URLhaus Database

You are currently viewing the URLhaus database entry for http://confidentcaredentistry.com/cgi-bin/byph0sw1v-0006356/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938562
URL: http://confidentcaredentistry.com/cgi-bin/byph0sw1v-0006356/
URL Status:Offline
Host: confidentcaredentistry.com
Date added:2020-12-22 15:22:05 UTC
Last online:2021-01-04 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 15:24:04 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:12 days, 23 hours, 48 minutes Bad (down since 2021-01-04 15:12:55 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-22Invoice #0202.docdoc a61add91d1ec99ec85463137cdefd5a4f56e2bc5885b00b4fdb840347ed6ab4eVirustotal results 44.44%Heodo
2020-12-22Form - Dec 22, 2020.docdoc 4b88a84e389abb44331350f8658aa02ad80990f59c8d7dd1cfbabfc536cc6744n/a Heodo
2020-12-2200922366.docdoc 2ffc9f79ad944ebdb8ebb057f3e82c6a20b40ac745f0ecb3a3beb0fcddf186a4n/a Heodo
2020-12-22invoice #7676.docdoc d824065d7cdb0eff84e3f155c253b1a452e5fbf701a8d35d48ceff78c751ce99n/a Heodo
2020-12-22INV_05927433.docdoc 382bdfcc6d008bf43aec410d276a8d5a062e4664bd75989fb5033f5599639f9en/a Heodo
2020-12-22Form.docdoc 433cd2c38481dc6be09746f4ffac36778ed6bc6100c067015eb859b629395a51n/a Heodo
2020-12-22Inv_824044.docdoc 12f838b1c2ed2f0cb4894b0b914b4492a91c20081f537c1590abb5c60b9994cbVirustotal results 39.68% Heodo
2020-12-2252668910.docdoc 36b6056048ff40443e91673ace0b3f34b25649a724c5297c7b56406f51f7680en/a Heodo
2020-12-22Inv. 026835043842.docdoc 489ae3e964dd00af56c633210ed38573d66a17c8e9aa637c2270c21043faaa37n/a Heodo
2020-12-22INV_18952.docdoc 913c83d6e6d8fe53061ac507bcb146936e0318ab4a5a4aacd01a6b776f3169e7Virustotal results 41.94% Heodo
2020-12-22Invoice #8033.docdoc e1385a8de4aac8346474131025f25298dae1042d18999a916ce8187e8325bfddn/a Heodo
2020-12-22YcaV-120120.docdoc dda13c3b5e4a6e74c744e0fef13b6ec5916231079a26710ab686fef06a2e0c88n/a Heodo
2020-12-22Electronic form.docdoc 9c8fa69bad491103df4b3b4120c63eacc1b0d1d084009f9c2c61dceb5fbe308bVirustotal results 41.27% Heodo
2020-12-22Inv_18883.docdoc 53acfe21fbd1ee22493a6eebbf0895b5f7baeaeaba30e87fb5eb642ce75a92e8Virustotal results 41.27% Heodo
2020-12-22Invoice #787989.docdoc 1c4ed6bb74630c2de7b4c9987378a5fb97a463f1ef6ab2890f14bdbb02b86f2cn/a Heodo
2020-12-22December invoice.docdoc 97646fcfc6d6f5312748fe2508b25f5f16fb7f2feaaff9e2cc5383473b6b53a8Virustotal results 36.51% Heodo
2020-12-227220-122220.docdoc d203fb7cd0c1a566c77830bee2ad37f90d76aca57f4e6928314e747b800cbf93n/a Heodo