URLhaus Database

You are currently viewing the URLhaus database entry for http://www.bjrgroup.co.in/default/En/Paid-Invoices which is or has been used to serve malware. Please consider that URLhaus does not differentiate between websites thats have been compromised by hackers and such that has been setup by hackers for serving malware.

Database Entry


ID:91194
URL:http://www.bjrgroup.co.in/default/En/Paid-Invoices
URL Status:Offline
Host:www.bjrgroup.co.in
Date added:2018-12-07 14:43:17 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-07 14:44:04 UTC to abuse{at}publicdomainregistry[dot]com)
Takedown time:2 hours, 0 minutes Good
Tags:emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-07New invoice 2O5W6896.docdoc8e97d127098e802a45e9aa402ec0e59d40a11a071585ac48f3aed60e3de441c4Virustotal results 15 / 61 (24.59)
2018-12-07Invoice # 39W946089.docdocb64affd51090ac7a0e74057f5e4790a9c4a05173504155c20ba09156341e4622Virustotal results 17 / 59 (28.81)
2018-12-07Customer No 4453066.docdoc8aeae211e89dcac7f074496fa3018f73184161d2f642813ddc658d7ad9db2e7cVirustotal results 16 / 59 (27.12)
2018-12-07Accounts - Invoice.docdoc581e7322574776e434c10f353a189485bcf5403e71404f6dfad325e67e7492abVirustotal results 16 / 60 (26.67)Heodo
2018-12-07Invoice.docdoc032d122c15ba0ca02f1c1bb4ebcf8f11924287c90fc0a330feb15b05e1065943Virustotal results 16 / 59 (27.12)Heodo
2018-12-07Review invoice required.docdocb0c29c173e40000a666bfe63d32877b4b09116f1180b51d44e717cffc7563d8dVirustotal results 16 / 60 (26.67)Heodo
2018-12-07Invoice.docdocd43905f9831dd45024b413dff8cabbf4d4216e63caaddc254eaf118628825792Virustotal results 16 / 59 (27.12)Heodo
2018-12-07Invoice # 0K4841757.docdoca298c91f874b492ce4a034e35b6fdb034a7ef99a4726c3c26a2f3c15ab253a27Virustotal results 18 / 59 (30.51)Heodo