URLhaus Database

You are currently viewing the URLhaus database entry for https://rosado.xyz/wp/public/Y7lbp0eZenhbn8BwSc2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	718151
URL:	https://rosado.xyz/wp/public/Y7lbp0eZenhbn8BwSc2/
URL Status:	Offline
Host:	rosado.xyz
Date added:	2020-10-19 14:18:06 UTC
Last online:	2020-11-08 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-19 14:20:04 UTC to support{at}oasisgsservices[dot]in)
Takedown time:	19 days, 11 hours, 51 minutes (down since 2020-11-08 02:12:02 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-19	MES.doc	doc	27e44663219563e7600f8b9da77ab67915fe6f480b27cf6ef50da02c475ea10b	37.10%	Heodo
2020-10-19	REP-20201020-932.doc	doc	3207073cb0a36893fd66ce7369e682435effd0a709e6af1dababb08e29185e2e	37.10%	Heodo
2020-10-19	doc_20201020_344.doc	doc	979236f4d2d99e9272c6abef5b246723ac02e7bba9dc2aee883c4c907fe4b362	37.70%	Heodo
2020-10-19	REP_20201020_211280.doc	doc	462d667db40bf34b4c87eac6795e3be18930efb8cf95f78c3a6eda8d21d6c95b	37.10%	Heodo
2020-10-19	ARC 20201020 69677.doc	doc	71e4ec3e11f734f0ce73a46fcbe3079f4418154382d6389da01859b9ad74bd99	37.10%	Heodo
2020-10-19	54495VP_D37930.doc	doc	2da0ef0ca6c372248db1c0649512c63d840327ce42f58c710711ac7d7f5c32db	37.10%	Heodo
2020-10-19	Mes 2020_10_19 UJI9210.doc	doc	f411abc0842fb6ed73a4289b5d99b75b99983571b7cdabb113ec585bf64a09f6	37.10%	Heodo
2020-10-19	FILE-20201019-2556036.doc	doc	99e86f06296071cb510678271b6f0ce1becb7dc7c9729c2ead4ce1985d85f5b4	n/a	Heodo
2020-10-19	Untitled_2020_10_19_AIK9484.doc	doc	b18d3fc1700dfdf1777f5f6cc2dcdbeaea1a0a848141e6c9cedde0dac750bf4c	37.10%	Heodo
2020-10-19	arc_2020_10_19_O762.doc	doc	49871d524581292374e1d7bc032507e04f342fb6b1eef3a1d13be8c7cac32762	36.07%	Heodo
2020-10-19	FILE 2020_10_19 4766.doc	doc	2704ee507c3054f747c58c1ef0ed29424a2e5eab1a0920d60e3421155bdb2195	n/a	Heodo
2020-10-19	Attachments_ZV982471.doc	doc	adaa0fe136908739b1ed8db9d58f52e9632ad712055d7202d851da3257cbf9c1	n/a	Heodo
2020-10-19	5125291_20201019_G5635.doc	doc	23336befc49738026a6624eb166f78e46aa7406a71d5456f1c2baad0b6a886b7	n/a	Heodo
2020-10-19	dat 20201019 Q54109.doc	doc	6799880cef986ceeddb6f0c07efe02d834e71eee4e175eba087804cb4318392b	n/a	Heodo
2020-10-19	List-20201019-249.doc	doc	92353815ff999cb487b2007b517962fdb9b8c87ac78f64c95f68f6985ef1039a	35.48%	Heodo
2020-10-19	LIST-V121928.doc	doc	ab4999a6bdcd2a735d994d4243ac6dad6bb52a5224243bc771cd0156d69bf71c	n/a	Heodo
2020-10-19	Rep_20201019_304242.doc	doc	7981dfcd74900eec21f482e38167aea8752d9b249891ddcdc602aa7d5ec08a2e	n/a	Heodo
2020-10-19	REP-2020_10_19.doc	doc	0c90744ef98c7fa2e8a729df263500eddf1fd53d0062adff5639869bfa562c5d	28.81%	Heodo
2020-10-19	List 20201019 996.doc	doc	fbc0425c72eb13dde61a7d687221084f9cc667dd76975a20b60bce0d524490bc	n/a	Heodo
2020-10-19	365336_2020_10_19_2771.doc	doc	46eaf748d89e5d575bd73f334ece5a27be507566bf23adabd949a79daebbcf04	30.65%	Heodo
2020-10-19	REP_20201019_3330121.doc	doc	a8593710ef17a0e2af7eae2cf6e7c567e9faaa4dc6b771f3bcee32dbcea87722	n/a	Heodo