URLhaus Database

You are currently viewing the URLhaus database entry for https://landcheck.co.il/wp-includes/HKWLLFpvnHA/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:761177
URL: https://landcheck.co.il/wp-includes/HKWLLFpvnHA/
URL Status:Offline
Host: landcheck.co.il
Date added:2020-10-28 14:19:03 UTC
Last online:2020-10-29 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 14:20:17 UTC to abuse{at}hostinger[dot]com)
Takedown time:13 hours, 51 minutes Good (down since 2020-10-29 04:11:17 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-28Arc_7G47M988I.docdoc 2a7fa7333c9651955476107db7c4fabaa333b34c5c6938bfad143ae443d94dd7Virustotal results 25.81%Heodo
2020-10-2843107505683442841690608.docdoc ff451db73672e713a3b5a30084d42b5d09a39ca3651cbb1b3c15ce4b18234592n/aHeodo
2020-10-28DOC_69847493.docdoc a3fc674142c99cf43ec65daf8d31036f96aac0f9ef66988b6b3d80ac73f60bfbn/aHeodo
2020-10-28file_9CABJEV3X48V42NV.docdoc fc6ba0089f3355775a62f986bcdebe3bf7d58d1934d524e952f9279bb82cce68n/aHeodo
2020-10-28file_77514886.docdoc 88ecbebf3f50eca1713851898cb315638b520a2c46f5d21f370de5ac8a4de484n/aHeodo
2020-10-28Mes_1Y88E5I9VCA2V7T.docdoc aa5e7414db596bbbac651408e85b19557a2415a2e42a4a2689cf37c1f3dc1c10n/aHeodo
2020-10-28DOC_QDNTA1171Z.docdoc b3668093571980e6141e4c77f24f479a07c6fb18caae250a7de4c697deb2fc03n/aHeodo
2020-10-28Untitled_8639242806561.docdoc aa5cac23b5ef62c9a3966c4722f8713c7a383ff5bda64d7a684c56e197bbe5dbVirustotal results 17.74%Heodo
2020-10-28mes_PO_10282020EX.docdoc 548e2dd3c73fb009710071b48a2afd21140eb1328ad31397857707060efc61a3n/aHeodo
2020-10-28DOC_UU4983724387AF.docdoc d91ac6b289bd863b217db0a852a8283c9964ffe543f3cfccd63951b76e7761cdn/aHeodo
2020-10-28MES_PO_10282020EX.docdoc 11dd803e4e682105076fd2c1d86f54e36702074879acdd270b796dc604de12c3Virustotal results 18.33%Heodo
2020-10-28AIBQOKM.docdoc 783f27e26d14d3995898c2e135fa9944d4015481789286efd92026c7ef2ffdbfn/aHeodo
2020-10-28FILE_RNU_100120_HXE_102820.docdoc 028f51dbdfd44aa2c12928be40c8b34c1178a7b36c3aa2556596393a09409083n/aHeodo
2020-10-28Doc_46381951.docdoc c3ab88e066a71a81d82954f02589e7b1e912add8716a76fbe482904abb954376n/aHeodo
2020-10-28mes_PO_10282020EX.docdoc aa825d666a2394dad05c014830cd132ecdbabfe1dcfd7e7eba18ed43bda6de33Virustotal results 17.46%Heodo
2020-10-28DAT_PO_10282020EX.docdoc fda83ece49e1914433f256654dde13a87be6f4a6b03bde2e2060c2ee1cdb815dVirustotal results 25.40%Heodo
2020-10-28INF_49453558.docdoc 302684a1df1b3b6bcf6995798581972d23b71888983b326ff3eed9bbcaf1c56bVirustotal results 23.81%Heodo
2020-10-28list_PO_10282020EX.docdoc 34c1ff8688eda9342b1eadd3841f1851b7de276940705bedce26a2a2ef59e0c4Virustotal results 24.59%Heodo
2020-10-28Arc_490847293209163.docdoc 193422b30b299a52450704ddbc93cc49c2bf39fb28b197b01d27bb4ed99c09e7n/aHeodo
2020-10-28DOC_BIR76EYHPWTSX.docdoc 5c1a82068482e028454463db245bd38ae56212f951d1949f9d4dff5bf660f026n/aHeodo
2020-10-28rep_IWF_100120_MYU_102820.docdoc 5e8a2713a00179ec13f6ff8d8b32c086bd76ab94e23667adc252789b5c1117b2n/aHeodo