URLhaus Database

You are currently viewing the URLhaus database entry for http://tecserv.us/ups.com/WebTracking/PI-91665811279004/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:16095
URL:http://tecserv.us/ups.com/WebTracking/PI-91665811279004/
URL Status:Offline
Host:tecserv.us
Date added:2018-06-06 21:04:03 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-06-11 10:27:14 UTC to abuse{at}godaddy[dot]com)
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-06-093VE88264099980471.docdocdb974b53a37e3b8f6aa5a490f2ef3512aa7634befdc99b828b0ef7b5512893dbVirustotal results 19 / 59 (32.20)Heodo
2018-06-082W48313351527139.docdoc09b8c6fa45ecc2cbe43521d8d65d6a27226e6978c602dfd894b78908ab982824Virustotal results 14 / 59 (23.73)Heodo
2018-06-071CZP09719566765863.docdoca4b927f123929d344aca679f0dcc58cf4a8507c1268d4bdfba5bede1035200eaVirustotal results 20 / 59 (33.90)Heodo
2018-06-071P45630404883982.docdoc340a996d634c9cd1d83432d3fefaf1adc7faa4a2868e1fefdec102b4020787f3n/aHeodo
2018-06-079J77831645343927.docdoc295c1c62c655ace3adb3a63ef4f808c493feda5542b50f0c64e790c155827088n/aHeodo
2018-06-073H10318263968126.docdoc63b07f7cd5b9e6f5ccbf193ac9a0f55aff39dc40ffbdc29f530e0996a093796an/aHeodo
2018-06-075VT62331226173299.docdocf2d0be0cb95bbf73b7818048b1f082966d95ec2f9429453306384b51d4794646Virustotal results 14 / 60 (23.33)Heodo
2018-06-075MKG40793370427884.docdoc28a4bf4772910c48b256e42192c648b251b5d923e0f3ade34b1f448be3b6132eVirustotal results 15 / 60 (25.00)Heodo
2018-06-079PBC07557019104480.docdoca60d662aaccdfb5ad852975bbdc7513fc28b1b2d68b3ebab079d28637819a29dVirustotal results 15 / 59 (25.42)Heodo
2018-06-079X61867733446381.docdoc3fe4a0cf580b9f012fb8286b94085c6d7931ba9bc27415db262fa99c0dbce9d0Virustotal results 15 / 59 (25.42)Heodo
2018-06-071W01084077885049.docdoc84186dd72b75a7e8eb6d0835d42591ea34abe9ea8ff8d3bd5843c74424c9db4cVirustotal results 18 / 59 (30.51)Heodo
2018-06-078NGJ59546531231834.docdoc9d689446eb0c3d55da0b92ed552d963d3adbb14396722d2abe6d520d2b250d10Virustotal results 18 / 60 (30.00)Heodo
2018-06-078U77809722499031.docdoce15ddc843cf51b8ca55b0716edbff15b89ffcfbd3ea02974a2f5011bae8fda5eVirustotal results 16 / 60 (26.67)Heodo
2018-06-071OPU55185521565230.docdoc08c29031ae7ca3c57078963e8339039d25b90b3fc7fc5053dd4c49797063d62dVirustotal results 18 / 60 (30.00)Heodo
2018-06-062UP25612690609969.docdocd9dafbfdc72a9c2a3a7249878c95bf27608ab2ecb13ec5fab9a9daec34c424c5Virustotal results 23 / 59 (38.98)Heodo
2018-06-064EWK84001526181263.docdocacc285368f2522acd9c6388ce77e23adf5be0083c0c21a9dce01eed5a742ca5dVirustotal results 18 / 59 (30.51)Heodo