URLhaus Database

You are currently viewing the URLhaus database entry for http://omegatravelandtour.com/wp-content/sites/rsijqqcy2p3q0tl/zkjx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:732033
URL: http://omegatravelandtour.com/wp-content/sites/rsijqqcy2p3q0tl/zkjx/
URL Status:Offline
Host: omegatravelandtour.com
Date added:2020-10-22 01:39:05 UTC
Last online:2020-10-24 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU003026910 created on 2020-10-22 01:40:06 UTC)
Takedown time:2 days, 12 hours, 48 minutes Poor (down since 2020-10-24 14:28:15 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-24FILE_53195270.docdoc e316ccee89720d2ba6cba7d73dc385326ae94c733c732c5335dec44d2b4a8e3bVirustotal results 65.38%Heodo
2020-10-22PO_10222020EX.docdoc 2012a08768e19ce57c0229fe901f5710998a91d936f73c4ca838dab581c5010dn/aHeodo
2020-10-228N8CIIV57JF.docdoc 98d0f2c55494aaf59e1235a59b639621f2ffc6764bca6a15450ff0374e3fae62n/aHeodo
2020-10-22496080342.docdoc aea5323b8ec31304c294e8225cddefa8aa8a5df30873dc0b5af266062972583fn/aHeodo
2020-10-22QQQVKWIAWGHUSN43.docdoc b02d8914188d8c0628510d4008fda2cb9854c383c714ccfec3133edf22263fe0n/a Heodo
2020-10-22DOC_NO1498FCORB0O.docdoc d138e39aaab88f62019341eaccd98da50724049adc7a40899eaa4f93d1ad36e9n/aHeodo
2020-10-22INV_PO_10222020EX.docdoc d7aaad6773873f2f9419d99407b5160aef1799db14f54629f82d831d54c25806Virustotal results 46.67%Heodo
2020-10-2276950606.docdoc cde66e97754d63a5b326d528c221fbc522946139ba0f6500a6f1dfda5db6ee80n/aHeodo
2020-10-22QA3SO2CR.docdoc 86ef36a4a86d0844c160dfbf6782566fe6c8d99281d919454df54dff6fb5411aVirustotal results 48.39%Heodo
2020-10-22REP_ZII_100120_KZT_102220.docdoc d8f854b186c7ceece725840d2aa715337be8e6e2dc14f9e0c29705e805b2b273n/aHeodo
2020-10-22Q_YC1365554577HX.docdoc ae5168eab14a38621615d44a35ff6af0052fabf8af421ef2c66f783169b808e8n/aHeodo
2020-10-22REP_PO_10222020EX.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 44.23%Heodo
2020-10-22FILE_77475537.docdoc 6916f815ae3094ba0e9c9f0464bbd05f8619ce4da774387e7b7df3e1d82330c5Virustotal results 36.54%Heodo
2020-10-22REP_PO_10222020EX.docdoc d81f1279e2d1572d791d3ff982899b0ed675d4cacba86d94e48fba70001bf0feVirustotal results 44.26%Heodo
2020-10-22REP_ES1265602588XV.docdoc 00b5ed9d27b648625d7d287b5073938811a0a2684b6ad6351ca8b0e0cc5f1a54n/aHeodo
2020-10-22NS_HEB_100120_ZJT_102220.docdoc bfb7f5292586b3c2fd3673c21c2d9471162c4924bc2cf06259c5c83f610989cdVirustotal results 43.10%Heodo
2020-10-22CU_QM6168906104AL.docdoc f3bdfdeda759d384ba2dfe4792bab80ad4aa7354badad324c69e0f4c095cdef2n/aHeodo
2020-10-22V_8754783668860.docdoc a38321c667c6b33ab54aa7a5af2f21aab5771ee420032b140ada803af1dc368dn/aHeodo
2020-10-22PO_10222020EX.docdoc c6aecc75fd2bfbcebf928e7f5f5ca0b04ec74d92bf6744f6c23ff7f2795eb263Virustotal results 45.16%Heodo
2020-10-22TEOD_79816508716477787099.docdoc 907f854fc6521eb1d37065fd3e9fa203e1370cd9d176f1fbbaa961139c9f19a0n/aHeodo
2020-10-22P6E9ZH7R.docdoc 0ed13bfe440f265ced87a03e27334e5bb59ad3d45b345e526577b6d168922975n/aHeodo
2020-10-22DOC_S2L2DJU6NA.docdoc ed5ed9c256dc24f5aeffc1b9b0e7dba316c5c13a1966b7243770318805567ec9Virustotal results 45.28%Heodo
2020-10-22DOC_2586766654456813961388.docdoc bcaad78fdd62ee09e4609f883847cdbf5a41ccf0e537736277771c3f59eb810bn/aHeodo
2020-10-22PO_10222020EX.docdoc 1d2531f558d817649eb30142108364e3d3716712a0e17d4bf033d4b3013fc7c5Virustotal results 50.00%Heodo
2020-10-22DOC_MT5088856963YK.docdoc 663caca913b5cdb6b0d552c6078f6f3617fd27e5239949b1bc7a35c3d399d717Virustotal results 50.91%Heodo
2020-10-22XVHQ_PO_10222020EX.docdoc 2bfcddec3862fcbe053dd6a0d03d5987ccfa1942950e8c9bea56fa41f6fcaa5cVirustotal results 49.18%Heodo
2020-10-22FKVV_28109446.docdoc f4485fe8056305da48ac8453716ea0fa9c6633da1a1f87e01dae3908da1bbbe6n/aHeodo
2020-10-22REP_63638012.docdoc 056f25e8944119ad3d9d651d77cc32cef6621c5cb3498b47161738be7aff416eVirustotal results 50.00%Heodo
2020-10-227950990876852473121.docdoc 775be0a86b7a5d27adf04eb982cbd8f223f06ae88dc5f6a33a26774d707f7bcbVirustotal results 48.21%Heodo
2020-10-22BAL_52885249.docdoc ff7bc571e097d09b02234d6bef98da4468da5c7dfc197e2cb20f1a00eb85f61eVirustotal results 45.90%Heodo
2020-10-22JP5648547968SA.docdoc 00be3474f86c64b8ed871822ccfe02e7bdcbb4b5132682ee36915e8553952648Virustotal results 45.00%Heodo
2020-10-22Q_Y94YTUQE0.docdoc 9fe7e239b00579f78275ddcdb282bf2b112dad4d3a0bbc7f183e800244486bb9n/aHeodo
2020-10-2290173051.docdoc 4876b24f79e4db4a3df03efb480f32506ce94c7c60c1410d47b6722a66765552Virustotal results 45.00%Heodo
2020-10-22DOC_GAC_100120_VKH_102220.docdoc 0b25fca35bd60d2257616a1c1adbf89fefba07969c5a0fc3aa22d3f43ad7c2f4Virustotal results 45.00%Heodo
2020-10-22BAL_78442316.docdoc a087c45b5ed8a1c9d91f0b920d6f2510bd5d82d3813af9653757607709da9d87n/aHeodo