URLhaus Database

You are currently viewing the URLhaus database entry for http://c2030920.ferozo.com/wp-admin/Pages/dn4o6wv-000106/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	938543
URL:	http://c2030920.ferozo.com/wp-admin/Pages/dn4o6wv-000106/
URL Status:	Offline
Host:	c2030920.ferozo.com
Date added:	2020-12-22 15:16:06 UTC
Last online:	2021-01-02 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-12-22 15:18:02 UTC to abuse{at}hostmar[dot]com,abuse{at}dattatec[dot]com,pablo[dot]pepe{at}adinet[dot]com[dot]uy)
Takedown time:	10 days, 15 hours, 1 minutes (down since 2021-01-02 06:19:03 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-12-22	A00167 invoicing.doc	doc	a61add91d1ec99ec85463137cdefd5a4f56e2bc5885b00b4fdb840347ed6ab4e	44.44%	Heodo
2020-12-22	INV_8441367.doc	doc	30d56d06b947aba6ecfa058183c5fad6b250325945d19cbb9c4191b2a9249d36	43.55%	Heodo
2020-12-22	oVoe-120120.doc	doc	7e0b05e8d4dc42b832663c04f4469ac41f74b9ff05b2caa1d6b276ec59f07161	n/a	Heodo
2020-12-22	23025-122220.doc	doc	2ffc9f79ad944ebdb8ebb057f3e82c6a20b40ac745f0ecb3a3beb0fcddf186a4	n/a	Heodo
2020-12-22	Payment.doc	doc	e6db5129c4003a3f71604d209d5259c882bf45554568174daebf8c248f99d4ce	n/a	Heodo
2020-12-22	December Invoice.doc	doc	c6d8d0a96a53cb9daa207f66116c20fba8be3dc5688f7d3d82adcc5326fdaf85	n/a	Heodo
2020-12-22	003357979.doc	doc	1dc9c5d757f9cb44653cbffb54a18b1b31dcdd57c7bdfeec27657a1e3a79e780	43.55%	Heodo
2020-12-22	275646.doc	doc	433cd2c38481dc6be09746f4ffac36778ed6bc6100c067015eb859b629395a51	n/a	Heodo
2020-12-22	form.doc	doc	12f838b1c2ed2f0cb4894b0b914b4492a91c20081f537c1590abb5c60b9994cb	39.68%	Heodo
2020-12-22	invoice #19259.doc	doc	06d3a58c494933212a50a74bc3fec36b14dc5716574b6793f3b41117371cafb9	n/a	Heodo
2020-12-22	Electronic form.doc	doc	2df9d5b2d6e0c788ba630c2fcadfd27aedc488e931c33401567bf11e5307cf46	n/a	Heodo
2020-12-22	Invoice.doc	doc	21086a62f51bb063e6518741af97816c699b19a7f02b914a9121c978959f5892	n/a	Heodo
2020-12-22	YZ06 invoicing.doc	doc	4a3df0fb379f1f2d8ff39c331e9c6fa59ce855cd07767ffb53adbdb9d3f9f2d4	n/a	Heodo
2020-12-22	34803-122220.doc	doc	c208905a5556a4569cfd60444a64ddbd2d6b9fc6c3c027369fe90ddd7a1dd953	40.32%	Heodo
2020-12-22	7703220808JrS.doc	doc	9c8fa69bad491103df4b3b4120c63eacc1b0d1d084009f9c2c61dceb5fbe308b	n/a	Heodo
2020-12-22	NI0304853417CG.doc	doc	53acfe21fbd1ee22493a6eebbf0895b5f7baeaeaba30e87fb5eb642ce75a92e8	n/a	Heodo
2020-12-22	Payment.doc	doc	300174da0440159106a4ee540f8183c413b43a83f3ba96ce67080028cbea72a4	n/a	Heodo
2020-12-22	Inv_9378294.doc	doc	0ec7c335fe985e29cdbb3b9cfcae0887c27bcd7ac130c3286c554006e88b689b	n/a	Heodo
2020-12-22	Invoice.doc	doc	28faddecfcca7d014e60a03fd443dac1d8fe976d444ab29f6072a2aa5c2224f2	n/a	Heodo