Offline
Host: globallogistictrans.com
Date added:2020-09-23 22:57:06 UTC
Last online:2020-10-23 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-23 22:58:22 UTC to admin{at}frantech[dot]ca,fdias{at}frantech[dot]ca)
Takedown time:29 days, 22 hours, 23 minutes Bad (down since 2020-10-23 21:21:48 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-26REP_PO_09262020EX.docdoc 8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2Virustotal results 55.74%Heodo
2020-09-24DOC_189JAZSW2NTH952I.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 33.87%Heodo
2020-09-24BAL_PO_09242020EX.docdoc c84034e8688e0d58d35845c4ad72561fdedd79c6ec344ec1dc7ed759a126a7fdVirustotal results 31.15%Heodo
2020-09-2460572869.docdoc 14d3028b892573f0d8b812deb455b13424beb8580cd1d928cabdbe4c613a7e22Virustotal results 30.65%Heodo
2020-09-24DOC_6025247748120345276.docdoc da886aa9c4cf9af28406c6c6b2bd1a84fdca0dd1861259185aba9da512264acfn/aHeodo
2020-09-24BAL_OP0143039074KL.docdoc 2e3f0cba76c76de6beb1d7782576c1913d7a5ec9e471a36bac04827d26b0185dVirustotal results 31.67%Heodo
2020-09-24IS_OY7528752321BX.docdoc f97b2fe462e15ffbe47937e6d6ad815595fdb180d137a7ddd92f9f41e5a6b5eaVirustotal results 27.42%Heodo
2020-09-24BAL_PO_09242020EX.docdoc 673b66564bc293cc5e89a33f4b16692f12071b7984f57342f1e011ddd5cc96d0n/aHeodo
2020-09-24S_PO_09242020EX.docdoc 5c7bfd1823b37a4f48ff0166d60e88e0be88ae562cf87c6bf393597da4fd835bVirustotal results 27.42%Heodo
2020-09-24BAL_PO_09242020EX.docdoc 9af648ba32609c02e0e93baacc5f17d031d6adb0dc7c238c2720052dd10ce586n/aHeodo
2020-09-24INV_WBVIU6Y4R.docdoc b917f18fc68c1232bfae7c7930a329fb6758d94bfef9604d75586b41733d2426n/aHeodo
2020-09-242658922447543485.docdoc 740ea2b635d60e6415d33b3efebb49934d260bae03b4e879ca4b78855680b019Virustotal results 22.58%Heodo
2020-09-24PO_09242020EX.docdoc e5b9b4889b3cad8f0920a0d4153cab5517ce077683139476f36bc1bf91652725Virustotal results 21.31%Heodo
2020-09-24Y_PO_09242020EX.docdoc 3f772c90ffb4a3f86c025607102abfb70ce728d1070671319642e1ce5dacccb3Virustotal results 20.97%Heodo
2020-09-24REP_M389Z1QA.docdoc b0c9e63cd039da312aea84e7c632e4faab8fa1bf3b6d8382f6fd898635c39941Virustotal results 22.58%Heodo
2020-09-24HG_0158838153722332.docdoc 69ff6eb0a71090b17e21b2829b6108b2eebf8bd12b92fe587ce103a4c5cc0f3dVirustotal results 21.31%Heodo
2020-09-24REP_446281967888.docdoc e29c7182354a985eaf81940489c20229a695c30d38a91d01c8581955e5b1e455n/aHeodo
2020-09-24DOC_NSP_090120_RSH_092420.docdoc 8b209e2d294b8c5b50bd83d9fd9184268ce21313f7d5876d74c7e10f48ac946eVirustotal results 20.97%Heodo
2020-09-24BAL_4987300367634235765336316.docdoc 60443647991cdcd0fb310b965e853672e8c5c83a64629a83d7ee568b23e44296n/aHeodo
2020-09-24DOC_SRL_090120_VLO_092420.docdoc d522d2f16aa3e16dc127e4340ff8bfd23ab4de894995c8dbb75b31bd4b4d73cbn/aHeodo
2020-09-24DOC_BCO_090120_JZO_092420.docdoc a92504d33c04f21f1e8bfc2322f66cf3d45f486ed7ebbf78f3ee270fb0d3e3a2Virustotal results 39.34%Heodo
2020-09-24DOC_BD3611870942DK.docdoc 19cb69cbc19879e5cae4e56b1d702cfcd04c72ebf8a9c795592d509a91e5a2eaVirustotal results 35.48%Heodo
2020-09-24UTL_QAM_090120_XSG_092420.docdoc b86aa2863a808be4474b2ee7285bb8642b67c9706f68b81925ae69c824defd8eVirustotal results 37.10%Heodo
2020-09-24FILE_JZ9915967959YP.docdoc 813c3689cf9fecd602a950034dcd90f060f360f68193e239a02e13ed8587c220Virustotal results 37.70%Heodo
2020-09-2434711041.docdoc 7aed739ebb48064d94fa17f51816a7d3f4414ec8d578a6bde0830e844055e971n/aHeodo
2020-09-24IAZ_PO_09242020EX.docdoc 3b95077a69ba1ee1226face3a5f83a78950357b93815180ebb6b6772cf8212e8Virustotal results 37.70%Heodo
2020-09-24ONL_090120_PZP_092420.docdoc 3e64351afeaa45724ba4e119f792781b8f1e311623e056e6c7f2f27f2ee9cc5an/aHeodo
2020-09-24BAL_98334450.docdoc fba080b64f42891f1ddec30a5a83c9881e8b8dc2e577226eb1575654caddc56fVirustotal results 35.48%Heodo
2020-09-24DOC_IZQTPTMW925PRP.docdoc 55d2d07c2dcaff03658304df8b3b1b80946d30f441ff14743dd2ea7130333746n/aHeodo
2020-09-24F_3OWXXSX4.docdoc a26964e2d826f555642d9dac0e19c5bf685767b5a0cb12d9a83e6d332251b17dVirustotal results 29.03%Heodo
2020-09-24INV_PO_09242020EX.docdoc 9ca8f66ca174af2d6d9944b2cfda4685bd8710217610c24b6332ae5436c52405Virustotal results 30.00%Heodo
2020-09-24DOC_89551659.docdoc dd71f46f9effed338d5abf88b9b02d44434366d833bb55051cdec45c5b090916Virustotal results 29.51%Heodo
2020-09-24FILE_0792150123.docdoc a279b3d82c086e59725b814eb8f6ddde5387efb28b19f197dcb6a82e239f9906n/aHeodo
2020-09-2423942614089407.docdoc b3d57ca8076070443526c2cb24b0a0ec82bdde3df2573290b884425536b600b6n/aHeodo
2020-09-23INV_12016305.docdoc bad24e6bdf40e58be83bdeb717bcb1a09ae986e50f8c51fdc11ff8de777a4482n/aHeodo
2020-09-23DOC_W5I8IAU400I.docdoc 1c5a69e8a8d964a5898cedf16872a9903fcf2ec9f08ce3ecd9510f8d4453c4b9n/aHeodo
2020-09-23BAL_20495456815191565.docdoc 13b44fe04aec7fdc7dce67de3a987317ad25ab9301110382847ca08bd645f2ben/aHeodo