URLhaus Database

You are currently viewing the URLhaus database entry for http://www.spa-mikser.ru/IRS-Press-treasury-gov/Tax-Return-Transcript/ which is or has been used to serve malware. Please consider that URLhaus does not differentiate between websites thats have been compromised by hackers and such that has been setup by hackers for serving malware.

Database Entry


ID:90735
URL:http://www.spa-mikser.ru/IRS-Press-treasury-gov/Tax-Return-Transcript/
URL Status:Offline
Host:www.spa-mikser.ru
Date added:2018-12-07 00:53:29 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-07 00:55:06 UTC to abuse{at}jino[dot]ru)
Takedown time:9 hours, 3 minutes Good
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-07Wage and Income Transcript.docdocf6882dc5113226006ba2433ee8abd868e7c4d0f03ebbc8dbca15b467c31de0e1Virustotal results 17 / 60 (28.33)Heodo
2018-12-07Record of Account Transcript.docdoca0ae8dc7067939e82ef3fe6c1a3bed1b02cd2753f389fc3dd2588057b89fbdden/aHeodo
2018-12-07Tax Return Transcript.docdoc9f3dc68dc16a6e3405f859948513cd5bfe9924b2a607fec5c1ce224c90d26c5dn/aHeodo
2018-12-07Record of Account Transcript.docdoc18852bf23c9b884b8fdc58196963c3d7136d1c4286d0e56e77c349a30f4a69c2Virustotal results 17 / 59 (28.81)Heodo
2018-12-07IRS Record of Account Transcript - December 07 2018.docdoc97ccbf5ab78566c71934676fb4fa86a7608dc761ba79e557914564b4c995c9abVirustotal results 17 / 58 (29.31)Heodo
2018-12-07Verification of Non-filing Letter - 12 07 2018.docdocb9bb1c8920dfa548bad11ff04b2005f8a280fb7b3fc638bc9875353d67b246d1Virustotal results 17 / 60 (28.33)Heodo
2018-12-07Tax Account Transcript.docdoc1b5b25a9da4a3bb5f806bd07fa6e7ca7e1fe521bd29a385d7a864d66ad14aeb5Virustotal results 22 / 60 (36.67)Heodo
2018-12-07IRS Record of Account Transcript.docdoca8d2333c59975847f7447d4ffa97ec11f798bfce45b8f8c406472963f409572dVirustotal results 22 / 59 (37.29)Heodo
2018-12-07IRS Verification of Non-filing Letter - 12 07 2018.docdoc0f72c1defcae902417cf0393e8ef28143914b0b3f61cdce554ea018e181ff0a6Virustotal results 21 / 60 (35.00)Heodo
2018-12-07Verification of Non-filing Letter - December 06 2018.docdoc667f1ba1b96fba3bf761364aefa5e03b57fdbb00274f380fb24cb7d7a17ebf39Virustotal results 21 / 60 (35.00)Heodo
2018-12-07IRS Verification of Non-filing Letter.docdoc2ad637beed379f852e3a9cf85d3b0b5499c090effeb2adf6fcde17114d92cfacVirustotal results 22 / 60 (36.67)Heodo
2018-12-07Wage and Income Transcript.docdocab1d2d58da78b8f825471643d5741830d22d4b6e7ae1ab1c390b0246ca86ac90Virustotal results 20 / 60 (33.33)
2018-12-07Record of Account Transcript.docdocf461e1eb4042a119cb9a9c60a7c22ff4852c09ac99d7cf606ef340747b3997e5Virustotal results 20 / 60 (33.33)Heodo
2018-12-07IRS Verification of Non-filing Letter.docdoceadab41408383bc0cf958c289f9858cd8e957bfea5e6ed87c019c9f06703e3c2Virustotal results 18 / 61 (29.51)Heodo
2018-12-07Tax Return Transcript.docdoc5f50deac85a3e3e51cb6c6d7f8fa81f1e426281225e8e685c90a32f23c8b15d8Virustotal results 19 / 60 (31.67)Heodo
2018-12-07IRS Tax Account Transcript - 12 06 2018.docdoc4dbe1f57797a45a1604e4df92c5d526c9347f141f7452215746beef5e0900dd4Virustotal results 18 / 58 (31.03)Heodo
2018-12-07Verification of Non-filing Letter - December 06 2018.docdocca60a3eadea38e86f1e02b31a9f8516ee689a0a74bf24a6898dbbe02595a2182Virustotal results 18 / 60 (30.00)Heodo
2018-12-07IRS Record of Account Transcript - December 06 2018.docdoce984fed05fa026dae4499a7a4542ff509c81063e72709b6c19feea63670fb891Virustotal results 19 / 59 (32.20)Heodo
2018-12-07Tax Return Transcript.docdoca9cd8939572ef8dd0bd35ca2b712d24f599865b57b66d24883ddacf317c95442Virustotal results 18 / 60 (30.00)Heodo
2018-12-07Tax Return Transcript.docdocb77c69ef9bf6d7154fccf8b8d0c0ce3e3ae1243dcbf7ba77da915aea09364c84Virustotal results 18 / 58 (31.03)Heodo