URLhaus Database

You are currently viewing the URLhaus database entry for http://biztechmgt.com/mailer/g1li0h-1e637ld-ibin/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	192843
URL:	http://biztechmgt.com/mailer/g1li0h-1e637ld-ibin/
URL Status:	Offline
Host:	biztechmgt.com
Date added:	2019-05-08 13:03:03 UTC
Last online:	2019-08-13 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-08 13:04:04 UTC to abuse{at}host1plus[dot]com)
Takedown time:	3 months, 7 days, 1 hours, 10 minutes (down since 2019-08-13 14:14:06 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2019-05-09	Rechnungs_Details_354919956814DE_Mai_09_2019.zip	zip	b938aa32478c1d562becf9da611f633b8722f13ea9c219881120aea1af4ac609	n/a
2019-05-09	549542699053DE_Mai_09_2019.zip	zip	80878fe677da2b468f4474ad5aec8504b8cb2051eac1535f5c794d726ccc5136	n/a
2019-05-09	Rech_82822005828DE_Mai_09_2019.zip	zip	7a4607b57800db23835f433b908370e1074fef06f69201d79c48a1eddd5b6044	n/a
2019-05-08	003673590487DE_Mai_09_2019.zip	zip	32b09949b891d1b6a07986905f06647608212cad5c268e71a954470c309ecbe5	n/a
2019-05-08	Rechnung_49207961406DE_Mai_09_2019.zip	zip	8e744c0b361a3744f0177d8ece6769834c222b4277461c5fd84f8935c1b8b96c	n/a
2019-05-08	Rech_290665028686DE_Mai_09_2019.zip	zip	42128d90d722875fa5c4b487302a71d468332c76fffbc1f49fa23a9237a22de6	n/a
2019-05-08	Dokument_7295549050DE_Mai_09_2019.zip	zip	b66489bb417465f92b5cd557abc75daaa1ba2e127f1e41aba30be7f9668a63c7	17.74%
2019-05-08	8134935217DE_Mai_09_2019.zip	zip	685caa02ed5419b8fa3b8cbfe80696af8339b9c4018ac65f1b09790994e32cee	n/a
2019-05-08	48841444201DE_Mai_08_2019.zip	zip	0e2cdc37410a70146df0bdc2796aad87b4de71a8a7091a27a48dcfa729e531b9	n/a
2019-05-08	Scan_5824551776DE_Mai_08_2019.zip	zip	fac59fe01c5394f1016993a90416702e0b6a8e9435f6a2ff642def5beba813a2	n/a
2019-05-08	Rechnung_4410771966DE_Mai_08_2019.zip	zip	b2d7ef163d436486e00ff1a72a20e1e4c203dcfbb9418dfa506d55f9d48e45bb	n/a
2019-05-08	Scan_927078947739DE_Mai_08_2019.doc	doc	37390a65227c1c3d33a74d43898940cfd4690953cea047db95f39e191a20dfb2	32.79%		Heodo
2019-05-08	Scan_7794464948DE_Mai_08_2019.doc	doc	8ea46d2e7b76e5d7298c7f8bfd87d9ae27ccc62f881caad23ff2bef3d898ed4d	32.26%		Heodo
2019-05-08	5016437345DE_Mai_08_2019.doc	doc	71185c9cc943c6cc503e108507f5cab7834203a833eb3597487f24a5cb3822c9	34.43%
2019-05-08	Rechnung_99467499047DE_Mai_08_2019.doc	doc	abb657219fa4293bdb3ea83eef9701a8a1b8db399122ac9b78988d2d7670f05b	32.26%
2019-05-08	5228757379DE_Mai_08_2019.doc	doc	adfb40518e76da88b465cac35e6c32bb025e1f0188d96470a06ef516aef5d5ea	31.48%
2019-05-08	229626826168DE_Mai_08_2019.doc	doc	ccf713f98bfa24d4b3aaa4ac68b4b990b777b99c20b6bb61aa6ad25538f50bb7	31.67%		Heodo
2019-05-08	Scan_6098955313DE_Mai_08_2019.doc	doc	55b414fdc1fd75ce344a26606b4f1a0260a4867c0a35a202a08de8f3d6c2bd1b	32.26%
2019-05-08	Scan_60904252303DE_Mai_08_2019.doc	doc	e68497a4f031505d16b9c6c97077eafe011ca0b7a64f01baef10886dc8dbeabd	33.90%		Heodo
2019-05-08	7335190048DE_Mai_08_2019.doc	doc	76078c12f217788bc8a017d80c6a7e207a86a0141792fe1e43009847c44dd365	32.20%
2019-05-08	485473409504DE_Mai_08_2019.doc	doc	a6654bf3a1dc1407b542532d1a9d11c30b84cdd9cc736abccfec742eb677b117	32.79%		Heodo
2019-05-08	Rech_68954032807DE_Mai_08_2019.doc	doc	910b21b089dd8f21d37f4a08fb65efe7d20807abedda2a694bb1bc42dbbf4b90	39.34%		Heodo
2019-05-08	Scan_20368586641DE_Mai_08_2019.doc	doc	120666b2a90b52983e5e261eeccdcaa831ea1649c7b09ae4ca94c54de20a4e92	36.07%