URLhaus Database

You are currently viewing the URLhaus database entry for https://palafex.com/wp-content/INC/qN8iZfFuw9r5fAsa/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	615606
URL:	https://palafex.com/wp-content/INC/qN8iZfFuw9r5fAsa/
URL Status:	Offline
Host:	palafex.com
Date added:	2020-09-28 07:40:06 UTC
Last online:	2020-09-28 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-28 07:42:13 UTC to abuse{at}arvan[dot]ir)
Takedown time:	8 hours, 25 minutes (down since 2020-09-28 16:08:01 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-28	arc_20200928_MB656.doc	doc	e2dcc502dbfd89abcc734d23ad35f6b20ebf7fce35ba4cf7aecb716acd5d9c71	n/a	Heodo
2020-09-28	Attachments-037.doc	doc	6475756c88e423c4da1fc069bcb97909e3c18ea68bd40164abefa00cd5aa4758	n/a	Heodo
2020-09-28	9757 2020_09_28 ZJB522252.doc	doc	90b5f100db7341b2495c748b065e22c02cb9851a35759168f09d015710ac2f1f	32.20%	Heodo
2020-09-28	list_2020_09_28_J990.doc	doc	8ed37594d6584e0799753a477d07666bf837b8b655d82f4e66efd1b236209e5f	n/a	Heodo
2020-09-28	Arc A5780.doc	doc	05d211a76b7dfa7c4cdd3b5865e73248164464f5a97c5b3b51e0b6e06fc6fda9	n/a	Heodo
2020-09-28	List 9404.doc	doc	1f8ec4f43a822987e0d084649f52bdcc439465804a71f47c8c6a086723feb4bb	30.65%	Heodo
2020-09-28	mes-GBH8217.doc	doc	c41f70d35decb29c3b6e8f406423d0747fb4bdbdd66c54a01cf86567c4ce603a	n/a	Heodo
2020-09-28	Mes 7583778.doc	doc	3a9ad1adfb25f584b952d1ad565b13d074f0a2b396249138449c29016187e362	30.65%	Heodo
2020-09-28	Attachment MP822.doc	doc	2dea2c6adc30cf2bfecbc99581061f715ec35d2a52592359fabcc6373ae63d03	n/a	Heodo
2020-09-28	rep 2020_09_28 8889.doc	doc	b993db6027f3ab4a8a0bf84b89deebe50f9b01854a5849be661ca177a6ab6b1d	n/a	Heodo
2020-09-28	INF.doc	doc	82da3daffe6bec3ea5b8a5e9897d4491d5546f3205b86d40781b14ae8428c642	29.03%	Heodo
2020-09-28	Mes_20200928_PZ630994.doc	doc	f82b052393cee12ae48129071061e5ec4a8847598bb634cde1930bb8e3fcb21a	n/a	Heodo
2020-09-28	Doc_2020_09_28_NC2419.doc	doc	91646523a0f07719b33e85b40459fc5b5f963597e0c28b080523878c5d4f828c	30.00%	Heodo
2020-09-28	file T34399.doc	doc	393a299b00878cc2ee1144a56c9a9a50d7201d9e2a6d9f88a5100e0ea644ed25	31.15%	Heodo
2020-09-28	Doc_2020_09_28_NF61701.doc	doc	8b9dc4a4d093ba6512626203861d2a2f870ea4e8c403392bff15b5994284473f	29.03%	Heodo
2020-09-28	list 20200928 SOO0767.doc	doc	0e0e0433ed03da08a0f5c04edc298d1fb7d169e296a5395752903154946ee846	n/a	Heodo
2020-09-28	LIST-2020_09_28-ER349127.doc	doc	7927857c4b1dcec9436a825b84c90105e6ac82cc863b74f8aa821e36645fbddf	n/a	Heodo
2020-09-28	REP_0667.doc	doc	2be4930444a8fa58818baa0167214374b9bf0fe31f99d57f232bea1aa0e2daa8	n/a	Heodo
2020-09-28	42440441_NF2413.doc	doc	50bef11268e4a6c5d13e83800177e1957fad3d991f8ceea729166bac747f69fa	25.81%	Heodo
2020-09-28	MES 20200928 AG999.doc	doc	79a644f95bea07a6037876d6bb87d78f3b8086d125855ab70c4e8dde6943405c	n/a	Heodo
2020-09-28	INF_L480534.doc	doc	77a5ce5a7dadc4224e8c5948cb2fbc53d3de18ce501b6e403910c8c98b0cf7fb	n/a	Heodo
2020-09-28	FILE_2020_09_28.doc	doc	724c3e38a059659ba8ae1956b91aa8fa3d064d3f56c9123e518ffd02b32b4758	n/a	Heodo
2020-09-28	dat_20200928_638.doc	doc	984e84ac950ad50b540bfd1610b17d5c9c8b78c09f0645205575be175b5757cc	n/a	Heodo
2020-09-28	INF_20200928_520810.doc	doc	adb275a9d586ffdce9c11b1682d836cfd913b9fb67846c7f0e300dda34c0a9e9	n/a	Heodo
2020-09-28	UNTITLED_143.doc	doc	4569bc2e1ac13672c6927936f038ddf0e88b3de1fff148824ea53136f3aa7c8f	n/a	Heodo
2020-09-28	Inf_20200928_RHB503.doc	doc	01bd1ac3283be5ae08dec7a54aa614d97721d276b8b567a98c0fde8337c7096b	n/a	Heodo
2020-09-28	MES_8444.doc	doc	87949cd6634619957742e08d726837cd882257e0e9073ba608adaa40c5e09851	n/a	Heodo
2020-09-28	Mes OH3450.doc	doc	060193c6b16cebe604d55e60cc04c738830a56bd46316ad3ba0f5ef26bc5b806	n/a	Heodo
2020-09-28	REP 1377639.doc	doc	5f1b8f44eea91442867d766a536c262db0c65a55021ee1dc853917d32c1f1776	n/a	Heodo
2020-09-28	file-20200928-OI147566.doc	doc	513c4099afc8ef304e95c9ec465b89100f31b849d422f051a854c4a28cbde144	n/a	Heodo