URLhaus Database

You are currently viewing the URLhaus database entry for https://www.ticketshd.com/wp-content/FUfYNLqU2DDO4ts6A3L9/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:944496
URL: https://www.ticketshd.com/wp-content/FUfYNLqU2DDO4ts6A3L9/
URL Status:Offline
Host: www.ticketshd.com
Date added:2020-12-29 12:03:05 UTC
Last online:2020-12-29 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-29 12:04:04 UTC to abuse{at}vps[dot]ua)
Takedown time:5 hours, 17 minutes Good (down since 2020-12-29 17:21:23 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-29NLAMUGENA217TWH.docdoc 725c503eb1f683b0402c27ee1c4efefd3f360fca37ff060795eed21575247f91Virustotal results 39.68%Heodo
2020-12-292F9EUSTQFWLYK.docdoc 9c664d5072dd450e110f36bbd5fe6cd4d600de7104677fbc31378905c832e953Virustotal results 39.68%Heodo
2020-12-29BHKHD3U65B3R.docdoc 87fde4723bbbdcde8c933fca20f34a74b2d6ca37d6c015a228e5e33c86ce7eddn/aHeodo
2020-12-29Z5PA8F3P.docdoc d8f1ff40027d9f81fdc5f98abc51ee7f8a55508c22bde50d0164a90dd7728125n/aHeodo
2020-12-2943274FCVTOI.docdoc e0a6211f261f1dad74877fe1f03bb64bb2db249de6e13b9ea140b05da66395deVirustotal results 39.68%Heodo
2020-12-290THS6YTV5Z0.docdoc f6b6fffe0fe89481910e5173abb556c5fbd9e6e8f9006bc12e27fe996c9358ccVirustotal results 38.10%Heodo
2020-12-29J5FHQ8R84AZXOSS3.docdoc f63df71b55e2e7d9874fbfe9d3dc6fb6bcdaac70deec04341d0e98350e9b2687Virustotal results 38.10%Heodo
2020-12-29HLQSV5MHUB55Y3.docdoc 918cb2c09e6657f0a17439dece6675085dd993189469c70ef4cd8b40166f11c4Virustotal results 33.87%Heodo
2020-12-291HW57VEF6H.docdoc 45d8bc6c35fbbb07e2a164434082d5659b1a53769f01d35cbae03741ddf981caVirustotal results 32.26%Heodo
2020-12-29LTUTIP0FFOO7.docdoc a2716d55c3b2823a856e3308aefdd3883d63ce417c4e6013858bf14c80f48b29n/aHeodo
2020-12-29FZJUTNQGD5NCA483.docdoc 534741cd011d3d7a34c5c3c0dee6f721faec6a7e6f81720011c3f0d54556b0e8n/aHeodo
2020-12-29O5BLXZPL0A.docdoc 9c10b1c0e38f9aac0ba5d7cc5d62c5c078280b5db86f4b78fd6bb70620c0ba28Virustotal results 30.16%Heodo
2020-12-29LG4M1T454DKM.docdoc 768cac32a7e61598368fa17fcb6792ca6d504cfab9cdcd29cb406ced3a9675c2n/aHeodo
2020-12-29PTBSB5A.docdoc e9651c3167f1db71cbf6992bf456870f4827efba335a03be0dd5d5907d777013Virustotal results 25.81%Heodo
2020-12-29F06JV5SOT.docdoc d9b4e756834c3249baaa01674f9d0542b3cbe53dd174ca24beaab15054426928Virustotal results 23.81%Heodo
2020-12-29EZ387Z5HJ.docdoc dd3a67d901dc85c55170b581a70778c6136945f450605ba049c30613142f0f65Virustotal results 23.81%Heodo
2020-12-29NOZ9HTXJOECORCN7.docdoc 566b3270a8ac0a8c1f96a7c9b71ad1cf55419d19b84be9491251928e6fba2facn/aHeodo
2020-12-29NYV5IJM3D0.docdoc 1a8e2e40d0a746fd82afff5da0b66ef64728861d8e732882fb2e5aa8d259af6bn/aHeodo
2020-12-294DEE645E905DKEP.docdoc 4977173aed4452a0e0439de276d7912c6b6b2dca887504b0f251ab83c38aaa9cVirustotal results 24.19%Heodo
2020-12-29ZEMIRPXBW8ENG.docdoc dcafaca04ab9f3217b488676963af9b787f6d85c93b187c8d5e53f99463142e5Virustotal results 22.22%Heodo
2020-12-2946MQT6G.docdoc 723ed4ebc8e76980b2446359d609ad21e9705a0dac2310d3399d488f6803a3b2Virustotal results 23.81%Heodo