URLhaus Database

You are currently viewing the URLhaus database entry for http://testcrowd.nl/DE/LYKRPNFHZ3597305/Rechnungs/Zahlung/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:133366
URL:http://testcrowd.nl/DE/LYKRPNFHZ3597305/Rechnungs/Zahlung/
URL Status:Offline
Host:testcrowd.nl
Date added:2019-02-18 14:26:06 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@spamhaus
Abuse complaint sent (?): Yes (2019-02-18 14:28:02 UTC to abuse{at}axc[dot]eu)
Takedown time:22 hours, 50 minutes Good
Tags:emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-19YUCN86502662804_2019.docdocf998241bb397ee63069eb24765537f8145d71641e8e8db78564115726b8b0451Virustotal results 9 / 54 (16.67)
2019-02-190416530716160.docdocd6cbd635b7481c268041889993783fc7e09d86e1dd5da3670c3d18ac9d029f25Virustotal results 9 / 54 (16.67)Heodo
2019-02-19CBHC362588597655537.docdocc599915a596d8d2ffe984a210e88826bf7a18ddcb2421942b8ec8466848ab607Virustotal results 9 / 59 (15.25)Heodo
2019-02-195138226183462.docdoc54521c1864176747545e8cbe5af222d9e5fd1f8be282fb450f103f48395b2ff1n/aHeodo
2019-02-19BD659968971062_2019.docdoc0d0fe2d50fd65fb763dd11410377252e1a2ddf673de16d4fe688d92386155118n/a
2019-02-19R737909278952223326.docdoc6ce108ae894610e4322b8333fa68fa51251316c4cbbdd31fe6a5e39b77efb60cn/a
2019-02-1963896170792924_2019.docdocb81d1b7e3f37d006caac6ef9979934708f7bc494d2cba78ccef2be5329b0c444Virustotal results 9 / 54 (16.67)Heodo
2019-02-19643607581275660_2019.docdocc69a8aa7953d502231260484e6f133a92fe70d1055baa4fa6f5032f35cb06840n/aHeodo
2019-02-19YHV728864447421148547.docdoc1c2ce29226aefd40ffa733e45049e4688e4a7ff36f54cfa7b39bf9d3b8d7c957Virustotal results 20 / 53 (37.74)Heodo
2019-02-19HL428896009_2019.docdocda2530f597f9dfcf69ada376737c7a08858f0225ba9d8dd94f08176c5d7580dan/a
2019-02-18206026783.docdocd1c4b4718bdab106514e173cfbf4806dfb62bf233079b747b373a687ca3dc023Virustotal results 18 / 54 (33.33)
2019-02-18FLBC44516078252.docdoc8ceb370bc8c3894aaffdfbdfbc5fe8a9153692a603121c7804c7c50aae3de8c9n/aHeodo
2019-02-180771708201_2019.docdoc7de9395834fa21746bf478bc499a0b68695f95b69e62cc37f287d1205b0f384fn/aHeodo
2019-02-18KTK408820946662.docdoc4bc0ebf4e04816770e0176a8f1ba04404a6d8b09150d21bcfaf3387ffed06606n/a
2019-02-18281547664.docdoc6f52cc28f5b7d356b6a0876f2d4c2fc0696030a17be6d57be4e7e3fba07cd9d3n/aHeodo
2019-02-18K4311710595_2019.docdoc7e7d214153af23923f9b130a044a9134f0168005495d59354f5179b5336846efn/aHeodo
2019-02-1803188001669270.docdocc535ec10efe8d02a81a11b74ad99db24757eccb6dd6754f6740989bcab3c5e95n/aHeodo
2019-02-18NJZ634242395719186662_2019.docdocae93a9504c927d519d64ce6863ea63a9fe1b6d6c89f195c8076b3f4a003e5c3fVirustotal results 16 / 56 (28.57)Heodo
2019-02-18QH98636115248965.docdocb64b748acd4e8f68f52265b45208deb68082482d538e73c2feb9bcf3245e0531Virustotal results 15 / 53 (28.30)Heodo
2019-02-18C19394631844236835503.docdoc0946a30abd52ef463b6a390efba6595d2a7917df95d3739df77e3ca57d1ecc8bVirustotal results 15 / 54 (27.78)Heodo
2019-02-18GCZ395268830.docdocd7d25612960118eb311c2c86193e3c4f41d1924640a6458fd7d24b84e1884be6Virustotal results 15 / 54 (27.78)Heodo
2019-02-18YTPU328475312.docdoc2c4e81086a66b36a10f9f68fa97d8afd4f44f99b6b3015c168e31704006d61a0Virustotal results 15 / 54 (27.78)Heodo
2019-02-18R7169271145_2019.docdoc0966f1271c4cdd0f66bca3520ffe406d4ba14aaa06a7b14aa505c78958fead20n/aHeodo
2019-02-18I6922490684097122375.docdocee1ff0182bc19d430e12a8c88b8a9216e9dc41c8bd055f8d633e4cca8910dff0Virustotal results 14 / 53 (26.42)Heodo
2019-02-1880823628277313.docdoc27b0bd35f9ee7752e45d40707a3a777d20c8563e7067007101ec8de9d1c271daVirustotal results 13 / 54 (24.07)Heodo
2019-02-18REC625956118296974617.docdoc7701b8f968a514855a7d5fc3cfc808b10740a52ef3eb50cab1d63d242f17eeabn/aTinba
2019-02-1812306330575317967471.docdoc327c64ca7348a0e2e4651a332776d10216cd77f77761766a12094cabe446ca4dVirustotal results 10 / 52 (19.23)Heodo
2019-02-18815686357638.docdoc2dda30d522c1b72d38f8609a3bde18de25aa57ad7ba7d90cffdfc0db5cf6e977Virustotal results 15 / 58 (25.86)Heodo