URLhaus Database

You are currently viewing the URLhaus database entry for http://almashghal.com/wp-content/corporation/Invoice_Notice/EfUvZ-6UJS_cKienqiSg-Dy/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:120289
URL:http://almashghal.com/wp-content/corporation/Invoice_Notice/EfUvZ-6UJS_cKienqiSg-Dy/
URL Status:Offline
Host:almashghal.com
Date added:2019-02-08 17:44:20 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-08 17:46:07 UTC to abuse{at}microsoft[dot]com)
Takedown time:9 hours, 32 minutes Good
Tags:emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-09551939298834267.docdoc6f5e2f7c534be44b36c0df06a0bbcafbf72fa633e33998627ae6e6268dde555dn/aHeodo
2019-02-09ACC780844751005822.docdoc5ce42f9ec479887f89000027b43800f9e03c5e5c760193650b5e22279e6a686dVirustotal results 19 / 56 (33.93)Heodo
2019-02-09PAY4112113102950.docdocf33d027db4224495d2b000f2423f8007522eff8ef6f56258f7bcf693cd594f5fn/a
2019-02-090876298596587274576.docdoc826e4b469d1429ad9c749f13a72592df849100013833edc1b3ee7e262df0c0b2n/aHeodo
2019-02-09BI04949459525851.docdoc53b0784f219135bc4164dc3b89f39b421863e7282c50d1955b13dd559cfa3370Virustotal results 18 / 56 (32.14)Heodo
2019-02-09US87088858682689.docdocf13447be887a74fed191acefbc945c099aa73130446de9af9e1d4714b7dc34a0n/a
2019-02-092247065873817265.docdocc3fddf89da39bf8c0acd65edb6d068bdd663a725192e4807a8f7209aff19ebe4Virustotal results 18 / 57 (31.58)Heodo
2019-02-08US793342445.docdoc9ca10c1a8fe0d766be4e2bed6df8c03178c921ee39c007033e06808ed26415f1n/aHeodo
2019-02-0826586402575.docdoc4aae6398e602432c0a2063c9e399ee6894043e0dc9825ecd8fdcd5476aa044c3n/aHeodo
2019-02-08INSTR0954178761.docdoc4783732fb6d276b20218cd6283226e5cf8ce076b3f460e6cc1bb94e86a5a4f52Virustotal results 19 / 57 (33.33)
2019-02-08PAY805849004.docdoc3cccf50c378af6ef6675b1ac148b82c3ad750e71f3082cf3d907d88d59239f4dn/aHeodo
2019-02-08PAY2863963069916.docdoc48026c404114797c99095bb105e7f3d52a7215ca9596e49fbed6f8501d9b5c41Virustotal results 17 / 55 (30.91)Heodo
2019-02-08PAY379237709.docdoc22ad45aaf536a845812fa0fc7ff45223fff0f635d38babe7611cfbd567b5322dn/aHeodo
2019-02-08YJARH862977034184504166.docdoc9dddc0c5b4ce1996d5d439715e5dd5dd3ceba86b9a7dadb56e8497481706b4dcn/aHeodo
2019-02-08QJWEH1465804580482.docdocfb7dec914775e26e015f802e8d7384128bbe8b4c844f94eba9d6c7c512b6c174n/a
2019-02-08PAY2623995012638400.docdoc0f11f1a14863549a4a0fe6c317c2afeed08a204cc343ae835bb26b349c8a6d8fVirustotal results 18 / 56 (32.14)
2019-02-08INSTR598882111915.docdoc052be97618d6e73019e00316750b3b846c2b5a667d135d8dadf5aaaefa966297n/a
2019-02-08PAY4560445250248.docdocb986fa5b5c4fb5bbd9a01fd17d04e945d15ba0fc0103596123975cc27ef74029Virustotal results 19 / 57 (33.33)Heodo
2019-02-08ACC22491947631114487680.docdoc599d34cc4437f7327de4bcd6d848ad2913f76338059e89d3b1a22a73553e1949Virustotal results 19 / 57 (33.33)
2019-02-08US3317642848.docdoc8d1989b474ad904aec092db9fdfa100e0ae76e411136e1c89912bc489b17d0caVirustotal results 20 / 56 (35.71)
2019-02-08US3552682135616.docdoc7aa42c79a3dcdc7706e437012115edef29257216dd633a41bb8f96a87d18e82aVirustotal results 18 / 57 (31.58)
2019-02-08US19320325644307736623.docdoc36db98a9fce07ff2f124a70d632d1e3f9b6a798402e176b9d14a50431601e438Virustotal results 19 / 56 (33.93)
2019-02-085672316596.docdoc0ffeaba112330a47134e295fb3903e3ec55c0d2981d37c41003331561413599fVirustotal results 19 / 57 (33.33)Heodo
2019-02-0827150549723393507486.docdoc161004b9f0357dd12b99e0cd10ca1bed4a32f77a8f76e6a78d63840eb8cfde6aVirustotal results 19 / 56 (33.93)
2019-02-08ACC1293896771391366242.docdocb49407d28c6ba10b1ca9a34656cec5867544108f03e301ea75bc793e1b174833Virustotal results 20 / 56 (35.71)Heodo
2019-02-08ACC4776650359.docdocaef36d758c88037b4ad9e1fb77453694fd0e7a342e4915d8d6098466c35d2fd7Virustotal results 19 / 57 (33.33)Heodo