URLhaus Database

You are currently viewing the URLhaus database entry for http://firesafetycollege.in/bmghlsoe/Scan/zekahXJrk5YT/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:607785
URL: http://firesafetycollege.in/bmghlsoe/Scan/zekahXJrk5YT/
URL Status:Offline
Host: firesafetycollege.in
Date added:2020-09-23 23:49:34 UTC
Last online:2020-09-28 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU002959368 created on 2020-09-23 23:50:06 UTC)
Takedown time:4 days, 19 hours, 59 minutes Bad (down since 2020-09-28 19:49:11 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-28File-2020_09_25-538.docdoc 63ad2a6de7b792cb3c459c99764014ff0f4d3f8a231708bd6b66fd834087e93bn/a 
2020-09-28File-2020_09_25-538.docdoc 376c6ce9e68a221892d5892a7f10171baf692217c5398c6e9fe696cda6d850abn/a 
2020-09-25File-2020_09_25-538.docdoc bf6720e73cf3991f50455b524bdb7bdb5f8e6bfae9d1174fede5e8b3e98597b9Virustotal results 37.70%Heodo
2020-09-25LIST 2020_09_25 BH943.docdoc 265d752d9628320557704b9100b0fdaf93a159efa599cd15a66c2dc14518f4ben/aHeodo
2020-09-25Inf 38584.docdoc 2e8de1edb489db88f400ff1e2e6ef785e137b9fe39b5af48eef98a1a51e91a9dVirustotal results 27.42%Heodo
2020-09-25PXG4494 20200925 00807.docdoc cf7d058393ab5a76eb4f2dfc204951696acdb2c2785fcd2d3ac3373ff3d3a2bfn/aHeodo
2020-09-25DAT_20200925_SJ7456.docdoc 93e6cc82d975a97701fb9b391dc104829a3118f8f49ce3ef48b49768091a357eVirustotal results 27.87%Heodo
2020-09-25REP.docdoc 96459a6082710026b6f6be7a41a2aeae9be085342714fe3c19d840ce41e6958an/aHeodo
2020-09-25list 20200925.docdoc ad772a9d4c398f2a599736732c0531b03e18fe8a558bc33c29ef956922c2c243Virustotal results 27.42%Heodo
2020-09-25Rep_20200925.docdoc f4769ebd4f7874f62dc319564ffc7086cdc5753877c910332a53c62f81418316Virustotal results 27.87%Heodo
2020-09-25dat S792.docdoc d6cf890c67aff19145aa458c76f73d0cfd4a7d654888191078d657ee679e6370Virustotal results 27.42%Heodo
2020-09-25rep 2020_09_25 322852.docdoc 58fab6dbc50edfa50a9780f5dbf976181b17c5001f0fe9d34cda172e76af7be9Virustotal results 27.87%Heodo
2020-09-25Mes 2020_09_25 96512.docdoc 2c2bd59c12d94c6c039f7a27058ee2a8bc65f7256f93cca4c4d1f42189a72509Virustotal results 27.42%Heodo
2020-09-25dat_328.docdoc 7af65b3e6ff098ff2470d97bd7516a4be13b0853251bd92c07bea314fcc3a209Virustotal results 26.23%Heodo
2020-09-2583092_QKF4337.docdoc 8e99f5628dbd486efa0f0ef64fde215e35fc4f3ef1a045ddd87084b61b0676f2n/aHeodo
2020-09-25file 2020_09_25.docdoc 35b20290035a4adc02a158303d41cc5f9f0b3c5342ca320c17d838edea2b7736n/aHeodo
2020-09-25INF_20200925_SO5156.docdoc 0f674723c07c5218324a68f25f78d92f4f7f8e4662c3856380643e948187a4can/aHeodo
2020-09-25arc Z392.docdoc 5075a674a9a566f012eedf4b2bb65bc8dd755f9874507d9e5e3ec27d06a23562Virustotal results 34.43%Heodo
2020-09-25rep-2020_09_25-QF229.docdoc 90d98540904cb297db85c8cbc30b1510b43c16f60b12a899a565740a3ffdd735Virustotal results 32.26%Heodo
2020-09-25REP-20200925-3533.docdoc dea89797b0e3407f423c2d3db4732897df4779beb6caf903ceb16029c480f012Virustotal results 32.26%Heodo
2020-09-25DAT 20200925 6900.docdoc a5d07fac1fd1f74e00644c183bfe972d95582bb06c0f8a16e3a0f58cab1152e3Virustotal results 32.26%Heodo
2020-09-25Arc_2020_09_25_HAT904650.docdoc b87c4ca399ee45fd85c5ce0258a8cbb2085f12e3f30928730ad2ed2221ed6cc1Virustotal results 32.26%Heodo
2020-09-25FILE HZ1516.docdoc d75299a8e19df9593c413b093ec1cb2822e0418945eff66f18796ab6ec4661f1n/aHeodo
2020-09-25ARC.docdoc d92a06690d830abe94e1a9805979b5174998266231cfa82a881bdd5e39b32ed7Virustotal results 32.26%Heodo
2020-09-25inf-U270023.docdoc 2f61da248ac204ef8f63a0bf142e3c4abd8b1269662f61675ac1351365311640n/aHeodo
2020-09-25996586_2020_09_25_WZ2538.docdoc b326ca234be3b2d276d14c6d4d6e382a782bb6f7e04d4943dbd1f8f66da7df9fVirustotal results 31.15%Heodo
2020-09-251571849_20200925_OG92811.docdoc a5d7e06e28beb1225f209f356fa949e12a1d78d304e5e1f90763a41cf83c7801Virustotal results 32.26%Heodo
2020-09-2525356004_20200925_WFH5077.docdoc 4b2a96a3295b611806db5b72971fe7fe4e12819f296ad8549366814cf0149377Virustotal results 32.26%Heodo
2020-09-25460XEP 2020_09_25 68663.docdoc eac747b64de29080e128302ff648719d8fefcbbce47c9065edefa2ea5862f74dVirustotal results 32.79%Heodo
2020-09-25Inf-2020_09_25.docdoc bc4fb25044c6fb8629728c6871a7ba7ea53ad1444e093759fe00ad39203a25c0Virustotal results 31.67%Heodo
2020-09-25File_2020_09_25.docdoc d7610350dff505fe91024c77b0e93d7a33fb2a121189ff230a635606becac380Virustotal results 30.65%Heodo
2020-09-25file-QPS593643.docdoc d43898cf94cf620939c31e9850e566223e334b4298ce958a1d59841dbbd99b12n/aHeodo
2020-09-2598112804-ITA0367.docdoc ba753a3170901bef149aa59bdb45420ee05fe7331873bdc50db85193881b2e4bn/aHeodo
2020-09-25File 2020_09_25 1196.docdoc 468f76ef171460d5abba423c31455f99cc4aa8095df3f2ccef2d1bb2b622833fVirustotal results 30.65%Heodo
2020-09-25mes 20200925 8769.docdoc bd497f91d1b3471692be59bc55fb9a4bcd885d680ba65087f99431f0be67d62fVirustotal results 31.15%Heodo
2020-09-25REP LIY624298.docdoc 84dfa573291310a15b9a67c8643b77e36306ffeaccb56637c4be40b776558d80Virustotal results 30.65%Heodo
2020-09-24Dat_62973.docdoc a7bf6cee3dca01f25d30af7e184981a1d239058da20311b95129408827f2d98bVirustotal results 29.51%Heodo
2020-09-24Mes_207.docdoc 0ed207539883ae673ef01f8e02fe3d8aca621eb279ed0ac875079b159c05a6a3Virustotal results 27.42%Heodo
2020-09-24ARC_YC445309.docdoc 57374a1ff11ced7ada0485939fac0097fed707df6f0d3f248ed63c199ebd0fdbVirustotal results 27.42%Heodo
2020-09-24doc-717826.docdoc d2a02498b6c6d741a99666694b10b4bfd2955811c3555481e4492c9e65ad1c34Virustotal results 27.42%Heodo
2020-09-24FILE 20200925 PKB604662.docdoc 444a3aa13486d0771a92de61669b174ac0d22747d821cf2ff5fb334e1a574808n/aHeodo
2020-09-24dat_2020_09_25_0288169.docdoc e30954491227d012c82dacddc3299730619d5f9edf66a0d7769f87cc5bd184feVirustotal results 27.59%Heodo
2020-09-24FILE 20104.docdoc 2c6d5d8658794ab29bd0a4855dc9d7a05858fdc4f986c0949570dccb299a2e9cVirustotal results 25.42%Heodo
2020-09-24FILE-20200925-K9541.docdoc 434f04ac8884e5c435261004ae5cd65e5c92fd3ab7537ac05f19ea340b25696aVirustotal results 25.81%Heodo
2020-09-2428498Q-2020_09_25-41205.docdoc 71e6fbfc302988b9d47402e544949794407ab97087ddc0ccbfa34db2385f86b2Virustotal results 25.81%Heodo
2020-09-24ARC 7279.docdoc 8dbb3afd7b53aca3df3a40119f92111562f8571716118d99432d300ae602f8bfVirustotal results 25.81%Heodo
2020-09-24UNTITLED 6420262.docdoc a1affc755054c8caa7fea80296cc9d8d90e0ba138fbda3b7dd94e7d54b1180cfVirustotal results 29.51%Heodo
2020-09-24dat_2020_09_24_46471.docdoc fe103e66cf52ef65e7bbe771a3542f28f53598715a176112475fe935ada5306bVirustotal results 29.03%Heodo
2020-09-24INF_20200924_785.docdoc 7013194db7534793f4367883cd096274ad864eedcc38ade03b386504c9568d91n/aHeodo
2020-09-24UNTITLED_20200924.docdoc 22e968ba677ba56dd1d0fa54404737fabfd551950e007c6b526c683cb920d99dVirustotal results 29.03%Heodo
2020-09-24list_2020_09_24.docdoc 1c2a9e770a4b48dfba6fcdc8781f77d460cb306622576be3819df11dcfedba1cVirustotal results 27.42%Heodo
2020-09-24LIST-20200924-9195804.docdoc ef16ca7f98838032f77c4ce37274671438e7f500526a91c22a2ca6c1e2bcff62Virustotal results 27.42%Heodo
2020-09-24Rep_7630.docdoc 16b03b1a736df687552c54b6cafc8d0fe05b523e5eda225112c5e16bdcd9b0e9n/aHeodo
2020-09-24DAT 20200924 080301.docdoc e3af55b57c1e2be4a1ad2c43968fdfe5fdbc3041ffe3bba2971183e5cb7b23adVirustotal results 24.19%Heodo
2020-09-24REP 779927.docdoc a7119297d5e0a5d3b6ab6bfdecc15029d2243b433db330c981e01246f23d5556Virustotal results 24.19%Heodo
2020-09-24inf 2020_09_24 S53289.docdoc 24e9c546ce90adef18cc699df5c3df34a05787fdd9733a1767d993de4d63b7a5Virustotal results 24.19%Heodo
2020-09-24arc 20200924 HMP20199.docdoc d5496150a225e2950b4d68c44020e8bf9b30d640ffbf2d72046c3adbd2584818Virustotal results 24.19%Heodo
2020-09-24dat 2020_09_24 TK5114.docdoc 05333040945d98d0c4a9ec726dbfc9f4ee0a00c4e354e2716e3f14df54f7b3can/aHeodo
2020-09-24REP-20200924.docdoc a183faf9989affc0f28663b6ae74e921382cf5c04ccee9f318ce777048caa813Virustotal results 22.58%Heodo
2020-09-24UNTITLED 20200924 143968.docdoc 3631a36de06d65a85e1862b427b262b0f1038eddd50250dc4bdb4c791f2b9606Virustotal results 22.58%Heodo
2020-09-24Arc.docdoc b8e8b77978927490bf4bb07aba15fa7d3b408362f06c70f1d0a1be606d71fdaaVirustotal results 22.95%Heodo
2020-09-24inf_2020_09_24.docdoc 963ac9c75f4684b43800ebc6cc5e1b94d27f2d8087cb41741025b4d20e66d92fVirustotal results 22.58%Heodo
2020-09-24802G 20200924 TMV895051.docdoc 21f933eff22a641a84e1cd7a52596a0362a80f5cb1b90a0582fb5a19044dc4e3n/aHeodo
2020-09-24LIST_20200924.docdoc 55388c604861ff723371329b1a3915d35ec93ef0376b4455a179cf48e14c0799n/aHeodo
2020-09-24185_RWJ72937.docdoc c6792afbfcf5e1aaeec3a137969307c7aa9d1999b59ae6f70706910f95e786aaVirustotal results 33.33%Heodo
2020-09-24doc_2020_09_24.docdoc a173c80617eccbb5abd724c6c42da5355329ffc94e544185e1401d97c9146964n/aHeodo
2020-09-24Attachments-20200924-IR4382.docdoc e2eca82c78611a391480ebc7741bf38bd94ee339bf24f50790690f097fed1488Virustotal results 20.97%Heodo
2020-09-24Attachment 2020_09_24 A693138.docdoc 23db49d5886e034ad5ab63515e5c5c6b6374d5bad5c9b68cfb3d84f39451a301Virustotal results 41.94%Heodo
2020-09-24Mes 2020_09_24 098.docdoc 77d05388e54ffc1cf04195a80a090cb3eaa41f8820c93c4c646f4f56cb6beffdn/aHeodo
2020-09-24Inf-KWX25286.docdoc e7f6321d905f4db566091d8d4520f4d128bf66917cc86d794f1d435352ed2899Virustotal results 37.10%Heodo
2020-09-24Attachments 20200924 SU1560.docdoc 3255f1ed97c4519f14543bd413301a4ab6e48765f7a405b5efdb7428b2a586d8Virustotal results 34.43%Heodo
2020-09-24list_2020_09_24_8619750.docdoc 89a45325b3f1df9afd4f37462ca8202a64c8937098465331f9c8e11a042f9280Virustotal results 33.87%Heodo
2020-09-24file_2020_09_24_QO412.docdoc c0e4414d503b796df3ac298ceabf771394e65acce8d3822dffff366964dd8d7dn/aHeodo
2020-09-24mes-Z1491.docdoc 2f8c5f8173199d582e3535ffcda34ccfa553e9b5d8ab915b54d4d0307061ed19Virustotal results 33.87%Heodo
2020-09-24961.docdoc 39869bce9c64b45c624de3c72e57ed683652bea15fa5b0195f5fe24287c6169an/aHeodo
2020-09-24List.docdoc 9b6ddc314258dd07193fca458631855ec60eaf598557379f4bfb34cf178a0d41Virustotal results 32.79%Heodo
2020-09-24MES 2020_09_24 B3732.docdoc 459d111095342d54bfb487028848de4425f55b76dd86c33da107f3f09edfc4a0n/aHeodo
2020-09-24LIST-482.docdoc 7d47cfd77354eeae25a92db11ba24486d38653c3d2f2750076541f61b5bfb09aVirustotal results 32.26%Heodo
2020-09-24INF_2020_09_24_IYP716645.docdoc 7c7c3627f0d6de0dacbaf735a2e34a8dc5d7397c9a7fd91b3831446a55667642Virustotal results 32.26%Heodo
2020-09-24Attachments.docdoc 234d3ad4abc48e15ee2c813f7202154e54609b7380d8d7f803801c1759ed2042Virustotal results 27.87%Heodo
2020-09-24mes-2020_09_24.docdoc 5cbc632d9e8bdf2c957c7d6864fab56e5106c110bf14838a440449dc0fd40926n/aHeodo
2020-09-24Attachment-20200924.docdoc 723d382c65591be516dc0f62f769cd79b42fffef91a244bf773da31d1478f631Virustotal results 29.51%Heodo
2020-09-24Untitled.docdoc 627da70ae807d43827d68ed505588ad930a9e5c02c294477c5910f844b3a7c30Virustotal results 28.30%Heodo
2020-09-24MES 2020_09_24 QW269000.docdoc 98cac1b2d3b5764f8aabb6955ae8d2f9d1078b7f4fe2ba221e4c54da5460ef08Virustotal results 29.03% Heodo
2020-09-23ARC_20200924_IZB658.docdoc a8f0618803466ed187aec2039b42491adb06253fdb89c826203fcd757992967eVirustotal results 27.42%Heodo