URLhaus Database

You are currently viewing the URLhaus database entry for http://sherif-hammad.com/wp-includes/Scan/uwze9ca1t/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	693472
URL:	http://sherif-hammad.com/wp-includes/Scan/uwze9ca1t/
URL Status:	Offline
Host:	sherif-hammad.com
Date added:	2020-10-14 17:08:05 UTC
Last online:	2020-10-18 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-14 17:10:04 UTC to abuse{at}a2hosting[dot]com)
Takedown time:	4 days, 3 hours, 36 minutes (down since 2020-10-18 20:47:01 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-15	REP_OQ4077907271ZI.doc	doc	fbfbfd66d77416d15bb6603a26cceafe9290ffd3930f91661f7b8037a11e7dd9	39.34%	Heodo
2020-10-15	R_EXY_100120_BMK_101520.doc	doc	302feabf564340c14d1f92d13de41df335b09e8258375d7b778f67a69f57459e	40.32%	Heodo
2020-10-15	FILE_ZAX6PJ76ZU9U.doc	doc	d30ec2dde96e92164e6be1b42ad79b2b25464da4be6140e0965cb115a5d9e8dd	32.26%	Heodo
2020-10-15	REP_584732448939316658335.doc	doc	19374cad4526845510b04c4f99d32873a3ca0e5da21abd1bc6aeafdda7473529	32.26%	Heodo
2020-10-15	E_40164110321229180240.doc	doc	5d3017d4878e28f04f39fe176de060a002b3f4752644eeb98f04ee2593d259db	n/a	Heodo
2020-10-15	BAL_KOV_100120_FVT_101520.doc	doc	a251d76425f1841e17b9efa9ab58b8a0f26c25f997500348b2c5a7cac89daa78	33.93%	Heodo
2020-10-15	BAL_77727947.doc	doc	ddabc8380b111a6ab0351fdf1e43024580cf19bf58f90bb43c51755ca4058ca1	32.79%	Heodo
2020-10-15	BH_UZG_100120_TED_101520.doc	doc	da773aecb5b38de74a2aa07b5e5f4c66165271f9bbe3fa5a5a4f06bed264adf3	n/a	Heodo
2020-10-15	BAL_PO_10152020EX.doc	doc	2a3d73d8e391636548a28421a0cceeaa7fab08cb60380bf090a57a1af35b96fb	37.70%	Heodo
2020-10-15	INV_MYU_100120_FIN_101520.doc	doc	8877bd46df4f972056ba63398a055c5fe92b53cf944fec3f5b7f58904c39ceff	30.65%	Heodo
2020-10-15	INV_PO_10152020EX.doc	doc	48caa70a3b31ff976df78f2b4525b27307a53e88d1ce4f1846dd5801dd2c9b76	33.87%	Heodo
2020-10-15	FILE_YI7900012649DB.doc	doc	63d8b2866cf26b1f4411b45557b36780023b3768efe30a63d1e00400158856df	n/a	Heodo
2020-10-15	057002824821391.doc	doc	599c5a96c48cab303ee9a8fedda331cf66f2db8f076733cf715d00c5c4278e20	40.68%	Heodo
2020-10-15	SBUXXBEPDTHIE.doc	doc	0bba700eccd740560f4344921b97e592f9fc4e31fea87d50bd0dadcaf73ddf75	n/a	Heodo
2020-10-15	DQO_100120_NVB_101520.doc	doc	5fefd7066e7cb6344aa6f4ceb150de371e98cc1de2af7bfa2fa46cb4949ff0ae	31.15%	Heodo
2020-10-15	DOC_XY8506431514HD.doc	doc	826df3430c822b2aa33180efdc56c45a6a2e76c53620a4956652785a354fe744	33.87%	Heodo
2020-10-15	16384949.doc	doc	f71ae94d242b3462c842f1437cae8812ed520d8707566c04c3570859cc609937	33.87%	Heodo
2020-10-15	INV_UWC_100120_MTT_101520.doc	doc	0acbd96443e33ed3c7bb5928e381f4440eb99308be50ab1a869a7bc118e57076	32.79%	Heodo
2020-10-15	INV_82346066766235224.doc	doc	25aa35b354712a75a1fa86936a9f4195ea8e3c08a6e6f2c3b9820cb4dd28209d	29.03%	Heodo
2020-10-15	BAL_PO_10152020EX.doc	doc	5e0d9e19ad9079d0325f377113e1975450b7c90b66051ea99f268153814d5687	32.26%	Heodo
2020-10-15	INV_GOB_100120_IJS_101520.doc	doc	9954017c3108e9f6fd524436830144dcc04c49f339486dba48e2d3dd3dfbd0a7	30.65%	Heodo
2020-10-15	REP_UCQ_100120_YMI_101520.doc	doc	a9e9fd09c8758fd9bc32c4f3cdc9b19afafdeb894a288778c2a4df42944be7c0	35.48%	Heodo
2020-10-15	94439722.doc	doc	14cc0eaf88072cd7dc29c10554024abceb5d548710ad957dcece3133a3a37dc7	33.87%	Heodo
2020-10-15	BAL_35224845723213121408889.doc	doc	275d247b675319a0e083b29b0e1c88b3bae28687e80b83a5b6db109ae72d954d	n/a	Heodo
2020-10-15	REP_33758448956525318745081.doc	doc	0542ec36ffc846a864befb3bf220746110608b4242bcc75caff8b9f2cc196f71	35.48%	Heodo
2020-10-15	DOC_EN4VA5WJE.doc	doc	5b4c47d73226347391f06e552ff9caa035e74cdcd652ac424c4364ab6fcca280	35.48%	Heodo
2020-10-14	BAL_8912735237240.doc	doc	7b075ad4950850227bed02d8388e00fb244191c6f5dc0af216109799e512aa5b	29.51%	Heodo
2020-10-14	ZHS_100120_MOY_101520.doc	doc	afd89d680ed20d0e8bd292584c4624a576c89586adf93f13c56e6c505f835747	31.15%	Heodo
2020-10-14	ULK_100120_CFL_101520.doc	doc	766cbde7ddad3ff7d55d13146e76bdfdd1699d56ad5886d619dc2e74f2889d1d	29.03%	Heodo
2020-10-14	5136794260560221.doc	doc	bdc02fe04af997c168ef98c00ea436fa9c9224c46b50b60b1237e70bfd4ea484	33.87%	Heodo
2020-10-14	DOC_34645932.doc	doc	9670351cda3385021054e49a74fab0df1f24d4e7d1344baddab81bfc1a4ae963	n/a	Heodo
2020-10-14	DOC_50646564.doc	doc	dc41f5064696331607d50440a2dc8ad1aeb74a70cc6d1fe6ff652dc36d48a51d	27.87%	Heodo
2020-10-14	FILE_614668933366805581242691.doc	doc	d8e8296e8032721412eeedd5ef9a8e7c30015865ebfa1b8661f447ff4fcc676d	27.42%	Heodo
2020-10-14	KI_PO_10152020EX.doc	doc	8b93392f1157f46ab9025aff15937ecc6c0d74ec1881502a048d919c9b203543	31.67%	Heodo
2020-10-14	DOC_MWW_100120_FQH_101520.doc	doc	869792b43ea7856767f4017e9b245bd25edb7cd0f02da9633e422273c0fb15a9	30.65%	Heodo
2020-10-14	REP_PO_10152020EX.doc	doc	9140235214871fd0aa4167f88aafd261126784ecf7c266b1f5678c46dc9be18d	31.15%	Heodo
2020-10-14	BAL_ELO_100120_URS_101420.doc	doc	acac416cece30666385ae079cb90ec34a542354582617767f179f71cfc03384b	27.42%	Heodo
2020-10-14	INV_0792653192146199955.doc	doc	4941f3655d82f92d240ad2c9fcfe7171919c3e8d2986f4b5817bc018ecec5426	29.03%	Heodo
2020-10-14	JP9666442407VS.doc	doc	064adbd5640ef3fda23824886ee23921c5a3e50d8e7a2906bdd636e1c982aa9a	30.65%	Heodo
2020-10-14	MT_AI4615111638GI.doc	doc	aa08af368a5160b9286b65057e96e42aba63933c677ed3bc930d3357d7b40176	26.23%	Heodo
2020-10-14	HG7398829348PE.doc	doc	9cdefce35cdb78bfad530dc47d20a2497159cfaff4df8e163843ece18a16396c	25.81%	Heodo
2020-10-14	REP_25825337.doc	doc	d35a361ae4f33701ef64ed5127d5ebfb837ddb2f32f33ec1fd399c422074f947	n/a	Heodo
2020-10-14	76708534.doc	doc	11b6433cc50996eaa60f48be87ac8627f7ef22e82111415e743daee3d32b613a	n/a	Heodo
2020-10-14	DOC_TQ8104379314MK.doc	doc	5af52101bcb4dda697be9dd3b24384f3549149ca0a7ce489864e25821ed0ea5e	n/a	Heodo
2020-10-14	E_25578658.doc	doc	6905565ae8863140a95f62f9f4ceb69dc65fb72c9688891ccf74eff8abcfcd6b	n/a	Heodo
2020-10-14	INV_7OSGNT06CKUH.doc	doc	aaa85cc2433098ad755f0abcc1aa89d2ab7c5a7c0a543a052e564188341c6fb3	27.42%	Heodo
2020-10-14	REP_PO_10142020EX.doc	doc	ee5bd90d56bc6cb38d62c7ac2b5431ef804d65a47657aeb859ce89c464b9b3e7	n/a	Heodo
2020-10-14	73699503.doc	doc	12c3ea7036e484a2dbf77cc2600da9c20246d11ddb7dd07a501c81d0b1e84cd1	n/a	Heodo