URLhaus Database

You are currently viewing the URLhaus database entry for http://holhaug.com/Corporation/En/Paid-Invoices which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:90028
URL: http://holhaug.com/Corporation/En/Paid-Invoices
URL Status:Offline
Host: holhaug.com
Date added:2018-12-06 07:09:03 UTC
Last online:2018-12-06 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: zbetcheckin
Abuse complaint sent (?): Yes (2018-12-06 07:10:02 UTC to abuse{at}webhuset[dot]no)
Takedown time:1 hour, 21 minutes Good (down since 2018-12-06 08:31:05 UTC)
Tags:doc heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2018-12-06Customer No 0518346.docdoc d3599b8efea207a7c1409f1ba61c88ecef4e43bae46a198df54bf3c32f311d9dVirustotal results 25.42% 
2018-12-06Invoice Query.docdoc 8f3311068116f2cc85e5f13c5c123d354d5a643ee9cbc1ef5a7df26c91918e2dVirustotal results 23.73% Heodo
2018-12-06Accounts - Invoice.docdoc 01810c38fb69666e7ef772b54ac8f527936a4dff0146a573bfac516270497580Virustotal results 25.00% Heodo
2018-12-06Final notice.docdoc b5ac00ed3d9b9491ce4be7590fea3c9e26e11c29f55148f1d95f3efd4895fb6aVirustotal results 38.98% Heodo