URLhaus Database

You are currently viewing the URLhaus database entry for http://998awol.com/ge-5kcp39jg-fygw0/78drJWcVKWRXm2zrKLigRJk01r1h44ENmSQ05fkEdwC301RK79/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:949109
URL: http://998awol.com/ge-5kcp39jg-fygw0/78drJWcVKWRXm2zrKLigRJk01r1h44ENmSQ05fkEdwC301RK79/
URL Status:Offline
Host: 998awol.com
Date added:2021-01-04 23:41:05 UTC
Last online:2021-01-05 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-04 23:42:05 UTC to abuse{at}amazonaws[dot]com)
Takedown time:4 hours, 41 minutes Good (down since 2021-01-05 04:23:07 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-05EQ6SKVSJDU9NEE.docdoc f04733633102448629503a0b0df30e77c694298c6e2bac53b89099f796a4a04cVirustotal results 32.26%Heodo
2021-01-057FD2S5SEQ.docdoc eedc56307590cb415b9388656d7287000bf530c10ab8c8c1f8bf4875321c2398n/aHeodo
2021-01-059YTIVPE.docdoc 48e5d9cf1ebc2c615dc60b2f35595632cb1ebf25c2305ea31f087bbe8689a1adVirustotal results 31.75%Heodo
2021-01-05BB9MJJPKP.docdoc ec2aca363bea5e10495d5682f2c50b4a46c9ca51236fb795e7d87e41109ce790Virustotal results 31.75%Heodo
2021-01-05O775XU9NV312F8F7.docdoc 252656a16cf6ef7ede48d6dfbf08918fae477b4e2ed50a5b2dcb46a1d6240fbfVirustotal results 31.75%Heodo
2021-01-05BZK530EP.docdoc 2f410493048157fd2bccd80a02a83ad071a7b37038ab5fb6160ff9d6d1312522n/aHeodo
2021-01-05XASQ8R3O4H4SM.docdoc c909996e11aabb6f9003b0ca2e0e52d58c16777e4c7e6fc11aa6b599183dd7d4n/aHeodo
2021-01-05RHZTN1DR0ZL.docdoc acbb7afbd6807623f7b138be593f37aed6daf29c912342a71aa8b65fbb4a99f7n/aHeodo
2021-01-05GNQZY7D2.docdoc 715302c7c5d571733456f11e19d6c7a066388ef318fb726b24578ae121f9bc20n/aHeodo
2021-01-0506WIR0X6A.docdoc 89f2c53efc4423c85870b7b59615a36152242f602d3c1269a2226f9331684aedn/aHeodo
2021-01-0503ODV6NFUXBAA8N.docdoc 6b284863c079141fa6e5caab9fd9228eb0503d2790fadc82360b8e3fcb2de684Virustotal results 31.67%Heodo
2021-01-05SD5J55N4Q.docdoc 7ab531ffdf05ec65c076a06ea4a7e92a3c02ccb479f866db344d9fc4abcad342Virustotal results 30.65% Heodo
2021-01-058XOOFTWSXVKW.docdoc 8488d087b6010876c2aef93e85bcd715e0698b8c09e7c58e31a655b3c4860f4fVirustotal results 30.65%Heodo
2021-01-05715KHHXBL.docdoc f1ff8d81d84d73a186c72546b5efdc3abd4f4a91243d0f2bb537cc1418d8bdaen/aHeodo
2021-01-05XR9GHLT.docdoc 3d59c114c200d80ba97d2866d3b53aada9eee8b22a90c4bee3f60bbb254fe1c0n/aHeodo
2021-01-05F8Q1BG4DBN5.docdoc 328547d8fbddaf5087390a97bb4bd2032672e5ebda3e6c867bb5093cde59cb5dVirustotal results 32.26%Heodo
2021-01-05RHK6VQ8XT.docdoc dc9236f8bdf3716d6ad5bd3fc91beab4505cfe0585682cc68064718e9680c53fn/aHeodo
2021-01-0542WCXKYKCBTC8QC.docdoc 9b5ceeadb9d26cc60561054e3ea318e82923f3b04a9e505aeb8750ef4b3d902cVirustotal results 32.26%Heodo
2021-01-05T80BJDOE8R.docdoc 76791e1b0ebfbf5081b8f6c4e3196ad92ca2d9904c48fc16d8e9d82b3585853fVirustotal results 31.75%Heodo
2021-01-0471WR9A2OIK20W.docdoc 3a7192ae0a86e22de203cd0bd9c3b2ddae45e918207d4ad84f4cfe6b1d975c95Virustotal results 31.75%Heodo
2021-01-04SL9HY15EWO1R3J.docdoc 1f3408d6afcfe5d362d5ff3499a030b245b4f62883dca94f64bea90ac430fc24Virustotal results 31.75%Heodo