URLhaus Database

You are currently viewing the URLhaus database entry for http://charleswitt.com/5ZPZ/PAYROLL/Smallbusiness which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:58002
URL: http://charleswitt.com/5ZPZ/PAYROLL/Smallbusiness
URL Status:Offline
Host: charleswitt.com
Date added:2018-09-19 14:26:14 UTC
Last online:2018-09-22 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: unixronin
Abuse complaint sent (?): Yes (2018-09-19 14:28:05 UTC to abuse{at}godaddy[dot]com)
Takedown time:2 days, 10 hours, 25 minutes Poor (down since 2018-09-22 00:54:01 UTC)
Tags:doc emotet link heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-09-21PAYROLL #31788NW.docdoc c44e3ae574907ef030f286dec116c4a52f95aab974c38d4a16c79b5d320f79e9Virustotal results 33.33% Heodo
2018-09-21BIZ #794790KFVWRJ.docdoc 9d5ba15522a4f17c8df39b2e70812773de4d308deb201bdd951e4df8fb24cf37n/a Heodo
2018-09-21SEP #5HRBAMPL.docdoc 7e7eb5fbfa21524784a4c5756fa5cf19091ebf441651ea2d02211f569d602a60n/a Heodo
2018-09-21PAYROLL #82102HL.docdoc 78e297673aec3eaa604d2a45bf6051329fe36729d396c540972e48f5d0741cb2Virustotal results 45.90% Heodo
2018-09-21PAYMENT #33040QVH.docdoc 73f76e2b6d39d5ab23e037c3da0595b5c2ed84f6d9c25e9300337bf1d8b414a9Virustotal results 45.00% Heodo
2018-09-21SEP #40OUDV.docdoc 6a012255c1a3666d477b07b37a1fb336a0fceae6563aabfe14c98286cdf5ba79n/a Heodo
2018-09-21BIZ #1372MW.docdoc f47b9955822ab0fd5edc20f4c0f704e0733f9acb3320902fac1a54318b9a9491n/a Heodo
2018-09-20PAYROLL #704KXICTFY.docdoc 7e1fefdd9299e9daf7586d3a99b0c790ad87caad53185e8d9e84cac98cf62dadn/a Heodo
2018-09-20PAY #3RVH.docdoc ba14418a9d5912760225d7ee8fa2875162f8916416f56089cd4ae150f513cec8Virustotal results 35.00% Heodo
2018-09-20PAY #34UGMWTIH.docdoc 3c3b3c352e29bcc4015337a0ee9bc8c1a5764cff0a091903b90e67942bd9a729n/a Heodo
2018-09-20PAY #8K.docdoc b6a7cd6d6801825b8b36a6e768a97a888f8dc9ef3c23e2ccb5128611ca726cf4Virustotal results 22.95% Heodo
2018-09-20PAYROLL #319391QGAPQJVK.docdoc 314c9bc530dc083a8a77df994034c5fbe04a2bcb76f8230099d85747c0974460Virustotal results 24.59% Heodo
2018-09-20PAY #7OCEQH.docdoc 2ad23d6da9c275c61ba7c2491717cf3959888aca270382936a6b7381ffdbd226n/a Heodo
2018-09-20SWIFT #3213500HPX.docdoc 97c4f7a023bf61ca96d3de53931c0fad28ca2197740999e930c8d702a346ffb7Virustotal results 22.95% Heodo
2018-09-20PAY #8001DERI.docdoc 9b58e48bc55057f200d72f6f6646097a4e1285bdea85073c3e0313bd953ee13dn/a Heodo
2018-09-20SWIFT #2546WTZY.docdoc 0b62c13a5558d201266446b870d97eb458a82eab17d69a3d566a6e5abb158c6aVirustotal results 21.67% Heodo
2018-09-20PAYMENT #0512288V.docdoc d552c3d6d09b59612f7df41b8ad3159bba4db849c45312c16b665299eae0cfdfVirustotal results 22.95% Heodo
2018-09-20PAYMENT #22186TH.docdoc 8d788b54c04d9a744a3485bb4122e24fdf1a13405b024f83de4476c34a98c32eVirustotal results 33.33% Heodo
2018-09-20PAY #16303OYOZDTU.docdoc 5617554e023186f8bfca69c88f05c24d4f9d04c167e9af80fa949b8fd92ec230Virustotal results 36.67% Heodo
2018-09-19SWIFT #0WKGNAR.docdoc e0d9ef102be3ddd026850e0cc851c7011094cb9a4a8c82465d42faabd01e78d5Virustotal results 32.79% Heodo
2018-09-19BIZ #2318462DWSUQH.docdoc 24e2f9aca6e928288e8c4ecc4c21721636856b2e7dc4383b0aa9821f4c6b2241n/a Heodo
2018-09-19SWIFT #65856AIMQQEFK.docdoc c3ea632442bc66a4837661c0569979a7d4b21931ae1e4e89b499bd5f2ac6707bVirustotal results 26.67% Heodo
2018-09-19BIZ #8584VMMABIN.docdoc 1c10f43263c37c1a941c4016e86f601ac06fed3dff513400c14bef2394340581n/a Heodo
2018-09-19PAY #153CPSCYGMI.docdoc 15e13c4a2908057e0e08c55e5930da008bf3d4702dc61112a10983ed86409578Virustotal results 26.23% Heodo
2018-09-19PAYROLL #8V.docdoc ab9262b9b368c7779994d6c2f9945e10ced02b4a92d50f60c2384e5074bccac1Virustotal results 22.03% Heodo