URLhaus Database

You are currently viewing the URLhaus database entry for http://cursosultraschool.com.br/wp-includes/iaeb7u2sXBMAL7JwQNbd2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:949035
URL: http://cursosultraschool.com.br/wp-includes/iaeb7u2sXBMAL7JwQNbd2/
URL Status:Offline
Host: cursosultraschool.com.br
Date added:2021-01-04 21:00:14 UTC
Last online:2021-01-05 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-04 21:02:03 UTC to CloudFlare Anti-Abuse API)
Takedown time:3 hours, 0 minutes Good (down since 2021-01-05 00:02:47 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-04OK400I.docdoc 3a7192ae0a86e22de203cd0bd9c3b2ddae45e918207d4ad84f4cfe6b1d975c95Virustotal results 31.75%Heodo
2021-01-04PFT9Z6SMRBJS04.docdoc 1f3408d6afcfe5d362d5ff3499a030b245b4f62883dca94f64bea90ac430fc24Virustotal results 31.75%Heodo
2021-01-04IB5K1J26L1HNFQ7.docdoc 7d5c8462f4e878f3bc69fd37546aa5db52e2eeecc72664ee9f9f56f9228fe853Virustotal results 31.75%Heodo
2021-01-04AUW2I6BOR.docdoc 0daffdebae76adc451e7450a0655b6cdb1755cf372b24c67e462531a3a535469Virustotal results 30.65%Heodo
2021-01-04J5LHLQAQM.docdoc 145466e49f1ebf4ed38896709a64733353a2389bd676b7ef055c79637f53c082Virustotal results 30.65%Heodo
2021-01-04H3TXP7XHRSAM0NX.docdoc a5510a203c4d4cc423b2e4a321e9e2fd2a9b9afa62195780841d60cda74614afVirustotal results 31.75%Heodo
2021-01-043QEO0B14O1TN2AWP.docdoc ec3397b618b0b92c5556cac23ae40686fe9fca8c6fb2097fe84de3909ae48e1dn/aHeodo
2021-01-043JQJ4PAWCZKVDKIE.docdoc 70364c0d02f4a1d61a76caf33b3c7b6349e382fc465685ce6ff04f6b1f422b1eVirustotal results 32.26%Heodo
2021-01-046BNOEF3W18WHE.docdoc f5e030f99b3221f7b2d8b52bce2b0b913b2d183c3f7bd5016bd17ddbfe0be793Virustotal results 31.75%Heodo
2021-01-04MZBG0PTS.docdoc d6f1b9a4e9318d759d02ae98959c6147f8779ef82f41bd3c1970a6f9dfe6c0d5Virustotal results 31.67%Heodo
2021-01-04OCLOYE524X.docdoc 17c93d81b95f2b725804776e87495cb9c024cd0c25c389dbb1931bfe5b335824Virustotal results 32.26%Heodo
2021-01-04PCIXKJGPQ28F.docdoc 59d432f6a9a6ae545627150d20e18ee5b8184da41df3aba0397cb1868cc3b618n/aHeodo
2021-01-04H24HSY.docdoc ee679637d75a8f5af5112158416276ace0f51e892a1b1bbf0987c2e3f8d366e5Virustotal results 31.75%Heodo
2021-01-04MBSYGA4UDQE51.docdoc 8b75f1269fbd186c0d2bf5ef7e604d7aab3f93be1d5dbbf83bb16a8d407bc7aan/aHeodo
2021-01-043O4FPHV20HO.docdoc a4ee94729b7d72887bd48e1d2c06d88cdc624f878fd079085fa6713200e712d0Virustotal results 31.75%Heodo