URLhaus Database

You are currently viewing the URLhaus database entry for http://ellina.studio/amaa/esp/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:588315
URL: http://ellina.studio/amaa/esp/
URL Status:Offline
Host: ellina.studio
Date added:2020-09-21 18:20:37 UTC
Last online:2020-09-27 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 18:22:43 UTC to abuse{at}reg[dot]ru)
Takedown time:5 days, 6 hours, 16 minutes Bad (down since 2020-09-27 00:38:52 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-26REP_377768922287346161888290.docdoc 193194a1f2cec3953fba2121f846171524d92ef27569d72e891d3a175cafa647Virustotal results 61.29%Heodo
2020-09-22BAL_26924957878252922679.docdoc 926ffcd5c140ef8034bb02d721f27d8fca0608d456ab432803be89c0282501e7Virustotal results 51.72%Heodo
2020-09-22DOC_U1NIZ108U79Z2.docdoc 2a015f2abc55dcffd1ce46798d54c98d3c4f5b2aaed71c349a21e7a0abc3a792Virustotal results 49.15%Heodo
2020-09-22ID5026185276UR.docdoc c9d7870f9296d97091be803210d8c0028d7ae6401dc02e7b4a2d5ecff6739b24Virustotal results 51.67%Heodo
2020-09-22XLJ_76811294.docdoc db850ad7899f9d7b77e6a749543643030596ff548f4ebc57d463cac0a52a6ef3Virustotal results 50.00%Heodo
2020-09-22FILE_5397010080823343.docdoc cb903d512087eb2ec78a575462462a1afc6c5b0645f130576059e0eda0e08958Virustotal results 50.82%Heodo
2020-09-22FILE_JO4377664109ND.docdoc dfc0eeec857c03af491878b0b6e9a4fe2dd417135410856677216baf78681909Virustotal results 48.33%Heodo
2020-09-22REP_IS7619949992VG.docdoc 73773d8b31e8f22c9946b2f99db06638e8c5375cba2d9669ce998a300f8b1eb2Virustotal results 47.46%Heodo
2020-09-22BAL_EC0D8USHV.docdoc f8a9eec75fa4360483b50dbac630a13f91975dc2415df9eed41c9aab0f6b6e13Virustotal results 49.15%Heodo
2020-09-22BAL_PBD_090120_TCF_092220.docdoc 8d49090e5ad1ca487645e8dad8b6e90d267b4a7f5d4cdf4d9c4441d969f088caVirustotal results 45.76%Heodo
2020-09-22DOC_NLX_090120_XGS_092220.docdoc 57ba4b4fdcb75beec5d6d63154dfda3510f28ac094da0ca819dd8677ca37a924Virustotal results 42.62%Heodo
2020-09-22S_76644344.docdoc 49a1ffaa1b08021d92dd0139fad4b585e8b601c2ca7c74eca69ea9f3ff06ad79Virustotal results 40.00%Heodo
2020-09-22REP_78526447189981605916.docdoc 3329e54a271ff895664104546d9af52c00ce1284be48322d3ebf1cc34db74169Virustotal results 39.34%Heodo
2020-09-22DOC_PO_09222020EX.docdoc 565c24c4b23f316d85d82e81ec9243b6f2246974aa3939cf69a305d71c14a1cen/aHeodo
2020-09-22D_JE8478211557HQ.docdoc 718113e004b811df9d311a7edec1092b2aab2d9173d762022544a74b5ba02657Virustotal results 32.79%Heodo
2020-09-22REP_I6KP1NZ3E.docdoc fb7120cd04c6c488c5a564bb24d9d155389d7cb8a0293e552dd385110bc6ec9fn/aHeodo
2020-09-22REP_85583110.docdoc d937aee7869b57f5784a642a274c6c32b57ed26aaf0594e7adbbf3f980c4ff98n/aHeodo
2020-09-22498492902.docdoc d1083829516cf0b07a7ebf52d747d76ab73da99f9cb042d583f241687917a433Virustotal results 33.33%Heodo
2020-09-22DOC_CAU_090120_TTV_092220.docdoc 81f0521a22118d4b0d1ab491183c0e961d22f56fb43d063febfdbf53348add1fVirustotal results 31.15%Heodo
2020-09-22145118067193190684171181.docdoc 23184d215b3db4bb670b2c1e70e1b7f81760cdec7e35b8a0a90cebc4a6797eccVirustotal results 32.20%Heodo
2020-09-228484810044413.docdoc 09354d76c301e3e65f29aceb76a3bbfa8cd5bc590010a3eaf044b7050c3e61b1Virustotal results 32.20%Heodo
2020-09-22REP_JH2720049761XY.docdoc 6f9bccda375580566f4824b5dad0662ea49be1f410eb2bd5c38f3561dbac29e4Virustotal results 31.15%Heodo
2020-09-22CQD_090120_FDJ_092220.docdoc ce04dad796a1819d846a6a981c97426c43b0943deed734991bc6780eb54ba074Virustotal results 30.00%Heodo
2020-09-21JH9603679051GC.docdoc 602746041c972299de2505980a9346450f01f8a0818a85acc682f66491a1d8a0Virustotal results 31.15%Heodo
2020-09-21F_21FK2F4R5S9D.docdoc 0b406d237fa37888f1acd0ffc4b59577ffd5e45b792a835c2141483e2206ce9cVirustotal results 30.51%Heodo
2020-09-21BAL_K8HERPY5YBJV.docdoc 86a8ee1c5f1f5ce84a8f3b31c04f51e324a47d2de0936339357ee0e9a139e0c6Virustotal results 30.00%Heodo
2020-09-21KHE_090120_TJS_092220.docdoc 75aacb9b9e0f3b4113358caf49078bb79286fb9637c523807a8f533d0df7c834Virustotal results 30.00%Heodo
2020-09-212FGO9LBCYKHQ8FG.docdoc 39de97c9d5604bd29ee471559a22ce1c35ad2157fb4d71802c96e7621cde7fe2Virustotal results 30.00% Heodo
2020-09-21DOC_PO_09222020EX.docdoc 025f8afc4fe9c491ab36c4b78e7f60620250a2bf76c231186993727526ffd6caVirustotal results 29.31% Heodo
2020-09-21FILE_OCI_090120_ZHJ_092220.docdoc a8f76389eb48147fbdfcf5e3037911b1d933d7e0a1da38d58125ee2b9084b561n/aHeodo
2020-09-21VY2455089153CD.docdoc a90a365b3c7a945f46b9fdd9cefcaf5c9d8bf91969bd48b47d8454bee53e1425n/a Heodo
2020-09-21FILE_4047287627534502582.docdoc 9959447fc9c87f2838c48ceecfcb5cb1eb094702dcdb553d798bfd513207e3aeVirustotal results 26.67% Heodo
2020-09-21YTW_090120_IDQ_092120.docdoc 975dc69d842139da08be3809afd9ac58e5602992470fa173c085c3a6f8fac214n/a Heodo
2020-09-21ELX_090120_XNJ_092120.docdoc 5af136d60a366d4fa170883a816b530f4ef2828bfd11eafe0204c4f202deb748n/aHeodo
2020-09-21REP_PO_09212020EX.docdoc 695508f2675521f0d2405a900032570a8ff7a70d25e37cc380b049dcf7819c6fn/a Heodo
2020-09-21INV_ARU2ILZMLI20.docdoc a8c861e70b70f3ec09e75901bc0b04a5023a54cf7e33eaa618a99450d15820acn/a Heodo
2020-09-21X7JNPMY6BJ.docdoc 4a56cc36977e419b49db6fa5eb0d8b67e62501dbb620c4f9abb24d6debf03ac1n/a Heodo
2020-09-21INV_HWA65BRZ2A5.docdoc 1e0ad6475aad3deb28ea9202c57b64589fd3638b15484a6f614fb7ae4879f071Virustotal results 23.73%Heodo
2020-09-21Z_PO_09212020EX.docdoc ea13635d8fae6f813f3021e4d264e12f874aba0cadf496e53a82fdd80faf37e5Virustotal results 25.00%Heodo