URLhaus Database

You are currently viewing the URLhaus database entry for http://elrofanfoods.com/buvlj/Pages/3fOLEq1IPSQfxkeE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:583378
URL: http://elrofanfoods.com/buvlj/Pages/3fOLEq1IPSQfxkeE/
URL Status:Offline
Host: elrofanfoods.com
Date added:2020-09-21 06:52:06 UTC
Last online:2020-10-01 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 06:54:04 UTC to DCAbuse{at}zayo[dot]com)
Takedown time:10 days, 0 hours, 36 minutes Bad (down since 2020-10-01 07:30:52 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-23arc-20200923-22299.docdoc b569a229941b7c815c828e1d70d8a88ba59b924c29d1c9e744058bda1e9e32feVirustotal results 29.51%Heodo
2020-09-23FILE 20200923 830791.docdoc ead5e12d378c9099bd007886c313ffb492b6d6579557cc4cc9288566b7739663n/aHeodo
2020-09-23rep 2020_09_23 AFO77986.docdoc 2476d30165bd880c46ae9c11a0a7dd1c90560cc39805f1255fe7c888fffb5f72n/aHeodo
2020-09-23arc_2020_09_23_JHU02045.docdoc 94a81d329bb24822021c39261484f9010d84154b9f9f9d25506cd221381e55ffVirustotal results 29.03%Heodo
2020-09-23DAT 2020_09_23 NYD500868.docdoc 9e4c0d210568ac46fbe5e7a4bd8218589c9388f06859b43fd62a53e9c0a949a5Virustotal results 30.00%Heodo
2020-09-23mes-20200923-QNC50350.docdoc a1b5ef92ceaa6be33f3950c95ae60066fd936f9757ed3213b26f31ad04659cf4n/aHeodo
2020-09-23Attachments-PQK4951.docdoc 692bbf3c78f0c8af1c57acea7c9910b8138ef4e85822096176a8bbd7603623faVirustotal results 30.00%Heodo
2020-09-2331260293.docdoc ca4c7b4c1ea9e7145ff335a29663652adfbb0ebb877a560a33b1d60ae678da95Virustotal results 29.51%Heodo
2020-09-23dat DEQ329132.docdoc 19007990cceb293efa1bf61cf62dd31057364eba47275f3aab7c809afaf43902n/aHeodo
2020-09-23ARC-20200923-CDD783316.docdoc e19129943efa60ddb3f0aa12601072b70ef28b8fdf1bc1b8f76fcf5f595070acVirustotal results 29.03%Heodo
2020-09-23LIST E497553.docdoc 65ebc1ad2a54ec407a01df18bb15cecf0bad6cbc0ecb1f1af2407f3e69c709deVirustotal results 29.03%Heodo
2020-09-23MES 2020_09_23 ZKI3367.docdoc 9c67d232abc4ea64aac36180f8259c7a5a52ae4ccf35ac7d5b9e6f350f5ee00bVirustotal results 29.03%Heodo
2020-09-23rep GW05599.docdoc d03d4795373da32664a311273c0132ee17ffc655feb3849ba4a46450e7aef536Virustotal results 29.51%Heodo
2020-09-23REP_2020_09_23_1872612.docdoc 307171fcb05392d270829ae4280316153d7e525cacfed182dd111eb697dc2e02Virustotal results 27.42%Heodo
2020-09-23Rep-2020_09_23-FM71467.docdoc b6f00133a52da6464eed7e2893e970887b80718514a3fadab1f4653ce636aec2n/aHeodo
2020-09-23ARC.docdoc f2de99ef933f7cf018ba9947803a5f5c5a9cb72ea0971ee3a565468c10a8783dVirustotal results 27.87%Heodo
2020-09-23560_2020_09_23_147090.docdoc e213173e3eda08277bd3f8276a466a8eb67f19823c6fb95aa45a06fd29fcd646Virustotal results 27.87%Heodo
2020-09-23INF DVQ744.docdoc 5f81d77b9f520598ee93cdda1bbea38982756b2457fbdea877739ce5dacb294bVirustotal results 27.87%Heodo
2020-09-23inf 20200923 QI370.docdoc 3d1707b3867ae69cbfe18261cef10deb79add9d180448d455e6736499be9c3c6Virustotal results 27.42%Heodo
2020-09-23Mes 20200923 F676181.docdoc 73b2c723dfaf202622c57e8b9bc4504b45f7617e3f644e4097c9489a459ee85cVirustotal results 27.87%Heodo
2020-09-22Dat-20200923-EHU926628.docdoc a132f8367518b36376bd03160587713674ff98805021fed3d6e3ff58c045a97dVirustotal results 26.23%Heodo
2020-09-22Attachment 2020_09_23 HAK080670.docdoc fd1ef6fddda727d647cf7f3401b4727b7083d186f38b0f319810999f91c86781n/aHeodo
2020-09-22LIST-20200923-088.docdoc 9895cbda416306bb0fea5069cc2c9525a714f63de4260492ec34e1d5697ae24bVirustotal results 32.26%Heodo
2020-09-22arc-20200923-ADS649756.docdoc 1d6604773dcc06efdd5664f01c0a515be47465bf1638f5b9dbed05debcca83b5Virustotal results 29.51%Heodo
2020-09-22237 2020_09_23 558.docdoc 35c3efd57aa305a23f2a600bda311b44d230966967b288973e07fb5820edea53Virustotal results 32.79%Heodo
2020-09-22Attachment AQF446519.docdoc 9239a6b5f8db1ff1643aec4cf3bf3bb20d07753ffe2b686b091154ba96d97c42Virustotal results 29.03%Heodo
2020-09-22rep 2020_09_22.docdoc 0e33489760ef3718d82c94dfe4827be3bbe89593da14b7a7912b7345f3e7e56eVirustotal results 29.03%Heodo
2020-09-22384ZP-173390.docdoc 3d797365a4fc8e4c190e44b52e766b13240809683b910a1760721a4d0438c89cVirustotal results 29.03%Heodo
2020-09-22arc JRG1972.docdoc 5118e3bd72677f8cda269a8e2c50571beffb5dc3f7dbfb1b05cd1e44a904a214Virustotal results 29.03%Heodo
2020-09-22FILE 2020_09_22 6329690.docdoc 3c8a083cba6f42eeca7d197da85d0ab24ee5e9e03de7d32eb976903c4bf4a604Virustotal results 27.87%Heodo
2020-09-22Rep-20200922-872.docdoc cdb3771d7860923f6b6e21189718418e65cd17c76577834a2f7f49768778b988Virustotal results 29.63%Heodo
2020-09-22ARC 2020_09_22 0615.docdoc 1ddec7617d6087292e3d51b1fe1079a93c28e9546171d2bbd2fa6f049fe2a089Virustotal results 27.87%Heodo
2020-09-22Doc_2020_09_22_OE90915.docdoc 036fc7aec9f1ba2427a7f7afcea4e5189f088cd4aa047635302afb4f9770eccfVirustotal results 46.77%Heodo
2020-09-22mes 2020_09_22 EV739.docdoc 2e1c1dea9d426db5d8d2cdd7623754fa8837050b078684105b248c72da8c1db0Virustotal results 47.54%Heodo
2020-09-22Attachments_2020_09_22_6378281.docdoc bc5691f0d4d9c0fc260effd42b99bf104b3249363fe4d023330189d735c822d6n/aHeodo
2020-09-22MES-EHS00408.docdoc 522c2dc1ddd02fb8e3718418be524df238dda9e30b52aae22abd417881f1f359n/aHeodo
2020-09-22LIST_20200922.docdoc c4699bc83e2c480aa53af341f4b67b5dfb27cb5d28fb09a7619b55689b686ae3Virustotal results 45.90%Heodo
2020-09-22dat-7647.docdoc 2c9c3cbda0aa694b7f8075132ef84de6c06632e7959d6356634acb932ef4d9b4Virustotal results 45.16%Heodo
2020-09-22Attachment 0086785.docdoc 20d625ae5179f625d06251b7a7376c0cd854ce2b4baac861b9a49f4f38a60db0Virustotal results 45.16%Heodo
2020-09-227799P 20200922 HQ199639.docdoc c1c92bedb7ab236606325e2680d86feb9de89fa39b2772cf7be9320e538c9f44Virustotal results 40.98%Heodo
2020-09-22arc_N842134.docdoc 7e8e6f96a8fd426982b68e50bdb93848fc650bdc4c963ab37b6095ca64c069f1Virustotal results 40.32%Heodo
2020-09-22dat DVY2631.docdoc 0e3e2b366fd6d1d8225f1df04d4a0ad7fe396753f20fae73f04b3cd497cd85a4Virustotal results 37.70%Heodo
2020-09-221822265-2020_09_22-50980.docdoc 77a0d0a93ccc0cc6e9587461ea558ef1df07d06ee84dac11c143cd040eef35e4n/aHeodo
2020-09-22doc MN12337.docdoc abdd1ac85459873879997482fe416aed9e065d97999a52f679df62c5ba9bfe18Virustotal results 31.15%Heodo
2020-09-22DAT_2020_09_22_VFM645116.docdoc 04a59fd27c9e7a341ef783391b5b5f9402eff1857b83838fb0a7e1b6cd013bcan/aHeodo
2020-09-22dat-20200922-BM006082.docdoc 869d585ea34405afd2c82aa0d5ac39d4328b70429259c4358c2bcb81fe5f0b96Virustotal results 28.33%Heodo
2020-09-22file.docdoc 5344be658852c833ffec8b4a702e5812fd57b6ff418673739a3407502b042609Virustotal results 29.03%Heodo
2020-09-22Attachments_8882.docdoc e49ab14a710ee79669150ef0262da55ee7b9743cdd86b1628fcfbace69b5c660Virustotal results 25.00%Heodo
2020-09-22Rep 20200922 SI160.docdoc 3338fd9bf25dd7170eb3cc7b1cc01e81ddae048274f38721abbd3c2454fcb692Virustotal results 24.19%Heodo
2020-09-22List_13471.docdoc edb38f20a57df9726e7a8a2f78f122e7a968a390fa006a996d93e06a040df87bVirustotal results 24.59%Heodo
2020-09-22Arc-20200922.docdoc ed676d1984afe2994468897be4d014ecdf1337f54785f3f15326015fce700a7bVirustotal results 24.59%Heodo
2020-09-22112-20200922-VVP765318.docdoc 6760d066605029f558043d5429b3167f223dbbaeecdee1fb052f43d12b332e89Virustotal results 24.14%Heodo
2020-09-22arc-2020_09_22-R17021.docdoc 76c0630543f301f3fe63e8ca4ddef6171019fe2bc21d3c891bceb80774bb4cafVirustotal results 25.42%Heodo
2020-09-22Dat 7460.docdoc 4cfc968cd768f17951b0927ce37e5713686b0a8f2b112c3883ae23f8d190d781Virustotal results 23.73%Heodo
2020-09-22list-SSB48658.docdoc 375c4e3cf766dc198afe53ba37087c8a6a243b2dab3f11e2e41ca319cec937e2Virustotal results 24.59%Heodo
2020-09-22rep 20200922 W7420.docdoc 24fb3a400cbffd676e670dd545cbe366d0ab60f8ba893dc9a384aeac8d02d7d6Virustotal results 50.00%Heodo
2020-09-22Rep-926029.docdoc 0dfaf8162f2566ecc1bf5422761fb45983685e302f75ff87f87b0b3568422ba9n/aHeodo
2020-09-22Rep_2020_09_22_N97704.docdoc c1c64fe054f9be96a2d05c6e7957db0b63d92542154af8a46ac60bb7d5d5d622n/aHeodo
2020-09-22file-2020_09_22-2775.docdoc 5744548adb59f24037bb5500e559b80bc6917502f107b28a16b38ab4e6abfb71Virustotal results 48.33%Heodo
2020-09-22INF_Y67044.docdoc 0d70d473dd82d66be63e961914b3fccdaac41677e69ee91706bb0be406144501Virustotal results 45.90%Heodo
2020-09-221130LB-20200922-292.docdoc e814569fb5be9f59f403da76ba7fa54d69f871a3fd93337a489fe6238df01276Virustotal results 44.83%Heodo
2020-09-22DAT-1378.docdoc a8193929a853df30fe24b8fab4982b0b2e0e980da1dd67074bb26ecc0c8e2ecaVirustotal results 44.07%Heodo
2020-09-22UNTITLED_2020_09_22_32499.docdoc b3bc13c79571b2cf77ab2ad7a593e512bbaf1bf61f0ac3eacb10e78e840cb9fcVirustotal results 40.98%Heodo
2020-09-22rep_ED7013.docdoc b1b89eb23fc161742f78b19b454b7d0a3b657572a55212755323ccb39886d9e3n/aHeodo
2020-09-22REP 20200922.docdoc 050f8c672a68de19be1fc1f6137e6a572d8abc551e67d2477a567dd5f94d4e5aVirustotal results 33.33%Heodo
2020-09-22rep_20200922_9292.docdoc d05527f19cbcca0953e287b0b76194570b3c3e64eaff273f6428446e1a4379dcn/aHeodo
2020-09-22ARC 2020_09_22 AEJ4667.docdoc 264bebcec7d291b85da0a2b0a2bc5fa300b07c9612b461f7ad9f2d55dd4389b0n/aHeodo
2020-09-22Arc_K96703.docdoc 3cb78e2ab36c72f8292da6808ae005ee3aa17c694c35a65fea4a89d0f972d121Virustotal results 32.20%Heodo
2020-09-22arc_2020_09_22_148166.docdoc 3d79182bae912b50a6834604a96ac90b10ca5e1ce72ea2355fc0e9e3b38995feVirustotal results 31.67%Heodo
2020-09-22Untitled Y4223.docdoc d54e7732d4686780c94f902037c5855a15032d82fb5236e42e072640e767a034Virustotal results 32.20%Heodo
2020-09-22MES_ME558.docdoc 08eddac7838ced651892ee94e145a639d010807c45f3bd00e9752dbc1590add9n/aHeodo
2020-09-22Doc 20200922.docdoc 8a2890bb71a8c5efcd1478ee7b30ed6d9c942d68f9a2b98bcbce5ebeef693071Virustotal results 31.67%Heodo
2020-09-22LIST MN853.docdoc cdf5919973d03aa5d92173567d3c3e48098f193247a8c61802af9c5bb0c10852Virustotal results 31.67%Heodo
2020-09-22Arc 2020_09_22 8010146.docdoc 071213621eabf1fc4875132e9bade6ab8f1b8311427be3fc1fa626449a7db799n/aHeodo
2020-09-21Rep_20200922_GD4693.docdoc 47fc0c61caa3805d7cb0fcc8a8466dbf5cd3f4df9456bfea6583b9ac2d83c0aeVirustotal results 30.00%Heodo
2020-09-21List-20200922-O6548.docdoc 9d856a82f0899be05fb4c7d81837230640ebef104a02ed0e95bf00f88409ad73Virustotal results 30.00%Heodo
2020-09-21Untitled_20200922_I88440.docdoc 752cfdd4b5bd5525a1b48d12b73710003b76530b232e19a33add7a21712daa98n/a Heodo
2020-09-21DAT 2020_09_22 R24614.docdoc 9cc2df8a0a216ecc363a023aeddecd9f5c70754d904ecc0f4688fb28a93eac2en/aHeodo
2020-09-21FILE 20200922 PO3887.docdoc d8b224a047fd3ca45fae0020990a47569ab733c47e03e1fa92628460dbb439dan/a Heodo
2020-09-21Mes_FV536.docdoc 6aaab241dd8288bd9525b1a50b7a9bd3573f1b5574ab80fbac7aeb6813e553ebn/a Heodo
2020-09-21PDF1999 2020_09_22 W5387.docdoc b780fd500d7fb2592181acab87281172189878f82ed6ea34f97fad5614203e9en/aHeodo
2020-09-21DAT_2020_09_22_ZI777.docdoc 9c45d673d87c9821c5a3f9801e5c0db6a1b24d57541186e603a80580f63e4276Virustotal results 26.67% Heodo
2020-09-21rep 20200921 2466.docdoc ee0c171a228697ac111f2fea82463d7b64680e80f9c7ebce77deb08b6aa5bf2en/aHeodo
2020-09-21list_EPI72692.docdoc f6809265a7460ab3d0e927c5fb9399a263172140778b4cc34f6698d9521b3b43Virustotal results 27.87%Heodo
2020-09-21Arc 2020_09_21.docdoc e64bcab1a1f2160f9a78d618a0bea25b228470c38a589b537149a8abbc4401f7Virustotal results 27.87% Heodo
2020-09-21doc_20200921.docdoc 65836f35189720691f30ed8f88638a91183cfbf994e08500b8ec1e1c39d54f00Virustotal results 26.67%Heodo
2020-09-21Mes.docdoc afd45922c3589ecc0dd6a70924ddb82a913798343dd9d425a83b655e94517da7n/aHeodo
2020-09-2152465390_20200921_E006.docdoc ce17c43a0cf8dbf2a3db7e70dff4273c7330dd42cf83c3145453eb94bb51974bVirustotal results 26.67%Heodo
2020-09-21arc 905648.docdoc d8e606128ea6abf4af62e98e8f0de8e37080dc6aec867ab0a5d2d4a8ad68ebb5Virustotal results 26.67% Heodo
2020-09-21dat-AYM4786.docdoc 8ca7ddee7d095c888f41356838aace04486d06a5b20a15fa6105416f3c73c9f1n/a Heodo
2020-09-21DAT-20200921-XL1560.docdoc fada4708605505ec08d2045110877e6a7cd8fb2037b0d9bc3c32c5607a23c21aVirustotal results 28.33%Heodo
2020-09-21MES_35003.docdoc 0adca8f3f5265407428b7bada83845928992378c6adcfaa2126c4b04f40ea987Virustotal results 28.81%Heodo
2020-09-21dat-2020_09_21.docdoc 25a45e935d58087ef1e9dbc5ccddfcf223d44a45aec64f99670a5ba62cf8ec73Virustotal results 27.12%Heodo
2020-09-21list_2020_09_21_NU404.docdoc 80a8b5600bf204df850aadf7d4e7833263ef3c4771208d62fcb53e662007b5d3n/aHeodo
2020-09-21File 20200921 T0631.docdoc d54c82bc2188424a79d137dc8dc9cd7764a0e62e8af9ba7a37fec7058efc20eaVirustotal results 23.73%Heodo
2020-09-21FILE-2020_09_21.docdoc f2e681ee5b79805f8cf54b83b821ad59c1c4b7daa53deeac54ac5ac3ee7a6421Virustotal results 23.73%Heodo
2020-09-21LIST-20200921-ZS4769.docdoc d6b49fd8cd1ae8ef8187df86ab91bb6b2b0c19b4025834915102eb597a04e0c8Virustotal results 25.00%Heodo
2020-09-21UAU24554_9586.docdoc 1c207d713f338bdd9388fcbf5a62faf0bf73c0b4a555c1734b63d521952fcef6Virustotal results 25.86%Heodo
2020-09-21MES_20200921_DBS8039.docdoc be9ecab012cc1458f1122eb7bea407629129263e22b0606c4c68046b82f55edeVirustotal results 23.33%Heodo
2020-09-21rep 20200921 7716767.docdoc 42f29aa41b1f7d9de698db6b2a4512a76e4c54af72ab7ce26542fc3666438084n/a Heodo
2020-09-21dat-SWC1583.docdoc 0f3dcf665c7ea9ad31fbcaa324e8f714b5611ca2d55c539279fe724acbf61cfdVirustotal results 23.73%Heodo
2020-09-21UNTITLED.docdoc c3f490b02f7c353e9e3482fe9ab964aaade540105541a0bad12f0451c25d4866n/aHeodo
2020-09-21mes_2020_09_21_OJX641.docdoc 78087064fd94215cc6a0700120c55c2ec63db11fd810dd5e175bca51ab8975b0n/aHeodo
2020-09-21EK9535_20200921_FBJ01448.docdoc 603a954c14863f0d507744dc12a79e66e12df3a802cfb33e3cf52e5d4965c68bn/aHeodo
2020-09-2113536737 991927.docdoc f7702d1f529ffaf4f63ff3e1f187bf299215f423fc8fdba43e49f337ce1025f1n/a Heodo
2020-09-21list 2020_09_21 2340335.docdoc 155fc45f0849e7a83587aedc0cb028a587bf371a518ceeebbd95492f5ee666ddn/aHeodo
2020-09-21file 20200921 Q804.docdoc 88f27d4beb9a97b1f8fe1095cb44670077433e0e98ee762d7e74613878998265n/aHeodo
2020-09-21KVL7696 2020_09_21.docdoc 712fb1d60ad43d0063de94b64d1db09629a00d5803efef4ce9a6055f82b26ff1n/aHeodo
2020-09-21File-W7087.docdoc 5d4548534f15df03e54ccccf8eaa3a7cd08ac7482dfe65414a7758507e96d7f3n/aHeodo
2020-09-21Attachment-QTJ99935.docdoc c011f657db09823eeda192e8f301d95cd0abb5aa4fac1ef4d53c5169e951bbf0Virustotal results 20.00%Heodo
2020-09-2111094705 2020_09_21 0755.docdoc f973c445aa69501b46214e3a65d8bd66dfa1abdf5010716989778d844ef32de6Virustotal results 20.34%Heodo
2020-09-21Arc TVF114066.docdoc 531018489ced30197ebf01928009eccc4fc77b24113032057cc5d8e6399d9aa8Virustotal results 18.97%Heodo
2020-09-21Doc 2020_09_21 4376.docdoc cccd2885744265bec6edeec18806f01f46f127609f06804bdc0e3f8f9f4b638fVirustotal results 18.64%Heodo
2020-09-21Doc-2020_09_21-574.docdoc 7fde47e9c85a90a0e3a59665575b70542f5e4c5df27a2ae9819d09a59d4cdf24Virustotal results 18.64%Heodo
2020-09-21MES-20200921.docdoc 074042495b97a2e7cd7a37b3146f0447d96c51519caa6130928924bd4a141c10n/aHeodo
2020-09-21Attachments-20200921-52175.docdoc 907c8db3d28d5cfa2c716572ec91a289936bc7c70d615e2afdb5d7b5d34a8381n/aHeodo
2020-09-2129748MWO 20200921 789052.docdoc d6da450c0e2352f78f148911995e293f0b91a02208e48078f57993b68d9a3fdan/aHeodo
2020-09-21004058 2020_09_21 RL981.docdoc d379185bddb04372ebaa73fb3d3d84f999a3ef2f1cbe9c61e39a5ad938fdbab5n/aHeodo
2020-09-21Arc 20200921 7754641.docdoc 7725ef079e325e61a0940298fd108d997eef7bb18ac14f9767296b65de04ebaen/aHeodo
2020-09-21mes 20200921 9838.docdoc ba99cf0c435b3ccf8d9fb12cf7086c1286bbc395cfb5ea6edca02b7558d2a99bn/aHeodo
2020-09-21UNTITLED_0511042.docdoc cc9a3a0706e1f3fc56d3b902645d20c088df0220855b841797ccd584ad69b307n/aHeodo
2020-09-21inf_695.docdoc 81ab49b690e1bbdc91e690b222a2c7d3bb5edacc027d2db853fc4bff6e68fc2en/aHeodo