URLhaus Database

You are currently viewing the URLhaus database entry for http://scotthagar.com/2U/WIRE/Business/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:44911
URL:http://scotthagar.com/2U/WIRE/Business/
URL Status:Offline
Host:scotthagar.com
Date added:2018-08-21 04:44:13 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?):No
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-22PAYMENT #9239XLJGI.docdoc93f71add31ed5a4f14981f656c1b8709fb327996fd571fe996dad19449062010Virustotal results 26 / 58 (44.83)Heodo
2018-08-22SEP #6MSYGV.docdoc52168096b9963f97883d921ad6af207b2a4cb9a41c45ede5ab22c4349e22033fVirustotal results 23 / 60 (38.33)Heodo
2018-08-22BIZ #5658110GHKHTSZ.docdoc78f489ff158b9383ff9452fb42f0e318c8dc04c1dd93e3c4f4ee69eeca4e0919Virustotal results 18 / 60 (30.00)Heodo
2018-08-22BIZ #014STAHZXBO.docdocdd30d3e41cff562ad1563463a1c4a93236ad62d4b8f8b202bde0bb302c3733f7Virustotal results 18 / 58 (31.03)Heodo
2018-08-22SEP #4EEM.docdoc0638d486f8d4500ed45f4c2cd88af82bd78eff627562d69110ec3a2acdd9b603Virustotal results 16 / 60 (26.67)Heodo
2018-08-21PAY #9887521QRNKJKKM.docdoc6d7e29aa12387777da230a4d4b9958c480f40011c686b79df18f6424e1b53ab1Virustotal results 15 / 60 (25.00)Heodo
2018-08-21SWIFT #0732XAXPB.docdoc13a721df4fb77480adf10f9a3517639329cef20b148d3cacec5413d5581fce80Virustotal results 15 / 60 (25.00)Heodo
2018-08-21BIZ #46QZTXZOWZ.docdoc040383f170e9500a9bfbe6d3965c0aec1c7df837ea90d81c4a9ecfd9bb960d31Virustotal results 11 / 51 (21.57)Heodo
2018-08-21BIZ #5027SYRFNQ.docdocc597b2990eb78b28d32170e592bdb3cc6791a8f2c8e53a72bee21c63d020d304Virustotal results 16 / 60 (26.67)Heodo
2018-08-21PAY #65KDBZAVR.docdoc183334930d4aefe32cc2b934254af4a98433b105ff7976bb97097b6b153fa878Virustotal results 15 / 60 (25.00)Heodo
2018-08-21SWIFT #85204YQRQTK.docdoce1694b78f79447de4333f0946a7f60e593a6ae32ba6d25dbb484f2aee48a7a31n/aHeodo
2018-08-21PAYROLL #1CDEM.docdoc2333304ec374507c70bdbd996ca8d941cee93e115a98cb745baabaa52271fbf3Virustotal results 13 / 58 (22.41)Heodo
2018-08-21BIZ #124CJPNAJ.docdocc6b5113c1f0a3e7d384c9bd6965ca6031402370066ed6cda277c88ab6d2b8ad7Virustotal results 13 / 58 (22.41)Heodo
2018-08-21SWIFT #4FV.docdoc351b5d7f01f09d5726fa50d3164965cd95a3a651b0028939ba92588c8b7aae2dVirustotal results 19 / 60 (31.67)Heodo
2018-08-21SWIFT #8IY.docdoc50abceb0847ffb5915421d68b4530c75caad14987ee88b9daa2b15ac87f01215Virustotal results 11 / 48 (22.92)Heodo
2018-08-21PAY #94123YSYO.docdoc6b38d7526296b8e32a1326af70b8241c2a5d7f844f95fb61a0e8320de1b946d6Virustotal results 16 / 60 (26.67)Heodo
2018-08-21SWIFT #9284YWHO.docdoc70cd8b8c9df2a3919e6275f982bb8065fa61ea6e57d2352ef5b957b799eccd41n/aHeodo