URLhaus Database

You are currently viewing the URLhaus database entry for https://techofbeauty.com/cgi-bin/ZIJIFFFD0WQ50U/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:728418
URL: https://techofbeauty.com/cgi-bin/ZIJIFFFD0WQ50U/
URL Status:Offline
Host: techofbeauty.com
Date added:2020-10-21 09:34:09 UTC
Last online:2020-10-31 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 09:34:15 UTC to abuse{at}cloudflare[dot]com)
Takedown time:9 days, 17 hours, 44 minutes Bad (down since 2020-10-31 03:19:10 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22BAL_R9T7XUA9JB.docdoc f4485fe8056305da48ac8453716ea0fa9c6633da1a1f87e01dae3908da1bbbe6Virustotal results 46.55%Heodo
2020-10-22REP_20617831.docdoc 056f25e8944119ad3d9d651d77cc32cef6621c5cb3498b47161738be7aff416eVirustotal results 49.06%Heodo
2020-10-22EL_583696782697043936198632.docdoc 486ec0b6be1825886bf09579218543b12ad5ee75da313f4aefe0f9ad0b027f89Virustotal results 48.00%Heodo
2020-10-22REP_FC9027122070GB.docdoc ff7bc571e097d09b02234d6bef98da4468da5c7dfc197e2cb20f1a00eb85f61eVirustotal results 45.90%Heodo
2020-10-22BAL_YN47VLZ5.docdoc 0e04f78f02f0f9fcdb39483727feb5378dd09035b80679065c5a4b43687170b5Virustotal results 49.06%Heodo
2020-10-22BAL_DQ3062734516UK.docdoc 00be3474f86c64b8ed871822ccfe02e7bdcbb4b5132682ee36915e8553952648Virustotal results 48.33%Heodo
2020-10-22M_79876742.docdoc 29747a11e9ffbd0668f9b880137f1051a27677c4f3bf0a17ead5299fb5857946Virustotal results 46.15%Heodo
2020-10-22EFV_JHPA03AOSCF4HS7L.docdoc 7a9d24e23c3cd1701c2de8826db43aa1dc7d2b73c6c4fd50f491276725a2ad4bVirustotal results 46.77%Heodo
2020-10-22IU_6564878458422607333.docdoc 0b25fca35bd60d2257616a1c1adbf89fefba07969c5a0fc3aa22d3f43ad7c2f4Virustotal results 45.00%Heodo
2020-10-22INV_93729069.docdoc 2ea760060d8e71ffce91d15fe31085ec999ed299d9d13e35dcd0544f8d361b59Virustotal results 43.33%Heodo
2020-10-22FILE_08561253.docdoc 95c62759d32e2a426433130be7fc1c17a3d3787359258f3af33f61760463eeeeVirustotal results 40.98%Heodo
2020-10-22X_9167310439718.docdoc c4453119ba010924fa6571eee7895d995ccd52dcc8380f3b65aaa2bb6508290dn/aHeodo
2020-10-21BAL_WH3549199568RE.docdoc 0ff220d90538db68f12796da43439ff4b8cfa6fe238bf19c8da81c8463f2c4ebVirustotal results 40.00%Heodo
2020-10-21DOC_68276966.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo
2020-10-21FILE_74842966.docdoc 140f99b8c86ce2cbf27556e78284f685e2cd53ff2e50838f444b115a6a04920bn/aHeodo
2020-10-21IGB_43293551.docdoc e5c6d836a7fa994928320dbfced86beeaa1fca7178acfcc05d083304f539cf88n/aHeodo
2020-10-21DOC_82903609.docdoc 5603b9a3314a6d1e9220de7c0d42d8fae17921bf022ea4a8be18d5615989848cn/aHeodo
2020-10-21T_PO_10212020EX.docdoc c3caf9f914df7b8d90ac3dd35fd1ad24ec34a4d1af94293e9002a9f8f943703en/aHeodo
2020-10-21IA_WNY7P7UCEPBMILNU.docdoc 202d0af84b5b68cf2a54ce8f9afa3befc8f994b934e380cbc1dab9dfdbd11bccVirustotal results 30.65%Heodo
2020-10-21DOC_435782074.docdoc c92778df4ae556cc2ad66979e6fafa9256ce4c9c7d0457c6525711429def55fen/aHeodo
2020-10-21FILE_1215165082143.docdoc c0308a4a6567ed36df7165b3cffbe26f676322783de09900dd7b7e6b7d642b97Virustotal results 30.19%Heodo
2020-10-21FILE_MKM5SEYRXCSZA.docdoc 25c71c161f7a916496cd76d407fc6a0863e2f36fa50e8b2cb886b5ca7b853dfan/aHeodo
2020-10-21INV_96800732.docdoc 65afacffdde9c2202e28125192dbfc1094522200913e53bd6d003b6a1754f3f7Virustotal results 20.97%Heodo
2020-10-21UV0664588653FB.docdoc 27a0f68aaff44c4e5adb18dd89c4cb3b92fa305b84cd9bdfd76c9a5d8dbf58f1n/aHeodo
2020-10-21P_IDL_100120_REY_102120.docdoc 0f254a04303e1e2af66659268b48d1e2617f5df9e21817a71a886128d221738bn/aHeodo
2020-10-21NQ89FH16SM1.docdoc a002bd15074effe4548ccc07946e51276be1d1ffbdbe1e474aa78b2f629a997cVirustotal results 31.15%Heodo
2020-10-21DOC_55154745.docdoc cd8851bd896a7e87cc70c70d34d548cf3618138a015fc11eec546d47780a586dVirustotal results 31.67%Heodo
2020-10-21BAL_XN1940097350BU.docdoc b77d2293e1769638ff23750ab476d2eae143a5bbf834e756d17505298ffc2776n/aHeodo
2020-10-21M_LW5754481358OB.docdoc 11c8cdc867668b0fe262189aaf49519ffbf3391fa8303856b0a08a52562cd611Virustotal results 25.81%Heodo
2020-10-21REP_XS3418450416CH.docdoc 4a8ef7b61c8dea7745464f96999dcc37abec856e23e55bc6eaa7ef374a6c1878n/aHeodo
2020-10-21DOC_AS6459109852QD.docdoc 0564c8bd86a30a6d5f73adf8e176a2b82925865e9ab188708c901e865405bc34n/aHeodo
2020-10-21DOC_955790816559308722.docdoc 6d21ebd2968beb17398f1ae51734c82dc41ee7eea21a41abf7ede25119c77b79Virustotal results 25.81%Heodo
2020-10-21EZ1664088196LB.docdoc 2e56fde4acc7cac043046e86b999a37aeb702d863f9024c4ce83e95d7c787d70n/aHeodo