URLhaus Database

You are currently viewing the URLhaus database entry for http://mpgpro.ru/wp-content/eTrac/eFq2z1psSHA1ei2jf/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	698673
URL:	http://mpgpro.ru/wp-content/eTrac/eFq2z1psSHA1ei2jf/
URL Status:	Offline
Host:	mpgpro.ru
Date added:	2020-10-15 22:06:04 UTC
Last online:	2020-10-16 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-15 22:08:04 UTC to abuse{at}reg[dot]ru)
Takedown time:	8 hours, 22 minutes (down since 2020-10-16 06:30:28 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-16	ARC 20201016.doc	doc	1bce0620f3ce7ad399b5bce897242f60a98af20118452134bca8d7729a9799c6	n/a	Heodo
2020-10-16	arc-20201016-731306.doc	doc	e52f2635e68a8f40c8e47ed31a932dbd89ca5e423bc8565b71df778c2c7c2eb7	51.61%	Heodo
2020-10-16	Mes 20201016 ID0128.doc	doc	ad29fba32bbfa20e1769369f3a121ce461433fc55e719db4c522855e858262a1	n/a	Heodo
2020-10-16	File-20201016.doc	doc	a6091d359b405ea83e58000e282b0bd40824c64d36b4546077d786ff19124be1	n/a	Heodo
2020-10-16	Untitled-20201016-23904.doc	doc	a47762c209b57d46904972127a1289ee6b304fad012783b113472df47b76d81f	n/a	Heodo
2020-10-16	list_2020_10_16_D61632.doc	doc	8d55bfa88aac7102ed41f043d7266e85bfd3e83d0d8f7d298876419eb1bde683	n/a	Heodo
2020-10-16	inf_2020_10_16_Y909.doc	doc	33e9aa06794873710331ae9974a1df6d3d1529d39553dbd6a504a1181b05bbe1	46.77%	Heodo
2020-10-16	arc_Y350620.doc	doc	d779a23df9f672a173e5db73dec484b9b58435f3cc4db430e5b5a97c6021fff3	46.77%	Heodo
2020-10-16	rep-20201016-B05183.doc	doc	aabb9ea2a83771f9921f5d074e4cf99314607d95cb6f4b069f4ffbca8b18a8f8	n/a	Heodo
2020-10-16	ARC 2020_10_16 9129.doc	doc	878bb13d04d93f1209ba23990aef838329f86ff7fbd86d5bc6bd24da81dbf0f7	n/a	Heodo
2020-10-16	List_9575699.doc	doc	c7cf5a3d5d7fa1c15561e9ae23236bca356132e283a8651ce8f9257bdf79f77e	42.62%	Heodo
2020-10-16	05272856_E309.doc	doc	eab5eed41969a9071221c46da6c2e5cbad82ce39b400964b2a4cc2c05d5617ef	41.94%	Heodo
2020-10-16	MES 16159.doc	doc	77336efe637e5b6480a97a6764e16c75424a6c44345993fbc87a04fdb1a4437d	42.62%	Heodo
2020-10-16	INF_20201016.doc	doc	38a5fb11e6266a457f515df1b8c3ba51c2dfafb32164cec12057a63a473daad6	41.94%	Heodo
2020-10-15	Untitled_2020_10_16_EF58658.doc	doc	b060160af00ceb90812eb219ac8e72258f487365866f64374c5786171cd6c947	n/a	Heodo
2020-10-15	Attachments_2020_10_16_TP179.doc	doc	4be03f6e2d9d995b0c327a02bb5c0dd41b90691a3da98e256f2defb4695ef311	42.62%	Heodo
2020-10-15	Arc FW727.doc	doc	e9bb85a4542b6d954e0643d3a11e297ddd82611c26f5b20de5e92bbc0ca77418	38.71%	Heodo
2020-10-15	Dat-OUZ93546.doc	doc	47ce9bcd74cf07f1e9312e71da59c363eb8c6b91f592da4c37aada97a38318bf	38.71%	Heodo
2020-10-15	doc 20201016 21758.doc	doc	5cd96c13db27678a592b3f51d44ba42985b5dd571a8c393baddead43dc655f54	37.70%	Heodo