URLhaus Database

You are currently viewing the URLhaus database entry for https://dusitserve.com/gethits/ca62/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:704814
URL: https://dusitserve.com/gethits/ca62/
URL Status:Offline
Host: dusitserve.com
Date added:2020-10-17 00:48:05 UTC
Last online:2020-10-20 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-17 00:50:18 UTC to abuse{at}metrabyte[dot]cloud)
Takedown time:3 days, 3 hours, 3 minutes Bad (down since 2020-10-20 03:54:01 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-17PO_10172020EX.docdoc 360a5cb7eed923017b4ef07460e7652362cdf1fc0a902516addbb8e244e30134Virustotal results 53.23%Heodo
2020-10-17REP_DGZKWPUT4DGUKBTE.docdoc bd5e318573106192eca830985c93ad07583928c7ba9b1f752ee5ce3e38eea593n/aHeodo
2020-10-17LKD_VD8251628394QQ.docdoc 36d4d0f8ba694e3a45ac3fd858e3312538bf61d501403dcbe763638f043ab3a1n/aHeodo
2020-10-17UU3710058673CN.docdoc c309ac7c5bd891429998c87f40086ae669e29affaa99e133c557fbb78bfa269dVirustotal results 53.23%Heodo
2020-10-17FILE_FXG_100120_JEQ_101720.docdoc 83af4eee8013969fd28932937f24ed1bb6031013a525dcd161ed6914b41feba5n/aHeodo
2020-10-17F_7IGS2UU17NM8991X.docdoc 08171ab9613c40f0cffda97d95d104eabd33aca151d19a4315b8e2ec2142fb63Virustotal results 53.33%Heodo
2020-10-17DOC_F9FC3SWRSPK3Y.docdoc e9fc0607223bdfcf6365b914d806c89315bbdfff9681454d6b67b060ef04024cn/aHeodo
2020-10-17INV_XC8732412534LA.docdoc 4ff23dc1f01527658819824659e03edb6ee7d16cdf8704e61548acf040415238Virustotal results 48.33%Heodo
2020-10-1703237182014733753628619.docdoc ff9996026d66c80170010bab3d84d0ba1ecac3a6b87f8e694008feb0bc0b3d4fVirustotal results 53.23%Heodo
2020-10-17INV_602561501095043.docdoc ea065a0dbc3ca645237d0c98e82887ca636451f3fa822c6c0a087a2fe98c230fVirustotal results 53.23%Heodo
2020-10-17MHM_100120_HMB_101720.docdoc cab952f8c6436054516b7fb9b6dc980a0921858a4a312229099f2817b9846340Virustotal results 54.84%Heodo
2020-10-17YJBSSYI3QXHD.docdoc 3ad213e4b7d2660593144245f06a9ba71b10e326cbf5996b2f632ed5457e77d7Virustotal results 54.84%Heodo
2020-10-17BAL_HL4981169750NJ.docdoc 85a42a8d612d20af55e105cdd7caa6c881ebae398c26dea03e0cf147e543f917n/aHeodo
2020-10-17MSBA_29210078405232918693.docdoc d718b0058aaa9406fd6bfdf6d7f13e8963789c2c0b331e70fd6e8edd6b1f22ebn/aHeodo
2020-10-1758752601.docdoc 4f1b55b5cbbaa28b0d87b93dd256cebd16df18a51e081378940ad152fd24da8eVirustotal results 50.82%Heodo
2020-10-17I_PO_10172020EX.docdoc d475df1f773d7613eb0737655576c72e27384c8dcd3f851df9ab4ef978049108Virustotal results 50.82%Heodo
2020-10-17REP_QYRUD3KMTWP.docdoc 905c7ae4c62237c4d5783b52652b9eef6be72076862c6f6aaa440f8e7ce23a8cVirustotal results 53.33%Heodo
2020-10-17PO_10172020EX.docdoc c85fe8825461de0503c8b9b612f01c88a1124e0c33ace58d20c22cf40c4bd03fn/aHeodo
2020-10-17INV_PO_10172020EX.docdoc 33e3f84944619fd92c3e53215fafb2b4b962f3e7b97ac0e358959d8ca710de70Virustotal results 54.84%Heodo
2020-10-17YQ7WLTQ8YY8J1MBT.docdoc 02730b23749bb5e945d78771425520fe94a15b5647f34a7efeca54a72c9297c9n/aHeodo
2020-10-17XONV_75751308.docdoc db234da6bba5f671c8a6fad07cfc6ad7ce1b078a32f920e2edb4b142167e18dcVirustotal results 51.61%Heodo
2020-10-17DOC_76379695.docdoc 055030f2d18fed27b4bc4f3e461f0eceb8308cbc3182ec2eca899c70d9aee715Virustotal results 51.61%Heodo
2020-10-17INV_ASQ1S5RGYKZ.docdoc 4f6043ed53481592c3b9db4608a157df568b466062cba2018b8e5c59bfb40563Virustotal results 52.46%Heodo
2020-10-17RODB4M9JV.docdoc 72bc6543f22de398e1374caed638e9a1d24ec0b37a5fa9b5ac10ade7559ab839Virustotal results 50.00%Heodo