URLhaus Database

You are currently viewing the URLhaus database entry for http://cookingbuffet.com.br/wp-admin/FILE/3gGLTKnIGXo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:616715
URL: http://cookingbuffet.com.br/wp-admin/FILE/3gGLTKnIGXo/
URL Status:Offline
Host: cookingbuffet.com.br
Date added:2020-09-28 14:28:36 UTC
Last online:2020-09-29 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-28 14:30:04 UTC to abuse{at}hospedagem[dot]net)
Takedown time:1 day, 2 hours, 57 minutes Poor (down since 2020-09-29 17:27:12 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-29925969-2020_09_29-700.docdoc dfb7fbf86fb1570a1800e0e7134f58fb4babb231287e95aa698ff283ce1b45e3Virustotal results 37.10%Heodo
2020-09-29File 2020_09_29 VER094.docdoc 580246219be347bf85db0a8d380f645d3c0642510d93a27dbe449a801d0b7025Virustotal results 37.10%Heodo
2020-09-29LIST_2020_09_29_E087579.docdoc 70be43689fc27aa0f064d7094d74a13f025c25c6174bce02f75c8953a39a661aVirustotal results 37.70%Heodo
2020-09-29546H_2020_09_29_6090.docdoc 65021d78e36b926f2d707ed3ec8162458f8f9fa93b435a74d8ba57b7a46b5fe0Virustotal results 37.10%Heodo
2020-09-29mes-2020_09_29-0267417.docdoc f8ad27deb252e8ddcddad774c4b169c95cb3fa8a79d38d934fe72901304ab1afn/aHeodo
2020-09-29Dat 2020_09_29.docdoc b3f65fb7bedf59f56ea0f69f44744cc21d6fe74cd07ce1c66a4acfc1e9267768n/aHeodo
2020-09-29FILE_2020_09_29_3314.docdoc 38b279f0aaa0e8e18af504e170e42b1fd63403cbbe5148d93639052b30e03fd5n/aHeodo
2020-09-29REP-2020_09_29-000.docdoc ed8130dae0bd49af3066f45c3a331845416a6728ae51870d4c515c17ad13224dn/aHeodo
2020-09-29doc-20200929-8861539.docdoc 2d5865da0724161f447942466a8db75f6eaf4a66fab25679472abc2385df5769n/aHeodo
2020-09-29Untitled-20200929-056676.docdoc d0147b6f5c086e57ac825b58766d460a2ab5a539ade9ce0dd89949e61f1c77een/aHeodo
2020-09-29MES-20200929-0651398.docdoc 169e983f778fefbcc2df2a0f5b6c85b2ade68f5293fcceaa2c6b28833cf0d0d1n/aHeodo
2020-09-29UNTITLED-2020_09_29-I512.docdoc 1340d8450093c4b10ffd24cd42262a4c1115b9f6e0a8a7c0bc184f9973cf8b6bn/aHeodo
2020-09-29arc 20200929 897411.docdoc 658bf819d7e6b0baafd4e46ba41a1984adea5dfe3e73194e110623c819efb8dfn/aHeodo
2020-09-29LIST 2020_09_29.docdoc bcc520a7c5542f305e98d2eddf75f362f4771597d4e51101ea9485aac97614e6Virustotal results 37.70%Heodo
2020-09-29Arc_63881.docdoc 4734288e85d6c3e9300ac2c1cbe27e866f93b509befa8f0aeb012fc5de0acaa0n/aHeodo
2020-09-29REP_JMJ74342.docdoc 246477a658fa6ecb8e5a5a6509eb87dc115c85a3cd1d465a8667f2cd468aa4e9Virustotal results 33.87%Heodo
2020-09-29DAT 2020_09_29 VVF134480.docdoc 085bd44289d94c5a4c9f4b533a6c4c65d15d751153585af0272085401818dd04n/aHeodo
2020-09-29Attachment-2020_09_29-PJK11974.docdoc cbbd7ed4de288e481568bfd404ee416c9654434c90d5453323245df46900c45aVirustotal results 32.79%Heodo
2020-09-29REP-TPH6904.docdoc 54f986a7c4d63bb4318487b8abb982035542b034084b85e68a6f22edbd7d3b01n/aHeodo
2020-09-29File_2020_09_29.docdoc afa3c59ecd5a7ea34b729710fb369a12eac463e7538b0fc2a72d5d10f9428b5an/aHeodo
2020-09-29LIST 20200929 TKN243.docdoc c4d71bfae9a53000542d7ed153b108ab1e860f71a1d39584eebf0c19ed44de4dVirustotal results 32.26%Heodo
2020-09-29Inf XFO979867.docdoc 6507d66845c1e70cacab4feff11c6c27b240665a19d909a816639c3a59406562Virustotal results 30.65%Heodo
2020-09-28Untitled-20200929-8130.docdoc 355499f144efa41f21d80a9c65951bc118d0198a598fbe5c252c1fe5e64cde9aVirustotal results 29.03%Heodo
2020-09-28Doc-2020_09_29-321290.docdoc 87db481003cf7afd6d3cda5e4f25cec1329d666c4238e33a8dcaa986267b1d97Virustotal results 27.42%Heodo
2020-09-28A6188-2020_09_29-T377375.docdoc 203faceaea459744bcbda58dc7d1805054c4cbc185f4ffb562a9a24cf8a3f8ebVirustotal results 27.42%Heodo
2020-09-28Untitled-20200929-JJQ072551.docdoc 9fcd248c2fa42d29896ea9274c9b7f05eb7a278c36aeb3aa1ab0edb3ad4bcc37n/aHeodo
2020-09-28Doc_D632.docdoc 25ba07757eed7d8e7d07336a49141f5ee33fa19b03abf8e4dffdc67175f64b7bVirustotal results 25.81%Heodo
2020-09-28rep_20200929_688788.docdoc eae4c4408a16ab90642f53d8f648ce1b1e227e6c61268768c5ff40f61c20d358Virustotal results 32.26%Heodo
2020-09-28DWR1024-2020_09_29-6640235.docdoc b1536376623a3ee055f99e8f84ca15064207d45742c50d65d7e7f70f9fe2c241Virustotal results 32.26%Heodo
2020-09-28arc 20200929 I473.docdoc 892671eed8cd1e26b5209503d1c9ffed3e3f04ec5760e421662e1b9df31177dan/aHeodo
2020-09-28Arc_20200929_T2595.docdoc 84e86cacb1380fa9a15a3e972787fba140cb9d1e975013c8ac4027c58da8ca99n/aHeodo
2020-09-28Mes_20200929.docdoc 3ab1c84503217087f45e8cf1acaef86781dfee20643e93e0d982dba8803fe719n/aHeodo
2020-09-28File_20200928_7123375.docdoc 197a7cb82ed5a1f79ff6f518916a55b078c32f1550af80e923217ca5b18947f4n/aHeodo
2020-09-28INF 20200928 BP866.docdoc afd0c4b383aa028dbaa587c9cf8ceea3774ddcaf8444409cef14df65169f09fen/aHeodo
2020-09-28Attachments-20200928-R31391.docdoc 418779f7e3de5992552219a719f174d1005847e138b4d3794b9fe9723941b8e8Virustotal results 30.65%Heodo
2020-09-28Attachments_5248.docdoc a0e2b2e8156f518733940d037cc511d0fb14dd4a37a0123d5c3379142d8e00aeVirustotal results 32.79%Heodo
2020-09-28Mes-2020_09_28-5568408.docdoc 69aab82e57e21f76a74e77351c9e716361e4ed669c1545e0a2676cd7f80b3352Virustotal results 32.26%Heodo
2020-09-28MES_55245.docdoc 672bfbd35877ee7731d1c2044f08adc0c99bb5075a364f5cf2c92a27f1424dabVirustotal results 32.26%Heodo
2020-09-28DAT.docdoc 35e2c95e440b0544928138cde2f7a90406a33d9907aa72661ab482740a8c4d28Virustotal results 32.26%Heodo
2020-09-289915LDX.docdoc 9229b8aa910b6a3a82477341ff66c9e89779d37ee24826a7b4c370fbd0bf4e62n/aHeodo
2020-09-28Dat 20200928 1738.docdoc 4d41792ab2c9ae9f5d105deaedb463f2ed52d8c71f27113927485bfba6d91c0cVirustotal results 32.26%Heodo
2020-09-28Arc 20200928 CCW757.docdoc 2e04dab1ff71f96516a9393c2b162a5fae0a7a2785aef001be2e3402137d32bbVirustotal results 32.26%Heodo
2020-09-28Dat-2020_09_28-KH4950.docdoc 4ce335c849d40d844476142ccc87b96534ce01cbf047b0425a040dd7afc11a15Virustotal results 32.26%Heodo
2020-09-28inf 867646.docdoc 9c492163f7a544e0a8fe850474b60845b884345f7632bc27bd5522995f6dd5a4Virustotal results 32.26%Heodo
2020-09-28inf-MU8834.docdoc daa3c317fc32505e60e473931131c93bda40d01380cc57281d2e7ab9dcc6612eVirustotal results 30.65%Heodo
2020-09-28Attachment 20200928 5388.docdoc a3bd205080725ad3e20e6aab3c672e8d19ac2249485569d1db861f68c26ae867n/aHeodo
2020-09-28Rep_20200928_UJ8093.docdoc f6f12692d3d01e737fb9b7a93ddcaf4d444352fcc4755ae7d45e92df5ef45ef8Virustotal results 30.65%Heodo
2020-09-28Inf 20200928 R378.docdoc 593ae7407c695146a90b5935fb4daaa47bf1b4e14181e09ec639f109ecb6cd99Virustotal results 29.51%Heodo
2020-09-282054463.docdoc d9ebeb21e14d6630198f0e495104d2c5a1ec4b726849930f5d71148fcbb0e834Virustotal results 30.65%Heodo
2020-09-28Rep_S1440.docdoc c7678263136c72eae4c2d6509a5b7b56e6a1737087b40b9757c0bc424b627fd5Virustotal results 29.51%Heodo
2020-09-28File-20200928-M138.docdoc 6475756c88e423c4da1fc069bcb97909e3c18ea68bd40164abefa00cd5aa4758n/aHeodo
2020-09-28doc_20200928_A053.docdoc 08a4f15bc80d74cee9e99f6f8abffab083d993aeb388fdcc87491915139de532Virustotal results 30.65%Heodo
2020-09-289746BC 2020_09_28 XLB9875.docdoc a748f6864ba85fd8d3950f3de775ba684827fad6856a82726df78a17a884888an/aHeodo