URLhaus Database

You are currently viewing the URLhaus database entry for http://nt-kmv.ru/Telekom/Rechnungen/01_19/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:124371
URL:http://nt-kmv.ru/Telekom/Rechnungen/01_19/
URL Status:Offline
Host:nt-kmv.ru
Date added:2019-02-14 11:48:15 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-14 11:50:08 UTC to lir{at}webhost1[dot]ru)
Takedown time:7 hours, 2 minutes Good
Tags:emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-14JAN2019rechnung.docdocf0edfa20b32ddd99a92658da5f696222e0f1d4c99afd9e2c2a8a48b9fd7b261dVirustotal results 12 / 55 (21.82)Heodo
2019-02-14rechnung.docdoce659dc03dfe534ba5abae46047a329043002e7f1560a4888a49dcf31f9958399n/a
2019-02-14JAN2019_rechnung.docdocf12e124637c07cad9b7e1ce7becc22d4e6235674806bbf5a9c219338640f8a99n/a
2019-02-14JAN2019rechnung.docdoc7bbcb13ba9df7f6d8fa33c2b581cdd1ae42407ba604bb6b4c883e41f41601590Virustotal results 12 / 55 (21.82)
2019-02-142019_01_rechnung.docdoc405c63169f1c46e32b7103215fbdf3b4dfeb40ed21e5c5f9d953a747d4690813n/a
2019-02-14rechnung.docdoc93d436758cc24dfad3d575c3794ccbed12ff44d6d9f0d76bc428c470d5b89608Virustotal results 11 / 57 (19.30)Heodo
2019-02-142019_01rechnung.docdoc547b9761464a9037c1aa76c52178b5d141ab790adce4e100d9fca489d1bdc461n/aHeodo
2019-02-14rechnung.docdocddc7f188c59c03ef24d8f5ce2f3d9d93dd9c9fb6a9072bf30700a080e17a15bbVirustotal results 11 / 52 (21.15)
2019-02-142019_01_rechnung.docdocc2b792f0e67f6982b6bf54bfdc5e88541f7af446f8225027b7c3cc2c98953c42Virustotal results 11 / 57 (19.30)
2019-02-14JAN2019_rechnung.docdoc6d9d5380030787a8ad52a037a7d73de960b6c33b00ac97ffa04345a9afaab342Virustotal results 11 / 55 (20.00)Heodo
2019-02-14rechnung_01_2019.docdoc8fa8e6f9ce5b34d88fa570fa7630419dfadd71d24c3b29634e361dbf85bfdcd8Virustotal results 11 / 53 (20.75)
2019-02-142019_01_rechnung.docdoc1e98f156e7ed7d59838b17ed0eed92bb7be5aa6ca24adbf309248519638c7567Virustotal results 11 / 54 (20.37)Heodo
2019-02-142019JAN_rechnung.docdocadb2c71003bea01e720d6237f14058785bf3721f138d4f401a6c5a46c43eb915Virustotal results 11 / 56 (19.64)
2019-02-14rechnung.docdocfbebf124c9bd0eb283ce8c38e47aacd82fce8d87379aa5138b0e78312e2829aeVirustotal results 11 / 56 (19.64)Heodo