URLhaus Database

You are currently viewing the URLhaus database entry for https://www.vebmar.com/yz85-head/eTrac/766972600257269/oc57dk7-23947/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:727446
URL: https://www.vebmar.com/yz85-head/eTrac/766972600257269/oc57dk7-23947/
URL Status:Offline
Host: www.vebmar.com
Date added:2020-10-21 05:59:27 UTC
Last online:2020-10-21 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-21 06:56:11 UTC to abuse{at}as42926[dot]net)
Takedown time:6 hours, 39 minutes Good (down since 2020-10-21 13:35:16 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-21Invoice 9697044.docdoc 90828b96547b35641ebd76b91c0200f8f057974be00f528002acf24663c9991fVirustotal results 32.20%Heodo
2020-10-21Inv_599667.docdoc 2a603eb060abe8cf0ce5259b69da9cdd0e5c3015332a943828ef24212ae982e8Virustotal results 33.96%Heodo
2020-10-21INV #7378 FOR PO #0680700254183.docdoc 95cc36236ff79a346718e90e5015315ec3f419d22f5ce7ed1d2abbc04eab70b9n/aHeodo
2020-10-21HZ6836638490TQ.docdoc e99ab9a43fda936582d3e49abcd562f045f62340fba2162f933fd97006ee5e17n/a Heodo
2020-10-21invoice #67147.docdoc 9cdd0e1ab1bd327fbf175b974de32d3f5c7591a31c72a34a842e2d03d8706ad8Virustotal results 30.36% Heodo
2020-10-21INV_685597.docdoc 8b2cc610d0bcf80a6efb3dc33ad4727a7a354a8d054fa08ea02d82e5f82e93den/a Heodo
2020-10-21Invoice #672266.docdoc c7e41f72ed9bf9cfa59966fa7ac39d45e0deaa10a74c1197ae35fb7ca0895facn/a Heodo
2020-10-21PO# 10212020.docdoc 6fd624d3041f0bd2b242241ae31cd75caeabaf5d8a8718e32dc5dbffd0f313a1n/aHeodo
2020-10-21Copy invoice #939792.docdoc 5c1807b2205a7fb8c1318d526c683f56587f78066afddc7a87a675da8e0fc99eVirustotal results 30.19%Heodo
2020-10-21Form.docdoc 28505fd46eab723d2a68bc90532fbe81c5ca8e81f111912bbc9dd2d1b367db03n/a Heodo
2020-10-21invoice #54270.docdoc 20822d454fc7b4ccc00e84d41fcfebef444b6d243921dd0e7db0c7252f1e319bn/aHeodo
2020-10-2108322067.docdoc 335cd0b68598573b5573526dd255bcbf94fba7506c1955a07f5fa0e6cad0e7a6Virustotal results 26.23%Heodo
2020-10-21October invoice.docdoc e1443833e96642ff26e74d8b999dcf5aeea285a95e9ad1e70ad696f035a66518Virustotal results 26.23%Heodo
2020-10-21October Invoice.docdoc cda828dede96620b0eed85c89ba9eebb9aae7aa5f6b54141207e8f0f9e44e0ebVirustotal results 25.81% Heodo
2020-10-21PO# 10212020.docdoc d8e0f462d8d75918d376254506d8d9ca846f6fa1f33076a091cd9f61832efbc2Virustotal results 50.94%Heodo