URLhaus Database

You are currently viewing the URLhaus database entry for http://elgrasstrav.com/yjavw/Scan/aa6kymc9z-2546/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:444835
URL: http://elgrasstrav.com/yjavw/Scan/aa6kymc9z-2546/
URL Status:Offline
Host: elgrasstrav.com
Date added:2020-08-27 00:24:30 UTC
Last online:2020-08-27 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-27 00:26:02 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:16 hours, 2 minutes Good (down since 2020-08-27 16:28:16 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-27invoice.docdoc 9665beb44caa8052a76f4a798884ecf129ba1100691fe28ddb20fa9c36892244Virustotal results 28.81%Heodo
2020-08-270843956554UB.docdoc 8969e1e9e29920ba44157da474d4851706f1f63a58b7cd36a87845beaea2af9aVirustotal results 29.31%Heodo
2020-08-27B6662766796CS.docdoc da824fbeb1aca76e08e78a0e568930de8ef2c71147fcdc20943bf61f59e8a477Virustotal results 29.31%Heodo
2020-08-27invoice.docdoc c48f047235aef5e47fa8fdbe08dc7b9c9bf5625f22e2e5c48bd9cf09dbe31d27Virustotal results 31.58%Heodo
2020-08-27Payment status.docdoc 02db21d12dc0b5d4da95ae253092f640997129f192be9c9bf0ca6132f5cd7e2en/aHeodo
2020-08-27KM0044 invoicing.docdoc 1653613e54e13601c4799c80c854d900b5b794b6f042130935272db8d6d1e2dfn/aHeodo
2020-08-27C0378550968QU.docdoc 0abe748102c354778262121f25bd6d445be4c21e6c3d5ea5f11982bbd8e10ecdVirustotal results 28.33%Heodo
2020-08-27August Invoice.docdoc cbe78f7b605decf53999dc44e92f4b8d9bb13637f7f40d771a04903ad9ec15d4n/aHeodo
2020-08-273942339184BY.docdoc 38aa8eabb4d27eeb9f5150b1d2f27b755f88b11df1a1985794f6677e3c1eb827Virustotal results 28.81%Heodo
2020-08-27Form.docdoc 3655157b27b8b084443564d11a050740b1e72edf7bb35e9b2cc619eb795c52acn/aHeodo
2020-08-27OH-080120 YCZX-082720.docdoc d1ce94995d38fb4478f96585dd2cfa3427899e1d34645aaa4a83f0abd1a25e69n/aHeodo
2020-08-27Inv_573388.docdoc 4875db6cc826948164d8fa9b177fb20066906af4781846eecf82cbe9765a305an/aHeodo
2020-08-27933249.docdoc 1e01a8df8f521e0db311144288882290f51f66435f7ef11584a1d8c4166ec7aen/aHeodo
2020-08-2704317096.docdoc 08531c896c900816e373957872ce7e55db50203fd681019719dca8fc27882b40Virustotal results 28.81%Heodo
2020-08-27CDL-080120 GZFQ-082720.docdoc 982ec1619efb871fbcb238050b05cb55e526b8ea31b8759bde9e20c45ec482b8n/aHeodo
2020-08-27PO# 08272020.docdoc 869da97b04259da0e14dda9364d9575b02fd770b1fe8802f8145372cc503bba7Virustotal results 38.98%Heodo
2020-08-27Invoice #392484749.docdoc b87a064c66cdd9719e97ee49c21b6435c4f769164c1195b5d14cf15b9dc81a19Virustotal results 31.58%Heodo
2020-08-27invoices 293 & 6222.docdoc e45a7277159aac8916096aa45b400cdd23c26f876fb6a1753d95e1119c352259Virustotal results 31.03%Heodo
2020-08-27invoice.docdoc 0cbddd5eeb728ba41f56bd3066629b9ad20536c1373057891cc5ea201d70c2d2Virustotal results 31.58%Heodo
2020-08-27Payment.docdoc a12169bfd5b2999a36e090c627578d1d8c9a00225ae68ec13361f8c61de5cee6Virustotal results 28.57%Heodo
2020-08-27Inv. 042241.docdoc b27e8c6c5a1f2ca799c9e70469734034437ef96227b7c5394ab56dc4d55ca8b8Virustotal results 28.81%Heodo
2020-08-27Payment.docdoc cade1ffeb7c4023e29d6f908dd96b6ef4f6d21c0a78dfb0728a0b358302e7563Virustotal results 28.81%Heodo
2020-08-27Form - Aug 27, 2020.docdoc 55e8bbf2a59f439bf5dc58b7fe2236ab94b9552b4abf1a74ea194498ae32199bn/aHeodo
2020-08-27Inv. 0661571.docdoc 305e0e9a329ac85f97dacf909710fb3ae485af0e09b6ed9022f8a4dc901623e6Virustotal results 28.33%Heodo
2020-08-27Invoice.docdoc 763a511d6b6e45d6386a286c0da9cc275171965046f20bf30ba106f6dedc740fn/aHeodo
2020-08-27Invoice 0000004.docdoc 85872bed0d68998bd9881149af3ca6af9707697c935b4423674469e0a3150485Virustotal results 28.07%Heodo