URLhaus Database

You are currently viewing the URLhaus database entry for http://bhf.tvstartup.com/wp-content/BXH5JKZH4D43/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:620896
URL: http://bhf.tvstartup.com/wp-content/BXH5JKZH4D43/
URL Status:Offline
Host: bhf.tvstartup.com
Date added:2020-09-29 05:10:07 UTC
Last online:2020-09-29 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-29 05:10:20 UTC to abuse{at}amazonaws[dot]com)
Takedown time:5 hours, 56 minutes Good (down since 2020-09-29 11:07:16 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-29PO_09292020EX.docdoc 772b6ae34874bb9877b71987f7cc0b72c450755e71af23bde0cdeb2263413c7dn/aHeodo
2020-09-295234562327.docdoc e32364f053e1ab52c7871c0ee65de7c7b8231a1ab67f3c3ef459af3c1bcdad2eVirustotal results 24.59%Heodo
2020-09-29RM3800863087XZ.docdoc 55df7a80e87bf471bd9e82d03e9cdfaf29005dfdbc4e7759ab4425d3ffd09725Virustotal results 24.19%Heodo
2020-09-29L1340KAG3JD.docdoc f5013fbc3f4e685f68f19711624f55a63fc7ff5dfa0005f8c16803761c7d2788Virustotal results 22.95%Heodo
2020-09-29INV_XN6041110981SU.docdoc 6ceba5a337bffe2e5b0e2eb4673b6d25581a7e4ceb32996fcb5f0d6a20583b85Virustotal results 47.54%Heodo
2020-09-29FILE_TZR_090120_HIL_092920.docdoc a916028a8065134286abed17393e55e315c9ba012558b7a0875e09ac2ff95e50n/aHeodo
2020-09-29DOC_THM_090120_LQV_092920.docdoc e73d7a725149eb36c4831c7c1000f6ca79adff98d880e7eff20bbd2fe7c0bdfcn/aHeodo
2020-09-29J_30601088.docdoc ff37eac9413fb00e49fa7c3f4bf459ee239f1df832e01f903db57b5b99ae5de0n/aHeodo
2020-09-29DOC_QWO_090120_PJV_092920.docdoc c4a2703844af1952ca9c72121cd6a516f1ad595620d28d2a641507f7c7bea21aVirustotal results 48.33%Heodo
2020-09-29NRIZ_YSOAQUCW24T4CHZC.docdoc 79b121ca291143b84bc1cc6c6a2a5f5f734bd157440ade16df5fd0cf683356aaVirustotal results 48.33%Heodo
2020-09-29GL1748450013HM.docdoc 1b42960531845b815714f61fff4022939441d337491d719c2f2c3c08ba21cfdfn/aHeodo
2020-09-29INV_09682113.docdoc ddc1ecb18f1a135a6eb0a945ae16fb64993488cb32f8a23b9d0a01cf6524c6a7Virustotal results 46.77%Heodo
2020-09-29BAL_KGX_090120_TPO_092920.docdoc b3c92e625ad81c08bd28e1a45753ce045067ba19beb8cf1b8852bd0ecbd56628Virustotal results 50.00%Heodo
2020-09-29CS_RQB_090120_XDX_092920.docdoc 262b1d7db4c435c5a337c8e245fc74ca1420f3316cd2b542789ba5cf8657e1a6n/aHeodo
2020-09-29BAL_TGJH1C60YXRJYNK3.docdoc 760dab7018f626be3c6aaa9e57e0350cea3ae2cb057de45687c1f251aba72f8aVirustotal results 45.16%Heodo
2020-09-299C162NQ3META.docdoc 1c97235809cb8431eccb5413864eb8a08ec66dd0fc8d9a12cd8d8da9f8c9d40cn/aHeodo
2020-09-29FILE_VQJ_090120_GXF_092920.docdoc f017fb57e3d63cad2e865981e345ac9c31f64c1114aaa4e21c6aeff31cbb13d2n/aHeodo
2020-09-29PO_09292020EX.docdoc f0b67e53770af42aa08ec513bd9ea60d15d3b506a1d2609e88e0ce31009681ddVirustotal results 45.16%Heodo
2020-09-29UB4846404311HK.docdoc 95fa1bcfffab52ef3369485e107935640a7121689c367c4bac71e80fa76d5387Virustotal results 45.00%Heodo