URLhaus Database

You are currently viewing the URLhaus database entry for http://mzurimamas.com/wp-admin/OCT/oPmNn7PNIiDqcE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:765403
URL: http://mzurimamas.com/wp-admin/OCT/oPmNn7PNIiDqcE/
URL Status:Offline
Host: mzurimamas.com
Date added:2020-10-29 13:36:11 UTC
Last online:2020-11-07 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 13:36:42 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:9 days, 3 hours, 9 minutes Bad (down since 2020-11-07 16:46:21 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-11-06doc-54446.docdoc 612b66140b3b1ee1d77949fe254bb8348132d29b07fcbf108dcf5b85e98575b4Virustotal results 71.88%Heodo
2020-10-300087-20201030-6359.docdoc 4f3a4f5eb9cb7a83e209c9c1461694465f91c41ae9c10f3122ba4ae8ec34b3d7n/aHeodo
2020-10-30MES-20201030-82441.docdoc 172d9ebe418ee909cc8a04a6c32c4226036a99b84741cbd6cbc9aebc06261205Virustotal results 28.57%Heodo
2020-10-30Doc-77074.docdoc d6672dad4b26a7239a1b23cd51b9f94f11ead9585952c8d92234173506c70313Virustotal results 29.03%Heodo
2020-10-30DAT 20201030 I1620.docdoc 68093e32e1557938ea73d8b95906e6e344aacc345e85683b0f838f26bd01fd11n/aHeodo
2020-10-30ARC-2020_10_30-DAG5134.docdoc b98fadc74ee7e8bbd23456400838fb924b1108f7dce18633ba10330e65613397n/aHeodo
2020-10-30inf-20201030-63258.docdoc 2527fdb5a964a6f8f9d27a25bed9c60092a9e563a5c916d22bbf950fb6a52dc1Virustotal results 29.69%Heodo
2020-10-30Inf-2020_10_30-77380.docdoc 091deed14b5bf12ed9363d9252ff12388eb3aaf331490520e462d12823c9019cn/aHeodo
2020-10-30DAT_26787.docdoc b7dc626a8e7e823095c0f88828b4754007514b125a249de6d0901e2d330a3388n/aHeodo
2020-10-30Arc_2020_10_30_RM227916.docdoc 21b03a75a5f8624dc73b7045c679c39af5b50c3d6c18f813b16f5f88cefb13f3n/aHeodo
2020-10-30Dat-2020_10_30-U077004.docdoc 6c3e28e9d3fc3e6192e4e5dfe110ca2aeb96794d8dbed234856cf5ae32ac846aVirustotal results 28.57%Heodo
2020-10-30Dat-024622.docdoc 3f4f59102e324f4b77543d496b59f866b113dd2ee429f75c913abb0e6b42856an/aHeodo
2020-10-30inf.docdoc 491808f80c7325dc185a42e1438b9fb0176566c67ed40ce43e771122822007ccVirustotal results 28.12%Heodo
2020-10-302708-20201030.docdoc 62b438f1aa3f77084e934f91334751fa1ec4e661d03cdc927e0ea7343fb53a1bn/aHeodo
2020-10-3098322714.docdoc bbcefc8c00253b2f803fd51e84768525a6fbc85a48189ba3e23a6af208570f74n/aHeodo
2020-10-30dat W2974.docdoc 05b836813780375ab027f2424e9846c3026e6340b097f3a74929e9381fdafda7n/aHeodo
2020-10-30Attachments_20201030_5711204.docdoc eb5e7b9d8554e92b57e2560655716ddcb3e4a10c2769af68df19681e80692bc6n/aHeodo
2020-10-30REP-20201030-QYI79238.docdoc 57209365f4fe0becb469a7ff5bb5701651c82c8b3d576f486ca86ff872654785n/aHeodo
2020-10-30Dat_2020_10_30_7994655.docdoc 538ecba125327445286cd475bdd8e127668b28cf8cf6aa03ec12857650cb003aVirustotal results 28.57%Heodo
2020-10-29MES-20201030-2266.docdoc f0560fe5e04420d7665dc216a6e034ed86b3f265475b2dacbec5257b95cf59a2Virustotal results 28.12%Heodo
2020-10-29dat_2020_10_30_8417.docdoc 0bcb2d15b9f69c9aa0dd0ea633c1266ad343ab2b1080a11f1d02bfaa933e1a07n/a 
2020-10-29dat 02036.docdoc 1c802678220f65ea3b50e82874a9888689aec3c069499e2941f3bfc7d001c726Virustotal results 27.87%Heodo
2020-10-29inf 2020_10_30 38707.docdoc 45cc75f16655706e95cdaaaf4b57baa1857bcb7b63bad445b59c36ed33aa3f97Virustotal results 26.98% 
2020-10-2964289 2020_10_30.docdoc 53e01743e578fab769ca84cbdab35079e0f5c3391c139cca0938669465f1e3b2Virustotal results 27.87%Heodo
2020-10-2937094315_2020_10_30_298.docdoc 25d7eb5b57ab67d49bce4e50463cc1577882243132dad3e209dfce8233f4d6f0n/aHeodo
2020-10-29list_73554.docdoc 450fac8b2c9b02b2a41f9415df499b2cf2b61aa90fd8f259d6af8e646087ff1en/a 
2020-10-29DAT_TMK15078.docdoc 5989ebebdba93ff92ec47e758b81593c8c33f5ed560f51d2c00f45159b44ff08n/a 
2020-10-29mes-2020_10_29-WT244.docdoc a5ad6fe2f4146407a19be9ce04e1e2aa46dd65ab18db2de33d685f6aa9e4702aVirustotal results 26.98% 
2020-10-29Attachment_2020_10_29_C44123.docdoc d3b7602fbabfbe5f4e8541ebb6badcc12190ae2addbc480908fc63ec43b4ab67n/aHeodo
2020-10-29mes-2020_10_29-7364758.docdoc ad1f4779a93e3bbfa4a51fce8f6797a5f10867a4c1029c87f88e5c59aec93a33n/aHeodo
2020-10-29Untitled-4509.docdoc f452ebbb6a749f0cd58dd03de749ef6a2158119219902efa67d5f025461e96f3n/aHeodo
2020-10-29rep_2020_10_29_JHG1345.docdoc 50a5fc86f0866c855649793cdb01ab2aab25a2efddc72f304cec6fc8c0e74422n/aHeodo
2020-10-29ARC 2020_10_29 127444.docdoc 2c6e4a74fc1b23c3c05b2e5717d495853be7408768a603493d3f7e104a3bc9c9Virustotal results 26.98% 
2020-10-29rep 20201029 420.docdoc db4adbabd6f727da5581e4a10dc40afc618d3a078cf821fbcfffe33f3ca374a0Virustotal results 23.44% 
2020-10-29REP_2020_10_29_46580.docdoc f72dc65ff43a2bcd71bdb4e6f7241cb06691ed24bf9630379b104f9d414b8793Virustotal results 26.56%Heodo
2020-10-29UNTITLED 2020_10_29 64783.docdoc a88e04c2cad8d4caa52e7b111b9665c77a7917a19dc0fa9ca7ff2b0c8caf8492Virustotal results 25.00%Heodo
2020-10-291082040.docdoc c9cfc3e36a4f9586a44a6e8cc924377e7f49cb6886f83b597dd188d9751ffd2dVirustotal results 21.88%Heodo
2020-10-290448 20201029 7121103.docdoc bdf349fc3180f524a63fdff70a26cb706d3ccf903d84cb87b3ecf05b95c6183en/aHeodo
2020-10-29Arc-20201029-2432.docdoc 80ebc730b2596e69a24336bc44a42d1643e6996487151db380c328bc66e3b64aVirustotal results 20.31%Heodo
2020-10-29Doc JE642.docdoc c6eea0359a87d3f6b39ebc7115393ee78e0544300a10f031f087fc6ba7db2a7an/aHeodo
2020-10-29arc SQ87224.docdoc 5b058e314ca3eea9e01e7991f6234e1ebf0239e38dbc62f38eb0dd7f85d0f390n/aHeodo
2020-10-29INF-18673.docdoc 60c1c55c2284d0a4e2c49df31f704f0876b23a306fd984fd609ef27abcb71cf1Virustotal results 26.56%Heodo
2020-10-29arc_20201029_L834036.docdoc 64a2a43f4b113935ec4cf64a5e787dcd48befc91cbb8ce681c6740d8c021371cVirustotal results 25.40%Heodo
2020-10-29Inf-20201029.docdoc 8ab54690fdeec1b65b8c0cfd80c9349c721d5944e4a074d310c93ae5ff729317Virustotal results 26.56%Heodo
2020-10-29031CUH_2020_10_29_HFS65239.docdoc 87e61eb38a271e0eeccf7bf9094d545ac4834dc3046587fc236f34cb366336eaVirustotal results 25.00%Heodo
2020-10-29mes.docdoc 0c88c83925738334cf06cde70d1887aa2c6dab7e63cc6860d3d58357a47cafd6n/aHeodo
2020-10-29DAT-20201029-4845823.docdoc c4576ef3b6d4f5bc1728a25cfce9f3574e9fa60a5f6aa8874a625255ae74deecn/aHeodo