URLhaus Database

You are currently viewing the URLhaus database entry for http://app.trafficivy.com/wp-content/lkN/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:308902
URL: http://app.trafficivy.com/wp-content/lkN/
URL Status:Offline
Host: app.trafficivy.com
Date added:2020-02-05 10:44:08 UTC
Last online:2020-02-11 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-02-05 10:46:02 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:5 days, 20 hours, 40 minutes Bad (down since 2020-02-11 07:26:37 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-02-07Invoice IQDY4255_786256.docdoc 4ba53fb7a5ff0623d1fe9d539505b1ab1b5b7d580a78295fd48de16b24da56c2n/a Heodo
2020-02-07Inv 742_048331661.docdoc 3078e9310437cd53e82bb9cc5679dcb71bb06e07a0113039114b9fb017590cf7n/a Heodo
2020-02-07Invoice_EDIE448_65260617.docdoc 00b524435a1e4b70e1783600f6ba01545628bacd15c00154b232bd464f1de19an/a 
2020-02-07Inv DTDQ8379_26921230.docdoc 18a869754b911c8a5e368d994d8b4f7405203cd1ad23862c51c30b8b1e900b38Virustotal results 22.58% 
2020-02-07Inv EN21_477677038.docdoc da55d54edd3021ebaf41530e1ec8dd18fb5541bb09c3cc9d10c88e9da0351409Virustotal results 32.79% 
2020-02-07invoice-BZRB25_67670263.docdoc 77815318e9f6226ad493ae32d374b61c54aee323314b8bca1d0caa7ed864e56bVirustotal results 30.65% Heodo
2020-02-06Inv-418_2162355.docdoc b45f99f3efe5bf82ee6cdee7f80ba7bbfa39f80c0973746b43efa2779a69b8d6Virustotal results 27.87% 
2020-02-06Inv-WYAE64_9053310.docdoc a91eba1db4ddcc5437aec16814c764bd4fb7d18f221f84031177016e8e52066an/a 
2020-02-06invoice-0435_23321490.docdoc af68f95640411edf06350ddc5f697fa63501dad1a427026652ba7a411e87c258n/a Heodo
2020-02-06Inv QF491_048968.docdoc 6c06954cbc088900ecf406f49cd3620cb6152c02121a754986fb65f7935bd043n/a Heodo
2020-02-06INVOICE_78_405863037.docdoc 08a17a2ca774e5d63d00d6347ab8569354e6fc33b9e65cd55db64f088125e77fn/a Heodo
2020-02-06INVOICE 2682_114632598.docdoc a6f83c36cfcb51c3f166faff124cada228ef05461001847944061e18a897c01bVirustotal results 27.42% 
2020-02-06INVOICE_TP9_70412905.docdoc b61644b4d4ea1d8856ff589c7017a16c5cb48d63a54cb1aa69aa19bfafc4dfb4n/a Heodo
2020-02-06Invoice G4_4490091.docdoc 515c3515f3728002f957e469f6d30be479f3db347968856134e1f0287ad0438eVirustotal results 24.19% Heodo
2020-02-06Inv LKBS29_307966619.docdoc e10f7b95c27f399f5a1a28c5e94c61bc47ffb9f8bd9ab3bb562cf27be6460e88Virustotal results 26.23% Heodo
2020-02-06INVOICE-CO641_783145.docdoc d8a98e712d6775091bbcdbe1e2b1ed30135d7fcb59a9ec4ce71bd80823438c5aVirustotal results 23.33% 
2020-02-06Invoice-SE4448_715161.docdoc 1ffc37048962c0a22202bc9de2da7dc6a958458986126b58248ab622cd695f7dVirustotal results 21.67% Heodo
2020-02-06INVOICE-1596_537531013.docdoc b0568d9ff726c394e4b6a7b7a59c6dcccfff57c4d618bb531c30dc3ffa5aaeedn/a Heodo
2020-02-06Invoice AP90_56766998.docdoc c137f96ad20933f15cbd33dd13a59de4aa1b0e84ba2d9ffeca8835eb21d271e8n/a Heodo
2020-02-06Invoice BLG68_079528256.docdoc b5e4cf1fcb5f1534d34df8e8be1547b19fcc61e8ddc96b3040b8b9173569998dn/a Heodo
2020-02-06INVOICE-BKXT25_4610554.docdoc 5f1d9dff136888c71d8b157e91821d73a94faa92af1bdc04912d223b7b1de32dVirustotal results 31.67% Heodo
2020-02-06INVOICE_FA5539_772035279.docdoc a5fc11e008c844121e447116ba31e7430ab4bc38350cfd1b6bd52fd322c059f0Virustotal results 32.79% 
2020-02-06Invoice E5313_461964.docdoc 9eca08bea00fec73f8bdc769abf28f857d39de7d922c4d0dfd4017dc5981d2b0Virustotal results 33.33% Heodo
2020-02-06Inv-Z616_44435995.docdoc f64c7b18189347af96b402b6f3cb3294d4dbbc7cad63748805727ac4d2a83997Virustotal results 32.79% Heodo
2020-02-06invoice-1159_23416571.docdoc 7eac21ec4810b17ae186a7cb7619660833006d22ffdd25ffa44769a9474a13b9Virustotal results 31.15% Heodo
2020-02-05Invoice MQ619_87935533.docdoc fbc7e227ec8bd45144bdd33ac13c8a9b563282ce2c47bed6f613e71ed22dea4bVirustotal results 26.23% Heodo
2020-02-05invoice_BV5140_699723.docdoc 2e6d60c0292605697751fd56084cb10b9ab90c135dd863bf3e428a185e050142n/a Heodo
2020-02-05Inv_WW80_075876.docdoc a16654e08b49b688aab6f059ee1349cdaa217e2a9035b9971ad725e145df3b57n/a Heodo
2020-02-05INVOICE_OV4_93791151.docdoc a2de78a3a39c2c5d3d3c617de7f83a6ee2ba59eeb411de1095a208d4b21ecffen/a Heodo
2020-02-05INVOICE-886_737798559.docdoc bac64a981e3fddb119868ac4b6c14005db9b3c64f608849911d6c08947267dcan/a Heodo
2020-02-05Inv-XQKL579_8857128.docdoc 86dcab95611cd3f691824d94d3910ca546323de58d60f9b04d0b7959d2759a75n/a Heodo
2020-02-05INVOICE-ZK338_421587.docdoc 2592177b8fc2dad7890e1d568a33bde6b00c015fc0c96dbccf47299f5f0953b2Virustotal results 27.87% Heodo
2020-02-05Inv-Q9236_7869978.docdoc 28d1b238f050e82f7e6bcc571b0ece1a23309e7cf54fd2eb77d1d79a021fbd8fVirustotal results 27.12% 
2020-02-05Inv_ZQN9465_2372966.docdoc 0e14c112db8433403fb9c660fa94df79d7019aca757c0c6a57b738aff2c26285Virustotal results 26.23% Heodo