URLhaus Database

You are currently viewing the URLhaus database entry for http://fervica.com.ve/cgi-bin/ypt6bmo7wj39l/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:730089
URL: http://fervica.com.ve/cgi-bin/ypt6bmo7wj39l/
URL Status:Offline
Host: fervica.com.ve
Date added:2020-10-21 16:07:09 UTC
Last online:2020-10-22 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 16:08:25 UTC to abuse{at}ovh[dot]net)
Takedown time:21 hours, 2 minutes Good (down since 2020-10-22 13:10:33 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22FILE_VI7720000848BQ.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 45.00%Heodo
2020-10-22BAL_643077232.docdoc 4d47b00933264748db78cf195ca1f5e1c8b123664e286f42873e764ded7fcac4Virustotal results 48.15%Heodo
2020-10-22BAL_560179728587716.docdoc fbb11ed6ce463e4a5598842961d2199f7264331418e806b4d15fa38b06600e7aVirustotal results 45.16%Heodo
2020-10-22I_AN2514024100GQ.docdoc 00b5ed9d27b648625d7d287b5073938811a0a2684b6ad6351ca8b0e0cc5f1a54n/aHeodo
2020-10-2276907562.docdoc f97779f33418db6073bc8513c4f3a2e489d37785d0c05f446aacb1a564900e77Virustotal results 45.16%Heodo
2020-10-22BNH_100120_UBB_102220.docdoc b39c953e5621fd7b9af004e2d9195a7a37f9070b736007d74635c5d36d6ccd04Virustotal results 42.37%Heodo
2020-10-22PB0065491796IN.docdoc 969af7921bad722ff0f082e99bcb5d90218a2b64387e795508902aa64f7a351aVirustotal results 47.17%Heodo
2020-10-22MM7134386599TN.docdoc bb66afe308a4f9aac368840effb767d5fec62db675e7d03e6f7d4b9dc52fd30en/aHeodo
2020-10-2244423431.docdoc 72260fddfa04793a225f545c6e2e63e49eae09375ed3a8a64a5fd3164804be5en/aHeodo
2020-10-22REP_15649120051310861345.docdoc 0ed13bfe440f265ced87a03e27334e5bb59ad3d45b345e526577b6d168922975Virustotal results 45.16%Heodo
2020-10-22INV_YP092HYGWY6JT8.docdoc bcaad78fdd62ee09e4609f883847cdbf5a41ccf0e537736277771c3f59eb810bVirustotal results 43.55%Heodo
2020-10-22DOC_EG3257166782SY.docdoc e01b2dd423d602c30905f88e9c829c72498492b0ebc8c6625f81b78ad77dcaa6Virustotal results 43.55%Heodo
2020-10-22REP_TFB_100120_GSX_102220.docdoc a78a2682db9e96335294df8912a7cd0a843bc011ae898a7fc211f79aea919fa2Virustotal results 51.61%Heodo
2020-10-22INV_83780276.docdoc f00791295a21f7fea2b5a3fc6f14be08b6182388080f8e0666bc87ef8201a362Virustotal results 50.00%Heodo
2020-10-22REP_PO_10222020EX.docdoc da03a9b55b6989c3afc8a859785e254418322eb601e9fcf2ce58da55d9bc7d0bn/aHeodo
2020-10-22REP_PO_10222020EX.docdoc ef3eda0a0ce827c44632df7b430f082bf54965ce02293734e942776bbfd2b1fcVirustotal results 50.00%Heodo
2020-10-22FILE_PO_10222020EX.docdoc 056f25e8944119ad3d9d651d77cc32cef6621c5cb3498b47161738be7aff416eVirustotal results 50.00%Heodo
2020-10-22DOC_MB2923027364LW.docdoc 6f75f81099546304948463f0c2305a97be38e42d347794714ea76831f8f507f4Virustotal results 48.39%Heodo
2020-10-22Z_38287335.docdoc ff7bc571e097d09b02234d6bef98da4468da5c7dfc197e2cb20f1a00eb85f61eVirustotal results 45.90%Heodo
2020-10-22DOC_920872858463279984424226.docdoc 00be3474f86c64b8ed871822ccfe02e7bdcbb4b5132682ee36915e8553952648Virustotal results 45.00%Heodo
2020-10-2206752631.docdoc 9fe7e239b00579f78275ddcdb282bf2b112dad4d3a0bbc7f183e800244486bb9Virustotal results 48.08%Heodo
2020-10-22H_960889218419.docdoc fe681aba1adcf7e82fd0daedeb3af000c89d34693b1dd0022c273e936ed660cdVirustotal results 48.15%Heodo
2020-10-22CJIXBRG0ZISZ.docdoc 8cf9bf37fe3de456cee48cd50ac6487278290ce4038eee214389512625297016Virustotal results 47.17%Heodo
2020-10-22T_LK5752314027MP.docdoc 9b4d04d1dad15a8a798ceba5f12e03c81a04335dca8703f2e4790675688590aaVirustotal results 44.26%Heodo
2020-10-22PD_RKV_100120_IZT_102220.docdoc 95c62759d32e2a426433130be7fc1c17a3d3787359258f3af33f61760463eeeeVirustotal results 43.40%Heodo
2020-10-22RWT_100120_CEG_102220.docdoc 4665ba876c251ac6ea1e6dcf5ce0a09af31397be348343317144e459901013c0Virustotal results 44.07%Heodo
2020-10-21INV_80990079.docdoc 0ff220d90538db68f12796da43439ff4b8cfa6fe238bf19c8da81c8463f2c4ebVirustotal results 40.00%Heodo
2020-10-21AP_PO_10212020EX.docdoc 890535144da2084ee8e9431e6521be9719100cc5bec7679a4d7bdce3763a692cVirustotal results 41.51%Heodo
2020-10-21Q_RPELBXNK.docdoc 140f99b8c86ce2cbf27556e78284f685e2cd53ff2e50838f444b115a6a04920bn/aHeodo
2020-10-21REP_61001927.docdoc 3edf85ed613cb1c778b32fa1ff5aea9553de2e9e8224d5cd868eca8863b67ff8n/aHeodo
2020-10-21PO_10212020EX.docdoc 0aa26310a6be42d4304afc0e1af7040d7117389fdd1aa366e89d6791d226748dVirustotal results 37.70%Heodo
2020-10-2135902609.docdoc c918e4496eda71d4934774f5bed0f956d1810ac516f9460cfe22f4abeddf2af9n/aHeodo
2020-10-21FILE_84256256.docdoc 1cb0001d422c0b16aa106ca96ff8aa0db8fec461c49b8f80ac75b5ab4001803cn/aHeodo
2020-10-21K_PO_10212020EX.docdoc c92778df4ae556cc2ad66979e6fafa9256ce4c9c7d0457c6525711429def55fen/aHeodo
2020-10-21DOC_NX1185373152AQ.docdoc 05c3a6aa1d912bfb9f1a5d70ed968c16b5e36f90c738ecd3c40756c2b3c48f26Virustotal results 29.09%Heodo
2020-10-21DOC_HO4965840447TO.docdoc 2b878c91263197fee95bb3a901d70c43d0819d4ceb680fb58b8877eaebcc2ee6Virustotal results 28.85%Heodo