URLhaus Database

You are currently viewing the URLhaus database entry for https://ufapro888s.info/cgi-bin/zsYdbCOamS1IMFX3dFRtfhCrNhpR6a/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:956431
URL: https://ufapro888s.info/cgi-bin/zsYdbCOamS1IMFX3dFRtfhCrNhpR6a/
URL Status:Offline
Host: ufapro888s.info
Date added:2021-01-12 22:40:06 UTC
Last online:2021-02-05 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-12 22:40:08 UTC to abuse{at}cloudflare[dot]com)
Takedown time:23 days, 16 hours, 42 minutes Bad (down since 2021-02-05 15:22:52 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-135RPH7GL.docdoc 3d0f797849969d919b2a23e7c8b525550fb34076e60df60ab4e380fff6c8f9f4n/aHeodo
2021-01-13RTN17VQIIX5GOWAI.docdoc 6519108ab0d32b865e06f74784831341df7a5c7a0f02221511a5a13b8762e375Virustotal results 25.45%Heodo
2021-01-1366W7AR414LK.docdoc c1386cfa76e20ef89543333e71c40fdbbec97db19367409d0d96bd4fe370ff30n/aHeodo
2021-01-13SNUBFQ51F.docdoc d2232dfab1a3d97b00285d3baeedaff80ee090c7fb8bec50f6fb23554fc7d4aaVirustotal results 22.22%Heodo
2021-01-13BVIS0XQ.docdoc d77e78f619d681603f2d2c3ecc803419724067121e18623302a4155a0efba1fbn/aHeodo
2021-01-1396ZCO24OAZU7B.docdoc 6531485e7908b63b71fed89fd7a5e90a7d0250b15f1f9f25552776518ecf1b94Virustotal results 22.58%Heodo
2021-01-13CWNJEAWWPU3WKN2.docdoc 8d5c3655c17e7b52765884c6c65f4accd5e2d174f1b28c4a9a25b5b3686c50b7n/aHeodo
2021-01-13I6KJ2ZZIV1CHII.docdoc b80739d7b435e5a620e5c121269e1f8a2050a87d1a4d6b934107346c62d09ddcVirustotal results 20.97%Heodo
2021-01-13WOLG5FC3ZSB.docdoc 5e1578d0acac3625f838389363b6e3d5ee3b946ce7ecc681ba00d134eb4ff07cVirustotal results 19.67%Heodo
2021-01-13M34RXQMJ.docdoc d537bf50ec4b548ea84743bd82fca89f61456fdabd24530cb04214c8d7fe7043n/aHeodo
2021-01-12P0HXT6H.docdoc fa94db36e6f47c1aaf4d141055594716287ceb31cfd4b5ce0ab5c350cffc7969Virustotal results 20.63%Heodo
2021-01-12XGYRPWA5JUAV.docdoc 82cbebfcfcfbdd97e4f714428e572c4f2320187eac194b733816109c957e9505Virustotal results 20.63%Heodo
2021-01-129DRODT1U.docdoc bd45f2cb32d66093175c05e0b8e9060fbcc0fcaca57454dfab3abf0d54711f13Virustotal results 20.63%Heodo
2021-01-12R94A7KD4QGO1.docdoc 21b5c730d1a2cf87f14e0e687f6ade375e751a5705d59995b7b373756ef20e93n/aHeodo
2021-01-12Z95YNETIJOJ7.docdoc 0f2701f8a2887d860bdb0dfe233f7e25ee8852103dc87658ff1b67b34a1c30b7Virustotal results 20.63%Heodo
2021-01-12Q99HNL3DXHIQX5UH.docdoc 988a420c56f820f5165a56b7d242998ef580c2191ef089928aec599f8732533dVirustotal results 20.63%Heodo