URLhaus Database

You are currently viewing the URLhaus database entry for https://sh-jycrystal.com/wp-content/uploads/FILE/g2c61xd6th1k/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below may have been used by bad actors to spread malware, the URL seems to be clean for a long time. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	725407
URL:	https://sh-jycrystal.com/wp-content/uploads/FILE/g2c61xd6th1k/
URL Status:	Offline
Host:	sh-jycrystal.com
Date added:	2020-10-20 20:30:11 UTC
Last online:	2020-10-25 03:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	No
Takedown time:	4 days, 10 hours, 48 minutes (down since 2020-10-25 03:52:57 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-21	IZVX_97419958377163010990.doc	doc	148588102731dd9742cd698c882b48c4b49cbfdd868647a83a15a0cbb1f0c8ca	28.85%	Heodo
2020-10-21	DOC_EH2OSK8D298YWJMC.doc	doc	71e55ad14abd213d5627b65f8f045b2c9337c629a556868c692376c331d9fa58	26.23%	Heodo
2020-10-21	REP_34454778157855344475.doc	doc	82be718b9899accb7da0f67cb57fe43902f7b3e35a17046fd69ebe212749b09f	49.18%	Heodo
2020-10-21	T_PO_10212020EX.doc	doc	af36ad567085faaef5425d233641e227fdf842e426001e855103b942dde705ef	46.55%	Heodo
2020-10-21	REP_LI7270333136AM.doc	doc	aef69b034379dfae45642c5c2271b27f04298dab56a9de3b608ab2d3cb00fa72	45.90%	Heodo
2020-10-21	INV_07038871.doc	doc	3f28d23c6650e22fa69d824efc5153fd46fecbbdbd236ae7b4ee15bae4ef556d	49.06%	Heodo
2020-10-21	ZQLP_83962491.doc	doc	8be69726081c102e6e9fff4160b360cdb5818e8d002bfb2cd1732b9d511fce92	48.00%	Heodo
2020-10-21	S_IJS_100120_DMQ_102120.doc	doc	b886042bae6dcbb3ff1e2343630f7c873d2fedbc6b59147c40346b16f69c8603	48.33%	Heodo
2020-10-21	REP_GMM_100120_IGV_102120.doc	doc	6bad5724264c3077c99828f20056ffa4fc338d0375c78f5c8a24772e6eb6ffa8	48.39%	Heodo
2020-10-21	DOC_AIA_100120_SSX_102120.doc	doc	39a7385578321db9d477ff19e7087b03d3c57076ceca16fc2af049c087f72343	38.98%	Heodo
2020-10-21	INV_ZXNN094QLJ.doc	doc	d65b0da5366ec38c1f2a4590b31d6603e933919179361a9a8e71ad368331f751	46.55%	Heodo
2020-10-21	DOC_92300789.doc	doc	bde4c84d280a8a946e6bc75242c05f9d2b7feb93f84625d34174f8b92b772a15	48.08%	Heodo
2020-10-21	PO_10212020EX.doc	doc	8649400e43ae5473b22013585baaa8c2023eb59669aed82a0ca171330b5f6c7c	48.33%	Heodo
2020-10-21	REP_445077947507.doc	doc	d8d4feb29b46ade146a7b8343070d2a975e4b0e186ca6aac31ea941e46a7af73	50.00%	Heodo
2020-10-21	T_24442035.doc	doc	a6bddd637e4236272a008fab76c75939a56c92161692387612bde0123e8b26e1	47.54%	Heodo
2020-10-21	DOC_CLS_100120_LEL_102120.doc	doc	a22d83a786eb7f5a04facaabb04117ecb5f8cdf09fcbb8405c0a70c97a51f225	43.40%	Heodo
2020-10-21	KH6992815617ZU.doc	doc	8ea38c51f8926ffa9ee61be53fc7ee3e4f968f2c7683bbc3b9320d14a2443067	43.33%	Heodo
2020-10-21	588163469.doc	doc	84feca377993d253e4d214e7c044ddd45eb3ef0f47796ef2970e9a5bd1f2f535	n/a	Heodo
2020-10-21	MB_LRN_100120_TSS_102120.doc	doc	8db61b871aac2949105b26c1ca2a22579e3b3d6e99aab20279c3bbea5dc87b8b	n/a	Heodo
2020-10-21	63701041.doc	doc	6eb67022c07e3f32436afc6e89eddb132a4c5d34d733c824ab3dabf51b7c712a	39.62%	Heodo
2020-10-21	URQ_100120_IKM_102120.doc	doc	47fb7195961f2aef2f52452f43840ae416b6ef31d96ae1bd6a1a74fa7c5f7ddd	44.26%	Heodo
2020-10-21	INV_PO_10212020EX.doc	doc	a78451771b5a8e66fd912d10f9b621e52239473334785ec68755db5e60594ecb	40.32%	Heodo
2020-10-21	642542757.doc	doc	cd0c0ee5979ebfa7ed73a40ee1f879f2b65cc57ed38619fc4f7e186c15e54128	38.89%	Heodo
2020-10-20	DOC_BEJ_100120_DZF_102120.doc	doc	a65e7b5a4d99582f1ec1c608eea4d21fd29d1c23bed2b8dd8ec8062f23d90e40	39.34%	Heodo
2020-10-20	FILE_1YX679C38B2HJ9.doc	doc	8cadf5fc31643a1acc9b991d110e039e7e0520e94783c61d9caf5ccb2481915e	44.64%	Heodo
2020-10-20	INV_ZT4362275102UD.doc	doc	a22833c512c589e2bd324e3f7287dbb7f27538e8344cac7ec47568883b61bcd5	42.86%	Heodo
2020-10-20	DHO_100120_JIW_102020.doc	doc	1665c4babbff20f237f5f2c33bfa5ba5ee0b63e29c280e51090b1d2ef3bc0fcc	45.16%	Heodo
2020-10-20	FILE_39875517.doc	doc	07bdea9c73c53c4d65c9cf2061b9a303e8f05180736729fe54c17c6953e66184	41.67%	Heodo
2020-10-20	CZV_100120_HEG_102020.doc	doc	4d4e7e2524b7f191957074f7a24fbae03525c1247ab5d9bad157a9c1405517d6	n/a	Heodo
2020-10-20	REP_IK9134086450PZ.doc	doc	80911a9fc7a1cacae8657c27427e3d2f1a350d3ce6425517da3d1d2fed63e7ce	40.74%	Heodo
2020-10-20	REP_GU5606959703WY.doc	doc	2dcdf03e311cc231854f3971e8e39171b8829e3e72cba54cf82c624519e7e737	39.62%	Heodo
2020-10-20	DOC_O46ROR5OP.doc	doc	db0a0ba8be33544149207aa8dd5ab2fc57b067ca676e309d26035b85a7b93a11	40.32%	Heodo
2020-10-20	DOC_1289281503190356.doc	doc	043ddc738d360fc062c287e155eebb7b7cb64a9cd0cf30ce66cc07990c153e9b	39.62%	Heodo
2020-10-20	DOC_EV5160YUYAZE1B.doc	doc	7c33eefee09c32ed7149ac1697443af70a1c89b3f5ca229b74a214e9038a2668	40.32%	Heodo
2020-10-20	BAL_6CZZTSWLN9O.doc	doc	99c5b5b9db6da4ead541d41673358a7702db7f6cf91b9d3700084b714421f067	40.98%	Heodo