URLhaus Database

You are currently viewing the URLhaus database entry for http://www.thatsswift.com/wp-includes/86r1jwlzkjy/gai4m9iksz/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:727336
URL: http://www.thatsswift.com/wp-includes/86r1jwlzkjy/gai4m9iksz/
URL Status:Offline
Host: www.thatsswift.com
Date added:2020-10-21 05:58:24 UTC
Last online:2020-10-21 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 06:02:21 UTC to abuse{at}godaddy[dot]com)
Takedown time:17 hours, 7 minutes Good (down since 2020-10-21 23:10:12 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-21REP_84022237318.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo
2020-10-21EVL_100120_OZD_102120.docdoc 140f99b8c86ce2cbf27556e78284f685e2cd53ff2e50838f444b115a6a04920bn/aHeodo
2020-10-21EP5381140118LD.docdoc e5c6d836a7fa994928320dbfced86beeaa1fca7178acfcc05d083304f539cf88n/aHeodo
2020-10-21REP_AP1341769495AV.docdoc a607fcbdbc7033dabce78e1e902b9822bfe98a9a901c350b44c8f053fb3851c3Virustotal results 38.71%Heodo
2020-10-2114036253616848.docdoc 707a2acd195f4e2ac6ab0bdd8c10bb19a6d95938a957ff75aab954aba3526fbfn/aHeodo
2020-10-2127105257.docdoc ee8ef9beac4202e018577996e293215dd2cc1e260bca0ac0a38f9abcdcd4fa2dVirustotal results 33.96%Heodo
2020-10-21INV_BEH_100120_CIC_102120.docdoc 1cb0001d422c0b16aa106ca96ff8aa0db8fec461c49b8f80ac75b5ab4001803cVirustotal results 33.96%Heodo
2020-10-21SM0878738482NK.docdoc c92778df4ae556cc2ad66979e6fafa9256ce4c9c7d0457c6525711429def55fen/aHeodo
2020-10-21INV_JDB77BN.docdoc 4d2ca163c6d59789cde935b7d539ba3c8e4abd2beed45704fba11fe67fc983a2n/aHeodo
2020-10-21FILE_CB1558853187PG.docdoc f63607511cb25a712c35a3841650f25d68980730edc650fd4bb1d1e9df48d05eVirustotal results 21.31%Heodo
2020-10-21BAL_RR2788341174VL.docdoc a8e0958e9f5cc471c0d6f5e23d002544d61929844383b17429c383146a68911cVirustotal results 19.67%Heodo
2020-10-21REP_KWY_100120_IQU_102120.docdoc fddd48d21efdc1d86734b611c1183bfe17b584b835bdb85655c3f9b17cf3e8afn/aHeodo
2020-10-21BAL_5785412386.docdoc abd94a7b58ada746b22d9d6a4ef2b3847deda4d5569325459951c0c7f3b2a355n/aHeodo
2020-10-21INV_8E7MBNFBYIB.docdoc cdf08877df82aef07518f10414f3dc1ec0bca6a662ee6191b7c76105bb51a0b1Virustotal results 31.15%Heodo
2020-10-21REP_5O2836R.docdoc 0ee34b08635cebc909a2b1768d921c645fb1cf94ddf18ada0c4a5bf5f9481bf2n/aHeodo
2020-10-21REP_688134893753.docdoc e5775f86f29169ccf949e3eaab8795640598966ef0b75b159805360e853182d3Virustotal results 29.03%Heodo
2020-10-21O_Y36O3IY.docdoc 2da9ff6b9857ded2d05f53a3371381ce3ba9e5142ba1205b0089dc24eed9c7a2n/aHeodo
2020-10-21DOC_NNC5XO97S15OQP.docdoc 8867dad1e6fa3cef3175c901254ff6603b13be682335aee86532b2d0a4837eb0n/aHeodo
2020-10-21BAL_7LZC4W5B7WWH.docdoc 5e140e968dc7d972b9799ab18a96cc056bf78fe1d5340c72ba9bd4486ed71d60Virustotal results 32.08%Heodo
2020-10-2153733236.docdoc 148588102731dd9742cd698c882b48c4b49cbfdd868647a83a15a0cbb1f0c8can/aHeodo
2020-10-21DOC_BU4893784592BY.docdoc d09a3b2020a8fe4602378a86d4e37891b134569113ac01d5fb358f9538b5449an/aHeodo
2020-10-21LFEX0ZY.docdoc d8c3caed18462d4a897693d0d30e62d341e8947dde175f7a91cc1817d31e5932n/aHeodo
2020-10-21TZ3930581122PW.docdoc 91b4636eaefca65ce60c334d8ae4d9c2b01b86dab6e1aa54127de53228272d88Virustotal results 50.00%Heodo
2020-10-21FILE_VCP767051MLTD.docdoc e6335af6ecbbb9d05de5332fb55088045d8066babe6f9fb4cb05e7097ce44046Virustotal results 49.06%Heodo
2020-10-21INV_PO_10212020EX.docdoc 3f28d23c6650e22fa69d824efc5153fd46fecbbdbd236ae7b4ee15bae4ef556dn/aHeodo
2020-10-21INV_KV9794471827FT.docdoc 850a811a1e29aafadeaca369778609e35c77edcb8588f69f153e44195d40d6b5n/aHeodo
2020-10-21FILE_PO_10212020EX.docdoc e564dc4f4b2a32c2781479babdb648f9236aabef71d80dcc74011f449a873c7aVirustotal results 49.06%Heodo
2020-10-21N_PR6ZNZF4T60XPE.docdoc 39a7385578321db9d477ff19e7087b03d3c57076ceca16fc2af049c087f72343Virustotal results 38.98%Heodo
2020-10-21REP_INY_100120_MIE_102120.docdoc 844d9efee04baab149ff86c31963c101151796f861eb84cd816fde655e3f7f78Virustotal results 39.34%Heodo