URLhaus Database

You are currently viewing the URLhaus database entry for https://bumbumemforma.tk/bfa2m/invoice/rlbl1gr524950xi416bchremes61q/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	609334
URL:	https://bumbumemforma.tk/bfa2m/invoice/rlbl1gr524950xi416bchremes61q/
URL Status:	Offline
Host:	bumbumemforma.tk
Date added:	2020-09-24 06:33:06 UTC
Last online:	2020-09-24 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-24 06:34:04 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	16 hours, 39 minutes (down since 2020-09-24 23:13:09 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-24	BAL_31242013.doc	doc	071b94219cf7f333e5e3c76753c74ec9a5d71f9d4ccf17cb631287fe3508e39f	32.26%	Heodo
2020-09-24	BAL_HVA_090120_DOX_092520.doc	doc	46996b6a7e3fb5f718730ed86bbfa6e57792d961db1bd60352e17703af38134e	29.03%	Heodo
2020-09-24	PO_09252020EX.doc	doc	7e1935fab86166df5d6770468bf12c57a50720c0b7ba90e21accf2ca8493ce15	n/a	Heodo
2020-09-24	INV_25065961.doc	doc	7b5d921ddbc165e0f75ae5769137ef1546084f5d3fad75d9304b97495a5966a0	n/a	Heodo
2020-09-24	H_73737932446007637.doc	doc	dcffae4b2bca57b2e8b65609a127df9975ff71d81bc14a409f0058dba81ebb56	29.03%	Heodo
2020-09-24	DOC_DK6006013933BF.doc	doc	d25aed1074e6086a1e8ee4fb6885c8accddd96469d110e343f36d2e13aaebee2	29.03%	Heodo
2020-09-24	IB_QAOA6DKX7.doc	doc	1fd6fc5f6c0b08fbefe966d1faab12454848f8bc73d826a7c6c843d8da75a16f	29.03%	Heodo
2020-09-24	NJN_090120_RUJ_092420.doc	doc	715f9dc1efa5fca591ca9ec3b12ea2cbfb023fdeb8f0964988c191a7be6166c8	n/a	Heodo
2020-09-24	090974983220001887702.doc	doc	0d6de09715c2540ddecff9f789615db1ea094b991d2a6417c3c086eb6e77e609	n/a	Heodo
2020-09-24	FILE_2548661495.doc	doc	68d56a79c843b1b6a5d9937b5f98c3ecd25a60ebbffb348a9e08cde6dd1a98fd	30.65%	Heodo
2020-09-24	REP_SPP_090120_UBK_092420.doc	doc	2c9f95721bca3535da3fda89ec8fe49002a06a7fe0aa92c9dee5ad34872c388e	19.35%	Heodo
2020-09-24	INV_218466494910.doc	doc	85264b8b2a7f29ff8c64c3de97d3e17a58c4aa09c6a67460d5be96117461224b	n/a	Heodo
2020-09-24	UXU_XX8393294279FP.doc	doc	267834c0d23e344ce20d8814e0e5499c7f5bc32fbda08c9ebf721a3dcb2efe26	24.19%	Heodo
2020-09-24	PO_09242020EX.doc	doc	f6f1cf12aa5337999c20c4cfd641254575e981ad7c463944cfe676ec92a23165	n/a	Heodo
2020-09-24	UBV_21848826.doc	doc	df802c906676713581817048e135afe20200029ac5ff1c840ba82b5bbcda75ca	22.58%	Heodo
2020-09-24	DOC_491187860362.doc	doc	32bbcef052b442f62a2fbb0c5dad498dcb779148f31f2e51d4f7a38245024f8e	n/a	Heodo
2020-09-24	INV_UJCZP15B.doc	doc	7e78d353bf29cfd042c3741647fea216a70d735df0b286f87383bc7732e6ff23	n/a	Heodo
2020-09-24	DOC_PO_09242020EX.doc	doc	37b5d86751a2c999901df382ddadc7aa72d891a4e24ef527e02266ffab2efa41	n/a	Heodo
2020-09-24	IL3134469493TP.doc	doc	460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974fe	33.87%	Heodo
2020-09-24	E_J97NCWRHL.doc	doc	3321abc9c460868cfafe80f968ccea4254b02ede808bcabe4dd58055ffddb358	n/a	Heodo
2020-09-24	LL_NT9639486670QT.doc	doc	bf6caeac64ebd3eca96f936635d26ea90e62f1093b72146a98a20623a13688cb	27.87%	Heodo
2020-09-24	QW_04677096.doc	doc	14d3028b892573f0d8b812deb455b13424beb8580cd1d928cabdbe4c613a7e22	n/a	Heodo
2020-09-24	FILE_IN3704594547EM.doc	doc	994f606a00cbfa00d23303bdaf545487afedc4d6fe4d580890a702d11411885c	28.33%	Heodo
2020-09-24	FILE_29486433.doc	doc	b109f9bea346849203b79acaf03255849b23a431d1179bb93ccd213a92da3b39	n/a	Heodo
2020-09-24	V_71522306.doc	doc	7e5a42a73c29e93f48c97d924845eef4cce7d6a931dadaa19068f78f4bb83015	n/a	Heodo
2020-09-24	PL4993753053GI.doc	doc	d9e5e99a04e37db7783f369c532e2e6d5171b90a286f2c397fcd6356a1abcce9	25.81%	Heodo
2020-09-24	E_84096045.doc	doc	94b624741c1f94566cdff34893b864991875391da2ac00168f15691c48043367	25.00%	Heodo
2020-09-24	46460599605263296.doc	doc	33c770f81db667213e95c2c605c64bbb8aaedd59dc212d411eee46171f3020a3	n/a	Heodo
2020-09-24	QM3D21HVC.doc	doc	e5b9b4889b3cad8f0920a0d4153cab5517ce077683139476f36bc1bf91652725	21.31%	Heodo
2020-09-24	9FPAPOG2Z54WF.doc	doc	573cf8b0e537a825c17e7f74be98dc2516d0b509eb22cc7a259717e53d50ec53	n/a	Heodo
2020-09-24	DOC_PO_09242020EX.doc	doc	5b276cd9dc10cbdf1dc7dcb147761fea97b3b9407dfd13b460721747f767238f	n/a	Heodo
2020-09-24	R_PHF_090120_TGE_092420.doc	doc	9530d202be6692b15721f936a6cd20a7319a5dc92e97e12b532ceb3d74641753	n/a	Heodo
2020-09-24	59781721.doc	doc	3aa1d5ce7ed49ce9dba790282a20ea4768c173c06418f513522ee6d401aa527a	20.97%	Heodo
2020-09-24	FILE_976199600640446938088990.doc	doc	eb7751cd57d85eef7c674547d3a40c0eb9758d9b893fca13e639ac5fbf0fd39f	20.97%	Heodo