URLhaus Database

You are currently viewing the URLhaus database entry for http://benhlyphukhoa.info/wp-includes/invoice/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:434612
URL: http://benhlyphukhoa.info/wp-includes/invoice/
URL Status:Offline
Host: benhlyphukhoa.info
Date added:2020-08-17 12:59:07 UTC
Last online:2020-08-21 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-17 13:00:03 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:4 days, 2 hours, 26 minutes Bad (down since 2020-08-21 15:26:44 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-19XZV_080120_EVB_081920.docdoc ddc5000139723887bfc62c11f989af0e0fdf375b0ba4557f5abc5805e1228203Virustotal results 16.95%Heodo
2020-08-19REP_DBA_080120_ZMD_081920.docdoc 25155c0bdbb328c6e4d68df35320b627b978d287c658085bc03617601fff804bVirustotal results 16.67%Heodo
2020-08-19INV_O34UYPW3GAF.docdoc 5ee8314065d14a3a3a5b81dcc72ecdcf770103b6d6fbd433eb4a6f41a9dfed1dVirustotal results 17.86%Heodo
2020-08-19REP_68687679.docdoc bb8612a686ae9c12046192e2792a6ee1841b6c6ec871d1112fef955888458a34Virustotal results 18.64%Heodo
2020-08-19DOC_CLY_080120_VZT_081920.docdoc e6897b31f6e77a3182753226f0781709a200bf67633cd45568c33c4e78b9456bVirustotal results 20.00%Heodo
2020-08-192802250559.docdoc 8e35e8ba595b5a480cfb07ba4ace588139b959108de6a15519b4db831fefd4afVirustotal results 18.64%Heodo
2020-08-19INV_PO_08192020EX.docdoc 05897a743fd2fe3d791b9560b3a3a0d5fa3f4ca8c2dc6f1a490aaf4a7f4f5636Virustotal results 18.33%Heodo
2020-08-19D_403169862786.docdoc 96fd20cbad5348a0a08bf9482537a553d1a2e1707f49bf02a78a4a5e163c39cdVirustotal results 18.33%Heodo
2020-08-19REP_DQMJ8FQI.docdoc 8f9d37fa58ce7df58a90fc82d80da4ff63b634a0dc855729e1c18e7bd66f7872n/aHeodo
2020-08-19BAL_51114330266.docdoc 73bb57416aa009d5bc50da9027eec6bc8bec76050d7db2a4626cf60bb4f5331aVirustotal results 18.64%Heodo
2020-08-1917111372.docdoc a93b64460881eaa44e23a2d4f546a557b08b739f86c0ccf7b4fe2baca21fba32Virustotal results 19.67%Heodo
2020-08-19FILE_AKS_080120_RSQ_081920.docdoc dac9381a81d9d239f2a341b839cdcd469921f650f74da24535abe92d78951118Virustotal results 43.86%Heodo
2020-08-19REP_0027391876046841036.docdoc 962a26c8b14fff33e17a53528c31a36242e3a8c223900a6feeb4cef134039a0eVirustotal results 47.46%Heodo
2020-08-19Q_KH9146870681XA.docdoc a3773aee947b0fdf4bb4d2a48777f6e8e4a83beb62f033efffbb0b487bef2e8fVirustotal results 46.67%Heodo
2020-08-19233954948981.docdoc 4e187ac73b149abc0e10adc49388c872b2bf2dc68d4a7285586ce13e3b6bf427Virustotal results 47.54%Heodo
2020-08-1952148640882.docdoc 882600fee7e0ea4b30699f07b2c5237c9cb80b2ed0bdd471d055f7b450565272Virustotal results 46.67%Heodo
2020-08-19K_26154175.docdoc 1e5fdb496c17dd55dfc3e32231d286de4334d59bcc313b939202c4f8ae2abecaVirustotal results 46.67%Heodo
2020-08-19FILE_OR9687162822ZJ.docdoc db532f530a3c0922c028cff817afb07a9e082ec260a37750a8af82739e8e8ba8Virustotal results 46.67%Heodo
2020-08-19BHJJ_ZJSSJYIEAOQHMG7Z.docdoc 12bed7181a04f3dc60dfa883d64f6b803600178a6fefa778f58a774d29c38cd7Virustotal results 47.46%Heodo
2020-08-19INV_PO_08192020EX.docdoc ade0c61c5a90ff1c6aa1b54b0f5d9e29382b98feb206f3b170724aa6e34cb389Virustotal results 47.37%Heodo
2020-08-19INV_PO_08192020EX.docdoc 0e79daf2a9f00edeae140c5e513dfe381e03f54ae3fec2dae7b2bd9f005b4f6fVirustotal results 46.67%Heodo
2020-08-1954081089558190598719.docdoc fbf8375b991d64aa1173b7a2d5792b19bdc39b63df4d483e9ac99f47157f3446Virustotal results 48.21%Heodo
2020-08-19FILE_12645268.docdoc 13ecb0280410d83e2d67d9f049fe85af186a0c9959c316c90f3ec327a9ab244dVirustotal results 46.67%Heodo
2020-08-19I_32936554972813413966095.docdoc 28e4449bf2803e0d685599cbfbd23a03ac3f9a69b25f6a2669de4ce252de4073Virustotal results 48.21%Heodo
2020-08-19BAL_PO_08192020EX.docdoc 546326b982f8d4e1c2af1b80d268127974403aae48e453ff6d8f1820120a8d0fVirustotal results 45.76%Heodo
2020-08-19INV_QWY_080120_SKO_081920.docdoc 3725ceff03e6e6eef6de9e27eeed124f766a6df6cdf00519d150be3f0bae6c95Virustotal results 46.67%Heodo
2020-08-19BAL_PO_08192020EX.docdoc fededa8f56c791fe22493104398edd8f25c5b47a5668857fbbe72e6ee16ede93Virustotal results 45.00%Heodo
2020-08-18DOC_O4OAQX2EG.docdoc 560849f5b4cfc8e64f8d0ccabfbba2f9691f80103349650e12ebca53186d1dbcVirustotal results 45.76%Heodo
2020-08-18GMK_080120_UQM_081920.docdoc 6c9d3d58e28a1e8bbf0d1c77a0bbb7f6c71a55ac204041c9f1f8e372b19df91eVirustotal results 45.76%Heodo
2020-08-18FILE_H45D9QXZ9O.docdoc 805f00873a643dff1edc0ebb808bcc771a6641780897a3d7732b01444b2ec3d8Virustotal results 40.00%Heodo
2020-08-18REP_NQ5384453191XP.docdoc 7f32822db30d0d6ab9d5ef5dd261b4629d251e40b69b860a30fa476c0e7b8d0fVirustotal results 40.00%Heodo
2020-08-18Q1CMNJXXL8NWQE0T.docdoc 2db327ec6e030d7937f39cdedb6cbdbade5a89c43fbf6ff39f7c4b7299261a0dn/aHeodo
2020-08-18N_6809751694.docdoc 462b55199b1901a5d737132fa6f604c4b6e8d201ca57b5971ce95294fb74a056Virustotal results 40.00%Heodo
2020-08-1829544412.docdoc 87becefe3e3cd497258a1bfe5a143aa5f119ddb98b934070d60c747f85529fa6Virustotal results 40.68%Heodo
2020-08-18W_TP2958958145KM.docdoc cab6349ac0df4084c7ff95a5e68f961048537236c2602cd3aff11482fb0d0af0Virustotal results 40.00%Heodo
2020-08-18BAL_PO_08182020EX.docdoc 58f54242a517952baf0ab77f9eba354e7f6299fc66a0a2ef3eddfbc9def3870aVirustotal results 40.00%Heodo
2020-08-18LSPI_0861356506088894560895800.docdoc 455f2ce2d5b18bbce7c1ff8a8eec0e143f98fe0c1e0a4d289aee56f5f8e33e4bn/aHeodo
2020-08-18INV_85276888.docdoc f13b6d284eb7046fcbacbc7d199359ef96282da973fb4baee25c10fe1f96d9b9n/aHeodo
2020-08-18REP_531673360567.docdoc b41ec1e2a346142f6a70bfdfacab07de1e84348cc1287cb09b59e439fff526c5Virustotal results 40.68%Heodo
2020-08-18ZPUP_SP3396824941OM.docdoc de5408a8f5bdfe07fc7968fb74f88eb396f296bb04e46861cee727b23e040ec2Virustotal results 38.33%Heodo
2020-08-18REP_YCDJU6OUR5.docdoc a7e09fdce8bb372722c2e23e9a17db2d7ebbd56845a8a4d640485b9597b271f5Virustotal results 37.70%Heodo
2020-08-18Z_U0QQ8S0SXUE.docdoc bdb11339f1bd60995f4f996322b18b502f9fd561ba97b25fbb7e290f03c44e28Virustotal results 35.00%Heodo
2020-08-18X_134252825440891324022.docdoc 2d39a2c3798256d5fe256cc31b187ea8d4304b72a38c6c03f7646c74d84f19e2Virustotal results 30.00%Heodo
2020-08-1822291571.docdoc bf49addf4f772ad58a38abfefd0d5c4ba4d193533c687a048ebd339e512098a3Virustotal results 28.33%Heodo
2020-08-18C_71EM34QA7151.docdoc 754ff57c9f03bc4578bf62ce834db479d379858c30b0e0d120c71970c58feffcn/aHeodo
2020-08-18NBIE_19XB5URO.docdoc c6313b13d24c46970563fd973b3b8b40ffd67b9270160ba475ba43994c824d8eVirustotal results 22.41%Heodo
2020-08-18INV_PO_08182020EX.docdoc 40adc356165aeb925dcc32c72e98d5d0a548f3f5ca83cd3f932792c081bcc106Virustotal results 23.08%Heodo
2020-08-18BAL_PO_08182020EX.docdoc 5a02e9e8ec9cf79027a2471af5a5c50b588f345abe83cd33bdaaa8464b92d7faVirustotal results 21.67%Heodo
2020-08-1820939555.docdoc 248558f5b8547279882c012169b965765eab106c30275d475e3de2ba02e6c7e6Virustotal results 22.03%Heodo
2020-08-18REP_YG3925741539TE.docdoc 044aa7e93ec81b297b53aaebad9bbac1a9d754219b001aaf5d4261665af30bc7n/aHeodo
2020-08-17532403942075289967116.docdoc 4807283c80ef1a3a30d7b1cffc0372d863893ddc4fc8bfea9c74b773db7036f5n/aHeodo
2020-08-17BAL_LOS_080120_XFJ_081720.docdoc f160b7196b2ae74264c75c03364a119a8e59a322a5e56592bb5037130a236252Virustotal results 23.33%Heodo
2020-08-17GOV_080120_RMK_081720.docdoc 84ccb7dd64a2a08a9be41050698b514edd4b7b2360f42a6342f4960977bccdc5n/aHeodo
2020-08-17DOC_CVC_080120_KOR_081720.docdoc a45ea71dcd0596066485da957d49d36d058cbaec265187529071b6e3e61b3c90n/aHeodo