URLhaus Database

You are currently viewing the URLhaus database entry for http://anaviv.ro/sites/En/OVERDUE-ACCOUNT/Invoices/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:35966
URL:http://anaviv.ro/sites/En/OVERDUE-ACCOUNT/Invoices/
URL Status:Offline
Host:anaviv.ro
Date added:2018-07-26 03:51:22 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-07-26 03:52:02 UTC to abuse{at}clausweb[dot]ro)
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-07-27(INV)XL501708742065812.docdocb1d3412b790f7054bfa5857c39cf727c19d4050b6a92c5b9a89d6e80acfb9b03Virustotal results 18 / 60 (30.00)Heodo
2018-07-27(INV)KV44315458787.docdoc4fd7ab625f4b444da2e5e60b7adc03a0de14c42d2357f518b07d9924eca1a50dVirustotal results 22 / 60 (36.67)Heodo
2018-07-27NST2230357312906.docdocd0ca6ebb67f48044528439aa73c8e3408fc5fd3eee1c64a9bef27a5e1c71624aVirustotal results 22 / 60 (36.67)Heodo
2018-07-26GO655351199447.docdoc3c7c002cf0a9a097ec00670b1658e59a0fe116a667e6201e50a9c1ba2bfbd511Virustotal results 22 / 60 (36.67)Heodo
2018-07-26(INV)XJ518037162.docdoca8e856a69c9eb0074a418c67d575b91b49caea488574529a40e3b129cefde689Virustotal results 24 / 60 (40.00)Heodo
2018-07-26RVF85516434965.docdoc243a87a44e767e8d5b788c29bb0dbec9986956b40c407074f670bcc9b206d730n/aHeodo
2018-07-26XM5323054616448.docdocffc7944f16c06efdd23a4fb946eac1dd2b1a91f2d27b7cf24396a78713b17c5aVirustotal results 23 / 60 (38.33)Heodo
2018-07-26(INV)AWG436279108375.docdoc5bdac880fac6d0b90751b1f2f7dd97b50ddf2759926a414b940dff6fb8117833Virustotal results 21 / 59 (35.59)Heodo
2018-07-26XL333368964.docdoc7d1452ab28a32b82e29a27b02f3881ed4eb7e33e47c65791753b6f9f6b0da364Virustotal results 20 / 60 (33.33)Heodo
2018-07-26ZU965460066.docdoc2fca591f3a53ae78f6205f0fdbc3ac7b76cc36c9cd614d74bd62ff278d59eb54n/aHeodo
2018-07-26QQD01150849126.docdocae9906780f635486c8ad44c8e72767bcd2bbd5b5dc8c4ae021239584e9c4ffa5n/aHeodo
2018-07-26(INV)LQB3721256367.docdocf31b10a0262b339800fe10d224f275639679abd58a0114c643fef822c60a14ecVirustotal results 17 / 60 (28.33)Heodo
2018-07-26LYJ158867779824621.docdoc53b3c386bb6dd65b90436e1a737084344d2db9f1fa5dbb72d7954c36af8adcc5n/aHeodo
2018-07-26(INV)SC726842793444.docdocfc6848effbc513b58e4bc5a5299bb3e69da66f8aa3c45abf589badc5efc123f3Virustotal results 18 / 60 (30.00)Heodo