URLhaus Database

You are currently viewing the URLhaus database entry for https://tewoerd.eu/img/fspv-2e4-1235/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	427122
URL:	https://tewoerd.eu/img/fspv-2e4-1235/
URL Status:	Offline
Host:	tewoerd.eu
Date added:	2020-08-07 10:42:05 UTC
Last online:	2021-10-25 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-07 10:44:02 UTC to abuse{at}axc[dot]eu)
Takedown time:	1 year, 2 month, 23 days, 21 hours, 55 minutes (down since 2021-10-25 08:39:36 UTC)
Tags:	doc emotet epoch3 heodo Quakbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-08	invoice-A394-34562882.doc	doc	5d7f4b905c268a16b873261ceb5f2bca434dbaa45ad6c5b20a3d43091709ace2	39.66%	QuakBot
2020-08-08	INVOICE-N6-475741026.doc	doc	f2ac567d25e6c1c3423309a6ee7158f3740d1f4b648a3d0b162b83cf1dd3b6b2	38.33%	QuakBot
2020-08-08	INVOICE VEFG12 212173700.doc	doc	59e77aa5b480068b05305abd1fece1c7b8f2a5771753470c3f18d9bb3781c775	n/a	Heodo
2020-08-08	INVOICE_JXFF7332_948982991.doc	doc	b203ce9f83d385b987ff9b43259951280c34830fbba17c5263dcfa112ed1396d	n/a	QuakBot
2020-08-08	Inv-C237-895284.doc	doc	c3d556b58967b1957a9c5b9e5465e6af4230e6f94ed8b1109d30445a86d2fb9f	40.00%	QuakBot
2020-08-08	invoice7940004470.doc	doc	795144410d184d35fd61e5d83a0b3a1bb669ef7c4ed028eb1b315a78e4ddd9bc	n/a	QuakBot
2020-08-08	Inv WVB46 223368.doc	doc	c620f32017dc5a093d19d6362b34657906e156082ffac1c93df403171a2fcc32	38.33%	QuakBot
2020-08-08	invoice_JXX454_2353558.doc	doc	c8451a4260d26137a6dc3200a2290e14f2210f03417e39e58ad95052ec6b0de7	39.34%	Heodo
2020-08-08	Inv-ZB196-65143945.doc	doc	51d32641c97d78c53640cc9fec84f1b150eb754042a74ce028d92f70bcf7544a	n/a	Heodo
2020-08-08	INVOICE CITT92 63870736.doc	doc	e2f4571846f5b8e17a5481779757851f78f2853f6734ce6ef4a92db0cd0c5de2	38.71%	Heodo
2020-08-08	INVOICEIOGZ7537994056039.doc	doc	b5b0dab6e7d7a2fc66a0947ad16fc1b6de4d68b73d5d071459ed06b18a96a8a0	38.33%	Heodo
2020-08-08	INVOICE_LQ94_5326933.doc	doc	c9bdce375621af7dd83001e09e95fa17ae125b59423cda4a4499fb3f31fc1ade	40.98%	Heodo
2020-08-08	Inv 6 085206534.doc	doc	8ee784204fc5d7cb096a234e69f593cb6807f74e01a2393e1d1f9a8e99f22b74	37.10%	QuakBot
2020-08-07	Inv-XQP173-076109982.doc	doc	d91731a4dfcfb45b578cde0a57e35273bdc0eecf426e738a1f52a32e989c9fb9	37.29%	Heodo
2020-08-07	INVOICE-CGY32-48054999.doc	doc	346b0ed5db257c2bf541ae37f57e3971a19bc69310811cbe7fa037768f2136a1	38.33%	Heodo
2020-08-07	Invoice-KRJ6-1731388.doc	doc	96c2710133ec54c60394683f148a94ba31cda1182b21b8f0f3285d78c92c0336	35.48%	Heodo
2020-08-07	INVOICE_P979_982394569.doc	doc	7ce67620298aa7d0fe5e7f2bab8e052f4a4ce937c3300c92875e33d7b466acc0	36.07%	Heodo
2020-08-07	invoice_V9185_720558.doc	doc	6d9ffb2447adb083ad20788cb467c96a7f91b27d9a5a9eb35a13e2471d909b32	n/a	QuakBot
2020-08-07	InvoiceJN1954070239.doc	doc	bb196956c5e57876daf8c64828c2b0cff8f83fc540f7ff492ecd7632f8a235dc	36.07%	QuakBot
2020-08-07	INVOICE-LW61-9583899.doc	doc	5871ec926c8f2a5e608bbcc0aadc55520fcba58d418280c7f44449f8e88a3d41	32.79%	Heodo
2020-08-07	Inv017306283559.doc	doc	737d96d343a18d4739a12d2b949eb31e758fb5e24c17b0c706997154731ac07f	30.65%	Heodo
2020-08-07	Inv-3-170256515.doc	doc	d5bff5a6b9e1f13e2206aadbb6ff705b7eb29882299b70d8f97205264cb1c04e	27.42%	QuakBot
2020-08-07	invoice 4 9132762.doc	doc	3a7e162433ba4372c7e49ee5cb6bd4afb23cde7bc0f19d39edc30aa22473994e	n/a	Heodo
2020-08-07	INVOICE-L9-6695805.doc	doc	c2ecd3419f71d51acb56c7f02e685cdd46ec96514b459545a931768e2141ae58	27.42%	Heodo
2020-08-07	Inv-OA08-514343.doc	doc	ab1f576293cc70428b0adcadcbb453c1525ff8bf2fa71d650e52b83ff4092f81	26.67%	Heodo
2020-08-07	Invoice_721_8313409.doc	doc	cd0a8f71f9191062a85d74dcd5321d7882e38ba58e3f04468a7e5b2c1aa32209	25.81%	Heodo
2020-08-07	INVOICE-BEXG329-00358754.doc	doc	67067a83cf054c8deccf1e31d09a2d8ed82469b2e27884e87aefef248019b89a	26.67%	Heodo
2020-08-07	InvoiceW67932513.doc	doc	0a4b53e2bf7608fe93c60618cf50a657598aa4fc95b947cc7fa7b8fb0331d561	25.81%	Heodo
2020-08-07	Inv-SM495-84805108.doc	doc	d3c7b17eb10b73fa3e2c519f2e78fbf3d2fc0ceca12fa1eb7b6d2f2b550ee3ec	25.81%	Heodo
2020-08-07	invoice2319097.doc	doc	f69623f88d818b4b0881d1fd13d236be2da640fc0a63184d48cfda42c53c7597	25.81%	Heodo