URLhaus Database

You are currently viewing the URLhaus database entry for http://itrust.com.ro/0gzn01/FILE/a9ztr9aw/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:588615
URL: http://itrust.com.ro/0gzn01/FILE/a9ztr9aw/
URL Status:Offline
Host: itrust.com.ro
Date added:2020-09-21 19:02:03 UTC
Last online:2020-09-29 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 19:04:06 UTC to abuse{at}ip[dot]ro)
Takedown time:7 days, 16 hours, 22 minutes Bad (down since 2020-09-29 11:26:56 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-23PO_09232020EX.docdoc 18aabb0ff9adb2600243c3be590c57bcbeada6451b8ab0d190c1756430730e2fVirustotal results 33.87%Heodo
2020-09-2346493233.docdoc 22aa434e3a4d0f635bf148f1f870c5a5a3847bcf2517470e76299e86dd047320Virustotal results 34.92%Heodo
2020-09-23VQGW_MMA_090120_FJM_092320.docdoc 19a24c966abfca03a9b378497958b7a78167e51a43af3059a5eba3f3eb725e73Virustotal results 35.48%Heodo
2020-09-23Z_THQLSXMNRN82UGM.docdoc 87147834cbde11b3f37c516844cf8d9ba78e603010280ee9eef5e29c92b10425Virustotal results 37.10%Heodo
2020-09-23DOC_3Q7MV4V9VOJAHO.docdoc bbb6d73f3985fbf140b54d8d677505a103c94a9bb2c084c3fb92dc9c80e06a80Virustotal results 37.10%Heodo
2020-09-23REP_PO_09232020EX.docdoc f97b08dd6d80bfd7e29abef0823103070c8629716d0497a6a20fc77398e115eaVirustotal results 35.00%Heodo
2020-09-23FLO_92418707.docdoc bb8142568de9017ef615f6eb92b63a11795c3d48f30b36957efb191f225ee49bVirustotal results 36.07%Heodo
2020-09-23FILE_BGZ_090120_IJR_092320.docdoc 1a3e133eccdd96c0e73b7ace7d55b34ee165cc3e1fc1416b7713e7d69c7ef8c4Virustotal results 37.10%Heodo
2020-09-23IA2997202962SZ.docdoc 48fb9960d4880303b9ac71ab8d6d52f5853ad6b0520aa8a6ebc470ddcbd3085fVirustotal results 36.07%Heodo
2020-09-2368974793.docdoc 1e0e7d2681a3e9e867a6dcc1c47ace2c85c1cdb60f751585adff359da52f7c87Virustotal results 33.87%Heodo
2020-09-23E_96279303.docdoc 8f58229ee88c03984d543e38f3a6c941ade770afd39c50199efb29993357db30Virustotal results 33.87%Heodo
2020-09-23E_70619586.docdoc 837c550fff034632d2b0963b5cbef7f23f932fb6439d9ec26b324655c31b1320Virustotal results 32.26%Heodo
2020-09-23Q4E348K.docdoc 20ef957f84144a3fad2d3e3b68b6159c70b7fc25c13fc2185d1686235fe49676Virustotal results 33.33%Heodo
2020-09-23IYJ_090120_OVM_092320.docdoc bd69ecf726bce791184672d5e8317729c49e46729a648023c07701eb61a005e5Virustotal results 29.03%Heodo
2020-09-23INV_FJG_090120_IBE_092320.docdoc a877dd61b25805e938555868388a8543768fb01e9c45ae6072c261f61264d466Virustotal results 35.48%Heodo
2020-09-23REP_8DOT7VSN3I1.docdoc 936e0b3b696a31047618a5ffe005e0500e2dd472581d4df1580db803e19cca8aVirustotal results 35.48%Heodo
2020-09-23FILE_HIC_090120_DPN_092320.docdoc c482b94b35c677f27e5911c44179f984768ceca5388c34e6b5bdafa23dac794bVirustotal results 36.07%Heodo
2020-09-2347VSINCUGB1.docdoc 15b6e8645e321e35774c5f7b9e295ba0e3d31d3f116e7a67724e6e0e5f8f3ed8n/aHeodo
2020-09-23G_33907301.docdoc 5a6efe389fc1530d950fe7f4032d8f0c585eb3c4ccd412e20bcae526b12691b6Virustotal results 36.07%Heodo
2020-09-23IC7622800568DO.docdoc 5a3f37932807ab99f3d81cbfd00a0588d1f05fdffa28eb424d1d4d7c1906147bVirustotal results 35.48%Heodo
2020-09-23DOC_34437008.docdoc 5f0d373b1aefd0bf4a4b8942b87a71025cb90011a5633caf9258d975e90edfc3Virustotal results 35.48%Heodo
2020-09-23BAL_HQ1952169487VT.docdoc 23228721f30ca78a87d92bafd441f784d43b35778a46e3fb21fcca990fdc778dVirustotal results 35.48%Heodo
2020-09-23RDTW_UI081X5MYM0RFPO5.docdoc b853cd46658fd7e0fc597e041702404ceb38bce2a718061faa3170d5389828bfVirustotal results 36.07%Heodo
2020-09-23PO_09232020EX.docdoc 6d73594fd12ced84821a81b0917e31c3e1f2881c0cb5168fbab81aab82e12eebVirustotal results 38.71%Heodo
2020-09-23REP_HI0673144830RR.docdoc 2f949a337c2746a62b0f22fdbd222a7783251f0b81a7332e4724a59da312369bVirustotal results 38.10%Heodo
2020-09-2319640805.docdoc 660f78796bad236818c239f650cb2139c4b079a2f0f5dfd4d0bc59eed2b85035Virustotal results 34.43%Heodo
2020-09-23PO_09232020EX.docdoc c4ed4d279282ab289d7a00ba9d05f1f31af4a3dafbe02ae91aba6585d55506ceVirustotal results 31.15%Heodo
2020-09-23FILE_PIL_090120_ZYR_092320.docdoc 096e7d0d8016a7efe13a6bcfe45e2b78d115eb681a6f855b639a9ca3c8db22c4Virustotal results 35.48%Heodo
2020-09-23BAL_00Q66QJMGUIAG.docdoc f81dc1dd571c29424756de4b14efa593fdea619f32694846535c4820c9acf375Virustotal results 37.10%Heodo
2020-09-23DOC_67994076.docdoc 8fe10663f36d8403d8c75b3a696a4dd96ded71c95bf3e5d88f34c4dc7ec96835Virustotal results 36.07%Heodo
2020-09-231510400802393.docdoc be8eff5238b1b4c55eaf6bf5399d71b18bc093dbf2344c41e86f192173e1a5efVirustotal results 33.87%Heodo
2020-09-2376273894263.docdoc 07e10c57641a11b12fa27dd4b62a01b1f1db583eb0f33e25154c1e495d45066eVirustotal results 27.42%Heodo
2020-09-23BAL_PO_09232020EX.docdoc 8545f8aee7ed198b20effca9952996d49c5b91811a6dc47bdda10aa92e633938Virustotal results 28.33%Heodo
2020-09-23B_C7Z0LO6YK99C8RR.docdoc a0b12fdc4f5929ad169ba50c79da1722abb70cdb418ce0cac2275aea75431d9dVirustotal results 27.42%Heodo
2020-09-22XMRV_YLZ_090120_CYI_092320.docdoc 8b086b781acec12715982f30c39eb5d20950325e39a5d84b33a6df96d9edcf8cVirustotal results 31.15%Heodo
2020-09-22INV_GP2QE84O0XITR4A.docdoc 158dba6d537edd9c1fb56cc2c1307f00634cf5188667321946c2247e02eb6c40Virustotal results 29.03%Heodo
2020-09-22DOC_DH7585479062UK.docdoc 7fc71d784c714360d684b4c25382fe807f04a3cbd861352f3c19fa0fd789e59dVirustotal results 27.42%Heodo
2020-09-22INV_VKR_090120_ZDN_092320.docdoc b84c54a1704a22ceac88f79804b5a23b2a64547cadf21d76291d01f84b0e77d6n/aHeodo
2020-09-22Y_QU3118902490AR.docdoc 10fe3df8f6540696c8eaf649bc752e30d5533b0203869ec0839cf045227620ban/aHeodo
2020-09-22ZB8622364238WQ.docdoc 8f8f1029e9909427e27aa6d225db5eb6d8767560af23836c44a0abff203eae4bVirustotal results 27.42%Heodo
2020-09-22C_DR7937952446YH.docdoc 770a13e4b2ad169f027bbdb1dbd5317f83cdd7a7b28e6ac67e30614cdd534a29Virustotal results 27.42%Heodo
2020-09-22REP_QVR_090120_UKP_092220.docdoc f8f2dc63225fa38d16de547469f9c418f3093385a270836e7431aad8bf52eebfVirustotal results 27.42%Heodo
2020-09-22GD1555397562KE.docdoc 04648ce7223361494ad5620c674be88a869710007f672d05721b77af59be70fdVirustotal results 27.87% Heodo
2020-09-223L1ZDKJQ.docdoc 0bf81a6e813d1474fb8f3bc1b2071f479aa978b3e536a2c960d60226fd1ebaaeVirustotal results 27.42%Heodo
2020-09-2230287541.docdoc c288a47cc4303a39755120a6450d469a858b7bb662f27fddf022bb2fad4553efn/aHeodo
2020-09-22BAL_PO_09222020EX.docdoc 02503f6546f32015f98eb839efb8b3d86d56b8ab5de5a30b5d6e99b4bd41802dVirustotal results 48.39%Heodo
2020-09-22T4B3AQUWUV.docdoc 6d6813140f0dced48722caf09ba21139ab101464c4a7079063a17b67168cfbecVirustotal results 29.31%Heodo
2020-09-22INV_25826709.docdoc 944e1d93b3a20dd3f16bcb0a36fafcfb833c3a86dccd514d812e830a9a78c6d5Virustotal results 47.54%Heodo
2020-09-22FILE_QW8309402735ZF.docdoc 5edac9eba4b9acb19c34761cd2f8631ea31814b300b760c31c1d42569fb7c50aVirustotal results 33.33%Heodo
2020-09-22X_TQD70486.docdoc 280a1aaaebe209d8b8f7a652fd2f9f9efbbb3a6731328ee3d5da4caff1bfb02aVirustotal results 23.33%Heodo
2020-09-22DOC_99524490.docdoc 50938c1e8bcfd60435f294949bf3b07533f8b5ccf1cf92d08a77f4a222037092Virustotal results 46.77%Heodo
2020-09-22INV_280076001256347822.docdoc 8c631ee8db950c9391df61c02b0a50f1bcc096b8a195355ae59f0b8f00a0d3d0Virustotal results 22.95%Heodo
2020-09-22REP_QDS_090120_HRF_092220.docdoc fa6e9fe146f9fa99ebad70448ea9307e637713543a3e51b035f69e8f2d933bd5Virustotal results 45.16%Heodo
2020-09-22INV_512919223455662866518347.docdoc d2c138d20e5b01e5408d4026819c1369a562ca8eb3c75f0f965118e055595898Virustotal results 25.00%Heodo
2020-09-22GCR_090120_NMV_092220.docdoc deb600ac1ac3e5230085da737631928e9460610812ddec5ab166f830acd7a411n/aHeodo
2020-09-22INV_IZN_090120_DTY_092220.docdoc 7539d0418d2b25028d21143087be35eaa055454cbb08d2d06ec31ce6e28aa9ebVirustotal results 38.71%Heodo
2020-09-22CKWI_PEY_090120_BXW_092220.docdoc 9787b45133bcc34be0a429c433382108adfb5e5d3f2636e5a2c818dea83b3118Virustotal results 25.42%Heodo
2020-09-22EV_HZ2636958302NV.docdoc da0548eeda47746d14e3934cf38702cbfd1f17bed1e98db6170fc2194747ecd4Virustotal results 24.59%Heodo
2020-09-22L_PO_09222020EX.docdoc 871f2b403272d8adc62f2d8941dc9f4ebeb3e9f24006bf0b11084e21904cdb32Virustotal results 31.67%Heodo
2020-09-22DOC_EWM_090120_EBU_092220.docdoc 9bf0d791ca4a4276d0eb75151a08b6c78c6859a87418de1441e628aa592bc365Virustotal results 27.12%Heodo
2020-09-22FILE_PO_09222020EX.docdoc 013f49af6f7f5e1e34116aa22e1bc2ba4babbb2c0b0f97bf4da287ce88b16a16Virustotal results 51.67%Heodo
2020-09-22INV_XU1A4JTB48I.docdoc 03ac2f43a8cfab1623e6755d1b2d217a20c8b2828a15756b39cc410421bf7fd4n/aHeodo
2020-09-22X_23646810.docdoc a28d0c32d71e746278dae91f242085290e2985efbfe09594c6f0adc2b1d7af4an/aHeodo
2020-09-22PO_09222020EX.docdoc 82ae83e8a0801c8202a132e1e29d286e4783465939a4fa261fc1e7e73f709ea0n/aHeodo
2020-09-22U_WDV_090120_RJF_092220.docdoc 302e8726fa91efa42546ebb326ec43baf90e3da145cd9a9e3e39a25e9949bbe3Virustotal results 49.18%Heodo
2020-09-22TFP_PO_09222020EX.docdoc 926ffcd5c140ef8034bb02d721f27d8fca0608d456ab432803be89c0282501e7Virustotal results 50.82%Heodo
2020-09-22BAL_BJ2771819354II.docdoc da29c1b9164477223f7972b2fba8d5fab34d0abe2cfac9e4eb18150dacc690f9n/aHeodo
2020-09-2215194846.docdoc 30f408cfeb23defb25a767cc9fdf7579169d6b78679d0ffeb12d25f1e59cc0d1Virustotal results 50.00%Heodo
2020-09-22REP_103761618.docdoc af8bf361d20991876059324d82a58cec0fd954b981438085e5c5a48bc3f83d11n/aHeodo
2020-09-22G_07235089.docdoc e9fd5fc869a22a5f9b22333cbe9745985826875b2f62983c8e0964531dd9cd7fVirustotal results 50.00%Heodo
2020-09-22248068079718982748127950.docdoc 03a110452bdd6b8d8db2cf5a558d84903bb06553c17f563b3abd11fbb3d946efVirustotal results 51.72%Heodo
2020-09-22E_K9WPI6S2LSW1.docdoc 987e1a42f83efa603695557dfe5b08626aa7401f96e7987fb3d461eea7bb03adVirustotal results 48.33%Heodo
2020-09-22YNU_63852091.docdoc 73773d8b31e8f22c9946b2f99db06638e8c5375cba2d9669ce998a300f8b1eb2Virustotal results 47.46%Heodo
2020-09-22F_PO_09222020EX.docdoc 6b58f3d639dbfd3f04c2534bac10583c7e2d0ba1e88ef31ebe443fc18f409a76Virustotal results 46.30%Heodo
2020-09-22H_KKP_090120_IXZ_092220.docdoc 8d49090e5ad1ca487645e8dad8b6e90d267b4a7f5d4cdf4d9c4441d969f088caVirustotal results 45.76%Heodo
2020-09-22INV_5133259039770495664390557.docdoc ec2ce44f2fbd4e3dae1a7268da4de197bd006a620ec08af7122f25557cd49196n/aHeodo
2020-09-22PO_09222020EX.docdoc e22069370f6bb2d1611190b4975b0debcaf719bee8ac51c488b9efa03ace74b4n/aHeodo
2020-09-22DOC_PO_09222020EX.docdoc f574d141e50f5f004b6d5b2932ce746ef012404c5bf46933947ad0ce3b397665Virustotal results 40.98%Heodo
2020-09-22REP_X057P2GKJREL1VCQ.docdoc 565c24c4b23f316d85d82e81ec9243b6f2246974aa3939cf69a305d71c14a1ceVirustotal results 35.00%Heodo
2020-09-22AAY_090120_XLQ_092220.docdoc 863a67fda8f1051e42a5caca1a89f4bd895d01947127dceebf7acb4eb4b881bfn/aHeodo
2020-09-22FILE_46399931.docdoc 3ed5e00e046ce19a840746219ff3efcd6fcc4ddd0b608e51203398bfe2360da2n/aHeodo
2020-09-2203415210.docdoc 58dca36db6814be3bc7016599693d84cc074f17451bebe7eb98baee99cef0ac9n/aHeodo
2020-09-22I4HGPZLQ5GOIV8.docdoc 7cb0e900a796ae5c53375b1dca69897de5ffe140cb72224a428bcb8327937f23Virustotal results 28.81%Heodo
2020-09-2289531227.docdoc b47a1743a01e5885f50abb8a2bb9ad539a52c6b38e1fe97ace7c7165c384a523Virustotal results 34.43%Heodo
2020-09-22FILE_99027918.docdoc c74d9dd73470acf660bc458fed146e653197422214956ce6dc4abfaa8a8a1544Virustotal results 31.67%Heodo
2020-09-22REP_55610939.docdoc 9addba96a219cf69e04822cf43a65d6b7da0f848ac179d2276ef2a448ca362cbVirustotal results 34.43%Heodo
2020-09-22R_560695802910619276616.docdoc 0489a6b94e2c6206bd2730cc32c8f873d1ac1af2ad02bdb69a77a8078460741cVirustotal results 32.20%Heodo
2020-09-21RJ3277555772JG.docdoc 62f036b925c8b4c5c90b88eaf15e774481a952ac6e1c7596916e10054b82daceVirustotal results 30.00%Heodo
2020-09-21REP_JCL_090120_GNL_092220.docdoc 0ecb8f0ac3c2c27f213dff3752b70d6832343dd6e1ef7e95e066e0446ef384f8Virustotal results 31.15%Heodo
2020-09-21AUCK_PO_09222020EX.docdoc 61ba6999ffd23a0f22f6827b577e773e9d6a79ef366b3260a6b55a792c98d519Virustotal results 32.20%Heodo
2020-09-21FILE_73167272.docdoc 3366930cc13338eb0661795bbde1d36e686105df071793c4080d1483b27d2d84Virustotal results 29.31%Heodo
2020-09-21BAL_XKE_090120_TPQ_092220.docdoc 86a8ee1c5f1f5ce84a8f3b31c04f51e324a47d2de0936339357ee0e9a139e0c6n/aHeodo
2020-09-21JRT_090120_KWI_092220.docdoc ce745f41bc3c216b25b5d553cff68854d633377995317973429dc64180aa89efVirustotal results 30.00%Heodo
2020-09-21BAL_95213634.docdoc 453c3ac3a5da64e336f00f48a7e77a64a0d1a69b2bb227fe318abd0e873501abVirustotal results 31.15%Heodo
2020-09-21PO_09222020EX.docdoc 1ee23bc9e2a3807499d0fd736a4503235cc2d46e14429f19ff423fb2095bc38bVirustotal results 31.15%Heodo
2020-09-21R_PO_09222020EX.docdoc 469d40c989ee52a990ee653b38417a1fcd785b0a2179e5d997fc82843e0b47fdn/a Heodo
2020-09-21N_ED9095663119HT.docdoc 5f48ec62b70130e2ebbdf504c0de8057499f87bcf6bda3462f498f3d2e08c22bn/aHeodo
2020-09-2111685216.docdoc 292a48621b6f7863d1a7d04f25cd2c6ddbcbf5abac1282941d3ba20ae076b776Virustotal results 27.87%Heodo
2020-09-21JYG_WRSVOOLNKBZZHDR.docdoc 2fb1aaab163c5d674f32a4afd442561b6333e3fe377c272f69c96090d934ac93n/aHeodo
2020-09-21D_79023070.docdoc 5af136d60a366d4fa170883a816b530f4ef2828bfd11eafe0204c4f202deb748Virustotal results 30.00%Heodo
2020-09-21DOC_YK5827773721YG.docdoc de262e7ac841a01fc0811e18b43ea7d4cdbd32e7c32e7c9e797ff0da640ba21dn/aHeodo
2020-09-21BAL_VE1018998551IB.docdoc 9ab90c1d6e1536e7095428f0775e5f86f67f20ed84d0b5046a00327db43115beVirustotal results 26.67% Heodo
2020-09-21REP_5646689231974717.docdoc e4bf7ba6d49953f6d305ed245b9ef7be426ea9b211bbd8aee04948809159fda8Virustotal results 27.87% Heodo