URLhaus Database

You are currently viewing the URLhaus database entry for http://alhazbd.com/Question/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:136
URL:http://alhazbd.com/Question/
URL Status:Offline
Host:alhazbd.com
Date added:2018-03-16 12:35:34 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@abuse_ch
Abuse complaint sent (?):No
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-03-17Invoice for you.docdoc07ccdd8208e3a981f86ea767e61ae77ab708fb29ffd2a01831d1d3cb03023592Virustotal results 9 / 59 (15.25)Heodo
2018-03-17Need to send the attachment.docdoca778abef08b111e82af62a08b787a86c373c76b89ad88ff2efa99677f4a14c2fVirustotal results 8 / 59 (13.56)Heodo
2018-03-16Invoice for y/r 03/16/2018.docdoc440cf2f8967bfc55c36f44b36c5f1d6883fd73715bdb3645de385c7034909095n/aHeodo
2018-03-164 Past Due Invoices.docdocb896e5f35cebc6812fb1590fdd903e60bd80b4660bb15d7a0d0548da66c52938n/a
2018-03-16Past Due Invoices.docdoc7280a89bd5f136d810d17f74527c98d4a7ce8e9a84a49bda971e8f6d90b62778n/a
2018-03-16Overdue payment.docdocb441b14e21e7e29bd4c67e204a927b89519bd6cce9a7900c6aac30ccb0cb735aVirustotal results 5 / 59 (8.47)