URLhaus Database

You are currently viewing the URLhaus database entry for http://germafrica.co.za/DHL/En_us/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:37879
URL:http://germafrica.co.za/DHL/En_us/
URL Status:Offline
Host:germafrica.co.za
Date added:2018-08-02 03:31:40 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-08-02 03:41:10 UTC to abuse{at}gridhost[dot]co[dot]za,abuse{at}webafrica[dot]co[dot]za,abuse{at}webafrica[dot]com)
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-03DHL_Tracking_61915549136.docdoc497be5f773cd826c4e352aef2ba0ceac18117e7709a3353a413eef2fddfef2aeVirustotal results 21 / 61 (34.43)Heodo
2018-08-03Tracking_04981505876.docdoc9dc62e09452e7d938de53a4cf92291a5b776c48b6691a192bc870df85b4a0a9aVirustotal results 20 / 61 (32.79)Heodo
2018-08-03DHL_Express_4798566753696.docdocd8e0da632b0a0cdca7d459624cb3000adc667b9de027c5508cf99dddbbc7c9dfVirustotal results 20 / 60 (33.33)Heodo
2018-08-03DHL_number_4053356.docdoc4d653c3d4bfd9abc484420d617a966b1f5e55c7a8afd68fd26e00169533da685Virustotal results 20 / 58 (34.48)Heodo
2018-08-03DHL_715820051066.docdoc7a09c704cbb7c3cfb0eb2c17ffdd8b73883c0df6b8f19ccec8832a5c8a66011bVirustotal results 19 / 60 (31.67)
2018-08-03DHL_number_3708489.docdoc4bfffd3f08092094a7a75d2f975de34f895cab975eba83d4a67cac9a4174435eVirustotal results 18 / 60 (30.00)Heodo
2018-08-03DHL_Tracking_1453838462.docdoc09b63ff2cdbcf67a4b8d6515e03fab4c00f98d0585377e3d3aeb85c8b7a9406fVirustotal results 17 / 61 (27.87)Heodo
2018-08-03DHL_number_59714732707.docdoceef4f837f31cc83ada05b167b197a618d920d738aed91b5e5154cbafc56eb813Virustotal results 17 / 58 (29.31)Heodo
2018-08-03DHL_Tracking_3065282149225.docdoc12f60d00cba337bcb3caf8851fc4037475b2ee30b7fb783dd038dc799a98f4d1n/aHeodo
2018-08-03DHL_Tracking_20324509.docdoc73e24c1e3f677d9bd631fb3a216834a2efda1810ae6bab865209b783f65ae95aVirustotal results 18 / 58 (31.03)Heodo
2018-08-02DHL_number_5419038548418.docdocccfdedef974def47e3e96002a76f381ce802053354d8ea525164a9feae401dd7Virustotal results 19 / 59 (32.20)Heodo
2018-08-02Tracking_230001053826632.docdoc60f0f3880a6decbd6af30198553336bd07529662cbfd3d3d0ef6becc6577ec96Virustotal results 19 / 61 (31.15)Heodo
2018-08-02DHL_Tracking_85852828047.docdoc8dd754ebef4ce2fea5eff0b840c92c104ca3969f6905e405ca93ad02e6166c55Virustotal results 19 / 61 (31.15)Heodo
2018-08-02DHL_870830922.docdoc8b05d212425cf34dc52ada11d1323e4376fb5158e674b3a98fc5656d8b2199b5Virustotal results 17 / 58 (29.31)
2018-08-02Tracking_66148138.docdoce635d230829fc7ecf0aba1580a577e6d5e7acaf84e31655492a6506baaa19375Virustotal results 18 / 60 (30.00)Heodo
2018-08-02Tracking_6440453.docdocbce744469a681e98b72844d9a7ff53b35d02d99aad66da89f571edf2683f41b6n/aHeodo
2018-08-02DHL_51831197.docdocda56618a8a5a0fb22bb12a90a63e8b9dd715b66f4ec7ba23eaed98d2b8cbddf0Virustotal results 17 / 54 (31.48)
2018-08-02DHL_Express_76012966488.docdoc9f288b4c77f71aedb4fe49c0895441485ed07f489e963455cacd53315933b599Virustotal results 21 / 59 (35.59)Heodo
2018-08-02Tracking_428684566838.docdoce34b3ef571441b7b4c3e2fc6fb88b46c440d32504e070e8947db82b526dbe461Virustotal results 20 / 60 (33.33)Heodo
2018-08-02DHL_number_48639921.docdoc98caae4c8e26c61082a8ef1fd2b9000d42217dc566396c0799a85ca72f3ee2f9Virustotal results 19 / 60 (31.67)Heodo
2018-08-02DHL_717774797.docdocd91aac11e2a28d708ef8ea82b534128e782048b29d98024b35abb665e19a08e1n/aHeodo