URLhaus Database

You are currently viewing the URLhaus database entry for http://wdr.tw/wp-content/balance/x7hgsqu4/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:720882
URL: http://wdr.tw/wp-content/balance/x7hgsqu4/
URL Status:Offline
Host: wdr.tw
Date added:2020-10-20 01:20:11 UTC
Last online:2020-10-21 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-20 01:22:33 UTC to abuse{at}linode[dot]com)
Takedown time:1 day, 1 hours, 3 minutes Poor (down since 2020-10-21 02:26:07 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-21FILE_9659548900.docdoc 89e10dbffeb48b429f49468630b9b93f988c4ca3e6a7de17367b398447309bfeVirustotal results 39.66%Heodo
2020-10-21INV_RSK_100120_JJK_102120.docdoc 6eb67022c07e3f32436afc6e89eddb132a4c5d34d733c824ab3dabf51b7c712aVirustotal results 39.62%Heodo
2020-10-21INV_521167955.docdoc 92e4476fe9673fe19a33b4c306402a172f3b2124ad380f0782517a9e15fec347Virustotal results 38.33%Heodo
2020-10-21681510276.docdoc 17ac0ed02b6127efefaa0cc936604bc12947c394e902bb8bf88e37b6f0829d9fVirustotal results 40.32%Heodo
2020-10-21DOC_PO_10212020EX.docdoc 583a7bdb6f07cd4359433a437ffcb7f9dbe1ed88b0a51acfe8ebd88294c940d4Virustotal results 38.33%Heodo
2020-10-20BAL_61469140.docdoc efaf4fb2659ba4d696191a3cf4dc5484b92f1c09e106bcee9310a24211afe482Virustotal results 40.32%Heodo
2020-10-2004683890.docdoc 8cadf5fc31643a1acc9b991d110e039e7e0520e94783c61d9caf5ccb2481915eVirustotal results 44.64%Heodo
2020-10-20INV_14412164.docdoc e6ed92a2be8cac09be62e066409f461a6591959a0d772b5dc6fe04c356949852Virustotal results 45.10%Heodo
2020-10-20ENF_100120_PIW_102020.docdoc 07bdea9c73c53c4d65c9cf2061b9a303e8f05180736729fe54c17c6953e66184Virustotal results 41.67%Heodo
2020-10-20TCI_100120_QUE_102020.docdoc 73b1ecd0729d4a6776f63d5ec7943f5914ff080311e5f670ab38a4991795d29dVirustotal results 42.62%Heodo
2020-10-20KM_VAK_100120_XMU_102020.docdoc 73fee094af28a164510ef4a3fb7af33aace675c2c0c2f043d2dcd918e42f54b5n/aHeodo
2020-10-20REP_IIY_100120_PVK_102020.docdoc 7657a3126475025d75847d7b8229b923bd019fa911a3ba7c26da3dce76f8aabaVirustotal results 40.00%Heodo
2020-10-20REP_ZK6IXILEGFXF.docdoc 2e98bef98194397d9ed6991c80f5625893a60603057c532ce9f24cec16a58f9dVirustotal results 38.89%Heodo
2020-10-2050KCAOPJ.docdoc e62ac1372db35be3f37382b289a46e3d039820d49cbb657b6f061ac63bdba23fn/aHeodo
2020-10-20G_DZJ_100120_KWH_102020.docdoc 024ec5f4dd60b0098283bf9293494360cb6abb8479b56ed3cc7e5f3bc2a73fbfVirustotal results 38.89%Heodo
2020-10-20BAL_C8JQU1S58W7.docdoc 9d1544d6ef4200e70c0018b901d6c0457725561405f6f093e42b29b4f294916dVirustotal results 38.98%Heodo
2020-10-20FILE_78R41MLYQWOU.docdoc bde9db94a28b975ca2e31fd872e074b7a91ac5ee16d1a2534eeb911b83234415Virustotal results 39.62%Heodo
2020-10-20UZA_100120_OMZ_102020.docdoc efc1339509400bc331466167390a450566546503ddcb3083bfeeec3365d29544n/aHeodo
2020-10-20BAL_94835444541.docdoc 4deb00a4faf8cd846d7255a2cd780aa8722c1a13e7a38efefeb981758a881d2dVirustotal results 38.46%Heodo
2020-10-20BAL_89078089.docdoc 534d9419df41c2350d681ec677b6673e97f1177d08bd6650094fc6dfd010ad6fVirustotal results 39.62%Heodo
2020-10-20INV_OG2003036791OB.docdoc ad758bc59fac01bf0e88ea434324c0bbc246df3cbd4feb1a6f6080d05dc10d35n/aHeodo
2020-10-207492260396794065465773226.docdoc 90729f88ad312b680c7a276d76314c700589095e2b6b7507fcaf8b4457fafb68Virustotal results 38.71%Heodo
2020-10-20EI_PO_10202020EX.docdoc b0a29f3e62becf4d3c400c02a1b0ac9e0f48e4176c195c41cf741f52140e600cVirustotal results 41.51%Heodo
2020-10-20INV_PO_10202020EX.docdoc c99265a3670c9b4d1074bb8729b81493df8cd318e80b725d7d6d42e08728b3adVirustotal results 43.55%Heodo
2020-10-208645377254.docdoc dc2bf19b8783e823415f8820060f32660a8aa7077eac281739eb380f7168886fVirustotal results 34.43%Heodo
2020-10-20BAL_24380644.docdoc 8d265b2a1f4f7b4f035d094bb3c7e31a22449709662db50101e76b3088f309bdVirustotal results 26.19%Heodo
2020-10-20Q_GS9873505731IA.docdoc b44bdca0b57d988b3f79fd7800cd0a520220048454d242516043c696a40fedd8Virustotal results 32.79%Heodo
2020-10-20REP_R99O2ABNB.docdoc 25ce7afb3c3d7e3f2c4787f19c5166d6f222de50112de6608b91e20274fa220en/aHeodo
2020-10-20DOC_PO_10202020EX.docdoc 7b664501734d9f55316f7ffbd0178031b2b0501610f3065ada226a0a04e4e014n/aHeodo
2020-10-20PO_10202020EX.docdoc 592e1b94138444f3b8002612cef1322999a466e791c4c85b060cfdab8880a0bfn/aHeodo
2020-10-20DOC_RVR_100120_KTL_102020.docdoc 3daca8d729c038fedec6902fd156b95c3491e8c07c72d47d27352deed9b5f97bn/aHeodo
2020-10-20GHN_100120_BUZ_102020.docdoc 49795d33d7c679a6a191590c742647402c2dcc89598c51f466f5e7a50d64f027Virustotal results 50.00%Heodo
2020-10-20EG7673196213DP.docdoc 6ed8baafe6922ca166f88a03248e937ce53a63c5260c3c8942af8a10e5a032a4n/aHeodo
2020-10-20KE_KDXBCQZIR35.docdoc 731f9c60c47914b2dcc22536d709f5bf0aae0176c27bde61e5428e9a1afdc602n/aHeodo
2020-10-2090385216.docdoc 605fc6a63644a9b21ca08a28b3f2ca4c33fcd65ec73ae6a382779f9f88322be0n/aHeodo
2020-10-20NH0986480762GH.docdoc 8bf073f99d2eaf5d61ab0aff7e4d8c764fdc59a98d011f9f0f45619b079fa2acVirustotal results 50.00%Heodo
2020-10-20BAL_PO_10202020EX.docdoc 7a8552fd14f7e00f5b7ad3777e3b5c23f4b711495987f6103517d6428bc72c5fn/aHeodo
2020-10-20DOC_28126378.docdoc 55eab0dcfdc8ec941e8f44201bb5b1f6ff71cee7e07470e6ba65e8e318c35db4Virustotal results 50.94%Heodo
2020-10-20Q_009393701733205387.docdoc 369ec98daf629fb7a9b10d83025aa7dc69a00048e7b10f0038011248d6675ad7n/aHeodo
2020-10-20P_8MZ4PGC.docdoc fa8275575e6245fd36e756a1b98d85156b62277541fd928701809d7f1e428be8n/aHeodo
2020-10-20INV_19581272135990081271305.docdoc 365d0788d62db1b121dd627fef93c1025950205d28cdaf4996f73df3c355e5d4n/aHeodo
2020-10-20U_84479565.docdoc 6fbded5702d0539f9849e8daf7a3c5d017e03faefa23d711bb82b15c7250ad8fVirustotal results 48.15%Heodo
2020-10-20BAL_HP2696982667TU.docdoc fb18155007bad9715366d6fb5775ade392b27d5dbf1e85c5d4216e088be20a6dn/aHeodo
2020-10-20FILE_PO_10202020EX.docdoc 12395d945a2f439da85fa00c03e6bd689bf8af0911c5a372c3c78a2d685103afn/aHeodo
2020-10-20BAL_5723769954016392807961833.docdoc af4cc06abbc809d10b17b2ca3f1a49333e04f48c1cbdf3d439985b7c4350ccb3Virustotal results 49.18%Heodo
2020-10-20DOC_CYD_100120_PCK_102020.docdoc b115c55302deeae4e7e088c8dd801349c25089e867dc300251bb75936f96260fVirustotal results 43.33%Heodo
2020-10-20REP_817465424.docdoc f491c5ef9ef55bfa5e464c3810f3124a7ea7785d71482df6a500ab343391e69aVirustotal results 41.94%Heodo
2020-10-20FILE_98090898.docdoc f74c9faf99869bbd9b3f65657d504b69796b45c4bd1427bd6a9a83dc2cd3b611n/aHeodo