URLhaus Database

You are currently viewing the URLhaus database entry for http://ultimatebonus.net/cgi-bin/form/nsxqkoojg-0020140/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	725459
URL:	http://ultimatebonus.net/cgi-bin/form/nsxqkoojg-0020140/
URL Status:	Offline
Host:	ultimatebonus.net
Date added:	2020-10-20 20:49:03 UTC
Last online:	2020-10-21 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU003024531 created on 2020-10-20 20:50:06 UTC)
Takedown time:	1 day, 2 hours, 0 minutes (down since 2020-10-21 22:50:13 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-21	Invoice.doc	doc	90828b96547b35641ebd76b91c0200f8f057974be00f528002acf24663c9991f	33.96%	Heodo
2020-10-21	Invoice 07382916.doc	doc	95cc36236ff79a346718e90e5015315ec3f419d22f5ce7ed1d2abbc04eab70b9	32.26%	Heodo
2020-10-21	Inv. 087120352.doc	doc	41355a097538a80c8204c61e7eb31f408568aa25e3593d587b0dc41e95838f6c	n/a	Heodo
2020-10-21	PF-100120 ZCDR-102120.doc	doc	958a56b45155799f98c055be1da4870f014dfc78b57a8c92a1c62c8b9a947248	n/a	Heodo
2020-10-21	002842014.doc	doc	e45c71c909dafaee0830088e9068e0cb0f2f99e5ab1ff7da592240e46ba6fa58	29.03%	Heodo
2020-10-21	T-100120 FRQD-102120.doc	doc	d6722700e4deec26acf704986fa3460027afa685e40acd627dd4d9b85c0f199b	n/a	Heodo
2020-10-21	Electronic form.doc	doc	ef59fe140a6b63b4aae9e7e31953441b4560e00bb76a3b2eef15fc04f5e1abb8	27.42%	Heodo
2020-10-21	PO# 10212020.doc	doc	f492868f49d7ac388ea92c1bf5895ce59c3b1de49e2d3b397a6987eb4c32abac	26.23%	Heodo
2020-10-21	invoice #6666.doc	doc	cf275b27c9d9ff1afbbf89c46cd4546584c4a173ddc75405c48b7ead240f7b0b	n/a	Heodo
2020-10-21	Inv. 072561562883.doc	doc	f41d3c54b63ec1671bd601f1800ff185f8c325398a4ae3e1747d7d2421a2bfe1	26.67%	Heodo
2020-10-21	Payment.doc	doc	1c615910d79aa7763683cab844eb3542e60cdc0b9052bf2649a0fe8034ccaa51	n/a	Heodo
2020-10-21	PX-100120 UIVD-102120.doc	doc	d00125dd0f069c23c0ae5f95db081c57dfd23bc67fd5308053a4204ace382b4c	24.59%	Heodo
2020-10-21	invoice.doc	doc	cda828dede96620b0eed85c89ba9eebb9aae7aa5f6b54141207e8f0f9e44e0eb	28.57%	Heodo
2020-10-21	Inv. 0033949.doc	doc	d8e0f462d8d75918d376254506d8d9ca846f6fa1f33076a091cd9f61832efbc2	50.94%	Heodo
2020-10-21	Invoice.doc	doc	7301eb52916c5b004b3f81ebf360c397e25aba900652108420b868313afce2ae	48.33%	Heodo
2020-10-21	S95 invoicing.doc	doc	31658c6055bda692c4a944b0dd23ef5f0ef7d312df172a1eafb6317a110f286b	48.39%	Heodo
2020-10-21	SW-100120 GXMG-102120.doc	doc	a9b5951976e5aebe82b1a18ef33e379ec5f3a36a04b89103649e54d7dc746aec	49.06%	Heodo
2020-10-21	invoice #5922.doc	doc	cbc98038cc0dab8d10dbfa4950f8228777c05eee346ce80ab1f2002c51939ac1	46.15%	Heodo
2020-10-21	October Invoice.doc	doc	e3812e0aa164c68399e61ce76904450c3e6bc028111a3c4df2155e37ad5d01b1	44.44%	Heodo
2020-10-21	Invoice.doc	doc	a83dce48be132b625d87853a68a56238720b2fad3e3bfb67c50bdf1d677a98dd	43.33%	Heodo
2020-10-21	Inv_9827.doc	doc	a3bd9261b5a8844a6a6a77e06f0eabf6a21d998001e99718a42f8bfc8147762d	42.62%	Heodo
2020-10-21	invoice #9307.doc	doc	29cdc20b4b547e832ab1e9c0eeff5b71201efe4262d8d542a8b359131f26ed1a	41.67%	Heodo
2020-10-21	Form - Oct 21, 2020.doc	doc	916c5fa5d800ce852e4e0e1c215daf1e813c868e5b1d9b0c7956b16ec6649adf	41.51%	Heodo
2020-10-21	Inv. 09008897.doc	doc	663930eb12ff6afb8cd3d0410fcef8fa32edf4964504e10f0cd56af546b0ecb2	41.51%	Heodo
2020-10-21	BY7753182694FN.doc	doc	f75dfd9100b7fb7c93a95812e11a04f911e4ed1f61fafa8b73c747df9898a212	40.98%	Heodo
2020-10-20	BI987 invoicing.doc	doc	f98b21e5ba36d3d933fdd95c54037c9a3412c52fd05700222580a7e4267608bd	41.51%	Heodo
2020-10-20	form.doc	doc	b07a48ca7d09a730829f65f399a5f0496e4c14989705d83a73630dc2a67f80f0	40.98%	Heodo
2020-10-20	Form.doc	doc	9be377b592614918b5f4aa295f73afeb586e3e386f7bec12cf04637f31433d7b	n/a	Heodo
2020-10-20	October Invoice.doc	doc	a85c57fa12d0087eb6da3bbeff4a027b351978d8b8073086c43d522366e5fe9e	n/a	Heodo
2020-10-20	Form - Oct 21, 2020.doc	doc	a8e92bb15ad9bcd8e93e71644a570c2aeb6d030e2b496412500deb4ee2a23889	37.10%	Heodo
2020-10-20	PA004 invoicing.doc	doc	c1a2f053ac0b9cafe6d08072e6971d0dfad8f938cc167753df413b1a5ee4065b	32.79%	Heodo
2020-10-20	PO# 10202020.doc	doc	80112c9d5f76aa1687aa0df70c0d7f1d96f1b7524da942b87480ff37231091e8	32.79%	Heodo