URLhaus Database

You are currently viewing the URLhaus database entry for https://dh.debthelpers.ca/cgi-bin/invoice/humjsmkewid/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:733516
URL: https://dh.debthelpers.ca/cgi-bin/invoice/humjsmkewid/
URL Status:Offline
Host: dh.debthelpers.ca
Date added:2020-10-22 07:58:05 UTC
Last online:2020-10-26 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-22 08:00:06 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:4 days, 12 hours, 37 minutes Bad (down since 2020-10-26 20:38:05 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22REP_VYP_100120_SNE_102320.docdoc 838408d31e494e72b257feeec73407a2f778e6ecc47754ae16af0290515dc9fdVirustotal results 42.00%Heodo
2020-10-22REP_63717457.docdoc 43fdca763d6c5a29b37caa60b67219e78151ebfe7fda9129ad8dc96f91c1a990Virustotal results 42.86%Heodo
2020-10-22M_AI9635535204BH.docdoc bac7b15c1cc9eedfd4670ffe4383b4c9562b04a5fb2cece968408833f933a765Virustotal results 44.26%Heodo
2020-10-22IOL_100120_UBQ_102220.docdoc 9f65b2da9711ae073e9056684b032f224a74c70618847b58f9ba3f45149193fcn/aHeodo
2020-10-22REP_OIX_100120_QJV_102220.docdoc 892a53376594e2bdf65731771d6e7faa4d36e2d3b95340ac4984ec74536d3604Virustotal results 41.94%Heodo
2020-10-229J643ZQN8.docdoc 1e3244c762ed0a0174d0fc5a1754358ab515f7beced76112f4234ef4b48767a3n/aHeodo
2020-10-22K_0UG4C59N7QODAAS.docdoc e3cd7451ef720df2cbc18258725e7d4e5b881f0ab970b5d1f9343c1d9754d2acVirustotal results 39.62%Heodo
2020-10-22DXW_PO_10222020EX.docdoc c86a957c2fb4eff5d3732be35d7fbd4e05bfd4260dd043df35d27cd6421452dcVirustotal results 41.94%Heodo
2020-10-22AUTH_2H9OBHPKWOF.docdoc c4d6c72ac1f2925c2af592fd65e1bbdfd5327d959321403faf797ec85d658a6fVirustotal results 38.18%Heodo
2020-10-22REP_RGF_100120_JBN_102220.docdoc f363c98ddbab25e6cd5cf325704c8a4fab2dab557a3a263c4416f0b580127b89n/aHeodo
2020-10-22833708185971141739557.docdoc a0c3617197a6bcd01ceb39b73663300421eb77c56391c866abab0deba5c94078Virustotal results 38.89%Heodo
2020-10-22REP_MFACMKVXP.docdoc b7fca993ba0280a6ae9d376c6e08462489275971b8d09a4faa7194332be65937Virustotal results 40.00%Heodo
2020-10-22DOC_MYD_100120_BDI_102220.docdoc 1b36e24bc21e77ea0265e4ace63c3a01d81857c004778ef463016dcf700eef5bVirustotal results 39.29%Heodo
2020-10-22WS2556843833CU.docdoc 7bf5865edd1cf7fbc77de4691736ab60bb0d5163db0f3153bb804de1d88953feVirustotal results 38.60%Heodo
2020-10-22DOC_61131982328805138.docdoc 4008f8c88281fb6c543244f1701fb930aa6d1411a3209fcaa2997ee26f977d80Virustotal results 47.54%Heodo
2020-10-22PO_10222020EX.docdoc b4461b5c2c529cceec7d5f7ca41dae1c6f767b6fb54c560269f4ddd7d64878eeVirustotal results 43.33%Heodo
2020-10-22FILE_6586990753559593221618.docdoc d7aaad6773873f2f9419d99407b5160aef1799db14f54629f82d831d54c25806Virustotal results 46.67%Heodo
2020-10-22REP_EV6279518220AE.docdoc 864d0a9fffea983ef2c1137ddb09a42b8bb880017d0359af9c5758b250bcca9fn/aHeodo
2020-10-22PSD_100120_MUG_102220.docdoc 6b40e4dbe404cb318f67b97e169ba8742307b6366d824567b5b76f81e355c04eVirustotal results 43.10%Heodo
2020-10-22REP_OS7420505964YG.docdoc 2c353218e1a20d8e435f57ae45682506c746562bae6f4761e2398d7caf09791bn/aHeodo
2020-10-22PO_10222020EX.docdoc a1ca884c013a5f9d40fc0053aacfe172aaab646ac7a5f2c83ef7d3be8b0086a9n/aHeodo
2020-10-22F_PO_10222020EX.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 45.00%Heodo
2020-10-22FILE_20497998.docdoc e2d2ebafc33d7c7819f414031215c3669bccdfb255af3cbe0177b2c601b0e0cdVirustotal results 46.77%Heodo
2020-10-22JW2114547420KI.docdoc a23a71fe2b845869e2dae7d48a5e35155dff172244d5ba0556d61d69255292b0n/aHeodo
2020-10-22DOC_FQK_100120_OIH_102220.docdoc 304e83cb00932f8fb77a9a9d8af78c12589b28dbf798b701a03d5606bff50210Virustotal results 43.55%Heodo
2020-10-22INV_D4T7XU7VPTW0W1.docdoc 17fd95244a412f93eb10c00778ef49fe927af9a1575cef0e9fdc05e81578a6f9n/aHeodo
2020-10-22JEE_100120_YYS_102220.docdoc 0699c1bda793c7aaa9fc01940fe91bbe470ff01abfcbb32ab93d7a6a329e0d13n/aHeodo
2020-10-22BAL_36723543.docdoc 039488b9c71e2e766329be6f4168cfd722d20fff1317c35c048babc57fa500abVirustotal results 43.33%Heodo
2020-10-22R_QPB_100120_NEN_102220.docdoc b55af8491b36883ce6fd045e8bf6eda70fc53c4ec9fcef3b56dca6ec970f5c09Virustotal results 42.62%Heodo
2020-10-22AED46YO9UC3VN.docdoc 2ffe544b9a9857e4b910eff4ebf6183e41f7bc8996a68c68f49c4c576745d561n/aHeodo
2020-10-22BAL_QA00V72T.docdoc 06b7e31dc559bea806d24d61738a77de70118de926adc81fcbcdac1468c2bc1bn/aHeodo
2020-10-22PO_10222020EX.docdoc fe51fd4c0a680a852cd8d8b37f3edd5ab6f86cfa69f7ad9df4dc7cd82301a29an/aHeodo