URLhaus Database

You are currently viewing the URLhaus database entry for https://www1.bheringadvogados.com.br/wp-admin/lm/mf0lvd7dgxsy/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:609829
URL: https://www1.bheringadvogados.com.br/wp-admin/lm/mf0lvd7dgxsy/
URL Status:Offline
Host: www1.bheringadvogados.com.br
Date added:2020-09-24 11:10:35 UTC
Last online:2020-10-01 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-24 11:12:03 UTC to abuse{at}digitalocean[dot]com)
Takedown time:7 days, 7 hours, 2 minutes Bad (down since 2020-10-01 18:14:04 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-25REP_621341984209581.docdoc 8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2Virustotal results 35.48%Heodo
2020-09-25RWW_090120_VBS_092520.docdoc 870bc543d566751893f393fcf0c7abd3bceadb183ce2f7384e8922bb56a5bbb9n/a Heodo
2020-09-25FILE_XE0196898170OZ.docdoc ddca7bd9923ea1a93f054a8ea4c749b80793daf20550c9ee2f4e63446572c400Virustotal results 22.58%Heodo
2020-09-25D_24372729.docdoc fe3018c09ebbc1ba8e04839eafcb353384ffb23b0be6729808a820abc068b280Virustotal results 30.65%Heodo
2020-09-24UDWD_41763620.docdoc 89825271f1b18375f523320908826b553e9da21bce402e9844bd3d55446fb509n/aHeodo
2020-09-24DOC_430QUGTIDJZEZP4.docdoc 7732eb513243e6e3a764a526f3e87061885357e7adc6901e3ff647b039b4bda0Virustotal results 30.65%Heodo
2020-09-24H_71799058908237.docdoc cdd71002bc856432c4601d28ab82f21a59cc5dfd779119a556b6e353a3a9f5efn/aHeodo
2020-09-24BAL_PO_09252020EX.docdoc c8e1fe8c16784222fdc737735ed29812a5f1721e61b75f3386fa6ea802c9b525Virustotal results 21.31%Heodo
2020-09-240VTZ0FFKV9Q3PBBH.docdoc d0d83818424904de50c76c45ef3c2bde9e3d7a9527fa2ad35524721ab65f0f2bVirustotal results 23.33%Heodo
2020-09-24FILE_VL4921735957OL.docdoc dcd26d0a6efa5d5e5d222fb2514b682c86ffb540ef7defc9f034278cc7857adan/aHeodo
2020-09-24BAL_PO_09252020EX.docdoc 3f84ac47fd385bddae0dd0a222cbc04e5dcc35aecd25d8d02f94f719237af3acn/aHeodo
2020-09-24R_PO_09252020EX.docdoc b9211d9fdc8cf882f69237754fd387b887bd80a07f2abe12c2f687dd04ec3ad4n/aHeodo
2020-09-24INV_43930046.docdoc 27e7e0f85c78285a86b3f66a5594a39f650bb2fc35c1aadafcb56b4f475ff7a4n/aHeodo
2020-09-24INV_02850152369400.docdoc 715f9dc1efa5fca591ca9ec3b12ea2cbfb023fdeb8f0964988c191a7be6166c8Virustotal results 29.51%Heodo
2020-09-24FILE_YN4395239707JR.docdoc 0d6de09715c2540ddecff9f789615db1ea094b991d2a6417c3c086eb6e77e609n/aHeodo
2020-09-24INV_AIX_090120_GWF_092420.docdoc a72430246d4ff63a287ccdb3d3eb1eea24af39ec67b6452658454f115f5a146cn/aHeodo
2020-09-24RBS_090120_LMC_092420.docdoc e065d7a8263671a9d5afd66e671dd1d8cb12ccadcde39686f63b37c411d977ddVirustotal results 29.03%Heodo
2020-09-24M_7WY81ZE9C2QC4.docdoc 520c035bd0bd60fac0008ee46cd8e3eab4dbdc31d8270d9559efb1e7b5016c7cn/aHeodo
2020-09-24MQKN_45018329.docdoc 35ef0a522e2f7f98db76cd53d203d6389d65b2c0337b598482f1ca0fcfe5953dVirustotal results 29.03%Heodo
2020-09-24DOC_82IUF7H551W.docdoc f6f1cf12aa5337999c20c4cfd641254575e981ad7c463944cfe676ec92a23165n/aHeodo
2020-09-24L_1757198623496006545.docdoc df802c906676713581817048e135afe20200029ac5ff1c840ba82b5bbcda75caVirustotal results 22.58%Heodo
2020-09-24BAE_090120_NJY_092420.docdoc f4cdb0cf1e18b01770cdf90fa136705d5e87332c022ec887a35615ed40f33466n/aHeodo
2020-09-24IOJ_JM3GYRPJB3.docdoc 60b9c51a988490875a152231c3217de228b7406a1378ab07263aea7f02ecd3ccVirustotal results 20.97%Heodo
2020-09-246E4LYIGBG.docdoc 8b90ba12e56de7cf064ee54d147a39175bea9149cef12b45b5fcc04b43808d9cn/aHeodo
2020-09-24KO3139908669KP.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 26.67%Heodo
2020-09-24PO_09242020EX.docdoc bf6caeac64ebd3eca96f936635d26ea90e62f1093b72146a98a20623a13688cbVirustotal results 27.87%Heodo
2020-09-24PO_09242020EX.docdoc 93c0790b6cd535f144d4fa5ee875e3fbc326b0572a4cb139f83195f4761fc370n/aHeodo
2020-09-24DOC_417830439.docdoc 0b102ec43b4bf3d7459491664e5c2f731286d92134e87e00967a144e59c28ad0Virustotal results 29.03%Heodo
2020-09-24INV_FLI_090120_PZD_092420.docdoc 673b66564bc293cc5e89a33f4b16692f12071b7984f57342f1e011ddd5cc96d0n/aHeodo
2020-09-24PO_09242020EX.docdoc 3094430b3d76d53847a19a95eb5729490be7efc8f68feb4b57aeb8fd72c94ee9Virustotal results 21.15%Heodo