URLhaus Database

You are currently viewing the URLhaus database entry for http://ferrazemprestimos.com.br/PAYMENT/CO71767249712T/21781319561/CBN-DXUM which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	39365
URL:	http://ferrazemprestimos.com.br/PAYMENT/CO71767249712T/21781319561/CBN-DXUM
URL Status:	Offline
Host:	ferrazemprestimos.com.br
Date added:	2018-08-07 06:05:40 UTC
Last online:	2018-09-08 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	unixronin
Abuse complaint sent (?):	Yes (2018-08-17 09:27:44 UTC to abuse{at}hospedagem[dot]net)
Tags:	doc emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2018-08-08	PAY 07ZHSMMUH.doc	doc	41ea992f3784362e4aaa14187de8321f2835ada7b770ee0512b834312d34e811	36.07%	Heodo
2018-08-08	PAYMENT 6PGIQN.doc	doc	ca90ee3ceb6b5f53c97e5621978522340940c65ff05b26248b391c4971d098a9	36.07%	Heodo
2018-08-08	ACH 43GCO.doc	doc	904171c20a36669fe9ee06fac73eb36dd9d390361e3d7f490e502c370f72cdc6	n/a	Heodo
2018-08-08	PAY 0070AQBBYWTB Aug-08-2018.doc	doc	6ac0e66ce6079eb7c77aefa7af63fbde6d61f4a4ab2d44b7fa92d9ae3e871cfb	33.90%	Heodo
2018-08-08	ACH 7PWTX.doc	doc	02b1332ca6cb71e1331e3e60551f76ad03abb6107b31ef0a422be490f09cff41	n/a	Heodo
2018-08-08	WIRE 2764IROQDNCK Aug-08-2018.doc	doc	255f7693674a18c36a497726df17da8020a67c37658035f550d737e0d137d2ae	n/a	Heodo
2018-08-08	PAY 42KHQXHBGQ Aug-08-2018.doc	doc	465392907ac0de1068a5b4cf9019e7a5a6d2f4b65c301c261842d62c332a42fb	34.43%	Heodo
2018-08-08	PAY 73TQEJZYKI Aug-08-2018.doc	doc	744feeebd9a9cb0ecd36f45e5ef235ae78717c7bb41f9b8ff48e20c9ea4e44b9	32.79%	Heodo
2018-08-07	WIRE 0ROJFSAHM Aug-08-2018.doc	doc	87f365e484c24c447378a1b38a2e90a42d8385e97adbe4c47b600aaf2ba585a2	32.79%	Heodo
2018-08-07	WIRE 463163TBTNGLWQ.doc	doc	f83ed0b8740d63b8e020df41c168e9a535b3af5bc537c1a4a56871ed63470e54	32.79%	Heodo
2018-08-07	PAY 95XZYFLA.doc	doc	4803a9181557f13c4b8452f9776a2f585175ff9d687b26fc1ac8b8fb5009b68f	34.43%	Heodo
2018-08-07	PAY 39NSZVX Aug-07-2018.doc	doc	e5626a7990f4a1d42f515c6d3c7d1fddb2ac1c2d3a4d7477cd1f58a299ba8cd4	36.67%	Heodo
2018-08-07	ACH 943BR Aug-07-2018.doc	doc	e633b6c6918dbf42fb5ebe1879d34721ab885240a7578c7e07e0b2f423a25f20	32.79%	Heodo
2018-08-07	WIRE 11036LD.doc	doc	5c4cbe7c04a215cc897996d4d0120b3e3fee42facc2320559dc5b0489ab7753b	29.51%	Heodo
2018-08-07	ACH 3878BT.doc	doc	9b44aaea9e7d19b5287f6bb14cff0b64e23703f9c7164224623fea615cd2941d	32.79%	Heodo
2018-08-07	PAY 6AQKZ.doc	doc	858aeac15a64b278af88ddf9b00d8cdf1ead6d0046779a780b19d848014bf66e	34.43%	Heodo
2018-08-07	WIRE 132787ADOPVR Aug-07-2018.doc	doc	e7d99cf53f2328ba4585028e7bb9d4f347419d4f9c8730371eec4842009ce8a9	32.79%	Heodo