URLhaus Database

You are currently viewing the URLhaus database entry for http://www.grenflor.com/wp-admin/attachments/0010230312818998/RbwK0gr17a66iqWyff2h/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:765400
URL: http://www.grenflor.com/wp-admin/attachments/0010230312818998/RbwK0gr17a66iqWyff2h/
URL Status:Offline
Host: www.grenflor.com
Date added:2020-10-29 13:36:10 UTC
Last online:2020-10-30 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-29 13:36:40 UTC to abuse{at}choopa[dot]com)
Takedown time:19 hours, 3 minutes Good (down since 2020-10-30 08:40:29 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-30Mes 2020_10_30 RZF16231.docdoc f1e01641661278118bf595254db09d4e93c4f3ebf0861ae8d549852b7e00bc08n/aHeodo
2020-10-30Attachment 2020_10_30 OV59648.docdoc 612b66140b3b1ee1d77949fe254bb8348132d29b07fcbf108dcf5b85e98575b4n/aHeodo
2020-10-30Mes 20201030 5789.docdoc d2586bfe71887b55049e481ba9900cf860e8bd1247f93938a59519db3581f374n/aHeodo
2020-10-30Doc_GJZ6920.docdoc a23870c30cd12d8e0cc06995babd103045a2fd520fb125c0d84116139f825083Virustotal results 27.87%Heodo
2020-10-30Dat-8942818.docdoc 1d155be37cf38fd0b848877f9e628c9b5ad554526e058dd105de59785af38597n/aHeodo
2020-10-3083369096-2020_10_30.docdoc f75c189b8a815089f824f8ee0fbce3901f2a998615e0bb273da49e24120b2675n/aHeodo
2020-10-30Mes_2020_10_30_O915.docdoc 49c26c43eb2d1a6902e08ac9fb28d01e2bbbb280158487ea75354dc80be59e31n/aHeodo
2020-10-30Arc 8993.docdoc 091deed14b5bf12ed9363d9252ff12388eb3aaf331490520e462d12823c9019cn/aHeodo
2020-10-30Untitled-2020_10_30-888377.docdoc 79f7cd44438757ed1abe02e2c701ed8821ca11d3be529ab25ee180cc0f2d9eban/aHeodo
2020-10-30REP_2020_10_30_7937.docdoc e2e6de43b6be5fddede5a4a3e017a0121e226df165b53021d13b45a2093bec34n/aHeodo
2020-10-30LIST XWA479.docdoc a2bf8d5a7361b5e31066653eb6522f5c2995e7407290bfe2a74296abe2914ff0n/aHeodo
2020-10-30doc 418432.docdoc 6c3e28e9d3fc3e6192e4e5dfe110ca2aeb96794d8dbed234856cf5ae32ac846aVirustotal results 28.57%Heodo
2020-10-30list-JC950306.docdoc 6b766925de9c4cda22bdd6c7da535788023c12dcd880a7ec02d40e69f63aca4aVirustotal results 28.57%Heodo
2020-10-3085811RC 2020_10_30 95380.docdoc 8c9ac44890b02ffbaea952b81add0bbbc5d847772b7d872371aeda70bc170f50Virustotal results 28.12%Heodo
2020-10-30rep-20201030-2510171.docdoc f85dfdadc90127312e82fee2bec640f2f4a69cc0509f36337e0078bc603109e7n/aHeodo
2020-10-30LIST-2020_10_30-WI00667.docdoc bbcefc8c00253b2f803fd51e84768525a6fbc85a48189ba3e23a6af208570f74n/aHeodo
2020-10-30UNTITLED-20201030-1461.docdoc 05b836813780375ab027f2424e9846c3026e6340b097f3a74929e9381fdafda7n/aHeodo
2020-10-30dat 20201030 FY3052.docdoc 48229a50f7bb4368a0658ac1d5ae622b9907092d76d0140b7ae4b251c7f293cfVirustotal results 28.12%Heodo
2020-10-30UNTITLED_H514.docdoc 57209365f4fe0becb469a7ff5bb5701651c82c8b3d576f486ca86ff872654785n/aHeodo
2020-10-30INF.docdoc 34ebdddd214c6abbd22fc74af04fdf1d1af2b6ad1563f85e1d2c63ddd5f4be05Virustotal results 29.03% 
2020-10-296531ZA 20201030 8516564.docdoc 39aac454150ec504ceb483a99e30bdcb29a3725664a6ef2e1a02c37f57569e91n/aHeodo
2020-10-298542.docdoc 04994a1c8ed2e114ae0ae3ace2037a957983121aa110568738e22db0f364bd03n/aHeodo
2020-10-29Mes 6452.docdoc 1c802678220f65ea3b50e82874a9888689aec3c069499e2941f3bfc7d001c726Virustotal results 27.87%Heodo
2020-10-29Arc_20201030.docdoc f6ca4cdead1cf4c5890ad087e9e980fe7c3deba7f95e71e8d3011aa8a7a7904fVirustotal results 29.03% 
2020-10-29INF_2020_10_30_0951.docdoc f7859c423dab46818b45b25833fd584c16ed8e13e40c154fbf31c4266f11566cn/aHeodo
2020-10-29LIST_20201030.docdoc 21ecf97e45b783a3190a5c6d8f636bade422be9afc2b033ace740c9d73ecc802n/aHeodo
2020-10-29rep-20201030-0873.docdoc e65980d588f0fd5d79db25edfc5ef6d7fea680a7d3c857569dbd110067369398Virustotal results 26.56%Heodo
2020-10-29Attachments_3747.docdoc a5ad6fe2f4146407a19be9ce04e1e2aa46dd65ab18db2de33d685f6aa9e4702an/a 
2020-10-29File_5589.docdoc 17e2e96a148de278079850a8abf75b73851654519727271f938bf364c5ca5c04n/aHeodo
2020-10-29Rep 20201029 1613.docdoc b6d3678fe3bec7bf0bd077827bb31835e195f7ddc4cb9e85ad7dc33d0b77beb0Virustotal results 26.56%Heodo
2020-10-29doc K919.docdoc a9adf996fc16c172ac4f9b304cd5bba6914adfff11025c697e9c0ade0193e353n/aHeodo
2020-10-29UNTITLED 20201029 LPA1648.docdoc 0d6b83538fc959e35cc30252228e00ccb41da37d1a878b51f262bb0335021ab5Virustotal results 26.98%Heodo
2020-10-29Dat-2020_10_29-3511270.docdoc 3ce86ebeb7522e05953bd5076f603c7937e47449bce8168d8ec536b1c388d54cn/aHeodo
2020-10-29dat-20201029-69356.docdoc 2596a9bbe9fa9be284038a35eadcc99e74491cb69132ad162fd980571f5d2184n/aHeodo
2020-10-29FILE_20201029_354.docdoc 5c9357004aabdd59025b4e6cff228ddf6e9ef59b9bc97fffc36d36fe7ce8f421n/aHeodo
2020-10-29Doc_KST7450.docdoc 7fa1c7ace1ba11e4fbc48717f99d9c89eae69513ced096b9c886bd1d5e77bb9aVirustotal results 27.42%Heodo
2020-10-29dat-20201029.docdoc d95a7e2a7ff160ce3abf770617c927d7af7fc0bd7eb6e5e33f5d43430a62cf54n/aHeodo
2020-10-29Q00611_2020_10_29_26782.docdoc 2b6bf06663b63251018866acf0a7fed5d2caa85b0c51bb12b7c63567dfb01cd8Virustotal results 22.58% Heodo
2020-10-29DAT 20201029 152.docdoc 2a3f825aab34137f80278d609cc6daf04d4f3b44095a9223c87e74dbc98baffen/aHeodo
2020-10-29MES 2020_10_29 IF1189.docdoc 35cfc30ee33e7eb03d137ab3213c99f84c77f31a53101a9f5cb34fd913444d8eVirustotal results 20.00%Heodo
2020-10-29626_20201029_TA687.docdoc f9ced4f3230da05ce91d86336fbf75e2da5b320150500353b62b56d125fd288cn/aHeodo
2020-10-29List_20201029_XXX000.docdoc 5597d783bf7dc649677795638f8bbd5f97676ce49e443df3ee1fd032008f5609n/aHeodo
2020-10-29ARC.docdoc 46d9e560db1a1d687d58d92ded82cd4ddc77a154a7c66bcc99d628f7386c97aeVirustotal results 20.31%Heodo
2020-10-29VXQ7893 2020_10_29.docdoc 64a2a43f4b113935ec4cf64a5e787dcd48befc91cbb8ce681c6740d8c021371cVirustotal results 26.98%Heodo
2020-10-29Rep_20201029_OBD155.docdoc 8ab54690fdeec1b65b8c0cfd80c9349c721d5944e4a074d310c93ae5ff729317Virustotal results 26.56%Heodo
2020-10-295541-20201029-5745.docdoc b0774331faab78112421f3a844ba7b32f13d2c9f8fc32ddf5c384094e92b8d93n/aHeodo
2020-10-29List_L7448.docdoc e84ed79c1be101e6bed71ff5e4af97ba2e2de483f32699bdd0932fd64f051434n/aHeodo
2020-10-29File 821.docdoc c4576ef3b6d4f5bc1728a25cfce9f3574e9fa60a5f6aa8874a625255ae74deecn/aHeodo