URLhaus Database

You are currently viewing the URLhaus database entry for http://www.agacenter.ro/wp-admin/kh9-nhd-95338/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:421701
URL: http://www.agacenter.ro/wp-admin/kh9-nhd-95338/
URL Status:Offline
Host: www.agacenter.ro
Date added:2020-07-29 22:30:07 UTC
Last online:2020-08-03 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-07-29 22:32:02 UTC to abuse{at}tlh[dot]ro)
Takedown time:4 days, 10 hours, 28 minutes Bad (down since 2020-08-03 09:00:26 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-31Invoice_503_292647.docdoc e076d0f5b66aa9c4442644383fe20614627a9b2c321a2a943a2ab1165e9c8864Virustotal results 46.77%Heodo
2020-07-31INVOICE-OY4-878764.docdoc ffcca6f9140c3ff0a3f0e0b888148ebf2d55a3ccfa54636106362ea6f9045f0cVirustotal results 44.07% Heodo
2020-07-31Inv-LT2{:REGEX:.docdoc 3d8ef147ca84e9943fdc850171e2de9c05b0db3472cd05901e4f109e7fbe07f1Virustotal results 50.85%Heodo
2020-07-31invoice-Y01 722211637.docdoc c7ed06b6f4284ba3fd857f03875187654aad78683efa88d3ed984fe057d484abVirustotal results 50.85% Heodo
2020-07-31INVOICE AQK5986-26120109.docdoc c66fa17e4f5d76079707aa28d126feaef92ac1245b1ecb420e7e632e8eeb76a2Virustotal results 50.00% Heodo
2020-07-31INVOICE_S652_410656805.docdoc e3c6519f7b0b581bc58ccec2a76f8bce09e09658d05624ef33b7c5cce0197b6bVirustotal results 50.00% Heodo
2020-07-31invoice-WC485{:REGEX:.docdoc f554d67a1bac2a6fc64ec282706c416190d555857ddf80e8b243366b8b738987Virustotal results 51.67% Heodo
2020-07-31Invoice-DI5 776668.docdoc 9d87ada7dcb70d012d66826ec3f4f26a2f853edce07b15282c119048283a80edVirustotal results 50.00% Heodo
2020-07-31invoice-1-1441767.docdoc cb27bed9b173d425693fe6c19d0d7502d62645a8fff074790841a362952e9936Virustotal results 50.82% Heodo
2020-07-31Invoice-HKA1574 528220100.docdoc 1e253d59d5ef3aaf08431b406cd5c024476603459b847f6b40dd0f86827492c1n/a Heodo
2020-07-31INVOICE-J046{:REGEX:.docdoc a66c8b3ac71836a695c8b180ad8ef6721bbfa4a1ab53b4979fd851ea6bce0908Virustotal results 49.15% Heodo
2020-07-31INVOICE-CCCQ4321-90764310.docdoc ab9e17c09b7e6813c9ba6935c52b277e3af613ec3fee0ec44b8efe0ee7163e2bVirustotal results 50.85% Heodo
2020-07-31invoice-RIZR3812_844367.docdoc ea4ec66d739ec6c93a0e5890743a01a5283b804889147308ba45d35ee1f2247dn/a Heodo
2020-07-31INVOICE ZWB072-1468750.docdoc 2239e9dfea333b691ad7931b2f663ce27192aa0bfe9b4c7112e98eeddc00ae38Virustotal results 51.67% Heodo
2020-07-31INVOICE IX2702{:REGEX:.docdoc 2789d1d3eea1e5dcb760faf9bbf395f267ec901bc7c52a67ae60133050897609Virustotal results 50.00% Heodo
2020-07-30INVOICEE754 275713920.docdoc 2e24bcec136a5b896e730820974bfa9162575d275b2ee669ece097f7b195e4f7n/aHeodo
2020-07-30Invoice A4110-839842786.docdoc 03ed835379b767b87a9892d1cf794cab0472025887c37ab437b2710e72f37e3fVirustotal results 50.00% Heodo
2020-07-30invoiceT71-772441197.docdoc 881c5ef2385626accbec7572c0b5c5b5cdff760f61e1bb044546983d6c3fbdc4Virustotal results 50.00% Heodo
2020-07-30invoice-KQR7269{:REGEX:.docdoc f2bef647cf5f376c3807d6693d2fcf28cd42e71629fb0cd64847604a0e189081Virustotal results 51.67% Heodo
2020-07-30Inv-HI8_384992615.docdoc 1c8026d6bd75a1ea091d6a6676d3a7e3bcba3b17717e21607488b9fdb762fba7Virustotal results 49.18%Heodo
2020-07-30invoice-RJE7{:REGEX:.docdoc eb0c42082f911cdcef8ef582fb3b24067cb2825910839bc6f4b1a4ddf20fbe5bn/a Heodo
2020-07-30invoice-I04-1071725.docdoc c88f76b9652dbc11087aa8190c0221e871fc1cbda0349c84fa8c9ca161aa970dVirustotal results 48.33% Heodo
2020-07-30invoice I5{:REGEX:.docdoc 73893811ca278a3dd0be7d512b791be9de0331c3fc6c82c42026a4f4cffe2481Virustotal results 47.54% Heodo
2020-07-30invoice_UKGN374-405640.docdoc 8c9e45486e237d3a93fe2fb374ca8fd519f832929a7b631b86216680c4a4b0a1Virustotal results 46.67% Heodo
2020-07-30InvoiceCCZK4-51495804.docdoc 01663b94d847370d937c017344092fb204b3fef3bca2c0d26c9f49ebac946525n/a Heodo
2020-07-30Invoice-CPDP9 98670840.docdoc 780b3f3f5e407a4aab5ab78b0cdc4c76bce67d3e2383fb03dc140e846a10e74eVirustotal results 47.54% Heodo
2020-07-30INVOICEHSP148-901239.docdoc e7d8f9aceb88da8c27d24215af0596edea832ed8ad060f42af5fd8faf0292fc8n/a Heodo
2020-07-30invoice DB36 5229130.docdoc 189cc6493c108633c47949f3eb888010e9adafadd6e71b0aa7115430d49258f5Virustotal results 48.33% Heodo
2020-07-30Inv-FJE8-527299.docdoc 31ea9b096c8aa974cdbd195aebcc9f2691ca5c1fbd8390592967eb22d19d1e4eVirustotal results 47.54% Heodo
2020-07-30Inv-KCW0368-910714.docdoc 5f8b9d0c8b209dc485dfd1ffe23cc79030dd096d3c991c15315b6c2f0ef30c31Virustotal results 47.54% Heodo
2020-07-30Invoice-TN178-207813.docdoc d7ddeb76f38f0832acc1fc181ab104abb4c0e329c167f5f38a7b89a9947971fdn/a Heodo
2020-07-30INVOICE-UH8 90698653.docdoc 31401e4b72b7965c18197d19cd790dea36e6ff77e50a5f7410c7252228444c0dn/a Heodo
2020-07-30invoice-GG460_558483540.docdoc dbc64153efaed9d70d1daa4c4099f517617754890fa39854eeefd1fa0e595625Virustotal results 44.83% Heodo
2020-07-30INVOICEOSC9_2289183.docdoc 3680cd9e4a6dc09bd0e3b635bb2daa987417d060d6e27d4b84de08a466dc3c65Virustotal results 46.67% Heodo
2020-07-30Inv-OBCW1593 88814893.docdoc 57cd3c6667afd66293fe85bc6632764caa8217677ecf64f34c72677367fd9472Virustotal results 46.67%Heodo
2020-07-30Invoice_92{:REGEX:.docdoc 1b6fd0e9210a891184b54f0482b18998204e81b7c6a03338edb3811eb2701fd3Virustotal results 41.67% Heodo
2020-07-30INVOICE 21 5733073.docdoc d5e683bc9100707b2b436154f75ca6d12da1dffacd10cc3283038f2d585bb46an/a Heodo
2020-07-30INVOICE-UA33-62008255.docdoc 94d0324718bb0a1ed17ac390c85e2c5a9447a07fea4a306c0c7e90ea3e12b76cn/aHeodo
2020-07-30Invoice-QAI488_170774498.docdoc 8fa0505ff1b7a860ab423d947231b6b2e59abe2a4d99fd134688da5aecd4d8b5Virustotal results 41.67% Heodo
2020-07-30invoice-ZZZ1{:REGEX:.docdoc 5ca7df9652c174fa070ebdc2b1263f810337126a04456f83e8d07cb4e84cce8bVirustotal results 40.00% Heodo
2020-07-30INVOICE-041-900326.docdoc 4a0c2b7ffc018049812893fc6ba973b212567e436a794f9fde50207835be9d0cn/a Heodo
2020-07-30Inv-IOE2{:REGEX:.docdoc 3fdf511a0d2c49b47501b1ad0fd526b54177eff88f86952a9478c8168abd10b3Virustotal results 40.98% Heodo
2020-07-30Invoice UJR44_4607319.docdoc e2e2fd5cc922704c18bed115a20bf312ee2e168c4bc30af07f8e8ec603cd641an/a Heodo
2020-07-30invoice-UH454-000183696.docdoc f989c047bbb3d6e7dd9b1c55e9c4d24d52fb50fd7d12048f44417f46227b9921n/aHeodo
2020-07-30Invoice-WX879-433322884.docdoc 84f1793acc6d7c229aed03c0334fcb223eb89415c1d96b08822e988c1a5652afVirustotal results 45.90%Heodo
2020-07-30INVOICE RVFQ447 798035.docdoc e66e3c05c9813a7da90cb5090c3b35bd492b557b83580d7f5f7592f0dee64d90n/a Heodo
2020-07-30invoice-WEZN61 2045174.docdoc 048e2ddba3f66343ea42a0de55e8a6d3b031f118abbd528faa5bb6132943dd50n/aHeodo
2020-07-30InvoiceEAF932-1300560.docdoc aa6bbf739a15097060f35839f8bedf662f371e5d1f27dfacd0bd8863b46ab1dbVirustotal results 46.67% Heodo
2020-07-30INVOICE_P179_211987.docdoc d7f5fca8f5de440dff815ea87b1b67a6d1a22028f8b39363240ebdb3cc43479eVirustotal results 45.90%Heodo
2020-07-30Invoice-YPU1_454353742.docdoc bb1ea695fd37f791eca7abf169e0ddd46b0a4b880ca51f0f8c55607e800a316cn/a Heodo
2020-07-30Invoice KVH2{:REGEX:.docdoc fcc525f6dd0c743849afb4e000a0829d47f24999eea8c8689721e2afd70df51bVirustotal results 44.07% Heodo
2020-07-30InvTCV5{:REGEX:.docdoc 35dfa0b9a11dcd3a2920e7da86c66da6b2b94ab67c9aac6e3743e53bd3346f80Virustotal results 46.67% Heodo
2020-07-30invoice-I1368{:REGEX:.docdoc 1a36bd245a9053a5742fb8aca3169f91382921c429bc62eaef3471cb4bfc743eVirustotal results 46.67% Heodo
2020-07-30invoice-HJH376 42074694.docdoc df1063c155004f08777c7bf91d18f44c2529b0736a80bee492c957f99efb23bdVirustotal results 46.67% Heodo
2020-07-30Invoice738 0834681.docdoc 43721df3c5e563c8192dfc36c4d01405467a5b7052058d1f5416f93b6e8b04f4n/a Heodo
2020-07-30Inv-H20{:REGEX:.docdoc f1761ccaa75c38c0b7a7816b613688bcc01590af8717fef82dc50d9620ff7838Virustotal results 45.16% Heodo
2020-07-30Invoice NU110-44320067.docdoc 981ce108681f9a7d192ab87f86b3442976f338e3118d533037a965c0cf00e601n/a Heodo
2020-07-30INVOICEZBOZ5-90330421.docdoc b56bf0f5aef789b7a05528c971f8f709495c67e7b3025fb13dba152446d9c197Virustotal results 46.67% Heodo
2020-07-30invoiceT22-7309547.docdoc 2ebfcb3a012fefed6779dc9a99fefd03e27f24621cac89362926b5e589af06f6Virustotal results 45.90%Heodo
2020-07-30invoice-037-8361150.docdoc 35eca265c89361dfa2669720c5fe3ad75c2da020651d95c95782896fbf299c3dVirustotal results 45.00% Heodo
2020-07-30invoice-900_1868028.docdoc 4e0a207adc8d98c528137c91938100b8095dccb87c1ce94b293ba27824b6835cVirustotal results 43.33% Heodo
2020-07-30invoice_BOR1287-295392566.docdoc e4b250743b33a9f2c4d7d065280244cd367b366d401f781c2a99eb69eaad51a3n/a Heodo
2020-07-29Inv-L399-854442456.docdoc 9682cb3fed20b168899452201908168de9b2c2d82530d7227a4474b8b2587eb8Virustotal results 43.55%Heodo
2020-07-29Invoice SFEE3754 08101778.docdoc 7fe243f4aba911b068c05e32e50c8063c2ba9a9f350d5bcb8539a74e6f282df2Virustotal results 45.00% Heodo
2020-07-29invoice_O07{:REGEX:.docdoc 1a509a842e1a24c4ffe665706fc677197002dad72cf5ba4a2711e9aace8dcd70Virustotal results 44.26% Heodo
2020-07-29invoice-FHKG0321-391962119.docdoc 504c84d3083058366a68b164b12c19ae0a928586ff465b3f5199ee572d5ff953Virustotal results 44.26% Heodo
2020-07-29Invoice_3-5962811.docdoc 061f4c387df2a0e388b644d647379077b84ea8a2a52eec31d3e2f95b0984be9fVirustotal results 42.62%Heodo