URLhaus Database

You are currently viewing the URLhaus database entry for http://profbuh.org/content/scan/a9qa18tk0rge/8oraffr73/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:699367
URL: http://profbuh.org/content/scan/a9qa18tk0rge/8oraffr73/
URL Status:Offline
Host: profbuh.org
Date added:2020-10-16 05:43:05 UTC
Last online:2020-11-12 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-16 05:44:13 UTC to abuse{at}reg[dot]ru)
Takedown time:27 days, 7 hours, 19 minutes Bad (down since 2020-11-12 13:03:31 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-17INV_AOC1IOKL6VJRNJ.docdoc 360a5cb7eed923017b4ef07460e7652362cdf1fc0a902516addbb8e244e30134Virustotal results 53.23%Heodo
2020-10-17CMF_100120_FRS_101720.docdoc bd5e318573106192eca830985c93ad07583928c7ba9b1f752ee5ce3e38eea593Virustotal results 53.23%Heodo
2020-10-17FILE_PO_10172020EX.docdoc b0f945ed6afda303421f9501b2b2d1d2996a132eb27486911019cb9996538460Virustotal results 54.10%Heodo
2020-10-17FILE_99026185954099678796.docdoc c5b951c65f67f1136dedc670dfa0cf0fe59abb9172a0fe5a6011e2882e129e8aVirustotal results 54.10%Heodo
2020-10-17INV_PO_10172020EX.docdoc fa3c245c0bfe5a4b95d229481cbdac5dc3798f1948badeecb3dc692f589c5f7fVirustotal results 53.23%Heodo
2020-10-17INV_15605430959.docdoc 08171ab9613c40f0cffda97d95d104eabd33aca151d19a4315b8e2ec2142fb63Virustotal results 53.33%Heodo
2020-10-17DOC_93860482418075224.docdoc 8eed16b7e0a64351cb06ea437eeae8f69b227cac04237187ed17cff470a3cb0dVirustotal results 52.46%Heodo
2020-10-17REP_LRG_100120_DMX_101720.docdoc ff9996026d66c80170010bab3d84d0ba1ecac3a6b87f8e694008feb0bc0b3d4fVirustotal results 53.23%Heodo
2020-10-17RY8179971697PP.docdoc 8b422df815c80e86241a4670a69918c21bf0fbdde61aaa753f84e0af70d9f4a4Virustotal results 53.23%Heodo
2020-10-17RD6969447953WJ.docdoc c0f957552ea0bfa9ec43b903ee17f870d19d10026a6e967b5ba434e26758232fVirustotal results 53.23%Heodo
2020-10-171325148611.docdoc 9e5f94414bcc33c4f9405dd2c0747ccc8c79921dbaab834a1ce8cd0205bb1f9bVirustotal results 54.10%Heodo
2020-10-17BAL_PO_10172020EX.docdoc 6d5ed047cba0f40a2bd108fdb285520a5590c29ac64b7a9d32a20719905f1e7cVirustotal results 53.23%Heodo
2020-10-17PO_10172020EX.docdoc d718b0058aaa9406fd6bfdf6d7f13e8963789c2c0b331e70fd6e8edd6b1f22ebVirustotal results 51.61%Heodo
2020-10-174847956623651351297383269.docdoc ca5d768289c225dea34f82176591548fc03963cf653f0a8ea0b6e0f9f71ca3aaVirustotal results 54.84%Heodo
2020-10-17T_50207550.docdoc 58a95bd14fdfe2c4e30b7bce237de2fa3351c1bcf0328c91c9333a29a8be15d0Virustotal results 51.61%Heodo
2020-10-17AO6519531704VY.docdoc 252e05a52d4bc9d3d266533b1a75bfab674989b8d3a4f0ff8d898529379329afVirustotal results 51.61%Heodo
2020-10-17JV5466851996TK.docdoc c85fe8825461de0503c8b9b612f01c88a1124e0c33ace58d20c22cf40c4bd03fVirustotal results 51.61%Heodo
2020-10-17REP_ZEL9FI2O.docdoc 61cf4ff84de3e35dd24e8df00464aa832912b8c378cbffc5da91abc576c809fdn/aHeodo
2020-10-17CUDJ_PO_10172020EX.docdoc cad389f338446345616f9a4f005b47f186be55fdd914d1b88f42bc4f26220685n/aHeodo
2020-10-17HKB_QL6361409762HG.docdoc fd0ec2733cb7fc4d8f934cf81b56a9a6fd2dd7290c257cdf4c2a1b3da2bcfc10n/aHeodo
2020-10-17DOC_XLL_100120_ZNG_101720.docdoc 5990f98a0aeffb24181deb144a8519e54f7695794e545b9ba0cb52fe28e3f987Virustotal results 50.00%Heodo
2020-10-17BAL_OBR_100120_SFB_101720.docdoc 99acccb026919eac0d3249c8a9207a71d032fbe59c7540c12aee398ae86e6780Virustotal results 50.00%Heodo
2020-10-17FILE_QDG_100120_LZI_101720.docdoc 1f9fcb8ad3585c6cbf7250308fc58ebd7fd913baf350cbd3d7fd8934c9e33e43Virustotal results 50.00%Heodo
2020-10-17FILE_50299884.docdoc 8e0082cbc47e4f5638313b20400e4874bb6371c424ee7ba8eb29009692653676Virustotal results 50.00%Heodo
2020-10-16DOC_286637556151874754.docdoc 3bae78182dad47ac43920171f44e275863e25a8cbdd07ac0b0279edb751dd12aVirustotal results 50.00%Heodo
2020-10-16RT4OE3UZHTSQ.docdoc 53467ef76cb2d0f4cc9404439089220dd6d34680c167f2f062307713724ee9bbVirustotal results 50.00%Heodo
2020-10-16BAL_243587647.docdoc 6647111dcc98f3a01470eee7de5a3b93b579a08c585cd3553cbfbdf3d54db556Virustotal results 48.39%Heodo
2020-10-16DOC_4046544926959762.docdoc 23600bb2ceb80154b049764a263e10cc02148048a332d10edf6458fc4b2cc34cVirustotal results 46.77%Heodo
2020-10-16INV_09161088.docdoc 0e28ab1cfd540547e916442f60de01263eaf13058f99d4cd5d15a2cd5c078f1aVirustotal results 46.77%Heodo
2020-10-16DOC_84531902.docdoc 8e4239eda8a4993212d0de12a0e6fb748c995f1a89e8fab3417a0140b9f650d8Virustotal results 50.00%Heodo
2020-10-16PO_10172020EX.docdoc 9c44a164c70d7fdbd796c9805e3ce506cf8fd1d8df4d84e27384d794e3c075b1n/aHeodo
2020-10-16FILE_PO_10162020EX.docdoc 81142095ca7067d93c133d0df243493b2a602818aa45374296436668bfa14b59n/aHeodo
2020-10-16BAL_079921973357680364581709.docdoc 21f2a9296db63e8671bce4862c485e7ebf0a1a4bfac598720516c4e81d951f97n/aHeodo
2020-10-1608349GCES4AIM.docdoc ba25bd51dddd6e6b5f359d2e79ac6cafab5ec98ac623f412764253be9e449833Virustotal results 50.00%Heodo
2020-10-16INV_KKI_100120_MRL_101620.docdoc 66039545c0341ab69ac7dac547c88d087e88a6fe13ea338a5fd0397364c0350cVirustotal results 44.26%Heodo
2020-10-1615694022.docdoc e4c1c671c5a35d55de0ae7e2ac20beabe562eaa22291d214907a9d0f7cd9b3a8Virustotal results 43.55%Heodo
2020-10-1605775561.docdoc 69723a53775c6a9e152a508cdfa347a0e07201d2efca1c2c0ac1112748a9fcd6Virustotal results 48.39%Heodo
2020-10-16IYE_100120_MDP_101620.docdoc cb781c9123caaf90b0aa1ccf875c58492ab61503576a1c169840b6ee881a95a7Virustotal results 46.77%Heodo
2020-10-16DOC_0245795823998.docdoc 45f7ed6acb52b3f758297672fcb90f410da0edfe48718c002c3b97016ac99d81Virustotal results 40.32%Heodo
2020-10-16DOC_OOB_100120_OYH_101620.docdoc e07a28bf930b88ae86abcb35ec1ebfafde47d78f4eb537440b0b37432afdbb30Virustotal results 47.54%Heodo
2020-10-169321078704954911663.docdoc 0bab2e001c17a0c5e7e4719f5cb445b2c31b2614e575723a0f614c2c223581a0Virustotal results 40.98%Heodo
2020-10-16KD2808602276YM.docdoc 9ef9aea93327bfec6723725da363f724f06ca447c1a54fa84210ec1b01c86415Virustotal results 35.48%Heodo
2020-10-16REP_PO_10162020EX.docdoc 691f5cbe4e05b980ee84be377f07bf6659cb32cbb7011c4ea835b730c293891eVirustotal results 43.55%Heodo
2020-10-16REP_68230593.docdoc 77841e6834d013e8e9da391602d2a92f126a16360212e7856b1863f12f0f0b0eVirustotal results 36.84%Heodo
2020-10-16INV_RS6612317739OM.docdoc 41b726329c763a097034a2dfa26775648a8594cba8ea2c6604391618c5798a2eVirustotal results 41.94%Heodo
2020-10-16BAL_00622465.docdoc 603619e4d81dda77197d6ff40406a6f101a494901653c22f181ecb7be55111d6Virustotal results 42.62%Heodo
2020-10-16WNM_93154430.docdoc aaa0b201b6ecd9225b9f151fef9ab72ef2b37f5b2a35ae38b130f2b9b7cc5e8bVirustotal results 40.32%Heodo
2020-10-16FILE_31216576.docdoc 06ed9f71bb75c3f1c65fc774e6cf9914f9d7f8e54cd0cfe68ff7e71de686f446Virustotal results 36.67%Heodo
2020-10-16V_PO_10162020EX.docdoc 47d38038ded63e7475f52b11190a88ecf7f16b7bc13b5a277cfaea452e6bb240n/aHeodo
2020-10-16W_QHA_100120_RYG_101620.docdoc 6a643872b2481769c2b5927a429f7f678557018b9e08015b2be084d104bbad4eVirustotal results 32.79%Heodo
2020-10-16DOC_95944339.docdoc ebd9a7a7b9549c9d6181a8972c532d559d5495d9a7decad112cb1d13c8a6e664Virustotal results 30.65%Heodo
2020-10-16BAL_PO_10162020EX.docdoc 01f98b1a31eaf93128b65347f3fc0e25b853d2535e9d828263002b80f0e445a0Virustotal results 31.15%Heodo
2020-10-167165021134730.docdoc 3b29c8e3eb58dc756778fe366c1768a95e278d08ac62156cef908400044ddbc9Virustotal results 30.65%Heodo
2020-10-16N_16584472.docdoc fc806b39237bec90a8815cf600d9f371357926be080869be6a1cfce9c6a2e9caVirustotal results 32.26%Heodo
2020-10-16V_CPC_100120_ZHM_101620.docdoc aa3af1b21af839268143b000b0e8f4a431079b94f69c8025f31315e8ceac2b47n/aHeodo
2020-10-16INV_PO_10162020EX.docdoc 8e9462c9a3766b0a41a21d609caf5c36fd65d502b5e17bde7bb2a99628d16bd6n/aHeodo
2020-10-160CC0QPSCQN4XW4.docdoc 6e1929d0be05fef19f8c294a2323971b7e2127acf7000f5e02e0a1a6555abee0Virustotal results 32.79%Heodo
2020-10-16REP_MYGUKZ40ASJZW.docdoc e6896dad4ee0bc73a3114762b88c9d93732c631e64c537334ac38f7c7c421141Virustotal results 32.79%Heodo
2020-10-16WZB_100120_YLM_101620.docdoc 44b5ac3a1688e978f2ab497cb9a2b77b9a4a27edb617212e27b63035becfb148Virustotal results 50.82%Heodo
2020-10-16FILE_AZ6012081151TE.docdoc 8c5946d83496491e60468ec85aa90964c00945bcbd8e72e8b05b9f230d85f7f4Virustotal results 50.00%Heodo
2020-10-16BAL_PO_10162020EX.docdoc 147b9616588be0def766828cbdc415348543d772fbf13e9a7fbe0b37b0ebf3fdn/aHeodo