URLhaus Database

You are currently viewing the URLhaus database entry for http://medihub.pk/cgi-bin/Overview/n86omqmlv/lf6qkyi82502744995gqkul3t6n6bfaagfr/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:608006
URL: http://medihub.pk/cgi-bin/Overview/n86omqmlv/lf6qkyi82502744995gqkul3t6n6bfaagfr/
URL Status:Offline
Host: medihub.pk
Date added:2020-09-24 00:44:38 UTC
Last online:2020-09-24 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-24 00:46:05 UTC to abuse{at}hetzner[dot]com)
Takedown time:11 hours, 58 minutes Good (down since 2020-09-24 12:44:31 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-24REP_PO_09242020EX.docdoc 2e3f0cba76c76de6beb1d7782576c1913d7a5ec9e471a36bac04827d26b0185dn/aHeodo
2020-09-24DOC_PO_09242020EX.docdoc fc98a386a0e52834ae5dcb93beb5aa33305f3e71cd4183a2e47c7c38d9cfeb1cVirustotal results 22.95%Heodo
2020-09-24FILE_5877886569298432648156.docdoc 5c7bfd1823b37a4f48ff0166d60e88e0be88ae562cf87c6bf393597da4fd835bVirustotal results 27.42%Heodo
2020-09-24F_WT5310455314HS.docdoc d9e5e99a04e37db7783f369c532e2e6d5171b90a286f2c397fcd6356a1abcce9n/aHeodo
2020-09-24C_MN6527987711KU.docdoc 35fdf71d1156a709edbfc6250568a61a62afb183218e5fc5ffc1249ab07bb4b3n/aHeodo
2020-09-24DOC_187144884829943039272349.docdoc c7f34900cf5584e0e90f2f5d2131af15abada7eb92f4c9bcdd9f9d8560dbdf46Virustotal results 20.97%Heodo
2020-09-24BAL_HJ4586087627NW.docdoc 573cf8b0e537a825c17e7f74be98dc2516d0b509eb22cc7a259717e53d50ec53n/aHeodo
2020-09-2416044606.docdoc 84d837274cbcc7fea7d1806754185fecba6c90d352208ed2c444996864073135n/aHeodo
2020-09-24K4XJM7RI.docdoc e009e8425fa0d5b45b611b840745257948eb8d154a75046329e7bf699f3a60d9Virustotal results 21.31%Heodo
2020-09-24BAL_PO_09242020EX.docdoc 9530d202be6692b15721f936a6cd20a7319a5dc92e97e12b532ceb3d74641753n/aHeodo
2020-09-24BJR_FHD_090120_BPD_092420.docdoc 04c40043a6f85ced583227c163faec46ab1ea268357293dea65e35744895955cVirustotal results 21.31%Heodo
2020-09-24274482736903.docdoc eb7751cd57d85eef7c674547d3a40c0eb9758d9b893fca13e639ac5fbf0fd39fVirustotal results 20.97%Heodo
2020-09-24FILE_MSI_090120_WIV_092420.docdoc d522d2f16aa3e16dc127e4340ff8bfd23ab4de894995c8dbb75b31bd4b4d73cbn/aHeodo
2020-09-2477720422I542GS2B.docdoc a92c46f200df0158c9798071b11a95d81eea54126f75084d6b9b381d992d4d0cVirustotal results 40.98%Heodo
2020-09-24BAL_WSO_090120_FEH_092420.docdoc 19cb69cbc19879e5cae4e56b1d702cfcd04c72ebf8a9c795592d509a91e5a2eaVirustotal results 35.48%Heodo
2020-09-24INV_45596367.docdoc 600c433856179a39c24e978c417634772d605b733afea857de865c8ff787105fVirustotal results 33.87%Heodo
2020-09-24S_USP_090120_YWJ_092420.docdoc 2ec5659b0eadb3f644298e5c297be25451dff898c0551365d0d757a4e5975556Virustotal results 35.48%Heodo
2020-09-24REP_SU1264711355EH.docdoc 7aed739ebb48064d94fa17f51816a7d3f4414ec8d578a6bde0830e844055e971n/aHeodo
2020-09-24REP_K0CRXJSHZ79.docdoc 8f054924ac0e3a72b2725a18206bf1e2faaa327460d2e7199b1152126241d054Virustotal results 35.48%Heodo
2020-09-24FILE_SS6404677887TI.docdoc 94a60a6851a52d97e35329b2b824437bf9dd5eeca3fd759e15f444e217f39635Virustotal results 35.48%Heodo
2020-09-24INV_ZUI_090120_DVD_092420.docdoc 8c2167e0297ffcef1e67f0aed9f87dd7de95a4b552865584b7bd0185ac8f98f9Virustotal results 35.48%Heodo
2020-09-24FILE_3LOL1GYP3HG42IZ2.docdoc 80bbc6addbc3d97abecb341c4441b7963d70a2a863d25cf0d35137632a841fa4n/aHeodo
2020-09-24PO_09242020EX.docdoc a26964e2d826f555642d9dac0e19c5bf685767b5a0cb12d9a83e6d332251b17dn/aHeodo
2020-09-2428359732.docdoc 098e0c52d47feef3ad6ad20535919541c76799f4bddd67233049509a0ae8656dn/aHeodo
2020-09-24INV_976712673227973.docdoc a6bdea3758ccb519e3736628a467290a74b47562f8a489e89346642276c9f177n/aHeodo