URLhaus Database

You are currently viewing the URLhaus database entry for http://ifmhealth.directory/cgi-bin/LLC/GfARPmCGiAKVE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:718787
URL: http://ifmhealth.directory/cgi-bin/LLC/GfARPmCGiAKVE/
URL Status:Offline
Host: ifmhealth.directory
Date added:2020-10-19 16:48:04 UTC
Last online:2020-10-26 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-19 16:50:15 UTC to abuse{at}hetzner[dot]com)
Takedown time:6 days, 17 hours, 38 minutes Bad (down since 2020-10-26 10:29:01 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-21rep 20201021 5078.docdoc c6ff49b3bc2ed6e3e775a15431c71f5264799248321b4a95fbb2039da227c729Virustotal results 32.79%Heodo
2020-10-21Attachments-2020_10_21-FYS2074.docdoc a1d14cef317aece443bc010579448ed548c495541c8540cf423fc5f1d8a20fe7Virustotal results 30.91%Heodo
2020-10-21file_2020_10_21_193769.docdoc 8e25f9598d8e5c1a90350717faf9ade8bf684b68b7108047a26abece078bd399Virustotal results 32.08%Heodo
2020-10-21Untitled 2020_10_21 031203.docdoc b269785cdb8cddfbeb1e29850757483c8b6c922351f2da8be01184b9bb4ce3cbVirustotal results 30.77%Heodo
2020-10-21Attachment_20201021_4217495.docdoc c3a404e700c460b8f433349a29e503ad340b23bd2d5af138e10a36b816e57a69n/aHeodo
2020-10-21inf_20201021_G9663.docdoc 1930e41bffbc8dfa4c044617fcb320fa5ea042b5e2cc0ce7815e094856343671Virustotal results 32.08%Heodo
2020-10-21Inf_O450.docdoc 42f05c4f7081fca3768cea7957d5dc7cd7150ba613d3048134254b47227e8ba0n/aHeodo
2020-10-21Attachment_20201021_V7892.docdoc 5680fc5f3c6921519077c95487ed3c70a43a01b078080fb03ca053c4357e2d09Virustotal results 34.62%Heodo
2020-10-21File 20201021 7939.docdoc d64217395d8a43cd86ae4f154bcfcb62755241a26e4bfbdd06f049fbbfa38fcaVirustotal results 27.42%Heodo
2020-10-21List_2020_10_21_AKI1234.docdoc c92086217b63c4a5dfd561918668da011a1e09b8d04b1672ed82632dbd83c31aVirustotal results 27.12%Heodo
2020-10-21REP_2020_10_21_GNP9258.docdoc bd3cf32d2c212f76acb68dd73eb7efa0ca8dc2c731b4671ebf63f9a19f4456baVirustotal results 25.81%Heodo
2020-10-21S3380_20201021_BKQ635637.docdoc 7e30eaf7a710f1a11857f9d28abe4ce7f2dd50372468831e903167b8884a04aaVirustotal results 29.63%Heodo
2020-10-21Attachments_2020_10_21.docdoc 0b512821f19f41fec60258ee30aa03398db8c1d1c5ba1c9be6a78f430acc02c7Virustotal results 25.81%Heodo
2020-10-21Dat-20201021-JZE976.docdoc 54cecf215960b35e9279fa81745c7ae34c0f28d3be0376a9edd17bb5731790b3Virustotal results 30.19%Heodo
2020-10-21List 20201021 Q22457.docdoc 2d9bc2a6fdfb9e47c6ceb269181f1d67e3afa468d65f51c0d8108000c6bfeb5cn/aHeodo
2020-10-21ARC-2020_10_21-8757990.docdoc d04ea66b324a927756dea7b5741fdb49e47914ad5b5955e1f739e770314fb9acVirustotal results 24.59%Heodo
2020-10-21dat-073768.docdoc 933c4cd011ef798b0aeaaca339d50e28f36770365bd404116ea719869652ccdcVirustotal results 29.09%Heodo
2020-10-21Attachments 063.docdoc 9e04556dc6b12df83f098d47c133dc107fd6744578121ba173447f81d8f8c959Virustotal results 31.37%Heodo
2020-10-21INF.docdoc 7fb68dac5d6f05729a9b4a2a2ffb710ca020105f6c071eb3b568ba7487d27c38n/aHeodo
2020-10-21Untitled 2020_10_21 Q810566.docdoc 04d2d14956fbded096eecf36f6af427c0096f230240c0ed2ab6bdffa4c183f32n/aHeodo
2020-10-2124050X_2020_10_21_7806531.docdoc 3cc484b49c7608159d5689831df49e03583103466f38ab58529c83ed142ed314n/aHeodo
2020-10-21list_20201021.docdoc bcc4b6dd12c681e21f14ec6e0d79b4a74a6869536475fa61f8705c3a2a48efdbn/aHeodo
2020-10-21Doc 2020_10_21 LU97955.docdoc 4e3e761ebff1b7e4d903dad33f0ef248562efc7c8ae950ef2ef68fcdbc365f55n/aHeodo
2020-10-21inf 2020_10_21 024.docdoc 8cc00d46f56292d6c48a768afcee7d24c2b80736e7a2283e0827830769cd7041n/aHeodo
2020-10-21Attachment 288149.docdoc 9b5113e55188fa28b7186e461bf5c88065c351a5cbb85b9e30a1a222d17201can/aHeodo
2020-10-21MES_UPX2014.docdoc f6328c84218954acc4ce89645e57f610d7c11fc404c27350c6a5d7e328541e6an/aHeodo
2020-10-21Mes_2020_10_21_85433.docdoc a3739438bd54340937905305ec828223cffb8c5735c69854d186f45169bd09c7Virustotal results 40.32%Heodo
2020-10-21file_2020_10_21_3278466.docdoc ac06d56d750a46e13b29151c551aa058eb82fff816f2511d81ccf4fc17a582d1Virustotal results 40.32%Heodo
2020-10-20Dat 2020_10_21 92924.docdoc d89a7526499e9b53bedceaa103bae82a247aa6fe2544d50525a6a2cf87ecea6bn/aHeodo
2020-10-20Attachments-192866.docdoc 28de9a545bff02be8a015ea386ce91d917b531e57f13d1d24522d2255f803b71n/aHeodo
2020-10-20FILE-2020_10_21-Y390203.docdoc abd190507abe82dd0ba2c472139f8bd5622c4ed59ec44a53eedd9979daa2215cn/aHeodo
2020-10-20ARC_2020_10_21.docdoc 856e4ae7a6c3bd006ed39b53ae95697de2b832c202ba56e7ff253978c02a10ebVirustotal results 38.89%Heodo
2020-10-20rep 94064.docdoc 4a19ee93449079a50d37492a9ff12bc04e5100405c05e6c907d5c043c5b7f65en/aHeodo
2020-10-20FILE 20201020.docdoc a15dd737bd44ee3d3b12a2209afed87c8c8f781f0ce3b5e5295b507cbe90e487n/a Heodo
2020-10-20List 877.docdoc d612da51f64a1c70cece67b15ff25368418fbc50583e67e4beb09c9d4da5aad7n/aHeodo
2020-10-20mes 20201020 YD217610.docdoc e9a5e9c3eacc517ddee148273dc5ef07f997026bed7f3ee2cb4d7c333a7fece0n/aHeodo
2020-10-20Rep_2020_10_20_KME905953.docdoc e629bbda656360b175095264108763ddcf20284c5667b95f8132c40acd0719c0n/a Heodo
2020-10-20UNTITLED_2020_10_20.docdoc 116243edc770817664dafee858e40e91e0b8fb445e6d5d1ce95cfaa173c43559Virustotal results 32.26%Heodo
2020-10-20LIST-2020_10_20.docdoc fa4b39244bee5923a417a20a6826df68dcd6fe18b937e7e3054da6fa43cdf4ban/aHeodo
2020-10-20Mes K92354.docdoc 84d2f79870b8e82a623b78a70b6fb3d361d708847c605ea05c176b515e58a1edn/aHeodo
2020-10-20Mes_20201020_U0727.docdoc 1d4c9f76f3e0b4cc025feb09e7a28f8862415da9023f97c213791399b12a793fn/aHeodo
2020-10-20rep-DLI8431.docdoc 8c151b464d6002616979d17295914ab4c84f280a43087a96f11b17ad211c63beVirustotal results 34.62%Heodo
2020-10-20REP 20201020 4447732.docdoc adb347097467f747656d28f236563f62ea53e6a673641b5939a400bbf62e676cn/aHeodo
2020-10-20Untitled 22807.docdoc 44b05b1315a93e35ca072a158c3645f5f639bad002b5ea92ac941b8f3bf5f02dn/aHeodo
2020-10-20List_20201020_MC2650.docdoc 065c898b6eb9319d32a4977ffef6b0cf820ea8610803f1b16b429303ee186064n/aHeodo
2020-10-20HEG66196 S15953.docdoc e61bbba014ba814fe2a9468b7bdd4836be933cfcfb7a076f6ea33d4e7c713fc1Virustotal results 30.00%Heodo
2020-10-20LIST 2020_10_20 4682127.docdoc 6f06d8e9e7c2c107f8e27160ca8359020b18b6e2eb80e2de1fb15054552f8b49Virustotal results 30.00%Heodo
2020-10-20inf-PWI423.docdoc 123723b516e6fc91c1cdf19558205f1768cf8d773e7d13023e179c8cc6e6cf08Virustotal results 32.26%Heodo
2020-10-20FILE 20201020 0937308.docdoc 454685094885959c80b6daf83c782183bc3761fc0f9e8dfd792360cb7f3ad670Virustotal results 39.34%Heodo
2020-10-20Rep_2486.docdoc 4a7f5d87a06e0b9b2e72cd98360f8235f7943aa35ffe448bc4c118d0b5c3042an/aHeodo
2020-10-20inf_20201020_5357266.docdoc 4299ddf29c2163baeaa94a44b0d387134277a12d1bc54e0668453f5510329bceVirustotal results 35.48%Heodo
2020-10-20rep WM049339.docdoc 3484f556c190715caf9e1357b6b11fda15003e8b3d350d3248b6ed04d827d5d0Virustotal results 35.85%Heodo
2020-10-20dat 2020_10_20.docdoc 189830f1347f7c2709e0161a482701c70d2a2d5ad77e5b3a33b91dd095e5fa6bn/aHeodo
2020-10-20098-20201020-JUX504486.docdoc 015f1050070a250730f4de15f6ef453df59199e04a4d93cd8bb8ce7cf90bde36n/aHeodo
2020-10-20Untitled_2020_10_20_81254.docdoc 3f9097ae9a69048066939b773ee8003971659e39a80c2d587d25053612b78e08Virustotal results 32.26%Heodo
2020-10-20arc.docdoc 8359f916d60f95ffa8f84718bfede02501f601f8aa72d21c00a8d8ccd4126898n/aHeodo
2020-10-20list-2020_10_20-4422330.docdoc 56f7be325f6bd1b615a4446207a64caa431bb2cc4dd0780729df396c99b89f07n/aHeodo
2020-10-20Doc_20201020_T62103.docdoc 380f5312cfb29a6bad4233d53ed904931f3651ef07c948b7a58e0fa194a0f4e7Virustotal results 32.26%Heodo
2020-10-20Inf-20201020.docdoc 0e4ff645a5c63f7cca0dc381e3634aed16a3204634ce8485a86b1382ebc2f72fVirustotal results 30.65%Heodo
2020-10-20Attachments 20201020 459.docdoc 420fc6dc7bb2ad0cf210f5f6a170426b11907f26d2dc02f091dc58223a77d5feVirustotal results 30.65%Heodo
2020-10-20doc_20201020_X79968.docdoc 427356e6cb2bd5180118dd4c2cf522c27331b85388ddf6405839f2a60baf8d49Virustotal results 41.94%Heodo
2020-10-19Dat_YMM384241.docdoc 38b035b1b37f64ed891730cfd77f781c442987e5bbe372cdf43473bffaa58195n/aHeodo
2020-10-19FILE-20201020-015.docdoc 3b15710a3ff2b8f40af56ef3f69de2a7d1bc5f6213ed69d4c26e8362ac7e8a68Virustotal results 37.10% Heodo
2020-10-19mes_20201020_AAD4207.docdoc 53a8e85b580a174428b6aea5df11ebd5adc7e51dda9f0a65f02dce58d7fdaf41n/aHeodo
2020-10-19Mes_Q689141.docdoc 27e44663219563e7600f8b9da77ab67915fe6f480b27cf6ef50da02c475ea10bVirustotal results 37.10%Heodo
2020-10-19891-MI00740.docdoc 690a4efeaba7d8fb29ee6f9d39381c4f7ac5f540bd5e6ee68505e61e3969d07cn/aHeodo
2020-10-19ARC_2020_10_20.docdoc d9cfb4033370de561edf8d4c1eaf2e4045c764644dc930cb3e2e407bc559c51aVirustotal results 37.70%Heodo
2020-10-19List.docdoc 71e4ec3e11f734f0ce73a46fcbe3079f4418154382d6389da01859b9ad74bd99Virustotal results 37.10% Heodo
2020-10-19file-218983.docdoc 2d5db19f14ba5acd1290b35efceb0d2a5fb4b948cc627ccfd3fffa7e41136fb1Virustotal results 37.10%Heodo
2020-10-19DAT-2020_10_19-M727.docdoc 91e9ec22d3f510e1b7ba947611f13faf6b0d80eac73e3672b1d5fffafed7b759Virustotal results 37.70%Heodo
2020-10-19MES 20201019 DUN1492.docdoc c5e2d0b936f0a5bb18fb8399f3c5a16c7a38ccbf4784909f0cd8f557ff32f127Virustotal results 38.98%Heodo
2020-10-193579GS_2020_10_19.docdoc b18d3fc1700dfdf1777f5f6cc2dcdbeaea1a0a848141e6c9cedde0dac750bf4cVirustotal results 37.10% Heodo
2020-10-19ARC-YAW596.docdoc 0741cfd29e5f65b1aa4109ef4a59d28a73671f4ccd35cf80c3df2928ecf39a03Virustotal results 38.33%Heodo
2020-10-19rep 2020_10_19 56665.docdoc 2704ee507c3054f747c58c1ef0ed29424a2e5eab1a0920d60e3421155bdb2195n/aHeodo
2020-10-19arc_20201019.docdoc 0ffcccb1c460d3df51af4cfb227d51a634850c77cdabae32e69c63e7e700c298Virustotal results 37.10%Heodo
2020-10-19FILE-2020_10_19-7885874.docdoc 82340ab044c23fbe6b78871b252c6d1db5fcc60f091df0da9452e8f946f8be03n/aHeodo
2020-10-19Attachments_2020_10_19_EB885.docdoc f8fab2c0a17356d3db0fbb9a785b912397fb4b2d992443065ceb228d8fdcaba2n/aHeodo