URLhaus Database

You are currently viewing the URLhaus database entry for https://nanogeek.co/wp-content/3ezrNk5Yss0WD8JwtK3Bq92xT8o3fTHOr3olUVzvyUkh6ma804woIpc2cLdo7xinWuQF/// which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:764669
URL: https://nanogeek.co/wp-content/3ezrNk5Yss0WD8JwtK3Bq92xT8o3fTHOr3olUVzvyUkh6ma804woIpc2cLdo7xinWuQF///
URL Status:Offline
Host: nanogeek.co
Date added:2020-10-29 10:06:10 UTC
Last online:2020-10-29 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 10:08:09 UTC to complaints{at}servarica[dot]com)
Takedown time:5 hours, 33 minutes Good (down since 2020-10-29 15:41:59 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29B_NUC_100120_FFV_102920.docdoc 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829Virustotal results 26.98%Heodo
2020-10-29Mes_PO_10292020EX.docdoc 134e4b929d0e83768f3bad032abd87bd8d004dd2a7256fb9ff9d4bfa9f29e5fbn/aHeodo
2020-10-2936199917.docdoc 2d52e6dff2839f2f2b4c4e01290c96b9b924d0e8f276847481da31dfea122414Virustotal results 28.12%Heodo
2020-10-29Inf_PO_10292020EX.docdoc 9e8de88a3e7aabf6248a4a17e376f37501cb0437cf9127abda8283191eee760aVirustotal results 25.00%Heodo
2020-10-29Dat_PO_10292020EX.docdoc d285ea691c4ccf35668c9aeb1166e56bea695d95174c38282af932e47157a46dn/aHeodo
2020-10-29dat_DI5667637261YC.docdoc b770e53d7a44c680b7ce2fc81e13b5de570dce0b57c587442874b3c5f6f94d83n/aHeodo
2020-10-29Doc_14470234.docdoc c77bdf30a9a94eafd3718a954bd79a8e9ad3b32761d6c45ae1b79245df7599bfVirustotal results 21.88%Heodo
2020-10-29Attachments_RK3UF9Z7YSYV.docdoc 93ef9ecf091dd0a2f463f8b10a73d301ad965547315b43fcd5c1a4995c513525Virustotal results 18.00%Heodo
2020-10-29Inf_SXL7VZ46YGJKFY.docdoc 8e33cf2204f19a828e1018b6ab9c762d52deb1ecd43a920491561fefd654086fVirustotal results 20.31%Heodo
2020-10-29REP_PO_10292020EX.docdoc 854dd0441e71fcb4f3237e94d7a738e26a8f320c3e5becd6b94aedcf7237eb09n/aHeodo
2020-10-29LIST_KHM_100120_EWV_102920.docdoc 0ecd1fc385ec00c604b5f5f04953a2a13067c7e7fb0066c32e90c706e6a5826fn/aHeodo
2020-10-29Untitled_D0NN91KS.docdoc 8e812f35e13e8d4d2d376ab456fb4335c9468ba58bb5a4bc7fdf14c959388f6dVirustotal results 20.63%Heodo
2020-10-29FILE_QI9454741402PX.docdoc 1e63648100763f7fe5822fa5fedd5b5b9c87d1bca425b6745c236e3bff92bd0cn/aHeodo
2020-10-29REP_75446588.docdoc a943a1b78c2ddb8ea536ad08b2eaaec624c324079322f272f1e1a319b5603a28n/aHeodo