URLhaus Database

You are currently viewing the URLhaus database entry for https://therapy.uvision.io/wp-admin/esp/zsO2lMhxJg/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	623593
URL:	https://therapy.uvision.io/wp-admin/esp/zsO2lMhxJg/
URL Status:	Offline
Host:	therapy.uvision.io
Date added:	2020-09-29 15:08:13 UTC
Last online:	2020-10-01 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU002973147 created on 2020-09-29 15:10:06 UTC)
Takedown time:	1 day, 20 hours, 29 minutes (down since 2020-10-01 11:39:21 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-01	LIST-2020_10_01-7640.doc	doc	da961f67e8a061149fff2af056060324ca08a2cb272708f64aa3f6c71244e23c	29.03%	Heodo
2020-10-01	file_20201001_657.doc	doc	87a8e577e3882ff6d9125cec05d9ca6ce949208d0866fbcb64632be14f12177e	29.03%	Heodo
2020-10-01	ARC-2020_10_01-9632.doc	doc	46a59f3fe0efcffcdfcd2c366c3cda5205ab4f7c79e6c11c1bac4ea7247906d5	36.07%	Heodo
2020-10-01	list 20201001 TF6049.doc	doc	faf99c6bf7ae27773ade2ab13a7bc8ad7174d988e1e844da340884c01d1cfceb	n/a	Heodo
2020-10-01	dat 20201001 A16488.doc	doc	d09def23b85e52761ab948f8a0a73e9d2f43f1a06c27f35973dcedbc87954564	n/a	Heodo
2020-10-01	inf-20201001-8806191.doc	doc	777127cbba49b66a0abc912156156af484a0903a78b298981ed5e34b107cc08c	n/a	Heodo
2020-10-01	MES-2020_10_01.doc	doc	b2af72414cca6a559fbc5e9254b6080ce9d292ef4b2a37d8973118f7fffca277	n/a	Heodo
2020-09-29	UNTITLED 20200929 4904458.doc	doc	52e0a733f1c1b48a6085aad06982e5417e6aa56dcf7d189d90cffbdad681625b	19.35%	Heodo
2020-09-29	list 2020_09_29 1139812.doc	doc	20c05076ffa992b9810f1c1900121cafbbf5ca6af25b130c2c86ca2ffbdcf47e	19.35%	Heodo
2020-09-29	ARC 2020_09_29 739.doc	doc	59db370e5d8a40c599cf93b60ad3385c1dcf1f4bf9236334c3f4b5be21faa05a	19.05%	Heodo
2020-09-29	ARC_DK877.doc	doc	d43559c27961577b292cd3c8f65aba9e464eea39d831d95cd2155c885c74d96f	n/a	Heodo
2020-09-29	file 2020_09_29 I18339.doc	doc	79284afdb275fc77c0504fb1f59741b1ef73baf113c4f4d4e87e66466ef143c1	18.03%	Heodo
2020-09-29	FILE_2020_09_29_LVR3456.doc	doc	74defd8809c3c66152c56c0f711d60e7110683784e42df2d80dcf3e30c412f6a	n/a	Heodo
2020-09-29	file_20200929_QF98987.doc	doc	32049385466cefdb6902bff7a1c1c93274f20eb51842f1dc68a84e5de14716d1	n/a	Heodo
2020-09-29	Inf 20200929 5647.doc	doc	2f308a1347238d06ba6169125d4ca68c95bf091d30be8381e641936523c1b7ce	17.74%	Heodo
2020-09-29	MES Y855379.doc	doc	73610175404eca0912ed14988bc2019dcbdc0623dc7f780808798b0cde39bb87	17.74%	Heodo
2020-09-29	Doc-20200929-97347.doc	doc	054954c8adf177996d7b60d1f0f7490910c3d38ccfa915725432a3702b1fa6c7	36.07%	Heodo
2020-09-29	INF_20200929_750955.doc	doc	afe621cd44cd689287ad44e9d1728558887078487d74729709bf5e332f7f99d2	n/a	Heodo
2020-09-29	arc 20200929 6530608.doc	doc	db692ab9e319f90b55008675167363e8045584e0bc1902963a1a81d850d4c287	36.07%	Heodo
2020-09-29	FILE-2020_09_29-619563.doc	doc	ebe5c60d0f35c3d6f839899e01aef73d251b2ba41e0d7ca848d1302b1c9906ec	37.29%	Heodo
2020-09-29	list-20200929-DXR76617.doc	doc	23b449fb112ad9151ab2a3e4951ca38ed7ee57f9025e3c70de11fcdf956ffb98	35.48%	Heodo
2020-09-29	UNTITLED_815.doc	doc	57229d906148c6f3778a3c63cca56a2130ae7815b9d77c017d06140bcc7ccc7e	37.10%	Heodo
2020-09-29	List 2020_09_29 45579.doc	doc	253cd8373b9fef7b344b345f38bd10c5c6cfa760b422b98092f01d3925a51b47	n/a	Heodo
2020-09-29	Doc_20200929_ZGE670143.doc	doc	af7c73e34b40cd0fb54d465470a93b8970b711a2793f3341f48aaf5e3abb8611	n/a	Heodo