URLhaus Database

You are currently viewing the URLhaus database entry for http://closhlab.com/default/En_us/Invoice-for-sent/New-Invoice-SC4212-HP-54196/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:36003
URL:http://closhlab.com/default/En_us/Invoice-for-sent/New-Invoice-SC4212-HP-54196/
URL Status:Offline
Host:closhlab.com
Date added:2018-07-26 03:53:10 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-07-26 04:08:01 UTC to ip-admin{at}coloquest[dot]com)
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-07-27(INV)CCU1002059757868.docdocbde09f8867d51046b2715e8aef37a3dc3980aec4f3e8aeb96a67fed3a732efaeVirustotal results 19 / 59 (32.20)Heodo
2018-07-27BU814953631138.docdoc8659f2f01f2f4addb9bcbd6f1feb58f7d0bcc511ba0188db05bba2173640d5can/aHeodo
2018-07-27NJ851481958088002.docdoc832ed863dddad68d532819ab6f7192dfc006cc10e3cad5de419ac3c955229f3cn/aHeodo
2018-07-27HYU933935904221303.docdoce986d8efa352e0d928af513e2dbd47e83b05cf68a33212428b6c245a13f1d5beVirustotal results 17 / 58 (29.31)Heodo
2018-07-27BC752325328491751.docdoc3456bc01374589a3ba2a1daa3ee486108f8bf98bde72177c1c93845c20986072n/aHeodo
2018-07-27XZ724076757974.docdoc9d4b6cb145aa6d1370327ef2d18d4497687a8a4793685961bc9dd207ea5b53b5n/aHeodo
2018-07-27(INV)XO7226927825543.docdoc351df39fa91ac1b92688ed7c52efce7541ec78cd5f070545d170927b6bee51a1Virustotal results 17 / 60 (28.33)Heodo
2018-07-27(INV)ZD4085265107.docdoccde212a61556b35461627f054f56be277c3a5203bddbcbe526742b4b849a5bb0Virustotal results 24 / 57 (42.11)Heodo
2018-07-27UE4664445759534.docdoc06f3528100cd5d4ddc7f06d35d26918e30f723755e342f583d8bf5f791e8a21eVirustotal results 22 / 59 (37.29)Heodo
2018-07-27(INV)YTS12689435139.docdocbbd808b9ae468f0fd7611ed28d9c32ff61116a64095ab2da02877b44b59966e3n/aHeodo
2018-07-27IM27397762606752.docdoc9b99ae32bd51d49aca7926b9002545c408008acba23db0467142c2a7f9336617Virustotal results 22 / 60 (36.67)Heodo
2018-07-27EYW7231113853879.docdoc33ba83b65eaa1da785579f0af6fa4ea422f7c11092a75c0ad432ea738806e571n/aHeodo
2018-07-27EEA97637744761.docdoce3099018327316f6689b6dd7fa88e4e59861e054af2cd59db77cd7eb6b85e60bn/aHeodo
2018-07-27JKZ566274901944771.docdoc52fd75ab91039e43ce7cbc404494ec655e5034421e90bb32a340243c61d16f36n/aHeodo
2018-07-27CB85042548513129.docdocd0ca6ebb67f48044528439aa73c8e3408fc5fd3eee1c64a9bef27a5e1c71624aVirustotal results 22 / 60 (36.67)Heodo
2018-07-26DTY81635615587.docdocda949e88f8e20caff806d1c8201777571991a2701bdc2f3e44815d0e18ab948cVirustotal results 22 / 60 (36.67)Heodo
2018-07-26DE6928345377.docdoca8e856a69c9eb0074a418c67d575b91b49caea488574529a40e3b129cefde689Virustotal results 24 / 60 (40.00)Heodo
2018-07-26SA891439987701.docdoc8f0dae9f191c55289ab80783e68c0e03e97f391cd86ae283304555f20d8f2d31n/aHeodo
2018-07-26(INV)JPM1948356968123.docdocffc7944f16c06efdd23a4fb946eac1dd2b1a91f2d27b7cf24396a78713b17c5aVirustotal results 23 / 60 (38.33)Heodo
2018-07-26(INV)SD44994962998446.docdoc5bdac880fac6d0b90751b1f2f7dd97b50ddf2759926a414b940dff6fb8117833Virustotal results 21 / 59 (35.59)Heodo
2018-07-26(INV)GPZ60347921456992.docdocc77196231630b535ef5f0d46f78b7be22a27954daf395065b8f448829bcbbdffVirustotal results 21 / 59 (35.59)Heodo
2018-07-26(INV)LO38919549795312.docdoc2fca591f3a53ae78f6205f0fdbc3ac7b76cc36c9cd614d74bd62ff278d59eb54Virustotal results 18 / 60 (30.00)Heodo
2018-07-26(INV)KC88890007963.docdoc93bf51d8460455e19a53220feb590ad784d2282f009bc7ad393d76e3be3540e8Virustotal results 18 / 60 (30.00)Heodo
2018-07-26(INV)RWA15300452986472.docdocf31b10a0262b339800fe10d224f275639679abd58a0114c643fef822c60a14ecVirustotal results 17 / 60 (28.33)Heodo
2018-07-26(INV)DS0307939444.docdoccae201c0186ce7a7772512776f9cc768861fd18c7ac96d1c65cbe72304e86b57Virustotal results 18 / 59 (30.51)Heodo
2018-07-26(INV)TNY56488056908.docdoc69911db30fac3233862b4c74defd879a60b70912b4f2c932a5cd36bad8752454n/aHeodo
2018-07-26IS2272741248780.docdoc5728aa05ef3551aa19530c31280bb3ea3c1e3a5002a0d7ff73c0defedf6d5f13n/aHeodo
2018-07-26GQ7744971245313.docdoc056a4134212e57a50932041c6294b4b2ede287d700a2a0512136eacc155e64b5Virustotal results 18 / 58 (31.03)Heodo