URLhaus Database

You are currently viewing the URLhaus database entry for http://zeytinbezcanta.com/wp-admin/GOD49G0/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:621448
URL: http://zeytinbezcanta.com/wp-admin/GOD49G0/
URL Status:Offline
Host: zeytinbezcanta.com
Date added:2020-09-29 07:08:03 UTC
Last online:2020-10-01 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-29 07:10:37 UTC to abuse{at}moondc[dot]com)
Takedown time:2 days, 7 hours, 49 minutes Poor (down since 2020-10-01 15:00:03 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-30NHNE_49372831.docdoc a3d743d11312e842641d3124985266cfd1471f8d21881fb7dfc8dfa9cbd1fe47Virustotal results 26.23%Heodo
2020-09-30CO2ZCU9N.docdoc 530127d3f61abec3c59e2202a0ddfa9b8f5623205bb7c115b951ef7af56cdcd8Virustotal results 25.81%Heodo
2020-09-30T_NQX_090120_OUH_093020.docdoc 728b1a60c5af8cf394d48d6bc7a6a273117da463ab6316c2b43a2fe72b26709cVirustotal results 26.23%Heodo
2020-09-30PO_09302020EX.docdoc 89184bca1106ed62901477bceef09ee282bceca404d17c44630544fdd803cbbfVirustotal results 25.40%Heodo
2020-09-30BAL_YUK258FZ02FB1S4.docdoc 54f93880d0f4c65aaa29acd1dff0cb761aa8dc7388f96435e8c55ead32b30dfeVirustotal results 25.00%Heodo
2020-09-30INV_36955684.docdoc e0598f2efbf03596b6fc2d73a58184b9a4d4277d2fc01322308e86a132582e2dVirustotal results 22.58%Heodo
2020-09-3017292642.docdoc f5e365e70de80b2c17172db5e9c99d037fe2d025161e0c78d7665734a2d108f7n/aHeodo
2020-09-30W_PO_09302020EX.docdoc 1d5daccb3ffdca9e417370c654eefb0f6a0b2c3de51d7ca751c676d623cd57bcVirustotal results 22.58%Heodo
2020-09-30BAL_PO_09302020EX.docdoc 67d5b3c3ed94416daadf1bb5fd4eba9c72b57c7b8f1d7d1e40a7a3def981adc4Virustotal results 22.58%Heodo
2020-09-30DOC_XV2656096234UY.docdoc a4764b420e55695dd9b02d5ca980f126958001ea30e96a74b2e9321661bf38ffn/aHeodo
2020-09-30M_28798540.docdoc f643ca2e24eeeed79a8eb15590b5adfe2d738c667c2771df28474060408f703fVirustotal results 20.97%Heodo
2020-09-30FILE_8318551671615276.docdoc 5bd1dec77e268f1da221047d95d57981748b9f359c04a76b1b80de3a2144c67dVirustotal results 21.31%Heodo
2020-09-304510638818062939494.docdoc 8e31afb89d4b0d827dede24be0d862b7e6ee93b5726a90722e3d29f493922546n/aHeodo
2020-09-30DOC_7M1ZMX5H0VLJE.docdoc 119dab813d43139ec7ee0f953f68341391776f7f5cdbc1fc6eeabf95356a8a21Virustotal results 20.97%Heodo
2020-09-30DOC_ZE7188071537NX.docdoc 0c169d8b50436ffcfc67dc75e5a8534829a932697bf5e79107b4ecc423e227f9Virustotal results 20.34%Heodo
2020-09-30FILE_037391866095218129028086.docdoc 7a824b0902c4e58a3bc225caede89cabfc440904f63680f791b4a6421f1500c8n/aHeodo
2020-09-30AF9504083565WN.docdoc 24e3ba16d86892e3c786b97123151b7a2294602a61bafd3c546475d0597a2a37Virustotal results 46.77%Heodo
2020-09-30ZL_PO_09302020EX.docdoc 8c898e6465f4f641ea5dc6095375eb50772f4b2d7b0d50f197f74567af847cf8Virustotal results 43.55%Heodo
2020-09-30INV_94822785.docdoc d0ce4cd7cb0a84604bbd7f40f0aa48a2f09e21fb9eb3d4b72d64cf88790f3081Virustotal results 44.26%Heodo
2020-09-3060480171.docdoc 9c8962de4c40c27a546d2347cc878f099354ae9f5cc7e799e78d864d74a6a72eVirustotal results 43.55%Heodo
2020-09-30BAL_5319202822.docdoc f69c957e912e4eb54ca00ba379a5808d47ebcb4667393b4b986d2d50ee35e7b6Virustotal results 43.55%Heodo
2020-09-30WEUPYRSJZ6KENK.docdoc 3d322e72fd831b7624674c0a9ed650c75bf0cf2d05e5c2dcf7746ee4187260b3Virustotal results 45.16%Heodo
2020-09-30REP_01985349.docdoc 010d313ef5a6680acc6fcdaca0eed3e19f256a23cac861684466d6e7f7138030Virustotal results 41.94%Heodo
2020-09-30DOC_477370069470.docdoc 0bffbb268223d255d4ebdcee53bd0d8e990843600bf96f811f47a550d1e366can/aHeodo
2020-09-30INV_45477782.docdoc 31096733d8d5f5ecff8a6a1f0bbf9b3af3fb5f1e8f0b509b342a38cdb0a01b43Virustotal results 35.48%Heodo
2020-09-30BAL_FOP_090120_EMX_093020.docdoc aabd54aa244d3a19daa025d685a63495581f02a35c44e11bdb76ea7bbf7360baVirustotal results 32.26%Heodo
2020-09-30PO_09302020EX.docdoc 8649c9f23563646d5b0033bb729307388ddb4396da639cbf0385c08ec0a01cffn/aHeodo
2020-09-30KX_CGU_090120_XEP_093020.docdoc b3e10600287dfaee56f53325acb38c44c75d92fdda24bce58c9d231eebc0bd06n/aHeodo
2020-09-3000142086.docdoc 48e23cb77f6629ddf1c1b70ff1af00789fe9ed39014db2e97b4be24c2e13a168Virustotal results 30.65%Heodo
2020-09-30DTJ_EER_090120_SLV_093020.docdoc 75f032ed1b4c5d9738c4ebee1d878f1fe5307cba5c43dc44ce2443a640e7fb2fVirustotal results 31.15%Heodo
2020-09-29I_DZ4998657134FY.docdoc a0269d67f007490795637a732bf26ce5976a2b4039df3d784930ef9109697365Virustotal results 29.51%Heodo
2020-09-29Q_YCECORBZ0.docdoc d59faf29c8fe5f632a3b7d91802b08434241b502d47b2bcdf2276dc68e4e7d48n/aHeodo
2020-09-29L_PO_09302020EX.docdoc 16b031e38044afa7252dbfb56c762b3723de1cb4b3535a8c76bd5d4f10a2819bVirustotal results 29.03%Heodo
2020-09-29FILE_JKFCGIOANB1Z.docdoc 76d3bae4ebe683a5d3ff0d90971119c287a3acbab073e28b979ad7eaa60e37bfVirustotal results 27.87%Heodo
2020-09-29BAL_16164103.docdoc 14e6ea40cc1e124fe353ed7aeb27490dad58d6a116bfddc62aacaa02921c5d88Virustotal results 32.26%Heodo
2020-09-29FILE_35315097.docdoc 4d8921a48a76b3766edb2b3a7891014002d4a5c0d46332532cf1b38001404ee7Virustotal results 32.26%Heodo
2020-09-2968647716903784063212.docdoc 2e997b7baaa8519fff2a756670247b75a5b9fd00addafb830d7ad6ebc7ad18d1n/a Heodo
2020-09-29FILE_92609963270957623487.docdoc 9243618e3533ddf75d1106555b3aad908b5a34d8ae7a1065a683bf73e6b21a4dVirustotal results 31.15%Heodo
2020-09-29INV_5005693156102788718.docdoc c1446a72e2576d95b24898e5014d628598195a914aaa2a04374e7f70bc758675n/aHeodo
2020-09-29PO_09292020EX.docdoc d61c94700e11dc1403447594b7f872aa897b6c504694e1fa839173b309e4db89n/aHeodo
2020-09-29PO_09292020EX.docdoc 9f03cbcb94f29bc52edb2f4852873dac332c7c273544a89e3f958bcbb3800818Virustotal results 31.15% Heodo
2020-09-29REP_44053910.docdoc 086f8c38c6ec75cda72b92d3fafa0c59202ddb75c328ccd8767bef77cb910823Virustotal results 31.15%Heodo
2020-09-29INV_1358237363.docdoc 844dc7bc8eab502d43f5eb0a7501fc0b97ed3192fe06e4e2f33d69dd28fb63f5Virustotal results 33.87%Heodo
2020-09-2908794346.docdoc 267c165ecb6ed19951fbc087afcfda421785a434ccb6345984dfbaf955399965n/aHeodo
2020-09-29ZFFP_EQU9IW23.docdoc 3bf884e5ad0e7ae1e5bda8efd025ebe7502e8446e0675345a83138de1f052c2bVirustotal results 35.00%Heodo
2020-09-29M_43563935243.docdoc 15513b191f34ecc5434e13d6ff1294840e3ca161628edc0caa89e89f6988f357Virustotal results 33.87%Heodo
2020-09-29DOC_650969509236105390958.docdoc bf8b6f6c76671cb813faf9e8ed8fa6d4e1278a342757ca9c77e2c5a48bdd87cen/a Heodo
2020-09-29DOC_XE0IXKKOIUUV3BU.docdoc f973136adc63c4e41033c24a450790d40f8fa1a4e235c23d9c3a61e42b439be7n/aHeodo
2020-09-29FILE_PO_09292020EX.docdoc 3bee6ffea2b95238a17e5c61ee43b33b9c17b6eedaea7c334feb7f13ce90bf07n/aHeodo
2020-09-2976815853745.docdoc 9ae21072207eae0305ed8609595405bf159e0b6f8122f4cb9bf626743035c940Virustotal results 24.19%Heodo
2020-09-29FILE_NP8C2BF7862.docdoc b7a1f38a0dc9a38d954345abdfd570e60fdf85efb287ec4f645ceb87243ce4d5n/aHeodo
2020-09-29PO_09292020EX.docdoc 2c95d5fcdfdb060215112fb122d9315d7e155ffd00e61593df65e257922e252cn/aHeodo
2020-09-29INV_PO_09292020EX.docdoc d286eeb463240cec38ca707bac6d0bab917ed05ed87cda5f42f3865dd2cbdc1dn/aHeodo
2020-09-29REP_IE1342080897OU.docdoc 59f15b56958e59270a62cc0cdd726486f7afc4094d189b78461abebb9ba864ddn/aHeodo
2020-09-29RXU_090120_FDP_092920.docdoc 5026038a292b49ab9349bb160735d98bbdcf61e0a0de600d6666d5b60ae2d945n/aHeodo
2020-09-29REP_XU0179848746DF.docdoc 8463091366fd555af04f6e98903f8959e0735f49e6ca9bd462cabdda01e5ec9cVirustotal results 24.59%Heodo
2020-09-29DOC_53678149166918728354.docdoc 11a15490c73f98ac1d0d1caa24d7643be4c4a1e8ccb97c68112844bbc1ec12f6n/aHeodo
2020-09-29FILE_JOZ_090120_PSI_092920.docdoc e32364f053e1ab52c7871c0ee65de7c7b8231a1ab67f3c3ef459af3c1bcdad2eVirustotal results 24.59%Heodo
2020-09-29BAL_OG3059552870AU.docdoc 9df925653c851406413f14b7476717e284adf2a52f3ade096f1180b4cae87031Virustotal results 24.59%Heodo
2020-09-29BAL_31634312.docdoc 0da375987ca85423a9ba820c1000eeb64083a2efd303617b7a1e33de0a7d21d1n/aHeodo
2020-09-29AAD_46959585.docdoc 45e97570fd10c8eb0957ca5b1d503d457681e75e5cc9a885394b17425496d58bVirustotal results 46.67%Heodo
2020-09-29BAL_PO_09292020EX.docdoc 93e49c537d860ec3dbcb23e79f1eb2c52610596ff0dc6e7fedd5e41ade84841fn/aHeodo
2020-09-2996580732149622721645178.docdoc 1b42960531845b815714f61fff4022939441d337491d719c2f2c3c08ba21cfdfn/aHeodo
2020-09-29WF1356751322MJ.docdoc 8c9464abb69f16822f7fdec477b8bedee78510faecafd821b00276f0745ed2b6Virustotal results 45.90%Heodo
2020-09-29DOC_99318407.docdoc b3c92e625ad81c08bd28e1a45753ce045067ba19beb8cf1b8852bd0ecbd56628Virustotal results 45.16%Heodo