URLhaus Database

You are currently viewing the URLhaus database entry for https://roberto-restivo.it/cv/balance/DwlX/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:441046
URL: https://roberto-restivo.it/cv/balance/DwlX/
URL Status:Offline
Host: roberto-restivo.it
Date added:2020-08-25 15:15:05 UTC
Last online:2020-08-26 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-25 15:16:04 UTC to abuse{at}hetzner[dot]de)
Takedown time:22 hours, 49 minutes Good (down since 2020-08-26 14:05:13 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-26Invoice 9626522.docdoc ef636276477fb705283c72bed51944745efcd25b3bc22dedbb5824966082086en/aHeodo
2020-08-262788805563OO.docdoc 726851d13c68bded8ced4904841817ce37f6bde1a4921825deeba3fe687e78b9Virustotal results 28.07%Heodo
2020-08-26Payment status.docdoc d5c549eee018841e8c99ea2b6fdb5d625863689a0758458bed6ce909cf5e3e28Virustotal results 30.51%Heodo
2020-08-26RS1606280384GN.docdoc b7af329aec141c57255b3f1340cee5b1cf445796407b8fb2207bb82ae01af63bVirustotal results 30.51%Heodo
2020-08-26Invoice.docdoc 9a653574f4bd83527c76e05fd7359dd12bb635e6a2d13de3f147f72869f1286aVirustotal results 31.58%Heodo
2020-08-26invoice.docdoc 68261c52b291a4ffa205ae929a3767f829d04d22ccad49f5d5c2d64e4e0b9403n/aHeodo
2020-08-26invoice.docdoc ad733b0b22098492dc204c3521f06985090a9736dba26bf1978751bf621aaef1Virustotal results 28.81%Heodo
2020-08-26Invoice 00006826.docdoc 326b6ffd982be761a292c6943c3fea0ba08b7daad27dc28f29351de6c58a77dbVirustotal results 29.31%Heodo
2020-08-26Copy invoice #74199.docdoc 90706311f68ea29bbbcde95593221febb3c17d6a4dd687990ec5fbefa3b527aen/aHeodo
2020-08-26invoices 6152 & 81065.docdoc 2f2a86495a957b33a3f263209f93e0507b58dc7b1d0a9a8771f0a4a66ddc47d2Virustotal results 27.12%Heodo
2020-08-26INV_48671.docdoc 2c04ad16d84baf366fddff043138143b61cdd89b251012adc01fae323b5a1695n/aHeodo
2020-08-26Invoice 0002742.docdoc e6f9b7b28fba2eacf7e7a6f9c54aa57f312d3993840e83a17cdb1b867992744bVirustotal results 31.03%Heodo
2020-08-26Invoice 0017966.docdoc edf042c7f48eeca9b83d2f316eaa34a7274b386a0ace0c3dd4a97227852a64cdVirustotal results 31.58%Heodo
2020-08-26Electronic form.docdoc cd6816d2aa0cf74845a993d21eeaee85e28d9480bd6c1322d7880b0640bd8248Virustotal results 30.51%Heodo
2020-08-26O3762695442YT.docdoc 8bf9a63b2f36c474f3f20fbc3d268d1183e77f8479ffdb272f60027db9f66cc6Virustotal results 31.03%Heodo
2020-08-26form.docdoc 885506e9990187ad03eebbf630b4a73e3c6a73266a7bf9997fd18fee0504035dVirustotal results 31.03%Heodo
2020-08-26Invoice #7046916.docdoc 012064617c3b69bcf41076e01a3ae44346db3ef00153e7f114c0850e7863324dVirustotal results 31.03%Heodo
2020-08-26Payment status.docdoc 910eee0361a7b5135cea38da75ec98b71cecd2957a59b136c83baad0b2ed2861Virustotal results 31.58%Heodo
2020-08-26INV #5248237 FOR PO #46439342201.docdoc 391b29bbfeca47bf67b0fc05596c5c478efe548b39e530b8cb8d32b3f4ae6df9Virustotal results 31.58%Heodo
2020-08-26Inv. 008855500026.docdoc da31dd9726bc4aff67976a72360ce783753f92f2036c0453ce46a0b7fdc99bb1n/aHeodo
2020-08-26Invoice.docdoc 30a43e3c1b38fe5a37ce0fcdcaee4cef05b4d6682e668d782131c7c54de0e292Virustotal results 31.03%Heodo
2020-08-26INV_423359.docdoc 42b5ec8818761156c634688567929519114fce1416142648e9271aa22d9f921cVirustotal results 31.03%Heodo
2020-08-26UT396 invoicing.docdoc ad4c1465a9c3713992b6fd761417e5c47a9986ad08c70f4551ed239fc9376219Virustotal results 31.03%Heodo
2020-08-26form.docdoc 02b772df112f40ad435b9b0abba31d1918394f14f5cadf7cce0b73a1fca06053Virustotal results 31.03%Heodo
2020-08-26invoices 931 & 9228.docdoc 2598aa26850a1680e5b2fc8ba93047788c8aed0ad47b09aec818ae1977b58d47Virustotal results 31.03%Heodo
2020-08-26Form.docdoc d9501951fc4a9f05142eeb935e40f705bb839c1005a1a1beecfd7cb5ca5bd636n/aHeodo
2020-08-26invoice.docdoc d897abf4abbb70845e61775f409d37276cf220d2a1974fba7eafe0415e89ed2cVirustotal results 31.03%Heodo
2020-08-26August Invoice.docdoc e855b2146c3ff83410f1aedeb77814c39ab935c13e8211739447b370d1470af0n/aHeodo
2020-08-25invoices 956 & 7495.docdoc 46247b3c957958014124c16b8416eef58b16a51927257d7ddfd13c776f5d2656Virustotal results 30.00%Heodo
2020-08-25INV #0047102 FOR PO #06310479846.docdoc 1c8b59a1af8cceeb16398384d9faa639a1b5b6f95580bb233c6f33d64f14168eVirustotal results 30.51%Heodo
2020-08-25Form.docdoc a706a221025fb97d81b3865a7a6f78c8b2e98be47cdf04bb8d58adee50bfa85dVirustotal results 31.03%Heodo
2020-08-25Electronic form.docdoc e3056c02d20728d79c09d5b6c78054fae5c45336ed6ac191c6f5e6802aeca1bcVirustotal results 30.51%Heodo
2020-08-25KC-080120 YZQU-082620.docdoc d94cafbff132a1324df8774b53913b72189f9f6321c2717acb6f07bc19ef7895Virustotal results 31.58%Heodo
2020-08-25Payment.docdoc 59319005069e45060f1134dfcae68e13dab1e0759693cec554d456275cd54105n/aHeodo
2020-08-25August invoice.docdoc ac8ada90430158ae3caa1d06b5cace4d7cdcbfea53b364e0ed0cf2630a4bd256n/aHeodo
2020-08-25Payment status.docdoc 8aaf1362a0f1cef78461c030cb62eee653672ea11968fbbdbf0bc04a6389cbc7n/aHeodo
2020-08-25Copy invoice #7717.docdoc b695c365a02169f2553b8b274b088a35e4494d010da5d2d14c47c795a9253ff7Virustotal results 42.37%Heodo
2020-08-25invoice #825734.docdoc 2467ecf53cf2514e94069224ec9ad187b90ed045980ac5dc3acf51ca12ef7903Virustotal results 42.37% Heodo
2020-08-25Electronic form.docdoc 28f99f892fbcf63aeabcd3951fffe44142004be423b0983b343ad7a6e3d1a3d6n/a Heodo
2020-08-25August invoice.docdoc b871a74259dccb76d57570bf83c9dab05f818925296cd0a0ef8bdf53cba88de9n/aHeodo
2020-08-25SZ-080120 WLVW-082520.docdoc 8bfc95ca63125f9802da5efe3ca4b0bb28c6706f824f07a3a2763c1523a02237n/aHeodo
2020-08-25Form.docdoc 3e507c5a4ece7c79a9444d514d022ed496c367655e16312d2d7816bbdf50d75fVirustotal results 40.68% Heodo
2020-08-25Inv_6740.docdoc f55c673ff53ae012f65ad0c41677b468e662aa8a66df0d4fcca6dff1cd057d4an/aHeodo
2020-08-25invoice #55306.docdoc 6760a52c9132d1c0c1940505f9a4000ab19ec4e6a8a768c2b27fe98058f2d275Virustotal results 38.98%Heodo
2020-08-25INV_9323.docdoc 20534dd8909c68caf126fbe3939fcbdcf3025961bbdfc879b4bba3349769465aVirustotal results 40.68%Heodo
2020-08-25P001 invoicing.docdoc 146c831956d90e947576cbea6b6f32651c14be191237572ba69f7f852e30fbe6n/aHeodo
2020-08-25Invoice.docdoc 524b0f0895071e6c8461424f8ec20a6f2ed558f8330abb8f1ba2e69254120489Virustotal results 40.00%Heodo
2020-08-25Payment.docdoc 5528f557e7166989f1feab72c1308b22ee631a960ab2347eb57360f1a6f1e10aVirustotal results 38.60%Heodo
2020-08-25Copy invoice #41185.docdoc d199b5b943e68cf22cdbaa5e4cecc6c267e9a6a324a2b1a72bbaa74ee7a8fd0fn/aHeodo
2020-08-25Payment status.docdoc 5e20ed5be05ff7d43d0808d7231523d4215641f5f7772af9aa4cda041b48a100Virustotal results 34.48%Heodo
2020-08-25Copy invoice #175149.docdoc e1640e93ca02977afd16073a217b260308474f1ccd5202aae41ef0042b215201Virustotal results 32.20%Heodo
2020-08-25Form.docdoc 1d96774b88ff22329aa7005e028d3e6ba72dfa855a3d519e6bf0f3b70f030249n/aHeodo
2020-08-25Payment status.docdoc 295d50d54d372ac504319a9f344a80fac2c8909e5de7790cf1d7bf715e62aeafn/aHeodo
2020-08-25492823210.docdoc c538e23741995603898eb780bd4e6b9fcbf272beeef130ff6eadf163e4f1e112Virustotal results 29.31%Heodo