URLhaus Database

You are currently viewing the URLhaus database entry for http://afrimed.mr/wp-includes/de4jey/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:625020
URL: http://afrimed.mr/wp-includes/de4jey/
URL Status:Offline
Host: afrimed.mr
Date added:2020-09-29 21:05:07 UTC
Last online:2020-10-08 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-29 21:06:49 UTC to abuse{at}lws[dot]fr)
Takedown time:8 days, 13 hours, 56 minutes Bad (down since 2020-10-08 11:03:19 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-30ND6980537946PC.docdoc a3d743d11312e842641d3124985266cfd1471f8d21881fb7dfc8dfa9cbd1fe47Virustotal results 26.23%Heodo
2020-09-30SHD_090120_OOV_093020.docdoc 63d11b10d793151af69aa10ba45dcd9de40ca61834d018e42474786090043655Virustotal results 25.81%Heodo
2020-09-30INV_YQG_090120_BSH_093020.docdoc 5fa75a02b1c855828a4a11cf3cf8da64502f2b4023c776b5f37c98ef894df875n/aHeodo
2020-09-30DOC_PO_09302020EX.docdoc b131abadbdd99b90888c049f0e4ff59936adb011886d570d1652cef7c209c4d1Virustotal results 26.23%Heodo
2020-09-30INV_YWQ_090120_KLE_093020.docdoc 087b9ff622ebe92583a05a548a41b6384ca243ee1e54af69e35281cc16c6ee83n/aHeodo
2020-09-30INV_046908363187059538.docdoc 54f93880d0f4c65aaa29acd1dff0cb761aa8dc7388f96435e8c55ead32b30dfen/aHeodo
2020-09-30EBF_090120_BQD_093020.docdoc e0598f2efbf03596b6fc2d73a58184b9a4d4277d2fc01322308e86a132582e2dn/aHeodo
2020-09-30FILE_PO_09302020EX.docdoc 539ecc7287a68226e1bdd0520eea775a58754f306ed17c7a8bb6c48193b7f64cVirustotal results 22.58%Heodo
2020-09-30BAL_452875288103511789424049.docdoc 0d76776775bf2a2cabdb6e870b77c93df8a87261dff0fe4186297a4a70d37b0an/aHeodo
2020-09-30INV_RVR7O8CUHMKH2I.docdoc e7a2c5f70735aa280cf5aeca7377be7974e8c56d30e0d263086d484657e21d55Virustotal results 22.95%Heodo
2020-09-30BAL_PO_09302020EX.docdoc 08bda1ed5fe14e5198b9ac6497ef066c83189be44ff6fe663d6a708bdab3c8fbVirustotal results 21.67%Heodo
2020-09-30FILE_DAY_090120_FFN_093020.docdoc 7d2c8d827a62c501876d11119d9989eae86dc953f1f0ced0c65a9567cb616fbbVirustotal results 22.22%Heodo
2020-09-30RQ1457993338JI.docdoc aa496de7458d278533530a18ae1ea43f99ae885781dc85005845bf2057c1ca12Virustotal results 22.58%Heodo
2020-09-3036459927796646790602018.docdoc 110b8287dac073cfd63cca6a49c82963d72e5883bd93e56f99445993e41bc097Virustotal results 22.58%Heodo
2020-09-30PO_09302020EX.docdoc 380569af88b834f9d208236fa12e84cab31e0caf8793dacf54e7d8bcb290e5adn/aHeodo
2020-09-30WLX_090120_SUR_093020.docdoc 40f77113e8856e6e1480c0172d552bbea6c9e9158bf9eb2fa7c9de38695ebba9n/aHeodo
2020-09-30GTW_090120_GKU_093020.docdoc dae3de0260b268fd89734a96196759e0a878835e38a868db1ec44194c212e1f0Virustotal results 22.58%Heodo
2020-09-30H_474790587.docdoc aa20d5b64ffd09ab64443f3159ab02394d97ae2baa93aa75de32fdbdf7f30e6bVirustotal results 20.97%Heodo
2020-09-30REP_PO_09302020EX.docdoc c5d3f7beeec8a157185d5c01ac991e0357cb0d55f5b4335f3846792136692714Virustotal results 20.97%Heodo
2020-09-30DOC_7816405712.docdoc f643ca2e24eeeed79a8eb15590b5adfe2d738c667c2771df28474060408f703fn/aHeodo
2020-09-30J_165450645529959868574664.docdoc 4ec76c0d7c5f6a2a489dcc31a5670f9d7194cf38c6e29b0e002193b6750e1ffeVirustotal results 20.97%Heodo
2020-09-30WTX_090120_JWN_093020.docdoc 7f4bb0819805fa0971334e3d8eca32699464c4fece26826d78d8df5a6441c071n/aHeodo
2020-09-30O_LB7346232100PV.docdoc 0c169d8b50436ffcfc67dc75e5a8534829a932697bf5e79107b4ecc423e227f9n/aHeodo
2020-09-30BAL_VYA_090120_OZP_093020.docdoc f8fb4db3104cc2c9f261f3b3b43acb4132f5759f8e485677651a52478610f5bcVirustotal results 20.97%Heodo
2020-09-30DOC_PO_09302020EX.docdoc e9a9d7c87ef767357d0019c6185d27bec8449b2abd340b93b54b6621c426fc14Virustotal results 20.34%Heodo
2020-09-30CL_ZFA_090120_DJE_093020.docdoc 8ab2e6cb8892b88bad960fc01887038298cebc93804c11f3bf92624541fd00den/aHeodo
2020-09-30INV_PO_09302020EX.docdoc d0ce4cd7cb0a84604bbd7f40f0aa48a2f09e21fb9eb3d4b72d64cf88790f3081n/aHeodo
2020-09-30G_40600926.docdoc 9c8962de4c40c27a546d2347cc878f099354ae9f5cc7e799e78d864d74a6a72eVirustotal results 43.55%Heodo
2020-09-30INV_7YBUE8NO16O4.docdoc 09920ec2c5029cdb6177cee45414e34e9307a6f40548df1ba80385c44cfcc613Virustotal results 43.55%Heodo
2020-09-30REP_08432133.docdoc 267635371e8ce155728f5a57ac788f36284669033c41d39c1bd6f1168b3c469fn/aHeodo
2020-09-30PO_09302020EX.docdoc 896b1086164f16900fa21fd364f85761da882abeb87573d0eac49e7dfaf2524bn/aHeodo
2020-09-30YYD_920041120164578144378.docdoc 1a2856f6dfce0f239bb89c2fa41ba26f9d1761dd09caa8312e58c26aa1411369Virustotal results 38.71%Heodo
2020-09-30DOC_2FABJOT6Y.docdoc e2689c227ea6d5424060e6fce6deab414a52c4d27719a2a2f4a2b9eb635d4f9an/aHeodo
2020-09-30FILE_XZNV8YSLN.docdoc d8f8b40e6c0fff5344fce0199e4fd683f50bc846af26963d53ea1554aa202e61n/aHeodo
2020-09-30FILE_61067040.docdoc aabd54aa244d3a19daa025d685a63495581f02a35c44e11bdb76ea7bbf7360ban/aHeodo
2020-09-30LHJ_090120_NFU_093020.docdoc 020aeaa470dfa7a4e9fc3e8d88db9d7f89b1bd64df67a963467490068a6f3d6dn/aHeodo
2020-09-30FILE_XSP_090120_OVO_093020.docdoc b3e10600287dfaee56f53325acb38c44c75d92fdda24bce58c9d231eebc0bd06Virustotal results 32.79%Heodo
2020-09-3099933215.docdoc ff1650382e69268384234b18f44e36d54c6f3dbadfd3a0ef497e97729639a6b3Virustotal results 32.79%Heodo
2020-09-30FILE_KDKM0BEHO58HO14E.docdoc 5fce7635748a17b0553d34bb396757644f6ab211ed7865fcd3ecf8b5f1014b29Virustotal results 30.65%Heodo
2020-09-30X_PO_09302020EX.docdoc c7e94b09a7bf83d363a7949d7aef5bba5516bd5b0e0c149bbd1dc341b9cd5180Virustotal results 31.15%Heodo
2020-09-29REP_PO_09302020EX.docdoc 5bc9314961b874f09854775cf9f6bce09cc9c8106200074edb961cd544efb675Virustotal results 30.65%Heodo
2020-09-29PO_09302020EX.docdoc ad21f91ac048eeb669e0a9cc8199225d755cf89a9f5d79d7fb39ef2659f04a9bn/aHeodo
2020-09-29T_8Q0P07QGCI8NL.docdoc defbca721d5850239ce954155a629ed1728ce578781b3e387d8c6305144f0838n/aHeodo
2020-09-2915055724.docdoc f3156f2dd9bbd4c0f1164e92165433c3f689d7777297b5149c47299dfbb1d840n/aHeodo
2020-09-2950336730.docdoc a863d09af176344fa94c7820a54398bd505f2ee93f7f66a6f05d3e60b71479ecVirustotal results 27.42%Heodo
2020-09-29PO_09302020EX.docdoc 76d3bae4ebe683a5d3ff0d90971119c287a3acbab073e28b979ad7eaa60e37bfVirustotal results 27.87%Heodo
2020-09-29REP_IMN_090120_OFG_093020.docdoc 268213ac49eccce1009b6716db9e2abf5c5a0f9d3722f052976bea02209c051fVirustotal results 32.26% Heodo
2020-09-29MW8508214810CO.docdoc 0696c08b3e38944c68c4e41b8589256b865c69f40b1dd4fd6016b27474f54488Virustotal results 32.26%Heodo
2020-09-29INV_21942056.docdoc caf29a4582381903da75e44b0f49b541a32d7ad9a08db356c0bf6d0873c479f0n/aHeodo
2020-09-29EN1861550984BP.docdoc 063d3f0f94d47d68f7356a93a8a4c183283be2f5229cbc183ff6dcb3447e7715n/a Heodo