URLhaus Database

You are currently viewing the URLhaus database entry for http://iconga.co.za/wp-admin/ahgMTyiMuFwBuOA9ILOOSk7pvbuls4vBwSeg0azh8kCIS/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:761783
URL: http://iconga.co.za/wp-admin/ahgMTyiMuFwBuOA9ILOOSk7pvbuls4vBwSeg0azh8kCIS/
URL Status:Offline
Host: iconga.co.za
Date added:2020-10-28 17:33:05 UTC
Last online:2021-01-20 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 17:34:10 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:2 months, 23 days, 13 hours, 40 minutes Bad (down since 2021-01-20 07:14:16 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-16Rep_25039213.docdoc e134359bfa4a04bffabf20a6522d2a4c8d807619578853ba0387aa395b6495c9Virustotal results 68.25%Heodo
2020-10-29IMF_100120_VTX_102920.docdoc fa68a64196793116b8b029723e9a7fd7d6a7e5c8bbcc752be10b93c5575ebb03Virustotal results 20.31%Heodo
2020-10-29FILE_IN9519321282FW.docdoc 8b4afb8076a68f93b44032c82700252f8971b853903b31fd0eaf50671f7c3cd7Virustotal results 20.31%Heodo
2020-10-29file_6434654181397176086.docdoc b3fa2642d482abe33fb06c5480db8883954bb076b663c838f67dc4966b89f71dVirustotal results 21.67%Heodo
2020-10-29MES_1TQM4MF.docdoc b0144d3b84fcb16e6d521e31100944499659d0ed9065e7295eb557d60254be7bVirustotal results 20.31%Heodo
2020-10-29Attachments_05020348.docdoc a372ab149bf1539aadb69ea0484133adaea91b0c000a9bfdafa445dc23230d3dVirustotal results 20.31%Heodo
2020-10-29Mes_8D47MROZZG33.docdoc 34d9cdd8a269048d1a73d296e922eef7ab126f766b8d9a8191dbaeb1345a8dd0Virustotal results 20.63%Heodo
2020-10-29ARC_03927802.docdoc 371a442d56b47bd24ec601a710beb116a75f09be269d0a2e18b29d6fe0927bc1Virustotal results 20.00%Heodo
2020-10-29DAT_VUF_100120_BNY_102920.docdoc 5a00d4a9d8e50c06f30007460af1dc4f73950dff8ef4d1966ec4098c16712bf0Virustotal results 42.86%Heodo
2020-10-29Arc_DYL_100120_EQF_102920.docdoc a68e38ba80539aaa99e4624f37df31a53410de47b3a76df0fbced21744a74d0bn/aHeodo
2020-10-29DOC_Q6YJ32HHWA09.docdoc 6cff316da0b26621e5b1fc3d5a85c6931a68a90fde20acf702195a175fb4ce44n/aHeodo
2020-10-29Arc_JX0204912759OY.docdoc 48f5efeee13fcdbe837223ddd4c1de97dd87be397e6f99bb95ebfd19af5aaf86n/aHeodo
2020-10-29E_HJ1T7TRM.docdoc 1f79e269f336ed5d08b7024f844206f953ca742c7bbaee4cdc6fc1e46c15f2abn/aHeodo
2020-10-29arc_PO_10292020EX.docdoc 761d87bcf6f5369f3cf451125ea7a56b683a729b1a4caf4a329bfcf95591d189n/aHeodo
2020-10-29Inf_OWSJSRPWF9D3OWW.docdoc 99e51b37403045ddf233e0cb386646fd8113f346206f33dc28e6f8cf667f3dd4Virustotal results 38.10%Heodo
2020-10-29UNTITLED_CC9304763359KG.docdoc 4bfdf04e63422e1f2b89b19ccdd74439826ca27342cac0f98e259109043cb251Virustotal results 38.71%Heodo
2020-10-29INF_Y90EPWMSBJ.docdoc d82100bdd4168d98cf565f1b0d002d3c2c480cc6e350b09dd8484507384aef75Virustotal results 38.10%Heodo
2020-10-29UNTITLED_AXG_100120_MMB_102920.docdoc 393cb1523cfa3f9dc1d2a45e467810be8447ea0f58435edf5bfd1e0938e293e0n/aHeodo
2020-10-29File_93581303.docdoc ed5a9cf9f1dc54e472bd41658cb3f19ec7eafcb34da7257c6407697b879a0535Virustotal results 38.71%Heodo
2020-10-29ARC_3938917443081699.docdoc 665ea7994646d6f55327063f07c46e3d51cce78766dc14fc03031b5581283b10Virustotal results 38.10%Heodo
2020-10-29inf_ZO5453806959QB.docdoc 33922102764c4b2609240638de815d4e2ebbc1334d9cf6b1b9609c89bb8a9c0aVirustotal results 36.51%Heodo
2020-10-29list_W7LPTKK8.docdoc 17d6d17702d158eda616b2096600e47fe0808914ae353ec5009763a5de5fffe7n/aHeodo
2020-10-28Arc_CBC_100120_OYF_102820.docdoc 0a8f0b82ac6ca359057a79405255027ce1c2e1de5493d655a55b0374727e32baVirustotal results 25.40%Heodo
2020-10-28MES_99311724.docdoc c79ff6d2cb77b1d4e7bc6bea1ea1b05d78d536e72254e93dbaeb1122ff214d8en/aHeodo
2020-10-28UNTITLED_83370180898706.docdoc aa5e7414db596bbbac651408e85b19557a2415a2e42a4a2689cf37c1f3dc1c10n/aHeodo
2020-10-28mes_PO_10282020EX.docdoc 15646ceff08e62da68192730a8cf18e0bcf03b873bb4670cba533c04e9f6adfdVirustotal results 19.67%Heodo
2020-10-28HUJ_NJIVGNHQ6YM16CPJ.docdoc 5da940231b1ebc70e4c974d89da825e72365c081f4b224b0308a7298de66a788n/aHeodo
2020-10-28UNTITLED_SH8313637659XX.docdoc 3fe50d0556d64f8a7214fa4e311bb0075f31b6bb0ea009d852c70bbe51a1782aVirustotal results 17.46%Heodo
2020-10-28INF_ATG_100120_LPB_102820.docdoc 3bd7bff850a4570a7bb97f9e98579d7a02f229ccbec50ec955257f9963ca0b5cVirustotal results 17.74%Heodo
2020-10-28DAT_CCK_100120_OFZ_102820.docdoc 11dd803e4e682105076fd2c1d86f54e36702074879acdd270b796dc604de12c3Virustotal results 18.33%Heodo
2020-10-28KAHR_PO_10282020EX.docdoc f8c7566296ab5b125218fcfca6cb017b25bf92027db687ec545e8897a62c59f9n/aHeodo
2020-10-28inf_ZGV_100120_IOB_102820.docdoc 5ce0046c606a280f8d74e5263eaa3e9912f6f232c7508ed71f50e8a4972b47a8n/aHeodo