URLhaus Database

You are currently viewing the URLhaus database entry for http://admins.lt/trust.myaccount.docs.net/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:154583
URL:http://admins.lt/trust.myaccount.docs.net/
URL Status:Offline
Host:admins.lt
Date added:2019-03-07 20:01:04 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-03-07 20:02:04 UTC to abuse{at}iv[dot]lt)
Takedown time:12 hours, 13 minutes Good
Tags:doc emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-03-08eBill_0308201974909.docdoc631d7c927378cc83593d353b242cdd28ffda717aa669f5efe3a574b126065a13n/aHeodo
2019-03-08eform_03_08_198615.docdoc9736ffb50ea218bd77bf3f080c34abf5018dc8d30f146fe4db3194deb291d6daVirustotal results 20 / 57 (35.09)Heodo
2019-03-08eBill_030820191874291.docdocfb1b8134d3a1ec75200e301e5e305848edcf6bd282ced0d610754dfeb6b4abe2n/aHeodo
2019-03-07eform_03_08_19136849.docdoc5087985b3ac7b85851f5818131aa21f2cc6e6e2d04bd5195899d8434d56ca346Virustotal results 17 / 56 (30.36)Heodo
2019-03-07eINVOICE_03_08_19181595.docdoc4413bd5a280105f55e4cb1a117fc3541a218e877655bcd96d811adf628a740dbVirustotal results 16 / 55 (29.09)
2019-03-07eFile_030720190417303.docdoc346e4fe996199a776885c8499b28138c8b0e539ad5754d25351bdcdf16f768dcVirustotal results 11 / 54 (20.37)Heodo
2019-03-07eBill_2019030720153.docdoca66d184ef682bfdd64a96e9dc5547245885b3d194c964507ea0ee8f90ec53ea7Virustotal results 11 / 56 (19.64)Heodo