URLhaus Database

You are currently viewing the URLhaus database entry for http://scotthagar.com/BANKOFAMERICA/Aug-13-2018 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:41756
URL:http://scotthagar.com/BANKOFAMERICA/Aug-13-2018
URL Status:Offline
Host:scotthagar.com
Date added:2018-08-13 17:41:30 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-08-13 17:52:55 UTC to abuse{at}inmotionhosting[dot]com)
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-15PAY #7247690NG.docdoc4311a843a717bd15335311b9994233332a5eb55d19026a9e5b987f922fc1b4f8Virustotal results 17 / 58 (29.31)Heodo
2018-08-15ACH #48720BVDDTAJ.docdoc824b994e79209479f239099b9c368aaff46a6fe2ce5a047d8b8cbaa093a9fdaeVirustotal results 18 / 58 (31.03)Heodo
2018-08-15WIRE #3563HMXDMK.docdocc47f17a1f0161b5d502115b0027e18ceda36d53c1b3f1f8f1c46afc242ce8d0en/aHeodo
2018-08-15WIRE #7474434RLGGQOC-Aug-15-2018.docdoc8dc697ceadb392d896d8f982198d4a9367066c188cbee36597ab0678f2d9b12fVirustotal results 21 / 57 (36.84)Heodo
2018-08-15ACH #4ATLEQS.docdoc72a9605fb3bb77cde5b3fb2d1355df6707e0fb3c7fe4d0ee20e561354234d15bVirustotal results 22 / 58 (37.93)Heodo
2018-08-15PAYMENT #5110D.docdocb3780348a997bf9644df511fc09819640396ae7b5934775a7dae92d1453b9f74n/aHeodo
2018-08-15PAYMENT #193939G-Aug-15-2018.docdoc175b3629c776f00ce86f5d635be7e8a8f96e0e8abe184b49ee11020f3f363626Virustotal results 20 / 60 (33.33)Heodo
2018-08-15WIRE #653295PYMFYJMS-Aug-15-2018.docdocc12e3138da25045d878e6c577cba65ed3b25e0100035fc9fcb2992da77ab8531Virustotal results 20 / 60 (33.33)Heodo
2018-08-15WIRE #58547EOI-Aug-15-2018.docdocdb0486e7fe13763954972e8b29e104d2b9b6f7070f4638d828b707a63c1ecf2bVirustotal results 21 / 60 (35.00)Heodo
2018-08-15WIRE #75EWWDDIR-Aug-15-2018.docdocc9f4fdf390dfac51bd78635013c2129bf6edc1e81624a763dee822fb6ce92352Virustotal results 20 / 60 (33.33)Heodo
2018-08-15PAY #963484NBLZQHBP-Aug-15-2018.docdoc1a4ca08fb00aedb3b45ec4418539472eea22761aabe719e0e8021947305c4e6eVirustotal results 20 / 60 (33.33)Heodo
2018-08-14ACH #540ZQJW-Aug-15-2018.docdoc56da85225d571569da00e536b11453df3932984b2181103626ac3e238a79b31fVirustotal results 18 / 59 (30.51)Heodo
2018-08-14PAY #61843WTIN-Aug-15-2018.docdoc5c6d9f00e6fcf35631b4b45573b5ef3523be605ddb1d3e34213838821686ff2dVirustotal results 16 / 60 (26.67)Heodo
2018-08-14PAY #72TVFO-Aug-15-2018.docdocbc4381b76ef10982d2f32f07816b5d3e87ed6b4ead245d8c830424422e7bc06fVirustotal results 16 / 60 (26.67)Heodo
2018-08-14ACH #579288B.docdoc75c75abfb68fa9ad3ba70008aa74974e0125be70764678d86e51f1ca37d0d918Virustotal results 17 / 60 (28.33)Heodo
2018-08-14PAY #37NZXAHRNW.docdocfbcae92bc747efb4a517bae6b26ddde6b7569e22f7ed3b9b875f892469765e36Virustotal results 17 / 59 (28.81)Heodo
2018-08-14PAYMENT #55YOM.docdocc12767f2f10800410a09fc779ad9ff4f2ea3ff27b52fcac37bcb4aa3df95b292Virustotal results 17 / 59 (28.81)Heodo
2018-08-14PAYMENT #4IMA-Aug-14-2018.docdoca4b0568b2294ef9d027c5e126914544224e7621b54ad2c61ec925a1c424f8e90Virustotal results 17 / 58 (29.31)Heodo
2018-08-14PAY #368791TVQWH.docdoc56bbc15741d9dd380655a3c68f355e081ad4efb4a4f0979d3e9696ecfd745e7bVirustotal results 17 / 58 (29.31)Heodo
2018-08-14WIRE #465TNYV-Aug-14-2018.docdoccdc86d9833b498b8b5b1675f86a064cefe95973b766e264cdb892275a2b2efb6Virustotal results 17 / 58 (29.31)Heodo
2018-08-14WIRE #5216779KPG-Aug-14-2018.docdocea7afa2aa0c51a63faa1ae05169bd56d9df87ae9178181246bcccb2f16f941b0Virustotal results 19 / 58 (32.76)Heodo
2018-08-14WIRE #653755COGHRS-Aug-14-2018.docdoca23c7eef482794cc3bdada733cc9634ea6e0feb34b7e8671fd67dbfd9499f4dcVirustotal results 18 / 60 (30.00)Heodo
2018-08-14PAY #1GVZXM.docdoc20f4771fc95bb5e7d9a371334784a1f92b9b7f124f03daa095b429b370e0ae5bVirustotal results 19 / 60 (31.67)Heodo
2018-08-14PAY #4972451VEUMQVW.docdocaa010815ceb9eef32db89f57240949c1e13244b15f4607220d62ec77302232a2n/aHeodo
2018-08-14ACH #9632DFICHNQG-Aug-14-2018.docdoc39e7dd2506b539b18a3552bff726eaf7a1206e4b29fc85c5ca189fdb4344a4dbVirustotal results 17 / 59 (28.81)Heodo
2018-08-14PAY #4463TTKOZF-Aug-14-2018.docdoc131dc89104afa262b7b2476df2a04ffb6085442115e61dda3ff669b6b3168af4Virustotal results 15 / 60 (25.00)Heodo
2018-08-13WIRE #7321203ZNOM.docdoc04f8b430ef0e919c513430b47b33a44f41f77ca56d8fe99fa7ff5b026125121eVirustotal results 15 / 60 (25.00)Heodo
2018-08-13PAY #09T.docdoce1aad4875acddd1edd99ed628a9c1eae09b4f5a0fc74c4dc6fcfb903e65ef806Virustotal results 16 / 58 (27.59)Heodo
2018-08-13WIRE #39NIAZ-Aug-13-2018.docdoc262f362e36276789609ffff90c496997372888b0048edb3cd16f14e161fc55a8Virustotal results 16 / 60 (26.67)Heodo
2018-08-13PAY #587Q-Aug-13-2018.docdoc5e72703c3e9a58f8b6f6e58c8cc058725fc74bca14c4a714b70d929fb7ba5aeaVirustotal results 16 / 58 (27.59)Heodo
2018-08-13PAYMENT #877380ZTDW.docdoc095fec39a54b59a0b8d72ba7092530d3fd300a341d8c2377684a9febbd805df2Virustotal results 16 / 59 (27.12)Heodo