URLhaus Database

You are currently viewing the URLhaus database entry for http://winapp.sg/wp-includes/550829088040861/u2fMTW7JZs3me0/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:619319
URL: http://winapp.sg/wp-includes/550829088040861/u2fMTW7JZs3me0/
URL Status:Offline
Host: winapp.sg
Date added:2020-09-28 22:25:35 UTC
Last online:2020-09-30 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU002971313 created on 2020-09-28 22:26:06 UTC)
Takedown time:1 day, 17 hours, 22 minutes Poor (down since 2020-09-30 15:48:45 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-30INF 41500.docdoc 5bf5490d9daa5f884b6597377c8d3f4200a86f12a88c613b3b633681f3998191n/aHeodo
2020-09-30Inf_20200930.docdoc 1ae2baa185c14e948bba0b1f389e85ec3a9310871617b68296641f3b4d3f0828Virustotal results 22.95%Heodo
2020-09-30FILE VZ54136.docdoc ab29dfeede441ff65801a3bd6e00e12eb35038b0142cfdb133fd029ed7ec4ee9Virustotal results 47.54%Heodo
2020-09-30REP_AJ125.docdoc 22f844a158ab002c4375f2234f5a539f0b1b5199f33b442d4869765ea22ca27aVirustotal results 47.54% Heodo
2020-09-30mes_EC918852.docdoc e0241059c22b3f4c297b2b6d6c3d0d854d45f39af3ec08495ca2b04025772414Virustotal results 47.54%Heodo
2020-09-30Rep_20200930_921134.docdoc 23ccebb7161e48fdb44034be5f97acd1bfa117b92ee7c747f07dfcbd15d5fd9dn/aHeodo
2020-09-30mes 2020_09_30 352029.docdoc 4ea90e3809b6394cfe327060cefb011a7c1feee15f8bb5c9e59daae70eb100f1n/aHeodo
2020-09-30INF-20200930-D7203.docdoc 6f99b89e5bfde428715216d919a8e1dd87475900137dfbb2e07c5ba58bbb2954Virustotal results 45.16%Heodo
2020-09-30Inf_212573.docdoc 20d4e4818086e245bcd29d41820881f75fb76cad2a7d9c1430d408c8f308ec4cVirustotal results 45.16%Heodo
2020-09-30rep_2020_09_30_IYE71472.docdoc 892d8f9cfb26bae3277304d3396027dd55d0899e78181a1431bb43e29dd3e857Virustotal results 41.94%Heodo
2020-09-30mes-2020_09_30-1042186.docdoc 643a118d94807a21df75a7aede93130326ac04ce84a10d9fa67b1f5f87d3467aVirustotal results 39.34%Heodo
2020-09-30235 2020_09_30 B477633.docdoc f8b2d066f5a3d657edb1544f9df31a9a7b3121c5c14ddb1b96b50ddd69b44c22n/aHeodo
2020-09-30INF 2020_09_30 2080.docdoc 3e16472eff5bf2937b0f1833264ef998b9f6339e36a135499b25cfa8e794b33cVirustotal results 37.10%Heodo
2020-09-30REP 20200930.docdoc 1d44cd8c3d04874dc41108bc844eb637f657064927fc28927f68c95fe596bcaaVirustotal results 32.79%Heodo
2020-09-30file XNR864.docdoc 3f2c230c00d8140a1297b360252ccc7a30d002e039359b9a9d3c08cbfd378fc6Virustotal results 32.26%Heodo
2020-09-30doc_F247973.docdoc 07f05248ebd561f95c8b5988fddd0396c6d3c0a61015e3cf154e1e97f2af015aVirustotal results 32.26%Heodo
2020-09-30LIST QSP82077.docdoc a87836e6fbf70862d74980ad32f16b6dfe157bcea1172817e7235764aae0c4den/aHeodo
2020-09-30Doc_VM29100.docdoc 10f4a118d75e59c1f0ae83e7e44c9553fd6925a4bcf21a4cb62559c38c550147Virustotal results 31.15%Heodo
2020-09-30Untitled 20200930 327622.docdoc 9d6a2742e7b189220132964cb3ecc21eb2bf93bf90143787ab21937cbb1b2e5fVirustotal results 32.26%Heodo
2020-09-30Inf 447.docdoc b89e3c01c95337c6976cfdbc20163b4375eb1a0a76a87335e891fcd932c361d1n/aHeodo
2020-09-29ARC 2020_09_30.docdoc 98c87f2f2e124f5e8444896304f556a844430d6543223343abc894702abf99e3n/aHeodo
2020-09-29Attachments-20200930-YIO160455.docdoc fe1ce0fd30ae39c4347efaf4fd829853c3df12a2eaa46b281faf17855b5c3a2dn/aHeodo
2020-09-29arc-OLY652571.docdoc 2ce2a7979c53158a0e7454224e6755704290a5a16a092aec69088da9eb3571a3Virustotal results 29.03%Heodo
2020-09-29Doc 20200930 51741.docdoc 2e0fc31a6ff8f20507c6979fa9b5be9e11f13d424e2962ec30f1fc596c069898n/aHeodo
2020-09-29Mes 15963.docdoc 87687f422879d033f49c258046d04d4456ca8476353a750ba425c6642d61d3f2Virustotal results 19.35%Heodo
2020-09-29Untitled-20200930-0330.docdoc 004d7159e2360d1569de7849fbd5ffa3e63968d011834c565255ade18fcd54cbVirustotal results 19.35%Heodo
2020-09-29Untitled 20200929 BY852.docdoc 8078b412ef203fae6fb0c994b5c8fd9a2bf69be9870b623ce2e3eb3b54466d4eVirustotal results 30.65%Heodo
2020-09-29Dat_TTP96367.docdoc 2184b04d9d840af86cf5ca1ce1456ee071aa92eb2fe601363e6340eedcbbcc79n/aHeodo
2020-09-29Inf 2020_09_29 UBS183.docdoc e0058745c1cd85f4d628a90a9aa61a222d863b27bee2393c8228ec6a1e4a533cn/aHeodo
2020-09-29Attachments 20200929 2400331.docdoc 5b1798854e2ba3b74bf2987aca9b603ab1913a6d60f99bb38a660270a2ea9f3aVirustotal results 22.58%Heodo
2020-09-29arc-20200929-D674958.docdoc 32092e05020bf5b9068a781d7bb994885d071fc05861e7bdcf3d979fe36437f6n/aHeodo
2020-09-29file 2020_09_29 DBP93649.docdoc 61fa86d57f5bd8416845fdff78646dfb24b6c8e7da232d2e88d60190b629d366n/aHeodo
2020-09-29INF WY38861.docdoc 8f3f64a249482b0a6dd6361950555bb3bee2b9be6a613991d66eb5e221573bban/aHeodo
2020-09-2972999.docdoc 405eafda68956f4def6b853f960ee3ee58fd39ad89c0c28ceec2cd79ba8255f1n/aHeodo
2020-09-29684273_20200929_8869408.docdoc 2fc6feaa5c2ec3b5505d9b06f8f32253dee37c3aa5c552412c30808475ff47eaVirustotal results 24.19%Heodo
2020-09-29Attachment.docdoc 7846dc72ed56d56ae1eef1756a7217bc4f8e4f50efa99051b54f9603c5aa8ea9n/aHeodo
2020-09-29Rep-20200929-E300310.docdoc a093583bd5eb5b721b5ea9b8e639aef021764fbd132bd523a861cfce6a3eeec6Virustotal results 24.19%Heodo
2020-09-29Doc_20200929_ZNL3192.docdoc 5c9b61e7c24cc5d8b1dfdced53ee0347071660ed454abca451ec9ef2c1dca7e1n/aHeodo
2020-09-29Attachments-20200929-NC75984.docdoc 3406b7d18aec4c1ae48b1ea830fe5fb442d480fb1a6a5e3b5121d01f796cedb7n/aHeodo
2020-09-29Inf 8792222.docdoc bc70f983f6aa5504724edcc00425cb54b3c6bba19d0e1b9d975107af678f841fn/aHeodo
2020-09-29INF GM959.docdoc 8d7aa0754f6cb75c8800dc99f97929a455ae099b93194d99baca1e8d3041e1aaVirustotal results 22.58%Heodo
2020-09-29MES_W3819.docdoc d2c7f98bd9ddf170cc94395ee616eee8481b5484e7e1be8648984a357345b673Virustotal results 40.98%Heodo
2020-09-29arc_20200929_5215419.docdoc e7d217418054f69a30b81cc69cf1d35d00097ac3c1b0a0175a61d72134c5f417n/aHeodo
2020-09-29list-2020_09_29-GLD012.docdoc 15915a01d4795b2cdd261061864a25011d8856f97865e6538890f9259958392eVirustotal results 40.98%Heodo
2020-09-29LIST-20200929-759864.docdoc 6393adce2e6fe6411ce0d55abdc750cf798b4d5e95ac789d82fa303e456ff200Virustotal results 40.32%Heodo
2020-09-29doc_UI346.docdoc 92f8bccca3a1b18424b20a4cde47574b9446c3cc35c59bd7189cfba6b47f6d6dVirustotal results 40.32%Heodo
2020-09-29list_20200929_QNW053644.docdoc 169e983f778fefbcc2df2a0f5b6c85b2ade68f5293fcceaa2c6b28833cf0d0d1n/aHeodo
2020-09-29arc_20200929_AV4003.docdoc 20d036ecef1bdc268854cfbc558d4aa3536c41caf65312445a2c9e779ff04b9fn/aHeodo
2020-09-29FILE_2020_09_29_1224.docdoc cab62d49d500e135acf0c1331510182e4fc10de9a53592bdb1b081825e42cb7eVirustotal results 37.10%Heodo
2020-09-29list-20200929.docdoc c163f0352510db6327338cd87446af05c3df6baa95c9882d952eb9caeb02c551Virustotal results 37.10%Heodo
2020-09-29Attachments-YNR101.docdoc b796504b41b7b5c9b712c2d3cca8d70392facce21f0d70ebc3728f71c0dfdbbeVirustotal results 37.10%Heodo
2020-09-29Mes_20200929_EKR435.docdoc 5f87d95e028a5e898dd317d4a0e297434e8b30770d448c4a07687bfc44e9688dVirustotal results 33.87%Heodo
2020-09-29List 2020_09_29 V823397.docdoc 085bd44289d94c5a4c9f4b533a6c4c65d15d751153585af0272085401818dd04n/aHeodo
2020-09-29File 487334.docdoc e56bc063733d1ff4a57a70fa7ba2925de15320cae5a623a2f04fdd771c879f43Virustotal results 32.26%Heodo
2020-09-29Untitled-2020_09_29.docdoc 1f78c0dce80e8230188b85299b481f143272c4d24f7feb19955ef389279bcabdn/aHeodo
2020-09-29LIST_2020_09_29_422322.docdoc afa3c59ecd5a7ea34b729710fb369a12eac463e7538b0fc2a72d5d10f9428b5an/aHeodo
2020-09-29REP-2020_09_29-VOQ20115.docdoc 431d361d091946539cac8ed89298e63de4e17531277e185f37c063dd89273ef6n/aHeodo
2020-09-29441489-2020_09_29-559.docdoc 2e9543a1d227bcf281180b6ba02d82d2f15a614155b1ff356b28602377b786d2n/aHeodo
2020-09-28rep_2020_09_29_1420428.docdoc 355499f144efa41f21d80a9c65951bc118d0198a598fbe5c252c1fe5e64cde9aVirustotal results 29.03%Heodo
2020-09-28REP 20200929 91802.docdoc 45397b94d776a37290f1bc5d37f73758d17185070342f0186eb8aa5b031d8e12n/aHeodo
2020-09-28dat_20200929.docdoc 203faceaea459744bcbda58dc7d1805054c4cbc185f4ffb562a9a24cf8a3f8ebVirustotal results 27.42%Heodo
2020-09-28file-632643.docdoc dadb16f08fe25c42bd7288b792eeb520d80dafb26c05bd0f61eba97663e01971Virustotal results 25.81%Heodo
2020-09-28ZB06387-8949.docdoc 25ba07757eed7d8e7d07336a49141f5ee33fa19b03abf8e4dffdc67175f64b7bVirustotal results 25.81%Heodo
2020-09-28Inf_20200929_Q293882.docdoc eae4c4408a16ab90642f53d8f648ce1b1e227e6c61268768c5ff40f61c20d358Virustotal results 32.26%Heodo