URLhaus Database

You are currently viewing the URLhaus database entry for http://www.ffval.hr/wp-content/statement/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:695075
URL: http://www.ffval.hr/wp-content/statement/
URL Status:Offline
Host: www.ffval.hr
Date added:2020-10-15 00:18:03 UTC
Last online:2020-10-17 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-15 00:20:08 UTC to abuse{at}hivelocity[dot]net)
Takedown time:2 days, 0 hours, 4 minutes Poor (down since 2020-10-17 00:24:50 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-16BAL_FLJ_100120_YNK_101720.docdoc 8e0082cbc47e4f5638313b20400e4874bb6371c424ee7ba8eb29009692653676Virustotal results 50.00%Heodo
2020-10-1634T6YRO0L5VDC.docdoc c829616c0d226e76bf936406e344c75c3abea9656fdf7b4b1d73934e6a853b3fVirustotal results 51.61%Heodo
2020-10-16EEOU_73801816.docdoc 8215f350c6c5d2b5f615bcf7260cb9eeb60747b75a9e6a8e4b9c3ef3b70b8cfeVirustotal results 50.00%Heodo
2020-10-15DOC_JK8172856413TF.docdoc def5667d5fa2a114591dd4bc01f3026853dbe4d71d02c4a6e82cb6a11a9353ddn/aHeodo
2020-10-15W_ZB8622966963OE.docdoc da92b6f110802fb6ba761b175686823cf70e83ca0eebaee386de378162976c37n/aHeodo
2020-10-15K_PO_10152020EX.docdoc 3af23db230b41473efc4a9e11313c77015bf9f75aaf0e161a94302a653a61fb9n/aHeodo
2020-10-15DOC_06863344.docdoc 504eeb68bc0e728ec46119bf32b50f5337f1720d92e6824d8100b1dd7b345b98Virustotal results 38.71%Heodo
2020-10-15MZE_100120_YCR_101520.docdoc d30ec2dde96e92164e6be1b42ad79b2b25464da4be6140e0965cb115a5d9e8ddVirustotal results 32.26%Heodo
2020-10-15REP_3961904855109843665005274.docdoc 36214ebd8002b76ea05ec1f314ba5d01bd52986535be9a5a91395a0460389791Virustotal results 32.79% Heodo
2020-10-1550598991.docdoc a8a34a6c37f7c220879f3022dee62f83c2f21e3285d534f65111131d363ac379n/aHeodo
2020-10-15PO_10152020EX.docdoc 6dd48bb5636ef582e56dda06c2c3bf04defa7e64b1369dec7de673098b94efa4n/aHeodo
2020-10-15BAL_289623961845171267777.docdoc 3cbba280192a0fd99aa090f95cc1e2291a670a7cf53bca32811ff38da7289a95Virustotal results 36.07%Heodo
2020-10-150U9W7Y5.docdoc 11b6648e4a7e97cfc206e8c02ba511f4b6d29d529680f76ef8b29dea329f59faVirustotal results 40.00%Heodo
2020-10-15PO_10152020EX.docdoc 09b2a0a619eef827aca5df812a125f278c915c56afa75e6bcbd55e47265034bbn/aHeodo
2020-10-15I_93021715.docdoc 03afbf9b046ee6d340253662dfb45f59e4fb6e75b28dd8bf52bb8becb58145b0Virustotal results 30.51%Heodo
2020-10-15LC4852251969CL.docdoc 25aa35b354712a75a1fa86936a9f4195ea8e3c08a6e6f2c3b9820cb4dd28209dVirustotal results 37.10%Heodo
2020-10-15DC5110976873QA.docdoc 2d22c090ca32c456c3d88c382392a124bf484fb67ef5737c1e9c6ed81b87e4fdn/aHeodo
2020-10-15DOC_FG3929056123ZR.docdoc f2749bfcb47ccd5ca2d9a1a0707ed06064ceb9ad0549c3bbff8475d01668d9b5n/aHeodo