URLhaus Database

You are currently viewing the URLhaus database entry for http://advantechnologies.com/5075217PMV/BIZ/Commercial/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:74983
URL:http://advantechnologies.com/5075217PMV/BIZ/Commercial/
URL Status:Offline
Host:advantechnologies.com
Date added:2018-11-06 15:33:05 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@JRoosen
Abuse complaint sent (?): Yes (2018-11-06 15:34:03 UTC to noc{at}usonyx[dot]net)
Takedown time:12 days, 13 hours, 47 minutes Bad
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-11-08PAY #14221YPCT.docdocbce51db10983cf29038a23bd49dc6721bab5547a95967b287a481a93e5159b92Virustotal results 12 / 58 (20.69)Heodo
2018-11-08PAYMENT #18GJIUGB.docdoc750977f7a6f6642f593ff5a1bdcfca3efad389a2e9c9eab2aa84cb710ff3fb08Virustotal results 13 / 59 (22.03)Heodo
2018-11-07PAYMENT #7597032LFMO.docdoc62cb96a1dc38ea7cd8c1738f267ca4ccb0de5253abe722a9b51a247aff9762f8Virustotal results 14 / 58 (24.14)Heodo
2018-11-07PAYMENT #3182271P.docdocf9dd0a1d491b7175a48fc5b64e1376dc07ae41d040519768efb8b3ad08e04a26Virustotal results 13 / 59 (22.03)Heodo
2018-11-07SEP #632420OZBCF.docdoc20161a2e35fefc0c81961057bca43b75f206f3839acdd725a7c526ec42444384Virustotal results 12 / 59 (20.34)Heodo
2018-11-07PAYROLL #915SX.docdoc1e402b9fe1041199f9cd86b3d7e136a559a426dd013bd75ade865533b9adb718n/aHeodo
2018-11-07PAYMENT #199RJOKRR.docdoca692ae61c540f3138866e74cd98aab9b368fdfe36233ccc408549a69a5a2c86fn/aHeodo
2018-11-07SWIFT #17YIGQ.docdocec383b84e5038f061921a2a41b27d8635465826bce5636b21ede0fe061895972Virustotal results 11 / 59 (18.64)Heodo
2018-11-07SWIFT #1410OKONWML.docdoc42d8e974d69dd352062b784121f9df58b30a4b3aea684ce2f9fa418977b4776fVirustotal results 22 / 58 (37.93)Heodo
2018-11-07PAYROLL #950TROUROOZ.docdocd880ebb69507040f4364a0ffc83d3a2bd3247f58d3fc66dff4fb5856a3b1be7eVirustotal results 16 / 59 (27.12)
2018-11-07PAYMENT #200604CU.docdocacfd3ae8a5156bb1e5ab9f15ad07c73ea3a43c4f32dee58563de17b77a4fc50eVirustotal results 15 / 59 (25.42)Heodo
2018-11-06PAY #099638VLDUBZCP.docdoc76ddd79d0ee84395b6feb5a11b97af610346b95ccd8f4b9a1a2ffd46d3f0e24cn/aHeodo
2018-11-06PAYMENT #27HMDZX.docdoce751449a27a5840aecae530d79ed9de9f619011b85e065006d3ccf5f7b960695Virustotal results 14 / 56 (25.00)
2018-11-06SEP #3062835MEEE.docdoc33cde00081dbb52156426258a38818e3c17c8b69d46cbc896c2e7a36fcb235fbVirustotal results 15 / 59 (25.42)Heodo
2018-11-06SEP #1385CGW.docdoca800c30c82a66750cdf1566e9dd71f66e1a5088fe14c0207d2146fc4cbad86a5Virustotal results 14 / 58 (24.14)Heodo
2018-11-06BIZ #2555454RPV.docdoc4dcd10383a894b466726e89a81bee82cb6c8cb7ef50c288e6aa177ffb2fbf367Virustotal results 13 / 57 (22.81)Heodo