URLhaus Database

You are currently viewing the URLhaus database entry for http://windfarmdevelopments.co.nz/INFO/EN_en/Invoice which is or has been used to serve malware. Please consider that URLhaus does not differentiate between websites thats have been compromised by hackers and such that has been setup by hackers for serving malware.

Database Entry


ID:91115
URL:http://windfarmdevelopments.co.nz/INFO/EN_en/Invoice
URL Status:Offline
Host:windfarmdevelopments.co.nz
Date added:2018-12-07 11:45:20 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-07 11:46:13 UTC to abuse{at}umbrellar[dot]com)
Takedown time:4 hours, 58 minutes Good
Tags:emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-07New invoice 8UGI0519.docdoc675e14f09c02b7bc965d1e9d3c4a4ca5b5b2f9825306c0d5453a6aeed2de746eVirustotal results 16 / 60 (26.67)
2018-12-07Accounts - Invoice.docdocb64affd51090ac7a0e74057f5e4790a9c4a05173504155c20ba09156341e4622Virustotal results 17 / 59 (28.81)
2018-12-07Latest invoice - 321065.docdocbe07b1fdd8757fd6dd73b8a56bed5c5251aa9bbda450265bf5422ae7c58c1480Virustotal results 15 / 58 (25.86)
2018-12-07Statement as at 07.12.2018.docdoc4e994a0e0979997e2c0d46e69f266db26775a66a2e084f1dc1345ceb367556a1Virustotal results 15 / 61 (24.59)
2018-12-07New invoice 70WPT8303.docdocb0c29c173e40000a666bfe63d32877b4b09116f1180b51d44e717cffc7563d8dVirustotal results 16 / 60 (26.67)Heodo
2018-12-07Statement as at 07.12.2018.docdocd43905f9831dd45024b413dff8cabbf4d4216e63caaddc254eaf118628825792Virustotal results 16 / 59 (27.12)Heodo
2018-12-07Invoice Query.docdocb6187d02b1f3f02f23ac518f50c6b04040866565ff146ccac411a6702ad694c1Virustotal results 18 / 60 (30.00)Heodo
2018-12-07New invoice 96FCO3034.docdoc44ee15a0adf5d37f1089f56afa9583d001083292c5be0ab149842397e84d3e02n/a
2018-12-07Month notice.docdoc733724cd6ce25ed3d5e92a3c515662740e27e37106945ce01210b8cb65bdfe60n/aHeodo
2018-12-07Inv. no. 7Z5I38567.docdoc75e804ff47518aa610ac6968198ecb5c1e2e927ca4fd6bc869e979787e47ab2fVirustotal results 16 / 57 (28.07)Heodo
2018-12-07Inv. no. 3ZD23423.docdoc445119cdbe8fdab8457ce7c19335a6e52a3badaa3c1b4e32b6af2c91e5514cb4Virustotal results 16 / 58 (27.59)Heodo
2018-12-07Review invoice required.docdoc70850c75f51b5fd05d22bbeca9b011705375f71cab669e802140626376563e9an/aHeodo
2018-12-07Final notice.docdocd7333f9048dfe7ec88a8a146730105ef1370b2e00eec7f7c11da444a92dde162Virustotal results 17 / 59 (28.81)Heodo
2018-12-07Customer No 9501202.docdocf9380a7be3227ce423a2af7bc44a215c12149b63a1850d2582dd7ae66325d4a8Virustotal results 18 / 60 (30.00)Heodo
2018-12-07Latest invoice - 832227.docdocdd622df9ab616e7fa31ae9d160431dd96953bd297e8dc5294a2b339b77bbd9b6Virustotal results 18 / 60 (30.00)Heodo