URLhaus Database

You are currently viewing the URLhaus database entry for http://pentaworkspace.com/Telekom/RechnungOnline/112018/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:93511
URL:http://pentaworkspace.com/Telekom/RechnungOnline/112018/
URL Status:Offline
Host:pentaworkspace.com
Date added:2018-12-12 11:37:04 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-12 11:38:14 UTC to abusencc{at}interserver[dot]net)
Takedown time:5 days, 10 hours, 0 minutes Bad
Tags:emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-142018_11_rechnung.docdoc65916dfd8504a45611253a9628858ffe2647d33def6187e2fca8fbae3d49afacVirustotal results 16 / 58 (27.59)Heodo
2018-12-14rechnung.docdoc3b24d76096fdf4ab3485e5e8aa12356bf01f45fc0c9056d671ae10d4b6f845e3Virustotal results 16 / 59 (27.12)Heodo
2018-12-14rechnung_11_2018.docdoce46604e5064c8c9099abfd234bc596519f408b5ffb393e83f4c71e18803b95a1Virustotal results 16 / 58 (27.59)Heodo
2018-12-14rechnung.docdoc5e625f8017ba448cb6adf7bb2385dd707552a7e4a802365f71c56568478abb57Virustotal results 16 / 58 (27.59)Heodo
2018-12-14rechnung_11_2018.docdoc0ee9adbd373664d818af5761e38aac1bf4b840c6dd14e4f635dfaa1e011d373eVirustotal results 16 / 59 (27.12)Heodo
2018-12-14rechnung.docdoc706357d42e6415e2987f03bb2e38437637310d3a1acc4f3dc62646a16ad6e801Virustotal results 16 / 58 (27.59)Heodo
2018-12-142018_11_rechnung.docdoc8550e59e967d60ca4422b09f0567b1e5ddc5ca5b04ede1ce057b3173454f64d3Virustotal results 16 / 59 (27.12)Heodo
2018-12-14rechnung.docdocd0437fa2de82aa9faa787896e64910380e71b40831a6b56c0067394fdcc5916dVirustotal results 16 / 60 (26.67)Heodo
2018-12-14rechnung_11_2018.docdoc4593d31313c8f5d29aecabf1c5e6989c5b358e0770fad2d335ed36cf65523b14Virustotal results 16 / 60 (26.67)Heodo
2018-12-14rechnung_11_2018.docdoc896c6b5ff26302c631a8820277f23509fbd3e05a7f02d2b776ea8c0c9d5ad61fVirustotal results 14 / 58 (24.14)Heodo
2018-12-142018_11_rechnung.docdocf97acce820ee97a45401efaffeeab8e09cf2930406d0f9d640f51cac380db593Virustotal results 16 / 60 (26.67)Heodo
2018-12-142018_11_rechnung.docdocf81f654a72d8c57122485997647a6028d395939dc375441206f0474535ce6c1fn/aHeodo
2018-12-132018_11_rechnung.docdoc484e4f08d86dceaa6b9e865bbe668f5f4866ff0be9f7b07a311e10f878f53323n/aHeodo
2018-12-132018_11rechnung.docdoc2d9af47bdfaad60fbb8ef0a172a35cfa53e7aacd2be8b97baa40974b0e3aa307Virustotal results 20 / 58 (34.48)
2018-12-132018_11_rechnung.docdocf251751e4ba8f30f10322347143d2506d8799e2a3c3845599d2c562ec2af3e8fn/aHeodo
2018-12-132018_11rechnung.docdocdbc00665a8f9036492218e8fc7778c07104a73fb81071dfea860cab08e691728Virustotal results 16 / 59 (27.12)Heodo
2018-12-132018_11_rechnung.docdoc0cd0cbda1908982ff9cbd6a39ad9cad7d01e639ecf618ddb203c2756d770c769n/a
2018-12-132018_11rechnung.docdocac09f502c5c64fc9d73e72b58689007a3a35d6db13d057226152a87ccb3f1011Virustotal results 14 / 60 (23.33)
2018-12-132018_11rechnung.docdoc423e678f591aa029ba338d8d76c9bdced507b2865d942751416d79997677cecen/a
2018-12-13rechnung_11_2018.docdoc2a0628c4419abfb29c1f683ba7a2fde9bf736d835e98746449e2b4b6bc725109n/a
2018-12-13rechnung.docdoc677aa367cd9e796e75b3a75f698afd8fca56e94cab34246edf02f1d9c7537935Virustotal results 13 / 60 (21.67)Heodo
2018-12-132018_11rechnung.docdoce4b24511cc917ade7426299c2cee9c3dd93fd2c90e2c30a5915e95e529160b9fVirustotal results 14 / 60 (23.33)Heodo
2018-12-132018_11rechnung.docdoc05d136bf4009fa6fe0cfaa756e26cd7f8bee560a561e1396dd16d3cdb37cac59Virustotal results 14 / 61 (22.95)Heodo
2018-12-132018_11_rechnung.docdoc96d32f55441adfa5f5766d157cc7f79e770db6d41ee4bb7e87e156669e402162Virustotal results 14 / 57 (24.56)
2018-12-132018_11rechnung.docdoc3f5f082e6d5d107314fc35db7baa78b4a10463c270926af9c1e646e70f45e5fdVirustotal results 14 / 59 (23.73)Heodo
2018-12-13rechnung.docdocb9a169c94696cd1499fad1285ace781057e7001586cb0c775fbfc0c279a5ec56n/aHeodo
2018-12-13rechnung.docdocdb527bad9194f5fabea07a8c43feebd21516d898699dc1100560867d587362ban/aHeodo
2018-12-13rechnung.docdocece8a2d5c751d99376de4f62d85b978038d2ab92c9db6694583eb1f4264fe393n/aHeodo
2018-12-13rechnung.docdocf365b545039c24acfc669d4ee12abe17de6173dc32af33664c9cc2afc187de0an/a
2018-12-13rechnung.docdocc472e9d526226fc4c9eaede772ab452dabe3c31446fbd67bc2ae546246bc9d03Virustotal results 14 / 60 (23.33)Heodo
2018-12-13rechnung_11_2018.docdoc91dd4be6abe4cf914d86fc33764a13d63342933bae146b368b9d5c441162191cVirustotal results 14 / 58 (24.14)Heodo
2018-12-13rechnung_11_2018.docdocf46b7b5d33cf825b1fa2eaf6f6442fc7eeae41cdf3ff575be9ca226496baa978n/aHeodo
2018-12-13rechnung.docdoc0424926fd484b6c0c7c545567ec406850279dc8ecab71e1d4ddb69212028c1ebVirustotal results 14 / 59 (23.73)Heodo
2018-12-132018_11rechnung.docdocdb37ad102162222df58bf0bff85724dbc9f226716f99313b8cb65e69e2efcfa6Virustotal results 14 / 58 (24.14)Heodo
2018-12-132018_11rechnung.docdoce93dd861353e882a0f8818fbbb1eb493a1f5a3861ef80e9883be983dacffe633Virustotal results 16 / 58 (27.59)Heodo
2018-12-13rechnung_11_2018.docdocc78c8eb870618dfc2da7c077942bc47e8ad4b235b0cb2259b8d0c49c26e3b520n/aHeodo
2018-12-132018_11rechnung.docdoc69525cd72d6eaf60802f35616ac60fd96847d2aa09c96bf7858c674e545cd1adn/aHeodo
2018-12-132018_11_rechnung.docdocb2f01cea0e17be4d633abf708a887e372f71e646f4d36bea37b52c072e6435e4n/aHeodo
2018-12-132018_11_rechnung.docdoc5287feb27244d2fa5835a1730b9b49ecf1434d780c916ceecdb562158e7639afVirustotal results 16 / 59 (27.12)Heodo
2018-12-12rechnung.docdoce66d5b668b2d8b431a715096d6b199be7b6ced7e163d06bcd8e64cc80cfce589Virustotal results 15 / 58 (25.86)Heodo
2018-12-12rechnung_11_2018.docdoc8dc2f867b0438d3c4ee56aceace6157232f1a6659bf8834366123c38d5a4c65cVirustotal results 18 / 58 (31.03)Heodo
2018-12-122018_11_rechnung.docdoc4bb6554b1b95112ad05cec72da992f5dbe962ffa23f1a01f701ace9dc75a1991n/aHeodo
2018-12-122018_11_rechnung.docdoc72c0d03123ede38090f0e3ec953918db4f7441edaa38ab6622b70f50f2498d17n/aHeodo
2018-12-122018_11rechnung.docdoc3e06084037019410dfa211805b4c64b16809d4b65f09cc97f84b36e5ff34b0f2n/aHeodo
2018-12-12rechnung.docdocbcb39225f268283dcf3e10cd6c8378e9f83d71492cf868f0d2fcd4de224c93f1n/aHeodo
2018-12-12rechnung_11_2018.docdoc9a4dd4555c789717f71eb97ed47a9bf48148100ef63c5e6119a96a0c876304fan/aHeodo
2018-12-12rechnung_11_2018.docdoc3c3a21452a6698f2318b24c67aeb2d4fccd09cbd36abe657b350888f7cf5eb01n/a
2018-12-12rechnung_11_2018.docdocb36bfa7e519a53af961f17c510fb799b40f98aa02dd62ec1bcf602ff34676e29Virustotal results 10 / 57 (17.54)Heodo
2018-12-12rechnung.docdoc5d6f4fff299ec53ea745ea0805fff0e1e1bf3fb73beef86f5c1dc2b51834de18Virustotal results 11 / 58 (18.97)Heodo
2018-12-12rechnung.docdoc5b63b025ef3caf48fdc8ded39e123ff2b51eb1c00b0433a67e5eef679dea2240Virustotal results 13 / 58 (22.41)Heodo
2018-12-12rechnung.docdoc31ab261f536e6a787dec7d30e480dfb5c984851f05246c22ddda16079a56c0bfVirustotal results 13 / 58 (22.41)Heodo
2018-12-12rechnung.docdoc65acd856b49adf76399e1b5422b288cdbe51508857abfe8fb7b940998d0a2f89Virustotal results 14 / 55 (25.45)Heodo
2018-12-122018_11_rechnung.docdocd3569e2066199f46928c41660b38c62656c54740b7e7c7f1e420191fce3958b5Virustotal results 13 / 59 (22.03)Heodo
2018-12-12rechnung.docdoc39a9d4098775c218cbbf699c28cc7565c7725a9db54ebbb10f77727897f1f0f1Virustotal results 13 / 58 (22.41)Heodo
2018-12-122018_11rechnung.docdoc0cd8736b5919fbe8bd2692542c22af72ea2996359a34e2ef56b8be663e4ddde9Virustotal results 12 / 60 (20.00)
2018-12-12rechnung_11_2018.docdocd14f4d5f26831a16fd4a5c749f02e43e1718145291af18915922e1104e6435eeVirustotal results 13 / 60 (21.67)Heodo
2018-12-122018_11rechnung.docdocb22e4d19c3b58cec1ed28b8057374cef059e6fdd56cd2fd30c0e5a74e5c5765fVirustotal results 13 / 59 (22.03)Heodo
2018-12-122018_11rechnung.docdoca501ffd3b2facadafa0c7b35978c9e5ba78c18e74ec548eff36c5e069dc54360Virustotal results 13 / 58 (22.41)Heodo