URLhaus Database

You are currently viewing the URLhaus database entry for http://wortex-shop.by/Telekom/Rechnungen/012019/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:119332
URL:http://wortex-shop.by/Telekom/Rechnungen/012019/
URL Status:Offline
Host:wortex-shop.by
Date added:2019-02-07 12:45:24 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-07 12:46:06 UTC to abuse{at}hoster[dot]by)
Takedown time:7 days, 2 hours, 13 minutes Bad
Tags:emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-072019JAN_rechnung.docdoc1ea02f40f79ad4c530c0bf0138d7b49d995977ad2187e7b231e0f89a020839fcn/a
2019-02-072019_01_rechnung.docdocac78413a0711619ec5c61330865227901bd9e9e3677147c1c775761899acb342n/a
2019-02-07JAN2019rechnung.docdocc861a16b06cc2e1c474580d1d77742488b1500b294fc80773505214a8658deddVirustotal results 19 / 56 (33.93)Heodo
2019-02-072019JAN_rechnung.docdoc149735e48cb3e377e66b3d1c155bfe6f15858b502d1ea591f800be8ba0b96152Virustotal results 19 / 57 (33.33)
2019-02-07rechnung_01_2019.docdocba796576b006589983d1b4ed041f5fe446246cc3823d3b3ca8c6d61ac643cc68Virustotal results 19 / 57 (33.33)Heodo
2019-02-072019_01_rechnung.docdoc551d077ac455bb7327fddf567acc71305d3eed0afbdd099823d5222611c7b3a1Virustotal results 19 / 56 (33.93)Heodo
2019-02-07JAN2019_rechnung.docdoc788d5bb87879fca4fec80a7ab909d74baf2cb634036860e37ebdaa7f44b49674Virustotal results 19 / 58 (32.76)Heodo
2019-02-072019_01rechnung.docdocc45eebfad7df2ad94cdef3bd2558c2da4519c477fb02e5771441040a661fe08bVirustotal results 19 / 58 (32.76)
2019-02-07JAN2019_rechnung.docdoc8110c8c6a67b74f7668d91467b9be9eaa2afb88a7738521eccd1335d7153f6acVirustotal results 19 / 56 (33.93)Heodo
2019-02-072019JAN_rechnung.docdoc9ea22e4299d15e87a1a3bcc03ae6e930cf89db5cb3c48cc65c3724744b17b03fVirustotal results 19 / 58 (32.76)
2019-02-07rechnung.docdoc394359aecd115f2c4512d3c0537aa34b1d8a5cf9d1f968db47514d6d02352eb6Virustotal results 18 / 55 (32.73)Heodo
2019-02-07rechnung_01_2019.docdocc9909a749a749727e3a2cb83f097deb7dbf6ad47cd8bb4c03d59d22fdb399fb1Virustotal results 19 / 55 (34.55)Heodo
2019-02-07rechnung.docdocbef31c3a5bc128898664e01c2b50a1e39722037667dcc8890298f2d96e3b50bdVirustotal results 19 / 56 (33.93)
2019-02-072019_01_rechnung.docdocd6895bf8ff3c94e429081c478d20274ad4e4e9b3dd0c81e2012bab650c6b1254Virustotal results 20 / 57 (35.09)
2019-02-07rechnung_01_2019.docdocfe5e9f2d1533b0fcecaba7bc3173e4f1ec35a7d735360a273a78f6795378681eVirustotal results 19 / 57 (33.33)Heodo
2019-02-07rechnung_01_2019.docdoc4fbc12d82d6ba24914a569dce9f5ecf023e556a2fe1501b4b1c9b378cabeb4c0Virustotal results 19 / 58 (32.76)
2019-02-07rechnung_01_2019.docdoc4f9f795fd4c5b8d852ef138194c0652a0f61555eb31511324d3a9b9c80b3b36bn/aHeodo
2019-02-072019_01rechnung.docdocec3f5f345d75d20392059fbc126ad8aa98b974b8cd307af4ee9f5d0ab80c57ecn/a