URLhaus Database

You are currently viewing the URLhaus database entry for http://energyforliving.com/old-site/d32lvhe6hd9kzi30ilxxo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:702167
URL: http://energyforliving.com/old-site/d32lvhe6hd9kzi30ilxxo/
URL Status:Offline
Host: energyforliving.com
Date added:2020-10-16 13:53:05 UTC
Last online:2020-10-19 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-16 13:54:03 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:3 days, 4 hours, 24 minutes Bad (down since 2020-10-19 18:18:18 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-17BAL_MT6112987873ZA.docdoc 360a5cb7eed923017b4ef07460e7652362cdf1fc0a902516addbb8e244e30134Virustotal results 53.23%Heodo
2020-10-17BBZ_100120_LQO_101720.docdoc b61cc94625d0aec1674d3ffb90ade5b30575e1eb8a755f9944cfcb4d40378041Virustotal results 51.61%Heodo
2020-10-17PO_10172020EX.docdoc 5ab2456a7a5d44a28ef32f5ac8c55e8eaf4b24802b2d326a29cd9aa4199e0b97Virustotal results 53.33%Heodo
2020-10-17I_QMC_100120_QDV_101720.docdoc c309ac7c5bd891429998c87f40086ae669e29affaa99e133c557fbb78bfa269dVirustotal results 53.23%Heodo
2020-10-17OQL_82975364.docdoc 08171ab9613c40f0cffda97d95d104eabd33aca151d19a4315b8e2ec2142fb63Virustotal results 53.33%Heodo
2020-10-17FILE_PO_10172020EX.docdoc 2b95f52b2f665277c1b271f68b7ac017b7653d398e73877b7c8db4bf2ccaa52cVirustotal results 53.23%Heodo
2020-10-17FILE_8249187521236657477620.docdoc 4ff23dc1f01527658819824659e03edb6ee7d16cdf8704e61548acf040415238Virustotal results 53.23%Heodo
2020-10-17BAL_HR4764933655HV.docdoc ff9996026d66c80170010bab3d84d0ba1ecac3a6b87f8e694008feb0bc0b3d4fVirustotal results 53.23%Heodo
2020-10-17OW9650999255EU.docdoc ea065a0dbc3ca645237d0c98e82887ca636451f3fa822c6c0a087a2fe98c230fVirustotal results 53.23%Heodo
2020-10-17FILE_PO_10172020EX.docdoc cab952f8c6436054516b7fb9b6dc980a0921858a4a312229099f2817b9846340Virustotal results 54.84%Heodo
2020-10-17T_45300908.docdoc c0f957552ea0bfa9ec43b903ee17f870d19d10026a6e967b5ba434e26758232fVirustotal results 53.23%Heodo
2020-10-17INV_HRX_100120_PSG_101720.docdoc 3ad213e4b7d2660593144245f06a9ba71b10e326cbf5996b2f632ed5457e77d7Virustotal results 54.84%Heodo
2020-10-17FILE_63250250.docdoc 6d5ed047cba0f40a2bd108fdb285520a5590c29ac64b7a9d32a20719905f1e7cVirustotal results 53.23%Heodo
2020-10-17YJ3602529836KI.docdoc ab8be8e21a7c5f0a158818bdf5fa9883acaffa78d8cfa5cae36ba7d756b8fed6n/aHeodo
2020-10-17PO_10172020EX.docdoc 4f1b55b5cbbaa28b0d87b93dd256cebd16df18a51e081378940ad152fd24da8eVirustotal results 50.82%Heodo
2020-10-1798171847.docdoc 7563b098e425087d70e59bc0ad1d712d39ec6286fc63eaa9a9eea68f9a7ede26Virustotal results 51.61%Heodo
2020-10-17VSP_69440978.docdoc 252e05a52d4bc9d3d266533b1a75bfab674989b8d3a4f0ff8d898529379329afVirustotal results 51.61%Heodo
2020-10-17DOC_QH2038256284AH.docdoc c85fe8825461de0503c8b9b612f01c88a1124e0c33ace58d20c22cf40c4bd03fVirustotal results 51.61%Heodo
2020-10-1789ND8GEEQ1IE7R8A.docdoc d19c1e922354570a8700f8dc25900a7c8ae4bee4b08908a4c6cad2309eff1ba1Virustotal results 52.46%Heodo
2020-10-17DHR_100120_ZEO_101720.docdoc 02730b23749bb5e945d78771425520fe94a15b5647f34a7efeca54a72c9297c9Virustotal results 52.46%Heodo
2020-10-17PO_10172020EX.docdoc db234da6bba5f671c8a6fad07cfc6ad7ce1b078a32f920e2edb4b142167e18dcVirustotal results 51.61%Heodo
2020-10-17REP_TJWCG5O9.docdoc eb06448eea7b0d73132945671275ea572688e13de195a89974d8315900ff8cb7Virustotal results 52.46%Heodo
2020-10-17FILE_16427186.docdoc 4f6043ed53481592c3b9db4608a157df568b466062cba2018b8e5c59bfb40563Virustotal results 52.46%Heodo
2020-10-17INV_PO_10172020EX.docdoc af4011781c0a2add45a6f72b8d52e5bd7d7381ff28c93e478dede0ff100ff237Virustotal results 50.82%Heodo
2020-10-17DOC_1389172917108371717366.docdoc 72bc6543f22de398e1374caed638e9a1d24ec0b37a5fa9b5ac10ade7559ab839Virustotal results 50.00%Heodo
2020-10-17FILE_04060731709271859.docdoc 1f9fcb8ad3585c6cbf7250308fc58ebd7fd913baf350cbd3d7fd8934c9e33e43n/aHeodo
2020-10-16FILE_KB9666023272NS.docdoc c25321d27755dd74dfcb51c16c96a607d16b09b59b1cbe7f025dc89763d9d630n/aHeodo
2020-10-16FILE_3065885594.docdoc 3772d83153c2d54a8a3dd72055370d3db69948bf4eafeb69018ce518c7801d05n/aHeodo
2020-10-16SSJ_100120_TMH_101720.docdoc bf79372e0c3a2b7a3b0df0f3994621206443404f5c382b8ad5e5c609c6b0e043Virustotal results 50.00%Heodo
2020-10-162S2BMJEBK2IT.docdoc 9ff9f9b081c0332ad86c6bfa7b467c8084c4531de62f4d64cb0ea17f73ab4c0dn/aHeodo
2020-10-16U_MC1937594722MQ.docdoc 23600bb2ceb80154b049764a263e10cc02148048a332d10edf6458fc4b2cc34cVirustotal results 46.77%Heodo
2020-10-16IC_88653210.docdoc 0e09dd37fcb569eb72ae0c5fb44f9950210c1aca66657847f9685dfbd572cc99Virustotal results 51.61%Heodo
2020-10-16REP_7354101237735784.docdoc ca85dbfecc73cb293b1af1230d6087dbab85c700a767a552cbadf40af3eeb745Virustotal results 46.77%Heodo
2020-10-16C24VJF89.docdoc 9c44a164c70d7fdbd796c9805e3ce506cf8fd1d8df4d84e27384d794e3c075b1n/aHeodo
2020-10-16Z_TKQHDI26KAGFF.docdoc 7b8b2d4ca133105321f5881616be8cc7960257d1f6abbbe026c67e10eaa6ebb1Virustotal results 45.90%Heodo
2020-10-16ZB_R5UHAEA.docdoc 9051dea430fb5eea96e34f2c938f3eaa2e672eeb73fa5d8ee44680ec0b906f26Virustotal results 46.77%Heodo
2020-10-16NQ8912619655CM.docdoc f05cfe8aae97657d11e98c72cd612a7d57f949a47efcf75125edfd9e7a7caa4eVirustotal results 44.26%Heodo
2020-10-16REP_HH5532099390VF.docdoc 66039545c0341ab69ac7dac547c88d087e88a6fe13ea338a5fd0397364c0350cVirustotal results 44.26%Heodo
2020-10-16FILE_668579816530562962722719.docdoc c35986ebc1fadec0bc076c81466e8e87dd82058ca783e03545036dcf9a5d7a46Virustotal results 44.26%Heodo
2020-10-16F4V0AS6FZ.docdoc aea241f3329677966d3248a45a28963b925735e86541501338bd8f27590ab88en/aHeodo
2020-10-16ZZ9385236739VV.docdoc 9d28dd58c8ee62277f91e152a8c7e9964052f5025f10424ec75b9563e6b50cf2n/aHeodo
2020-10-16B_BH3144158962HH.docdoc eee6727eb427510fdf3fc2a8dffc94ab47b897f5c20b69a87cff6f9a5024fe89n/aHeodo
2020-10-16O_PO_10162020EX.docdoc ee640ad9d020dedce3c3a18efe2a6a9a14ed4cf50ffa64ba27090765dfb3cc6bVirustotal results 47.54%Heodo
2020-10-1661933079.docdoc 03fbe322a6456e5d9dba965551b7e114ce5e60b069c859a2f86c9026f3b02ac7Virustotal results 45.90%Heodo
2020-10-16HIW_100120_STK_101620.docdoc 2882ae473d8140a4919487e5c39d6cb78a594f4d99e5e9a7bd77a568ceacc67en/aHeodo
2020-10-16MV0952893018EC.docdoc 08c39bc35902925027d9fbcb94add1228e58eb5c4b52c63564ff142b0e186970Virustotal results 45.16%Heodo
2020-10-16CJK_100120_XJG_101620.docdoc 2c1c8cab0d411952c802de9667aca0d5ce72024da289e07685554f1a17ef5e73Virustotal results 35.48%Heodo
2020-10-16REP_PO_10162020EX.docdoc 84e8abea7d9cd4e2d9c01114ed11fb7e62c9ca8ee2b0f89c9d99430189e2b02fVirustotal results 37.10%Heodo
2020-10-1693717732.docdoc e8cf2d2aeeef9972177572c05c58a7659515a991f2601167d7512ea389672c6en/aHeodo
2020-10-16GTC_PO_10162020EX.docdoc 9c52e949c6c2ca01cb5bf09538ef75451e8aaabf492927bbc8a9f6253007a31bn/aHeodo
2020-10-16FILE_PO_10162020EX.docdoc 603619e4d81dda77197d6ff40406a6f101a494901653c22f181ecb7be55111d6Virustotal results 42.62%Heodo