URLhaus Database

You are currently viewing the URLhaus database entry for https://www.grenflor.com/wp-admin/attachments/0010230312818998/RbwK0gr17a66iqWyff2h/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:764624
URL: https://www.grenflor.com/wp-admin/attachments/0010230312818998/RbwK0gr17a66iqWyff2h/
URL Status:Offline
Host: www.grenflor.com
Date added:2020-10-29 10:00:09 UTC
Last online:2020-10-30 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 10:02:10 UTC to abuse{at}choopa[dot]com)
Takedown time:22 hours, 29 minutes Good (down since 2020-10-30 08:31:49 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-30ARC_O506.docdoc fc78cea416d8f9dddd6750de180d44c1af35cf844172007fdc47a556ead137e2n/aHeodo
2020-10-30Attachment 2020_10_30 OV59648.docdoc 612b66140b3b1ee1d77949fe254bb8348132d29b07fcbf108dcf5b85e98575b4n/aHeodo
2020-10-308478AKI 20201030 SKA932914.docdoc fbbe6a9112285c6511075644a37575be3f4b09df736f145ec048c94b7dedd72fn/aHeodo
2020-10-30Doc-20201030-3146.docdoc 9c5b4f0d6c8c7b28d62d9b8ac13326bf4bb4bd938fea75a6ab10e0875b9b001bn/aHeodo
2020-10-30Dat-8942818.docdoc 1d155be37cf38fd0b848877f9e628c9b5ad554526e058dd105de59785af38597n/aHeodo
2020-10-30Mes 2020_10_30 QE568.docdoc 7cebc56212904493aa409bd9d04980dc664c538e5795ef05836758e228709081n/aHeodo
2020-10-30FILE-20201030-JWA63768.docdoc 72502fab1f404078984874bd71e560d05f4c4f87d71dcea75dfbd7108fe9e0f6n/aHeodo
2020-10-30Arc 8993.docdoc 091deed14b5bf12ed9363d9252ff12388eb3aaf331490520e462d12823c9019cn/aHeodo
2020-10-30UNTITLED_2020_10_30_6908.docdoc 78fe84159621fe170f653bd7901b42c6ab5834ee899fe2fe2660497c8445ed48Virustotal results 29.69%Heodo
2020-10-30list-2020_10_30-85706.docdoc 21b03a75a5f8624dc73b7045c679c39af5b50c3d6c18f813b16f5f88cefb13f3n/aHeodo
2020-10-30doc 418432.docdoc 6c3e28e9d3fc3e6192e4e5dfe110ca2aeb96794d8dbed234856cf5ae32ac846aVirustotal results 28.57%Heodo
2020-10-30List_20201030_EQO13078.docdoc 6b766925de9c4cda22bdd6c7da535788023c12dcd880a7ec02d40e69f63aca4aVirustotal results 28.57%Heodo
2020-10-3085811RC 2020_10_30 95380.docdoc 8c9ac44890b02ffbaea952b81add0bbbc5d847772b7d872371aeda70bc170f50n/aHeodo
2020-10-30rep-20201030-2510171.docdoc f85dfdadc90127312e82fee2bec640f2f4a69cc0509f36337e0078bc603109e7n/aHeodo
2020-10-30rep_2020_10_30_J717.docdoc fba41fdd9a1e8b12844d2ed37a39199dbbc262040af00488032ca8dd37d99af8n/aHeodo
2020-10-30UNTITLED-20201030-1461.docdoc 05b836813780375ab027f2424e9846c3026e6340b097f3a74929e9381fdafda7n/aHeodo
2020-10-3073259177_438035.docdoc eb5e7b9d8554e92b57e2560655716ddcb3e4a10c2769af68df19681e80692bc6n/aHeodo
2020-10-30UNTITLED_H514.docdoc 57209365f4fe0becb469a7ff5bb5701651c82c8b3d576f486ca86ff872654785Virustotal results 28.12%Heodo
2020-10-30INF.docdoc 34ebdddd214c6abbd22fc74af04fdf1d1af2b6ad1563f85e1d2c63ddd5f4be05Virustotal results 29.03% 
2020-10-29arc-BSC338183.docdoc d66f8b906859aa4c96d0fcca50963ed7ab502b976ef2f3c2c2f821785dd0d1dan/a Heodo
2020-10-298542.docdoc 04994a1c8ed2e114ae0ae3ace2037a957983121aa110568738e22db0f364bd03n/aHeodo
2020-10-29Mes 6452.docdoc 1c802678220f65ea3b50e82874a9888689aec3c069499e2941f3bfc7d001c726Virustotal results 27.87%Heodo
2020-10-29UNTITLED.docdoc 4845da7cb9aeaf0bc23f9ff4869669d088ec6b529643ed2dc4fb492ed652a659Virustotal results 28.57%Heodo
2020-10-29arc-47967.docdoc a57d914379d81284f52ee5d051e63d8d1e561b870ce9fce0bcd8aa0bdf31ad37n/aHeodo
2020-10-292884_2020_10_30.docdoc 11b4592603903a4f6783a2c905e9f163ceb9b48f854fd1addc4b670505f4dd0fn/aHeodo
2020-10-29rep-20201030-0873.docdoc e65980d588f0fd5d79db25edfc5ef6d7fea680a7d3c857569dbd110067369398n/aHeodo
2020-10-296959 2020_10_30 259.docdoc 7d0c55cebdf8bd8b64ba720554bba314c54f8bc5c66c375fa99748b7976910b2Virustotal results 26.56% 
2020-10-29List-20201029-X7035.docdoc 57ca70312f48ec1eebb7aed03d8d09be5ecf574828adfd77449ce63840fb6e9cVirustotal results 25.00% 
2020-10-29file_2020_10_29_39823.docdoc 137d7638d9ba4e6ab1b63bf965dfebb9a0dbf0d652847e63f84d5a3ac59453e3Virustotal results 26.23%Heodo
2020-10-29List-20201029.docdoc 834950ebaa83980731c9c728c2aced8bebca5fa82aa7bc90a00253ba04a289ban/aHeodo
2020-10-29mes JPW26183.docdoc 8d9d4d850d036b687ad9c840d4b9667d172fcdc5cb3e7d303b95bbff842ecf42Virustotal results 25.00% 
2020-10-29562L_2020_10_29.docdoc 7f63c3822b78af4b2df4d759b5342caa9e642f6906281dd19aa8b5570e60033cn/aHeodo
2020-10-29dat-20201029-69356.docdoc 2596a9bbe9fa9be284038a35eadcc99e74491cb69132ad162fd980571f5d2184n/aHeodo
2020-10-29UNTITLED-8128858.docdoc 3957af6bab72b10a46bb4661d6f6bef94195cfe1de6e298fa6305bf37021250cn/aHeodo
2020-10-29Doc_KST7450.docdoc 7fa1c7ace1ba11e4fbc48717f99d9c89eae69513ced096b9c886bd1d5e77bb9an/aHeodo
2020-10-29List-2020_10_29-9338.docdoc 8c0858b719abc1adf308d8cd924580c9b8cfe448c49bcc411a5e7a0f3b6f6b23n/aHeodo
2020-10-29Attachments_20201029_R180.docdoc c9cfc3e36a4f9586a44a6e8cc924377e7f49cb6886f83b597dd188d9751ffd2dVirustotal results 21.88%Heodo
2020-10-29doc 20201029 3232.docdoc ce73e03dec1618daa254b7f8d3f9c2a17c2c568588a96583e9b3bb94330f8bd4n/a 
2020-10-29mes 2020_10_29 183887.docdoc bb453ade805cc662372ec39bbf3c4fbaf380f553da42115361b4b4f76a53d73bVirustotal results 20.31%Heodo
2020-10-29626_20201029_TA687.docdoc f9ced4f3230da05ce91d86336fbf75e2da5b320150500353b62b56d125fd288cn/aHeodo
2020-10-29List_20201029_XXX000.docdoc 5597d783bf7dc649677795638f8bbd5f97676ce49e443df3ee1fd032008f5609Virustotal results 20.31%Heodo
2020-10-29inf 5725.docdoc 46d9e560db1a1d687d58d92ded82cd4ddc77a154a7c66bcc99d628f7386c97aeVirustotal results 20.31%Heodo
2020-10-29doc 20201029 RQX96866.docdoc 0ec7ec7738fa46b80ed212bc2301a122bdeb4f1f8449304c0ea2f627e3382c6eVirustotal results 26.56%Heodo
2020-10-29ARC_WG290087.docdoc 691fdeef1abdf9ff8b887a8525d4c15c82e16eacae4e41fc10cf14300ca23148Virustotal results 26.56%Heodo
2020-10-29Doc-2020_10_29-QRR728115.docdoc 2a117f803129615a11fb51b03aa78464658c82e754b6140a4a01b2ef3bc13a69n/aHeodo
2020-10-29List_L7448.docdoc e84ed79c1be101e6bed71ff5e4af97ba2e2de483f32699bdd0932fd64f051434Virustotal results 26.23%Heodo
2020-10-29REP V425551.docdoc d472d21f2a2427d54e15d5cf1691c96bb17d0e23627352903e75a456b82297c0n/aHeodo
2020-10-29Doc-2020_10_29-2322.docdoc bd3531875b303e0395178fb8d3aa3dedabada2cb53d5b937c2d75d18aebd1ccdn/aHeodo
2020-10-29Arc_20201029_B8795.docdoc e895c7a1014ab6e9d57b711022b94f17023499b324506905016ce082116e1ee9Virustotal results 18.75%Heodo
2020-10-29Arc.docdoc 40b5cfb07bfe07ef46227908b2100c029a89510b2163987903208888a7cb2b8cn/aHeodo
2020-10-29inf TRX0966.docdoc 2ff98af91a225c80b401fe8e703e3d9db3b1e12eb03b87ce21e04b2fea2432a5n/aHeodo
2020-10-29Rep_20201029_G20235.docdoc 01ba58403e5e92440779e53390420eb7a6402a07bb531cb2b731401e06b617aan/aHeodo
2020-10-29file_2020_10_29_2061.docdoc a0bc4d1a2081511e34608a2aa02077ed238f352f621b6df2a35f754b47e4536bVirustotal results 17.19%Heodo
2020-10-29Dat 2020_10_29 493449.docdoc dce51d790dc49f7793cd69276a7b5751266d5e3fa69a71432b97156ee0a4751fn/aHeodo
2020-10-29dat 2020_10_29.docdoc db712b8e4b8a235622a0628fcd5b5fcb9d8ce8566c6c4eee0c0a15a517062b45Virustotal results 17.46%Heodo