URLhaus Database

You are currently viewing the URLhaus database entry for http://egrextracts.com/wp-content/AK8XeVt2DBneMHWchOT/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	949134
URL:	http://egrextracts.com/wp-content/AK8XeVt2DBneMHWchOT/
URL Status:	Offline
Host:	egrextracts.com
Date added:	2021-01-05 00:28:04 UTC
Last online:	2021-01-05 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2021-01-05 00:30:05 UTC to abuse{at}amazonaws[dot]com)
Takedown time:	3 hours, 46 minutes (down since 2021-01-05 04:16:33 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-01-05	YTK35EUFPO.doc	doc	09292d51e8d353b88a500ab38de30d3aaec41733df7b368af869cf472bfef48d	31.75%	Heodo
2021-01-05	BZGNLSYN.doc	doc	eedc56307590cb415b9388656d7287000bf530c10ab8c8c1f8bf4875321c2398	n/a	Heodo
2021-01-05	T4DNXX031O.doc	doc	48e5d9cf1ebc2c615dc60b2f35595632cb1ebf25c2305ea31f087bbe8689a1ad	n/a	Heodo
2021-01-05	IP1M1Z7VCXST7.doc	doc	6e9366c10b06f94a3e436527ed163f7b68c4a81f911d593d64e6312d7b0e39b8	n/a	Heodo
2021-01-05	EA47N1O.doc	doc	252656a16cf6ef7ede48d6dfbf08918fae477b4e2ed50a5b2dcb46a1d6240fbf	n/a	Heodo
2021-01-05	68LDPF.doc	doc	2f410493048157fd2bccd80a02a83ad071a7b37038ab5fb6160ff9d6d1312522	31.75%	Heodo
2021-01-05	4KM7DITDPH.doc	doc	d156b4fc840034beae78f8d4c55226d4dd1771465d0b8f45322dcd63731bdd4a	n/a	Heodo
2021-01-05	75R3NN5TV9.doc	doc	acbb7afbd6807623f7b138be593f37aed6daf29c912342a71aa8b65fbb4a99f7	n/a	Heodo
2021-01-05	1N7BDEQTS01.doc	doc	d315e07599f48461af20a81347aae5972ba5aea6210a0e28244b902a18cefc78	n/a	Heodo
2021-01-05	F8R5BMALJ7KDT11.doc	doc	89f2c53efc4423c85870b7b59615a36152242f602d3c1269a2226f9331684aed	n/a	Heodo
2021-01-05	CQITWECEBLVY8YQ.doc	doc	68f2889fb26be5dfaef1c55d3d1509e9a6b88f12ad89c8f869bf829d463ef59f	32.26%	Heodo
2021-01-05	BR8X1FYX2R.doc	doc	38d17dfd9fc5d7eb04a6ed019750022081fd13b253d0eb08d92fd9109815ec52	31.75%	Heodo
2021-01-05	UKKEZT1U56.doc	doc	8488d087b6010876c2aef93e85bcd715e0698b8c09e7c58e31a655b3c4860f4f	30.65%	Heodo
2021-01-05	OVU575SR.doc	doc	401e09065cc4fe70319e8924de8ab2ace957de8a65a2a1ac15330fdfe2f9c092	31.75%	Heodo
2021-01-05	O6B8PAPDS2U934MB.doc	doc	773a15b11264f83c09890cedbb7aedc943a30430f5b355d38e5625f2ebd3fb8f	31.75%	Heodo
2021-01-05	7TN99YALO7DKF.doc	doc	269b7e9055041b22adcfd3f3d1d0a4711292eb08c8674a535071c2ccf27a31fd	31.75%	Heodo
2021-01-05	5DO42Y2P.doc	doc	dc9236f8bdf3716d6ad5bd3fc91beab4505cfe0585682cc68064718e9680c53f	32.26%	Heodo
2021-01-05	9D2O1PG99G8LX7P.doc	doc	63162fe833789ed99b85cf9524ce3254d7f676c2a187f7e2c2ecd23ad59ac5c0	31.75%	Heodo