URLhaus Database

You are currently viewing the URLhaus database entry for http://givingthanksdaily.com/LLC/xfxi1EAXPY/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:616377
URL: http://givingthanksdaily.com/LLC/xfxi1EAXPY/
URL Status:Offline
Host: givingthanksdaily.com
Date added:2020-09-28 13:38:09 UTC
Last online:2020-09-29 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-28 13:40:40 UTC to abuse{at}servercentral[dot]com)
Takedown time:12 hours, 32 minutes Good (down since 2020-09-29 02:12:55 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-29GF7814-20200929-LAE774916.docdoc 085bd44289d94c5a4c9f4b533a6c4c65d15d751153585af0272085401818dd04n/aHeodo
2020-09-29Dat-20200929-603.docdoc 3616c1487b9cbaac756421f8c87bb87c66c99191ef05faeca197b9ea6f99ed12Virustotal results 32.26%Heodo
2020-09-2931553817_1415314.docdoc 54f986a7c4d63bb4318487b8abb982035542b034084b85e68a6f22edbd7d3b01n/aHeodo
2020-09-29MES-20200929-7813472.docdoc afa3c59ecd5a7ea34b729710fb369a12eac463e7538b0fc2a72d5d10f9428b5an/aHeodo
2020-09-29Attachment-2020_09_29.docdoc 431d361d091946539cac8ed89298e63de4e17531277e185f37c063dd89273ef6Virustotal results 32.26%Heodo
2020-09-29mes_14782.docdoc 6507d66845c1e70cacab4feff11c6c27b240665a19d909a816639c3a59406562Virustotal results 30.65%Heodo
2020-09-28UNTITLED-2020_09_29-OQ01730.docdoc 355499f144efa41f21d80a9c65951bc118d0198a598fbe5c252c1fe5e64cde9aVirustotal results 29.03%Heodo
2020-09-28List-BU7791.docdoc 822600fc7c81e8f5a12a4ff52869d121c2adcf36c2b3922a68213f4de2bcc769n/aHeodo
2020-09-28mes_DIS831560.docdoc 87db481003cf7afd6d3cda5e4f25cec1329d666c4238e33a8dcaa986267b1d97Virustotal results 27.42%Heodo
2020-09-28Doc_2020_09_29_LL335.docdoc 203faceaea459744bcbda58dc7d1805054c4cbc185f4ffb562a9a24cf8a3f8ebVirustotal results 27.42%Heodo
2020-09-28Inf-ENK831518.docdoc dadb16f08fe25c42bd7288b792eeb520d80dafb26c05bd0f61eba97663e01971Virustotal results 25.81%Heodo
2020-09-28Doc 20200929.docdoc 25ba07757eed7d8e7d07336a49141f5ee33fa19b03abf8e4dffdc67175f64b7bVirustotal results 25.81%Heodo
2020-09-2888985KFW 20200929 872.docdoc f317be75ff7d7bdb08b0bdf2f4252109948411c85935c5399577308128702cccn/aHeodo
2020-09-28Dat_2020_09_29_VT79334.docdoc d72853f4f43479b5cf54a9a6cd20d3c0ed1758a6c370a4515f1b2d42aeb08ea2Virustotal results 32.26%Heodo
2020-09-28List_898.docdoc 2fec3e86408b30ba200afbf0ccb22c5d8df592605c3df4e442fc2fc3a46da1baVirustotal results 30.65%Heodo
2020-09-28Untitled_621689.docdoc e5910fadbe07c6555b9ee8e2cf28cf39660860727162fea3bfb5bd9284124a5dVirustotal results 30.65%Heodo
2020-09-28Dat 273.docdoc 3ab1c84503217087f45e8cf1acaef86781dfee20643e93e0d982dba8803fe719n/aHeodo
2020-09-28Doc_20200928_R714429.docdoc 10a2ced9ec8e9023b2fa226f9840ad08c2a81c68b44f949afea393d8a0b5bb3fn/aHeodo
2020-09-28Inf_20200928_186251.docdoc 2013dc8db9b88304377cc8b1d205afb8643b81d5f7e40dc5774fbedff0d498ecVirustotal results 31.15%Heodo
2020-09-28FILE 20200928 012248.docdoc ad477afdea97a221878ddff802a9efad5559f7b83f41d0f4bc7f35d29cfcab97Virustotal results 31.67%Heodo
2020-09-28dat_131.docdoc 0a30286f2c6136992c19ec3d8b6d67aeb198133f5e4fd0fd477ffdbd1a3b2c5fVirustotal results 32.79%Heodo
2020-09-28doc_20200928_WD460776.docdoc 3292fe38076db366610a063cbf27666b3e9e5b7b1e0d5e82dfac2a988d125b22n/aHeodo
2020-09-28File 2020_09_28.docdoc 0fd51cfbcba392cc2bb5b6a5f25cd2152dc138de07f14a577776677ac9351001n/aHeodo
2020-09-28Rep_20200928_ZDL8026.docdoc 9229b8aa910b6a3a82477341ff66c9e89779d37ee24826a7b4c370fbd0bf4e62n/aHeodo
2020-09-28rep 2020_09_28 1085.docdoc 6d246823a6c13ca1269075bbcc8d619785c260a0e5520a11b83e677083282d11Virustotal results 32.26%Heodo
2020-09-28Doc_20200928_YIF94030.docdoc c1d49e8306477c3202a034af2e62753df8948a2f0c47c6b4d2e7474c77550659n/aHeodo
2020-09-28DAT.docdoc 57b450c695580f912c5cb17fc7e8ca1a41f3513ade9a69efc71b9264fa34598eVirustotal results 32.26%Heodo
2020-09-28rep_20200928_DY8051.docdoc f02f4cd828c7c1d2144e73e75fc8bae4e303ed68c306f33306efb6b467455c39n/aHeodo
2020-09-28doc-20200928-153.docdoc 47c3e3c12abc9b5a190dc7db8e44a588026cd449785b1ec629df2c7759856388n/aHeodo
2020-09-28Doc LF38360.docdoc f4cb257106066de46de71a0437a02d81290c038478d9df98c82b84b9b61aa5b3Virustotal results 30.65%Heodo
2020-09-28G76953-WB087.docdoc f6f12692d3d01e737fb9b7a93ddcaf4d444352fcc4755ae7d45e92df5ef45ef8Virustotal results 30.65%Heodo
2020-09-28Arc_0321.docdoc 593ae7407c695146a90b5935fb4daaa47bf1b4e14181e09ec639f109ecb6cd99Virustotal results 29.51%Heodo
2020-09-28DAT-23433.docdoc d9ebeb21e14d6630198f0e495104d2c5a1ec4b726849930f5d71148fcbb0e834Virustotal results 30.65%Heodo
2020-09-28rep_2020_09_28_99652.docdoc 0d9c32dac753bdc7140072517298cbfc1f5ed0ddacd880c8a3551a897b2b0034n/aHeodo
2020-09-28inf_20200928_2186.docdoc e50ac8ad752bf7efab075176be571435f15a55838626de091f726f12cf598590n/aHeodo
2020-09-28Mes RQI6397.docdoc 90b5f100db7341b2495c748b065e22c02cb9851a35759168f09d015710ac2f1fVirustotal results 32.20%Heodo
2020-09-28MES_20200928_L51072.docdoc f03c18b8a3f849e1ec67fe282922d0d6eb2b014434ec1943718d96248d8fddfdn/aHeodo
2020-09-28Inf 741755.docdoc 8ed37594d6584e0799753a477d07666bf837b8b655d82f4e66efd1b236209e5fn/aHeodo
2020-09-28dat-20200928-140.docdoc 41d12ce30d39e1fe3c6a82c72157328dcd6f2f7e0480e7356f3d76616f5a31c1n/aHeodo
2020-09-28REP_20200928_8004218.docdoc b1bddc5dd427bf7ee904f1ef293f9c294a495bfe0cb38f7b6a96d1d71aabf781Virustotal results 31.15%Heodo
2020-09-28Dat 2020_09_28 0183.docdoc 957985f6aabf67836665e90965b389ac49cbc47768900635a43a86ce6422e464n/aHeodo
2020-09-28Attachment-20200928-RCH377.docdoc c3010940380d80705e12a2d653c4ecbf67c5f27166984743d1a682bbab3ebb96Virustotal results 30.65%Heodo