URLhaus Database

You are currently viewing the URLhaus database entry for http://weddings.loukyasalon.in/cgi-bin/LLC/5H2boaIiYuBv5mWn8iop/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:717126
URL: http://weddings.loukyasalon.in/cgi-bin/LLC/5H2boaIiYuBv5mWn8iop/
URL Status:Offline
Host: weddings.loukyasalon.in
Date added:2020-10-19 10:31:04 UTC
Last online:2020-10-19 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU003021971 created on 2020-10-19 10:32:05 UTC)
Takedown time:9 hours, 51 minutes Good (down since 2020-10-19 20:23:51 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-19List 201.docdoc 74c02791bd5b59926d6eff9113abfaf907a47501118cfd2bcadafe6bd5743395Virustotal results 36.07%Heodo
2020-10-19Rep-2020_10_19-844233.docdoc 14e14dff94f0ecce9eae85db1e0d740e7ef3363e90a0459985101ca8799855eaVirustotal results 37.10% Heodo
2020-10-19rep 2020_10_19.docdoc 81627af55dc34a655ff0b054e03f19b5ccf2068b3b39e36e83211e6b238c4a33n/aHeodo
2020-10-19list.docdoc e276bdf358df5e2a0e1bbc76097577ea20ff8ae70d7a8dbcf976a894f78a4116Virustotal results 37.10%Heodo
2020-10-19INF 2020_10_19 MP043.docdoc dc7bbcc9be5194ef0cc6ec9de42efab4c6e0fa1c681207887e51fe4e19d970b1n/aHeodo
2020-10-19Arc_20201019_PK492554.docdoc 2e635c36fd2df11f722f382050313dc4a5a445f9edee97a2066ee2a0291bf860n/aHeodo
2020-10-19ARC-AI799.docdoc a3724d04e16526450d49ad8cf77b30accaf8c02c67de379f80cbc06003905de9n/aHeodo
2020-10-19mes_2020_10_19_ZJ093623.docdoc eb463c59e334794f1c472830f4316523df2972cb4ad33dea56b8507ad61c2634Virustotal results 32.20%Heodo
2020-10-19INF 512992.docdoc 41d9101a9835faaf362375ab98bd7fe90f00dff615874def1d8d228c12d71348Virustotal results 30.65%Heodo
2020-10-19DAT-2020_10_19-O535.docdoc 725e66047be2a54ea02b16d3531f3e755345b2de161135f6ddc0e8545dcd7f96n/aHeodo
2020-10-19doc-2020_10_19-DDO461169.docdoc d75119e895cc84de39a3e027d94684b52a3cc73f74cd7b23a2c2a913a93a13a6Virustotal results 29.51%Heodo
2020-10-19ARC-20201019-8730402.docdoc 2e2140c41600e4f44e991f88416b4906b73a492ca3e6d4353754ce634092f916n/aHeodo
2020-10-19MES 2020_10_19 2960987.docdoc 6a1c178a30f040e280b211b75d7a6bd7979bdea40c4e74f1c8e32d72775ed2e7n/aHeodo
2020-10-199316M 2020_10_19 WQ2458.docdoc 0ff52caeb6c47e929cd9ed98195f7568848e6e5639e84066b3c9cd90f3d7eaf0n/aHeodo
2020-10-19Arc_20201019.docdoc 129220fff087c628c6115ada10228270ce5c2e1f0f78ff0226f77315259172b8n/aHeodo
2020-10-19file-20201019.docdoc e9d14ad480bd8cd64bc1db185970486a23f1adbed0b885144ef0b8d7b8cc778cn/aHeodo
2020-10-19Mes.docdoc d735121a060cf58c3b8a547c6014eee4208c637769d38c1cd26955e2f8c8b31an/aHeodo
2020-10-19Rep_9949031.docdoc a7512b6773ae165bcf27fc842da6e91862625e182a4e1805ea5e9782e6cc3cdcn/aHeodo
2020-10-19LIST 2020_10_19.docdoc e410d8f38ef709b0bb54bd8aec8fa749d067353651d3e8c7521be25f1819502en/aHeodo
2020-10-19Attachment_2020_10_19_SK3320.docdoc 39c75ae4bc33f6c874f3021134591a8f123502dfc28e57ffc746ec33aa7a1785n/aHeodo
2020-10-19Rep-20201019-S516569.docdoc 6d276d88561df7bb23ed6a23b989a2102db48fac6e366d3270947ded46d3ff2aVirustotal results 30.00%Heodo
2020-10-19arc_2020_10_19_5093.docdoc 0ee5fa94bd48ee39f185928f9d4e301487ee594eee70c2c0a794057627254bd4Virustotal results 29.51%Heodo
2020-10-1951675 BY635913.docdoc 66c0e7ceb47c0d152933178eafd5378aa9f4f4e48c5b7ab491e029370818cb4en/aHeodo