URLhaus Database

You are currently viewing the URLhaus database entry for http://lacigognedelily.com/cdle-unemployment-qsnl5/XiSfW6I/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938157
URL: http://lacigognedelily.com/cdle-unemployment-qsnl5/XiSfW6I/
URL Status:Offline
Host: lacigognedelily.com
Date added:2020-12-22 12:13:03 UTC
Last online:2020-12-22 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2020-12-22 12:14:05 UTC to abuse{at}ovh[dot]net)
Takedown time:4 hours, 59 minutes Good (down since 2020-12-22 17:13:34 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-229CJ003679JF5.docdoc a8c1f150daab98147a293aac050fee6728d4f7a1a2e2756967902641234b4ec0Virustotal results 40.32%Heodo
2020-12-22BMAM6F5.docdoc 942e084f202a3423e74c8d347b68accfea9d0379d76ec084dcde6260b4032e65n/aHeodo
2020-12-22QOLLJA21I26USMTF.docdoc 6f31c56a8ea0949ade1a3cabc55e00d367bb073cfaf7f1b447258c79483910f4n/aHeodo
2020-12-22EMS04MTB.docdoc 0906ccd9d06e96d68c703f978adce40508265b51032f906a9d16c86e0194f779n/aHeodo
2020-12-227T0M5PO5HX8.docdoc be0dbaaec3415c76acd2fa6e9c3969d8bf86f058be7e69e357518e173ba4d246Virustotal results 33.87%Heodo
2020-12-225M04DV62DE6QJ.docdoc 2b9c863d07937c6130c145012febf915401100b8a7e5361cd8244ba88af53411Virustotal results 34.92%Heodo
2020-12-22JLDFTEP5GINPR.docdoc a93bf1dae053588d5f7174c570551c0345f3aa682c6ff34789661370833c6c8en/aHeodo
2020-12-226C3L0RK6HV.docdoc 0334ec20d13ffa407ac139926ba5f520502351288061eca20ca7d31cc9100d26n/aHeodo
2020-12-22X5CDYAI8IYYB2CU8.docdoc 110c702523b61a449c85889be0f1f3a8b2c0375bc3de47eb9051189eabd03445Virustotal results 34.92%Heodo
2020-12-22ZI5QA87.docdoc da6ae027905e668507b86b9b9b4dd2dc2585d7ac3cb4800e01b88c63796e89ecVirustotal results 35.48%Heodo
2020-12-22UJ2JZX3.docdoc 7ec200a834392208ae8521c4804d11ff669137b4265b732a17660527ccf3cf36Virustotal results 36.51%Heodo
2020-12-224BQOFLRVD197.docdoc f5d52678316f377c59a3f063b29a06a415106d5833d1786533d7abb7e27008ceVirustotal results 35.48%Heodo