URLhaus Database

You are currently viewing the URLhaus database entry for http://bzgegv.xyz/wp-admin/OCT/kmh68u/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:625047
URL: http://bzgegv.xyz/wp-admin/OCT/kmh68u/
URL Status:Offline
Host: bzgegv.xyz
Date added:2020-09-29 21:10:08 UTC
Last online:2020-10-05 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-29 21:12:03 UTC to abuse{at}digitalocean[dot]com)
Takedown time:5 days, 12 hours, 38 minutes Bad (down since 2020-10-05 09:50:46 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-30DOC_0484050560.docdoc a3d743d11312e842641d3124985266cfd1471f8d21881fb7dfc8dfa9cbd1fe47Virustotal results 26.23%Heodo
2020-09-303344367223052763636.docdoc 530127d3f61abec3c59e2202a0ddfa9b8f5623205bb7c115b951ef7af56cdcd8n/aHeodo
2020-09-30BAL_94527521076753.docdoc 74824146908abe5c7caad5b6c9c7f86a6aa087b0422fc5066abd490ae864f456Virustotal results 26.67%Heodo
2020-09-30DOC_ZPE_090120_HZM_093020.docdoc b131abadbdd99b90888c049f0e4ff59936adb011886d570d1652cef7c209c4d1Virustotal results 26.23%Heodo
2020-09-30REP_PO_09302020EX.docdoc 79b57cc855cd58d4819bb711bb59dd13e35949ada72c908e0f968d51aefc35e8Virustotal results 26.23%Heodo
2020-09-30D_7152337076957750259950707.docdoc 05917a3d7daf2bc7de49c374fe7ec364e19f2aa1b60480a666ed224053f0fe1dVirustotal results 20.34%Heodo
2020-09-3033648808.docdoc a6bda5016faa4796392e20bb0d8076147b2d6ea0f899019aed66cab6a4ad220fn/aHeodo
2020-09-30DOC_5682927134.docdoc e0598f2efbf03596b6fc2d73a58184b9a4d4277d2fc01322308e86a132582e2dn/aHeodo
2020-09-30INV_1574057676.docdoc 9486db0aa8a33c286279563cf621d35b2509967587d82ebd13c2512dce68f231n/aHeodo
2020-09-30INV_FW9910615769FP.docdoc 583be8560739028b53b2363adc1a5198c194b0ea7abb706f3dd49e9a170d7f79n/aHeodo
2020-09-30DOC_87172245.docdoc a4764b420e55695dd9b02d5ca980f126958001ea30e96a74b2e9321661bf38ffn/aHeodo
2020-09-30H_3854580709355214477.docdoc 7d2c8d827a62c501876d11119d9989eae86dc953f1f0ced0c65a9567cb616fbbVirustotal results 22.22%Heodo
2020-09-30BAL_2891456885742.docdoc aa496de7458d278533530a18ae1ea43f99ae885781dc85005845bf2057c1ca12Virustotal results 22.58%Heodo
2020-09-30DOC_PO_09302020EX.docdoc 110b8287dac073cfd63cca6a49c82963d72e5883bd93e56f99445993e41bc097n/aHeodo
2020-09-30FILE_PZ0909167337RK.docdoc ba44584c1f1d349168d9003b0bd7fcd9d738c17877427c3f02ad492598d5c637Virustotal results 22.58%Heodo
2020-09-3085793621.docdoc 04c403355d94ec532774b1b6cfd66ec108e775047e9896e68823ecc5e6c9a027Virustotal results 22.95%Heodo
2020-09-30INV_1J21CALYL.docdoc 06f0f241e0f9d72b7bfa912752c572cef951ebe5403388f20bc330e2dbda3c5cn/aHeodo
2020-09-30770783139552.docdoc aa20d5b64ffd09ab64443f3159ab02394d97ae2baa93aa75de32fdbdf7f30e6bVirustotal results 20.97%Heodo
2020-09-30GQG_090120_WHI_093020.docdoc 13d2b3475b4383e26dba14d71c6977c5eaac45d957a98cd70218a93fb28ca36dn/aHeodo
2020-09-30DOC_PO_09302020EX.docdoc 19377355e91331d5f2438275b1af46c6f266bd250c9e6a421feb6deaa86f7cadn/aHeodo
2020-09-30H_NXA_090120_QVW_093020.docdoc 8cc454cbd44284ac4a4b398e7fb7e8ef64466cb44537458d884f54fea7d6374dVirustotal results 21.31%Heodo
2020-09-3047255359775.docdoc 8e31afb89d4b0d827dede24be0d862b7e6ee93b5726a90722e3d29f493922546n/aHeodo
2020-09-30VVJ_DIQJXZLD2LQ1.docdoc 119dab813d43139ec7ee0f953f68341391776f7f5cdbc1fc6eeabf95356a8a21n/aHeodo
2020-09-30C_PO_09302020EX.docdoc 9db3206fcf75456b25ae104157caaac6beaca60e9105c9e6e0eb08d78616b1c9Virustotal results 20.97%Heodo
2020-09-30REP_8915667957.docdoc 5535272f513a3009b7bfb9a6614f96d6d4ed1c65fcfd7c416583ff2f35173267Virustotal results 21.31%Heodo
2020-09-30INV_PA1477847853GI.docdoc fc6f0ac3e38b970866e30342911b1f72bc2a028a33a093badc8c5694321d5808n/aHeodo
2020-09-30BAL_PO_09302020EX.docdoc 24e3ba16d86892e3c786b97123151b7a2294602a61bafd3c546475d0597a2a37Virustotal results 45.90%Heodo
2020-09-30REP_6246111955368176.docdoc 8c898e6465f4f641ea5dc6095375eb50772f4b2d7b0d50f197f74567af847cf8n/aHeodo
2020-09-30K_HO3804614802OU.docdoc e9ea0a15b6b1599685f85932e8f8621ebe49b8a64c3376cb3819d4b9f5b536beVirustotal results 43.55%Heodo
2020-09-30HI_AU5194240703RM.docdoc 16570616ac7a29eab86f3d418f18b67750c4deca1c01529454e5f1a591e6fc6dn/aHeodo
2020-09-30BAL_PO_09302020EX.docdoc a1cbbf8abb7c17079dd727968cf72dadead6f70a04ffc9f51b29860c9a8d4801Virustotal results 45.16%Heodo
2020-09-30INV_41712752.docdoc 896b1086164f16900fa21fd364f85761da882abeb87573d0eac49e7dfaf2524bn/aHeodo
2020-09-30DOC_05987850.docdoc 5989ac83f73cf6a5aec06cf124e7ec4ae2f9704193be74a77f2e72d1fac2aba0Virustotal results 40.32%Heodo
2020-09-30DOC_WD3256500496ZW.docdoc 1a2856f6dfce0f239bb89c2fa41ba26f9d1761dd09caa8312e58c26aa1411369Virustotal results 38.71%Heodo
2020-09-3091016154.docdoc 1854226276e84dabaf5ceaefe8e33cd56360b60752eef6ff1a0e8e1657931e53Virustotal results 37.10%Heodo
2020-09-30ZSDTDNE.docdoc 8d0311de9248f3fc0efd38e822a2d51fb26ec893e9cef6a0f81a2c2b2ea62bd6n/aHeodo
2020-09-30INV_PO_09302020EX.docdoc aabd54aa244d3a19daa025d685a63495581f02a35c44e11bdb76ea7bbf7360baVirustotal results 32.26%Heodo
2020-09-30DOC_PO_09302020EX.docdoc bf8dca92c415f9441d506b7b5aace8b6d6bfbd8d67351b32abc27e2ef1e242efVirustotal results 32.26%Heodo
2020-09-30INV_XB5239749072JJ.docdoc c23dbe57bf9ad222746ad89939427a3fec7c2b13f26a03922e9450f6d07ea0cdVirustotal results 31.15%Heodo
2020-09-30BAL_VT72IZNQJY7.docdoc b3e10600287dfaee56f53325acb38c44c75d92fdda24bce58c9d231eebc0bd06n/aHeodo
2020-09-30SSWV_ER4937406153VV.docdoc 4a9f3550003b6a5732c04dafb0112c4a68a0e1b9b00f0244bbf65efc7561823en/aHeodo
2020-09-30B_PO_09302020EX.docdoc 96658effd966024181bb6c0128804f37e523120f12108dcc80230e636aa0e291Virustotal results 30.65%Heodo
2020-09-29MASV_SDOELBABQY0.docdoc 6596f751d97b234516bc66104d96abd644a86657c7c981f245101bb9bba1c004n/aHeodo
2020-09-29LPOP3HS86X.docdoc ad21f91ac048eeb669e0a9cc8199225d755cf89a9f5d79d7fb39ef2659f04a9bn/aHeodo
2020-09-29REP_YJZ_090120_EPR_093020.docdoc fbdacf9e30368d59414b52f459d935964b7833d6d8467bf0eb4ccfa97f71e4d6Virustotal results 29.03%Heodo
2020-09-29Z_26230585364698.docdoc a863d09af176344fa94c7820a54398bd505f2ee93f7f66a6f05d3e60b71479ecn/aHeodo
2020-09-29INV_PO_09302020EX.docdoc 76d3bae4ebe683a5d3ff0d90971119c287a3acbab073e28b979ad7eaa60e37bfVirustotal results 27.87%Heodo
2020-09-29Q_QKE_090120_VPZ_093020.docdoc a6f13db40e3ed06a80aa775c78382c22282019f54c1f646ad0cfd78ffa13bfc8n/a Heodo
2020-09-29DOC_60236676117313755546.docdoc 33c16dca57826043e0e0e906d157fcde3b15178d62747fe0ee0f10f1589d9498n/aHeodo
2020-09-2930405691.docdoc e25bfe6c425630e394d75eb14cd5d21d0731496beff151ad23c69e89ca8ca434n/a Heodo
2020-09-29REP_202281716955333560027.docdoc 70964b49112dd7c4c7cd09edd46cb06f49b2a874d906b2757fb00942e733d2fdn/a Heodo