URLhaus Database

You are currently viewing the URLhaus database entry for http://kancelariazborowski.pl/_vti_txt/3py-kiGHm-01/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:270249
URL: http://kancelariazborowski.pl/_vti_txt/3py-kiGHm-01/
URL Status:Offline
Host: kancelariazborowski.pl
Date added:2019-12-17 03:04:07 UTC
Last online:2019-12-18 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2019-12-17 03:06:05 UTC to abuse{at}home[dot]pl)
Takedown time:1 day, 14 hours, 33 minutes Poor (down since 2019-12-18 17:39:52 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-12-18Bonus Payment Notification CD5525.docdoc c8f181e74320c17afc7172d769e51a50c4a8be51a30becb584553c9eb72eadd3Virustotal results 22.95% Heodo
2019-12-18Bonus Payment Notification 36591583.docdoc 099d9114cf9b28c2283d5da4550cec51027a271f0773a2af0f45e9249ee2da81Virustotal results 26.67% Heodo
2019-12-18Pay Payment Agy538.docdoc cbf00c3856deae07bf9e14f5fd51a20e0c97a5d0fb97fdbfc0d1eaf3dd85f659Virustotal results 26.23% Heodo
2019-12-18Pay 14460.docdoc 03b61fedfdd80f38ae9afcada32a2fa43f8ea0a3b05bcb7a34a75a05f82942ecVirustotal results 24.59% 
2019-12-18Bonus Payment Notification pm231448332.docdoc a8bd7374cbb8c1c3c6e2cdc53a5a4ac2e2c9ac8a7675d98815df39982511a910Virustotal results 21.67% 
2019-12-18Pay U665.docdoc 18ae3f3323c6566477fc316f864e8a36457427b8eff46f57978779119e148460Virustotal results 38.33% 
2019-12-18Pay Payment gF623.docdoc 7ecd418f499c379ce5e26a430ee6b3c012aba02686a78c7bb652336666fa8873Virustotal results 43.55% Heodo
2019-12-18Pay Payment qee2144789.docdoc e18d1e8b2907f36a24003bceff68c184f4e902e973b76b13e9b07fd4c789eaf2Virustotal results 44.26% Heodo
2019-12-18Pay Payment hk045130.docdoc bae97d7f1b776e06c4425f1f40209eb0f9be839818b4d38ddcd4dd9148bee55fVirustotal results 39.34% Heodo
2019-12-17Bonus odP95197801.docdoc ffffede7ea632982a76b1b3afa34b322ed75cd9eea5dd11dcc43bacfb0d10917Virustotal results 37.10% Heodo
2019-12-17Bonus Payment Notification K87565217.docdoc eb758f084bcbf7486daab6d90db673776f225a12c5d35a5aaa0993f8419f2dbdn/a Heodo
2019-12-17Bonus Payment Notification l71486827.docdoc f0d160ab24154b700025e2af3a42551440b47b9628338808f823d77b8538f3a3n/a 
2019-12-17Pay Payment 463823764.docdoc 64e2f49cfdf6fabf6bce465fe1826c47f3dfac443dcdbec6b92e908f07dee278n/a Heodo
2019-12-17Pay Nc4522.docdoc 29d697765067c3697dfb256faa280ce17731733a0aae35d2e86cba06d898ad2cn/a 
2019-12-17Pay Payment 880.docdoc 12e0668d6485d1557076b9ec55bb281a8128bf31ffcd4d857e786ac752156aa2n/a Heodo
2019-12-17Notify H463948.docdoc 6b7c34d5cb597e4144608ceb867fe0ba1ff6a94564da88d1db8cbd050397bc90n/a 
2019-12-17Bonus Payment Rc1885973.docdoc 11609d6fef162c18390a302feed05a4ecdb2967762a2dab7dadca59a5526efedn/a 
2019-12-17Bonus Payment kl48800.docdoc a1e17db1817375edd6735f442bb2e7778952f5bce34d02f42059aeea8f672e11n/a Heodo
2019-12-17Pay Payment O138411586.docdoc 9dc1afce7d2bd7ec6d7b0da2d7eff6b3dcfe34620272b3620ae299e4396a5e3bn/a Heodo
2019-12-17Bonus Payment Notification 533012.docdoc 7100103fcd10dfc0a5773f8c3bd74ff8a0a5c7aecdc2c77ddf5fced772d01c30n/a 
2019-12-17Bonus Payment Nj123511048.docdoc 61238acfcc8bdd6c0bfdb44167021cd20457a4b50e10e0aa4eac11a9172dc59an/a Heodo
2019-12-17Bonus Payment Notification 4085167.docdoc 976a87c807cc6916b189eee5139dce17380aae5b911ab3ab7c62c2f1b73e2f87n/a Heodo
2019-12-17Bonus Payment Notification 360319.docdoc 98fa164dc5b7ff65c981a5d715f9a513de7b03d62e2fbd3be633c84170a4f657Virustotal results 19.35% Heodo
2019-12-17Pay X5089.docdoc a0a0e9f2908955f2e6533d1c10a96868fa4992f37397a64071260f4726b602aaVirustotal results 30.65% Heodo