URLhaus Database

You are currently viewing the URLhaus database entry for http://anisoph.com/cgi-bin/kGZF/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:432374
URL: http://anisoph.com/cgi-bin/kGZF/
URL Status:Offline
Host: anisoph.com
Date added:2020-08-13 20:08:34 UTC
Last online:2020-10-06 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-13 20:10:03 UTC to abuse{at}hivelocity[dot]net)
Takedown time:1 month, 23 days, 17 hours, 13 minutes Bad (down since 2020-10-06 13:23:23 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-15Invoice B56 794490914.docdoc b9d2bc9624f1e81b007fd1d89170294eb6eb29c779f83f4e75576a0fa3fa421aVirustotal results 41.38%Heodo
2020-08-15INVOICE-LPYY38-26823144.docdoc 8f88dd80520ccf01a78eb649cc1a7918ff8a0c36019a7b5ecf59ae9c79afae7dVirustotal results 40.68%Heodo
2020-08-15InvNDOM131992172557.docdoc 715b876221f1b5e1bcb052a019ee033638ba9829c8ee712edc2ef66cc27c0e7dVirustotal results 40.68%Heodo
2020-08-15INVOICE-F027-281452.docdoc 39e1005ce7b833af7d15208f045080aff3d0cea6b1695169d52a4eebece6ed61Virustotal results 40.68%Heodo
2020-08-15Invoice-B73-890480856.docdoc dae18dd9a3dbbfc06b5e5c10fc7dc93c670a0c191d7cb7065e9d478503274567Virustotal results 40.68%Heodo
2020-08-15Inv-Q37-61071550.docdoc f5c245a5f1123723691aaa790dca5d49533e18caaf9c0de3f8782404dda81d98Virustotal results 41.38%Heodo
2020-08-15invoiceE811180284515.docdoc 5028de3ce60c62f1e99fcc961491a81d8a3315f89afef5015243cf80d77872fdVirustotal results 40.68%Heodo
2020-08-15INVOICE VH6053 4985854.docdoc 40f8be090c2e10a4175b11315d5adbd548b1a079fb450c6ff18b82b5ad0d75ccVirustotal results 40.68%Heodo
2020-08-15INVOICE-570-182907434.docdoc f77afce2b8d4472fbcf09e30d3fddb8903ce48eebae03a294d7ca7819c07fdf5Virustotal results 40.68%Heodo
2020-08-15InvoiceCA0672616279.docdoc 0f66bd662c52e3cbc7af5fc1bf2b877c06965a6c276d4ff6ea2dd8aa22273d24Virustotal results 40.68%Heodo
2020-08-15INVOICE_FRJE9_11688448.docdoc 94b9821024615e536b2196b18ad6a0c092e4030cc19a99f35d6cf7637a4a3eafVirustotal results 40.68%Heodo
2020-08-15Invoice GZN124 7807546.docdoc af18ef4bdd9624e1c9cf388efe28158dc19f0d506631dba9440780154fe68f8bVirustotal results 39.66%Heodo
2020-08-15INVOICE JT1997 7254148.docdoc 3d3319da15a4774593968e93c815aabd17f3ccdd973793e8f372028cf510fbeaVirustotal results 39.66%Heodo
2020-08-15Invoice-MBL5571-3158949.docdoc c377dc79e60a07fedd6917cb54f6488abd8bc32518e611f3bc0af5114c86b9b9Virustotal results 41.38%Heodo
2020-08-15Invoice_C9094_772231668.docdoc 5aad4e8411345827709d260128c9cbf52733442d4d87b24e452be806437803fbVirustotal results 41.38%Heodo
2020-08-15Invoice XJJ36 076336.docdoc 19b4201b455b36ccbd0e674b6028427d3d0494a20e5cc77b73f271081b812f29n/aHeodo
2020-08-15Invoice_3122_6511141.docdoc 2c86bb76fa7bb5637e50fef795f8c01bc2d7aada2c03868619dfcb53649a097dVirustotal results 40.68%Heodo
2020-08-15invoice HCSU00 706527724.docdoc 9fb657e14e9e9ddab626901b47606257774d5b8136e27be0be0fefc5ba702789Virustotal results 40.68%Heodo
2020-08-14INVOICE-4-23449737.docdoc 65531b466ac29ac2fbbdd69e1f6408eccbd82b4a998e13fe2ce4592ead35deffVirustotal results 35.59%Heodo
2020-08-14Inv-WKJ5296-949852.docdoc d5c4e66646fdbb28ccbcbb8a172e88103a0889ba9d302d5f8cbc5afa095317a6Virustotal results 38.60%Heodo
2020-08-14Inv_28_5731655.docdoc f6df2e3de41f0526c8d86612ff313c43bb5b6a8d118fa21459ee00eae061aec6Virustotal results 37.29%Heodo
2020-08-14invoice-O154-044950889.docdoc 5a339bed662000c7482bef1785340e56fb3f3a495dde5df8e37cc237ac111374Virustotal results 38.60%Heodo
2020-08-14INVOICEIVH96971823641.docdoc 24d8cbfa1ad06cd8c8ae049129cb7430b25037b74f586f0322eb11845b628b3bVirustotal results 38.98%Heodo
2020-08-14INVOICE-CFYL1-366878270.docdoc 90de2a033b4c164b9847959cce393f64043f3f5cac802fc0bec8357b481aacd5Virustotal results 37.29%Heodo
2020-08-14Inv HI7088 220720.docdoc 0042b24a00a23de031502f7aa4671cf2256c9097cb7509fcd8cda9fb6435e2c6Virustotal results 38.33%Heodo
2020-08-14Inv-N4-77300992.docdoc 95cc5ce9259454f349e823d4c1e4c546a303dacfd17dd01c60af5f9dfb171cb6Virustotal results 36.21%Heodo
2020-08-14Inv_XTKL31_072820587.docdoc 426e28c9564a4fa65f54f69e35bc2c5ff53a951f924883a9dcb491a5278446f9Virustotal results 37.29%Heodo
2020-08-14Inv-0-122910.docdoc f05c3c3c5f5f34aa116627c7125bf1a8c6601d0fad0762c759d77d20ffa45726Virustotal results 38.33%Heodo
2020-08-14INVOICE_554_62736785.docdoc c129af5aef7d314993b58cc7c4a1df79f5550e97f3eb6b9f1d558defa38df88fVirustotal results 30.00%Heodo
2020-08-14INVOICEBU7957549863.docdoc 0b9b57254dd7909e3811cb4909af8975a9206c13f6fb6f2ae5c8f9a2687ff202n/aHeodo
2020-08-14INVOICE-A91-996852461.docdoc 33a8aa9764e02d87f0cec4eefb1f0a698ad48b39a10a8a9f2d62856a30cce1bfVirustotal results 30.51%Heodo
2020-08-14invoice-OCK99-184252354.docdoc c2af257a8a40028722b621eec7a07631530b6ad0a75733f89eb70aad03b1e4b7Virustotal results 30.00%Heodo
2020-08-14INVOICEI234324391.docdoc e25abc26006918a7b3aebd6972159b23fd0188c75af859831bf0c870f839a487Virustotal results 27.59%Heodo
2020-08-14INVOICE-1-758536.docdoc 41f9bc1bbb71fa057d96eb8478c52c0d138922f3bcc13514ca31d3ba7ae7776bVirustotal results 25.00%Heodo
2020-08-14INVOICEHAX17098234710.docdoc 104251c4ce5ddfa9732871b3478c81882c4e2544e2f2b615ee7e05a6c4c35b0cVirustotal results 26.67%Heodo
2020-08-14INVOICE-E24-970059732.docdoc 21c03f89445c00697538e5c37bbb08c294916530de14212a348e7fabbe09a554Virustotal results 25.00%Heodo
2020-08-14invoice-7-165381.docdoc 4828a6c7692c1ca3bee53f0c8dd1ff26f21faaf8cb2c66e0c4c460c6dc9f6dfaVirustotal results 25.00%Heodo
2020-08-14Invoice CB6507 56430734.docdoc 31fd17ea13411b2b4c8a726012b7e3390527519bfcb805d9d895877a627c8f7eVirustotal results 26.23%Heodo
2020-08-14invoice YI068 529905.docdoc b3ffd34596fe613e60507fc3754eb284d3bdf1968ea939014bb5c3efcdefedaeVirustotal results 25.00%Heodo
2020-08-14Invoice_320_996244872.docdoc 3d1d9383eb8fa943d9a30683c659bf8dbd0728daae34c9e0227d1585f26cb327Virustotal results 25.00%Heodo
2020-08-14INVOICE_RPG6483_43995888.docdoc b491fec759260d8a1c9a3ae8ca946359d8abd506b683a71ee5a45fb91e170236Virustotal results 23.73%Heodo
2020-08-14Inv-SA8842-43940637.docdoc 3a05ceccd595d5635e66f16ae47e0a770f4e6f2569c7cd141676678cb7c61de5Virustotal results 25.00%Heodo
2020-08-14Invoice 8 686032.docdoc 07b144dd0033cf31233b85369f90ddc087ecdf0c5ae378612e504252db7c3f32Virustotal results 23.33%Heodo
2020-08-14Invoice-RALF41-318547959.docdoc f841c145c39f74c12260a67c686e4dde761614e633f204a3e68f47750f2e6d1fVirustotal results 24.59%Heodo
2020-08-14INVOICE-S2-2295575.docdoc 99db7baf30cee72146c4791d36d158ca3ed62a58dd3bd57b7bfa60d0f13b08d9Virustotal results 24.59%Heodo
2020-08-14Invoice-748-872574487.docdoc 27db24afe51c643a809e559c190b96146022ef6d3394b8e990c6eee4bb9846acVirustotal results 40.68%Heodo
2020-08-14InvoiceSY9455931237.docdoc fb17807621969c33d345882ad5ae95cd5294c32509e13a6fe8ce1d317a5c3f4dVirustotal results 38.60% Heodo
2020-08-14INVOICE_J76_70237167.docdoc 865aa27f909822b77734136c2ce238a258cbf8a6041b588f5fb75c284fab5d26n/aHeodo
2020-08-14Invoice-FV10-76452404.docdoc c32ebf07a4f2324cc33cf6e7c975c375621c519fa654fc27303c9a812293fd7fVirustotal results 39.66%Heodo
2020-08-14INVOICEAZLT25029419350.docdoc 854fcd9b34f74cfd7956a1bfd5de137afaa0c79aa3e1e80ccc4f87410e0e6159Virustotal results 40.00%Heodo
2020-08-14INVOICE_LO5_816426028.docdoc d77766273a903661def8286676499fd3cf8f2a337cd8fa867e5788e5509db0e6Virustotal results 40.00%Heodo
2020-08-14invoice-L0-54176992.docdoc a5cebe26ebd797b743940f94cd3b74255ae3864a8042734c1b430e3da0198e2bVirustotal results 40.00%Heodo
2020-08-14invoice2093922378427.docdoc f740ad05fe75e146443ce0776602fc5828a534f28e1e2f34a1d785083de85bd1Virustotal results 38.60%Heodo
2020-08-14Invoice_GZZ09_961284.docdoc ebfd94ac1cb7510d9b3fe2de38c88bb88d64956d0c6eb93aceebee8ea83ac763Virustotal results 37.93%Heodo
2020-08-14Invoice H39 391215.docdoc 3c0a2f5c58b9874a2167dd0d6cf544f4ebeaa0fac9dc4d375d41f80cb8dffc83Virustotal results 34.48%Heodo
2020-08-14INVOICE-IYMC221-237764545.docdoc 0b134d91d537beab9f4e700b126eb1b43b69c80126818592cef4697fce08263bn/aHeodo
2020-08-14invoiceCHYG0853494929737.docdoc 2879a9d705300779c0269f3a6847fb725a3564c7ae27f44226fe17f422474ca3Virustotal results 36.67%Heodo
2020-08-14Invoice QNDX1157 890572594.docdoc e8516c23d1aec8faadd52ae68fd240339940d05f4a1db7c56afdbec1eb5de0f6Virustotal results 36.67%Heodo
2020-08-13invoiceW3795664.docdoc 3c2103ec1e6af0ce039524d58d70a4ced5e2845549def894d03f836978afa09dVirustotal results 38.98%Heodo
2020-08-13InvV264494385.docdoc 2741a0a45d8bb8b7e1fa15f9f05492ec1235fcf882792971e1668640ae40fbb9Virustotal results 36.67%Heodo
2020-08-13InvoiceF1241739863.docdoc 2700c5a0f48e93d064b77b0179fc337d59ed7d100dcdfa5f29c2f1d035e03204Virustotal results 36.07%Heodo
2020-08-13Invoice 7993 4425118.docdoc e1ac6201887f008a8beef8eca74076739b93dacf2d0d366f3329ca55dbc3c827Virustotal results 36.07%Heodo
2020-08-13Invoice-4-863031.docdoc 9790de78c7614b7690b8f35d421b7704eb89e5eb5cabfe24dcf83485d90e2949Virustotal results 36.21%Heodo
2020-08-13Invoice-JHH7606-043471.docdoc ad919d299d8151242bb880dfd8e4f379ee644eb8a6eb799f7dd9608fdbaa84d2Virustotal results 37.93%Heodo
2020-08-13Invoice-8293-07637190.docdoc 5068ac1fc3ea1af3eb637bed169df3a72f14ab7db56ff2996f718fbe8c05642eVirustotal results 36.67%Heodo