URLhaus Database

You are currently viewing the URLhaus database entry for http://1069thefan.com/wp-content/eTrac/pFoLYBVn7VqI/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:719204
URL: http://1069thefan.com/wp-content/eTrac/pFoLYBVn7VqI/
URL Status:Offline
Host: 1069thefan.com
Date added:2020-10-19 18:14:04 UTC
Last online:2020-10-20 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-19 18:16:04 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:19 hours, 2 minutes Good (down since 2020-10-20 13:18:50 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-20Untitled_20201020_3591.docdoc b60a54ae11a2afb4fe1566bb6444e4518cd638ba7cade354005ca6ac536a9b7eVirustotal results 32.08%Heodo
2020-10-20Arc_N7579.docdoc 8ba4a55821ab5c4ace72ff6864e380be096da53fc6fafae9b434e70cfb7b6fb6n/aHeodo
2020-10-20UNTITLED_20201020_X3363.docdoc 5d4a57d1a34552b7f1fa083273da82ece6b3a222f575df9421a7788238774b31Virustotal results 33.33%Heodo
2020-10-20Attachment_898058.docdoc 3ea173647810d0a7530632c2cd005d222c3b7eee3f8b8ccf56409b8d2b53bf2aVirustotal results 32.26%Heodo
2020-10-20inf.docdoc 52133bdc8edb4bf8857b200f91dad7c7ffabf4619680b25301334c6f7a5abc14Virustotal results 32.26%Heodo
2020-10-20Untitled-CO874518.docdoc eaf3d04450cc7943d874b559af2cc90787f32ba36aa6cded35f2f977971fc6afn/aHeodo
2020-10-20Arc-20201020-T74717.docdoc 7dbdc3198dc7461bd96ecceed0862058b292cbabe1d82ffde2b426a5d154584an/aHeodo
2020-10-2043896DF_AR2686.docdoc 872c04229a897aadbcf7c85748e963c376926e75a2af466f18a02d24970687ffn/aHeodo
2020-10-20568487_E972.docdoc 9fa23e7bdcaa378dc4c515ca09f6ab664fa5e32c7ec857baef39a7425281535dn/aHeodo
2020-10-20REP_20201020_619.docdoc d0e1f8621980227b8293b9c8c52aeae9743b9ffefe8adab468cae79c72bd2d71Virustotal results 50.00%Heodo
2020-10-20mes_X581.docdoc 3481523719c66d648c8519ec510a81d054cbaa903c5ae60b4ac642a20748d587Virustotal results 50.00%Heodo
2020-10-20KG1924 2020_10_20 RV766.docdoc 576054a697f0b758aa48249126142f387ec8a7ac58c73f23129e2f69ebbe1140Virustotal results 50.00%Heodo
2020-10-20FILE 20201020 8259.docdoc 6d63f7d30ff007d1360e127c4a2cee72fc09a3493b816699a052d38b48f1ad0cn/aHeodo
2020-10-20F92558_20201020_6121321.docdoc eb322e13a71d24533bac0486fc957917f68ac521a57b202b19f6e0a14248e6fcVirustotal results 48.39%Heodo
2020-10-20List 20201020 E773.docdoc 6783474a069d2db04f9da74026d3380f66a2b303770d491f3c0def5bcc0ea0f9Virustotal results 48.39%Heodo
2020-10-20620B-2020_10_20-0812800.docdoc 3c0ec9a3bf2ff5e49e04644d134520ea789dfdae8411093b5b9b8f18a5363551n/aHeodo
2020-10-20Untitled-2020_10_20-LCX4537.docdoc b548be3fe343498e82f9fb62fe50ccb099b09df567f62a6a557a14f5d3773fbeVirustotal results 43.33%Heodo
2020-10-20rep_2020_10_20_BU52460.docdoc 6327b738dd471b615dda7803b2acd8c9deb49008c8fbd7c5503be35492eea5c1Virustotal results 42.37%Heodo
2020-10-20DE804 2020_10_20.docdoc b8978c60703bdf6405c9aa1ec66984f43fe9f155098235113f7d655cc0cc039aVirustotal results 45.90%Heodo
2020-10-20Arc_2020_10_20_403329.docdoc ea889debae5f58200c593fb982a145b972caa5228a56f674e21fbd99629df79cVirustotal results 45.16%Heodo
2020-10-20FILE_785.docdoc dc30111a52e8e826eb02cccdc474040ffdda79e363e873f4e17dd1e45b52ca16Virustotal results 44.26%Heodo
2020-10-20DAT-2020_10_20.docdoc 5bc31794601b4088311bf33225005d0f3be38cd991a2de34690fb2dbfb79fe32n/a Heodo
2020-10-19inf-20201020-030.docdoc 38b035b1b37f64ed891730cfd77f781c442987e5bbe372cdf43473bffaa58195n/aHeodo
2020-10-19file_74187.docdoc 3b15710a3ff2b8f40af56ef3f69de2a7d1bc5f6213ed69d4c26e8362ac7e8a68Virustotal results 37.10% Heodo
2020-10-19File IDB616487.docdoc 197b83f5290dff46430a782816e01e4e6038d99f2ad9536153d2cec8b85c459bVirustotal results 38.18%Heodo
2020-10-19file 2020_10_20 R014.docdoc 27e44663219563e7600f8b9da77ab67915fe6f480b27cf6ef50da02c475ea10bVirustotal results 37.10%Heodo
2020-10-19UNTITLED_20201020_GD50698.docdoc 690a4efeaba7d8fb29ee6f9d39381c4f7ac5f540bd5e6ee68505e61e3969d07cVirustotal results 37.10%Heodo
2020-10-19922244 2020_10_20 I859392.docdoc 979236f4d2d99e9272c6abef5b246723ac02e7bba9dc2aee883c4c907fe4b362n/aHeodo
2020-10-19File_2020_10_20.docdoc 32e363a27211e8611e12839054d79162639aeab7df60f9040c45ed5748ec3777Virustotal results 37.10% Heodo
2020-10-19Attachments 20201020 LJG929.docdoc 2d5db19f14ba5acd1290b35efceb0d2a5fb4b948cc627ccfd3fffa7e41136fb1n/aHeodo
2020-10-19978775 20201019 86439.docdoc 91e9ec22d3f510e1b7ba947611f13faf6b0d80eac73e3672b1d5fffafed7b759n/aHeodo
2020-10-19mes 407042.docdoc b8ca2136e180ba865ed23c6abb68b34860c0ca9274bd5f999827fe5ee3a1cf6aVirustotal results 38.33% Heodo
2020-10-19file 20201019 JMS52559.docdoc b18d3fc1700dfdf1777f5f6cc2dcdbeaea1a0a848141e6c9cedde0dac750bf4cVirustotal results 37.10% Heodo
2020-10-19Rep_MXQ342.docdoc 0741cfd29e5f65b1aa4109ef4a59d28a73671f4ccd35cf80c3df2928ecf39a03Virustotal results 36.67%Heodo
2020-10-19REP TE479568.docdoc a5562dc1d98da4ea0f833e5d1ad078fe3e243e0afacd05b216c4890c328d9505n/aHeodo