URLhaus Database

You are currently viewing the URLhaus database entry for https://oookami.com/wp-admin/YkrcFbzZO5W5ussFn0GkNAR8WdrlPXq7goj/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:751204
URL: https://oookami.com/wp-admin/YkrcFbzZO5W5ussFn0GkNAR8WdrlPXq7goj/
URL Status:Offline
Host: oookami.com
Date added:2020-10-26 10:51:07 UTC
Last online:2020-10-28 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-26 10:52:16 UTC to abuse{at}gmo[dot]jp)
Takedown time:1 day, 15 hours, 13 minutes Poor (down since 2020-10-28 02:05:40 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-27dat_586184184460151728648.docdoc 03fa3f0006277ab4660e041c87d11e9ff66fd8e504b0b94aae7f579ac9d6a998Virustotal results 19.05%Heodo
2020-10-27FILE_WJH_100120_WMV_102820.docdoc ef29a8422b09e506af3affcef90be9236f769d51ce6a686df8fb8dfc6fcd1284n/aHeodo
2020-10-27FILE_PO_10272020EX.docdoc 7a543f0215796af850eed509dd0ee5fe9afd2a01385880fe2876945c189f6eedVirustotal results 45.90%Heodo
2020-10-27File_HLV_100120_GPC_102720.docdoc 82e13c6c6c28efe1784b06b488b4ef8303c4c9ada6e9f8815a30bea58b19629eVirustotal results 44.44%Heodo
2020-10-27List_66037199.docdoc 22ac8237bc5e3f90f62a2b7fc69ed3ecc6bf52f767e8b8a52ebdee9e4e09d8a6n/aHeodo
2020-10-27dat_JD3CJUUOJ6K80D.docdoc a0ef9fcda78c9700644ecd5b7f1088a2d3d69402f143c6d597d163ec8ec8f956Virustotal results 43.55%Heodo
2020-10-27arc_PO_10272020EX.docdoc fc85d817147ea8b457799df22080f51ec80b5c05cfe99b55e04e8be095830702Virustotal results 33.33%Heodo
2020-10-27INV_BFA_100120_MSH_102720.docdoc 2b6fbd4bae925ee51ad709cbfcf1ad28ad7a9dad8b3aa92f8b327a0f4ea392eaVirustotal results 41.51%Heodo
2020-10-26DOC_PO_10272020EX.docdoc 95915a361b85e01938f5a7747c45514c7d919a5af28980e1bb258303c6e7a167Virustotal results 38.89%Heodo
2020-10-26REP_05397810.docdoc 7569ec933b0114593361c66c86f8317cdb131aece55945e0634987155a0d0ddeVirustotal results 37.10%Heodo
2020-10-2693788951.docdoc 476aeecbc49130c33765b15353b77ed60faab69d40df31df979f2b5f86a63509Virustotal results 37.04% Heodo
2020-10-26X_AYD_100120_VKS_102720.docdoc 1876ecab19ee6802dac2e8774dfd625dcb2d4e00fb61f446caeabd26db1405a4Virustotal results 37.04%Heodo
2020-10-26BAL_11701796518093800.docdoc ced763c7a4e419e5fe3cc06d5ef0e01adfdbc0837028a48fef7f0d26db8566d4Virustotal results 37.04% Heodo
2020-10-26FILE_SGX_100120_TWJ_102720.docdoc 58dd20d9c3e38a8115434572a1975f207290cb2340b203ffaa6d3b08fa95da9fVirustotal results 38.71%Heodo
2020-10-26INV_KXH_100120_MVX_102720.docdoc 73d86e2272fd2354897cf0ffea6273f56a56597f4a57587b435ac22f672208d0n/aHeodo
2020-10-26FILE_AAN_100120_TBR_102720.docdoc 5427634467eebd0455fc0de71aff6b4e3e2e35e5e8e1633d567fd18654a1c532Virustotal results 40.32%Heodo
2020-10-26691833883199079409.docdoc 51a7edeb598bd31f828123c81de11a15ad1029a6f994159b95f891dab28133c2Virustotal results 40.74%Heodo
2020-10-26X_RLD_100120_MDU_102620.docdoc fd1ed1165259d49544da247f9fa6025087914113360a444c9a13aaaeab57a5b8Virustotal results 38.89%Heodo
2020-10-26L_PO_10262020EX.docdoc f83783eda067f6e1b71d589e230f6aa844b2410c42ce2f20a60f9b32960852a6n/aHeodo
2020-10-2647703345.docdoc e8caccd0e30b68aa3a338537f9164503821ec1089daf287db3acf97ec74e59f3Virustotal results 38.10%Heodo
2020-10-26REP_XM0468883333AE.docdoc ebfca25ac5a8d600e73ba0523100c430e2b6072247e42a91c12ba2e1d718c4f4n/aHeodo
2020-10-26REP_Q242FKWY4PH8YSN.docdoc 946439b363272872ced4c20d04dac453397ef429b301ef0a947f9d4ca1f95d48n/aHeodo
2020-10-2678834676.docdoc 116159cae06790df3ca134b52e8a6ea44db0737400131f10067ed11842bedf92n/aHeodo
2020-10-26REP_PO_10262020EX.docdoc 99f4e6496067c7a7b9d8cd390470315cc63c4f3adb23c3d885b886f9d86786edVirustotal results 38.10% Heodo
2020-10-26L_20023356206.docdoc 071e87ed49b3bac25514270814dd2f066a3a9255226b419bf6a25da73a8a07ebn/aHeodo
2020-10-26H_90128157612598182754464.docdoc f44e45442000d4425a393e33de0c7bd7a0dbac74142ba7a368222cfaca385e93n/aHeodo
2020-10-26PO_10262020EX.docdoc 7ace7cf2b25e2b1d0a456fcb2384df43b03c3a9e980f308cac5bc99912a01007n/aHeodo
2020-10-260742471158389116584.docdoc afae246f3da5ce4240ec1b56423c9e4e48f18d87ef7de357639b3273752b0e6bVirustotal results 38.46% Heodo
2020-10-26FILE_23262020.docdoc 1c16f7cbae29128e70134e63e9fc8f734e2ea8c46b8bad6c11a8670961296e8an/aHeodo
2020-10-26INV_FKZ_100120_BJI_102620.docdoc 1029c96c3de200a3bc10dc3f6e4daae1f71f9160ed1bc80c15abeaeb8c68ed07n/a Heodo
2020-10-26306360099959348488517552.docdoc 1ec36088bf50b08c6157dc08b40792eb4e1981b2c044ea5a78670ae248cdca47n/a Heodo
2020-10-26REP_35C7H2UPUW3.docdoc b7fbea59163c0516df6ea88a2b31e39f6cd022c06831b16b067576a0f57a8e85n/aHeodo
2020-10-26ANF_100120_WCN_102620.docdoc 0f843d1073b6f1f43e4fff6136ff834dbcbe5716f80e1b5620e535c4f63957cbn/aHeodo
2020-10-26DOC_YAJDHNK1P.docdoc 57faa21e1f24e9deb343b0fcc0d01342b0809c18680603f05fca9493d44eee0bn/aHeodo
2020-10-26FILE_KP3659101761QW.docdoc f0f3ef3389c42ab78b7f061e33c3db8084ef981551cbdcf999af07cda6d34f44Virustotal results 35.19%Heodo
2020-10-260169954539047594716474.docdoc 9bc3d3ccefdf1b538f72dbe82ea616f033fca5e353066e4b3194dc5652ceb5beVirustotal results 33.33%Heodo
2020-10-26PO_10262020EX.docdoc 8d1691f2c09cc9372b30697a8e5c5ea2d7377673195c7eefc1fdb44e727332a3Virustotal results 35.19%Heodo
2020-10-2632303160.docdoc 2b43f695f425098392ecc7d2bbc4451654f1321b5d08d5404ef28561bfa12c09n/aHeodo
2020-10-26W_XT6445957412AF.docdoc f47adf033856461229a0f26286cc325ed544fdf288d332dd229d57810f4d9514n/aHeodo
2020-10-26DOC_LW6613198275WH.docdoc f745a739570e094bb3880a800946f6a23441170fc54bb0216c1a8c9944eeb172Virustotal results 36.51%Heodo
2020-10-26BAL_YQ7807765221RY.docdoc c8959b9a6f38cffd770385974d04143a3d7fcf70e54ebcce7613405d7a6bd3b8n/aHeodo
2020-10-26SL5911051520SM.docdoc 91f26cf3e1de97259c86bcf5c198aa14ad6cf73f1e90d30f038813594a5892c3Virustotal results 32.76%Heodo
2020-10-26LUB_US4134047537TR.docdoc 3c4b28997ea3923c75bd6ad828712092665df3819693cbab171f0ec34d4a16d3n/aHeodo
2020-10-26DOC_PO_10262020EX.docdoc 512aff32b4814713464d68c9cb3b7c9065f33b68d47a36508ab14e3bfa1646e4n/aHeodo
2020-10-26JF_QIX_100120_DWL_102620.docdoc f901c4dfd1909349aa6ac91d54334c272c3aaacaaefc57050747bd0ae557a68fn/aHeodo
2020-10-26DOC_XGQ_100120_DJE_102620.docdoc 68a0eabc5a38fd1d7aeee42397714b7c14789fb69158c4f8625ae2cbbf5a1a46n/aHeodo
2020-10-26INV_37193795548203427476.docdoc 5596846af937731aeab27b8ecc36111f8790701d76064a05f3ea8a2ef6d60f59n/aHeodo
2020-10-26REP_88785829518.docdoc 9e199bed5e4395a2ceded7308a14088c1875309fe68c26e1b528ac977ca79d9dn/aHeodo