URLhaus Database

You are currently viewing the URLhaus database entry for http://legalempowermentindia.com/cgi-bin/Pages/DryXyH9zT28zB/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:756262
URL: http://legalempowermentindia.com/cgi-bin/Pages/DryXyH9zT28zB/
URL Status:Offline
Host: legalempowermentindia.com
Date added:2020-10-27 12:41:05 UTC
Last online:2020-10-29 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-27 12:42:03 UTC to networkadmin{at}znetlive[dot]com)
Takedown time:2 days, 0 hours, 53 minutes Poor (down since 2020-10-29 13:35:42 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-27MES_20201028_5839.docdoc b8cc607a10a0426b69434b618daf89c6a18d97d84bc9332bd92db0cb39c03366Virustotal results 20.63%Heodo
2020-10-27Arc-2020_10_28-LUX8692.docdoc 5c883b5095d6cfcf09860df73cd8d8df18b1387fe489b9041602167fefac2c71n/aHeodo
2020-10-27file-20201028.docdoc 07fc16d318c59095f8f65b3eccf82c8a9578ef9013cd329b072610c318762a6an/aHeodo
2020-10-27DAT-20201028-LH0197.docdoc edfb92a6ff56c06a13ed4641d6edf00737a3ccf20536e82f460b4b885b4e8621n/aHeodo
2020-10-27DAT 20201028 U7492.docdoc bb9eea8a1f46b7f1705bf48d3570b9bc5082375303cbd793c2e9d2e8e27efa02n/aHeodo
2020-10-27Attachment 2020_10_28 779.docdoc 4a85964172bb7b3971c47929b9bdb5e54b312ddcf539fa7036e5cf18db89e07en/aHeodo
2020-10-27Rep_2020_10_27_S237933.docdoc a31ef31cf5c955fc7cd24d4212ee54045a6c21fd7e95612a8630dd5e629144b4n/aHeodo
2020-10-27Inf_F48890.docdoc 184d6bd17c2c32f50ae4f311c26b22cb61fc712a10c74c8e57a3063afcc8a7c5n/a Heodo
2020-10-27FILE-87848.docdoc a7e1f9d64652a74cbca86328a7acfd3bb739d8528077ac42522f8e5e024273b3n/a Heodo
2020-10-27List NA199.docdoc 62bcc19331151319c7f92f51fc561380900d5c6f4b128b0df63db3ac0c442afcn/aHeodo
2020-10-27054_485.docdoc 7361bce55fc9bf2abccce87123c812bf499278023d0b206d6ea656a87bf3d592Virustotal results 22.64%Heodo
2020-10-2787157331-20201027-5959898.docdoc 3828bfd5ab72ffa3e34833003ec5565eb8b92cc72b5212e997c13a693de018a8n/aHeodo
2020-10-27UNTITLED_2020_10_27_486.docdoc 4404fac35c28f7aff909e081a460c93972a6b1a174906fd4e9cd7fe20cbf5dfan/aHeodo
2020-10-27Doc 2020_10_27 M01601.docdoc 014c6092529a2c8fcb1cec8bbd38eaa844a0dde7451752cefc4844dcfee2f647n/aHeodo
2020-10-27ARC-20201027.docdoc f8f047504577050366a1b44e5ba124fe511fa03a25a2232e94b2c86c82abe7c9Virustotal results 33.90%Heodo
2020-10-27inf.docdoc 789c0d57de38535643ee38b0e4fd94e4ff94baae07225e2d2f1e1ca9fc967ecbVirustotal results 33.33%Heodo
2020-10-27LIST-2020_10_27-9983119.docdoc ad416b925e4aa45c9144ffb09541298b08067f86561509827fa141ecae649914n/aHeodo
2020-10-27Attachments 2020_10_27 U81467.docdoc 06d0d9aa64d7b5c8ddda1388dbe3ffb081bf875ea2f961142dfe1dd3027e6e59n/aHeodo
2020-10-27CJ8338_2020_10_27_PVP51691.docdoc c7e578b275cae29568c0c3a7f31f1d7a6c9b1ef5b9e089876954d5df9dc492d5n/aHeodo
2020-10-27Inf 20201027 KV861.docdoc 727a9c73d895f9e77375c875ef9ab904429395b8ba035fcc74638351f334cc29n/aHeodo
2020-10-27LIST YO486570.docdoc fffd78804d6d3fd24990a245c1fe2d893cbc8eabe3de23f58e6eabc569c26e6en/aHeodo
2020-10-27doc 2020_10_27 Q85931.docdoc d42ce060b40d98bfa8a3be4e0ae8f858cdda9054b2f8179b959b42e5da48aec3n/aHeodo
2020-10-27Rep-20201027-9673695.docdoc 76db981e79b1d69eb157f002b5c41736b4ccf58dec91a684e658f2e26dfe3677n/aHeodo
2020-10-27File-20201027-2154.docdoc d49b0e90fc3a7c0ab23a13938ec39f57656395a2311421dbf72093ef4f790c04n/aHeodo
2020-10-27mes_20201027_555478.docdoc 088b5efd0efd402b92f9dfbe680ffac76a9ace98ae4ae89db3a4e249d424b5a5n/aHeodo
2020-10-27doc 20201027 G42337.docdoc bfed81c8498333359a72fd9e2f2b1caf7b4e83c2088131ff84b67dca661e11b0n/aHeodo
2020-10-27UNTITLED 20201027 899850.docdoc 6a2fb15bdc031beae4a92166ae8d46761760de5f36cd93aa9c2164059bab8a5cn/aHeodo
2020-10-27ARC 20201027 YJ93710.docdoc 13b9184ef8f2037da6a5cdeb427e5b18a101b5a35782eed96dbcd56a774f9446n/aHeodo
2020-10-27rep 20201027 10151.docdoc d2ac9f3c4611c3c30c8a2bad8bee52f08ecf51e25b4a79774c50188c9b3f1defn/aHeodo
2020-10-27Attachments 2020_10_27 M831320.docdoc 94380b99cbafa5cb42c33d2d7709f677c27e94afc04a4503124f59f43be1ccfan/aHeodo
2020-10-27Untitled 2194.docdoc 35efa253e3dac2aa85604541651aa8ba6424fab68fb76962bf33eb787584ad58Virustotal results 33.33%Heodo
2020-10-271422HHP XU828.docdoc 82e423cadee5d375fd0c92cf0254f1e0998142f883353fbf9e7bef065904c4aeVirustotal results 35.00%Heodo