URLhaus Database

You are currently viewing the URLhaus database entry for http://botmechanic.io/DE_de/BJAWTAW9909728/de/Rechnungszahlung/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:134664
URL: http://botmechanic.io/DE_de/BJAWTAW9909728/de/Rechnungszahlung/
URL Status:Offline
Host: botmechanic.io
Date added:2019-02-18 17:14:10 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Not blocked
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-18 17:16:11 UTC to abuse{at}yandex[dot]ru)
Takedown time:5 hours, 31 minutes Good (down since 2019-02-18 22:47:49 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-18LXO281643474584481_022019.docdoc 8522b822e93f7750895192ecc2744c9d57cbaa2092a49995c2436e20a4becf82n/aHeodo
2019-02-1885002608457332-19.docdoc cf567994cb7b1ff5df6cd35d4d14b6eaa91510494d3c84890d92502c7b77d3f4Virustotal results 28.30%Heodo
2019-02-18VG346413703787511_022019.docdoc 2cc2fbcac3c4262c49e3ad49903d4e9ebc5fbaaf9a2ad65ff53f808380b70a12n/aHeodo
2019-02-184656342571223_022019.docdoc 89d61e33ab819e39299ed9c566756456c0b41453709ebcfc0cef19b42017b644n/aHeodo
2019-02-180104957562335.docdoc 94d5bfa9a461d2a11cc9e56b38febd9c3073cf66098db078fa000995754d09f5n/aHeodo
2019-02-185168756777_022019.docdoc 2ee653e0f34bbcf45c9ffa11d530ee6428d284183f0ba10d8f70f1cb370e0d5eVirustotal results 30.19%Heodo
2019-02-1877573456908495129.docdoc e6c61d411dabfb3a2abd81ea36cd40138c8c48a18b832580ac6d5d60c2366a82Virustotal results 29.63%Heodo
2019-02-18OGP33005138360-19.docdoc 7279c31b5e13aee7d9e0240495ab1ea5bc7b141ea5fbc3c1db3ef13e6968bc4eVirustotal results 13.56%
2019-02-18IIN52153810113430211-19.docdoc 923895d1e2d057846792929ae2ff2e9925b91b2c908693347308e8423c48e642Virustotal results 16.67%Heodo