URLhaus Database

You are currently viewing the URLhaus database entry for https://www.etcert.com/wp-content/72K9JpF4OhxzhJwS1xE2LUulFYNO8ISFUjYYCbz1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:764532
URL: https://www.etcert.com/wp-content/72K9JpF4OhxzhJwS1xE2LUulFYNO8ISFUjYYCbz1/
URL Status:Offline
Host: www.etcert.com
Date added:2020-10-29 09:35:09 UTC
Last online:2020-11-16 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 09:36:52 UTC to abuse{at}contabo[dot]de)
Takedown time:18 days, 13 hours, 1 minutes Bad (down since 2020-11-16 22:38:30 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-31Attachments_OWGE14Y.docdoc 858159295a83a85ce85a8e18a4398873eb02dfa32012325f963ab2de57c8c0aaVirustotal results 56.25%Heodo
2020-10-31Untitled_PO_10312020EX.docdoc 7b23df6f1bd4b2e428624bcf7423651fad4742e21e6992d0df41d6d94c199169n/aHeodo
2020-10-31Arc_GI9029569973JK.docdoc 396b664fbdde301d1ebedd54f4beacf4726ef9fe1d0807a86fe0b00e0a71772dn/aHeodo
2020-10-31inf_PO_10312020EX.docdoc cdb79e413c85c2fa4724ac77b430ab5a6a0c770f7f6a640fec00d946a93f5e09Virustotal results 53.12%Heodo
2020-10-31DAT_59661946.docdoc 2cb36ff671181007c49a60cbbafe936340f4465bc46d3451c5ad6cb8086a4ebaVirustotal results 51.56%Heodo
2020-10-31OIJ_100120_HXJ_103120.docdoc ad6530753d959ec1d3305730db8985d3f0fdf9e9ce893c2f8bd8873ab51f8fdcVirustotal results 52.46%Heodo
2020-10-31File_TJY_100120_BRE_103120.docdoc 6b199ce53786e4647258111798d4a9f14df4220415ed15639338c5860d98695aVirustotal results 53.12%Heodo
2020-10-31Attachments_5020784412950530398710.docdoc b6fe7dca5aa33eedca9590aacbb7a67d89dc6c1a98cee170aca2c47518e01ea1Virustotal results 54.69%Heodo
2020-10-31WDI_901853295.docdoc a77843eba99adffde7cc22482865a6e64cd0217a4779ec035d11d060982996e7Virustotal results 53.12%Heodo
2020-10-31Inf_MG5802516290JF.docdoc 41c1aacf38f4e4b127131377357db324852107ff972122bb57ec3ba8f894a7bdVirustotal results 53.12%Heodo
2020-10-31MES_6390168450202008825441597.docdoc e054d39b0aac7c2b6c6b76bc40435c1d0ffca154764349deefbc46f9d6ba453bVirustotal results 50.00%Heodo
2020-10-31Attachments_6UURBBRGDM408.docdoc 4eabd4dcb81c28e86bbfd9ac62090d51aea5a733c96a8f3a7ad130a9841bce71Virustotal results 54.69%Heodo
2020-10-30INF_PO_10312020EX.docdoc 66f30f7d40ef0e230f042cd6abe51971e49af52617515c3d0d99f3f365a59e90Virustotal results 25.00%Heodo
2020-10-30arc_2889674948563473420956.docdoc 621f149c8fdf5abbc449baa3bc86423a799301ca3017950f0b173a6977033e88Virustotal results 54.69%Heodo
2020-10-30Attachment_ZXX_100120_ONR_103120.docdoc 22a4eae8735782a3f12e3f7ee5b6d0839cd7c4a8b91dce6ce27e2414b2e5f817Virustotal results 51.56%Heodo
2020-10-30FILE_AJ7247032513LK.docdoc 917a6b067e825cb71b0d60b4e428f283cdbf100bcec01e467503d18077125c4cVirustotal results 51.56%Heodo
2020-10-30FILE_KD3957924398AE.docdoc 5041a2eae4b04f23df9804031b3a30e815e0c2310bf42d82176cb89618617933Virustotal results 55.56%Heodo
2020-10-30MES_XXG_100120_TXK_103120.docdoc cc0614f4e21c1d63a80e1ddecfd591353e15aa849f754be9d8b709cc6e9841c9Virustotal results 53.12%Heodo
2020-10-30REP_DZ6114277569EC.docdoc e37545649e9e7c9250af64a93a2fa3e37fd90ab7f9c16e96b4469290f309b52bVirustotal results 23.81%Heodo
2020-10-30FILE_08320163.docdoc 8cfdaf7b364045782c53fe4094501d577114deba01267ff8e074d14d7d27833bVirustotal results 23.44%Heodo
2020-10-30Arc_ZK6472615055WC.docdoc 2004d64ee603572e13a168eca558d2ade8169581208022e51896e0589e07116dVirustotal results 32.81%Heodo
2020-10-30PO_10302020EX.docdoc 75ca20340c21dbd94ba3ec4c8eeb14f3a78e68a955701cbdc754c29163674a3aVirustotal results 33.87%Heodo
2020-10-30G_PO_10302020EX.docdoc f2ce2b3d2bf2f5d0f22eabb44f0b7c9183e0fea547e90ab926beae89d85cdf0eVirustotal results 34.92%Heodo
2020-10-30FILE_KB2709700115WU.docdoc 5fc665986d6e0e5763554e4d9f9db9ccc61b2c20fc408e955d286a458f622f48Virustotal results 47.62%Heodo
2020-10-30dat_66509228260.docdoc b0f3557b0ac948f3137f3cc926504dbe28038ea00d282c81a33fd46b93af1c25n/aHeodo
2020-10-30FILE_PO_10302020EX.docdoc 877bcaa3bd3bcb6081fbcc746a0bc8b28f01961c1061adaacae5ae875457fb70n/aHeodo
2020-10-30dat_PO_10302020EX.docdoc 166f3880aa773ce0e75712aa20839d2b0f37315533364e3794401b389579ab2aVirustotal results 42.19%Heodo
2020-10-30arc_5440001995494968.docdoc 251276d83391acaa6629840a7607dd14966d1be54c7e8037b947e5875d412620Virustotal results 42.19%Heodo
2020-10-30INF_PO_10302020EX.docdoc c3a3c4b5fe05e1cabea15022173fa5a6f9fb05c83f0cb2d70441f0d415fb9405Virustotal results 43.55%Heodo
2020-10-30P_19597275.docdoc de0a1c44011e636f13b7db8734adcc239d484bae417f118f5d1173ff7d708481Virustotal results 42.19%Heodo
2020-10-30Dat_6L9HF1SL9D.docdoc 39b6fdd21b5a73ad7e7808470a008ce96abb75dc96787734f8778afaaab7e0e6Virustotal results 42.86%Heodo
2020-10-30AM2350005887UM.docdoc a3c09116b3564a812d894ab750990565e22b18b97a47c138b3b271f1e7e5f666Virustotal results 42.19%Heodo
2020-10-30dat_920993593110560952560.docdoc f47484c61c7b2b0541690f5cfb219d2efe962b5204064435481f99e8ba92f95eVirustotal results 41.94%Heodo
2020-10-30DOC_YN516U2VH7.docdoc 17d5bfb8d831eb1b5f2defabb4f6b29c2c2f65bc90c0b310d7e0867ac11c125fVirustotal results 42.86%Heodo
2020-10-30FILE_264886063219990.docdoc a3ab9f9c38fe53b1cc2783eee98684350b85ff0bd94ade1766fae55e9de77827Virustotal results 39.68%Heodo
2020-10-30Mes_95982279.docdoc 2d3d4e0033829c37a82f24c6499a0786dc993903374e611aa94c4973a4066dfen/aHeodo
2020-10-30doc_PO_10302020EX.docdoc 72cbfce2d1bb68f6583a651975d64056490779254d19bbf18636a754d88688c3Virustotal results 25.81%Heodo
2020-10-30inf_16376452136004157345.docdoc 12ef90a776bc1f4ae05962313e6b3711ec5211f8ba450527585d2da80c2d03b5Virustotal results 25.40%Heodo
2020-10-30REP_59561942.docdoc 665ca5b6b8e24008d94bd73e8fc3862a558d2074f35ab952eb016e2ecfb2c125Virustotal results 26.56%Heodo
2020-10-30Dat_7R1WA5IBH2.docdoc d1d8c0384f3780dd6287efc3e864f9fe60b6efe14f613f0cc2ec0efb0aa97dd6n/aHeodo
2020-10-30Dat_PO_10302020EX.docdoc 14a8572928770f8d61fa05890c3e0a5cd4396bfde2ce2763d533e89d05120d34Virustotal results 25.00%Heodo
2020-10-30DAT_PO_10302020EX.docdoc 1ce95602afd3133a2b2f7ac1df3290e233ba27b2f2b71d6a1b407cda2cb4ca4dn/aHeodo
2020-10-30FILE_HF9730385984CN.docdoc f2413a07e3362999d85fbab3f6c2fe8f228e4567eac899cd565ad65a2d0eede9n/aHeodo
2020-10-30FILE_55164349.docdoc f7cd964fb73ef51565181df0b0bdc561fe166542fc297684546797abcbc24000n/aHeodo
2020-10-30Q_8658349442257995968395.docdoc 1e363452c2a67d40f01390488a99f68ce6fab805b45eab93ee2db2469bf1b05fn/aHeodo
2020-10-30DOC_ZMV_100120_KUV_103020.docdoc f4983c5881da987bb4dcca9069e0134657dbd559cf50165c0f35c3f1c4595948Virustotal results 40.62%Heodo
2020-10-30MES_PO_10302020EX.docdoc 9ae7942321b9360d2c19a2199e6f2e21a3436b97787133280c3d267a00bd6b6fVirustotal results 37.50%Heodo
2020-10-30file_341704921343.docdoc d35ce7ecbf781e43242b0ddf34fc92d905f15b6279385f62ce2b3a7f3a700c74Virustotal results 31.25%Heodo
2020-10-30REP_JWXU60RC8W9N.docdoc d81b2611e96c81a6be50bbbfbdc04309f10b987317f1bdbae24d2e90a216df11Virustotal results 41.94%Heodo
2020-10-30mes_VF6SEVSAZG9.docdoc 8c5ec7de8acd87d586e9bf7a74458c2a96f88ddbeacbde0ae3791d84594cc983n/aHeodo
2020-10-30File_PO_10302020EX.docdoc 2a2cd3fa6ea3c1207553da6896b030a743a3893ec1b95b494ba27d6423f8857dn/aHeodo
2020-10-30ARC_3218811832.docdoc aa8406666061a35462984a7c54b1a10151ec769f30040dc02931bb87fa2f1335Virustotal results 31.25%Heodo
2020-10-30Untitled_68777973.docdoc ceac47b63a26dc75f489b8882600b4a6ffee7b0c5b5dca3ef7732746cd3ec229Virustotal results 40.32%Heodo
2020-10-3026764516.docdoc 9e9808cc54536ce74b6ed5c426e0e175fac5915b344a9b0c802688fef6dfb918Virustotal results 32.81%Heodo
2020-10-308778333548719710878604.docdoc b2312b8854268bd1ca23427d7f7aaf8b3013aa1c4ef1d7676e73a5667418b9e3n/aHeodo
2020-10-30LIST_430210933150.docdoc 8f1be5660e45786bb5caf0b15e6509cc86b6b5b099f40a0a4876d68816df2ec3n/aHeodo
2020-10-30Untitled_P2XATH1DX12.docdoc 635a74416fba185c2d901ad6c437ddc2258d061fb43e420653cb07f071e62075Virustotal results 35.94%Heodo
2020-10-30inf_ADF_100120_DPP_103020.docdoc 401b08eb1c58500e67d4a452cf053775266c050d2e5cf3abc7b7d3ab0ac5bbadVirustotal results 35.94%Heodo
2020-10-30arc_UEH_100120_EIL_103020.docdoc 3faba02f0eb970ef25a2a874736e4f758dd3424cdba2637795ada41385024679Virustotal results 29.69%Heodo
2020-10-30Rep_KTZXPGE12KGEYV.docdoc 7ae6e150fde20638c5cc89c0b4c088593eb3879f0f6567e9c4cc14069b9ae204n/aHeodo
2020-10-30doc_196920185981698.docdoc b33622a59cee3ca443a74701f86f58ee524e9901c05d359270575f52d7d37380n/aHeodo
2020-10-30inf_CRQ_100120_FCQ_103020.docdoc b3f4e1b87633e71363d9e97c4f845e09d36e833b8d170f184946c8764cfc8f12n/aHeodo
2020-10-30DOC_RMB_100120_RFK_103020.docdoc 8f0e22d23596c232df3d527d5fb36ca404eb518bbe7c375b7a7cd037354b02d5Virustotal results 28.12%Heodo
2020-10-29list_4733528677.docdoc eec673d1180b8765a6d45f7e7164e7e86024dce5cd09472669369e410fa5d161n/aHeodo
2020-10-29REP_4906131911364833935.docdoc 5eb2cd7fd89bc000cab80454ba0da8cb954a960d3b415bc26039832a7f6f7544n/aHeodo
2020-10-29UNTITLED_AU0798683769QE.docdoc b716fa67c934451161c1be78e1587b3c68a53b5e219dc5452e9ea883d32a274cVirustotal results 27.42%Heodo
2020-10-29Attachment_PN7372609657SN.docdoc f4d2f6dbbb53d79cccef95feda58515350e863a1f1522bf60c830c0230754866n/aHeodo
2020-10-29M_MG7784641238ZA.docdoc c685520233b6d670ab20445051b6688bac6affb5c8b99a71213937d99ac9e380Virustotal results 25.40%Heodo
2020-10-29DAT_PN2651652104EN.docdoc 9f944d45d5e7d40e9f1fce8f48c7fae48a14b56666b6c149b9a2f028567d2019n/aHeodo
2020-10-29Inf_695827657644665716434333.docdoc 00f960f2c4dc8abaf471b3c55c877aad66b636338bd2d67a565393058b78c125Virustotal results 34.92%Heodo
2020-10-29arc_504635906921497.docdoc 18456f3c952a94d93064ab5e0fc948f5cf8c35d1615d18886c7ef84d7dc22a2an/aHeodo
2020-10-29DOC_KB6592998137PX.docdoc 41439f935c27535a7752ad0b7a778de41fa076af62cee2bf3ce8138567fd7060Virustotal results 34.38%Heodo
2020-10-29DOC_WY9143678027JI.docdoc 6f9552836a90ddea2d599b100ecf6a8cda08714d1f8f7f848cf6684ab9ff6b78n/a Heodo
2020-10-29inf_9AAGOPBNPAC7Q4.docdoc 51657b8a72e7e81349ee2744529184125522759769f93b02aebc3a2d33fddc2bVirustotal results 27.87%Heodo
2020-10-29DOC_79455761.docdoc d51925f43c610d0116c831c9282a4b3fcbca83fce4a02bde7f425d81eb7a2243Virustotal results 31.25%Heodo
2020-10-29DOC_PO_10292020EX.docdoc c9bee872802f41154444cf83a87057e1caa72888e8b2c3901933201b9aa6312aVirustotal results 31.25%Heodo
2020-10-29mes_V2DPBAF4GY8.docdoc c864f510cfcaca5ca5acb2a8ef66706e173195d47f0bc0956f1757e9f74325d1Virustotal results 31.25%Heodo
2020-10-29REP_OPP_100120_LVU_102920.docdoc 32eb83b21811e1d39d4c68e15a5ff6a2b640161c0960cdfd4dea92a72f368a2en/aHeodo
2020-10-29DAT_627741310859330227396572.docdoc 1cfbaf38e833a8dcab12a6f7a0c42e5b5033bc4f188f022607c0e3853f92a6eeVirustotal results 31.75%Heodo
2020-10-29Untitled_PO_10292020EX.docdoc 5e49a64852901bd8057faf79a29c4014763a93bd4f8a0c448a58ab101da4fac7Virustotal results 29.69%Heodo
2020-10-292252366010162062565925240.docdoc 44fd0e531f131ec3393dcbb90c1ac8baee6d5c4438afa02d458e67436af9a1b9n/aHeodo
2020-10-29MES_TVB_100120_TON_102920.docdoc ccc94ba056101ead7adab466b9b4780b16a85dff204b246ae7094f9bbe79fdacn/aHeodo
2020-10-2943201042.docdoc 318b758c5ef22b3666ff9ea38111751a4ccc591294bf85680f723e02f95def57n/aHeodo
2020-10-29FILE_PO_10292020EX.docdoc 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829Virustotal results 26.98%Heodo
2020-10-29doc_PO_10292020EX.docdoc 134e4b929d0e83768f3bad032abd87bd8d004dd2a7256fb9ff9d4bfa9f29e5fbVirustotal results 28.12%Heodo
2020-10-29List_40820781.docdoc 2d52e6dff2839f2f2b4c4e01290c96b9b924d0e8f276847481da31dfea122414n/aHeodo
2020-10-29Attachments_MAK_100120_KRZ_102920.docdoc a096c9ae87e874cc4f61f11918a8382c3f85aac3402c1258b7a79be90cdb4beeVirustotal results 26.98%Heodo
2020-10-29K_QMA_100120_LUT_102920.docdoc 9e8de88a3e7aabf6248a4a17e376f37501cb0437cf9127abda8283191eee760an/aHeodo
2020-10-29REP_34595941.docdoc e134359bfa4a04bffabf20a6522d2a4c8d807619578853ba0387aa395b6495c9Virustotal results 26.23%Heodo
2020-10-29UNTITLED_543265471962570236893.docdoc 54f04e269a7b08a1ec3d9a71e00dfa86b9d8050533ef0d550298ea51f28775ffn/aHeodo
2020-10-29Inf_34220898.docdoc 34d9cdd8a269048d1a73d296e922eef7ab126f766b8d9a8191dbaeb1345a8dd0Virustotal results 20.63%Heodo
2020-10-29REP_PO_10292020EX.docdoc a943a1b78c2ddb8ea536ad08b2eaaec624c324079322f272f1e1a319b5603a28Virustotal results 20.63%Heodo
2020-10-29Untitled_GCIXRA9X05669NS.docdoc 585ab6cc0502c04dedbca9318f5d7d278050dcfbeb477a09e8fee5b66916e38fVirustotal results 42.86%Heodo
2020-10-29List_LWD_100120_HGD_102920.docdoc 38df7a8d7d8ddeec4905b01777148222f208d5030b7a44665b5fdafb5bd9ff19Virustotal results 40.32%Heodo