URLhaus Database

You are currently viewing the URLhaus database entry for http://craam.mg/wp-includes/p8as4i0m3jj1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:608421
URL: http://craam.mg/wp-includes/p8as4i0m3jj1/
URL Status:Offline
Host: craam.mg
Date added:2020-09-24 02:38:11 UTC
Last online:2020-09-28 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-24 02:40:07 UTC to abuse{at}ovh[dot]net)
Takedown time:4 days, 5 hours, 11 minutes Bad (down since 2020-09-28 07:51:35 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-25DOC_PWKM2RGCEQ1.docdoc 8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2Virustotal results 35.48%Heodo
2020-09-25CP_NV0431682502QA.docdoc 16caa36f21f51e55b03a66ef15c29a8f7054a5fad88ff372ca0bba06dc40a971Virustotal results 36.07% Heodo
2020-09-25REP_065371730.docdoc 8737044355a98a9ffd49ece5bcd55b760fdd2e63b8b6b02d15028deb9d28ed36Virustotal results 24.59% Heodo
2020-09-2528331079.docdoc eefd694ad7a3c1d10441452c651459410143b5ce0d56e19d39c16c1114105d09n/a Heodo
2020-09-24BAL_PO_09252020EX.docdoc 30a0c59711e06c411f4e1a20c649f507a1ef69742192df4ede24d92289aee591Virustotal results 31.15%Heodo
2020-09-24PO_09252020EX.docdoc fe2c4c0e8452ed6b2c6e644296e472af18a988e142404e89061f6cb8f2420593Virustotal results 30.65%Heodo
2020-09-24INV_7213041410309015935055248.docdoc cdd71002bc856432c4601d28ab82f21a59cc5dfd779119a556b6e353a3a9f5efn/aHeodo
2020-09-24Z_52431349.docdoc 029de7c595a68b46233e28bbff65f065f8baf48178b6998928ebadafb8d3368cVirustotal results 32.79%Heodo
2020-09-24FILE_PO_09252020EX.docdoc b77cd70861b08e97e103e926c367d38fb18c9588b70cce776fab3c7b9888c31cn/aHeodo
2020-09-24REP_VT1178155165RT.docdoc 9dd8a90d5bcddd1b1748a24fbb8c636601ce3a3d198b95e342958492db07fd98Virustotal results 29.03%Heodo
2020-09-24REP_0QYY7UFPDE.docdoc c4fc9ec7954c1bc71dc415464f2813e6151dd7c106526dfe3aa8d97ec3b8f9deVirustotal results 20.97%Heodo
2020-09-24PO_09252020EX.docdoc ff6440d9c01fb2fc8526c683c418271051ec21b1b730972f02ab6442bb0f83afn/aHeodo
2020-09-24PO_09252020EX.docdoc d25aed1074e6086a1e8ee4fb6885c8accddd96469d110e343f36d2e13aaebee2Virustotal results 29.03%Heodo
2020-09-24CR3585693743EW.docdoc 02ef96f4a3c715053acf327bd61196658034d30887f0bb1a9769e4bfedfe0a41n/aHeodo
2020-09-24FILE_PO_09242020EX.docdoc 5bbcb03cbdf0fa9eb5854ee7d5c7d3669e469fbde2dd1cfe0b6c4767dd19d138Virustotal results 29.51%Heodo
2020-09-24V_FL2753924183NM.docdoc 68d56a79c843b1b6a5d9937b5f98c3ecd25a60ebbffb348a9e08cde6dd1a98fdn/aHeodo
2020-09-24R_PO_09242020EX.docdoc f558184120407b98a2f1473322ca913b07ff58cd20d06ae924a355e11821dc9bVirustotal results 29.03%Heodo
2020-09-24FILE_APC_090120_TRQ_092420.docdoc 35ef0a522e2f7f98db76cd53d203d6389d65b2c0337b598482f1ca0fcfe5953dVirustotal results 29.03%Heodo
2020-09-24PO_09242020EX.docdoc f6f1cf12aa5337999c20c4cfd641254575e981ad7c463944cfe676ec92a23165n/aHeodo
2020-09-24MMQI5SZCNTZTE2.docdoc 1e8a41d3b5b66bf2151302e128b041ae3994ea9a2a0a688a098fb691a692e222n/aHeodo
2020-09-24BAL_VOA_090120_MTJ_092420.docdoc 7f2909dbaff2ca4d076322b968a100de8c38b257858149d44dc8976189d2571fn/aHeodo
2020-09-24DOC_VC0UNJ3EHGTOB.docdoc 60b9c51a988490875a152231c3217de228b7406a1378ab07263aea7f02ecd3ccVirustotal results 20.97%Heodo
2020-09-24INV_46162950.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 26.67%Heodo
2020-09-24INV_2SSP776F.docdoc bf6caeac64ebd3eca96f936635d26ea90e62f1093b72146a98a20623a13688cbVirustotal results 27.87%Heodo
2020-09-24REP_EV8946722479BM.docdoc 2e3f0cba76c76de6beb1d7782576c1913d7a5ec9e471a36bac04827d26b0185dn/aHeodo
2020-09-24FILE_YFPTSFS78FEORAUH.docdoc 994f606a00cbfa00d23303bdaf545487afedc4d6fe4d580890a702d11411885cVirustotal results 28.33%Heodo
2020-09-24REP_GYFR0PMWY44B.docdoc 673b66564bc293cc5e89a33f4b16692f12071b7984f57342f1e011ddd5cc96d0n/aHeodo
2020-09-24FILE_R1V80KJB.docdoc 7e5a42a73c29e93f48c97d924845eef4cce7d6a931dadaa19068f78f4bb83015n/aHeodo
2020-09-24REP_03601065.docdoc d9e5e99a04e37db7783f369c532e2e6d5171b90a286f2c397fcd6356a1abcce9Virustotal results 26.23%Heodo
2020-09-24FILE_PO_09242020EX.docdoc 11e3728d9ed2d0468dd44f01dda3611b75b1b9dd7645e9322036d913c43b138an/aHeodo
2020-09-2456538006.docdoc 740ea2b635d60e6415d33b3efebb49934d260bae03b4e879ca4b78855680b019n/aHeodo
2020-09-24Q_PYBV4IRE.docdoc eded433f531513b960d540a5a009de4bf991d6ef3a525317bc5c1ee9f10c1192Virustotal results 20.97%Heodo
2020-09-24REP_S78S9L51Y5BXXAH.docdoc 0c0a47166f8b2bd4ca8b24c44ebdc1729d7dd6a49d3ba2fb400812d5409b7648Virustotal results 21.31%Heodo
2020-09-24SP_PO_09242020EX.docdoc 969fa2b3b1738ba0cfebb842c241a5ac4558eda516437f5237a3257cc0140091n/aHeodo
2020-09-24G_51233604.docdoc b1ba77be7809b33fe1f34d2a388f0d8397bac88ac18ebf4fab88748d6fe2edf2Virustotal results 21.31%Heodo
2020-09-24O_93155602.docdoc 8f268a0429aeffbf76fa1784b79923863ceec143025e3f54b2dacf965a988f7fn/aHeodo
2020-09-24FILE_09343095.docdoc 9e894e36a4b04050aa1f3f12c19607fecdd5af0a1af362c033e1c5ed55229896n/aHeodo
2020-09-24UBZ_090120_SNL_092420.docdoc bc8c5bed53bd39445e8df6c75cbd7aefc5aeb6fc2e735692ff898d28c43e61d1n/aHeodo
2020-09-24Y_GYQ_090120_XFL_092420.docdoc 60443647991cdcd0fb310b965e853672e8c5c83a64629a83d7ee568b23e44296Virustotal results 45.90%Heodo
2020-09-24BAL_91513025.docdoc a92c46f200df0158c9798071b11a95d81eea54126f75084d6b9b381d992d4d0cn/aHeodo
2020-09-2479L41FYVCZQSA.docdoc 19cb69cbc19879e5cae4e56b1d702cfcd04c72ebf8a9c795592d509a91e5a2eaVirustotal results 36.07%Heodo
2020-09-24FILE_1131047531181954554.docdoc 600c433856179a39c24e978c417634772d605b733afea857de865c8ff787105fVirustotal results 35.00%Heodo
2020-09-24O_K55P5E6EDXXQPO.docdoc c157afe5eb9208b3fe20c864292c3f7a3c1eb02486f1a6b31fd8ef0349a9f3fan/aHeodo
2020-09-2480971439.docdoc 109faa9ffefc2e21ff1a72efcf3e665b4be5820282f07f8fa54c14bc9f243803n/aHeodo
2020-09-24REP_4599054918.docdoc 3b95077a69ba1ee1226face3a5f83a78950357b93815180ebb6b6772cf8212e8Virustotal results 37.70%Heodo
2020-09-24I_98672732.docdoc 3e64351afeaa45724ba4e119f792781b8f1e311623e056e6c7f2f27f2ee9cc5aVirustotal results 35.48%Heodo
2020-09-24DOC_FUG_090120_ZWB_092420.docdoc fba080b64f42891f1ddec30a5a83c9881e8b8dc2e577226eb1575654caddc56fn/aHeodo