URLhaus Database

You are currently viewing the URLhaus database entry for http://readwritecomprehend.com/rwcstaging2/EXFibFHUdbgRRLzm5PgTzLV3VPkaUqCr8FnL2DYMMTedNZRidu3I/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:956201
URL: http://readwritecomprehend.com/rwcstaging2/EXFibFHUdbgRRLzm5PgTzLV3VPkaUqCr8FnL2DYMMTedNZRidu3I/
URL Status:Offline
Host: readwritecomprehend.com
Date added:2021-01-12 20:40:05 UTC
Last online:2021-01-13 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-12 20:42:11 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:8 hours, 17 minutes Good (down since 2021-01-13 04:59:45 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-13KZBVWN.docdoc a4b2c79223d87bc6523817efc6ae96ddb3a517b509a0907f5aa47ed93cf1bd78n/aHeodo
2021-01-13GW1OQMQJM.docdoc c3b7ff21320580568f7e1b978e5374ccb1a15fe34c35f94eb2463c1570faf385n/aHeodo
2021-01-13OCSY16PVSF.docdoc 274ec03dc6e83bf12177697052207e2413c15948b42bb11df4a4ee110eb84803Virustotal results 26.98%Heodo
2021-01-13AWWTFF161.docdoc 3d0f797849969d919b2a23e7c8b525550fb34076e60df60ab4e380fff6c8f9f4n/aHeodo
2021-01-13862ZH470.docdoc 6519108ab0d32b865e06f74784831341df7a5c7a0f02221511a5a13b8762e375Virustotal results 25.45%Heodo
2021-01-13RIOUUEI6.docdoc 02a4f728e72a9b3f8acbdfdce4bb3390cdbd32fd2a8ff9d4294afbfeb8ef65e6Virustotal results 24.19%Heodo
2021-01-131DOYHXVZ7CAQAQ.docdoc c1386cfa76e20ef89543333e71c40fdbbec97db19367409d0d96bd4fe370ff30n/aHeodo
2021-01-13CGOZM1DBGW1M.docdoc d77e78f619d681603f2d2c3ecc803419724067121e18623302a4155a0efba1fbVirustotal results 22.95%Heodo
2021-01-131Z718797H2WS0.docdoc 5cc80cc17bbb89808db987af2bbfbe02975c1d67cfb77ac0a9a5af0468a36210n/aHeodo
2021-01-132L040P1F7TG9F8D3.docdoc 8d5c3655c17e7b52765884c6c65f4accd5e2d174f1b28c4a9a25b5b3686c50b7Virustotal results 22.22%Heodo
2021-01-13EAO9C2BUHNWSEHYI.docdoc b80739d7b435e5a620e5c121269e1f8a2050a87d1a4d6b934107346c62d09ddcVirustotal results 20.97%Heodo
2021-01-13350LA6Y86KWD19.docdoc 4a2fa6f89bd5826c3451e003332646d61f90c6ecd276a9d2178122bbe1293059Virustotal results 20.63%Heodo
2021-01-13I8282N0Y3.docdoc e09bae676d8815d4702fabeb1ef597939a2bb90033048d1b25e1788fcb13fbcdVirustotal results 19.67%Heodo
2021-01-132SMZ5KQ8Q7.docdoc fa94db36e6f47c1aaf4d141055594716287ceb31cfd4b5ce0ab5c350cffc7969Virustotal results 20.63%Heodo
2021-01-121GRCUGS6U5LJR2OL.docdoc 7232bb05a7e765ec62dfdf1dbf29a4a6260d804c9850305969e4363e10215734Virustotal results 20.63%Heodo
2021-01-12WTMD0V9QJM2C2.docdoc 64eb7d3d61983ec4c3f76417ab3adae35e948beedfb837b63af638d04a455825n/aHeodo
2021-01-12670QZT1LB77WD.docdoc b75406d6fe0aa668a576c191ab39489f0384ceeed853597d9f951bbf8b11326fVirustotal results 19.35%Heodo
2021-01-12J8NKJBRJT.docdoc 96cbd7697693ba15448da3ba557fe23297abb87009576650ac39c49ca38052a7Virustotal results 20.97%Heodo
2021-01-120WGMB2Y1GE8JI.docdoc ca3aba84c466d8fa6db94fc299b11e4a246fa2410ab652a24e7c094dc1c9cf95Virustotal results 20.63%Heodo
2021-01-12CHI6UVBLSAOZ8O.docdoc cf0c2aa78b5e10bf8d17ef6ad77f3ea8f356d6e4d9976f133893dfac8edfc45dVirustotal results 23.81%Heodo
2021-01-12QAVJQCBN8O4P2.docdoc cd26143fd22b6cbf5db4309ecc97366923ad7b8de7ae9870ef31c0700f41a121Virustotal results 20.97%Heodo
2021-01-12ZCACIQKLUECWWODL.docdoc c86ff530960a0e2a0765885f2d0a7171f57cd964011eb7c48500bbb162ad4415Virustotal results 22.22%Heodo
2021-01-12VM0CSUMQ2YODB.docdoc 33baf9af5a5d507568251af1a9ed84e084c180208720e68b748a8feac76e95f6Virustotal results 18.87%Heodo
2021-01-12ENKWUT3TVD137SD.docdoc 552caf55679b9a9c5de05d044bc81719a1829006793d21eae4edfb2b983f8e9aVirustotal results 19.05%Heodo
2021-01-12NZ9P5QKB274.docdoc 66bc009fd8773e19ebd9be0963fb71c13014ae1da8d22da2b6d42fe06b2676d6n/aHeodo
2021-01-122JU50NZZE.docdoc 94890038c0e01f06839d1f11291e3367bb6ff9297047f5ac40d8f2f2ca0bd6a1n/aHeodo
2021-01-12Q22ZWLM0VQ8.docdoc ebb5db5be8f6c48e1ccebf34406cd5635332781cbfe45782a0cf3b535cfc0aedn/aHeodo
2021-01-12O35GYYNVZDV.docdoc e0b3fe914319d6fbbca54226cc93de6f4b5c84a9f076aaa3a897f7a46a45d6cdn/aHeodo
2021-01-127XM35UTSOA.docdoc 1c5577ae92907b0a10a1bef6a52aad25cc73e79b523c737d07e2f012009d7eb7Virustotal results 26.98%Heodo