URLhaus Database

You are currently viewing the URLhaus database entry for http://groffscontentfarm.com/wp-admin/parts_service/bFiQiftATlBOAfyNzL/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:243362
URL: http://groffscontentfarm.com/wp-admin/parts_service/bFiQiftATlBOAfyNzL/
URL Status:Offline
Host: groffscontentfarm.com
Date added:2019-10-10 19:40:10 UTC
Last online:2019-10-18 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2019-10-10 19:42:04 UTC to abuse{at}unifiedlayer[dot]com)
Takedown time:7 days, 15 hours, 10 minutes Bad (down since 2019-10-18 10:53:01 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-10-12HRK8JRVRTI_IDC.docdoc a85cc2088eaf316b8fcf3c7f33996b1acf93f99f820eaa9dfac83d0637adc9ceVirustotal results 29.31% Heodo
2019-10-126FCFA7M8K53D.docdoc 0820583f08641e381535f338b0f34151069ee8c0dca8bce250e2e0cd35f55866Virustotal results 28.81% Heodo
2019-10-12261251707081.docdoc 2a71168f233fba777e655c9dedd9ba4cdc2ec0c8c15e459175ef835196a4dcffn/a Heodo
2019-10-1134954688208994_10122019.docdoc c76ad8c515050ede4398828c8786efe76e25f972cb5d1ed96290786001f5cfa7n/a Heodo
2019-10-1132226924275438_CT.docdoc 8fc91396de84667cf2570c5dca848ef3cb311577ab76b0203f5c1d5fba6e052dVirustotal results 27.78% Heodo
2019-10-1169390836601391_10122019.docdoc fb061b509b6a0106c5449a238778280039d47483a92d722caddea5281015d945Virustotal results 27.78% Heodo
2019-10-1169903527441580_10122019.docdoc 0debb52d3e04d91f9a72785af3a83b5683b059659289418736ee9ffc4aa23b08n/a 
2019-10-11WWW_2066737120.docdoc b8dfab7e6a4b6f5c477655cead4b0ab425429e073e1645da49f80242e21e0165n/a Heodo
2019-10-11RQM_9760535302231.docdoc c6d39eabff69e6e0c634a34f040826d8f437a770fba340227a8019ebabed4f7en/a Heodo
2019-10-11GZP_A68LK4IBXS3584T.docdoc 6125489453c1824da3e28a54708e7c77875e500dd82a59c96c1d1e5ee88dcad7Virustotal results 25.00% Heodo
2019-10-11US_FS0QXM4TXXX0N7S_OT_10122019.docdoc 1b21cf35d5bf666e300a8b9e47ecf065e5e2cac0eb4ef6b3057a82bf7719bbbeVirustotal results 23.33% Heodo
2019-10-11ERW_YFA613UU7NT.docdoc f4a09b29ddc5d848f3953849f26e8e7877c116b3771c13ed753c2c53b2574b06n/a 
2019-10-11SE_TEWLS530FG4G1_10112019.docdoc 5ada1f249afb0dab78e36e9ef60a134dd593275d1f25d51ce200eb0073a168a9Virustotal results 21.82% 
2019-10-11OJ_DJUY52SAOINI1ZR_IJ.docdoc 662ba74a3863a99dc6ce27bf18ae06d3ffdc5d26c7a84b2d5c8fdfb0316d9146n/a Heodo
2019-10-11MQV_9344149841782.docdoc c33af49e0ea81a8c764891fc8939d5b153201bb795013b4b3fb132757bdab59fn/a Heodo
2019-10-11QVN_8890188796654579_10112019.docdoc a1077231bc025514859fa58141c0cbcec951aabac93dbd77fce2f23e9a97025an/a 
2019-10-1138328947946_OL_10112019.docdoc 2227247f2e71f3d0f6446c7c81e21dd83dd5842574a81e29e4432706c697cdbfVirustotal results 20.37% 
2019-10-11JL_JNNUSW6HNLM9CUM.docdoc f1722c469f9fcbe2fbd652fbdf0a2adaddde8221b03ad2446490a0caae541039n/a 
2019-10-11RD_29BR8O6H5BZ_10112019.docdoc 979f9dfdd8eab83cd27da2bd8da0f7ba9546407c5fdf5c27b466a72c89c6b98en/a Heodo
2019-10-11DMJ_30649133570522_UU.docdoc 019b7ef704a635b4853b98e67f10c7e6b607fb5b91c24d4d2b4e2c5459b61bd3n/a Heodo
2019-10-115048440875495766_QA.docdoc de9752e65eef8e813a25cd7daf3e54bec2c0ea8bc4dae4052991b87971034e9fn/a Heodo
2019-10-11XP_9YCPFZGLMDZ16.docdoc 9e1d7cd63b0edcb4b3c4b1c86ecf477245ba82b4291bf26484fe2dd6cd9d12a1Virustotal results 22.03% 
2019-10-11DHI_QNTG3ZC452ONXR.docdoc 6ccbbe119a82b34863e42def9f879cc9267f9303576b58dbcf9bd4f650766adcn/a Heodo
2019-10-1124231083355_UX.docdoc efbf4355ea2b430cdd94e8320aeb3f84e2c3ffdfe053d292b1ac3d6a463ec2f1n/a 
2019-10-11ZZJ_7982327990859_I.docdoc 2c00d66e32eee99c44fef2ee8dab6ad8253433b48dc1dcd6fa63f1b688baa63fn/a Heodo
2019-10-11EGG_2290247734931.docdoc 0c8bbc97828005bee9e7a2cf4887665e56a4a6755983424cc087a3a3ff58c672n/a 
2019-10-11SAG_A9FKD5R60E3.docdoc 76a62f7e63606a966378d9f3ba8fcec5a7cbb1e67caf749a9cc77e20092aed08n/a Heodo
2019-10-11TVZ_NC2C7BW3M5M_JH.docdoc f0f7d091da00472f4f35e70fc23317cab77d70076e94a9239c6d4d476f197ed8Virustotal results 20.00% Heodo
2019-10-11V9AZIU9OQX.docdoc 1f08e5bd06d1bde318055f626dff14677005ec9200c533c74a98cc68ff1b648bVirustotal results 25.86% Heodo
2019-10-11084784678751409.docdoc c31b70650cc06b19bfae4a03e06ada088830ceff83a153d22eb69433abeb8c5bn/a Heodo
2019-10-11111406636979978.docdoc 3f9a77d0e330966ed7f0567121ce0f905f07ce999c43b2edbb4ee10ebb2bdbean/a Heodo
2019-10-111309693794_SM.docdoc 5040b48ec0089b1cc4ef7eb612aef0f90e631544ecd71e79b8c9ee4629e491f9n/a Heodo
2019-10-1142FS74XRRCU8_QF.docdoc 4cd857174a8a6c70fff346cbf7aa9c596cee0c81bea927d8d23446a00eeacca3n/a Heodo
2019-10-11LLC_487252071441569_UC_10112019.docdoc c92ed8fad0f453c7460aadfd8bf687d5cf99560115dddacaad75833aa40e0b6eVirustotal results 17.50% Heodo
2019-10-11FT_518286116702960.docdoc 2aa3bc1c73221e8cb02ba6793487e0b7e88caf38dd40da5d1a42d3f36147b5f3n/a Heodo
2019-10-11FT_72543269768_SE.docdoc f2c0e019820d4117ea66130362fba34a0dfed13ea37af7571de1d6b7c5aa3b26Virustotal results 35.29% 
2019-10-11FILE_7DS8C09R2_R.docdoc 1805c5e9bf3e64f88da5011beb039fecdfedb527c2626c7e4177d0da307b720aVirustotal results 35.59% Heodo
2019-10-11FT_577222323170_10112019.docdoc 75eae2ead8febffb89de4e0e64e3d9c9218cdcf88f83c46f3e1324277fc5245dVirustotal results 32.20% Heodo
2019-10-11SCAN_95673936730307_CU_10112019.docdoc 7a8a800c29c6e9dbf732d98fd5eccb9e78078101fee30d287dc534e83e58a22dVirustotal results 31.67% Heodo
2019-10-11FA_4395056293884076.docdoc cc88b6c2e36692379df13967b38df23ea41e6e39403ea6da5bd20097c74d4142Virustotal results 31.58% Heodo
2019-10-11Q0E29IJ03_NIX_10112019.docdoc 69fa6b2b52312b8aefd0c77695a215245b8eb499b0904bb31e1f9ede0153fe74Virustotal results 32.14% Heodo
2019-10-10SCAN_GTEV8XGUNQ_P.docdoc 51de13d18a23740342f1c681de4cb6c2baf116f2a4df4730c5338439d05823e4Virustotal results 35.59% Heodo
2019-10-10SCAN_D4BOKPD55174Y.docdoc 47cad341e26f67d00adaf1c4e3d0adf77eafd64d24999e35500e364f046361ddn/a Heodo
2019-10-10RE_KEISANES9I2N.docdoc 5abe8af115d25a49da2b007f9a0220518b72ce4b5ba70f6f243157b240c15182n/a Heodo
2019-10-10INC_026611050220945.docdoc edd0ab17a61f95c20b02d9c7b58ef29911fc287846fdd80d6804d7e325e6b4e5n/a Heodo
2019-10-10SCAN_2369729329687_R_10102019.docdoc f6611b46795d1ef7c3a0cd4b8825f83d53208e149717b71f974ac677ca60b15dn/a Heodo