URLhaus Database

You are currently viewing the URLhaus database entry for https://www.samoa.ws/wp-admin/lm/znppn9ofea93qz/5itn4ocxlz/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:728426
URL: https://www.samoa.ws/wp-admin/lm/znppn9ofea93qz/5itn4ocxlz/
URL Status:Offline
Host: www.samoa.ws
Date added:2020-10-21 09:34:15 UTC
Last online:2020-10-22 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 09:36:24 UTC to ispoperations{at}csl[dot]ws)
Takedown time:18 hours, 0 minutes Good (down since 2020-10-22 03:37:04 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22DOC_S6VJ2WT.docdoc 2622c411514e2ebeb404ff72a11abb8b36da194d0f09dcc95869802a01cf4a20Virustotal results 46.67%Heodo
2020-10-22O_65531758.docdoc 9fe7e239b00579f78275ddcdb282bf2b112dad4d3a0bbc7f183e800244486bb9Virustotal results 48.00%Heodo
2020-10-22REP_54042948.docdoc a1430eef6f6acc51cfc4215bd06407ebfc4f5ac126d9f05c27b3cf359dbb816eVirustotal results 46.55%Heodo
2020-10-22CM26SEQO3.docdoc bffe543ff321cb95dc82dc8c8a96c283d019176537290a63c6bc86d7ae98fe57n/aHeodo
2020-10-22DOC_90325156.docdoc dae6b8c95721c04d04a27385380dcf54fac171308904c972b9dd2d78235cc453Virustotal results 40.98%Heodo
2020-10-2285832642.docdoc 95c62759d32e2a426433130be7fc1c17a3d3787359258f3af33f61760463eeeeVirustotal results 40.98%Heodo
2020-10-22BAL_PO_10222020EX.docdoc 1a8e2f855156722a9170dfcd7a57dfa4d375973ea54bc2b85fca299010c4e763n/aHeodo
2020-10-21INV_O9LPVD1E.docdoc 3af63f662ad3afb788f4f65538788a97811e2a45d869bf83d5ac6dfa9a2251e7Virustotal results 41.51%Heodo
2020-10-21REP_26730180.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 39.34%Heodo
2020-10-21SX_19714823.docdoc 3edf85ed613cb1c778b32fa1ff5aea9553de2e9e8224d5cd868eca8863b67ff8n/aHeodo
2020-10-21BAL_GZ5955418852IN.docdoc 6ba57b23af759ecff46938a23b32591f453cbc4d14eadc9dd89d08ff1d38fdb1n/a Heodo
2020-10-21DG5600551525KK.docdoc c3caf9f914df7b8d90ac3dd35fd1ad24ec34a4d1af94293e9002a9f8f943703en/aHeodo
2020-10-21REP_AQM_100120_UIO_102120.docdoc 1cb0001d422c0b16aa106ca96ff8aa0db8fec461c49b8f80ac75b5ab4001803cn/aHeodo
2020-10-21T2R2CYQRV4J.docdoc 1aa89b2621934f0cb4c76e3a72e7ab8888d88e8dfb6108e0d2a957e0c3f763e9n/aHeodo
2020-10-21BAL_3IMY5Y9WYTM7.docdoc 29cb3ec3beb6ca2f741754847b581ceff558616ae86bd67e8487abced4417160n/aHeodo
2020-10-2137754074309178.docdoc 02a8230dfddee28c717cc288e1573b5a44194cebefd65b8a20d0e37e2e086a1an/aHeodo
2020-10-21INV_PPD_100120_INL_102120.docdoc f168ef97aa8cb399a6f327fb6a301f7ae5e115c7ed1ad5c8b59819663bebd7e2Virustotal results 22.58%Heodo
2020-10-21REP_NY6284715959TQ.docdoc a8e0958e9f5cc471c0d6f5e23d002544d61929844383b17429c383146a68911cVirustotal results 19.67%Heodo
2020-10-2122268924.docdoc c5a24c44676321aaf9dbcd1eba6df9c5ca6433f79184f914f8516a94077eb5cfn/aHeodo
2020-10-21BAL_PO_10212020EX.docdoc df23f7673bff775b6e684f5ba9d205d51e926537e185534fb4726ce87e541f04Virustotal results 30.00%Heodo
2020-10-21YBU_100120_KLK_102120.docdoc 48dcc11f86c806e63c91ec7c94212e16f1ce37001949a1c5ce938839122aa5a0n/aHeodo
2020-10-21PASM_2D61GBKGF3IU.docdoc f762fa2e19b39567f9550fec095e6bf1f7655fee2bfa11190f293736f74f57b5n/aHeodo
2020-10-21DOC_GG2797837710SG.docdoc 8cfa219330a7e68795a29e761cb2e73a2dce4884afebba4f91a0886dc8012920Virustotal results 27.42%Heodo
2020-10-21B_97456962.docdoc f93730c27fbb9a6c6cc64e5f4d9127854a0c11d165e699569dd0828ebee3ec4bn/aHeodo
2020-10-21REP_OY6996019901XR.docdoc 64c0402c0b906a218b1e4c2101145066a57b5a034a16a82957081f8ca15b4763n/aHeodo
2020-10-21PO_10212020EX.docdoc 0564c8bd86a30a6d5f73adf8e176a2b82925865e9ab188708c901e865405bc34n/aHeodo
2020-10-21PVF_100120_IPK_102120.docdoc 552e98ed18af24b89d6cd937f335ee85312e919ad186a6e0d1bb5839fdc96167n/aHeodo
2020-10-21BAL_NUY_100120_SBR_102120.docdoc 2e56fde4acc7cac043046e86b999a37aeb702d863f9024c4ce83e95d7c787d70n/aHeodo