URLhaus Database

You are currently viewing the URLhaus database entry for http://zeniaxsolution.com/a5bc0d28dba0d6b56ad1f1461a4d329e/60kr8-mgb-11/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:287494
URL: http://zeniaxsolution.com/a5bc0d28dba0d6b56ad1f1461a4d329e/60kr8-mgb-11/
URL Status:Offline
Host: zeniaxsolution.com
Date added:2020-01-13 22:47:35 UTC
Last online:2020-01-20 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-01-13 22:48:02 UTC to support{at}excellmedia[dot]net)
Takedown time:6 days, 8 hours, 25 minutes Bad (down since 2020-01-20 07:13:13 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-01-15Inv_YNT747_0520.docdoc 94b94cb077d7346faecb2177c9dc839a594393710270149c5788c8048f4b9141Virustotal results 37.70% Heodo
2020-01-15Invoice_GDX044_6172.docdoc 0f0f2f15c319d7abd2bf1f48a46a0cfcb8f4b08e03340187d2a119f1c64576abVirustotal results 36.07% Heodo
2020-01-15invoice-FXI517_45.docdoc 7a1bb65a845c067f7a327d08097b85e17646c11d6f7b226176e89d16474d54b4Virustotal results 36.07% Heodo
2020-01-15Invoice-UWD504_8304.docdoc ced74a717f09aa4ee30f883e7140c28a91a1911384510acf14127ecd77ae577cVirustotal results 35.48% Heodo
2020-01-15Invoice Z04_71484.docdoc 387b842a9903f350b0aec6eedf20fa0547a981cbf44f98732b4df63992a1558fVirustotal results 27.42% Heodo
2020-01-15invoice-RIR308_705.docdoc d734c675e602c5f26c4793829c73af6461a4fc2073b6a8ed9c29282e300a82bcVirustotal results 26.23% Heodo
2020-01-15invoice-J15_19778.docdoc 79d850037eabe7e83439d87b8c4161fdfe4080f451fbccdbcc820d323e749c0dVirustotal results 25.00% Heodo
2020-01-15INVOICE_SBA203_76.docdoc b7d6a9d883ceb3098ae6e82cb15a930133fd838486587f4f1fee1145cfc87b3eVirustotal results 22.95% 
2020-01-15Invoice_EFS810_5474.docdoc d8c471af6cd71b2f8f787a8495e917b1840894d61b338e78b5acac899cadf519n/a Heodo
2020-01-15invoice_EXW88_823.docdoc 0be95290124a09aa4fb39e3c9069ee6c8078349d8fedc5694c2bf8e6291b4839n/a Heodo
2020-01-15invoice_KAQ126_58732.docdoc 90c1afaa5b3ec11b45a05c31ae4bcae3f687b28bf8620503dd175905dd945c02Virustotal results 18.64% 
2020-01-14INVOICE_VJ060_75535.docdoc c912fbd5e3979ce3299c6cab4db775c4d86fcd1c779d4c2b402931f558484d99Virustotal results 16.67% Heodo
2020-01-14invoice-MZ526_90110.docdoc 574b2bb421e5876d279f08a21722a49102902d0a532730dc18a0051a9b53067fVirustotal results 18.03% Heodo
2020-01-14invoice-M55_920.docdoc c088977bf0174e3632493d2aef08b77a3aa0d3fe40c4ea66ee38f8bd96a6e6c6Virustotal results 16.67% Heodo
2020-01-14Invoice_AUV63_23.docdoc e19211b7c079fa51a4c909460ad266587c4ac771648c802cb4af537d71e215bdVirustotal results 16.39% Heodo
2020-01-14Invoice_WCQ831_78.docdoc e1715c9535e08f080219e8b45c63a15623241299900b44a82bc44446b9c912abn/a Heodo
2020-01-14invoice LGK89_33.docdoc acdd619085efd823893ebf5d4e5b0d5dfc93c1d3b1b7c6ba339aca6d99f8ad49Virustotal results 13.11% Heodo
2020-01-14Invoice-A19_68.docdoc c9e03d9b15a357f412a9ea5302fa6183e4f06d8ace5d5b43dd1cb67d11e0146dVirustotal results 13.11% Heodo
2020-01-14Invoice_UD73_8212.docdoc d50fb4d2b5aeca55182160f95f244527af5d00d92c8e760906394e338cfbe992n/a Heodo
2020-01-14Invoice QW71_42.docdoc 0faf3fd55b88c2f80c3c5cd739ce0bf7f31ab2beab1ee1922485d42cdbfddff3Virustotal results 12.77% Heodo
2020-01-14Invoice-UXW745_710.docdoc 1d56a829a8b53c984eda84373182767912fbf9d5211e5c1cbd839b753410172bn/a Heodo
2020-01-14Inv_RYN403_220.docdoc 61ef44b898c732da0b07cc34493e971778b8835edd28386161473dd228025581Virustotal results 18.33% Heodo
2020-01-14Invoice-OJW71_44.docdoc 9f430cba9753330bd2dda6221bdcd057c6e188e12c984e211d0d1eee54636c51n/a Heodo
2020-01-14Invoice-B630_040.docdoc fae7e292b443e97b48949f711e94e1ee3c23e5e01cdcb3d890bb6c20d459d756Virustotal results 38.71% Heodo
2020-01-14invoice TM21_518.docdoc b39987017e022d0ba9deb280486992ee0ee0338e50e564915d25a97a777af0faVirustotal results 37.70% 
2020-01-14Inv-GA36_704.docdoc 6384027a4dbfc0dcd5712a79436c9ad2cec5de14f6986091c07ce25b32e3d802Virustotal results 30.65% Heodo
2020-01-14invoice-AB967_381.docdoc bbec91babc2513939b05530c6c50549b7d096c7bbd57e557b07d145f9d2c66e8Virustotal results 26.23% 
2020-01-14Inv_MO014_08928.docdoc 18b7a070ad16b8cfff48c011226af98c8df66202cf67b83d9229cad680bd053eVirustotal results 25.81% Heodo
2020-01-13invoice-LNW41_152.docdoc 4aefe00954db74f1af15ce84c91567c239d1081b3c8bd1b08477da705db7a5f9Virustotal results 38.71% Heodo
2020-01-13Inv-G85_93293.docdoc 0c78ca66007eaf94dd50928b141ad1e6639b484fc97fc814e415a7d4df90d9cfn/a Heodo