URLhaus Database

You are currently viewing the URLhaus database entry for http://www.taxismaroc.com/wp-content/uploads/2020/10/eTrac/FYoYktZ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	761816
URL:	http://www.taxismaroc.com/wp-content/uploads/2020/10/eTrac/FYoYktZ/
URL Status:	Offline
Host:	www.taxismaroc.com
Date added:	2020-10-28 17:37:03 UTC
Last online:	2020-10-31 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-28 17:38:26 UTC to abuse{at}ovh[dot]net)
Takedown time:	2 days, 9 hours, 14 minutes (down since 2020-10-31 02:53:08 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-30	Payment status.doc	doc	2efeab91d822ab76173df70e491b2cd6881d1435186ad6659da73c4e5c5214bf	40.00%	Heodo
2020-10-29	Inv. 063717.doc	doc	92ac003fb233443b86d9985f85bb50a56d64b8017e15191e8b5739c537f16802	26.98%	Heodo
2020-10-29	form.doc	doc	b08c46dc3723073450b41bd5ec1e98efeb44b2cd04b91ea57e9fe2f06a607616	25.00%	Heodo
2020-10-29	Invoice 40567.doc	doc	0128b674249cf22f59bed1a918f9c828770abd2dcd93505856fb7596440a2a5f	n/a	Heodo
2020-10-29	invoices 844 & 8608.doc	doc	9eddbf9eaa4b753108631f0cdbef5ecc758378c188d216542bf2db06a4c4e7e5	22.22%	Heodo
2020-10-29	Copy invoice #97119.doc	doc	2589b11dff1909357910014419942540bed0646531aab526832d700248bbbf0e	22.22%	Heodo
2020-10-29	Payment status.doc	doc	8200214bee8f21c170b9173814cac8166b9f605ebeee543870d9facdefa73d76	21.88%	Heodo
2020-10-29	CE51 invoicing.doc	doc	95b4f0a791e9ffefe35972f8c4e1a90c115fe1c8976f779e44b5190d859b3eb0	22.58%	Heodo
2020-10-29	invoices 051 & 94614.doc	doc	f62b9d8351f6fd35ff31acf9d6f34ff25c528aafec056c9ea7ad7f7c6468cc09	n/a	Heodo
2020-10-29	Form.doc	doc	dbecc21fbfe21aadbb22f6de20f4868f7f4a5c16552ee9ff3cc5c590e0563a2f	n/a	Heodo
2020-10-29	October invoice.doc	doc	df634084d9cb08a06d2e82f00cc3fef1f64efc21da9ebd08ba86b684ee237863	n/a	Heodo
2020-10-29	4343785812IU.doc	doc	8b689836a9b1034619fdff9ed1e672a6c18d09887f73cfa9e3243ae5071badbf	n/a	Heodo
2020-10-29	Copy invoice #36200.doc	doc	d35618fba11f6c84539c7888912e7eb42799ab92025b7d9b15eb542b4b380d33	17.46%	Heodo
2020-10-29	form.doc	doc	a5df9e6a4b16c603b2f667654c7994ce098bb7baa10e3ac101562e534e5f060a	19.05%	Heodo
2020-10-29	October invoice.doc	doc	8744e383bf013444ed1f687f385d558ee1c4e2a153cdfe224250a02fd1eada2e	19.05%	Heodo
2020-10-29	INV_0230.doc	doc	92d834cc4eeb0c988360abd919fed33b6ff21d18e7fc4fbf17a443d56374ac19	n/a	Heodo
2020-10-28	invoice.doc	doc	6c9191798758c5d2cb92a9f60c5d221a0e2d737aa467dfacb65c2a86c5781586	29.03%	Heodo
2020-10-28	Invoice.doc	doc	262b9ae34d1556927301b3a7e49f106e8a49724b527eaa327938fd5af61ec2eb	n/a	Heodo
2020-10-28	Electronic form.doc	doc	09ccc81a0d3dd19981c937faf388f0fe7117243b355255e387dce0dfb43f7769	26.98%	Heodo
2020-10-28	invoices 27560 & 93596.doc	doc	92ae5315a4de0857a9f23fa0d4ef298bf2e87573ec75de5c05c6b82c0ca67155	25.40%	Heodo
2020-10-28	October invoice.doc	doc	651bf3fad674c19a145b70179dc88dcc06a5afee9923b348c400155e1f6b14a5	n/a	Heodo
2020-10-28	Invoice #488528.doc	doc	19f5c63fa8696a0eaab016bdd4d8d1bcfb5dd7f07d1da25caabaaedf0088dc23	n/a	Heodo
2020-10-28	UKR-100120 DPKB-102820.doc	doc	fccf7156f22fc7676f860e9ac3dfe8f573c89f58106e5946da37e36fcef2a205	22.22%	Heodo
2020-10-28	invoice #32763.doc	doc	3b31e20a19f924917aea1e08d62b46e74ecf47777ab81e3843195449c1ceb80d	n/a	Heodo
2020-10-28	Invoice #1208.doc	doc	ba3c399c241634f2921ab5d9573e69dd0695eac55c17bedb283e7df2b9de3f8f	n/a	Heodo
2020-10-28	form.doc	doc	72fc52675572a69794899e21825966d31976de8fe26ded5d21f743a903af4d70	14.75%	Heodo
2020-10-28	invoice.doc	doc	d1f0145ea0d4e036edd208387b5c7c012b0eec91562b6f210853152462b2ff63	18.03%	Heodo
2020-10-28	PO# 10282020.doc	doc	fadcbe7aa3d7b823b03d2627cf8a05b229e0f6c7518a71b9c4a106155b04df3c	17.46%	Heodo
2020-10-28	PO# 10282020.doc	doc	f7f94de76d23a7933abb8bd20b8fe7ac8200c6cc8d3b837dcb1686368c86a718	17.74%	Heodo
2020-10-28	TXO-100120 XWHG-102820.doc	doc	0eb494d2627d56169bb2fa72f2ddae839751254dcb82ab597a9df1a75dba97ec	n/a	Heodo
2020-10-28	Form - Oct 28, 2020.doc	doc	08d832a1ff20d74ba37553d0ac28f94bc54d7463e392873c34faf6bb44d47afd	17.74%	Heodo
2020-10-28	invoice.doc	doc	0c858a0a134a998400efac616b99178e0b542e1229d9260362b329d56ab10b58	n/a	Heodo