URLhaus Database

You are currently viewing the URLhaus database entry for https://columbiasaude.com.br/sys-cache/INC/5r2ics0dgwv1n43zgmrpwbo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:694427
URL: https://columbiasaude.com.br/sys-cache/INC/5r2ics0dgwv1n43zgmrpwbo/
URL Status:Offline
Host: columbiasaude.com.br
Date added:2020-10-14 21:15:05 UTC
Last online:2020-10-15 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-14 21:16:04 UTC to abuse{at}digitalocean[dot]com)
Takedown time:16 hours, 32 minutes Good (down since 2020-10-15 13:48:37 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-15CGL_FHC_100120_EHS_101520.docdoc a6af3659e4963433d13e172e008c461d2b7c51e23095ab79381d98819d153e6aVirustotal results 32.79%Heodo
2020-10-15IO_PO_10152020EX.docdoc 599c5a96c48cab303ee9a8fedda331cf66f2db8f076733cf715d00c5c4278e20Virustotal results 40.68%Heodo
2020-10-15REP_IK6371778378UH.docdoc cca3799a5d79aad049795ea6a869e22d90d248ef1c1193d5d5933237b20157c5Virustotal results 32.26%Heodo
2020-10-14B_15315437576480.docdoc 71fa0aaad2c5cd2e5e01af73667f97eb339a574575e69a2086b5f4c84ea05800Virustotal results 27.59%Heodo