URLhaus Database

You are currently viewing the URLhaus database entry for http://clipingpathassociatebd.com/scan/13094522662/ffLz-EtCr_xM-t9N/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:115613
URL:http://clipingpathassociatebd.com/scan/13094522662/ffLz-EtCr_xM-t9N/
URL Status:Offline
Host:clipingpathassociatebd.com
Date added:2019-02-01 21:38:30 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-02 12:18:02 UTC to abuse{at}hetzner[dot]de)
Takedown time:8 days, 10 hours, 56 minutes Bad
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-05US2691207069004.docdoc9ba4ecc5d067b1dabc85fe725700111c3c8e8dc4926f8f745c9e5c426de65551Virustotal results 39 / 60 (65.00)Heodo
2019-02-022462786742101.docdoc9e5beedee236edec95d76ca51a4aee0d83c7812dfb6ff250ac26e6aff117f3a9Virustotal results 20 / 59 (33.90)Heodo
2019-02-02PAY680383387468258322.docdoc7848cf417e8bd3fc58b71a61cec40b6773e6d80355f44fb0c7f7504e18dee3b7Virustotal results 21 / 60 (35.00)Heodo
2019-02-02KDLI922281871285165.docdoc897cfde213f675672f4b6f60bfbecfed5bbe1d7500ce68253ae5a54b76c13ce4Virustotal results 20 / 60 (33.33)Heodo
2019-02-02M48399282595473944.docdocd2ac5e2df15e79e76c861f06a3b0e09e50f227723f1bee85dc85f21e4b95e6c5Virustotal results 21 / 58 (36.21)
2019-02-02GF06558368806873608165.docdoc3278d448c595516afef84073eac81a8497a2d6edad2dd299fdf135c36689e486Virustotal results 25 / 60 (41.67)Heodo