URLhaus Database

You are currently viewing the URLhaus database entry for http://dominioncayman.com/newsletter/EN_en/Past-Due-Invoices/ which is or has been used to serve malware. Please consider that URLhaus does not differentiate between websites thats have been compromised by hackers and such that has been setup by hackers for serving malware.

Database Entry


ID:90358
URL:http://dominioncayman.com/newsletter/EN_en/Past-Due-Invoices/
URL Status:Offline
Host:dominioncayman.com
Date added:2018-12-06 17:13:15 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-06 17:14:33 UTC to abuse{at}bluehost[dot]com)
Takedown time:1 hour, 53 minutes Good
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-06Statement as at 06.12.2018.jsjsc4f512c2d048dd1c011d25be24c7f6694bb422a52288990ae305f60d02bf884bVirustotal results 2 / 57 (3.51)
2018-12-06Review invoice required.jsdocfedef414c90295be4a003d4c1391dda086ac185fc435eb8d445a491323fd4872Virustotal results 17 / 60 (28.33)Heodo
2018-12-06Accounts - Invoice.docdocbcd2d834538fb6f6ea0f7857f613f95ea5399e2ad1bcb46f827180509059eba3n/aHeodo
2018-12-06Outstanding invoice.docdoc79581b2546412ce896e213275e07e854fbadeeffaf879cab5d3683b40f0ba341Virustotal results 16 / 58 (27.59)Heodo
2018-12-06Inv. no. 4889T1025.docdoc978782fae3e9b51e50c9efdfe0ccd04e389c1e26e0218ca10abee7b761a5a7beVirustotal results 16 / 60 (26.67)Heodo