URLhaus Database

You are currently viewing the URLhaus database entry for https://nanogeek.co/wp-content/3ezrNk5Yss0WD8JwtK3Bq92xT8o3fTHOr3olUVzvyUkh6ma804woIpc2cLdo7xinWuQF/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:764455
URL: https://nanogeek.co/wp-content/3ezrNk5Yss0WD8JwtK3Bq92xT8o3fTHOr3olUVzvyUkh6ma804woIpc2cLdo7xinWuQF/
URL Status:Offline
Host: nanogeek.co
Date added:2020-10-29 09:12:10 UTC
Last online:2020-10-29 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 09:14:02 UTC to complaints{at}servarica[dot]com)
Takedown time:6 hours, 32 minutes Good (down since 2020-10-29 15:46:52 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29Doc_9338188647511893617050572.docdoc 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829Virustotal results 26.98%Heodo
2020-10-29REP_PIC_100120_XZQ_102920.docdoc 5edf42ab917e99566d6904b93308695efb66e834390a35fcdc05d184cbca6ef8Virustotal results 28.12%Heodo
2020-10-29RO3RG6XQOA.docdoc 5ed767510e9b2630ac3c6ea38470821c0c85acaf712cb5f45eddd5f6e0fcdc17n/aHeodo
2020-10-29FILE_PO_10292020EX.docdoc 29808c9db3a80e9ed46d4aecbe478dd8e57089d7e2977c916421cba71b0d6c42n/aHeodo
2020-10-29Inf_94718926.docdoc 5db58ed4308eeb76f9c66c885d4f1b53530d6c42eac9d755e67bf41989094087n/a Heodo
2020-10-29INF_72756893787033946705036.docdoc e134359bfa4a04bffabf20a6522d2a4c8d807619578853ba0387aa395b6495c9n/aHeodo
2020-10-29File_MKZ_100120_JUW_102920.docdoc ac100d3e7a4985580d980cb7dc26527d01d4166b7bc89405dd21918ae03f7faeVirustotal results 21.88%Heodo
2020-10-29Attachments_RK3UF9Z7YSYV.docdoc 93ef9ecf091dd0a2f463f8b10a73d301ad965547315b43fcd5c1a4995c513525Virustotal results 20.31%Heodo
2020-10-29Inf_SXL7VZ46YGJKFY.docdoc 8e33cf2204f19a828e1018b6ab9c762d52deb1ecd43a920491561fefd654086fVirustotal results 20.31%Heodo
2020-10-29REP_PO_10292020EX.docdoc 854dd0441e71fcb4f3237e94d7a738e26a8f320c3e5becd6b94aedcf7237eb09n/aHeodo
2020-10-29ARC_88G3HC6.docdoc 3a1dd7ec119b96ea68facb223082a398ff4c038e58e7d166c80d7a7d4a3758abVirustotal results 20.31%Heodo
2020-10-29INF_O79GN9K1.docdoc 2427ee3cc0798fcee02c718a1fb58d735d9cf3b0ebd9bb10c14cb9326bb5e489Virustotal results 20.31%Heodo
2020-10-29dat_74092110.docdoc 371a442d56b47bd24ec601a710beb116a75f09be269d0a2e18b29d6fe0927bc1n/aHeodo
2020-10-29inf_2489755910348309378.docdoc 585ab6cc0502c04dedbca9318f5d7d278050dcfbeb477a09e8fee5b66916e38fVirustotal results 42.86%Heodo
2020-10-29List_R6S6V0IGNV2H.docdoc 38df7a8d7d8ddeec4905b01777148222f208d5030b7a44665b5fdafb5bd9ff19n/aHeodo
2020-10-29Doc_V9GILRP3KC.docdoc 72e4ad0a1b83a8af4bffff0b32b6f8b9fe9680a323457b9ae5b866c9cf789ca1n/aHeodo