URLhaus Database

You are currently viewing the URLhaus database entry for http://crazefm.com/ww12/balance/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:419881
URL: http://crazefm.com/ww12/balance/
URL Status:Offline
Host: crazefm.com
Date added:2020-07-27 13:25:35 UTC
Last online:2020-07-28 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-07-27 13:26:02 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:23 hours, 3 minutes Good (down since 2020-07-28 12:29:44 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-28BAL_WJX_070120_QKX_072820.docdoc 2099d5d04c39f86f1da8058861951deb8c6ef875e5a77272709f711e80a3d998n/a Heodo
2020-07-28C_1387388445972430344.docdoc c42f2ac06fe469689cc7d39407bbd26f418223213b99e1c4178bab4735bb7e9cVirustotal results 39.34%Heodo
2020-07-28DH4362833049NP.docdoc 4fdb97a98c47101b9d2c0308f3c3a9d4fd53c97fd7a0d7937ee3f292c51f8757n/a Heodo
2020-07-28DOC_40168154.docdoc d831fb7e6ca7099b615f50a60fca9d58ca6307bb95d592dfdd1c793b267f7f86Virustotal results 39.34%Heodo
2020-07-2856707993.docdoc 69314a5a40529facfde61bb78562869e4ca9a67ba69a3028d376a265e174ea6cn/aHeodo
2020-07-28FILE_PBQ6692I56GSN1GQ.docdoc 2840dbe68611c23040d1bcd78b9473dcd48de959c93280ee78f105b5af51fe75Virustotal results 37.70%Heodo
2020-07-28FILE_220519474792995806768997.docdoc 8b8b2829eec27c2687e1e4dfb190e65d66875564f241e73d6229909a552a510cVirustotal results 40.68% Heodo
2020-07-28PO_07282020EX.docdoc 26906041efdeafb6c1754eac8dff97abf079148816f1121ef92bfaed0a6e9991n/aHeodo
2020-07-28INB_34003903268578247195.docdoc cd8165b730d0801f2eb1524b1a430abe1d69e7105b2a898fbcca440afafd8f01n/a Heodo
2020-07-28551548473747214151198.docdoc 5fbd02e1a82676bc903e18d44232258100d2e877006fe13017def518fbd53d32n/a Heodo
2020-07-28BAL_5667990368095752585730397.docdoc fdde330e67f0b2cf2cd499acbcbbcca1a12933d471fcb2da5fc9fcac5ddf188bn/a Heodo
2020-07-2877982542.docdoc fa0ce8c142463b37579d0d5a4fbb8da9dde5081ce2d5ffe0303872a533e7e190Virustotal results 37.70%Heodo
2020-07-28B_YPP_070120_WEW_072820.docdoc 1f2d563a9cc13dacc7e5ca5d6b8745f38a4244777fc5ebde045785790441b196Virustotal results 37.10% Heodo
2020-07-28BAL_UP4143175445UX.docdoc 20d81ffc64ba89a114dc4ee30c643d555945ab0ec0f3a17c96b56d6087ef3b13Virustotal results 42.62%Heodo
2020-07-28CS7580938072EI.docdoc 5c533891fcae9ba18e3c42bd62ee131b2dca552f90753abf178ec19374191c75n/a Heodo
2020-07-28DOC_NSGBUK221.docdoc 4b0e153c6b865d8301d0b569169faf4acbe77703f624f14215b5b5b04759462bVirustotal results 42.62% Heodo
2020-07-28PO_07282020EX.docdoc 7d63604e1fd27ac31666ba76b7d7d82a09c6035a6fe9bfc257a9e7b9249ef525Virustotal results 42.62% Heodo
2020-07-28REP_31DZZDBE69Z2WS6.docdoc 67c9d551007620c36a100f2a6eeb4e297ca891ce49a371f544cc06da016021ffn/a Heodo
2020-07-28LB2136668309BQ.docdoc 388d49d105196dea02e96ac0172560dff1d9862e5b8910e7af963585439dbde3n/a Heodo
2020-07-28INV_NF0203700288WO.docdoc 2b2dc53af6714037713433698dae9be164fc7c66c23377ec620a17a4130bf425Virustotal results 44.83% Heodo
2020-07-28REP_SFX_070120_UHV_072820.docdoc 6f725b4e11df45b38cea3502301ee5e92df17109fa860dc84523501a6940f5d6n/a Heodo
2020-07-28INV_FS5838123400QZ.docdoc 2b4263841c81074211dd59e820bf05562e5c59be8d38bf8791a0a21753cdf504n/a Heodo
2020-07-27FR_PO_07282020EX.docdoc ec58eee07fffa7a7af0387949a025a2ed4f748060d7420dc53316cb6b9a332e3n/a Heodo
2020-07-27FILE_28375713.docdoc 78b39f8d472206c5ee8e1cdcd47550cf56630aefc5e722ca39891b62a9c02d19Virustotal results 42.62% Heodo
2020-07-27FILE_89563209.docdoc 3a4fd8ba092ea2243de196e6a43f4568bc13d88e3c04ed3aaba6e494b4ec47ffn/a Heodo
2020-07-27BAL_IX8025758600JI.docdoc d88b494734b0a01b33a3095214b8f76b448f625fa97248e6d6385ed6a1edc35en/a Heodo
2020-07-27BAL_LZ1314416499GV.docdoc bbf1da4131b3b508272428af648b22533a0add8b66f8b09f4570c1d799434a76n/a Heodo
2020-07-27REP_BI2310501844EN.docdoc 9e6b07432484371908b25279a80c78f3f717726fdc1cee80af1458b9dcdd92bfVirustotal results 41.94% Heodo
2020-07-27INV_257011551535841807413.docdoc e014e7351a4ad87f016b72570a6ea61c63069ef368ef1501bf75c019760740d7Virustotal results 41.67% Heodo
2020-07-27FILE_76581988816823949.docdoc c6aceddeb742579effa80787d5911867e79706f19133c2da7f583861ed25a8fcVirustotal results 40.98% Heodo
2020-07-27INV_77201127.docdoc 2317a555c5aabac7a3b94757661b5ca7f25d7612b4c4a93df00b35fa56fd8e9eVirustotal results 40.32% Heodo
2020-07-27DOC_91012013.docdoc 638c2bca4d280ee089f6038536d990d264e547a0aa4848cf1777b3c73e448561n/a Heodo
2020-07-27FILE_96469496.docdoc 331fdfa975f4a2d408e197f274ab95fc524b04df25be54ea4af222cdca4300e5Virustotal results 37.70% Heodo
2020-07-27G_63272554.docdoc a2567b74182ca4bcd6e1d71b9d97079c0e9e0b0e311f994050401968d53b2a41n/a Heodo
2020-07-271RM4RRK7W.docdoc e2346f7650658fe42696358919e1a59c058912b95266b7bce2ccbdc9c7365537Virustotal results 37.10% Heodo
2020-07-27BAL_T0NERUIWHK1FN.docdoc ee15b91ffaa6ccb45f34e54e28cac0313eeabf7ae3be97772023b75d65c1b778Virustotal results 37.70% Heodo
2020-07-27KIFM_43994249.docdoc ae3fe22384694c5fb3e90b4187e3766f58f0a7cacd0d60df5b5928b8cb380c69Virustotal results 36.07% Heodo
2020-07-27REP_UNY1NDFQUVFQ7O9.docdoc 4d92403a02e3746fdf617e605110a9dc480a0e1832f309cc4e64fd8abaf05224Virustotal results 35.48% Heodo
2020-07-2739653308.docdoc 3139a080fb259f348c0117281ce68f5ddf97af673efa6814de5c3ccb9efee0f6Virustotal results 36.07% Heodo
2020-07-27FILE_ZQ0832752876UY.docdoc cf253830c0484f6a93945b844e71d9d20ebe95c0a8e699fe12be87b07d04959eVirustotal results 35.48% Heodo
2020-07-27N_AGZ_070120_BXG_072720.docdoc 7ca74b3c7abb4df9b42143995e6df94e5cdc55a6736e58abee7a70bd20032c47Virustotal results 35.48% Heodo
2020-07-27FILE_76436898.docdoc ab0f127714796541c566c6a6eac8962cc8fe2274d474690c9b4a17985ec45aadVirustotal results 36.07% Heodo
2020-07-27BAL_3H5O47H6HCR.docdoc 97ff7c2c097cd943607c5fcf76feea7d24b42b35cb8abf7e380d0e3a7ebb9d2dVirustotal results 36.07% Heodo
2020-07-27BAL_9395812903783633432.docdoc 530101c520032e4ec1949d65b22f11eca92202263c610bd64e9e6a827d897e5fn/a Heodo
2020-07-27239361068235910.docdoc 759a9925c0d0324b377d49fa37282f26912ebedfe841c72411aa4568540cbbebn/a Heodo
2020-07-27BAL_37054410072522194.docdoc 4bf023382638c6775d7fd65eb79139545c67ac070bbee3fe3f6e7ebd8b0ab1f0Virustotal results 36.67% Heodo
2020-07-27FX_KZ7968230745HW.docdoc 51ffaab27770020c62a461869a9649b42e2dc3929d5debba9a6dde20cc42c201n/a Heodo
2020-07-27REP_PO_07272020EX.docdoc 4de7205b3148a989443ace3ec09936ba3c9539639a254013be838994669344a8n/a Heodo
2020-07-2744900098.docdoc 91631b5f74221ef36cfacf1572e87d4a71c5876f16e20d1131401cf6f61f0c1eVirustotal results 36.07% Heodo
2020-07-27INV_70346855.docdoc 09f7d48ed4d70c24ee8888b1ef67071cbca500ff3fe98267923a5ff68d113b28n/a Heodo
2020-07-27PO_07272020EX.docdoc cfb29bce041ca72fbf97be1b608791b9d7e4fd6b632aebf4f91111ce6491cfc1Virustotal results 36.67% Heodo
2020-07-27R_FG3653375858NA.docdoc 3814e4ad351972666953e1063e2bcda836b705e2ad1b7d736ebe667072f45c5cn/a Heodo