URLhaus Database

You are currently viewing the URLhaus database entry for http://covisa.com.br/paypal-closed-y2hir/ABqY1RAPjaNGnFw9flbsTw3mbHnBB1OUWRV6kbbvfAryr4bmEsDoeNMECXf3fg6io/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:949318
URL: http://covisa.com.br/paypal-closed-y2hir/ABqY1RAPjaNGnFw9flbsTw3mbHnBB1OUWRV6kbbvfAryr4bmEsDoeNMECXf3fg6io/
URL Status:Offline
Host: covisa.com.br
Date added:2021-01-05 08:52:06 UTC
Last online:2021-01-06 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-05 08:52:11 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:22 hours, 35 minutes Good (down since 2021-01-06 07:28:02 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-05J3209NX5I3CHF.docdoc fd2e05bcdf24d8e1ee1483b95a4dfb9424eb50f6588040ac6c98145eacbadc80Virustotal results 38.10%Heodo
2021-01-050NEB8RVWEPGJW.docdoc fa67e7f709be28273b80782e6576f2e93ec9a1018626c3907d55e005fe12cf0dVirustotal results 36.51%Heodo
2021-01-05GQBFOPYPR3WD6KGG.docdoc 3183cdf1952bdfbcf75586215845812c9d6be18af3120d818456b90635489cb8n/aHeodo
2021-01-052H3T45UONJ2.docdoc 5a4272405ec5815ec5ce110738678a0209b357093fdcfb9eb643570cd07cb7b9Virustotal results 35.48%Heodo
2021-01-05A5XJLBA.docdoc 3cb38157e0b8c621691711057afc9c401c2ef752a7707a436a8bde36bf842c55n/aHeodo
2021-01-051FAVZW9Z103.docdoc 7a3b0250eb31576ec30cb36ba111082fdb6d95f294a58c412327caf1bd885310Virustotal results 35.48%Heodo
2021-01-053QHXAREUQL.docdoc bbe6cd3d148a4f8079df0b0edd4c64642fa3a8bde29976abba31bd23dccdeba5Virustotal results 34.92%Heodo
2021-01-05R9TA60W4.docdoc e1ed12bcae0da4c4a1154924ad77715d27052249f5056a72f02f9c6a42a6ba59n/aHeodo
2021-01-05FCDSAQ4I9.docdoc 2f0f89efec22ada982e13a99381c0a075e22e656ee4e1e575ea4e71b9b693c1fn/aHeodo
2021-01-05RC0K5MZR8QEPJD0.docdoc 3a6c0312e735a06c37589a86a75939fd3fa9fe9ab71deda4a1c23c9fda307e7dVirustotal results 34.92%Heodo
2021-01-050ADSN819ZCX.docdoc a700e19d7dc7facdc0598d4c78fa8781ae1a7cf9a6c215deb838a9d6c78bfd7cVirustotal results 34.92%Heodo
2021-01-057AXDQWQL9P6V2B.docdoc 56107ecbd594f1c684f729d239e501bb2d1561d6a584d7ba0a0d69ded2bbbb18n/aHeodo
2021-01-05HO302YB21LYOAY0.docdoc 001e1ea7ab07c91d781f5c51cd2039efc3acaf9f3a7b4bad38979ad48ad2119cn/aHeodo
2021-01-05KK8HA6DIJKARXJ.docdoc 80fadde081a035c58538d60c3829934f50b57a18850e7506eae4157595906af0Virustotal results 34.92%Heodo
2021-01-058LFDSS0Z0FE9.docdoc ef6c966c74e229e34f880f5df67c40fc69a57caf55d1b033527dd9c5be04516bVirustotal results 33.33%Heodo
2021-01-05QL6DNF.docdoc 27301f2ccfae1674902b1e47ddfacc143daf9e273292ab8a4f3a859629c7fd01n/aHeodo
2021-01-05JCVWF3O9.docdoc 15f23a4d0c6a15044c688746279a0a6afbc82b15d5c5bf6752ccffa01e9921f4Virustotal results 33.33%Heodo
2021-01-05E9IX6JXY6GRQTD.docdoc 01bce41750258f3d232b9eb7fe7901a88167254f0fe956f557bb33aced7cfec5n/aHeodo
2021-01-054VTHKNE5HMNAQ7.docdoc 93eec48d8f34dd47d5c87249dc01e4541b6715b6f8ea7e37b2a81cba49b76939n/aHeodo
2021-01-05ADCLWE0.docdoc 37ddd596a953691452989e0ecc19ccb927d26debf39b6e00f9dcc2aafa92fc32n/aHeodo
2021-01-05F3RAW4UF.docdoc 7075ef813287795a904fc395f888fc2f3e66cb01cfdf2b798cece9a0165b9227Virustotal results 30.16%Heodo
2021-01-055ZCUIGJ6O8MC.docdoc c4d979622647bc179ca385e15044d1a3d71643013b1413a46fe06f20bcd3ef44Virustotal results 30.16%Heodo
2021-01-05JUA2FK.docdoc bf7cae6c920be51d01231f410c3dd16183c89f983509ea4d25e5cb308cab7630Virustotal results 30.65%Heodo
2021-01-05NTUEJ26JEZ5YZMFK.docdoc 9ae915057958cea9afdf68d25db2382af275e1df97697179b81cee8948202f35Virustotal results 31.67%Heodo
2021-01-05YDC86LTDX9FSUBSP.docdoc efb606640dfb9f73eed929f346ec28d881ebb034edaf0871c53de4157de231acn/aHeodo
2021-01-05PINQJRRFEQCY.docdoc 721fb65bbb0613e3d9a52ed2212708c516cf544010a4ac20eae123257c6bf957n/aHeodo
2021-01-05FPT4UWM.docdoc a9575801042f3fbc21f0c577ca40731edcbfa884a765d32c1d9d9e775c961953n/aHeodo
2021-01-05AVD6E95MCVM2YQ.docdoc cbe19f76bfedc090a57dab2ddb7abca1880676f4614bad3f1f48a953f54d450fVirustotal results 30.16%Heodo
2021-01-05C9TJGONT6.docdoc 0f48f8cdaa2b93d8bb844b45ea2cce07e484557a310d3477446630fd5275c636Virustotal results 27.42%Heodo
2021-01-05W2YHTFZ7.docdoc e80fafe77797efa65e6cc21e73ff3a5abc427614184af85bf69954c7420534b3Virustotal results 28.57%Heodo
2021-01-05TLJQ5OT4FRKZMI44.docdoc 730e1e874112ed16ad41a9d36bc2c8b7ea8012a35a72a08ed2a50108175a4183n/aHeodo
2021-01-05M7OLF2Z4EFDPG.docdoc e00ffc21fc4cc4d9ce6ad5b1b1c20e7bdac65a684c90cdad69d6e49f107c9a4dn/aHeodo
2021-01-05VBZGNLSYNDS0THGU.docdoc 7a8f4252c28fcffe566860796d64593d45ed30f91dbccce25ea7047dac689cedn/aHeodo
2021-01-05CPC1CQ3F7C6O9.docdoc 184094121e7f85f28812ea9fef22dd1cb20c0a75183f8cc057d7b905b5bc220fn/aHeodo
2021-01-05RYI2ZSJL5.docdoc 742d7fb297d4b065534d4a387ed7cdefc37b87f63e8b920020a6b08c48abd5bdVirustotal results 28.57%Heodo
2021-01-05E16DZALP9II.docdoc 8b925011335a9296e315e7b64f267020ce33b7ba7c00ea8c859f9ef911c9752fVirustotal results 27.87%Heodo