URLhaus Database

You are currently viewing the URLhaus database entry for http://meges-service.de/wp-content/Document/8453807018/YdwQ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:764028
URL: http://meges-service.de/wp-content/Document/8453807018/YdwQ/
URL Status:Offline
Host: meges-service.de
Date added:2020-10-29 07:04:04 UTC
Last online:2020-11-03 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 07:06:05 UTC to abuse{at}alfahosting[dot]de)
Takedown time:5 days, 1 hours, 41 minutes Bad (down since 2020-11-03 08:47:35 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29Form.docdoc 2efeab91d822ab76173df70e491b2cd6881d1435186ad6659da73c4e5c5214bfVirustotal results 34.38% Heodo
2020-10-29Copy invoice #248875.docdoc b646a2f2855c1348d2d8cbdf2d3f54747bcd727069000f64e1bd824991732442Virustotal results 34.38% Heodo
2020-10-29YV1423145488IF.docdoc 55948fa440efdbe28f551bded69dcb747f665518a10876e4ae3ebdcb5e44ea67Virustotal results 34.92% Heodo
2020-10-29Invoice.docdoc 7e173c2910c46914628671824ef22427cbcb254a69f4c6bcd99d243a6ddf42dbVirustotal results 34.38% Heodo
2020-10-29Inv. 00605970.docdoc a0fa698426cf3decea21c3e89fe324393fd7a7743da94068ba8be39c4ebf86b1n/a Heodo
2020-10-29Payment.docdoc 4058286796ed1036d0c66b67dd83752f09a253f4b597095ffd3f2412645e3e3aVirustotal results 34.55% Heodo
2020-10-29INV #80272 FOR PO #006131473.docdoc acbe2412c4aff06ae0a1c4b17bf4acab3d67874fa57aa0a31578e524d063f715n/a Heodo
2020-10-29invoice.docdoc 0d30a2f25c077dbaa89fd166e0c2e24a2d75900432ab850d5c00dbd826ff759fVirustotal results 34.38% Heodo
2020-10-29HK-100120 SLPX-102920.docdoc 407011017107dd82209d02b6714d52efaf3270f55a81de711db2f20d9b918d23Virustotal results 34.38% Heodo
2020-10-290291727.docdoc 6510c1088251e05cfe18fc22279a7312308f08614ba3dee7852e6b1342e21dd6Virustotal results 32.81% Heodo
2020-10-29Electronic form.docdoc 67adcb665e495bdce7d8234ef01fe0cebc5d615a6b630a2222366cd51a871658Virustotal results 31.75% Heodo
2020-10-29Electronic form.docdoc 015aaecbeea372d2cde18c72ef93ce742b3e8c3ddf7247918403295dfa7357b5Virustotal results 32.76% Heodo
2020-10-29October Invoice.docdoc 1b2de3332921f5fe9e1286ec898140d7d640381face30ec213ea09fbce78b03dn/a Heodo
2020-10-29496094.docdoc 62da1d16914ee7b918b84c1bfd2714584b9f6a979558c8e3c09c779b4b30deean/a Heodo
2020-10-29INV_7976.docdoc e8eaf6545e2cb1bb8d2294dd179c60990c18eb6fd9f4fa804effa77b6a28ae50Virustotal results 26.98% Heodo
2020-10-29October Invoice.docdoc 9143453f9dd04d35a094a0332fdc37a1d517cc582db210673a79310a26505e65Virustotal results 28.12% Heodo
2020-10-299728541359SB.docdoc 86dfffd30d29d077cb1a2b881f0cae3c137ba70268ab9726d48444e595f3947bVirustotal results 28.57% Heodo
2020-10-29invoices 394 & 82938.docdoc 4d17de9f2c51a0a0370ec0e01f44ca529a0fafdcd59476ccb7ec423524c52305Virustotal results 29.03% Heodo
2020-10-290020624.docdoc c914691ce48d2b3e703c0685ebfca0836bd5169503c182d7da04cdc28977eb44Virustotal results 26.56% Heodo
2020-10-29J0764 invoicing.docdoc f3068382cc295bad25bc7c5ee96d09893b73ed065dd521170ec6c4cc731d6145n/a Heodo
2020-10-29Electronic form.docdoc 2ef4e4d6b171c3c34f3e35d9bfdd051ca3fd4110f0d44e24438572861f336641Virustotal results 26.98% Heodo
2020-10-29Payment status.docdoc 0ff96480062e84aa44e93eb008a5937b1f317e5a0e222198658fb2a71dc4b952n/a Heodo
2020-10-29Invoice 00899480.docdoc 477abef826205efd3cf971b2c425dff760789b1c15cfcbc182634ba92187e59bn/a Heodo
2020-10-29Inv. 03596439.docdoc 19d1d7b47cc9258f228a84f405d6832d66bed17bdc8f3dd9615b448d9a238780Virustotal results 25.00% Heodo
2020-10-29Form - Oct 29, 2020.docdoc d5d9e0e60d6db253aed185dd686c68b29fbec72a120812b62cba1e5bacbcd2d5Virustotal results 21.88% Heodo
2020-10-29INV #08549 FOR PO #00653242631.docdoc 9eddbf9eaa4b753108631f0cdbef5ecc758378c188d216542bf2db06a4c4e7e5Virustotal results 22.22% Heodo
2020-10-29INV #00549332 FOR PO #786994656932.docdoc 9da8a687183313d2dec4f41ff6c4b5b6fda388b7d8d295b3071df72518fb318eVirustotal results 21.88% Heodo
2020-10-29October Invoice.docdoc 809a718d794426f429292b263950138c80c84a4ae116f425d0df72351009fc48n/a Heodo
2020-10-29invoice #76538.docdoc 95b4f0a791e9ffefe35972f8c4e1a90c115fe1c8976f779e44b5190d859b3eb0n/a Heodo
2020-10-29form.docdoc 176d883eced9c465d7391f935cbdb75d425c31d1d0d51771b6c730dee296a8d6n/a Heodo
2020-10-29October Invoice.docdoc b04cd0d0b3964558d003f28a5d546be1937e3ed1b34ca455207e9d8757e82dd0n/a Heodo
2020-10-29Payment.docdoc 65a1c1b8cbaeaa9098df96d462c765ec20c8d6acad74e0a0ac60e895d9468c06n/a Heodo
2020-10-29Form - Oct 29, 2020.docdoc 8b689836a9b1034619fdff9ed1e672a6c18d09887f73cfa9e3243ae5071badbfn/a Heodo
2020-10-29Inv. 0050872.docdoc b85f19719ce551a42d5b94b2a3f1594b969ff829e294ea522e4c42ea338f466fn/a Heodo
2020-10-29220422553.docdoc 86784b37bc0a4c5ad8f488356ec333dbeda709272a5aa412aeff54fee3f9db46n/a Heodo
2020-10-29Payment.docdoc 8744e383bf013444ed1f687f385d558ee1c4e2a153cdfe224250a02fd1eada2eVirustotal results 19.05% Heodo
2020-10-29Invoice #85077315.docdoc 92d834cc4eeb0c988360abd919fed33b6ff21d18e7fc4fbf17a443d56374ac19n/aHeodo