URLhaus Database

You are currently viewing the URLhaus database entry for http://vrindapublicschool.com/cgi-bin/swift/lf0yrgul/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:731950
URL: http://vrindapublicschool.com/cgi-bin/swift/lf0yrgul/
URL Status:Offline
Host: vrindapublicschool.com
Date added:2020-10-22 01:19:04 UTC
Last online:2021-02-18 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU003026898 created on 2020-10-22 01:20:06 UTC)
Takedown time:3 months, 29 days, 16 hours, 29 minutes Bad (down since 2021-02-18 17:49:24 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-23INV_TS6924620161MW.docdoc a6540f229c21ccaf245ddbce5fea77f216483b5dbd6ca26ed2fa92997426d6bcVirustotal results 52.54%Heodo
2020-10-22CYIFR37PA.docdoc f96bf3a1c2f289447b8d80a94b458e8987c92d191d6fe9880b1f21be1ab78abdn/aHeodo
2020-10-22BAL_4908640508508.docdoc 3f0f9c6cc34e60cf9dd9c8479ef08f97d80ffc7bd5135fda5eed8189c7a31f2dn/aHeodo
2020-10-22ZE1358353383LZ.docdoc 6f64e8f7b58ef57d185a9150be2954a871855e0c33586a9309652e7b16a333b5Virustotal results 56.60%Heodo
2020-10-22REP_CI1361646281WU.docdoc b4461b5c2c529cceec7d5f7ca41dae1c6f767b6fb54c560269f4ddd7d64878eeVirustotal results 43.33%Heodo
2020-10-22H_4360770729.docdoc 864d0a9fffea983ef2c1137ddb09a42b8bb880017d0359af9c5758b250bcca9fn/aHeodo
2020-10-22WXLD_RT6A5HC5DMVRF.docdoc 77de1ed43121b520b0f2810212dbe7e10c305388e6555b5310cf07a7f36396b3Virustotal results 47.54%Heodo
2020-10-22INV_02844076.docdoc c3336108f0ac7d89a4a56fc3ab128adf42d66758ea9b304fca469f13b02e93a5Virustotal results 45.90%Heodo
2020-10-22DOC_DZ7640552750HP.docdoc ae5168eab14a38621615d44a35ff6af0052fabf8af421ef2c66f783169b808e8Virustotal results 45.76%Heodo
2020-10-22REP_PO_10222020EX.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 45.00%Heodo
2020-10-22ZQO9E5Q3ZZCVFTBL.docdoc 7bfb9f41a2dc364df62a43b35f7df6f6ff2fd74302c713e8fe91e00a83100dbeVirustotal results 41.67%Heodo
2020-10-22D8AVCHSVQECMYM.docdoc 20b2c39a7931947aa8713534876868f8dd24851c50b934069b2b151661bb2f72n/aHeodo
2020-10-22VRBU_91973007.docdoc 0f43e36af3a584e03529dc3f2c9c6b9e26edee46742cb8db7112fbe7be0d2c8aVirustotal results 45.90%Heodo
2020-10-22PD1668931315CQ.docdoc 5547e0e56d071bec65265c21ea88ed4a9d8103d45eadcf69ca86c09f445bdd32Virustotal results 43.33%Heodo
2020-10-22A_73137947.docdoc e59123120209e007bb80c178032c84791d47cc6ee629f80a0126521791ad3b41Virustotal results 43.33%Heodo
2020-10-22DOC_561107380249.docdoc dd055276d1101a557a37395ac268b9bae8e80f89011d5c312f41d77128ac7898Virustotal results 45.16%Heodo
2020-10-22REP_JU7968659970PW.docdoc ffde4d5090d39328e9695946cf812ebc8bd5ff8ed7afa673ae2217a16673990cVirustotal results 43.33%Heodo
2020-10-22REP_53015350.docdoc 632c5a72a092d28c99811e23f849e709697e9e5fe38e5d17caf58e6c304e65b1Virustotal results 44.07%Heodo
2020-10-22EJD_100120_PQB_102220.docdoc 8d3f3a330ef15519bfb2e3f71de5f5893e321a5e1f09e7f0a7459bb2f27559ccn/aHeodo
2020-10-22PO_10222020EX.docdoc 39f8421b6ac7a025203dfb27d7b193171c2b08644ff2d4521672875356541571n/aHeodo
2020-10-22BSH_100120_NTI_102220.docdoc 06b7e31dc559bea806d24d61738a77de70118de926adc81fcbcdac1468c2bc1bn/aHeodo
2020-10-22LS_15588156.docdoc 0da81935024d0599fd8d9347b3b1cd7d1c3224a851735ee92224a3f2cfe007ddVirustotal results 43.55%Heodo
2020-10-22FILE_S3ZU6EO.docdoc bcaad78fdd62ee09e4609f883847cdbf5a41ccf0e537736277771c3f59eb810bn/aHeodo
2020-10-22REP_RU1058227529RQ.docdoc 79eac1acb26ebc7de50c343fc40ea055096be22d66ee6769c4180cff5a20468fVirustotal results 50.00%Heodo
2020-10-22G_MC3145Z70.docdoc 0d59d407c6fca62823b5b9e4eacce7270e5b98640aa37b1852d5c298805319ddVirustotal results 50.00%Heodo
2020-10-22INV_AIA_100120_GBM_102220.docdoc 56126f16e90d28b3bc7e4a1460c71bd6ffb7763f79d17ecc274e8c6988c8531an/aHeodo
2020-10-22REP_457751297.docdoc fc01225e954f0f4adcca14dbfe1849fd7b5e81afae3a9589177409e2e2c2e972n/aHeodo
2020-10-22SVJ_100120_ZQU_102220.docdoc c343246a8b6df26e48dedc87a71762563be3e241ea28994ad1e2d0700b823f8dVirustotal results 46.77%Heodo
2020-10-22BAL_PO_10222020EX.docdoc 6f75f81099546304948463f0c2305a97be38e42d347794714ea76831f8f507f4Virustotal results 48.39%Heodo
2020-10-22REP_504437464.docdoc bfcf012480833949d47a52c43762fccfd26a1785b134d1da9a84a2f91bca0778n/aHeodo
2020-10-22INV_22792259.docdoc 00be3474f86c64b8ed871822ccfe02e7bdcbb4b5132682ee36915e8553952648Virustotal results 45.00%Heodo
2020-10-22PO_10222020EX.docdoc 29747a11e9ffbd0668f9b880137f1051a27677c4f3bf0a17ead5299fb5857946Virustotal results 46.15%Heodo
2020-10-22DOC_NWKIYNYE.docdoc e755a943026d933b3c65c01bcec32fe70deb9880bcb9f436289a3ce00e15a435Virustotal results 46.67%Heodo
2020-10-22H_XKX_100120_FKQ_102220.docdoc d6a01afe9b81e65f663d1e158125f608fabf18a1b663d705398cf817f9a95c21Virustotal results 45.90%Heodo
2020-10-22BAL_20185629.docdoc 9c0aa6a67f05f22e0bf2889fef6bb38dbbc89fa9da70a8b6ac6cfe0b45f3b704Virustotal results 43.33%Heodo
2020-10-22BAL_WZR_100120_OJL_102220.docdoc dae6b8c95721c04d04a27385380dcf54fac171308904c972b9dd2d78235cc453Virustotal results 42.62%Heodo