URLhaus Database

You are currently viewing the URLhaus database entry for http://minibus-hire-basingstoke.co.uk/js/erhXjTo/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:414168
URL: http://minibus-hire-basingstoke.co.uk/js/erhXjTo/
URL Status:Offline
Host: minibus-hire-basingstoke.co.uk
Date added:2020-07-17 18:03:05 UTC
Last online:2020-07-20 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU002815526 created on 2020-07-17 18:04:07 UTC)
Takedown time:3 days, 0 hours, 39 minutes Bad (down since 2020-07-20 18:43:42 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-18INVOICE-113_782548644.docdoc 169f03cee2b674a04eb777235895e2e6d94f82785fac8764ebb330df2bf2448dVirustotal results 40.32%Heodo
2020-07-18invoice QG3510_9484650.docdoc 81cd5ce6123449ba648b0d4e9e5b254c223fbec0959ca04f739d278bb49e0761Virustotal results 40.32% 
2020-07-18Invoice_38_406047.docdoc 80e277e15058cc1c440200dfe3163744b701225ecedf6888dc08e9f77df37601Virustotal results 40.32% Heodo
2020-07-18invoice-CN7787_79386899.docdoc ad8ec7c667bb0c0c8f29d5da291048d0a7ec8f118a640c6e97788abc0ecad0ebVirustotal results 37.10% Heodo
2020-07-18INVOICE GZHC74_74061355.docdoc d3ffb14c18b416b231635410c6fdfd85e9caf6a0d9cb2392a5ceced6e9f60207Virustotal results 38.33% Heodo
2020-07-18invoice-Z8_31658094.docdoc 7160087ac3e5c4d46b6584cbcbddcc6ec96376290a7361df015284b62cb3c2acVirustotal results 37.70% 
2020-07-18Inv-UDS797_611547728.docdoc af0485ffa7cb3464b0918c518490268e427e3a768d194cedf1187eefec333104n/a Heodo
2020-07-17invoice BMID4_508434.docdoc 409ffe4576bacde509efa8e950c78e278332d37992587aa8699d6856cf62b119Virustotal results 35.48% 
2020-07-17Inv-7_6469926.docdoc ab19da6f740056f36197abf8845d9ccaefbce0a420ecc8c0c4576eb74a108ca9Virustotal results 36.07% 
2020-07-17Invoice-YOUL3_136172.docdoc 61a437bbed8e3ac3a4641ce788de7880516f124ad0a3223f107e92fb0cf969eaVirustotal results 36.07% Heodo
2020-07-17Inv-E5_9216839.docdoc 0e481797eda51bc8b1d373542b6813b97cf0dc0f6e86db9d719f7a7f23538c56Virustotal results 36.07% Heodo
2020-07-17Inv-STP4544_739910.docdoc 83f66d992e12fef5ce5f9bd4d34b909c05733fbc574d98eb9524003fd005d738Virustotal results 32.26% Heodo
2020-07-17Inv PSUV2296_64059852.docdoc 1e1fb8134d9ede5ca2e5b740ff81ef5e76206eed5933c5c2786ecbfa2dccf624Virustotal results 30.65% 
2020-07-17Inv BELZ868_756279886.docdoc 20de33746af373be1073d493ee6969d6425daf6fd56b2428f968d54b99eec3beVirustotal results 27.87% Heodo
2020-07-17Inv-V7_61287815.docdoc 69fda7852e8bb1536d60567e061a42139a071a604855852101bb0d4d3ffdaff8Virustotal results 27.42%Heodo
2020-07-17Invoice-61_60514367.docdoc 4bc9be17841664c17490eef267f70c56282b93df28e99ed18d9707915b7afbc9Virustotal results 26.23% Heodo
2020-07-17invoice-JXX211_096578693.docdoc bb6b248bbf5fa806a85edd4cd5580e6d0f24bcda6e0271b88c236cd653601ee9Virustotal results 25.81% Heodo
2020-07-17invoice-DD5_58992211.docdoc 0c6fdbb83539fe76c8db143e036c4eca7464535d8b900318b5c0870b3b8024a7Virustotal results 25.81% Heodo
2020-07-17Invoice 3_431454.docdoc c2b553545e06679e39244d84c3d6729f9337c8b8555de65692c07c1b839fdb5bVirustotal results 25.81% 
2020-07-17Invoice CVDC8677_76324458.docdoc 76928591889ae669b3f46ede90c2957c6d97b10384196385230d4584107a6223Virustotal results 26.23% Heodo
2020-07-17invoice-G5531_31972911.docdoc ea488cfef075f8314cbc01390816578b77f0f03778254e6a802d18e5e764daacn/a Heodo
2020-07-17Inv_FZD3499_93307333.docdoc 11fbc2e9daf9c1bd1e9c72df539bd64ca9b4bf3c2915ca55b64757930b57266en/a Heodo
2020-07-17Invoice-BKRN5_2724558.docdoc f83e196ddacc66388f92a4e8aec132445b3cf724beb962528c9b860e82bae6b6n/a Heodo
2020-07-17INVOICE_THMF64_9151492.docdoc ba209b3338cb18111c94ee47ed1cfbdac1ff56c6edbdb902cfed5d5b6019e302n/a Heodo
2020-07-17Invoice-57_1834943.docdoc 4bcb1fe8e41fb17f8088e6227be73e271a53a7f22123e115ce320f50f2b6baf9Virustotal results 26.23% Heodo
2020-07-17Invoice-5156_379855.docdoc 8b8ccd4f24be195ddf2b59efcacfe6486785230cc152b5a31a5f5e217050a8aeVirustotal results 26.23% Heodo
2020-07-17Inv-4_29256671.docdoc 2c7595169fd5112718de088c5732bbd01072fc38297c809cb782f5a5dbfd6a87n/a Heodo
2020-07-17Invoice NUX9688_74556792.docdoc 99eaa2c123dba9eef4f3ed871cab31b24c0f2ee401252c7fcb6b78a33f5354b2Virustotal results 25.81% Heodo
2020-07-17invoice-XYVM4_506294.docdoc 7a13fe46e41ca646a1cc4e3cfeeb88c4d2079abb75c5fe6c5ad0c2d1aacbed8cVirustotal results 25.81% Heodo
2020-07-17Invoice-083_8356976.docdoc 606100910cf09b07bf7bcfbd832340267c887fa8dd37f5db6aa05b41460b0a30Virustotal results 25.81% Heodo
2020-07-17Invoice-B750_895914934.docdoc e7aa68a37366fdb984c4f06b66b571cc67ff6ffd25f6af3064f8e684f1f7c26cn/a Heodo
2020-07-17INVOICE-NIVR217_8960179.docdoc 065b3683b05c18ddd776602b6e7cbefb234aaecbada86dd61f1855184620b192n/a Heodo
2020-07-17INVOICE_TX5_410504.docdoc 89613b859e5debd70949d66229114cc88a3fe8372fdc98c103bc53e0f1bc74e8Virustotal results 25.81% 
2020-07-17Invoice 78_855866767.docdoc 6024b61c5cdefaf718ca5c5ad0870b779babd90c85ae569db58a0602360c43f5n/a 
2020-07-17Invoice FQIW06_509680.docdoc ebc591962179575ca6262c0daa35c85d294fec726a6bf676587ae7843eafc802n/a 
2020-07-17invoice-FWX61_045934701.docdoc 6ae30ac2c75b6c40a2e0b936e5f3988b6b56112f602a18b2b752643c5c791941n/a 
2020-07-17INVOICE-034_114256588.docdoc c56c9ac4ef1e2dbb0bbbdbb9da068f8d66706d8c0111f2f1f2abbc2c96f5eeb9n/a