URLhaus Database

You are currently viewing the URLhaus database entry for http://www.bcudigital.xyz/cgi-bin/lm/OFcTGBP9QrG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:755701
URL: http://www.bcudigital.xyz/cgi-bin/lm/OFcTGBP9QrG/
URL Status:Offline
Host: www.bcudigital.xyz
Date added:2020-10-27 10:10:05 UTC
Last online:2020-10-28 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-27 10:10:31 UTC to abuse{at}netdirekt[dot]com[dot]tr)
Takedown time:16 hours, 1 minutes Good (down since 2020-10-28 02:12:18 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-28File_2020_10_28_MV1380.docdoc bb767a987c3bb38d105c55a5e17fe4bec3ce116f87235dce04be1f03c3ba6fccn/aHeodo
2020-10-28DAT P0522.docdoc 7862369f401d84f41b94003a00d8fe6b36e51c435f35a8e996138a0f52fa1893n/aHeodo
2020-10-28Untitled 2020_10_28 D423308.docdoc a1e19706a93e53e657ae474f58a7e0e0d452d2f95a832d25464a5e7509624aa8n/aHeodo
2020-10-28ARC_2020_10_28.docdoc 937caf4bff20604ce065b1e9c219c1af06ad065dd2522bf6256e0b06c40b9844Virustotal results 29.82%Heodo
2020-10-2884655 2020_10_28 236973.docdoc 487e0a9b22ce11dec5c86491870bc84438e44e35382527d1b52f657b5695d3bcn/aHeodo
2020-10-28284-2020_10_28-Z87620.docdoc 9bd0e68a4d1b0b3fa07441324dbc77574a04628efd26d801f15105057255e5fcn/aHeodo
2020-10-27file_2020_10_28_14569.docdoc 9768f4ad74f231794339cb3b22a411e463959ef76116f148db611989ab353f84n/aHeodo
2020-10-27MES 20201028 AO766590.docdoc 7f4e135c6557e09fbf0db84e8fd9ca4bd69547747c806a09e8b4ff6651109c0an/aHeodo
2020-10-270211_122.docdoc a1cb746a234a5724731ed895cea6034aec2e589532190034c5d1520f7b40759dVirustotal results 28.57%Heodo
2020-10-27REP 91233.docdoc 0de43abd8d4f8877ff865f52486cf10fdc2c9c8c627562969e32f6b00ebb36f5n/aHeodo
2020-10-2770108 2020_10_28 6654108.docdoc a7b5befccf3dd1276a60f1cea3f930219e35aa634b378b23b57772f480d9fe2cVirustotal results 29.63%Heodo
2020-10-279643WV-2020_10_28-5440.docdoc bd181c855c937528fa710577c5debb5cb57967627423bb8b2c973139ff15042fn/aHeodo
2020-10-27Doc-4251.docdoc 07fc16d318c59095f8f65b3eccf82c8a9578ef9013cd329b072610c318762a6an/aHeodo
2020-10-27DAT 20201027 3398.docdoc 613835c721dd3c08cdfd8351af6898020af8eeab52448666f8af503efcb80862n/aHeodo
2020-10-2741446GBZ U19622.docdoc 022c542c4f534efca7d03792999a8b9d8f46101a543cea780bef369ea4bbd9fan/aHeodo