URLhaus Database

You are currently viewing the URLhaus database entry for https://turboservis.mk/wp-admin/XhYdqpukwMxZIgKkaP6vGVet81Pff6vKozTBEtVcj9VZVhN/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:761018
URL: https://turboservis.mk/wp-admin/XhYdqpukwMxZIgKkaP6vGVet81Pff6vKozTBEtVcj9VZVhN/
URL Status:Offline
Host: turboservis.mk
Date added:2020-10-28 13:31:05 UTC
Last online:2020-10-29 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 13:32:06 UTC to abuse{at}24shells[dot]net)
Takedown time:18 hours, 56 minutes Good (down since 2020-10-29 08:28:22 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29arc_SON_100120_XTP_102920.docdoc 5d0b92f454b00f1679bc6b090749bf784d1fa854eac55bf453eec083b6aa2076n/aHeodo
2020-10-29Attachment_PO_10292020EX.docdoc bb6a910117fc42075d0f29a1d7f63f94814e7f787223e3af617ca5018180a77en/aHeodo
2020-10-29dat_PO_10292020EX.docdoc 79518084f871542ac83178e1a8d96966d1ac6936c666a19b221c83e25d7c9f89Virustotal results 38.10%Heodo
2020-10-29File_47460563.docdoc 4c8eeccd2a16f80874acd0057d5ec622d3701e32a3198bdb763f39e39ea28982Virustotal results 38.10%Heodo
2020-10-29rep_PO_10292020EX.docdoc c848e58e6eda265a519b7b901623769948e5bba84d9d240638af3bb235587028n/aHeodo
2020-10-29DOC_21608885.docdoc 2ce6ab8ee89411f1463ed6831f078e930f121aaa93880728734efa7d25503623n/aHeodo
2020-10-29UAO_J6BTBAVQYPGH.docdoc f54166916a8e40e0d024df928029c9f35e013fb4b7a39eeb0554e8dc2820dc9cn/aHeodo
2020-10-29QN7671921415AE.docdoc 9f2ed62dea3b679b6dfecbb79905a34ef056e81af2e92c4249fe4521711b047fn/aHeodo
2020-10-29DOC_8357267385094569564411789.docdoc ddff5ab1d127fa30a0f2353857d3ac72c8b28191737e15516420dc25abaa6784n/aHeodo
2020-10-29mes_G8PFUBOPXDSS67.docdoc 17d6d17702d158eda616b2096600e47fe0808914ae353ec5009763a5de5fffe7Virustotal results 36.51%Heodo
2020-10-28Doc_PO_10292020EX.docdoc 2a7fa7333c9651955476107db7c4fabaa333b34c5c6938bfad143ae443d94dd7Virustotal results 25.81%Heodo
2020-10-28Y_45866922.docdoc b693171616c84c6e6bf6f7a486ac2efef18cab45a608593d95def463549f2f74n/aHeodo
2020-10-28ARC_QZ8543202137DO.docdoc b453a71649f01fe941d53cdae60f24c08a2ef3294472d662be990ed0b961d3ccn/aHeodo
2020-10-2815736641295812571134.docdoc e3e7a1b889083b79940a1a6a5301bb6f79a18b0805272d7e08a3582511090eedn/aHeodo
2020-10-28Attachments_FUL_100120_CPD_102820.docdoc c79ff6d2cb77b1d4e7bc6bea1ea1b05d78d536e72254e93dbaeb1122ff214d8en/aHeodo
2020-10-28INF_NTJKVHITHZK7.docdoc f815ff2593f2884fd76295ed3a93276677b2356b345da04efef56f244a8ea35bn/aHeodo
2020-10-2813869440.docdoc d6303488215bed0c5947cbdf5bf3009ebd3e3e2e42817eb737f08741b0f3d57fVirustotal results 19.05%Heodo
2020-10-28INF_FHY_100120_QYH_102820.docdoc aa5cac23b5ef62c9a3966c4722f8713c7a383ff5bda64d7a684c56e197bbe5dbVirustotal results 17.46%Heodo
2020-10-28MES_220276552198028168.docdoc ad112b9ed4b1078a7142b24121c402ec49a036e33bf0e514f8bdc5b720c216den/aHeodo
2020-10-28E_PO_10282020EX.docdoc 3fe50d0556d64f8a7214fa4e311bb0075f31b6bb0ea009d852c70bbe51a1782aVirustotal results 17.46%Heodo
2020-10-28Arc_STR_100120_NOB_102820.docdoc ac9272ebdc022c3e93ef6dff217e30a0434094ccb3b6c5ab79cc97a94cf1825dn/aHeodo
2020-10-28D_YS2669885951CZ.docdoc 78e751cac2d36740d34f5137f239e1966d34a62e63cb14bf6d6fb1ad7fe5deecVirustotal results 15.87%Heodo
2020-10-28List_QFV_100120_IYF_102820.docdoc e4d94aba5a47bbeecaa7eca44fdfd7d46fc85a1d2c46c55c704d159f3f378670n/aHeodo
2020-10-28Attachments_82575321.docdoc a1d186d5fb1e72178aeec7001aa59b78764e0c5405470905e737baf9cec89c26Virustotal results 17.74%Heodo
2020-10-28MES_38449815.docdoc b2df21abd3019bad332f1f34211b5a7f809af8d92737bb020afff3e6f0147a37n/aHeodo
2020-10-28mes_PO_10282020EX.docdoc aa825d666a2394dad05c014830cd132ecdbabfe1dcfd7e7eba18ed43bda6de33Virustotal results 17.46%Heodo
2020-10-28rep_PO_10282020EX.docdoc 463241e6a0960fd095261611fd7c0192520ec5ef493dac9c695b7c0ab74f43fbn/a Heodo
2020-10-28LRU_40485932.docdoc 7d1c30660aa059eeca56d1c898483074e1bcaf59f922458e37e7155380a5d9b3n/aHeodo
2020-10-28Untitled_FLEVWWM3IJ36B.docdoc a4faa1f62f9a2d486a3e4e010117727c063ead8fc4aa228bea32553f85b95353n/aHeodo
2020-10-28Attachment_19896618.docdoc 95dbd21a4a3f7bfb45ed46713d99b7881129368a675677e970e647b22cde6d05n/aHeodo
2020-10-28UNTITLED_FG4066654163WK.docdoc b7312fdc4c91f8c69fffb94e5fa56602b4e6c79687993797647c26dd9a81e3bbn/aHeodo
2020-10-28Dat_478463531195007.docdoc 558c61e9709e06aa045d7ba7933b35b9fb9c125734e3c4e8955a573a31cba52en/aHeodo
2020-10-28LIST_23441761.docdoc acec2b7cea57b2f5faa43b49be25b8f40c05ac23ef99e308463d9c8a13d1221bn/aHeodo
2020-10-28DAT_ZI1157927383XC.docdoc f6534e33c00179aff63a48e6ebadc4d2bc15c3203361b67264ce1894ff12517dn/aHeodo
2020-10-28DAT_TPN_100120_OWM_102820.docdoc 19c244f40868914450fb2bccb57e67ab4fb5679b222017b8c0dfd53dc1980334Virustotal results 17.46%Heodo