URLhaus Database

You are currently viewing the URLhaus database entry for http://www.sssgf.in/Zahlungsschreiben/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:31064
URL:http://www.sssgf.in/Zahlungsschreiben/
URL Status:Offline
Host:www.sssgf.in
Date added:2018-07-12 01:29:42 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-07-12 01:36:10 UTC to abuse{at}godaddy[dot]com)
Tags:doc emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-07-13RECH-ZVI-0000-94098.docdoca8a1e39f215f3b22e55d47a48e99e5af438224f789d91ab6a26c662658184e5bVirustotal results 16 / 59 (27.12)Heodo
2018-07-12RECH-FP-9896-36117.docdoc1a5eaa3b8261f0a77136d36fc1f93e9df5a4cb982b68ed8419ec23c06b961270Virustotal results 14 / 59 (23.73)Heodo
2018-07-12RE-KFL-05/28090211.docdoc8c3c5b4a32f7ae057376f9d67c800ca7e18ba00fddb21cc50a3234340ba99c8eVirustotal results 32 / 59 (54.24)Heodo