URLhaus Database

You are currently viewing the URLhaus database entry for https://www.heroin-addiction.net/wp-admin/XA27UD3NKT1G/jcuut920riffpe/akn1j6l17xy6elpf7w4lsk3iitiy7lq38/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:720873
URL: https://www.heroin-addiction.net/wp-admin/XA27UD3NKT1G/jcuut920riffpe/akn1j6l17xy6elpf7w4lsk3iitiy7lq38/
URL Status:Offline
Host: www.heroin-addiction.net
Date added:2020-10-20 01:20:06 UTC
Last online:2020-10-20 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-20 01:22:53 UTC to abuse{at}amazonaws[dot]com)
Takedown time:18 hours, 21 minutes Good (down since 2020-10-20 19:44:18 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-2018593939.docdoc 2e98bef98194397d9ed6991c80f5625893a60603057c532ce9f24cec16a58f9dVirustotal results 38.89%Heodo
2020-10-20BAL_HBL_100120_BHP_102020.docdoc e62ac1372db35be3f37382b289a46e3d039820d49cbb657b6f061ac63bdba23fVirustotal results 39.29%Heodo
2020-10-20N_QJ5572165536LB.docdoc 1c8e7401a41b022fdd5b02a9e8f6c4b2f28453f77fc97675de400be7359b72a9n/aHeodo
2020-10-20DOC_PO_10202020EX.docdoc 1dd7a8d416a727f166d33634aa4cf35a44111d5e1c51a4d98169157c965a27f2Virustotal results 40.32%Heodo
2020-10-20BAL_PO_10202020EX.docdoc 621f20067cbf141bfbaa9f852e46d9dd4345b045435364b925741d9f180a2918Virustotal results 38.89%Heodo
2020-10-20INV_PO_10202020EX.docdoc 5b1dc64f14bdc5acd69143527ffdb3809ac03de2773652c13278a55a84693079n/aHeodo
2020-10-20INV_4LMR7NWAUXYZK.docdoc 026e05084119a11a346f4eaef9ba735402fece86e54a83072e0b7d2d4d69cbceVirustotal results 37.74%Heodo
2020-10-20BAL_IFZGJ8Q4216USE6.docdoc 943ba466bee9645b393afdac0a4154367b09e8dfe025142f072b4e16673b4643Virustotal results 40.00%Heodo
2020-10-20INV_40205563.docdoc 30a0def39ec452987fd23fb19c1fd9728defa4971f7f1319de103dbbbe68ee55n/aHeodo
2020-10-20INV_60408164.docdoc c99265a3670c9b4d1074bb8729b81493df8cd318e80b725d7d6d42e08728b3adVirustotal results 33.96%Heodo
2020-10-20D_SD6922088416SQ.docdoc dc2bf19b8783e823415f8820060f32660a8aa7077eac281739eb380f7168886fVirustotal results 40.00%Heodo
2020-10-20PD_RXI84T5UFYD.docdoc 8d265b2a1f4f7b4f035d094bb3c7e31a22449709662db50101e76b3088f309bdVirustotal results 26.19%Heodo
2020-10-20B_HUW_100120_GLC_102020.docdoc 9e1bbec7e9134cf807896248560151efff4f98cbeaaffe5a400a24de26aabcd0n/aHeodo
2020-10-20KHM_100120_BWH_102020.docdoc 7b2217eabe518a8d069b89bc057a59124420e7895ca2b20cfc342f227c6005f4Virustotal results 48.33%Heodo
2020-10-20DOC_69679872.docdoc e75423a49a99ba135e99625ee8258aafeae5055d75eb6cc6e821a4e30358aab5n/aHeodo
2020-10-20REP_98512717.docdoc 9782f883772fd3776f442d517be050c3161dffde995dfec724d30a0aa6e40874Virustotal results 49.06%Heodo
2020-10-20DOC_XW3960449126VY.docdoc f5434fc590101707d60839d45f0da90b59a859ea342ca10fb508fe6dc8e6366eVirustotal results 50.82%Heodo
2020-10-20XL9612900161FE.docdoc dfde9cc85916bd77dd4bd0cec6b988c49597cfde37839cf29f966bf8142b9b2fVirustotal results 48.08%Heodo
2020-10-20DOC_UBG_100120_VRW_102020.docdoc e36bc6b0623c073b12645d86357cf4c79da086350ff11a54329b22a71c906c29Virustotal results 49.18%Heodo
2020-10-20DOC_HT4325944690NH.docdoc ef9406839a74cc5ac27a63abb6f01b5775fd1ccd525cc35244f2ef56569b0fefVirustotal results 50.00%Heodo
2020-10-20GMW_100120_XJC_102020.docdoc 5777f3b00923d9fc75d3056c48893c21a5cbbf79988ed3cec76f7c7bbe3fc885n/aHeodo
2020-10-20PO_10202020EX.docdoc 560e17ab781532dd680043276cde3e357e271c4f119d985600b4d261b7ff37f9Virustotal results 50.00%Heodo
2020-10-206ERLDTIP5J9X2XC5.docdoc 31bf76bf160a14a606a6e20aeadfc5d32e5fd27d2cb375f7a2db68431d28e2fan/aHeodo
2020-10-20INV_00021159.docdoc a154e3be027b6d907af8e8cc512ead9256db1d95c1de5aa16c40d39bab5bca81n/aHeodo
2020-10-20BAL_YY2575354869FH.docdoc 50c9426575f1d5d3e6a7b47ff0fd82095b8e376b08a2388d8de17256f0997d3dVirustotal results 48.39%Heodo
2020-10-20XTQ_8118882891.docdoc 882b742ab87a5298a5b720e1b5ec4b6355b8f516c9e89a105f60b97bf114cb62n/aHeodo
2020-10-20BAL_DFS_100120_DBO_102020.docdoc 43daabd9b8ed1b9583cd3f14a3817f29bfbc447f9e0fbb513884fc702d0103d7Virustotal results 48.39%Heodo
2020-10-20U1LXZ4EN7HF.docdoc 59b186ec1a7a44f2392d9a8b893b49e651376de7a32901836a7833d10ec53035Virustotal results 48.39%Heodo
2020-10-20S_PO_10202020EX.docdoc 1fe5797eb39c945c15dae36a4b51973d7f142e7bfa1a39a4a99c1d498c87fa42Virustotal results 48.39%Heodo
2020-10-20AGNZYU5I3QZV.docdoc fb18155007bad9715366d6fb5775ade392b27d5dbf1e85c5d4216e088be20a6dVirustotal results 48.21%Heodo
2020-10-20V_DAR8YPARWWRWOC.docdoc 83c06efc736a9bcb18d36092a16ef484ea9b44a9f759ce63f5f1e5edf09330c3n/aHeodo
2020-10-2084340922.docdoc 2a990db8252967a804aee88ff79d1b79b83bbd2ae730096cd6a5e04a6405d2f9Virustotal results 47.46%Heodo
2020-10-20GOZ6GLSCWB4SYYZ.docdoc b115c55302deeae4e7e088c8dd801349c25089e867dc300251bb75936f96260fVirustotal results 43.33%Heodo
2020-10-20TRF_100120_DVL_102020.docdoc f491c5ef9ef55bfa5e464c3810f3124a7ea7785d71482df6a500ab343391e69aVirustotal results 41.94%Heodo
2020-10-20INV_GB8942481974CI.docdoc f74c9faf99869bbd9b3f65657d504b69796b45c4bd1427bd6a9a83dc2cd3b611n/aHeodo