URLhaus Database

You are currently viewing the URLhaus database entry for http://grandautosalon.pl/60428S/biz/Business/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:51932
URL: http://grandautosalon.pl/60428S/biz/Business/
URL Status:Offline
Host: grandautosalon.pl
Date added:2018-09-05 05:55:15 UTC
Last online:2018-09-17 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2018-09-07 11:46:22 UTC to abuse{at}nazwa[dot]pl)
Takedown time:10 days, 0 hours, 53 minutes Bad (down since 2018-09-17 12:40:09 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-09-06SEP #21121SA.docdoc 58159af5dd02c6ad0409c44f2e5857c61f56434a0ad805da154671739375cf8fn/a Heodo
2018-09-06PAY #32164BBN.docdoc 1ad60397502466a4d9d0bcf79f2307464342b926141a3b9ca38d5d2ece216a21n/a Heodo
2018-09-06PAYMENT #22673FZI.docdoc 24a847b07f08838f78137fdf73ad519c4eafaff0bf5641d81139b0e990de9ad4Virustotal results 52.46% Heodo
2018-09-06PAY #4746ETW.docdoc 79f7d8a2f2064ba42b3115b39fb9d52dd1648c4a2e2a01695fa966c6341bf629Virustotal results 48.33% Heodo
2018-09-06PAYROLL #20XCASV.docdoc 2804c63ffaa55702f34618353f0bd35dc092f476e5bbc19d2ce5b92970cb3832n/a Heodo
2018-09-06PAYMENT #902199WXQVVBCU.docdoc c0b8bd18ebe466754287750a2c21807e2f1438c32902df92490a84d71d5b772bn/a Heodo
2018-09-06BIZ #54O.docdoc 1c7ac3f0f213a6628455433131b5673c84746fb55b37036642d381d3333708ben/a Heodo
2018-09-05SEP #781269DIGQR.docdoc 20b9108674f61c9c77765f5c63ae759185eb5af223570f84e4394e7d7e74b620Virustotal results 45.76% Heodo
2018-09-05PAYMENT #98920ZGPL.docdoc 6a7368001187db20be0d83e0e450f06ee3968ab147db4be40241bafbd5f25a93Virustotal results 36.07% Heodo
2018-09-05SWIFT #43BIW.docdoc 76c4ef2bba3eca811278e1f79b953777c61a1ce476cd371cf4192e22bcdacf6cVirustotal results 33.90% Heodo
2018-09-05BIZ #608842YAFQGND.docdoc 66776c5f78965776a6aeb096f578279f78f110b8f91ebd5e72e5a73f4b85686fn/a Heodo
2018-09-05PAY #1D.docdoc 07eae27c15cb7d9daa5ef99d5342885eb519c12f8a7d1079d5975717536ecbebn/a Heodo
2018-09-05SWIFT #17TG.docdoc a995d72bf8549cdaaebdbf455a3a5260e1b0f6483ce553f1c218ab1201b4dc15n/a Heodo
2018-09-05SEP #6449740JVHBSYGV.docdoc 3f6a4518759a1937a8f01b4be9c6ea2213767e4beb208efa5c6e9462e95ca8feVirustotal results 32.79% Heodo
2018-09-05PAYMENT #3259OQHOHF.docdoc 91339375f4e75eb6d1e2cd05f67b13b4eab1312309aa35bca56f3e1f0960c37bVirustotal results 29.51% Heodo
2018-09-05BIZ #44013FTSJBM.docdoc 333b0d1588c9988b6025fc411e5a7540e49bfc3af2c4fc78d3dd4ff51127422bVirustotal results 45.00% Heodo