URLhaus Database

You are currently viewing the URLhaus database entry for https://gta5hx.com/wp-admin/balance/g9xhh6/paay316871530880177562gz0emmvp0s8q1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:538741
URL: https://gta5hx.com/wp-admin/balance/g9xhh6/paay316871530880177562gz0emmvp0s8q1/
URL Status:Offline
Host: gta5hx.com
Date added:2020-09-16 22:36:06 UTC
Last online:2020-09-21 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-16 22:38:17 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:4 days, 8 hours, 49 minutes Bad (down since 2020-09-21 07:27:36 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-18INV_40553463.docdoc e767562438c04ed2d3dee57114d125b4446278c036106d12eb8e7fd9d9a93940Virustotal results 32.76%Heodo
2020-09-1855318960920.docdoc ea676e753bad13801a314d24b69b710dadbe8afbaaf399c1ad2dff18c0d7b3f2Virustotal results 33.90%Heodo
2020-09-18UNP_090120_BHC_091920.docdoc 87172168a864a3749122b035ac2217ff9b8b5a26f2e55a5a0c74c3f2f52f67b8Virustotal results 22.03%Heodo
2020-09-18BAL_QYZE842.docdoc c78cf5346497f3b9c5cb2f0734b631178c25eb818adf58b25aba4c7d6313f442Virustotal results 42.37%Heodo
2020-09-18BAL_4ER5DSN.docdoc 9d18ad242b906738ecf1a87d38dfa1b46320cbed0c62244a23c7585251350efbVirustotal results 44.07%Heodo
2020-09-18E_CTSUC0680DVD1VWI.docdoc c0922c3c055ffde4da5b482105dea26df27c58e1a615ec81afc024d55010f8ebVirustotal results 42.37%Heodo
2020-09-18FILE_73BKKZW5NV.docdoc e3c7337d6899a5aa8ee475f563c6c84af325ac88c2a30a676f56d6182a75b59bVirustotal results 45.61%Heodo
2020-09-18REP_DCDX8WPWPVK.docdoc 38e7fa7dcfa64e6daecea109f43d9c5cc104cf0bc66873449b03ebe6eb6df03aVirustotal results 31.03%Heodo
2020-09-18BAL_08408726.docdoc ba8631c356bab8573b3b7bbac984856e3ae826f3c6503286c2e8396330f263aeVirustotal results 44.83%Heodo
2020-09-18JHIDW8T8550OH.docdoc 4000d1ab30db6a5d94686c02f9a7e6e687231ff9bfd42bf56e3f9f1e8750ede2Virustotal results 43.10%Heodo
2020-09-18WZ3975337055FC.docdoc fe79ed4902c209d55bd37446fc8d4ce7b37f241e85e7d17264051a8cb300fa5eVirustotal results 43.10%Heodo
2020-09-18BOO_090120_JWO_091820.docdoc a41a3280f7e5710c654132cf7c3dc95d3411e4c7ae29028b10a25e5c2798fb9bVirustotal results 42.37%Heodo
2020-09-18FILE_07509627745868134663916.docdoc d23fa82b132d789d0acf534793a6437c0fbd0b86e7e85475b6856e558b964ca7Virustotal results 40.68%Heodo
2020-09-18DOC_298B85UL6Z.docdoc 0799610f529d55ce947bf45710fe0607c9f5bbfab9a4cb346e6af91607c893c3Virustotal results 42.37%Heodo
2020-09-18DOC_BTT_090120_LYB_091820.docdoc 529620cd21b208f373dc72c4efcc0cf9f3ce6bfbb8bd0e44bf371084cc1bb9afVirustotal results 39.66%Heodo
2020-09-18FILE_90914269.docdoc f6dee1b273f9ff061e9c1bcd320d7f98484283f3f6ce1973877bf93231a08562Virustotal results 41.38%Heodo
2020-09-18REP_3508409848413041588599249.docdoc ff8c2c2c02846c0ee09da057b979f945cdc28c04c1c8041ff669861a5c327372Virustotal results 41.38%Heodo
2020-09-18INV_47320727.docdoc 5f669eaa381cbe719de4bf1c0797e827639abba64b165820dc2186f68ab55552Virustotal results 40.68%Heodo
2020-09-18FILE_ZI32W8HLTU5MTF.docdoc 579285f801aa56caaaa76f453da00a891c2d2bbe85a4d34c9c5ca47c5db15981n/aHeodo
2020-09-1866376326.docdoc e85fdc5e599626bcbde0c04176a3e77a8d577bb6b0a97347ca809aa9b4bd109cVirustotal results 40.68%Heodo
2020-09-18ER5862060029MQ.docdoc 8e6917775061726117ba0af2dc4c999bc58202d2841fe93554cbd5241a66c985Virustotal results 38.98%Heodo
2020-09-18INV_35088651.docdoc 8389b0d8b9f07eb8e55e2d7c3d6bad98dc5d0c37eb030652e43b799b0a5ee5b7Virustotal results 36.21%Heodo
2020-09-18G_YQQ_090120_KCB_091820.docdoc a83c9759321f48ee74ffd64e1ea879f1a4e77a5c212c3a604173d38e65291c51Virustotal results 23.73%Heodo
2020-09-18DOC_95837246.docdoc 44d0c90d842430656bb499c996d721b16d4ef131f92e3443c478d37beb0d43f2Virustotal results 23.73%Heodo
2020-09-18BAL_RWQ7YXUNVM9T78.docdoc 15c49ec4dc917425fbbe700b8f340f1d1629be55957693427600488b42eb5156Virustotal results 34.48%Heodo
2020-09-18INV_73264061.docdoc 8e5ac6f2951e0bfdd5e7c036075f4f8706bdf1a1639c43372f38fc91047d0a4cVirustotal results 33.90%Heodo
2020-09-18FILE_7763305841670551356.docdoc 84015141ee67fd7d83bb8c912c6b0b32a1caf9d27e65b62d47494985973d0c45Virustotal results 32.20%Heodo
2020-09-18ZIY_090120_KVI_091820.docdoc adc4c37ef10a1f8cc10c505ac5b3d8e294b31d5892d651c416b601b151f90e74Virustotal results 30.51%Heodo
2020-09-18B_1UNIF8D.docdoc 2d14279414dca849e4148148eaa21237c4c7a73d826fb02538c7bb2083e4fb1aVirustotal results 27.12%Heodo
2020-09-18BAL_LU4787454621OE.docdoc 917291b862e0556f8d98d9dcae320d8b6d9307ee1978e2c8ddf0608cfb87ad85Virustotal results 22.03%Heodo
2020-09-1846439661845185006751.docdoc 8116e0ec558a71b144d6212ee1d386b79b9160668257180f288b1b979b494059n/aHeodo
2020-09-18BAL_LU4862643474BV.docdoc d2a69c58abe4e6aa189d2eb2df014d31d32208d552627e3802565ae231cbc587n/aHeodo
2020-09-18REP_XCE_090120_RSZ_091820.docdoc e2aa96c2ea0b7006d5694ffeb59a7f8e5e10c69a67546cdce25d765398b73a1dVirustotal results 22.41%Heodo
2020-09-18INV_53354958.docdoc 83676faad35894bb04262d898f1279995a52ca4f91f343223e0403b6c915311eVirustotal results 49.15% Heodo
2020-09-18UJ4337414164UB.docdoc fe543bf25849e02f9c6cdbb37ffcf838eddcff1effb9dea466557fabb673bd20Virustotal results 50.00%Heodo
2020-09-18FTR_042637434694894327348.docdoc 7d6af6fb5524fab475918225161ccfa03fd6b0893b5d6aab343555908978e002Virustotal results 49.15%Heodo
2020-09-18W_JCH_090120_GKS_091820.docdoc c3f6547dd6591c06e1f8fd3e1e80e65952431dc7ff71ab6c10684bc06ba7ff3bn/aHeodo
2020-09-18INV_5RXCMRGLSSLRO.docdoc 745b257e46ef158e2288faa30152afd8142646f1d7acec0a0c1e9424bbdab31fn/aHeodo
2020-09-18BAL_47932063535308219592.docdoc 8f5dd0f7d3c0f356a4a2cd39351f11b5be1e32ff16162229fff6548dc8ada245n/aHeodo
2020-09-18L_KK1639329082TT.docdoc efa82129d7abf7ede76e162844581a869016b5bcf76e6dd7443e2caf1f4a73b2n/aHeodo
2020-09-18FILE_BUZ_090120_RNO_091820.docdoc 58061f1266dff582938c173bf8f0d73a71593d7d31e79899973ab5eab0d0596bVirustotal results 50.00%Heodo
2020-09-18PO_09182020EX.docdoc 72a840be472b024fe4cd2e80a56e9a80988be7d4f16fa5df74eed66262615262n/aHeodo
2020-09-18FILE_57808959669.docdoc 6141c4ca354e41f195ad486becc30692e174fa890d504b80a5fde1d32f38ee3cn/aHeodo
2020-09-18JFM_1R1RASCRV.docdoc 58bd7739a1a006ece6b332089b3495f7a5d43baf7f66aa3dfcce0ff1c5e8e098Virustotal results 40.68%Heodo
2020-09-18FILE_SH3L6NM.docdoc 8de1f0bc21df74b36c7d23af7047d1e92050ec37ed0daef2adadb8dee5322488Virustotal results 40.68%Heodo
2020-09-18E_SV0072305412UJ.docdoc 7e96a13f66a51a3a39430169e9c21da4780b9630c7699ffab5ae9b137122dfcbVirustotal results 38.98%Heodo
2020-09-18DOC_02495922.docdoc 88ef0981b06e7ac4b9df459d7c10edc857fcf9c170057b9220ef9ddfd550f06dVirustotal results 43.10%Heodo
2020-09-1857217752864388390069.docdoc bf8ba8f948673c3556726edb8ae210bb81ee962e4c6a15cfd27e3901396960a4n/aHeodo
2020-09-18BAL_0M34T3R0PVQXQY8M.docdoc 07610dc0b3d7c1c61c9b30505f85c5cb407258560a13dd183500c1693dec0dadVirustotal results 38.98%Heodo
2020-09-18FILE_PO_09182020EX.docdoc 57c17b60cd1c361ac69813484b6a4f453aa7cf993c0ec2338665a320341e496bVirustotal results 39.66%Heodo
2020-09-186126316343123281294733849.docdoc bb86997dfeeb53c0434119028526baad7180e7705c9f111b56b3b0e56e37ae60Virustotal results 35.59%Heodo
2020-09-1841778955.docdoc 6e221be1094865f6f92e91e222da06c0cfb67ce691d0bd25afb4b4324bb05714n/aHeodo
2020-09-18INV_0K4VUTR9.docdoc 230fa7a324c31b742bc3e78cd724d571d7a462ba188b8e6dfc9f7060cb24fbc6n/aHeodo
2020-09-18OZ6BHN3I.docdoc 4a6e1fd8e8858273824ae02adbef685cf16079c6baa36e1ff244a6b93db151b8Virustotal results 35.00%Heodo
2020-09-18PMW_090120_SFO_091820.docdoc 6098ea8b508e01b7b777f7e9ae9b62e69f4e95a1bf8342c4d7ad98e5559d70d1Virustotal results 33.90%Heodo
2020-09-18DOC_FSS_090120_LKD_091820.docdoc 2ba5ff25d9be507686f6f7c65f57b571384f713824ea7f83ca31e60eab0fdc42Virustotal results 33.90%Heodo
2020-09-18NZ1149049726HV.docdoc 09c747a3e72d8531c6bc31fb7da3dd71c0112e6bdc7a08c92794adbe46857574Virustotal results 33.90%Heodo
2020-09-17INV_PO_09182020EX.docdoc 074d30932dc73bf17312105a7a4a157bd6cd44f75ce2cd67026282c6bdb3b21bVirustotal results 34.55%Heodo
2020-09-17DOC_31874235.docdoc 07fe17bd8243f8e0fe98a9a39e811d8179edde1dc7b144a55f8bde0662ff8ac2Virustotal results 33.90%Heodo
2020-09-17BAL_SUF_090120_KSX_091820.docdoc b7ddf91ff9e8e25f296efc62a0d79d6077c5ab794410acec14f45d7e96a35d4bVirustotal results 35.00%Heodo
2020-09-17KRO_SB1HTQTB6XE.docdoc 30a0aafbc20b823f768e9269e11b9794bc842a0a27daa52f1b09d0f8e87895b3n/aHeodo
2020-09-17BAL_405804612.docdoc 009081468aa09b402378444010fd772036dbefb92c839179c69cdbcb23133a33n/aHeodo
2020-09-17DOC_VP0465426283XW.docdoc 12d6b38f752ecea5e77fa8c3623f322427bd77fbe3070efe165d432a739f4bd1Virustotal results 33.90%Heodo
2020-09-17DOC_MC93ZF22E60C.docdoc 794d05a964943c6e59eef584b6bd5ee060dec7907a990ec1a0d71260e641c74dVirustotal results 47.46%Heodo
2020-09-17PO_09172020EX.docdoc 0c92438923e00f86c72398ce224b1da5b328f73bd3cc1fd267475a31ca0a8b53Virustotal results 48.28%Heodo
2020-09-17REP_WZK_090120_MYS_091720.docdoc 4158528b357889ce0b983d5f0ffb48cdf92c23296c2f12cf848cee1e46538af4n/aHeodo
2020-09-17Y_2325087535204500728377.docdoc 0b2362700a49af3797e3a32128e561ba70c171de8406a65e5290362ab574c31fVirustotal results 40.00%Heodo
2020-09-1758807902.docdoc 54e22118b677aadbd92103152e9eb98f6a37c701dba7fcc87067d84e124d0ba9Virustotal results 35.00%Heodo
2020-09-17QACL46DWUKM5MA2.docdoc b1c4f3f033c7084b7df61be8340d0190e40a7ed5742d46dccb477e27ee853c96Virustotal results 35.09%Heodo
2020-09-17BAL_JEP_090120_MHO_091720.docdoc 88efabe81db15fabbb8cc9be7263caefef8c4fa0c482c53060ff6c60ea8631d7n/aHeodo
2020-09-17LM_QJ9096237472UZ.docdoc 4988159f7deee6fa12b723aa0158f06c3e3b77034a97827b39e69ffa5c2b8d16Virustotal results 37.29%Heodo
2020-09-17REP_21400364.docdoc fabd2f3729de07ef5f673b245597b0d770876cb520d02fe15d4e9e62c7c7efdeVirustotal results 32.20%Heodo
2020-09-17INV_7650824283.docdoc 33c51d58c2e4bbbfceeedd8f100ddadf9be5354f98a497c5d5a0db849a51562bn/aHeodo
2020-09-1725280030233080414984.docdoc 01212645a670921f26fbdad447c6e1f5f245f58e951a5c781ffdfe2188c41dcaVirustotal results 31.67%Heodo
2020-09-17FILE_PO_09172020EX.docdoc 277d36d58169d00e5fa0e5b01791479d28539652aac4b260f80a8e9fcf7fa2c0n/aHeodo
2020-09-1768613166.docdoc 9af94d901782b57efcfe1221696091455a812897cb8a8707d72bd554841ce526Virustotal results 32.20%Heodo
2020-09-17BAL_05598834.docdoc 7dbf132e16c58a6ffc3e77056da28a5e84a5bab8d4ebc7c1d90057b380d2d5c6n/aHeodo
2020-09-17BAL_NZDZ8WT463SNYO.docdoc bf95f266d40b4617876e2f284b989c5b6b809072925ffcc1f3e8e0aa94310b82n/aHeodo
2020-09-17O_29848536.docdoc a831fbca2d81fbf112e8404702e34d5012199f825fd1db85eee8d58cae245402n/aHeodo
2020-09-17INV_MD3211152805RJ.docdoc e3998db1ed2b104cf11b261e6edfb0149fb053276f1e0d43b619466b5feac4bfVirustotal results 36.21%Heodo
2020-09-17L_DKY_090120_ZOH_091720.docdoc 3f70f108975c931a23d9f23fcbfe728d93f6f0b096014280234067b0c54d44bdn/aHeodo
2020-09-17U_72197998.docdoc 208e89fb766998ab21cbde91b170f04f5833e9d0d69257b3654828d00dc79933Virustotal results 35.59%Heodo
2020-09-17INV_AXI_090120_PIB_091720.docdoc 5331ea5ad449f1402737c6cfe0f9249a582b986ec49743db376e79c59e59ecbbVirustotal results 35.59%Heodo
2020-09-17L_327418322653434.docdoc 9d101c9ae5aad02aab0e581cf566b9cf7e1f0e39db512e79045e651ee42ab9a6Virustotal results 30.51%Heodo
2020-09-17EG6546261330OP.docdoc 79d28b1f906f26beea84fa259a3953fa6fedf70176ec6a5bcd77e724f4d326abVirustotal results 37.29%Heodo
2020-09-17BAL_42DGYWTAEH250I.docdoc e943c361eeea788f3fbad581f7d9317d305cd0cb8b17c745b04479b16c52f735Virustotal results 30.51%Heodo
2020-09-17FILE_2PX5MNTKG1.docdoc 659c4699e6a320caff348ac1cde249623855464851d5700d1792e5c583bf9b7bVirustotal results 30.51%Heodo
2020-09-17X_YS4236073776PS.docdoc fd0f987936c01acfb91bb84e9e9c3e6f425f55d07887f14ee595ec418d252849n/aHeodo
2020-09-17REP_HSSJ87BD6G7R9.docdoc e64cd0cc87e91f49c5f464ba9d431f7c1aee4d72efec763b2dc96e32d698ebaen/aHeodo
2020-09-17OUFHQD7EB.docdoc aee3fb0f9a09817e17c7844a0ed7f8c34fbd6c30a83fa529ebe838670c0c4a21n/aHeodo
2020-09-17FILE_18183836337576087694475.docdoc c3474c39b7b924e42872d74244d0854423f1a19a0bc7bf53337994e269cad134Virustotal results 41.38%Heodo
2020-09-17HMF_ZD5975244044TQ.docdoc 9a88ee70e3fe3b917d0907d5061182917ad1a2fce66ea4cea78b8a9e870be220Virustotal results 38.98%Heodo
2020-09-17O_FP1743646261TQ.docdoc 093ca9b873eac37c451077497250eda40c15ef31aefd41593a79f206a45ff6b2n/aHeodo
2020-09-17806463552773633523902.docdoc d15ec5002184364b882e5c3dc5c4fad1d083eeac52de352b2d263205c92e3165Virustotal results 41.82%Heodo
2020-09-17BAL_43167904619004797636857.docdoc 9c68396b3fa012c514cfdcff37a8d8abfa59cbbb9ced4911f1133453bf1d7c5dVirustotal results 30.51%Heodo
2020-09-17N_56655496.docdoc 8e99f89167350bf2a136c964cc8a1321455466a47090ff97ea49603c3290e95dVirustotal results 36.67%Heodo
2020-09-17L_QT6081UF4KW4KU.docdoc dd23280d910c4837432dc4777c8745528ecfa70dd49e3fe22fcd4314a7d1e229Virustotal results 37.93%Heodo
2020-09-176UWRDQM.docdoc 6758d3603f3eab05e72d8c9e6f7714f93f572ca89397a5018c8104d0c6099810Virustotal results 28.81%Heodo
2020-09-17REP_BI2117499246HF.docdoc a2d7a015bbf13ab37b0062c97dce2a11c02f0657166b6fb813780017ba5de723Virustotal results 35.59%Heodo
2020-09-17RN4343811853OE.docdoc be4589b5f647c7b97fdc399757c263c8fbe549218e25eea82148ad48f7fa5017Virustotal results 30.51%Heodo
2020-09-1715285799380443452.docdoc b1e7a7277e944331a98e7ae6a5910af8b595bf329d5da053469800cdf447f2c8Virustotal results 30.36%Heodo
2020-09-17DOC_PO_09172020EX.docdoc ca5204766a181d5961896a0f4c506ed00718fad078c3a951d9343e52ad7f16d4Virustotal results 28.07%Heodo
2020-09-17INV_0296129179237.docdoc f8be1cb32fdc9776f4b599f4b99eb0315d3fccebbdc850498b96f6a65fe9e02cVirustotal results 27.12%Heodo
2020-09-17REP_SP4158695500PJ.docdoc 528a62bc2a5bb42529a57abc0367b0a612ebe84f846906aa5a6737e759d6ae84Virustotal results 25.42%Heodo
2020-09-17P_RNN_090120_QRM_091720.docdoc 4fc07945a17ff1e3422b0c95992fa2750006aeb21b1e886f0c2876d4ef69a14bVirustotal results 25.42%Heodo
2020-09-17INV_PO_09172020EX.docdoc 85ecc831aac84128028e315d8229777d99b91e6adba5a437b18e0f2a3c34e76eVirustotal results 25.86%Heodo
2020-09-17REP_45851575.docdoc d30169f108ec72fbaf16bb8726e798602988e1c42a7b3020b0ef0ad0572f9625Virustotal results 25.42%Heodo
2020-09-17DOC_58916939087.docdoc 6d27f5af653565630751a1ab0faa64d0c28949cfdceef04b4c543a0b4a7666f3Virustotal results 25.86%Heodo
2020-09-16BAL_1169049568093.docdoc 1ecaceaeb20649c823b3a63accf639925ba8e4c350b2509496c04dbd622d5d4eVirustotal results 25.86% Heodo
2020-09-16PD9309449216HD.docdoc b2bfefad5d4d6a3dff230f61a9c4b055d5ae4b37b8fecca5550317c89f615504Virustotal results 25.42%Heodo
2020-09-16INV_63082803.docdoc b88f5009f8b75ec0a35f549fa777d05a819b0ca478eedb65a7b0a9fd01d51e30Virustotal results 25.86% Heodo
2020-09-16L6RGF4CWCY371P1.docdoc 73158e3c574c5cfbe98520ebb3b8c4270609205751d997b87414e5a43980f960Virustotal results 25.86%Heodo
2020-09-16229723574201937935.docdoc a9c8d3bb56d6abf69a804578bde7b85ae2717ff03d86c79d9f96d313d82552b5Virustotal results 28.07%Heodo