URLhaus Database

You are currently viewing the URLhaus database entry for http://rockcanyonoutfitters.com/RFQy-P5zZBU1LjnEdXB_SoYTSONT-ztB/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:96763
URL: http://rockcanyonoutfitters.com/RFQy-P5zZBU1LjnEdXB_SoYTSONT-ztB/
URL Status:Offline
Host: rockcanyonoutfitters.com
Date added:2018-12-18 01:00:00 UTC
Last online:2018-12-23 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-18 01:00:21 UTC to abuse{at}dacentec[dot]com)
Takedown time:5 days, 16 hours, 47 minutes Bad (down since 2018-12-23 17:47:46 UTC)
Tags:emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-12-19this-site-is-virus.docdoc c2e393ff568f4a87ce48011f10664138e569710f56ddc0462aa7f36bdad5ecadVirustotal results 0.00%
2018-12-18SWIFT_588693MLDVNTHL_12_18_18.docdoc 16a015639a5bd0369b789612d5bb24bdbbf3187909c342b7adf42a0127b840bdVirustotal results 18.64% Heodo
2018-12-18PAYROLL_5751754OPBZXO_12_18_18.docdoc 65bae12214ec44b9638949c811d584c3a9f71c01748c296ce079372fc2d35530n/a Heodo
2018-12-18PAYROLL_35JBUTLXM.docdoc afcc54725342464c954af537736a0c2e13f7513e71fc7ec9fd7a4a93f2826ab9n/a Heodo
2018-12-18ACH_19IWSZCMV.docdoc d614e23613deb4c53767d46abe1d8eff545bdf3f1f8531b29e3ce29c2ef7a24cn/a Heodo
2018-12-18PAYMENT_6XJDRCY_12_18_18.docdoc f0e55a63a1c464f848bf6be2d3057ecd7e7d87429487177d66ea67e97b432f6bVirustotal results 26.67% Heodo
2018-12-18PAYROLL_0761512NVTUGY_12_18_18.docdoc d317da349ccf08ac7d1fd814b092013a5d9e5931ba0e50b8201bb9c4cdf672edVirustotal results 26.67% Heodo
2018-12-18PAYMENT_716QZHFFFNR.docdoc 3e1d9b5029891c73801505e7c825807175d709d4df15c7fe77a16357de189fc2Virustotal results 24.59% Heodo
2018-12-18BIZ_195TWHCWMPL_12_18_18.docdoc aca7d5835a662b967ffad94af449e80523bcdaf3b2b8aa60064d597075eb52e8Virustotal results 25.42% Heodo
2018-12-18PAYROLL_336HEKVLLB.docdoc 891ccd7273246cb74db6fc514fce8bd4a8e52cf684466cc31c3521bace9f0284Virustotal results 25.42% Heodo
2018-12-18SWIFT_26UNMRDJML_12_18_18.docdoc f6386812d1ea2eb4425b913e7cb3d0bc12cde2c7160384fa4da01e01152c3081Virustotal results 27.59% Heodo
2018-12-18BIZ_68EFCGRVWL.docdoc c8212610730cc6902883eee501e0ba8a2b043b880f7ab374df4a5c585d88ac8bn/a Heodo
2018-12-18PAYROLL_7PXQIECR_12_18_18.docdoc 508d2054c9eeb8a7d3db53dae61366f907b91bdfbcc4d8c882873fdf814b6529Virustotal results 25.42% Heodo
2018-12-18BIZ_2OADKWV_12_18_18.docdoc 1b5942d6f32dc2ed91c4de5a324c9f88908be16d66e25c8d6f06b49261b9942cVirustotal results 25.42% Heodo
2018-12-18SWIFT_26748KLVTRELH.docdoc e153745d890f53f1bd285edf3a11deeb2cb6ec6a97a9c212309b21294995ed74n/a Heodo
2018-12-18SWIFT_048846JGIJFAK_12_18_18.docdoc 1bd270c6a1692d1e5caecc57fc91e7c0c81303069350de323504b9f280d11cccn/a Heodo
2018-12-18BIZ_44052TIBPOIC.docdoc 755765ccbf61b9562f4abf335c18befa63e467197e6fdc078b8846fa0ac0708cVirustotal results 29.31% Heodo
2018-12-18SWIFT_8831194NBYISYGO.docdoc db4ebe46e6fbe442fce2d055bb25f6a0d8736e09152034df6231e2f15feae50dVirustotal results 27.12% Heodo
2018-12-18PAY_7688BFYMWVHS_12_18_18.docdoc e2d570503d272c00390809e88ef446dd62c49ba9ec0a3f0adf1a9e9e633d91b7Virustotal results 27.59% Heodo
2018-12-18BIZ_7KOOOCBKB.docdoc 27654cb7530fc3198479af5367143bd92da19d2d6f14cced83738c9019bf8693Virustotal results 27.12% Heodo
2018-12-18ACH_55MEDPSIF_12_18_18.docdoc 484c27eaaaadd4c69576e0c1f084aaee0b900c6a7cbd25b001521ddbd854a3d9Virustotal results 24.59% Heodo
2018-12-18PAYMENT_8486483FHOBAXRF.docdoc 3b248821ed069f21adf65787d1969d615664965e0103871cb16d94505eeae860Virustotal results 23.73% Heodo
2018-12-18PAYMENT_251DWKAPSBT.docdoc e74f6f019444c1ac3c4135a9f8d6e19106fa7bb01ba041e203ac7ddf7b1b6fa0Virustotal results 25.86% Heodo
2018-12-18PAYMENT_029IBWFYGM_12_18_18.docdoc b21071c6efed7f671af055cf0e445cbb6f76c59197ad8f36aad3ecf4890146aeVirustotal results 23.33% Heodo
2018-12-18PAYROLL_171CMCBFYBQ.docdoc 5fe641dcab206d96b66b587c8780eb7c2be25d60c1511ebc3e73191601ab8549Virustotal results 25.00% Heodo
2018-12-18SWIFT_48CPAIXYL_12_18_18.docdoc f6344355607755bc19ca662dd8465fdb4e3b700830f6d658af643e9123dd19aeVirustotal results 25.42% Heodo
2018-12-18SWIFT_48XUTYOX_12_18_18.docdoc 0720be51091544903e8476ed4cece353bb32726569229a6eaf33357e4318e85dn/a Heodo
2018-12-18BIZ_95139TGDPWI.docdoc 85f55707cfe04a9238a2b35d2e15864bc499dfcf362f755f85a75a1f0d576be4Virustotal results 27.59% Heodo
2018-12-18PAYROLL_7040TYZUAPF_12_18_18.docdoc d0930c39e72985dc5361f99c0117a9a8132de4e0ed4248245cf68211006ef2baVirustotal results 23.33% Heodo
2018-12-18BIZ_2122164ZHZNUHA.docdoc 03c84354b04c97153bb358c3d32f84af0a228497cabd70688b47607b06c228b6Virustotal results 25.86% Heodo
2018-12-18PAY_95850TKUEWLH_12_18_18.docdoc 67d08cbd4c053203122d9fb78b568eb82fb2bc4bc81afd04e9a25bd26e3c955cVirustotal results 25.86% Heodo
2018-12-18PAYROLL_131IZNCNY_12_17_18.docdoc 04ed22881589b6c77d01cdda5e35a736db215978e813aaf058da725c1bb48fb1Virustotal results 40.98% Heodo
2018-12-18BIZ_6XRAESY.docdoc 3b8a04257b758ea4e4789ef652b1dde59edb89ba2b9ffa983abe29b9d12a8ed7Virustotal results 40.98% Heodo
2018-12-18SWIFT_8804052ZICPJQY_12_17_18.docdoc 4a6e7c6c0c046e59ed726173ad7136f10862e76c6321bb76924a899bc6b93a91Virustotal results 44.07% Heodo
2018-12-18SWIFT_0767RFFNJG.docdoc 4562ef8d9a1300f122fc08d2b87f136891fbfea41433a59dc760ac7794a0702fVirustotal results 44.07% Heodo
2018-12-18ACH_047566ZJWJKC_12_17_18.docdoc d55d45497bd44a64fe4d1256f098ce2a3a4b4221e437f69796b34abd17eada87n/a Heodo
2018-12-18PAY_2974CPHWVFZE.docdoc 8e6633e1c89c3d845a356cf17cf2405b4b000dce533199fee84128c0d9313e75n/a Heodo
2018-12-18PAY_3ZDGSIIAK_12_17_18.docdoc 93239b5ea551061f1ca4166c69075d62e7541a35964b9fba4604a9677432fe44Virustotal results 40.68% Heodo
2018-12-18PAYMENT_7215290MKSIDBW_12_17_18.docdoc 6dc700725032aded54ee5814fbd2ef976f28c8f6f3b5feb64f7e6484e367824bVirustotal results 42.37% Heodo
2018-12-18PAY_940798EPITDC_12_17_18.docdoc 6cf4577eab2be2e75758bab38fa478981867c23437d401e8bd3dacdcf70ead0cVirustotal results 43.10% Heodo
2018-12-18BIZ_84823BTFZZT_12_17_18.docdoc 08b4bdcfe55e4182c23c7988e3670060e761a629e50992ddaa015ac28d8a2267n/a Heodo
2018-12-18PAYMENT_6QNKMCSZN.docdoc 5a36447adb2dd4d1c72e36a8468abf8e54674148945685e9291da657587df38en/a Heodo