URLhaus Database

You are currently viewing the URLhaus database entry for http://gregemerson.com/Ff97492/Scan/20wmht/o4dfm36656979207484719e45ndp8zro8/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:437873
URL: http://gregemerson.com/Ff97492/Scan/20wmht/o4dfm36656979207484719e45ndp8zro8/
URL Status:Offline
Host: gregemerson.com
Date added:2020-08-21 03:40:09 UTC
Last online:2020-08-22 06:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-08-21 03:42:02 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:1 day, 3 hours, 16 minutes Poor (down since 2020-08-22 06:58:59 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-22FILE_Z3W59WEDXD.docdoc 185629559fc8144ebc604bdb282f488286168205d6797eebb448ee7440c20edeVirustotal results 30.91%Heodo
2020-08-22N_PO_08222020EX.docdoc 3c81352c8209acf1d2f6a5cf507c64c492c720fc76a53a5fa83424c4e90603a7Virustotal results 32.73%Heodo
2020-08-22STX_79699803.docdoc 17c529f8042665bc986093547d9f8281d9684aae9d35e8774f30bee09148b53fVirustotal results 33.33%Heodo
2020-08-22BBHB_9516501564427962.docdoc 223f9d553cde32a1d85c024ab5bf112893a5d55e9595f0cfab8bc6219e3e447bVirustotal results 32.76%Heodo
2020-08-22RGF_080120_BGD_082220.docdoc 93b634aee9aad2befb33b7fd725cd8f468013a1949dfdae190ccd84456d328d0Virustotal results 36.84%Heodo
2020-08-22INV_IJ0337499958NM.docdoc a1e87d01c65493326225304620046734277bb14220533083a514de1693fc43a5Virustotal results 32.76%Heodo
2020-08-22FILE_TH7353870134ZP.docdoc 096a3542fef0f482f624aefb72a07ce378c1b5618b69a2067567a88f09b01190Virustotal results 34.48%Heodo
2020-08-22FILE_V4RZN24Z.docdoc d818f0d1f4c2dedae9fcd5152cb3a98a58e46528bdbf5decf83285dab11d4454Virustotal results 36.21%Heodo
2020-08-22DOC_PO_08222020EX.docdoc f91300fa52a19f297115dd8c84a2b9f1083fe608123fe8dd26d1e391f13b29d7Virustotal results 35.09%Heodo
2020-08-22138664736.docdoc 7cc0c880d55c37aa23a77e2002e19f7b8187f065384cb3ed03d43ec181cbe496Virustotal results 33.33%Heodo
2020-08-22INV_LN8073786694DW.docdoc 145acd5e0e67f614595dd75a8650697247d18e68629cacad0810b67783e01b64Virustotal results 36.84%Heodo
2020-08-22INV_FU4344935088PM.docdoc 94904301a0794ca20357c8ba3c059df10179b43afe4828ac94683dfca014d6f7Virustotal results 32.20%Heodo
2020-08-2258147679.docdoc 9d28728ad9b834f59079daf4cb54603a868e3909eccb6ba13e229901a40103c6Virustotal results 32.76%Heodo
2020-08-22VCN_080120_VZZ_082220.docdoc 7ea054ef114875e69c5527af740abca012c4db7feb7eabe49bbee4e43e1fdc61Virustotal results 32.76%Heodo
2020-08-22FMF_080120_FRP_082220.docdoc e58f047fe04cae788a4aecc9507bf22d1c090e44f2181a4d57f2d7c5d7535f75Virustotal results 32.76%Heodo
2020-08-21AR0069802181MM.docdoc a6679eb46ce9ffb28041319f4f1f5d9ec789b87a8ee7d4e8a35d1971f7d02e58Virustotal results 32.14%Heodo
2020-08-21REP_PO_08222020EX.docdoc a94bfdde9ea088c41de28d3442c32ab32bc1fedeca96db46e004671e01f80e21n/aHeodo
2020-08-21BLATAR6BZ.docdoc b18ff814b0ba77996f0fb7438dcab6de0e4af317dd07c77aa494904df1aa5446n/aHeodo
2020-08-21INV_68756123.docdoc 89415d58550d6a2793ed4804dc7752b3eb54a8e12ab8c02556131b5f4b0d8decn/aHeodo
2020-08-21TU2711518982QC.docdoc 4bfdbdebb1f582e2fb034a60c4b82004b6ea2db5c8d312d5e384133dd634c5b2n/aHeodo
2020-08-21ZD9408138304WZ.docdoc 63e8e5f134319a61ee0ea021511f79a597ad651a1712ff703902454157100d1cn/aHeodo
2020-08-210088YVDH0.docdoc 87946e4acae842c121b63eacefc34325426535b79aa49dcbcb4d1c74faa7adefn/aHeodo
2020-08-21T_ON4457579831HY.docdoc 656cc3eb3438badf2ad21a9aa6c6a7b35ef4279cc9469344dabb0878569757b3n/aHeodo
2020-08-21FILE_CV2420395745JZ.docdoc 6323c7b4ec8783e51f631813adf56905ab2c875fd1c8f94f58f7b2f98ed037f7n/aHeodo
2020-08-21BAL_KF0078435762CV.docdoc 860c5f447f202c55885fc12b01dae4464cb7a2813113a03099954d6e2487f437n/aHeodo
2020-08-21TGK_PO_08212020EX.docdoc c23c13d2d134c96634d942166257baa97b35c635a000d8bc2f654fdbd6a86e4an/aHeodo
2020-08-21KP0820839865YC.docdoc e3a1db9625e95bab4a009a18804f0e89bb1233d33af7e255b6e304a51b582450Virustotal results 25.86%Heodo
2020-08-2189973331.docdoc 48b6551e86b81eed2eee275cf1d833e44580745dc6f578ee3fe8c139e0c205d7n/aHeodo
2020-08-21INV_83001314.docdoc 4515983abea28fd6da7bd8991a47916f0a226647eae1305d1aa554af62144d8cn/aHeodo
2020-08-21BAL_PO_08212020EX.docdoc 36cfe2c9e748465f27e670ee4877f686c8194cf21b19145ba98e77a88057f74dn/aHeodo
2020-08-21BAL_PO_08212020EX.docdoc c6a5cc3476c048456af1997e698dc72231c1be3e590f6c9783e8adf136320f46n/aHeodo
2020-08-21REP_38903902.docdoc 77460cc133315ccdfbdaf1546ce45acc79abed14bb832947ca2dd33c1425dd49Virustotal results 27.59%Heodo
2020-08-21DOC_9L5O29Q.docdoc c8ec1a9b7d385d96166c22f142d0437768d0db460b1cbfcc53cd796bb0662569n/aHeodo
2020-08-21BAL_TE0907115042WK.docdoc 33da171c98a915b6b46ee6b15f06b10f57557c479fe659f138921a4578264ab1Virustotal results 27.59%Heodo
2020-08-21RHY_080120_JQY_082120.docdoc 23783fc8f765e41ad06c6bc3861e5d1c72d9e082ce67cb901d114ad89d6b8313n/aHeodo
2020-08-21PO_08212020EX.docdoc 01298d83e8f16304e95326dc2aaeba75fb90913b8e359ba16ffa314513f6ef63n/aHeodo
2020-08-21FILE_ZE6428763355HT.docdoc a733a4e6024de8fb8639c32f10763eb1350346440beca5654a2d0dcb93ad94f0Virustotal results 22.03%Heodo
2020-08-219341610537.docdoc 92ce63816306ff769b615c927a2677d7a4d1eecdbe7e6bc825ce4a446df1bc7eVirustotal results 22.03%Heodo
2020-08-21INV_PO_08212020EX.docdoc 6eb69e6bf953f664d116b1f723231c894c54ff4b2482e3f9d1120b10fc541bd5n/aHeodo
2020-08-21831393525835255594215.docdoc 71168d573c54a2d35fe5f22691d9090791fe2c78cd932b4c9fdfec7062329f87Virustotal results 20.34%Heodo
2020-08-21BAL_6456856924423950814.docdoc 8a887dca0fea26577923cdf9c4985eac7870541eacebc98ac38b51a4bda04ab7n/aHeodo
2020-08-2172245889.docdoc 6da5305c5476e37418039466c6809a7b54104ba1e58a922c6383a74d7fb2517an/aHeodo
2020-08-21FILE_99973655.docdoc 83912e356ffc063006637864e3ceed204efd7141ac92b7ff91fc4e3372c2552cn/aHeodo
2020-08-21REP_TVJ_080120_GYW_082120.docdoc e0edc38058ce9b689134aaa2fde3ffec05c36a32a51eb58932d313160434ec50n/aHeodo
2020-08-21ATR_080120_IGE_082120.docdoc 10b6f0f265e6ffee5f3f24d1719593a94876a740dccbeb6f319bdf53a44a72d8n/aHeodo
2020-08-21REP_621047073.docdoc 776f4f1487843baa3e05f9674c4965bb582dc8e7e692b858bdafa93811862716n/aHeodo
2020-08-2129976702.docdoc a8d9be27c76a90124652ea8d92479f9651ed136612532d9f34b4c0b8bb78fc25n/aHeodo
2020-08-219547088140.docdoc bf9fe3f7b66ae5baa3877c2da0edf95f1434298010128ce61c76f6bb6c4c46e0Virustotal results 29.31%Heodo
2020-08-21FILE_TU7336807536DC.docdoc f4cf506743474d0a3cd6642db40bb54301ec4a84e38d41782b1199600b16df5dn/aHeodo
2020-08-21PO_08212020EX.docdoc c6fbe26a69de6c684e24b5438000839980b291ba697b3749c226ee5871517433n/aHeodo
2020-08-2183033098.docdoc fd2732589c07dc97af78689360772ace939ebdbf5c47132f7df607d9e24a267dVirustotal results 29.31%Heodo
2020-08-21S_35340669.docdoc 0566ee320bea900383d9ca704bf88d12efbcb69e6eed4b55d1e904ced4c6af2an/aHeodo
2020-08-21BAL_58943266652.docdoc af3988b7856704b5467030ee792d90beff86f1f453c3280c8d0f822b2dc9898fn/aHeodo
2020-08-21REP_T3WO1QFCO.docdoc 29489d8ec25a46a76a0bb977cba3d4260eef3e2520e1b060a323df2c5f8cd8fbn/aHeodo
2020-08-211318253099531.docdoc 346bffecd143569cdd0fb796380eb297dbf4b03fbb9c68edf994501847763d20Virustotal results 31.03%Heodo
2020-08-21I_AKOLS3NY9Q8.docdoc b067f851af29843c48232b84fd2062937192d864d7f69979bc590786f4f4d4d7n/aHeodo
2020-08-21DOC_PO_08212020EX.docdoc 7112a5a9264a099d9056f3d980c95fead062c56ea04362528c505bcc6ddd2b1dn/aHeodo
2020-08-21BAL_XP5390277929QP.docdoc 913271f10fdbf26cf67c0c6b3b0f0f501848bf25f539c04feb5553f95307bd95n/aHeodo
2020-08-21REP_FO3399119307MW.docdoc c87f02029dfc7cc838cdbd76fe5640ab9778826bebdd965fd772f7b853d4178cn/aHeodo