URLhaus Database

You are currently viewing the URLhaus database entry for https://legolan.nl/amazon/sites/gvocmsq95sa/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	609329
URL:	https://legolan.nl/amazon/sites/gvocmsq95sa/
URL Status:	Offline
Host:	legolan.nl
Date added:	2020-09-24 06:27:13 UTC
Last online:	2020-09-28 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-24 06:28:14 UTC to abuse{at}hetzner[dot]com)
Takedown time:	4 days, 13 hours, 25 minutes (down since 2020-09-28 19:53:54 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-25	12609891.doc	doc	8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2	35.48%	Heodo
2020-09-25	Q_IBI_090120_WNY_092520.doc	doc	e99def3b5bee603e6c7a2d91c61fa9fedb0ed8a7c0e8c7029e2c5d3bf70ba88f	29.51%	Heodo
2020-09-25	BAL_N1WZFSEDH.doc	doc	af8ff28fb4ea041b8cbe3e93a2c9984e483b0fbda6945bc0172d0946d5c1cb7d	22.58%	Heodo
2020-09-25	E_IM7999204938UA.doc	doc	ddca7bd9923ea1a93f054a8ea4c749b80793daf20550c9ee2f4e63446572c400	22.58%	Heodo
2020-09-24	PO_09252020EX.doc	doc	89825271f1b18375f523320908826b553e9da21bce402e9844bd3d55446fb509	31.03%	Heodo
2020-09-24	FMZ_090120_NXK_092520.doc	doc	30a0c59711e06c411f4e1a20c649f507a1ef69742192df4ede24d92289aee591	n/a	Heodo
2020-09-24	494766357591379908924196.doc	doc	fe2c4c0e8452ed6b2c6e644296e472af18a988e142404e89061f6cb8f2420593	n/a	Heodo
2020-09-24	INV_PO_09252020EX.doc	doc	8e4be7abeafb997210d1c39bf851ab0c4cd097268cf3664f53c72abc3dcce92f	30.65%	Heodo
2020-09-24	DOC_60568005.doc	doc	7b6806b4e83dde2a32e4d3f04439478a2a28eff8c723179a141152aa89c0c8fc	n/a	Heodo
2020-09-24	SB58DPDSCBVP.doc	doc	46996b6a7e3fb5f718730ed86bbfa6e57792d961db1bd60352e17703af38134e	29.03%	Heodo
2020-09-24	DOC_PO_09252020EX.doc	doc	7e1935fab86166df5d6770468bf12c57a50720c0b7ba90e21accf2ca8493ce15	n/a	Heodo
2020-09-24	RWB_090120_WMD_092520.doc	doc	c4fc9ec7954c1bc71dc415464f2813e6151dd7c106526dfe3aa8d97ec3b8f9de	20.97%	Heodo
2020-09-24	EG1BETV7T99P8871.doc	doc	ff6440d9c01fb2fc8526c683c418271051ec21b1b730972f02ab6442bb0f83af	n/a	Heodo
2020-09-24	DOC_95408464203018017674994.doc	doc	2a3395e9459dc5f0fc72621c2299e98b4226e6b99cf6069d89004e3d430a219d	29.03%	Heodo
2020-09-24	FILE_PO_09242020EX.doc	doc	b638a54fb8b1ae9d64723adeea13dfada5ef1ad4d4c606ed9a34370f4d216d09	30.65%	Heodo
2020-09-24	BAL_YA7DIQ6Q.doc	doc	a72430246d4ff63a287ccdb3d3eb1eea24af39ec67b6452658454f115f5a146c	n/a	Heodo
2020-09-24	4VWDFSEQ8.doc	doc	49cb977b6bc82a34e7733da5b4a34862f85b5afd2c8a0691c79d9e2b86dca29e	n/a	Heodo
2020-09-24	BAL_PO_09242020EX.doc	doc	85c3fbc17a0daacdb938f7ea4b8dfa14ae9a099d59de1e9fef807b569c999acb	19.35%	Heodo
2020-09-24	4796233880699.doc	doc	9c92b09435e053ed7b07f0d33360b840b95e0bbd64092e06bf09020307e84b9a	30.65%	Heodo
2020-09-24	R_PO_09242020EX.doc	doc	267834c0d23e344ce20d8814e0e5499c7f5bc32fbda08c9ebf721a3dcb2efe26	24.19%	Heodo
2020-09-24	FILE_929336508.doc	doc	b8c075d4057bdd225bd2328001ef2cc8efb5e79192d6c2fe8279677927714ec8	n/a	Heodo
2020-09-24	77513898.doc	doc	df802c906676713581817048e135afe20200029ac5ff1c840ba82b5bbcda75ca	22.58%	Heodo
2020-09-24	REP_93844388.doc	doc	32bbcef052b442f62a2fbb0c5dad498dcb779148f31f2e51d4f7a38245024f8e	n/a	Heodo
2020-09-24	INV_PO_09242020EX.doc	doc	60b9c51a988490875a152231c3217de228b7406a1378ab07263aea7f02ecd3cc	20.97%	Heodo
2020-09-24	BAL_PO_09242020EX.doc	doc	37b5d86751a2c999901df382ddadc7aa72d891a4e24ef527e02266ffab2efa41	n/a	Heodo
2020-09-24	GNA_090120_LOQ_092420.doc	doc	460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974fe	33.87%	Heodo
2020-09-24	NISP_EN2920042439ZK.doc	doc	f1d7646cf6abe9a746a6dab251be541e66a294060a1f32665b7e1c5d54de17dc	29.51%	Heodo
2020-09-24	BAL_62147230.doc	doc	bf6caeac64ebd3eca96f936635d26ea90e62f1093b72146a98a20623a13688cb	27.87%	Heodo
2020-09-24	G_92769257.doc	doc	14d3028b892573f0d8b812deb455b13424beb8580cd1d928cabdbe4c613a7e22	30.65%	Heodo
2020-09-24	REP_JPR_090120_CXZ_092420.doc	doc	896f6e1b9eb9656cfc68db252241fc7087192661175a0604505742223f0ef016	n/a	Heodo
2020-09-24	XOLN_QZZ_090120_MVJ_092420.doc	doc	322437c9e679266325e5e5e4e5192b3480e02f680d56fbede6b807db9def583a	n/a	Heodo
2020-09-24	REP_PO_09242020EX.doc	doc	3094430b3d76d53847a19a95eb5729490be7efc8f68feb4b57aeb8fd72c94ee9	21.15%	Heodo
2020-09-24	BAL_D1IPA2X.doc	doc	c53bc4b67b9b49868bbb7d3a8323cbd2b411a41077e2b691eb9e66516dde0e4c	28.33%	Heodo
2020-09-24	PO_09242020EX.doc	doc	33412abe08dc8633c45ced70426d58498a93ec1ace826525f5fb495459709ac3	n/a	Heodo
2020-09-24	8139273485847.doc	doc	ab91db60823e2094091fd21a60eda971c965e334da7b12f08b02334d781397e4	n/a	Heodo
2020-09-24	INV_45255945.doc	doc	cc6d1e1779c379b470c18ec2a37174c042c003b17425e7bddbd43876e7c8759d	20.97%	Heodo
2020-09-24	15586505.doc	doc	573cf8b0e537a825c17e7f74be98dc2516d0b509eb22cc7a259717e53d50ec53	n/a	Heodo
2020-09-24	14540847.doc	doc	e4a782671d6a001f226fd064f2f6204cb368f6e4e82aad502a4d5cd56b65a78b	19.67%	Heodo
2020-09-24	HS8566056814DT.doc	doc	6e5bcd9db826f2b855f63e8a591e02ebb0bbd141387d2922e3e251fc8ddbcbb8	19.67%	Heodo
2020-09-24	2858719336279208511.doc	doc	6cbd2115091ed6aac27b36f75ef0aa1328e9cd43fc463b039ff9cefed0d8b1f8	20.97%	Heodo
2020-09-24	FILE_30468424.doc	doc	54d6881837b3fcb6a0b3e639c58f6e159abb745d0862e1f5cabe6c7df3a3da12	20.97%	Heodo
2020-09-24	W_CIQLCYOMAUNKMT.doc	doc	8b209e2d294b8c5b50bd83d9fd9184268ce21313f7d5876d74c7e10f48ac946e	18.87%	Heodo