URLhaus Database

You are currently viewing the URLhaus database entry for https://esgfiltration.com/cgi/Iu9Rxxzz9LEYPNh4Si0qPlnnCJswKNN9qgy7xzZ6NNGYhdwd8cx6/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	936372
URL:	https://esgfiltration.com/cgi/Iu9Rxxzz9LEYPNh4Si0qPlnnCJswKNN9qgy7xzZ6NNGYhdwd8cx6/
URL Status:	Offline
Host:	esgfiltration.com
Date added:	2020-12-21 21:52:05 UTC
Last online:	2020-12-23 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU003187820 created on 2020-12-21 21:54:09 UTC)
Takedown time:	1 day, 18 hours, 47 minutes (down since 2020-12-23 16:41:23 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-12-23	INUY4817JARRG9O.doc	doc	f989bb90fd752549af52988b47a9cf55638f97c26ea723457efd21cdab409da5	22.22%	Heodo
2020-12-23	MV5ZPEQUAAC.doc	doc	f0a4ee510f94aaef257225740c62c4a65b2da3ced23ca6b1513b9fbe11fd3cd8	n/a	Heodo
2020-12-23	9XHW7LRJRWWO1KB8.doc	doc	5a7b88efdd393de9fda81ff445cef38671de030ac35cba26f9b198481bfa29c7	42.86%	Heodo
2020-12-23	9Y7U6JFL.doc	doc	0b92e01b938b2941f4f0940c53a2f53da1f523d08ac18e2f8bc4dd9cc96b52a5	41.94%	Heodo
2020-12-23	KLBW01B.doc	doc	b1094f6feb1a423a3b72309f5d023edd3d9509d5444912064029530fe0e8842c	39.68%	Heodo
2020-12-23	S2JGNTJS.doc	doc	cf2b33d88046f8e39c8299718c9132fc22247ef02bfe6ae6d404b0ca1c7c6119	38.71%	Heodo
2020-12-23	177MNS.doc	doc	9e353b38f1dd65bbd6f1e50dc63ddc1350f17b8e382a9fe24328cf1f1609b181	38.71%	Heodo
2020-12-23	N9IAIG1HR8L4.doc	doc	f5e18d77f12c97a41d3afb41a6e69789d19fde04ffdf39ab1f53acd22185b83d	n/a	Heodo
2020-12-23	Z9B5YJ3VTJOMHP0.doc	doc	14b878d7208fdf92d601e33a77f38b05f586c568ff44cf3e7e73b8b2e1dadad6	31.75%	Heodo
2020-12-23	QOT7SYFM6CKP.doc	doc	68e9fac6a7996f04c150777aec9f02864a62b4c0d59675625c1801a231461a0b	25.40%	Heodo
2020-12-23	G8Z8W1NY2.doc	doc	e9c79c389f9e0132834f2da34cf19158e44330446302146e5636b0516d65ed51	30.65%	Heodo
2020-12-23	S5S4D0DVAFQ.doc	doc	6983d0de072547b29fe27502cd474096e7831a387d6980280fd1519c1cd86025	n/a	Heodo
2020-12-23	AXXPKDKHZV.doc	doc	168fe6ffe9e78f01a7f784833ba9306ef1edad3ccea334df35937424ef0220bc	n/a	Heodo
2020-12-23	1FVZ50.doc	doc	1f0dd0263393040d067ed555d604d764634263e4eb014755feb5d319af9db68d	n/a	Heodo
2020-12-23	PWI63L9YJZY5O.doc	doc	64df2f4241becefb0876d62be5908b4d62620e2aeb97828cb2819d952d106f11	n/a	Heodo
2020-12-23	4XJ37E0Y3DZ2SGO1.doc	doc	c29f20dc33cf2304271a54734dc3746f342898284264bd66094dee544fc133bd	26.98%	Heodo
2020-12-23	7Y4LR3.doc	doc	ec49319ad4b8ab163292c8a1332640a715616436de18d6b1124f4cc51b3cb4c4	26.98%	Heodo
2020-12-23	4H41O338.doc	doc	521ef9721a64f893dc83cf84caab9a76ce0b537e5605d20126c954d3489d89e9	n/a	Heodo
2020-12-23	PCXNL07EK3U.doc	doc	47a492a3a0bfd3d8e0e6c5b72d0594fc8f387d657c457da34d5b7c097f8ab9de	n/a	Heodo
2020-12-23	R4NHG55E1T.doc	doc	d4b572062438c3b6331322be310ee0209e104c180931c63dab258983c69f6dad	n/a	Heodo
2020-12-23	HU32MAQJPAIE9.doc	doc	64e04bddf27b3d535ea895f4dc08267a98a4c401edadc68e3caf7f6f850c4f64	25.40%	Heodo
2020-12-22	WV2LZP00C0A8EB1.doc	doc	815857993a030da4586f91406591e013e670d9a286faac31e529668bb9a169c8	n/a	Heodo
2020-12-22	MAP7E0.doc	doc	58c10297f0dc8855dad74aeb405b2efb43deb6f9cb498639a9acfb7a6041f6dc	24.59%	Heodo
2020-12-22	KR7P8BRVMA56.doc	doc	bc80ebc602752fe60bc486b8620ac2692c2cf2f368e79cecd3a281ce807855e8	20.63%	Heodo
2020-12-22	SN3TA8KHHAN7LSE.doc	doc	bdfab9675a34c6da34487f2c70f297960002e6c3c2a8e6fdc60ae7edbe67101e	20.63%	Heodo
2020-12-22	9TD8ME9JKPLSIC72.doc	doc	3a6a1a101ff166519b8b881efee09a67e6b3fdd9de23e64eb8811d52604d9923	20.63%	Heodo
2020-12-22	DILKG7KN.doc	doc	ca5ed41e13462908c3e7441204044d8519693a667e88e9ffff1cc566247f915f	19.23%	Heodo
2020-12-22	B3QKJ7.doc	doc	ea9e0d2591e09cdea3ac66cbd5410ca96f9bbb033f240fd580c71854292003b9	n/a	Heodo
2020-12-22	E987PE55KUTA9H.doc	doc	77b8248db026c5f3e993c6791b25c26813cacf0f6d1f9daa56d1f570b324bdcf	n/a	Heodo
2020-12-22	RLC7Q81DES3M.doc	doc	0e0a8e32415a80ba95b8af747d13f3b6312498145d1677df7641ba3c9cf8e9b6	n/a	Heodo
2020-12-22	F4JVMUYTG4P9JQGY.doc	doc	ffce79e8ecfa61f2f82aa9b40d611c100e6cd68cde6fc34b012ebbd21750908d	19.05%	Heodo
2020-12-22	52FA2O10KV1NDX.doc	doc	1d5cf0fff53e0485bae46b34b71fc4b886376d458e91b8eb88a04296f36f9aad	n/a	Heodo
2020-12-22	3LKGBAW.doc	doc	755b0648467884ea407cb2be70ee59bdff597edec6e149816e553134e25aaf54	20.63%	Heodo
2020-12-22	MZ31AJTO.doc	doc	964002e25b6ff27acd3902a75ecc4293ba67968a23055e94748a0ba2c31c8d78	21.67%	Heodo
2020-12-22	13YSE04URD.doc	doc	bcac6e544a85109fa2e8fcfa76dd269f02ff7b933aceb784575da053e1f940dd	n/a	Heodo
2020-12-22	SCL5K3JKAF.doc	doc	3cf79aa67b9b74d228fd5e8d25633f13d2282edaa63d6ebc02bc95d05ed4ef45	19.05%	Heodo
2020-12-22	D6HWD694.doc	doc	53349be9f04bd91fc2896163434923295124f86d9f8cec1d0c6a244cc15bde9d	n/a	Heodo
2020-12-22	G41YMWURU6S.doc	doc	339e0730197932c60c9905a6ef13b72d5308cb38a9965cd3b4e5eb4a3999665a	42.86%	Heodo
2020-12-22	V0QX4D2GAJX2OUE.doc	doc	cf6c363eb34d0c34ebdf5b4e79c44e7bbf6a2831b189f929102e3da045fd0b26	n/a	Heodo
2020-12-22	OBA6AGOW7W3G81N.doc	doc	6191dcfff06f36e7ae3ffab9272718d60482913bac94ce985ce8a5eaca930e26	43.55%	Heodo
2020-12-22	UVZ35G1NH2X.doc	doc	b0116ad85e9336df147a793ad30d615386ccf2df1095c8cf30ada653b5349f3e	n/a	Heodo
2020-12-22	7KG2ZGD6SZZV.doc	doc	46d74826799bc3bea6197713c8b199ed1faed920028c4d3acc7cbcc186276b6f	n/a	Heodo
2020-12-22	KMS0W45KK.doc	doc	0bf21df6643e15a9eadc034f6e7bb35aa9d1b1433bad331c1944fe60418e23b7	n/a	Heodo
2020-12-22	23P7S01RQUCU.doc	doc	6f31c56a8ea0949ade1a3cabc55e00d367bb073cfaf7f1b447258c79483910f4	38.10%	Heodo
2020-12-22	1EGP3T.doc	doc	f8a293a233f791740b03d5e9f763edbe9ce5b7118b45986d500a6951716f52c5	n/a	Heodo
2020-12-22	YPNEQFH24K.doc	doc	a85281de5e12bffcd8f98cb6280e13cfd6223c6325cffc92d80ee618c167bc2a	34.92%	Heodo
2020-12-22	TF0U00TC9QM7.doc	doc	d119b2da995343a322c42995a220a5d61f07c6fd252ce79a3ece58d89bb66690	n/a	Heodo
2020-12-22	VDABH3HEVU.doc	doc	b7bad120c0c3ba7ed2881c98fc26104cefee58148b7c5850ceb87b683595f2a8	n/a	Heodo
2020-12-22	D9A7FLHR6Q.doc	doc	f1d7afa9f6fa472313a13e477f62a40c8a9bd241db908f877589ba665eb6fbdb	34.92%	Heodo
2020-12-22	CF7PIT.doc	doc	65ee3709af3223578ca9630bd211afca9a02224398426e501095c895e24f7443	n/a	Heodo
2020-12-22	K3JMTO4FTAIOFX.doc	doc	110c702523b61a449c85889be0f1f3a8b2c0375bc3de47eb9051189eabd03445	n/a	Heodo
2020-12-22	GSSV5CSX8NF8N6K.doc	doc	7ec200a834392208ae8521c4804d11ff669137b4265b732a17660527ccf3cf36	36.51%	Heodo
2020-12-22	OZOJYIPUY3RJCS.doc	doc	f5d52678316f377c59a3f063b29a06a415106d5833d1786533d7abb7e27008ce	n/a	Heodo
2020-12-22	8QT1T4F.doc	doc	2eb890f47074a802abff73fabb722541ca607ff36a0139e4d236e875191e0078	36.51%	Heodo
2020-12-22	JAAUNX6K.doc	doc	551910c092733b7324c377351583667a6389e76f8e36f1ee73c82d354f970cbc	36.51%	Heodo
2020-12-22	X8IVLH91ZYRK5K.doc	doc	7be2388880d2ad20b0cfa616a726d7c91d2904da8f3f8ad4d2236d3c79e935fc	n/a	Heodo
2020-12-22	ZV707C3569P.doc	doc	44567a5fc7455899c29966d8b05b823a60aa48487ed47b4ee9262fbd73bb6a1d	34.92%	Heodo
2020-12-22	9F0CR05X5F.doc	doc	0e67b99a7e91109c9be68c97620b8f63d5c572404114291b27c995cd5c11dacd	33.33%	Heodo
2020-12-22	0S9AQVBEBR.doc	doc	6e64c93e0929da5ff396df56de2ba50ef16098d90feea49e0a1973edb6dd4238	31.75%	Heodo
2020-12-22	FJ55B0MD.doc	doc	33b84c4e55798d0445fa4926f79f35d6b12ed272eda6f6686060a47bf22c39c1	n/a	Heodo
2020-12-22	JO2SV7B5.doc	doc	3ffaf475cb8655c59598f2c4591efaf0b153a52173bfb3a63c238008edb72201	n/a	Heodo
2020-12-22	HKH8TJT5M1M3JQ0H.doc	doc	5bdc116f61159b0fdf12780d8228204288849c12c8cd79641e3061b1c4a8c0c0	n/a	Heodo
2020-12-22	8KK9C5WR3JOAYSYH.doc	doc	02170586397abeca0120b55a547fd80c877eb800f02d55c6aad2473b369f0a3d	31.75%	Heodo
2020-12-22	5NY21QDBON.doc	doc	d5dc56815cb0e2bdfb9aab908416e5a1c526270f5143e0d6c3660a8ee172bb95	n/a	Heodo
2020-12-22	ITWZ6RKAEKJ1M.doc	doc	5149cb89cfadd9c7f7be6ff7dcd70eecba452c53d75bd5622bbb334b4ae587df	n/a	Heodo
2020-12-22	Q2384MT8XV.doc	doc	a920635eb94e7e0d4add7880d523b5d55170d97bed0841dfc32e8ee4657c6106	n/a	Heodo
2020-12-22	HU0N1MW8V.doc	doc	c6d1e6d03923c2176caab866a4f9253b45abd995a55bbde304bef7eff2d7189e	n/a	Heodo
2020-12-22	G5MYBWEEQKTO.doc	doc	a442c1871b5de54fb33fa28cd9a9f5b898ba0490d6bd20f09259b15bb81f9ad8	n/a	Heodo
2020-12-22	AMUIHZU.doc	doc	7184f7e66d9b0566e48729543b3757f4f8ba91165a370d05ff5f9165d59aad8a	47.62%	Heodo
2020-12-22	CRO2D3JCWWLRG2.doc	doc	8c609a2a6e8a0753a2e8749e054a04f699c4bc379523bf3029413cc4f61163c8	n/a	Heodo
2020-12-22	WX4TQ9Z3ZD85T.doc	doc	179c65c6aae9e8a8896992f0857998ef7e72fe3ca772839399d9185a8fe328d1	n/a	Heodo
2020-12-22	D6QECER66BXN.doc	doc	7f0db28f42defa949deca1a03ba0d33617c04b5e114e187e9b65b67639d750b7	n/a	Heodo
2020-12-22	AMQDQ9B453K47.doc	doc	419de57605bb9474687edcff1207a053c0da9c08c58d7ad4671981603cc08743	n/a	Heodo
2020-12-22	PT82TGK.doc	doc	2e2845f894af1842a98bb01b55cf68757e6c573d1d97c11cf41818de4a70f82b	46.77%	Heodo
2020-12-22	I8910CWW.doc	doc	ba2bc32f4daa30fda2e05c5960a6a160167101889384e98690e6abbeff973434	n/a	Heodo
2020-12-22	LXTTBJ7HVH07WUA.doc	doc	6adf12a084ccf2eb6dd19a35742a35f03bcba878416ef83b9c520e17d55ac329	50.00%	Heodo
2020-12-22	8W49V4MYGXAHI.doc	doc	173291cf73cc4f82f9a217cbdcc192f4e0b7557e7068133ce2231a023a47ad28	47.54%	Heodo
2020-12-22	Y5BCFX3VRH47.doc	doc	6c26774c4763bbbc05c970dbe0b96045fefbdffc80c2d7878e8ca8089f0215c9	n/a	Heodo
2020-12-22	OTNDP6LY.doc	doc	cff7b2d4fb395de88b4c8494f75e925c14e735c01f9a79572938f9c6c7f590a3	n/a	Heodo
2020-12-22	R1FN51WTABZM6.doc	doc	45defa35954d6268fe26f6ffec131a6de427af2f682079ef11852a33ff1db07d	46.03%	Heodo
2020-12-22	TCIMST.doc	doc	97f5f7f2c37a21e2f3934ceabe0df7eea42d7925f1b3a4e9a194fa005509dcc3	37.10%	Heodo
2020-12-22	16R5MG.doc	doc	47d01951e8e4d0425373658359ab6e4e764c29adf9f0a674dc51fc859ee31719	46.77%	Heodo
2020-12-22	RH67VDRBOG.doc	doc	939b74068ba5fe714a61e87a3acba52787684f19bc611654a6fc2a644adb57a3	n/a	Heodo
2020-12-22	TCI673Z9SMIREJF.doc	doc	4be32fc9457cb3575d9f59665e4d11c4625dd3bff4cc13ff2f25aa739753173b	n/a	Heodo
2020-12-22	KC851JLE1TH.doc	doc	9eaf41a79c3932d4be36d56a7b01c16f4bc4ae8d3df11291ba46f7e2dc784627	n/a	Heodo
2020-12-21	7DWXPEY2L.doc	doc	474bdf90e53ddd00548e4df1cb15832ba181a53459588ce07109ac9d69f7ae4d	n/a	Heodo
2020-12-21	8PT6JT.doc	doc	1b6b2ecc603828983b205c802ab3f8d0dda28658c0a31afc6aaff4024f2c161b	n/a	Heodo
2020-12-21	QE7QVOOA2.doc	doc	798206f85b1ad48e7117fee89bc496a003d67f0b2079a39f3d80d975e8f20c78	37.10%	Heodo
2020-12-21	Y8L0BM8.doc	doc	aefe4fff4d754c7faf5c1ba8e33586ac4732827c66e5621c0fe5a711895657c2	n/a	Heodo
2020-12-21	P4XOZZC.doc	doc	6b9afe970bb694103361869b06997d0fa20992aa4766075b64eaf4667d60a091	38.10%	Heodo
2020-12-21	UNCJ6IVWBESGZ.doc	doc	199329cd5b35fa9650fa7ddb3597cc3c1c1e88242b94558bda89b7aa7bd6c463	38.10%	Heodo
2020-12-21	47NQBDHDDWPAK2.doc	doc	64db024b0457fea3b182aa36675d4e6049ef7119c4eea836b295ccc90c3a4301	38.10%	Heodo