URLhaus Database

You are currently viewing the URLhaus database entry for http://gtassistance.it/siceco/lm/5466/bLI/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:443795
URL: http://gtassistance.it/siceco/lm/5466/bLI/
URL Status:Offline
Host: gtassistance.it
Date added:2020-08-25 21:28:22 UTC
Last online:2020-08-26 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-25 21:30:03 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:12 hours, 58 minutes Good (down since 2020-08-26 10:28:16 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-26August invoice.docdoc c2e1752a4bd5a694402e04334b50e8efd9714164c9fe3dd70d2e3b1dde45d600Virustotal results 28.30%Heodo
2020-08-26Inv. 78894.docdoc a653ed7fc7b44191a6e35885e211f29497f5a16fe3bf716c6ee745cbe315614dVirustotal results 29.82%Heodo
2020-08-26form.docdoc 90706311f68ea29bbbcde95593221febb3c17d6a4dd687990ec5fbefa3b527aen/aHeodo
2020-08-26SPV-080120 ZWJR-082620.docdoc e6f9b7b28fba2eacf7e7a6f9c54aa57f312d3993840e83a17cdb1b867992744bVirustotal results 30.00%Heodo
2020-08-26PO# 08262020.docdoc aac96c07ed5e765bdcc64f7eca5cbbb8e6009283e1d10f8a1ff1f822a3a4b25bn/aHeodo
2020-08-26Payment status.docdoc 4f28bcb0c2d54cffc2810fbd3d3e10b0d2dbc20e043c476526947e9e7e7ee7c8Virustotal results 30.00%Heodo
2020-08-26PO# 08262020.docdoc edf042c7f48eeca9b83d2f316eaa34a7274b386a0ace0c3dd4a97227852a64cdVirustotal results 31.58%Heodo
2020-08-26Copy invoice #3655.docdoc 8bf9a63b2f36c474f3f20fbc3d268d1183e77f8479ffdb272f60027db9f66cc6n/aHeodo
2020-08-26form.docdoc 885506e9990187ad03eebbf630b4a73e3c6a73266a7bf9997fd18fee0504035dVirustotal results 31.03%Heodo
2020-08-26August invoice.docdoc 012064617c3b69bcf41076e01a3ae44346db3ef00153e7f114c0850e7863324dVirustotal results 31.03%Heodo
2020-08-26Form - Aug 26, 2020.docdoc e9017cc8b425ecc8518bb34458a30045dcd446e2ace97b4e0209d0ac3a13de53Virustotal results 31.03%Heodo
2020-08-26002295283.docdoc 391b29bbfeca47bf67b0fc05596c5c478efe548b39e530b8cb8d32b3f4ae6df9Virustotal results 31.58%Heodo
2020-08-26Electronic form.docdoc 13586126b01818c527e7eac512c8eafd4cf047bbd75e7b629b5e6fb6a407b500Virustotal results 31.03%Heodo
2020-08-26invoice.docdoc e5e2607f45c68befee2ce476555035c2c2551e2afb187952a82afb93cf6fb773Virustotal results 31.03%Heodo
2020-08-26Invoice 0493954.docdoc 6e6592776210c618525c5b5caf06d29e8c25d2177b3f7dfd1a86deace9520dcdn/aHeodo
2020-08-26August invoice.docdoc ad4c1465a9c3713992b6fd761417e5c47a9986ad08c70f4551ed239fc9376219Virustotal results 31.03%Heodo
2020-08-26invoice #981672.docdoc 02b772df112f40ad435b9b0abba31d1918394f14f5cadf7cce0b73a1fca06053n/aHeodo
2020-08-26August invoice.docdoc 43ea239dfae5a4b79c29b5ab2e18e6e2bb2456d1912663dbbf6762ab93a53694Virustotal results 31.03%Heodo
2020-08-26Inv_64962.docdoc e9f2cec35496ad75bdf4de5734aa4f4f7306f46a6c5dbd03329c65a706516c3bVirustotal results 30.51%Heodo
2020-08-26INV #05369 FOR PO #80095077800.docdoc d897abf4abbb70845e61775f409d37276cf220d2a1974fba7eafe0415e89ed2cn/aHeodo
2020-08-26August Invoice.docdoc f1e8c8ed894dab23c0dc79fea7ede95c07d0db4022fae65dd650a7884fc165f4n/aHeodo
2020-08-25INV_47661.docdoc d9837b1903f0cc74cedf8b2bc7a74da61ae878ce54cfd439816af5919b5e846fVirustotal results 31.03%Heodo
2020-08-25Form - Aug 26, 2020.docdoc 5caf6a0047706e0e584daa8e6a31c7e7ab30bebf4be51d8aa72f9629794a8386Virustotal results 31.03%Heodo
2020-08-25Form.docdoc 787e426fa820bdeb365b0848eb4416fae5e3e15969c0931509f88db6f8724d4eVirustotal results 31.03%Heodo
2020-08-25005364466.docdoc e3056c02d20728d79c09d5b6c78054fae5c45336ed6ac191c6f5e6802aeca1bcn/aHeodo
2020-08-25Form.docdoc 481687ed49cd8f8a3d87484048c7ef7ed5398b4bbfce5dc0d8afd8c86d0b67e1Virustotal results 42.37% Heodo
2020-08-25Invoice 00343396.docdoc d20011bcfb209e6b0f23255c75907a43cd4cf4bb1a007736331854d8d5bb8abcn/aHeodo
2020-08-250053500.docdoc 5266fb5179fc40c9b032f6b38213aa59dbbe2df76ab0a3ebb44bfccbb2d0d997n/aHeodo
2020-08-25August Invoice.docdoc a288df88ab9b14c02291c83e72ef3049ac9c7841acb973adef7799af2f804c42Virustotal results 42.37% Heodo