URLhaus Database

You are currently viewing the URLhaus database entry for http://tetrasoftbd.com/REF/llc/zLZCf-ENfx_ritXqK-WF5/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:143067
URL: http://tetrasoftbd.com/REF/llc/zLZCf-ENfx_ritXqK-WF5/
URL Status:Offline
Host: tetrasoftbd.com
Date added:2019-02-22 21:06:04 UTC
Last online:2019-02-24 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-22 21:08:03 UTC to support{at}zxonlineltd[dot]com)
Takedown time:1 day, 16 hours, 55 minutes Poor (down since 2019-02-24 14:03:11 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-02-23REC50434352576.docdoc b206f24870a7cb7b4d0d7b38540bf7a09cb5111533e113db12653c58c34ce9dbVirustotal results 30.00% Heodo
2019-02-23REFUND5991559893360.docdoc 9270a29942d0175a3a0ff555bb37bf3c91ebc051db4163ea3128c44b3022a5daVirustotal results 32.08% Heodo
2019-02-23REFUND2562453296291.docdoc 8872e497bc1cae7133907686d3a57c87229f3abc11ecc58f8e4d7ae7d248fa13n/a Heodo
2019-02-23REF_TRANS8806325396.docdoc 7946746b8ebc61ae101fdfd098281b5e8ac68882723ea5ab4ad6c0c9d804566bVirustotal results 30.19% Heodo
2019-02-23RCPT7483526628.docdoc 5ac258985fdc6faf8f71d4d52d4ab86d9ac83b485aca8a279d1571f207997c03Virustotal results 29.63% Heodo
2019-02-23FORM_REFUND15750158509737.docdoc bd1f913c5ceaf2042070666fba37fa0a8108f1e82ac19e516a7f74e9d5da5ea8Virustotal results 24.53% Heodo
2019-02-23TRANSACTION16464638279068.docdoc 025e2ebff47010dc7f18dbc90127615190f40cd25474bc005c010e5d3d9e6678Virustotal results 26.42% Heodo
2019-02-23TRANSACTION9207538375.docdoc 4ac5eda9e268d3080bb9c0adbdde08bb771ec1c05ff35dfb29d8b16d1b780538n/a Heodo
2019-02-23REF_TRANS192047073254.docdoc 5cc01852121c3ec83d7fb48bf22e3685c997f53f33ff1bf29fb2533141cc69abn/a Heodo
2019-02-22RECEIPT1618079752389.docdoc fc308f26322485c361110bcadf9e3eb54896a1563693a4b8bb3799edcdc9e320Virustotal results 25.45% Heodo
2019-02-22ACC79017727513.docdoc 8d2608fd0eddf328c9509181bfe0560b26ada34bbddc919e8e6d717b5487a220n/a Heodo
2019-02-22REC9004402454288.docdoc 9fa9d852c7f7a94a022347e7bf2325d41032163fb7ec61d362bfeb94a0ed9ee8Virustotal results 25.49% Heodo
2019-02-22REF_TRANS25164744703218.docdoc 363371e71bfd3a0f6e8e0ffe1017918d65d5afe7ce1c6d7ea26f5604b26144ceVirustotal results 24.07% Heodo
2019-02-22REC93212408428.docdoc db0478556a516ed5d8508f165251efd10fd3e68c84fda7d720730f6409af61b8Virustotal results 23.73% Heodo
2019-02-22REFFORM10827124600859.docdoc 26bda8a7e04a3b4ba47ff57f776cb65b0ed11870bc5fa65b33353c53ab718566Virustotal results 25.93% Heodo
2019-02-22TRANS_RECEIPT75731485103.docdoc 3a162a09d1f8a4ee0248d72a60ff0ddbc2cef8084c3d2aed1cfb73192f628d42n/a Heodo
2019-02-22RCPT4549618588.docdoc cb83759cf47a4b6e44e5afcf6f85f64b475a6f4bbcd0bff82b31b45f048a64c9n/a Heodo
2019-02-22REC27990566691.docdoc 3d48920206c69924bd3c388e2d7a48845e48ba6a525f06ae466db235deaa6832Virustotal results 25.93% Heodo