URLhaus Database

You are currently viewing the URLhaus database entry for http://betal-urfo.ru/US_us/IaNHd-8wBBY_dDgHFKEK-dW2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:120279
URL: http://betal-urfo.ru/US_us/IaNHd-8wBBY_dDgHFKEK-dW2/
URL Status:Offline
Host: betal-urfo.ru
Date added:2019-02-08 17:26:10 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Status unknown
AdGuard :Blocked link
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-08 17:28:02 UTC to abuse-c{at}hostland[dot]ru)
Takedown time:3 days, 9 hours, 5 minutes Bad (down since 2019-02-12 02:34:01 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-10ACC894325575674562847.docdoc f13bdc15794eba12d18197a098689847d023530d33a54387f8f3894112e25f55Virustotal results 42.11%Heodo
2019-02-108877951958.docdoc 65bebf4b60bfcdca77338d02c016cc297fb0bd2c080a0aa3ff40179851033a6fVirustotal results 40.35%Heodo
2019-02-09ACC68500608053607939873.docdoc 1fdb1acd778c65c05ddd1f224613f15e2367cbd67a2b6ce4453fefb041012de6Virustotal results 33.93%Heodo
2019-02-09ACC2264795847107.docdoc 3ab802b97cedc7fe56cbc95082d62917ac883a5967a33a9c0870dfd653b44ea0Virustotal results 31.58%Heodo
2019-02-09ACC7832023183.docdoc 6f03b408d13644eb4d4f17eba0fb92c2905c5becc4fcba53b6bc8c9565c1af22Virustotal results 29.82%Heodo
2019-02-09INSTR12712633514.docdoc e498bbbaace6d88007445f3abdc8f182f935ec9343ddff7eed415e39371de588Virustotal results 31.58%
2019-02-09ATZJI6062837121.docdoc da35afa07bb858c6c00129a6f1e87e1f36220026084c760e2044a5198ce625b3Virustotal results 35.09%
2019-02-09ACC02105272103852719118.docdoc 53b0784f219135bc4164dc3b89f39b421863e7282c50d1955b13dd559cfa3370Virustotal results 35.71%Heodo
2019-02-09PAY65905706389842.docdoc c3fddf89da39bf8c0acd65edb6d068bdd663a725192e4807a8f7209aff19ebe4Virustotal results 31.58%Heodo
2019-02-09ECFU673649729.docdoc 9ca10c1a8fe0d766be4e2bed6df8c03178c921ee39c007033e06808ed26415f1Virustotal results 31.58%Heodo
2019-02-09PAY6782518757819632.docdoc ae0edfbcc844571f275cf2d5aa93c07ee037e3bd8a3edcde5c708539e17fdeeaVirustotal results 45.61%
2019-02-09UV335991133198292.docdoc 82e8a2b710ce805f532515cdf211482c3190fc9ecc83275349921d3377967249Virustotal results 33.33%Heodo
2019-02-09PAY6228739778275926.docdoc 2fe889ee6e290f8dd9e7c4a72aa07998dff9605e19680b38dcc317f2ed7c70adn/aHeodo
2019-02-09US7475224125250909223.docdoc 9ee6b32aa3b546456a0ac4675f0811e3576d9080fe760c1cff9d5471f65c3e1an/aHeodo
2019-02-09ACC0089531440471.docdoc 849c9bf1a99a6ed85308b27e32c6922fcd8f864df7357931816ffa64923fa122n/aHeodo
2019-02-09INSTR5450138728428003.docdoc 53ce0f6be71bc7077be95dbfdd4c1fe292391f24fc627f8597c3e3d6772a6048n/aHeodo
2019-02-09US17423841563029.docdoc af1789e75efb958c0d2d22736622f7e1d4f1c6e9645ae5ff1c2a59c3e9a57dc0Virustotal results 31.58%Heodo
2019-02-09INSTR904222320.docdoc d8edaec331a06e54c0a7e7d51c52ed8909dae5eb4e774cf74032970c01d1de87n/a
2019-02-09PAY7626807076.docdoc 75de8f9b05a31f1860373c8ffa8693e75dabbeef303e849a396a185a8a456ad2n/a
2019-02-09US62642920942.docdoc 2cb235472f7a97d7cbe568447fa64642bf6416acf472ddc1311e6308a16517bdn/aHeodo
2019-02-09PAY36828976421148868455.docdoc 6f5e2f7c534be44b36c0df06a0bbcafbf72fa633e33998627ae6e6268dde555dn/aHeodo
2019-02-09INSTR45442509433763.docdoc 5ce42f9ec479887f89000027b43800f9e03c5e5c760193650b5e22279e6a686dVirustotal results 33.93%Heodo
2019-02-09INSTR0911705151061.docdoc 352992986122ae1cc776ac7389078cce9222a0adc94ddb743e3ee75a4061bf71n/aHeodo
2019-02-0918139149250603.docdoc 05087b11e21dc5cb318f9b35b448ae12b1351073c6169554a075f09f382483e8Virustotal results 31.58%
2019-02-09INSTR1662357913353039.docdoc e5ec0e796556497b8bea0d2597525960353082c43ed18845e53c20cdf1882f3bn/aHeodo
2019-02-09INSTR4473594065380918.docdoc 826e4b469d1429ad9c749f13a72592df849100013833edc1b3ee7e262df0c0b2n/aHeodo
2019-02-09PAY9903199166238299.docdoc 561acf43c7b8cce4f658d839455eab514366b01ae71b50a78ca8a4bc6ef40b41n/aHeodo
2019-02-09ACC39325695216.docdoc 3d576a11e841ec17ee0c551f770e9da07aabb8b22acdfa61310bfaf216b3b3c6n/aHeodo
2019-02-08US52375675804776.docdoc 12b7d14c5b2b2f9b418cc581e13ba1826ab44366a2655cf9ee2bcf244efcf47en/a
2019-02-080614791042964134.docdoc 4aae6398e602432c0a2063c9e399ee6894043e0dc9825ecd8fdcd5476aa044c3n/aHeodo
2019-02-08INSTR77583017750155252.docdoc 4dd107d93426f7e933b112bde796ee356aa33ffb5f18541b012490ecb9686091n/aHeodo
2019-02-08PAY0631875577703.docdoc 3cccf50c378af6ef6675b1ac148b82c3ad750e71f3082cf3d907d88d59239f4dn/aHeodo
2019-02-08PAY895657986122.docdoc 48026c404114797c99095bb105e7f3d52a7215ca9596e49fbed6f8501d9b5c41Virustotal results 30.91%Heodo
2019-02-08WBDZO1229166277614.docdoc 22ad45aaf536a845812fa0fc7ff45223fff0f635d38babe7611cfbd567b5322dn/aHeodo
2019-02-08WI85042325868432567.docdoc fb7dec914775e26e015f802e8d7384128bbe8b4c844f94eba9d6c7c512b6c174Virustotal results 35.71%Heodo
2019-02-08M8838830136.docdoc 052be97618d6e73019e00316750b3b846c2b5a667d135d8dadf5aaaefa966297n/aHeodo
2019-02-08INSTR288626761231.docdoc 379b58dc70893a9412209e4b1c525484d6732b8abc9b9f4d96c6bbe7b8b947een/aHeodo
2019-02-08ACC4165307161609.docdoc 599d34cc4437f7327de4bcd6d848ad2913f76338059e89d3b1a22a73553e1949Virustotal results 33.33%Heodo
2019-02-08Q61459114607912974195.docdoc 94d6ab316e0555e057470d833d77de866410d2ad26bcce0712dc59d3ecc42583Virustotal results 31.03%
2019-02-08LPAQD595580814.docdoc 7aa42c79a3dcdc7706e437012115edef29257216dd633a41bb8f96a87d18e82aVirustotal results 31.58%Heodo
2019-02-08INSTR8660399084460041.docdoc 55b6b458e33958e13ae5c636cb8505acefdbedadbc156e1f730bffea25070004n/aHeodo
2019-02-08PAY5645359290254.docdoc 0ffeaba112330a47134e295fb3903e3ec55c0d2981d37c41003331561413599fVirustotal results 33.33%Heodo
2019-02-087561660763.docdoc 161004b9f0357dd12b99e0cd10ca1bed4a32f77a8f76e6a78d63840eb8cfde6aVirustotal results 33.93%
2019-02-08INSTR1341626392105137287.docdoc b49407d28c6ba10b1ca9a34656cec5867544108f03e301ea75bc793e1b174833Virustotal results 35.71%Heodo
2019-02-08PAY232078864764969331.docdoc 74a55387ab316fbb77ad85a707514358c888edd651dbb05d4e18a68054845124n/aHeodo