URLhaus Database

You are currently viewing the URLhaus database entry for https://countrynavigator.com/ark-aberration-66ay4/invoice/1xw2clr-830449/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938753
URL: https://countrynavigator.com/ark-aberration-66ay4/invoice/1xw2clr-830449/
URL Status:Offline
Host: countrynavigator.com
Date added:2020-12-22 16:28:04 UTC
Last online:2020-12-25 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 16:30:41 UTC to abuse{at}amazonaws[dot]com)
Takedown time:2 days, 12 hours, 41 minutes Poor (down since 2020-12-25 05:11:49 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-22Invoice.docdoc a61add91d1ec99ec85463137cdefd5a4f56e2bc5885b00b4fdb840347ed6ab4eVirustotal results 44.44%Heodo
2020-12-228724387132.docdoc e260ebcc424407f8a7a36a93ba13ec37a0a8f3021c5dc219cfdaa0dc94ce8a8cn/a Heodo
2020-12-22INV #7968 FOR PO #00011453089.docdoc 4b88a84e389abb44331350f8658aa02ad80990f59c8d7dd1cfbabfc536cc6744n/a Heodo
2020-12-22Form.docdoc a0aa13db6c8109cee5544abb9e28e2455ced6b65a3a34f0b1502989fb24a411fVirustotal results 45.16% Heodo
2020-12-22PO# 12222020.docdoc ad90bb43250d4bd151050ca6277069a35fb085fb13e34960b5ae47307c646b06n/a Heodo
2020-12-22Form - Dec 22, 2020.docdoc d824065d7cdb0eff84e3f155c253b1a452e5fbf701a8d35d48ceff78c751ce99n/a Heodo
2020-12-22Electronic form.docdoc c6d8d0a96a53cb9daa207f66116c20fba8be3dc5688f7d3d82adcc5326fdaf85n/a Heodo
2020-12-22INV_72737.docdoc 382bdfcc6d008bf43aec410d276a8d5a062e4664bd75989fb5033f5599639f9en/a Heodo
2020-12-22Inv_7791592.docdoc f817b73b9dfcc5de9d4dbb3e5d797449f155c6f1faa7991e9199de0c9e23c6f9n/a Heodo
2020-12-22Form.docdoc 12f838b1c2ed2f0cb4894b0b914b4492a91c20081f537c1590abb5c60b9994cbVirustotal results 39.68% Heodo
2020-12-22Payment.docdoc fb888f92c6e162fbffb452a01ed94f8f9913fb0a5ca7c9aa32809b3fec2279d1n/a Heodo
2020-12-22invoices 86182 & 27549.docdoc 2df9d5b2d6e0c788ba630c2fcadfd27aedc488e931c33401567bf11e5307cf46n/a Heodo
2020-12-22Invoice.docdoc 19e8d382a8d268c0daa99c59d6e6a199006770f0a1d51ee76c78332ea48f8bc6Virustotal results 45.16% Heodo
2020-12-22Payment.docdoc e1385a8de4aac8346474131025f25298dae1042d18999a916ce8187e8325bfddn/a Heodo
2020-12-22Form.docdoc 0d16cfb714e27c47b5256fd37ac0a0850f012f2b9b2214b67e57dace37502070n/a Heodo
2020-12-22Invoice 00Iz5o9hR.docdoc c12da5cf42d129267d61867d8369e7af38212f680f03c3405633303a41e0af9dn/a Heodo
2020-12-22invoice.docdoc bd013d853c82ccb4e861a4b727808b2ddc0676b8dd5829d41dfe1defb062d858Virustotal results 41.27% Heodo