URLhaus Database

You are currently viewing the URLhaus database entry for http://medistaffconsulting.com/crm/vendor/dnoegel/sitemap/0ja8dZBFnYbMnMQ6avLE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:937143
URL: http://medistaffconsulting.com/crm/vendor/dnoegel/sitemap/0ja8dZBFnYbMnMQ6avLE/
URL Status:Offline
Host: medistaffconsulting.com
Date added:2020-12-22 04:29:07 UTC
Last online:2021-07-08 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU003188503 created on 2020-12-22 04:30:10 UTC)
Takedown time:6 months, 18 days, 5 hours, 42 minutes Bad (down since 2021-07-08 10:12:26 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-07-06HIDFVY8ZL1Q652D.docdoc ac5894b81827798c5b11001841b35cd3dd42c63e393e4a30b698b557547a21b9n/a Heodo
2021-02-25HIDFVY8ZL1Q652D.docdoc 636b5138fc52da9fd4cc02ade2b4dc4986baf4b8614fec61d464e4a55f8e7e22Virustotal results 73.02%Heodo
2020-12-22XNCXZENQ17JGI4.docdoc 3cf79aa67b9b74d228fd5e8d25633f13d2282edaa63d6ebc02bc95d05ed4ef45n/aHeodo
2020-12-22OTVK5QKBAIA3AFE.docdoc 4665b18e5944f23543e9221d4726aac54759376ebfec0ef20574655e71d77076n/aHeodo
2020-12-226ANZ33V.docdoc f9cde2aedc4f7b8ed8a2795c97febd0fa0caf980946d9d19819e7ba870f2ac23Virustotal results 44.26%Heodo
2020-12-22E8HNQ9VCVSC.docdoc 7f7cfdf40853bbfed2268dc75e4981abae04045ef5571e0de2bb61f69578991dn/aHeodo
2020-12-22HGKIGVEAAE.docdoc bf2ae834cdd9922e4bdcaafc55df970218a97969f7e1afbab54f80c4e00f53d0Virustotal results 42.86%Heodo
2020-12-22XSRFBZUAPJGTJDT.docdoc 5961f5f44cedfac8a1de3568cdad7e244f181b87395cdcc5f31e7d102457cdc0Virustotal results 42.86%Heodo
2020-12-22ADNL8YH4VP7.docdoc 0bf21df6643e15a9eadc034f6e7bb35aa9d1b1433bad331c1944fe60418e23b7n/aHeodo
2020-12-228DUTYYJ.docdoc 6f31c56a8ea0949ade1a3cabc55e00d367bb073cfaf7f1b447258c79483910f4Virustotal results 38.10%Heodo
2020-12-22WJOFCVTF.docdoc f8a293a233f791740b03d5e9f763edbe9ce5b7118b45986d500a6951716f52c5n/aHeodo
2020-12-22P2T5TH5HO86J.docdoc 884af4ef4c4cce6b4b6d059a23ddacf8aeb92b68fbb4dcedfbaae3352f1fc5cdn/aHeodo
2020-12-22PYUV85R7K3PUQB1.docdoc ff2954eadcc20b415743bd17518e46bff0bd81c42bafb57b28eba3bed664b041n/aHeodo
2020-12-22N2AKDHZKGBFX8.docdoc d314d90e4d1d49a5c8c82aa438c7c5c4be663a4f68879244a87adfffe358f8b0Virustotal results 35.48%Heodo
2020-12-22FA4ELCDG22C3PG.docdoc 65ee3709af3223578ca9630bd211afca9a02224398426e501095c895e24f7443Virustotal results 34.92%Heodo
2020-12-22K4CB2ZKYQJ2V9.docdoc 6e80cf87bd4ef21287958848ca5250a78cf17cf17f09a9b1b11cd37a01a24202Virustotal results 35.48%Heodo
2020-12-22OPEGLAU.docdoc 7ec200a834392208ae8521c4804d11ff669137b4265b732a17660527ccf3cf36Virustotal results 36.51%Heodo
2020-12-22YH2ATN1.docdoc f5d52678316f377c59a3f063b29a06a415106d5833d1786533d7abb7e27008ceVirustotal results 35.48%Heodo
2020-12-22PU0X0O.docdoc 2eb890f47074a802abff73fabb722541ca607ff36a0139e4d236e875191e0078Virustotal results 36.51%Heodo
2020-12-22WC73MSYU8E6PZ.docdoc 5d45aae2fb42f515daf99e0df859fe8fb728ded811e109bb5221a8b34bcaaed4Virustotal results 36.51%Heodo
2020-12-22LH5JXNYTMQ.docdoc 7be2388880d2ad20b0cfa616a726d7c91d2904da8f3f8ad4d2236d3c79e935fcVirustotal results 36.51%Heodo
2020-12-22DM2EHIPC8Q.docdoc 8d81a91518edb9064843167a920609e56978183e85642ee805484047d2629808n/aHeodo
2020-12-22P6D9L73HWVWPXUE.docdoc 0e67b99a7e91109c9be68c97620b8f63d5c572404114291b27c995cd5c11dacdVirustotal results 33.33%Heodo
2020-12-221K0HC7VJ266ZO3I.docdoc 9715569196b0c4f0928ad28a0d6bd5cbda2ea599848b47d1850ab6ef01a1e794Virustotal results 32.26%Heodo
2020-12-22CWX1B3JUF.docdoc 9720a3e0e322e5daf89a2d48916ae17a8d58eadcf34fdbddd7955ecf2d7007e8n/aHeodo
2020-12-221G4LYXREDVQ.docdoc 25bd13d9a80088dbbe9b25b17b02c4d26ce6b73543cdbb3ae67c67c0e34476bcn/aHeodo
2020-12-22FFY0D30BH2Y.docdoc 32fbae9d70e182a0fb8050fd163d5d96e7a269a462d2f0d98c9ad301a56be59fn/aHeodo
2020-12-22UTFYIRSPVW.docdoc ff2576fe2ef3d0e73e1b95e7283535cf0d6874a1da73b31c6c320f25ac2a4245n/aHeodo
2020-12-22TFUGQXBBGBOLAEQY.docdoc 10b2c41404b05b905ff8ca14da050e9a25a7c6297bddb80244d9cd437fca5072n/aHeodo
2020-12-228K9O9O72H8G2FRB2.docdoc 88fe3304f1bbeb960cee2ff158f1c2963c0e97a2b2fdabb36a994b35b067b934n/aHeodo
2020-12-22DPCZWWJV4LZ48SK8.docdoc 5149cb89cfadd9c7f7be6ff7dcd70eecba452c53d75bd5622bbb334b4ae587dfn/aHeodo
2020-12-22PZS7BLX.docdoc 84cf4c558338a12f5d9f1f20afeb3274bc5d00040853be55fb98f87eaff8b3c9Virustotal results 31.75%Heodo
2020-12-22JDJAIDJMIIJ.docdoc 776b2b58c63e7f8a7fb02fa5b3417b23424f00e19b62cc13de945804930442b3Virustotal results 29.03%Heodo
2020-12-22WTM09J9V.docdoc 562201ebef7e65ec5ed8ece1ee219e52ef2e52185d84ebdcd628ee7cfa29d3d9n/aHeodo
2020-12-22V1Z55KA.docdoc 5107a8bea0eaf25e9678f18390225717dd772522a6645b195e40d9e9214f058bn/aHeodo
2020-12-2258FFTZ9TH4OLC.docdoc e832702bcd4a1bc593af89baf3e22083205d412a049797b164db2d6177678325n/aHeodo
2020-12-22DS8SPALDI2Z576.docdoc 179c65c6aae9e8a8896992f0857998ef7e72fe3ca772839399d9185a8fe328d1Virustotal results 49.21%Heodo
2020-12-225EMW6VQA3UZ.docdoc 7f0db28f42defa949deca1a03ba0d33617c04b5e114e187e9b65b67639d750b7n/aHeodo
2020-12-225KNADH8T8K.docdoc 419de57605bb9474687edcff1207a053c0da9c08c58d7ad4671981603cc08743Virustotal results 47.62%Heodo