URLhaus Database

You are currently viewing the URLhaus database entry for http://mosselnet.co.za/3720340FJ/PAYROLL/Smallbusiness which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:62609
URL: http://mosselnet.co.za/3720340FJ/PAYROLL/Smallbusiness
URL Status:Offline
Host: mosselnet.co.za
Date added:2018-10-01 10:52:04 UTC
Last online:2018-10-03 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: unixronin
Abuse complaint sent (?): Yes (2018-10-01 10:54:04 UTC to abuse{at}cybersmart[dot]co[dot]za)
Takedown time:2 days, 7 hours, 57 minutes Poor (down since 2018-10-03 18:51:24 UTC)
Tags:doc emotet link heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-10-03BIZ #0180953ZELWB.docdoc 8903fb1a6080570556c4217c3f329c66c3000b71163a5449047edfe701018456Virustotal results 23.33% Heodo
2018-10-03PAYROLL #5GWZWEUT.docdoc f307a8dba269262ffd35549938a7c950e83ea534734a752dc385c3cd00594a1eVirustotal results 31.15% Heodo
2018-10-03BIZ #0026C.docdoc 1c8382645c92a3727199a84dfc792638b2fc26d5d4c67c95565fc32d25f60aecVirustotal results 31.67% Heodo
2018-10-03PAY #596THBL.docdoc d6a5004805a83d40463d496e8fea3c7fb9b3f629ed3f17679802f077ae410f28Virustotal results 31.67% Heodo
2018-10-03PAYMENT #413293VFDG.docdoc ba063a282be3c86d05ba721ab2635cd920c88038ce5804a2732b4f716637b286Virustotal results 31.15% 
2018-10-03SWIFT #2529749HGWNDX.docdoc 20331c5fbff11d6f684c9ee17fc0eed00e23243ef618cc47218b77731fa76ae6n/a Heodo
2018-10-03PAYROLL #9YVLR.docdoc a1537896ddc2ee52cc1d06b82276ddb12a79c3477d49def47fe8585c12f38437Virustotal results 27.87% Heodo
2018-10-03SEP #3QC.docdoc cec8d6817903d7af908e7f29747858900ae8732d82187eaf8fd691cd4b69f0a1n/a Heodo
2018-10-03PAY #94152OK.docdoc 1a5171472f15d1a715dbd9d8b108cbbed096404db6067b34e86936a5c603b50an/a Heodo
2018-10-03PAYMENT #760W.docdoc b8f197cdd692409a14507f4267c00aba9185edb83aad1ae3c9dfbd084b17696bn/a Heodo
2018-10-03PAY #243030KUQJFKI.docdoc cabf953f0c7b1ade83647ced760070d2d72e9f57dd9a2c7ec7e4177141849d7aVirustotal results 25.00% 
2018-10-03SEP #60XMVFYI.docdoc 35c3c740de000235df89a4eff4cd6e4e3b1bfedce77336850b75af2da7a9c51aVirustotal results 25.00% Heodo
2018-10-02PAYMENT #8376337HWVKMQ.docdoc 615552f123608583a949a390c8fbae2842bd52926b3b143a6c47d8667e3ba3afn/a Heodo
2018-10-02PAYROLL #411980JOAZXSWV.docdoc 50c1bdfa56a73c43368705071d2e19b58d2fe77f537feb32919b2b77a1323288n/a Heodo
2018-10-02PAY #72VGEF.docdoc f4adec35401a9340582e3dc9ccd784be3e296ca4ed88f04fa4fc387f56420f6fn/a Heodo
2018-10-02PAYROLL #47JXMGJBKZ.docdoc 6453be335f33d287158e7886518d28d888ab375e24abf7448f3231bc9c849635n/a Heodo
2018-10-02SWIFT #89HRXP.docdoc 5ae507e8d93f6a451324da2c9a5f73dbf0d0d847bb56e29ca58e0d9f6047e91dn/a Heodo
2018-10-02PAY #0872735ISSRLKPO.docdoc b90647e77a742a38ae313682f9560cfdaad031d2f45b5d3a8ac41a31e071a0a1n/a Heodo
2018-10-02SWIFT #09514IIFJN.docdoc 40ee394efbc282f6fc8cbffb79b8dc36191becdd7cc396d0bb32f7701aa6ac52n/a Heodo
2018-10-02BIZ #4255UAZX.docdoc e1704f6a5b22a4fa2e0322662af2bdc3267481185501393aab6cafe0707e7acan/a Heodo
2018-10-02PAY #329138SCD.docdoc 55c9e5e566fe3aa14796e7d667bbbb3000e1bb49c1add4b15d07cb7a1ec16317Virustotal results 26.23% Heodo
2018-10-02BIZ #0251168MRPWZ.docdoc 4625b4781c6715fe81d8f8831b056aca1f02c09ef5e9e6f0878bc871c7a7aeb6Virustotal results 26.23% Heodo
2018-10-02PAY #025302QJXTET.docdoc 903256f33c60b19854f67e15f9b2d9af962a774d390c47d88ca4a6d92ec360aeVirustotal results 29.51% Heodo
2018-10-02PAY #241915PZJ.docdoc fa16b22a6195b9f2294d429b372eefce07b6c77d48f1010d71315d68026ee173Virustotal results 34.43% Heodo
2018-10-02PAY #2778KR.docdoc b000d1294038eb52b9196915d20345281b106f30ad2876b30ec4d53ebedbeb9en/a Heodo
2018-10-02BIZ #8VJEN.docdoc 0b2c58e141d2c0f1914a9301f3e58e6219648cb2cb73a060c7a8b083674727f0n/a Heodo
2018-10-02PAY #20BUY.docdoc 971ec290af4aa4b1e079745c790518b6299e7bc2b70b042d40bf006f7e637be1Virustotal results 31.15% Heodo
2018-10-02PAYROLL #795676NDL.docdoc 343e4beecea5bf477887a61490f32499c6717db3992e7d162ac4ee2e3943d89bVirustotal results 29.51% Heodo
2018-10-02SEP #5258731IQ.docdoc 60f5330409200df34214c398d422b5e918bfff9ef6f36856d9397d314e5587fcn/a Heodo
2018-10-02PAYMENT #16YQNDQ.docdoc 0316ff1be44ed10368d455e7f22fc4f9b59347ccd4b9ff567a169201e3e71f3bn/a Heodo
2018-10-01PAY #8674U.docdoc 9a5d1687d501ea9474fe5ccb44cfaa202cc5633b45917dd47ea7611d9503fd6dVirustotal results 31.67% Heodo
2018-10-01SWIFT #997456G.docdoc 331ee369d31910abc106b3d2dd306ce3defa2d3bce9a80aea978fa3ec20cb01cVirustotal results 30.51% Heodo
2018-10-01PAYROLL #1GWI.docdoc b419b6c448f97c9125d5882ded70892fa631eab8c27dca6e3db4a0863e7b43f7n/a Heodo
2018-10-01BIZ #2688649GXHF.docdoc 51204a9d89152dee2b1d4ec887ceed60c1814221501e64a48a5e90915efde3a3n/a Heodo
2018-10-01PAYMENT #3150WOT.docdoc 5cdb867f842ed7f69d39b6fbeb56d361bbc8452621932937e06d0add086d9056n/a Heodo
2018-10-01BIZ #9NNEO.docdoc 7e218899f0fde376c722d6250519357c402eb9f433cd5c74ce46689e3a6380ddn/a Heodo
2018-10-01SEP #850580A.docdoc 7679ab400240c9cd2cc3dd5331fcbfeee85a5773f5bd7c2d3e546a6702d756cdVirustotal results 27.87% Heodo
2018-10-01SWIFT #01662I.docdoc a8846417623f830c4f182034b03306c5753bea48c0848c1d57706786db6c7f0cn/a Heodo