URLhaus Database

You are currently viewing the URLhaus database entry for https://www.almusafirholidays.com/new/swift/hjcav1d3/vcgenpgtyi4hypd6agaprxyl0wx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:727222
URL: https://www.almusafirholidays.com/new/swift/hjcav1d3/vcgenpgtyi4hypd6agaprxyl0wx/
URL Status:Offline
Host: www.almusafirholidays.com
Date added:2020-10-21 05:57:11 UTC
Last online:2020-10-21 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 06:08:01 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:12 hours, 27 minutes Good (down since 2020-10-21 18:35:10 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-21REP_PO_10212020EX.docdoc c3caf9f914df7b8d90ac3dd35fd1ad24ec34a4d1af94293e9002a9f8f943703en/aHeodo
2020-10-21INV_9313921105689.docdoc cb128eb8a7e2118942b9dc0b429a21c8aa057dac01473ad072f487d02cc80849Virustotal results 33.33%Heodo
2020-10-21VOQQ_TWAT8WDN0O9HB2Y.docdoc c92778df4ae556cc2ad66979e6fafa9256ce4c9c7d0457c6525711429def55fen/aHeodo
2020-10-21BAL_05007744.docdoc 4d2ca163c6d59789cde935b7d539ba3c8e4abd2beed45704fba11fe67fc983a2n/aHeodo
2020-10-21FILE_582696245867691.docdoc 801d055e1eedecef11caac3bb1c618c0699c6f601404d03fcb2d2b1421c3b03cn/aHeodo
2020-10-21INV_ZVC_100120_UTM_102120.docdoc a8e0958e9f5cc471c0d6f5e23d002544d61929844383b17429c383146a68911cVirustotal results 21.67%Heodo
2020-10-21PN0787628288ER.docdoc 27a0f68aaff44c4e5adb18dd89c4cb3b92fa305b84cd9bdfd76c9a5d8dbf58f1Virustotal results 20.00%Heodo
2020-10-21FILE_LQ2481470433LN.docdoc d5c24aea94acf1b51e67dc57eaeb7009e54b212f508d33e9c08beba932daaafdVirustotal results 31.67%Heodo
2020-10-21FILE_6WVLDH6IR0IDCZOE.docdoc a22de608c25a6a0dec4ca2749b1a1048b8351177b5195780f85baaee421ce713n/aHeodo
2020-10-2151727176.docdoc a002bd15074effe4548ccc07946e51276be1d1ffbdbe1e474aa78b2f629a997cVirustotal results 31.15%Heodo
2020-10-21LSJ_100120_WGW_102120.docdoc cd8851bd896a7e87cc70c70d34d548cf3618138a015fc11eec546d47780a586dVirustotal results 31.67%Heodo
2020-10-2146019073078940683.docdoc 8cfa219330a7e68795a29e761cb2e73a2dce4884afebba4f91a0886dc8012920Virustotal results 27.42%Heodo
2020-10-21INV_0045356057403316580924.docdoc 7fd4239f8f25bb0287746f554cbdffc534ced3346467f2a882722772a9d44d34n/aHeodo
2020-10-21BAL_CLM_100120_UKS_102120.docdoc 64c0402c0b906a218b1e4c2101145066a57b5a034a16a82957081f8ca15b4763Virustotal results 27.87%Heodo
2020-10-21REP_URN_100120_GMM_102120.docdoc ca0fddb21291a2fc5f13391576cdc877b2748934257b1294142481e3a734cd47n/aHeodo
2020-10-21WIV_100120_TDP_102120.docdoc 552e98ed18af24b89d6cd937f335ee85312e919ad186a6e0d1bb5839fdc96167n/aHeodo
2020-10-21DOC_PO_10212020EX.docdoc e88388bec3164944678627db062b753e76b6f7f710a9fabc43dfe69e7df2f366n/aHeodo
2020-10-21INV_UQMFDDT16MXU4.docdoc d3eb1ac711c92a7ffd2516e93813ce184cf849bf5cc7890aadab90c20f450c17Virustotal results 50.00%Heodo
2020-10-21FILE_28409853.docdoc 91b4636eaefca65ce60c334d8ae4d9c2b01b86dab6e1aa54127de53228272d88Virustotal results 50.00%Heodo
2020-10-21D_PO_10212020EX.docdoc e6335af6ecbbb9d05de5332fb55088045d8066babe6f9fb4cb05e7097ce44046Virustotal results 49.06%Heodo
2020-10-2173331848.docdoc 453c4b4cf3a5fda7d48005d020112c06ebcbcf478ead4ebcfacf25576781bb2an/aHeodo
2020-10-21NOGQ_CX7F6XU.docdoc 7bb0c64469d6f91a86db62a275cfbfa0b6bbf04e10bde77f507649c0adbd844an/aHeodo
2020-10-21BAL_53583192.docdoc f6ca28aa0ec1ee28ce246d787de062e5b78554ec2cfc62fbf00db085c177b074Virustotal results 40.74%Heodo
2020-10-21REP_66051712774312.docdoc 39a7385578321db9d477ff19e7087b03d3c57076ceca16fc2af049c087f72343Virustotal results 38.98%Heodo
2020-10-21INV_S4CDUAWOVUIVQ7S.docdoc fdf5102af9db589345a5c7d4e747c98489a7341147058b2a42e337a03fa62baaVirustotal results 50.82%Heodo