URLhaus Database

You are currently viewing the URLhaus database entry for https://demonwraps.com/wp-admin/LLC/LdWHt2mcavGiQ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:718782
URL: https://demonwraps.com/wp-admin/LLC/LdWHt2mcavGiQ/
URL Status:Offline
Host: demonwraps.com
Date added:2020-10-19 16:40:06 UTC
Last online:2020-10-20 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-19 16:42:02 UTC to report-abuse{at}coloaz[dot]com)
Takedown time:12 hours, 23 minutes Good (down since 2020-10-20 05:05:18 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-20REP 20201020.docdoc cedcb3350a54345fd4bb23b7b9d5fc753bf7bcd4dc5b37c6c4b61291bb3dcd01Virustotal results 50.00%Heodo
2020-10-20dat-27894.docdoc 3481523719c66d648c8519ec510a81d054cbaa903c5ae60b4ac642a20748d587Virustotal results 50.00%Heodo
2020-10-20arc 2020_10_20 1668.docdoc 576054a697f0b758aa48249126142f387ec8a7ac58c73f23129e2f69ebbe1140Virustotal results 50.00%Heodo
2020-10-204652-7200276.docdoc 4d7b7e3f966e9c61fa57d5d9fca513ffd348f8e0127ae7d177c075110fad122eVirustotal results 48.39%Heodo
2020-10-20REP X730504.docdoc 0d9efcea665e28dc8d2c3e8de13fec5af94bea6e35a96b42a8e70567c7876b80n/aHeodo
2020-10-20INF 2020_10_20 503837.docdoc 0a1ad6a4af3b721e5fe77a948233434553847e9de5873e433f2245cb4c3d0fadVirustotal results 46.67%Heodo
2020-10-20list_ID968931.docdoc 0c409567dc61d2b2cf73591346bd7b4c5093e44649c17075c07e1605c4617d7dVirustotal results 44.07%Heodo
2020-10-20Doc 20201020 6874773.docdoc b548be3fe343498e82f9fb62fe50ccb099b09df567f62a6a557a14f5d3773fbeVirustotal results 43.33%Heodo
2020-10-20Inf 20201020 1828.docdoc 6327b738dd471b615dda7803b2acd8c9deb49008c8fbd7c5503be35492eea5c1Virustotal results 42.37%Heodo
2020-10-20FILE 2020_10_20 US3605.docdoc 17bcf85c3e8000d32daecede094fee54c474bc66ab96fad5dbc428959ee0166bVirustotal results 45.16%Heodo
2020-10-20LIST 20201020.docdoc ea889debae5f58200c593fb982a145b972caa5228a56f674e21fbd99629df79cVirustotal results 45.16%Heodo
2020-10-20mes 8580.docdoc dc30111a52e8e826eb02cccdc474040ffdda79e363e873f4e17dd1e45b52ca16Virustotal results 44.26%Heodo
2020-10-20inf 20201020 Z826.docdoc 5bc31794601b4088311bf33225005d0f3be38cd991a2de34690fb2dbfb79fe32n/a Heodo
2020-10-19File 20201020 2042.docdoc 38b035b1b37f64ed891730cfd77f781c442987e5bbe372cdf43473bffaa58195n/aHeodo
2020-10-19UNTITLED.docdoc 3b15710a3ff2b8f40af56ef3f69de2a7d1bc5f6213ed69d4c26e8362ac7e8a68Virustotal results 37.10% Heodo
2020-10-19Inf 9264112.docdoc f20ae55887630c0152d93851005ecc79dd5be55e7d50db99e2e81c799c841d37Virustotal results 38.33% Heodo
2020-10-19doc_1221759.docdoc e0ba3e59dc27ee7783d5cbf288d39d0c0587f3f63f3a7806fd5d2cec5d2e9ed0Virustotal results 37.10%Heodo
2020-10-19list T8603.docdoc 3207073cb0a36893fd66ce7369e682435effd0a709e6af1dababb08e29185e2eVirustotal results 37.10%Heodo
2020-10-191448-2020_10_20-S79243.docdoc c2d2f7e23951c1a0d7fedce9657e927d097ed15bdf4c63bf2321bbcadc82025aVirustotal results 37.10%Heodo
2020-10-197084RI-2020_10_20-UI719559.docdoc 979236f4d2d99e9272c6abef5b246723ac02e7bba9dc2aee883c4c907fe4b362Virustotal results 37.70%Heodo
2020-10-19file-U192258.docdoc 71e4ec3e11f734f0ce73a46fcbe3079f4418154382d6389da01859b9ad74bd99Virustotal results 37.10% Heodo
2020-10-19dat_887.docdoc ed95e2423b60e7aed421c0a27101fd4fe4da1410dd3ef2543c5cd37fa64d367dVirustotal results 37.10% Heodo
2020-10-19Doc_2020_10_19_WKI194856.docdoc d6fc8acb0c1a4b38f100335349e71cfca14003134259cd7798a9d50fe45735eeVirustotal results 37.10% Heodo
2020-10-19doc 20201019.docdoc 5cca0350b2c285aa59bc95b1f71584bc1add9df16d142e8a86c9d7a8ecc2b0c6n/aHeodo
2020-10-19Doc 136480.docdoc b8ca2136e180ba865ed23c6abb68b34860c0ca9274bd5f999827fe5ee3a1cf6aVirustotal results 38.33% Heodo
2020-10-19INF-20201019.docdoc f579a6044d9f764bd59abd53771cb8846744e24997e2d83e41a17a445578826dVirustotal results 37.29%Heodo
2020-10-19Arc_20201019_47352.docdoc 0ffcccb1c460d3df51af4cfb227d51a634850c77cdabae32e69c63e7e700c298Virustotal results 37.10%Heodo
2020-10-19Mes-GZ547496.docdoc ee4d9edb2370e384fb5f36330a42d049a086408f2c0d7b59818c8f7cafebbbc4n/aHeodo
2020-10-19INF TQP445.docdoc 261c8e56e4c8b1ff86cd34d9d05b425dc436d6cdd661016c1dffbdaece6810a3n/aHeodo