URLhaus Database

You are currently viewing the URLhaus database entry for http://www.msjonanursery.com/demo/browse/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	726967
URL:	http://www.msjonanursery.com/demo/browse/
URL Status:	Offline
Host:	www.msjonanursery.com
Date added:	2020-10-21 05:54:53 UTC
Last online:	2020-10-22 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-21 06:02:27 UTC to abuse{at}godaddy[dot]com)
Takedown time:	1 day, 9 hours, 26 minutes (down since 2020-10-22 15:28:33 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-21	R_55675526.doc	doc	3870c4b69f68d86fe116181343d8d6d97a22d191a028b02f300f0e5d1e33eb60	27.59%	Heodo
2020-10-21	FILE_02510010.doc	doc	cd8851bd896a7e87cc70c70d34d548cf3618138a015fc11eec546d47780a586d	31.67%	Heodo
2020-10-21	FILE_PO_10212020EX.doc	doc	aad3348c28dbb9e0a038508e8fde9f2771e550228320b8ebc0f6cf1d11c39945	n/a	Heodo
2020-10-21	ZX_22744056.doc	doc	b77d2293e1769638ff23750ab476d2eae143a5bbf834e756d17505298ffc2776	n/a	Heodo
2020-10-21	REP_OQGGA0F94Q5UWTO.doc	doc	1ade5184899b623fc4bf9b7caacde819e06dcc9234a962622c056349092327c1	27.42%	Heodo
2020-10-21	NG_ALO_100120_VKM_102120.doc	doc	4a8ef7b61c8dea7745464f96999dcc37abec856e23e55bc6eaa7ef374a6c1878	32.08%	Heodo
2020-10-21	6084338395973.doc	doc	1e61f3c2c68fda87e0f2ba6a98d5e8ef53a5aab53b29c60be7ec3260412dbd0d	n/a	Heodo
2020-10-21	MGRE_KE6081909921BO.doc	doc	6d21ebd2968beb17398f1ae51734c82dc41ee7eea21a41abf7ede25119c77b79	n/a	Heodo
2020-10-21	BAL_04548071453216268235.doc	doc	2e56fde4acc7cac043046e86b999a37aeb702d863f9024c4ce83e95d7c787d70	24.59%	Heodo
2020-10-21	MW8098626608ZV.doc	doc	14db2954827c22a1f16b0326dc0d7443d94cd16d6bc7da92a933e19e64a34fdb	50.82%	Heodo
2020-10-21	FILE_2682242836826735900504.doc	doc	ecf5ecbbe5e2904306de22bb28532af5b7e0cbadc8446cbb2fa456255683e972	n/a	Heodo
2020-10-21	FILE_PO_10212020EX.doc	doc	988037ab30e7fefdcaff766f160658d982522969787c02fddfd09ce912573dc1	n/a	Heodo
2020-10-21	GTPOL0HAZC5B5PW0.doc	doc	99e0cc7017a32fc566d969c88fae5cc8db236858e93bfe804e18a1c4a08e94e8	50.00%	Heodo
2020-10-21	MA0506311076PP.doc	doc	850a811a1e29aafadeaca369778609e35c77edcb8588f69f153e44195d40d6b5	n/a	Heodo
2020-10-21	FILE_HLM_100120_YWM_102120.doc	doc	f63551b5b6a12a9fe329cae332d0d952a9e56640ed81da22996a4ee0efd379c1	41.94%	Heodo
2020-10-21	LCW_65193425.doc	doc	c75ff84fe40e2bd56dd64dd2a51d43de4ae2eac42c9efb6df985ff4244f7f974	n/a	Heodo
2020-10-21	INV_5C9PUVK.doc	doc	fdf5102af9db589345a5c7d4e747c98489a7341147058b2a42e337a03fa62baa	n/a	Heodo