URLhaus Database

You are currently viewing the URLhaus database entry for http://scotthagar.com/BANKOFAMERICA/Aug-13-2018/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:42405
URL:http://scotthagar.com/BANKOFAMERICA/Aug-13-2018/
URL Status:Offline
Host:scotthagar.com
Date added:2018-08-14 04:28:46 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-08-14 04:33:07 UTC to abuse{at}inmotionhosting[dot]com)
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-15PAY #7247690NG.docdoc4311a843a717bd15335311b9994233332a5eb55d19026a9e5b987f922fc1b4f8Virustotal results 17 / 58 (29.31)Heodo
2018-08-15ACH #940GVUYXUQA-Aug-15-2018.docdoc289cd5b062c4e0d4b405e43b05e150f65f58ed5b9ba7c91353c62dd3a0e2841cn/aHeodo
2018-08-15ACH #4749MGBRRAKM-Aug-15-2018.docdoc76fdc1b5a547f51fd68ebd1c2c2a9706891d3960732dffabbdff13982c9ad282n/aHeodo
2018-08-15ACH #4485MPF-Aug-15-2018.docdoc9b0839baa0922196d1c9af88985487b24298e62fca519d58ff03d46cba49c7c4Virustotal results 19 / 59 (32.20)Heodo
2018-08-15PAY #03543YSHAICZ-Aug-15-2018.docdoc7f58976b59ff4dd80cc39c62c8850e4db6b83da1ea613cd9480321a0484c6153Virustotal results 22 / 59 (37.29)Heodo
2018-08-15PAYMENT #5110D.docdocb3780348a997bf9644df511fc09819640396ae7b5934775a7dae92d1453b9f74Virustotal results 22 / 60 (36.67)Heodo
2018-08-15PAY #209RNTLT-Aug-15-2018.docdoc25154fb7ac5bbaeea084f65e310f1a7b614f0d611e1b660107f898b312780ccfVirustotal results 22 / 59 (37.29)Heodo
2018-08-15WIRE #653295PYMFYJMS-Aug-15-2018.docdocc12e3138da25045d878e6c577cba65ed3b25e0100035fc9fcb2992da77ab8531Virustotal results 20 / 59 (33.90)Heodo
2018-08-15WIRE #75EWWDDIR-Aug-15-2018.docdocc9f4fdf390dfac51bd78635013c2129bf6edc1e81624a763dee822fb6ce92352n/aHeodo
2018-08-14ACH #540ZQJW-Aug-15-2018.docdoc56da85225d571569da00e536b11453df3932984b2181103626ac3e238a79b31fVirustotal results 18 / 59 (30.51)Heodo
2018-08-14PAY #72TVFO-Aug-15-2018.docdocbc4381b76ef10982d2f32f07816b5d3e87ed6b4ead245d8c830424422e7bc06fVirustotal results 16 / 60 (26.67)Heodo
2018-08-14PAY #37NZXAHRNW.docdocfbcae92bc747efb4a517bae6b26ddde6b7569e22f7ed3b9b875f892469765e36Virustotal results 17 / 59 (28.81)Heodo
2018-08-14PAYMENT #55YOM.docdocc12767f2f10800410a09fc779ad9ff4f2ea3ff27b52fcac37bcb4aa3df95b292Virustotal results 17 / 59 (28.81)Heodo
2018-08-14PAY #368791TVQWH.docdoc56bbc15741d9dd380655a3c68f355e081ad4efb4a4f0979d3e9696ecfd745e7bVirustotal results 17 / 58 (29.31)Heodo
2018-08-14WIRE #465TNYV-Aug-14-2018.docdoccdc86d9833b498b8b5b1675f86a064cefe95973b766e264cdb892275a2b2efb6Virustotal results 17 / 58 (29.31)Heodo
2018-08-14WIRE #8034309CDC.docdoc624cd190286fdbf40b32768f2fd330f7ba4ec4824a38fef7894d24708c52411fVirustotal results 19 / 59 (32.20)Heodo
2018-08-14PAYMENT #5953326PHKCUZN.docdoc4ed13b5c46a1f58dd71eadc6da39b9d89dfe3291a99b45aaee64eddb85fc4ae6Virustotal results 18 / 59 (30.51)Heodo
2018-08-14PAY #1GVZXM.docdoc20f4771fc95bb5e7d9a371334784a1f92b9b7f124f03daa095b429b370e0ae5bVirustotal results 19 / 60 (31.67)Heodo
2018-08-14PAYMENT #5457646DWRA-Aug-14-2018.docdoc875d6972e93a4f285ec3b123f7138336981472fa7535d716b9a330db526e33e0Virustotal results 16 / 60 (26.67)Heodo