URLhaus Database

You are currently viewing the URLhaus database entry for http://www.gatewaybnps.com/wp-snapshots/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:607601
URL: http://www.gatewaybnps.com/wp-snapshots/swift/
URL Status:Offline
Host: www.gatewaybnps.com
Date added:2020-09-23 22:57:09 UTC
Last online:2020-10-01 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-23 22:58:17 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:7 days, 15 hours, 52 minutes Bad (down since 2020-10-01 14:51:05 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-25PO_09252020EX.docdoc 8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2Virustotal results 57.38%Heodo
2020-09-25REP_TJN_090120_TKS_092520.docdoc eefd694ad7a3c1d10441452c651459410143b5ce0d56e19d39c16c1114105d09Virustotal results 31.15% Heodo
2020-09-24DOC_89479467.docdoc 47e84b40c894119dda8c1abf4033b74ccdea7712d9ee871dde8360c87e7951baVirustotal results 20.97%Heodo
2020-09-24REP_77390116.docdoc 777b616a49cad6687f1706ed066ad7879d80844e9e4529a7a2416d6e0804f4e7Virustotal results 31.15%Heodo
2020-09-2499206240.docdoc cdd71002bc856432c4601d28ab82f21a59cc5dfd779119a556b6e353a3a9f5efn/aHeodo
2020-09-24REP_YRR_090120_BDE_092520.docdoc 029de7c595a68b46233e28bbff65f065f8baf48178b6998928ebadafb8d3368cVirustotal results 32.26%Heodo
2020-09-24QSC_74735948.docdoc 071b94219cf7f333e5e3c76753c74ec9a5d71f9d4ccf17cb631287fe3508e39fVirustotal results 32.26%Heodo
2020-09-24INV_88821324.docdoc b77cd70861b08e97e103e926c367d38fb18c9588b70cce776fab3c7b9888c31cn/aHeodo
2020-09-24WK3SXCS37W9Y.docdoc 7b5d921ddbc165e0f75ae5769137ef1546084f5d3fad75d9304b97495a5966a0n/aHeodo
2020-09-24ZSE_090120_RBD_092520.docdoc 96d9b3d02df7aea418bb5629677cc35f0eaee5ea68e2373e23a730378f5f5297Virustotal results 29.51%Heodo
2020-09-24BAL_PZC_090120_EHB_092520.docdoc d25aed1074e6086a1e8ee4fb6885c8accddd96469d110e343f36d2e13aaebee2n/aHeodo
2020-09-24BAL_PO_09242020EX.docdoc a72430246d4ff63a287ccdb3d3eb1eea24af39ec67b6452658454f115f5a146cVirustotal results 29.03%Heodo
2020-09-24OXD_090120_KDD_092420.docdoc 9f420a6781e129b0eb85adb6d30b0e390b5c9e7625a14eae99752e7a5ed0914dVirustotal results 20.97%Heodo
2020-09-2472884893012439992828030.docdoc 85c3fbc17a0daacdb938f7ea4b8dfa14ae9a099d59de1e9fef807b569c999acbVirustotal results 19.35%Heodo
2020-09-24DOC_PO_09242020EX.docdoc 9c92b09435e053ed7b07f0d33360b840b95e0bbd64092e06bf09020307e84b9aVirustotal results 30.65%Heodo
2020-09-24INV_175291801.docdoc 35ef0a522e2f7f98db76cd53d203d6389d65b2c0337b598482f1ca0fcfe5953dVirustotal results 29.03%Heodo
2020-09-24531873802.docdoc f6f1cf12aa5337999c20c4cfd641254575e981ad7c463944cfe676ec92a23165Virustotal results 24.59%Heodo
2020-09-24INV_PO_09242020EX.docdoc 2a383eeb24d148e1343c8ac61522fdc8b79c8fe8c0f5f1079009ca43cfed93bfVirustotal results 22.95%Heodo
2020-09-24O2IWO6KGZLTX.docdoc df802c906676713581817048e135afe20200029ac5ff1c840ba82b5bbcda75caVirustotal results 22.58%Heodo
2020-09-24EVB_2CSVKJYNT0R9.docdoc fe9b0b3adac87d1fe5b13863ff7ab54660757a7bc0b4996cfe241ff357c57b3dn/aHeodo
2020-09-24REP_PO_09242020EX.docdoc 8b90ba12e56de7cf064ee54d147a39175bea9149cef12b45b5fcc04b43808d9cn/aHeodo
2020-09-24ZG_OL2294539637KW.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 33.87%Heodo
2020-09-24SEHZLY60FS.docdoc cb1631d0c39aa43d0b8891aaca96d162c853b06f92e395beb682d5c520bc0d90Virustotal results 27.87%Heodo
2020-09-24YV_48562581.docdoc d038ad9d31d6764ec9e5ad2246c2f2a99e0c06ca8798bd54e73deecb05dab14dn/aHeodo
2020-09-24LSFX_KN2731908401JD.docdoc 0f7fafaf2dc62f6f85fa3ffe292696219d28c05b0c6dc088bf2b7314d5bfdac2Virustotal results 30.65%Heodo
2020-09-24DOC_CTS_090120_ZYF_092420.docdoc dc23f6e5f31c7c3ce882dad5d90a145687e954e34019d5cfa3fcc72afe96bb52Virustotal results 28.33%Heodo
2020-09-24FILE_97719003.docdoc b109f9bea346849203b79acaf03255849b23a431d1179bb93ccd213a92da3b39n/aHeodo
2020-09-24DOC_DWL_090120_DKN_092420.docdoc 3f0693ecde0d7c9983bda3bfa22fbb8243695bf8a48ae127e121813ae527334eVirustotal results 29.03%Heodo
2020-09-2486156106840114457948857.docdoc c53bc4b67b9b49868bbb7d3a8323cbd2b411a41077e2b691eb9e66516dde0e4cVirustotal results 29.03%Heodo
2020-09-24HL_ZS5380387749PQ.docdoc 11e3728d9ed2d0468dd44f01dda3611b75b1b9dd7645e9322036d913c43b138an/aHeodo
2020-09-24VU5321986886IY.docdoc 33c770f81db667213e95c2c605c64bbb8aaedd59dc212d411eee46171f3020a3Virustotal results 22.58%Heodo
2020-09-24REP_56307857362143755596.docdoc e5b9b4889b3cad8f0920a0d4153cab5517ce077683139476f36bc1bf91652725Virustotal results 21.31%Heodo
2020-09-24OF4862161407AH.docdoc 0124d3e8aff15d102fb833f22f02e06f09205ee29cc4bb8c1bd2568234eeb319n/aHeodo
2020-09-24INV_10098550.docdoc b1ba77be7809b33fe1f34d2a388f0d8397bac88ac18ebf4fab88748d6fe2edf2Virustotal results 21.31%Heodo
2020-09-24INMW_YO4003795786SV.docdoc 9002b2aadfaa8b371cdf11d233531ba292b5dd90cc161bd7e132c3d49ce79fd2Virustotal results 20.97%Heodo
2020-09-24REP_PWQ_090120_OMC_092420.docdoc 9e894e36a4b04050aa1f3f12c19607fecdd5af0a1af362c033e1c5ed55229896n/aHeodo
2020-09-24WX2424320768DB.docdoc 77a72a7f45a2e516a520ecb15d79adaa7213cb9778309de61bc9dd2a8a2e5891n/aHeodo
2020-09-24FILE_EL2470643298IC.docdoc 7439811010be6eb023390a28eff9b2acf598883daf1cb66bf4c6e78bb8f13998n/aHeodo
2020-09-24REP_2I0EY69VT.docdoc a92504d33c04f21f1e8bfc2322f66cf3d45f486ed7ebbf78f3ee270fb0d3e3a2n/aHeodo
2020-09-24DOC_9630409013466.docdoc 21d6462af9e28cac11c5b8bc20c9f07e953c7af99c15966175e8b8cfc8ee9363n/aHeodo
2020-09-24REP_PO_09242020EX.docdoc 353903d7b90942b9e45059e7a1ea56eea91c412f5cf0864982870f55f9e61e98Virustotal results 37.10%Heodo
2020-09-24PO_09242020EX.docdoc c157afe5eb9208b3fe20c864292c3f7a3c1eb02486f1a6b31fd8ef0349a9f3fan/aHeodo
2020-09-2465248850.docdoc 109faa9ffefc2e21ff1a72efcf3e665b4be5820282f07f8fa54c14bc9f243803Virustotal results 34.43%Heodo
2020-09-249258198159060.docdoc 505eba500eb177462772c3c20029c6a8da6ebae013e23593e8647b31eca13dedn/aHeodo
2020-09-24REP_656751779512412780.docdoc 3e64351afeaa45724ba4e119f792781b8f1e311623e056e6c7f2f27f2ee9cc5aVirustotal results 35.48%Heodo
2020-09-2449461961427.docdoc fba080b64f42891f1ddec30a5a83c9881e8b8dc2e577226eb1575654caddc56fVirustotal results 35.48%Heodo
2020-09-24FILE_PO_09242020EX.docdoc 80bbc6addbc3d97abecb341c4441b7963d70a2a863d25cf0d35137632a841fa4Virustotal results 31.15%Heodo
2020-09-24FILE_PO_09242020EX.docdoc 098e0c52d47feef3ad6ad20535919541c76799f4bddd67233049509a0ae8656dVirustotal results 30.65%Heodo
2020-09-24L_PO_09242020EX.docdoc 63a21ca1981314f43015cca1b3f053dfde7f225e00d9efa0e76816c438ab00ceVirustotal results 29.31%Heodo
2020-09-24FILE_OIDTD279CA.docdoc a6bdea3758ccb519e3736628a467290a74b47562f8a489e89346642276c9f177n/aHeodo
2020-09-24FILE_RAH_090120_ZLK_092420.docdoc 3caf40ca5ad83988dcc46183de98c772464dd0447db89cb8ad5cbae02587039fVirustotal results 30.00%Heodo
2020-09-24FILE_IJ5930513986YV.docdoc a9654b509a80552021269008e33074d85ee269b8a579a23ef93bcc5aba20227cVirustotal results 29.03%Heodo
2020-09-23INV_09310741.docdoc bad24e6bdf40e58be83bdeb717bcb1a09ae986e50f8c51fdc11ff8de777a4482n/aHeodo
2020-09-23BAL_PO_09242020EX.docdoc 1c5a69e8a8d964a5898cedf16872a9903fcf2ec9f08ce3ecd9510f8d4453c4b9Virustotal results 29.03%Heodo
2020-09-23REP_6KO6DEUEC247B.docdoc 928e299ed0670b544432d1c87854ef00421ee91e55581b623158ef13adabf501Virustotal results 27.42%Heodo