URLhaus Database

You are currently viewing the URLhaus database entry for http://bornkickers.kounterdev.com/wp-content/uploads/sendincsecure/service/question/en_EN/201902/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:148161
URL:http://bornkickers.kounterdev.com/wp-content/uploads/sendincsecure/service/question/en_EN/201902/
URL Status:Offline
Host:bornkickers.kounterdev.com
Date added:2019-02-26 22:45:22 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-02-26 22:46:07 UTC to abuse{at}digitalocean[dot]com)
Takedown time:1 day, 18 hours, 17 minutes Poor
Tags:doc emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-28Secure_message_67471461.docdoc3de9427fff565381158fc2a9ace2752d9e7f74718979f86dbb495ebc0ed2bed1Virustotal results 22 / 60 (36.67)Heodo
2019-02-27Secure_message_124241949.docdocxb99528c00d6ac14bf99ade801638f8deb78ba5c610ead5ca6ac68a69f95547bcVirustotal results 9 / 60 (15.00)
2019-02-27Secure_mes_4873035320.docdocaca06c8f7084de9ab72d8a361d327f4795a70e26296f196a5638fc6bb0641401Virustotal results 20 / 54 (37.04)Heodo
2019-02-27Secure_message_2521833399.docdocd6fba7cc6d1bf18162b4f93ae9edf531ac5e7c4a94f5ec2b66d2132fd6a3497dn/aHeodo
2019-02-27Encrypted_message_0928670324.docdoc91c28ce218ea2714f34e1f1282713030db675cc1a349a766ebb2e1cbbcf07853n/aHeodo
2019-02-27Encrypted_message_74740028.docdoc72f1564103c5c69cab5221731c42bb6eea30a8ce8d4da8015d052f71b3849f5fVirustotal results 20 / 52 (38.46)Heodo
2019-02-27Encrypted_Email_file_6903467225.docdoc38fa382996c415286f4d6dd5eef8a91120b190cce21b4805f0ca98f2d842ae17n/aHeodo
2019-02-27Encrypted_message_12369710.docdocb033b23434817a743849e2a2d060ed9cb0532220f533e5cf55360722b6ea17e0Virustotal results 19 / 56 (33.93)Heodo
2019-02-27Encrypted_message_50123993.docdocb66a1fdd95b1100a673947c3d858ac69fb5cc46fa72ba89a44222a9894c6c8acn/aHeodo
2019-02-27Encrypted_Email_file_97070185.docdocfe83c159702930a78c43ff4befa164b315140c93b717d2a987742b7f9b56fb69n/aHeodo
2019-02-26Enc_message_78412770.docdoc95a8aa1411f276844ac6779e6c23b766e5ec06073b710307884935e73411b1a2Virustotal results 19 / 55 (34.55)Heodo
2019-02-26Secure_mes_932521913.docdoc2f37984c5d62da70df37fe6a990206053d5e6280e10425e4d27691278cf913c6Virustotal results 20 / 58 (34.48)Heodo
2019-02-26Enc_message_3364092211.docdoc192cd102c7fda37f2d7f0a6411ce9fb3a95a00bd6021280c466682d7850a94ebn/aHeodo