URLhaus Database

You are currently viewing the URLhaus database entry for http://memoria.od.ua/wp-admin/ZRDEhBKxgf/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938375
URL: http://memoria.od.ua/wp-admin/ZRDEhBKxgf/
URL Status:Offline
Host: memoria.od.ua
Date added:2020-12-22 13:50:06 UTC
Last online:2020-12-23 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 13:52:07 UTC to network{at}abuse[dot]team)
Takedown time:20 hours, 40 minutes Good (down since 2020-12-23 10:32:42 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-233ABZIDX1.docdoc d5231db757615d38ce982ea1272ef281efc93dc8105418c890e8f9e59d76ef0dn/aHeodo
2020-12-23TC3FIFGECQNRAA.docdoc d03bdc5b9f72efd01d6cb79bfb3a1a2abb46914234af6d3439f4879a1af9d35bn/aHeodo
2020-12-23ELNJSMS11.docdoc f989bb90fd752549af52988b47a9cf55638f97c26ea723457efd21cdab409da5n/aHeodo
2020-12-23ULVWNRTP27T6EN7C.docdoc 318cf158cf886f17e7e947feaaf989f25e514c91bec35e9dcca2a4f2ef4baa95n/aHeodo
2020-12-234KPE8ADBGOQ14GZN.docdoc a8a5d52ccfe6f7bcc1ef7c99087ec90083ea7e3851e760b0653bd4189d54bc9en/aHeodo
2020-12-23303AME.docdoc c898ba3b4b1aca5d2efd05461649b507dfcde6110220f4ed3380afa426b3f2dbn/aHeodo
2020-12-23XNKMEDBV3F.docdoc f0a4ee510f94aaef257225740c62c4a65b2da3ced23ca6b1513b9fbe11fd3cd8n/aHeodo
2020-12-23RCD397MPHRS117.docdoc 60029fa95c17ba479a9ed424abc3a3f684111997424360741b67de478d0bcd4dVirustotal results 20.63%Heodo
2020-12-23EGO3IUPR.docdoc 1b1cb32d2f4a43f7bd1699dd46b55f8deed32e31065c9f13c69f2610b96d41c6Virustotal results 40.32%Heodo
2020-12-23RIKR13WXEL5.docdoc 56355a08b488d103b9a4d6226e1cf2cac8bfdc7381febb47feec6b0eff3ac332Virustotal results 41.27%Heodo
2020-12-2312MN2KMX6PUJ.docdoc 77476e25aa9034df5f54eb93a92ea7144c57945b92eed68b1956044666957d33n/aHeodo
2020-12-235NBVVS9R77886B.docdoc dad7761c55d0c4eb6fbd18182bab52f99242f7107fdf629b056cb6965ba073ceVirustotal results 39.68%Heodo
2020-12-235F4EJUGKYBGEHAN.docdoc e269c87f3edd655d2fa4f379bac4ddee2c652386ccd598daf260157b1b9c033cVirustotal results 41.27%Heodo
2020-12-23RVNYW9Q0YTNJ6.docdoc 2bed788f0ae4910b2b76b0d6a72af5f76811598705f59de52684ab9f99ca1fa3Virustotal results 41.27%Heodo
2020-12-23Y2S0WNG5SMUACMG.docdoc b1094f6feb1a423a3b72309f5d023edd3d9509d5444912064029530fe0e8842cn/aHeodo
2020-12-23XG4P24Y.docdoc 70cd2d38d41ecad15addac25c6e09641cce2f946161ecf261e639a09576ecb8bn/aHeodo
2020-12-23NAK4BW5IXXG0JJ.docdoc b534c439ac7a89c6af82331ebd70e5b5ce5e13a2e871bb7ab122b00004605e97Virustotal results 36.51%Heodo
2020-12-23S1J15NEY9Y.docdoc 14b878d7208fdf92d601e33a77f38b05f586c568ff44cf3e7e73b8b2e1dadad6Virustotal results 31.75%Heodo
2020-12-2312OB4WU.docdoc 68e9fac6a7996f04c150777aec9f02864a62b4c0d59675625c1801a231461a0bVirustotal results 34.92%Heodo
2020-12-23P43RO80.docdoc 15cb67d0f913bc719642e9e5e394958d9c89afa25bc408bb42c593b9fc43cd58n/aHeodo
2020-12-23DKLX2NL.docdoc cd26f4220386d91ffb1a0233ece99c207f4335aab6a4c6227d64756f16500ef7n/aHeodo
2020-12-23EWA488X40.docdoc e9c79c389f9e0132834f2da34cf19158e44330446302146e5636b0516d65ed51n/aHeodo
2020-12-23TNTOB24ZL4.docdoc ef1b1013a1aee1aea1889ea4f3f736bac21dca5f8d940f13dbd2c332a8c8ac69Virustotal results 30.16%Heodo
2020-12-23L6TVYH.docdoc 6983d0de072547b29fe27502cd474096e7831a387d6980280fd1519c1cd86025n/aHeodo
2020-12-237E1LQD545Q5H4UG.docdoc ba96b09e7eeac72b4363f7b0749f36b0f3b68ecb4b3c40462d0f9d426b4cb483n/aHeodo
2020-12-23XY6KKDFHF.docdoc 05c767b8eb10af233636947b37552012edd704f98de99f200ed4774e8c9b736en/aHeodo
2020-12-233HSLTJOQZCMZ.docdoc e56e47b889fb43e8b9f183ee7abca3a349cede2826008e189de20df4b7bb481cn/aHeodo
2020-12-231OTEN4OVDMD6BM.docdoc 9c7952a624d186c2b830ab71d66e1e4369b998c0cfbf98bbc7530f5369530000Virustotal results 27.42%Heodo
2020-12-23TTEDBA67ADLYI5UK.docdoc 34754f71c9d37d965839231746871e3afcd7cc6d4a4515dffcf6fff4c8e7b739Virustotal results 26.23%Heodo
2020-12-23KAMAM72DCN1ZL.docdoc 1a0263e1f86a9148e3b7434c12cc232b3a3c92df63c0aa48641c627e87949106Virustotal results 26.98%Heodo
2020-12-2370C87N61L0.docdoc 31f327ab8307786ee50af20aaf5c4c2b6ecc974b69a584c78a2dce04fe5d327en/aHeodo
2020-12-23QKAJ1CR0NL3N.docdoc c693baac5d3227d362a0fe99ad187c18cde1f45a404c94c881d424023303a744Virustotal results 27.42%Heodo
2020-12-230CPR98O3D8NLN.docdoc d4b572062438c3b6331322be310ee0209e104c180931c63dab258983c69f6dadn/aHeodo
2020-12-231KS86VDMJE5KJ18.docdoc 64e04bddf27b3d535ea895f4dc08267a98a4c401edadc68e3caf7f6f850c4f64Virustotal results 25.40%Heodo
2020-12-22QQF6SMEK9.docdoc 000b049debe1595e96d46d2cb910795e269d9d3f1b3210bfa45901356b3b3b3aVirustotal results 25.81%Heodo
2020-12-22OL7YHK9T3DT.docdoc 80565ed0ada236540991976a90ebc0b137d35995ba34993db276fd2808832950n/aHeodo
2020-12-22H9B2AJRH7ASE0U1L.docdoc 32dbb92d892c9f50e99fc70db5b9f3efe0721a6464984a3f84e6592cda81684cn/aHeodo
2020-12-22RSHDWKQ.docdoc 54a40564f1605df3d177f233fb61ed59c38f1c8adea1284aab637fed81289a4dn/aHeodo
2020-12-22MZDH0NKZNH.docdoc b88940065daeda56e1e49c0db60c1e275b39e435f83b785742242104d173a57an/aHeodo
2020-12-22OGO2J70.docdoc 46935fc92d4e420a9f07c05550f0eb53c8ccff96b0f5fac35b1c8e716ed81ff5Virustotal results 22.95%Heodo
2020-12-22W53XI26COVWWAZ.docdoc 2d523850bbd1d5abcaf76fcaceba272f038d954a97263941a3375c3301a1e2eeVirustotal results 20.63%Heodo
2020-12-22C29QJP0.docdoc e2e85f53c26daaa6cc7e1fe602e51f272ac256cc0c23725350d37b4a5a888520n/aHeodo
2020-12-22XJQD15YV7230.docdoc 3a6a1a101ff166519b8b881efee09a67e6b3fdd9de23e64eb8811d52604d9923n/aHeodo
2020-12-22UI1LJQZ.docdoc ca5ed41e13462908c3e7441204044d8519693a667e88e9ffff1cc566247f915fVirustotal results 20.63%Heodo
2020-12-2227DWZV.docdoc 0afaf6e440bc0e03442ed8eb75f681526dd7f4c0fe9ac2f21b5e77401ea41960n/aHeodo
2020-12-22I9QEB869UMTZ7PU.docdoc ac4a11a17747f0db974bbb343bdf32d636c82bc667c3223c23567faab4377eccVirustotal results 22.58%Heodo
2020-12-22WXIE82R.docdoc fdae3e00f4bbdb0f496d2b32042e4e5ceb4c10422ae4c809777f5677e0f4a2eeVirustotal results 20.97%Heodo
2020-12-22SKKRHFSK3N3F.docdoc 4f5599c715d0f5df48a422eccd4a26ea4241f806855c3ef36fcc7db874c976d6n/aHeodo
2020-12-229CY3XCSY.docdoc ffce79e8ecfa61f2f82aa9b40d611c100e6cd68cde6fc34b012ebbd21750908dVirustotal results 19.05%Heodo
2020-12-22KPT3WG.docdoc dd82b52d79bb68812fe7c148c7b28404b63b2fc1fd843d57c05f546f44a9a2a2Virustotal results 19.35%Heodo
2020-12-22O7JYC2QHKFI1.docdoc e50ca86a89c2be0f4e271feba71c17c73e846bfdfc1f3ebd69d442f098acc0a0Virustotal results 20.00%Heodo
2020-12-22LROIF3BT.docdoc de3fdb0bc2ccdff9476b876a3296cac1568293ab714ff3ef72e020df11bf809fVirustotal results 19.05%Heodo
2020-12-22PTMXSVYH.docdoc b5cabad4213a8d3f738e1ad1145a3130b3f5fe2739bcb8e5aa1f1ac3fa3fcd7cn/aHeodo
2020-12-2260GL1B.docdoc 94d3022d541dd9f7fa1fb496c3d9250c9a01ba8d0f0af54c3215eac9f8b22de3n/aHeodo
2020-12-222F1QMN.docdoc 636b5138fc52da9fd4cc02ade2b4dc4986baf4b8614fec61d464e4a55f8e7e22n/aHeodo
2020-12-22CTU1OX2LP.docdoc 53349be9f04bd91fc2896163434923295124f86d9f8cec1d0c6a244cc15bde9dn/aHeodo
2020-12-22DS3TLHMJLPHI.docdoc 339e0730197932c60c9905a6ef13b72d5308cb38a9965cd3b4e5eb4a3999665an/aHeodo
2020-12-22HSK5G9LNAP8DR01.docdoc d86732f28284b8dbef93bd8eeee3150fa2696a1ccc22d520bd82a2a53c58c32bn/aHeodo
2020-12-22PTCDSFR.docdoc 6191dcfff06f36e7ae3ffab9272718d60482913bac94ce985ce8a5eaca930e26Virustotal results 43.55%Heodo
2020-12-2294XIJU4XRX8.docdoc b0116ad85e9336df147a793ad30d615386ccf2df1095c8cf30ada653b5349f3eVirustotal results 42.62%Heodo
2020-12-223GXLYRJB.docdoc 258bf32591a0ac34fc68c8d36075c55b6f45b79eaaf16e3e853ba48e90a3a220Virustotal results 42.62%Heodo
2020-12-226DH6MS9LL.docdoc f263f7f7759848e0f9900bddc71fccc212d9432b745154fb9529ec701034a945Virustotal results 38.10%Heodo
2020-12-22Y3KP6QIOOIAGD.docdoc 14bd83ddc0151fe3a56edd4209b619cd49a7ec1d198bb98d31972295a7b0375an/aHeodo
2020-12-22IZWI86H7AO.docdoc b4c8d5a38d5092e1a4eeb1e2f9026fa956a251e0cca6351095aed595ecc4d8e2n/aHeodo
2020-12-22CF8J97.docdoc a85281de5e12bffcd8f98cb6280e13cfd6223c6325cffc92d80ee618c167bc2aVirustotal results 34.92%Heodo
2020-12-226C0S8CRFS.docdoc 2b9c863d07937c6130c145012febf915401100b8a7e5361cd8244ba88af53411Virustotal results 34.92%Heodo