URLhaus Database

You are currently viewing the URLhaus database entry for http://energisegroup.com/images/lm/vi5zvdf-2993-91-lt2i-ycues9kgac/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:288492
URL: http://energisegroup.com/images/lm/vi5zvdf-2993-91-lt2i-ycues9kgac/
URL Status:Offline
Host: energisegroup.com
Date added:2020-01-14 20:30:09 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Not blocked
Reporter:@spamhaus
Abuse complaint sent (?): Yes (2020-01-14 20:32:04 UTC to abuse{at}netregistry[dot]com[dot]au)
Takedown time:7 hours, 8 minutes Good (down since 2020-01-15 03:40:23 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2020-01-15PO_01152020EX.docdoc 0edf4c05fd5e483a3ca303151f3f58c87155ae9f1cec75be9ffd0aaad884f4f9Virustotal results 29.51%Heodo
2020-01-15PO_01152020EX.docdoc 556f0f62580588094bb0d595bdbb880b58a48148af61569258c9a84653374cbbVirustotal results 30.65%Heodo
2020-01-14BBU_010120_QCK_011520.docdoc bbf79cb4aa35f097ee65fbf27c2808626e53c4460eeec58c2a828aa669b50b74Virustotal results 26.23%Heodo
2020-01-14FNFAWKHX5J7.docdoc 6ea68ce4d24f0f499b02dc10acfa5ba8a428ce1eef46e6423899ce4be5f31b4cVirustotal results 20.34%Heodo
2020-01-14ST_93307869.docdoc e8e877eb89bc1a478fee7e89597bcac889a3776e27aae4692b63920428f58e53Virustotal results 19.67%Heodo