URLhaus Database

You are currently viewing the URLhaus database entry for http://bbwbbs.cc/wp-admin/y2yvbasue1mbtge95a8r7l807/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:733532
URL: http://bbwbbs.cc/wp-admin/y2yvbasue1mbtge95a8r7l807/
URL Status:Offline
Host: bbwbbs.cc
Date added:2020-10-22 08:04:08 UTC
Last online:2020-10-28 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-22 08:06:28 UTC to abuse{at}colocrossing[dot]com)
Takedown time:6 days, 7 hours, 23 minutes Bad (down since 2020-10-28 15:30:26 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-22PO_10232020EX.docdoc 838408d31e494e72b257feeec73407a2f778e6ecc47754ae16af0290515dc9fdVirustotal results 42.00%Heodo
2020-10-2280974361.docdoc 43fdca763d6c5a29b37caa60b67219e78151ebfe7fda9129ad8dc96f91c1a990Virustotal results 43.33%Heodo
2020-10-22DOC_23427605201514872392.docdoc 03d580e7110bd85d7a360ceb31538a967f59877402892ca04ae4859e4ea20e00n/aHeodo
2020-10-22BB9189767426ER.docdoc 9f65b2da9711ae073e9056684b032f224a74c70618847b58f9ba3f45149193fcn/aHeodo
2020-10-22BAL_PO_10222020EX.docdoc d856d9672b0763c2939f8c0c9ddc6b7899e3945619e73fe01c74eeef6c739eeen/a Heodo
2020-10-22PO_10222020EX.docdoc 9efd979157de0caaf41c017ec54c0164a339103e2a19255e4e8666024d477fc7n/aHeodo
2020-10-22FILE_PO_10222020EX.docdoc 925ed11830fec50e20b4c723d541a1fdb62509d4bae13118c400ed2bc76fca4fn/aHeodo
2020-10-22JHD_100120_SVK_102220.docdoc 233293195713371d91629d3a13e13e0e665cd7f9907efda66c9aae76fc63a90cn/aHeodo
2020-10-22FILE_PO_10222020EX.docdoc 55e79ed4dc97111eb94b6830fdada156fc8d7ca76f3dc5a15d737fbd0dba8757Virustotal results 36.54% Heodo
2020-10-22BAL_38385948.docdoc f363c98ddbab25e6cd5cf325704c8a4fab2dab557a3a263c4416f0b580127b89n/aHeodo
2020-10-22BAL_5740387024909722767.docdoc 44be59f199c5d2d4d0dcfef847d9e611abcaab3d8223b63fcbfe9a5d3c6745d5n/aHeodo
2020-10-22K_30429106743108581.docdoc b7fca993ba0280a6ae9d376c6e08462489275971b8d09a4faa7194332be65937n/aHeodo
2020-10-22BAL_UJQ_100120_POI_102220.docdoc e316ccee89720d2ba6cba7d73dc385326ae94c733c732c5335dec44d2b4a8e3bn/aHeodo
2020-10-22REP_LJZP1WP1RM653F6.docdoc 7bf5865edd1cf7fbc77de4691736ab60bb0d5163db0f3153bb804de1d88953feVirustotal results 38.60%Heodo
2020-10-22UG2932157976TS.docdoc 51fc6f80bb24d135bba70ff8841d75b55f19f4d1d28fc06bc37592e9cbb9e795n/aHeodo
2020-10-22FHX_PO_10222020EX.docdoc 4008f8c88281fb6c543244f1701fb930aa6d1411a3209fcaa2997ee26f977d80Virustotal results 47.54%Heodo
2020-10-22REP_PO_10222020EX.docdoc 98a7403f2284947cdcc0c179ba703329edb0e717b26a20be473a2c606a8abab6n/aHeodo
2020-10-2202G2EC2M.docdoc 864d0a9fffea983ef2c1137ddb09a42b8bb880017d0359af9c5758b250bcca9fn/aHeodo
2020-10-22REP_QMOBY0SPCICMG.docdoc cde66e97754d63a5b326d528c221fbc522946139ba0f6500a6f1dfda5db6ee80n/aHeodo
2020-10-22DOC_8501478291.docdoc 220e3645890122715ff1e995b86a7d014cfce7e53b2576e862d9c686c7fcf553Virustotal results 46.77%Heodo
2020-10-22DOC_Z3TUDZH.docdoc 81212e2cfa49f33852afa0465e2c4c9fd4a245340e8847009dd5d40bbb0f6751Virustotal results 46.15%Heodo
2020-10-22249172065741085980440793.docdoc 7eaf0df9dd2a33ee958384a9472366f58f1c0a204360efea6a7f8b0d298560d0Virustotal results 44.23%Heodo
2020-10-22O0LEPCYKL77U3.docdoc 20b2c39a7931947aa8713534876868f8dd24851c50b934069b2b151661bb2f72n/aHeodo
2020-10-22FILE_016363089001918680288542.docdoc fbb11ed6ce463e4a5598842961d2199f7264331418e806b4d15fa38b06600e7aVirustotal results 45.16%Heodo
2020-10-22PO_10222020EX.docdoc 7cd6a76199b264747b5a649c770e2ba84a31960ae8ebf52b5bfceeac50a97676n/aHeodo
2020-10-22YK_56629787.docdoc b77d0f1db9365317aa34125ce7ef0a68615d90082791c7d921d7e5173bed6d8cn/aHeodo
2020-10-22DOC_JP8342700731BS.docdoc d520cf4d437930ce53b2d068fd3f26ca35aba0d23eed99366a2d5d8d59a4e868n/aHeodo
2020-10-22YQQL_DY6740799629XE.docdoc 039488b9c71e2e766329be6f4168cfd722d20fff1317c35c048babc57fa500abVirustotal results 43.33%Heodo
2020-10-22T_407867899.docdoc c0936a09ea5471f2231fa2a66fff1dbb1c8f42f2a37d63e01ea45b4d40682d4eVirustotal results 45.16%Heodo
2020-10-2278040139.docdoc cde7e6bf17321c078405537ce1fd9b5eafae22b397b12642e853cb12b3ad0f69n/aHeodo
2020-10-22DOC_29DUCXO4LE0PEFTN.docdoc 06b86e35e985fee3edf6863adbb7aa0ca5dfb2fa3965fa7430152a0fc787232bn/aHeodo
2020-10-22FILE_PO_10222020EX.docdoc 0cb7923188e9a634088245ec66429aa8e07b0e7b004afe073f3df84f232513f8n/a Heodo