URLhaus Database

You are currently viewing the URLhaus database entry for https://ahwahneeheating.com/cgi-bin/mwAjU/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:429723
URL: https://ahwahneeheating.com/cgi-bin/mwAjU/
URL Status:Offline
Host: ahwahneeheating.com
Date added:2020-08-11 21:47:34 UTC
Last online:2020-08-14 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-11 21:48:08 UTC to abuse{at}sti[dot]net,noc{at}sti[dot]net)
Takedown time:2 days, 2 hours, 30 minutes Poor (down since 2020-08-14 00:19:04 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-13invoice_R6060_323108.docdoc d2584fd2e544991631e3c8f07453890b81a8e23495198724c174919c97d71467Virustotal results 25.00%Heodo
2020-08-13InvG5289691052.docdoc 335ffaa3c9914aabf84fec4cf13a891465b4c0c3700777b1fa2877df708b4c7eVirustotal results 25.00%Heodo
2020-08-13INVOICE-OU004-173451330.docdoc 776396c0aa0fac10eb849a713ca7927a00cd7aa654be032e870fa7cbe3076078Virustotal results 26.67%Heodo
2020-08-13INVOICE Q34 257477.docdoc 53aa63c2bd135d388b8e04488a7c9ae94867bdb6d13388bd623b3c988500e59aVirustotal results 25.00%Heodo
2020-08-13Inv 9 785052.docdoc 0b9983bedd5702a9bf94c237a85fdcf11a637f0212b8ab32dc746da8a2a62148Virustotal results 25.00%Heodo
2020-08-13invoice 3311 248010960.docdoc f844331d28cf2533981a9e753d6df2e9677efadaeea9b2c014266991ae78280fVirustotal results 26.23%Heodo
2020-08-13Invoice A44 238741.docdoc 0026fed9eb774358f3bf6e17eb2425a7938b206b5841334c137edefa4c249bf5Virustotal results 25.42%Heodo
2020-08-13Inv_EJ9559_1164630.docdoc cdb381f78364b3a519d51aa70490c2a66f26062664a172c82b15f14a70297bb2Virustotal results 25.86%Heodo
2020-08-13Invoice-HL9736-6857924.docdoc b6e322f9859749fc8f883d8e46bd164f9b3b406ab9978f5c1daa1ad43325d492Virustotal results 27.12%Heodo
2020-08-13InvoiceX1211551147.docdoc 46b21be022edbd1e3c421e00b0f0fb17b33ff686feb8309c819c817da38d7fe6Virustotal results 53.33%Heodo
2020-08-13invoice-I7873-846092.docdoc 10531f315432369a9c0706bc00ac1405445316044a9ec07b03de6606a6a9f9fbVirustotal results 55.00%Heodo
2020-08-13Invoice-OZ6724-982900804.docdoc de63eeb9f1015ea52b0e1a4d4698d706634a985366000085cfc06c5295b0d165n/aHeodo
2020-08-13Inv SKUU292 305815954.docdoc e1c720ebaa0f446a16ce18dac61a138b0d4c73a1e59236ae3c91c6cb73da5a1en/aHeodo
2020-08-13Inv_IH4_749193.docdoc 90452e3bfaf3cae36b9bfcc2e98684fbabbc11074887533175a04b41b2a8734bVirustotal results 54.24%Heodo
2020-08-13Inv-2274-486725.docdoc 97e52709f1f9169fb2a3d0cfc7852f811d067999ed1bdc700c6b66bc7dc23765Virustotal results 52.54%Heodo
2020-08-13invoice-MQC6314-488351.docdoc e26bbe184e43c8251aee307aa6d392971f7facdda4ce50f9733a966dc7905ff2Virustotal results 50.00%Heodo
2020-08-12Invoice-AH85-313899.docdoc b858572fbe695215c2aa6ade7ada24c980392ad2f5c9e3564d4e6446ef424383Virustotal results 51.67%Heodo
2020-08-12invoice-SWX9-960494675.docdoc e412c6a1097b6fdf1492ad40805d0bbb1df005f870085f3fcb57d30552974cdbVirustotal results 48.33%Heodo
2020-08-12Inv-QR0972-00264653.docdoc d60d130c4369c7d41edf041927897b2ceb6b845a66b97bfeb0cf7d60575fe399Virustotal results 47.46%Heodo
2020-08-12invoice HBVW252 188954413.docdoc 86f28a02ba775b0ca41c9b11ecbe4455335eeb3a3e6e0c3860098aace208a315Virustotal results 50.00%Heodo
2020-08-12INVOICEX050188784754.docdoc 24b41c6091602c0f9df9cc64905ce9dac977a04f700ae0607de467c101a093dcVirustotal results 49.15%Heodo
2020-08-12INVOICE-1-073486.docdoc 0c7d085dc88b57e56819a0a9319e1aa089ad9851a0ea21137aab6309395ed039Virustotal results 49.15%Heodo
2020-08-12Inv 129 52131516.docdoc ff563f0125c05e1a24c111ca5306fc7394a4a705167d272704bb0c2067a96b4fn/aHeodo
2020-08-12Inv-25-660409.docdoc d1ce5170f24fdb09f187ca0e3e0f6e689fa2c73fc6953ff18ecc123bb8eed49cVirustotal results 50.00%Heodo
2020-08-12invoiceEXKS100726265383.docdoc 8dece36d7b6b2e3463f8af0b2f614e39f558d2d662cfe89148f6776b1956fd70Virustotal results 48.33%Heodo
2020-08-12invoiceU8510928468.docdoc 970ea46ba9ce5ac7bd86202e5806c5cff029066731de8902f4605e22d44e1a6aVirustotal results 45.00%Heodo
2020-08-12INVOICE-10-01776352.docdoc 1bf7159812124e19faf31cbed4b558aa9fa78b5f1a0562cad0dac81865d03094Virustotal results 43.10%Heodo
2020-08-12InvoiceLZQ244657750948.docdoc 70d733ec6924d4c286296e2c705aa1f21c9f1f8d9085d4b2ff6dbbba1e5766dcVirustotal results 40.00%Heodo
2020-08-12Invoice-PS9-8933935.docdoc f30c10c17760141100196b57021e2bed24a5576335a5b58e4c78b65eeb80c4b0Virustotal results 36.67%Heodo
2020-08-12Invoice-315-62996031.docdoc 3f5261f4d28c39abec2986a50be9436202150bee5188fda8a1d52e186a7423caVirustotal results 32.79%Heodo
2020-08-12invoice-WOT6-641797391.docdoc 7cff1257e7194c25f85f8aa10a13773e40ec5467d22dad06f84c5b23bb9d736eVirustotal results 30.00%Heodo
2020-08-12INVOICE_9_86355330.docdoc 863bbfa7a7425ac8bd312dae40518b60619d125ebec394dce84407766e13d64cVirustotal results 30.00%Heodo
2020-08-12InvB73231654360.docdoc 6f17ffc6e968596bcc7554237206467a43c24b88c81433a41add7c3c3b4d6803Virustotal results 30.51%Heodo
2020-08-12invoice KRXN87 7303352.docdoc f3390052891e7cf3c580921e2522e4a8fe5aec87e6c819a16e738ab283ff586bVirustotal results 28.81%Heodo
2020-08-12INVOICE FRIG88 553392.docdoc f03c7d0d70435e0776be04c92e918456dca44144b09ac5b8e65a6269352e5e31Virustotal results 29.51%Heodo
2020-08-12invoiceG7784375656.docdoc 6610beb62b2916d0194d87458804ec7ae2e18e6efd800866b9d65db7a6e6b361Virustotal results 30.00%Heodo
2020-08-12Invoice-E429-1295638.docdoc a89386d411d6224956ba5504820bddc5adb335c6d058756cbd1bb7b5fc9dce36n/aHeodo
2020-08-12Inv I533 4202608.docdoc 049dc856ae4474fbda10bd89613b8d85183f1a2336964cf7ab366a993c8b5631Virustotal results 30.51%Heodo
2020-08-12INVOICEQ8588236590.docdoc 42355a35a2bf3d690fed99b24a34a5e6cd67fa3c21c20e7747d01a1f71d998ecVirustotal results 27.12%Heodo
2020-08-12invoice508716497115.docdoc 3c56ab23c5ab8dfe63118ca765d541c2776e7636b60323d32a813440d46d3651Virustotal results 26.23%Heodo
2020-08-12invoice_81_821184483.docdoc b194bd3195976a8b5db818cd4081aed18283e76af0dc14637905fa3d1b92b67cVirustotal results 28.81%Heodo
2020-08-12Inv SLT76 601240.docdoc 5dfd8adbb8d673fd2033888682dc9ee31b2fc93010125edad2f9924f4d6fc41dVirustotal results 27.87%Heodo
2020-08-12INVOICE-JQ132-05937563.docdoc 67f8bf7d4315c662fef2cd8677c13df8c32bce2d486e47610402d81436c1f696Virustotal results 27.12%Heodo
2020-08-12InvoiceD2320953271.docdoc 57b46608e379e736e4b390fa8ed0d2fb63206d41d90f6342d0089272dfe846c0Virustotal results 26.67%Heodo
2020-08-12InvG28999456816.docdoc 17a0a5dee2e6cfda254eb826cb317a6b65e7dca543f512967086340cd367582fVirustotal results 53.33%Heodo
2020-08-12INVOICE867333601.docdoc 06599954bc7ceea181a10e35a518aa4d63d1a911ba58c350a271295bc4f36b6bVirustotal results 52.63%Heodo
2020-08-12INVOICER971293942.docdoc 2f20ed3e86d25bee2fc86cfef8577a1392ff6573b368c48c7611b7215f15323eVirustotal results 53.33%Heodo
2020-08-12INVOICE-OQWX150-2519714.docdoc c594321ad25c0a0e2cbd28d850bd14056f97b05472ef3fc60aeaf17e43cc95c0Virustotal results 51.67%Heodo
2020-08-12INVOICE XS5686 752559731.docdoc 23616c6f25bff95b4f079ebf3b072f7fc60b509bab3e2245021095817829b653Virustotal results 52.54%Heodo
2020-08-12INVOICE MX58 770076.docdoc 9b6d187849d9a7145a75ce48447c2233436112426c805497bab8c1d342fef6d4Virustotal results 52.46%Heodo
2020-08-12Invoice RA6 332965.docdoc 25e3c7f92b7b6c4d2a0bf01c2e0375ff93d1547ce1ac973169615136f290835dVirustotal results 49.15%Heodo
2020-08-12Invoice_1_847346.docdoc 5130c2b92fca78b92aa03684b7110c4e341f9d8ca4e3a20bead042e888e45873Virustotal results 51.67%Heodo
2020-08-12INVOICE TF4 011368053.docdoc c0f86f5a5d4c4ca1e8921cda26e02a082b931bfc17d32900cf54c105cff9a226Virustotal results 51.67%Heodo
2020-08-12Inv_JDZE90_202084394.docdoc 0af3f5b45bb78712c8ed836cb9c83c6799e36000f09c7c4ec285f36ad72b336bVirustotal results 52.54%Heodo
2020-08-12Inv_403_29197781.docdoc 44b8c2c694e595c5c101cd70e1c07cb585b19db23cfd60049e3fe445f6df525dVirustotal results 52.54%Heodo
2020-08-12INVOICE-TWK97-790535.docdoc 6e9b1ad824b0bc35792a2ec92fabb0456af70c654e99e5f6d0067903f3c771ceVirustotal results 52.54%Heodo
2020-08-12Invoice WZZF50 850390.docdoc 9d49d327fa9d96671e507479a7958bd3d51fd6b28b575f43117cd3796950934cn/a Heodo
2020-08-11INVOICE742025204.docdoc d1ada929c1d864f25ddf89d90029767d6c3b46a1bcd2f20cc967703c3d84bf5bVirustotal results 50.00%Heodo
2020-08-11INVOICE JS2014 30752348.docdoc 96c6a329f0da6f8cb3e414f2bde2a0084912d8de0f46d04f69f613f061c0ccbcVirustotal results 50.85%Heodo
2020-08-11invoiceO83469592256.docdoc cbf6ee8e987a618ed4bbc8efb689fab62d912808ce3d959106e7697637d3a217Virustotal results 50.82%Heodo
2020-08-11INVOICE-ANLG963-15717591.docdoc d73d3d4008607aa85da7da86d829db51efb32444af68f33a88a957c15e3dc7cbVirustotal results 50.85%Heodo
2020-08-11INVOICE HA713 914449554.docdoc ba9a8497f8d62ce6e51e23f89f045998e57f187f7b8b9ff3168e5289d1758e80Virustotal results 50.00%Heodo
2020-08-11invoice-H7-798436.docdoc cbb857ef4e6a3fd6c97835111cd57faa9a633931718e00486d9d6ab47dbc88c0Virustotal results 51.72%Heodo
2020-08-11invoiceAS62520041.docdoc ac2f8161f18e49cc70bd086c7b48a73d377afa6960fb233a3d4751bca4309534Virustotal results 50.85%Heodo