URLhaus Database

You are currently viewing the URLhaus database entry for http://www.faceshield4all.org/wp-admin/lm/cXg9ptMOo3eroM889jee/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:619031
URL: http://www.faceshield4all.org/wp-admin/lm/cXg9ptMOo3eroM889jee/
URL Status:Offline
Host: www.faceshield4all.org
Date added:2020-09-28 21:08:03 UTC
Last online:2020-09-29 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-28 21:10:04 UTC to abuse-ripe{at}hosteur[dot]com)
Takedown time:19 hours, 15 minutes Good (down since 2020-09-29 16:25:25 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-29Arc-20200929-8188.docdoc 57229d906148c6f3778a3c63cca56a2130ae7815b9d77c017d06140bcc7ccc7eVirustotal results 37.10% Heodo
2020-09-29arc-PR335715.docdoc af16fa450a1498ff81000094039ebdfd9d1517f0002b86d9dfa214e1ae474636n/aHeodo
2020-09-293333T 2020_09_29 TDM81129.docdoc af7c73e34b40cd0fb54d465470a93b8970b711a2793f3341f48aaf5e3abb8611n/aHeodo
2020-09-29rep 20200929 TVP17353.docdoc 36363faaf4f9c78ef442d4f44ba04cf7e3f1bb1c65c1847492cdd10004395e19Virustotal results 33.87%Heodo
2020-09-29arc_20200929.docdoc 38b279f0aaa0e8e18af504e170e42b1fd63403cbbe5148d93639052b30e03fd5n/aHeodo
2020-09-29Attachment_2020_09_29_04584.docdoc 2415846d6579d0de479c9649f6264dfba2c58a9be7405a75c13c83c4170b5d6dn/aHeodo
2020-09-29LIST TML6172.docdoc c45e98d9c02f898d3f7f7f86e60bb708155c604c1125c3dac174e757bcfeb775Virustotal results 30.65%Heodo
2020-09-29mes 20200929.docdoc 99a68035cce1da220ffd1445a21e399fa1829e89bbda973b8ec6a3dcd6e8f4d9n/aHeodo
2020-09-29INF-20200929-X577678.docdoc 2184b04d9d840af86cf5ca1ce1456ee071aa92eb2fe601363e6340eedcbbcc79n/aHeodo
2020-09-29MES-20200929-RML93081.docdoc 235c504a271d6c34d21625ff2cea2273944ac5e054666fa3294e69c5d62e6f23n/aHeodo
2020-09-29MES 20200929 583.docdoc 1d628dd2fc18ed9459e1b461057b8f84abe9ce536721249edebb1ff5a8d59038Virustotal results 22.58%Heodo
2020-09-29REP-2020_09_29-F8883.docdoc 98ca5617082e699b7edf525fdceb3e43d181d5907503029ea680366ec177d376n/aHeodo
2020-09-29inf 2020_09_29 H003.docdoc 61fa86d57f5bd8416845fdff78646dfb24b6c8e7da232d2e88d60190b629d366n/aHeodo
2020-09-29arc_20200929.docdoc a6ef533329e673aa63f98fddaacbde879cfcf93744a97276cfc81a4afd951526Virustotal results 24.19%Heodo
2020-09-29Dat 2020_09_29.docdoc 537faf166e9635b27ed7122d94b71cfe50d7efa925cd39680f7ebdd7d74c1ac5n/aHeodo
2020-09-29mes-20200929-R442262.docdoc cac06b51ffab60f06e2c63890ef00ee519095bdb694fcbf45f78ee1b0e6607fdVirustotal results 22.58%Heodo
2020-09-290059014-W079.docdoc 0fecfde61b7f7f3534c0bc1768d898beeef96c53f2ff2aea67835319b4c5fe91n/aHeodo
2020-09-29List_2020_09_29_K747364.docdoc 5c9b61e7c24cc5d8b1dfdced53ee0347071660ed454abca451ec9ef2c1dca7e1n/aHeodo
2020-09-29Untitled GU219.docdoc bb38fd4e0a51bea16ec8751b920cad8962b536c4f11a5e14da6bea46ae0c6138n/aHeodo
2020-09-29Untitled 20200929 F05921.docdoc 3406b7d18aec4c1ae48b1ea830fe5fb442d480fb1a6a5e3b5121d01f796cedb7n/aHeodo
2020-09-29rep 20200929 73476.docdoc f81dda880a80e023ad07c79a2c75a4f1e372a11c97edcdf97b57565c8987d651n/a Heodo
2020-09-29REP-2020_09_29-1503.docdoc 3c75ed8af10c5b4edceafce4736440fc1b3243e88e43b8380adf7097d716ab10n/aHeodo
2020-09-29rep 20200929 17360.docdoc eafccb99b1d640491547d4449feb5cec8d14374e9d8cc833f6152cd684b3f5e7n/aHeodo
2020-09-29Untitled_UM395089.docdoc 2f55dc605b861cc034fbd6aece9b487a969e5b98b6128e4d80728a377ff8eea8Virustotal results 24.19%Heodo
2020-09-29inf.docdoc 71945d2ef3897e2352fd1c1a07f081df335369078ce57a379e28d402c2ebf37bn/aHeodo
2020-09-29REP_2020_09_29_AJ3144.docdoc 7d083b80052d8095b54f8b51ef125ea68f5981c34b0d562843708e46dc40ba8cVirustotal results 42.62%Heodo
2020-09-29335 P633.docdoc ed9cef79f5dceb4cae1a46854e3724794bb5d809266cd39d048a6edad7aa90a3n/aHeodo
2020-09-29UNTITLED_2020_09_29_637210.docdoc 831c896b4d6b4ad14823c8d4b0aba608b79c4198ae79804ef5843c2915dd6881Virustotal results 40.32%Heodo
2020-09-29UNTITLED 2020_09_29 V628194.docdoc dffe6b12754772da4ccc5aa7c07425a752a3680f801e0df24fc609e879e83e8cn/aHeodo
2020-09-29doc_2020_09_29_EP7229.docdoc 3928efa7c8b5593d40342ecd2411be994dc63bcc0a56f74ad10e1602d64cbf5bn/aHeodo
2020-09-29list_2020_09_29_U841526.docdoc 33c4a2fd6323bb9b915d3368cca5015470e2ebe56ac0d7fc33568530acc9fafeVirustotal results 41.67%Heodo
2020-09-29Dat_2020_09_29_S5083.docdoc 65d0a4d7bb769ec7f8c204d0e0321f7d4bf0543a32ca0c7636cdc7cf1cf9a3adVirustotal results 40.32%Heodo
2020-09-29Arc 20200929 F4162.docdoc a172322135f760ced398ed29bdc125263aa20fd42391c0ff1db2c8d29a9fd5can/aHeodo
2020-09-29FILE_2020_09_29_7289850.docdoc a721713b9b8dbf3f7afde4ecda5e2161a48cf67c5277c3836c0df121ca2d6b18n/aHeodo
2020-09-2948587783_D759173.docdoc e7d217418054f69a30b81cc69cf1d35d00097ac3c1b0a0175a61d72134c5f417n/aHeodo
2020-09-29Doc_20200929_9942276.docdoc 3e79f14f4c08406b5c877414b692137f49a9ae3e6916d5f3d670901e85cef51an/aHeodo
2020-09-29MES-20200929-9582425.docdoc 0debea2deb612b9b45d6c0d5436d8a10523ab340be98ce9c66f2ff4bfba49eb2Virustotal results 31.67%Heodo
2020-09-28list-20200929.docdoc 822600fc7c81e8f5a12a4ff52869d121c2adcf36c2b3922a68213f4de2bcc769Virustotal results 27.42%Heodo
2020-09-28LIST 2020_09_29 264458.docdoc 87db481003cf7afd6d3cda5e4f25cec1329d666c4238e33a8dcaa986267b1d97Virustotal results 27.42%Heodo
2020-09-28REP 2020_09_29 77325.docdoc 203faceaea459744bcbda58dc7d1805054c4cbc185f4ffb562a9a24cf8a3f8ebn/aHeodo
2020-09-28doc AV7914.docdoc 9fcd248c2fa42d29896ea9274c9b7f05eb7a278c36aeb3aa1ab0edb3ad4bcc37n/aHeodo
2020-09-28VD8307.docdoc 25ba07757eed7d8e7d07336a49141f5ee33fa19b03abf8e4dffdc67175f64b7bn/aHeodo
2020-09-28479 2020_09_29 SL098415.docdoc 7bf0020fa5c284f04b805e38e363c917a7947a5cbc5bd2c8f44d92a3c9ce2926n/aHeodo
2020-09-28mes-2020_09_29-RU006.docdoc b1536376623a3ee055f99e8f84ca15064207d45742c50d65d7e7f70f9fe2c241Virustotal results 32.26%Heodo
2020-09-28FILE_2020_09_29_2882.docdoc 2fec3e86408b30ba200afbf0ccb22c5d8df592605c3df4e442fc2fc3a46da1ban/aHeodo
2020-09-28FILE_XN2706.docdoc 84e86cacb1380fa9a15a3e972787fba140cb9d1e975013c8ac4027c58da8ca99n/aHeodo
2020-09-28Inf-2020_09_29-IIR10016.docdoc 3ab1c84503217087f45e8cf1acaef86781dfee20643e93e0d982dba8803fe719n/aHeodo