URLhaus Database

You are currently viewing the URLhaus database entry for http://hiclic.com/__MACOSX/docs/ze6KNlYVwGgcYBvUPHM/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:762095
URL: http://hiclic.com/__MACOSX/docs/ze6KNlYVwGgcYBvUPHM/
URL Status:Offline
Host: hiclic.com
Date added:2020-10-28 18:54:07 UTC
Last online:2020-10-29 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 18:56:19 UTC to abuse{at}privatesystems[dot]net)
Takedown time:8 hours, 35 minutes Good (down since 2020-10-29 03:31:30 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29inf_0185353.docdoc 01832091bf1c1ecee3623274c0a9d173d305fb1b0f1059cafa86eab41961f498Virustotal results 33.33%Heodo
2020-10-29UNTITLED-20201029-Q624501.docdoc 131c6bd5dfe6fa22b22ee9a089ef38bcbf255dfd62f14fd565acc4c2c65f5b85n/aHeodo
2020-10-29inf-20201029-P140688.docdoc 754b3e1caf1ff6a8d35d59b3ba921a8ac224f6118520865d02140c0277724a73Virustotal results 28.81%Heodo
2020-10-29arc 5958.docdoc 947359baeda91df2475d551cd36248ccbc371bfab378fba634176d4fe1bc46c6n/aHeodo
2020-10-29Attachments 2020_10_29 IUO294.docdoc 5cbb14d1979b0259be5131e9d92da0ea63751d263e0db5d2e3ddde47a74771c8Virustotal results 25.40%Heodo
2020-10-29ARC_2020_10_29_YP354.docdoc 697d945ff47046f421017a4ececab19494f8ec8b9d59abc54fd159fdaf1bfcafVirustotal results 25.40%Heodo
2020-10-29Rep 2020_10_29 878.docdoc f8b55420ef4b3052e8b71f5a228e16219e3f6372d19e8c3e175e8fac7482824en/aHeodo
2020-10-29list 2020_10_29 LF7913.docdoc f49637e7159ed3b8f29519c003193985c2d5de0638a9386d637a2e62a8910160n/aHeodo
2020-10-28MES-2622975.docdoc d465b5e81ff8cc58d781ba58f2359e6668797d044d4f6144ebd5f738331e402en/aHeodo
2020-10-28Mes-20201029-PZY996.docdoc c05fb70a40c0550356929b11d569b80527b930845a011f0e564e9b3f6bb03ffdn/aHeodo
2020-10-28mes 236.docdoc fbe22d60081f70647f77db615e20d8220e62f4dd7beed3df10be288db8158609n/aHeodo
2020-10-28Doc_2020_10_29_P64048.docdoc c47e2824a0c7956c6d3e86bc3b599b19f2eb9c2136949bda71de8e4a5009b49dn/aHeodo
2020-10-28File 2020_10_29 DL778765.docdoc 0141fc68f8d61f3c6ab01420927eb224eb83af6d701944e66d37f19898cf1b4eVirustotal results 24.19%Heodo
2020-10-28dat-20201029-MX6686.docdoc 719b1a49ff1d13812a9e888638b0fb56a3b400ede4a73e446b00a06005a502d5n/aHeodo
2020-10-28arc-20201029-ARA2727.docdoc dfb997f9fdd6bce4a529d774cdc304bea58ee316f9f55fc2bc1606cd7ef4784fn/aHeodo
2020-10-28122KAP 20201028.docdoc 63e7ee325c79ea137e6cf1af5f7b56ef6767d20edf1d67283a46f0ec1dac902dn/aHeodo
2020-10-28doc-N125.docdoc 85679073310e9e6b9f5e274084e661d4947f4c5ab7042d40b9a204ba09447799Virustotal results 23.81%Heodo
2020-10-28REP_897.docdoc fbf8f5b6e01b55760479e9f84ca46ccff6e1921814aefdc54ce0e550435a2090n/aHeodo
2020-10-280679SHE-V717.docdoc 63d49e0ef662a3c8cd4d97b3ae4d0fcb10f2f6b178c5fff54011ad49c6d00e61n/aHeodo
2020-10-28Untitled 20201028 514.docdoc 390ed8e89795b54ef9057527e8d1c53b76155fb2299146e1d42364ee2de62aadn/aHeodo
2020-10-28HO616_PP5968.docdoc e3a9e508c613147446da86b994ce780c55edd7287415439f759ca4160071c17fn/aHeodo
2020-10-28Mes-F5890.docdoc 0b4686326341aa6170756e22822c138bc6d813412182af4238dd97fc39ea37acn/aHeodo