URLhaus Database

You are currently viewing the URLhaus database entry for http://kolarmillstores.com/cgi-bin/l70zhg-u97ygqy-gnhznmq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	177972
URL:	http://kolarmillstores.com/cgi-bin/l70zhg-u97ygqy-gnhznmq/
URL Status:	Offline
Host:	kolarmillstores.com
Date added:	2019-04-15 17:53:17 UTC
Last online:	2019-04-18 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-04-15 17:54:05 UTC to abuse{at}ewebguru[dot]com)
Takedown time:	2 days, 23 hours, 57 minutes (down since 2019-04-18 17:51:10 UTC)
Tags:	emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-04-17	41632014576DE_April_17_2019.zip	zip	4d7940c93c5cd7639519b36114f0441115443cad278593796e650baa1fa0181a	n/a
2019-04-17	3683807163DE_April_17_2019.zip	zip	b4160110c08cf22b9e16f73dc5981d4bf0960a293416b3af17da4924e11cacce	n/a
2019-04-17	961260885173DE_April_17_2019.zip	zip	21ddf1785a61854b589aa355a0158bee6ff88eaccbf81070acde1f50ff713007	n/a
2019-04-17	1529466665_DE_April_17_2019.doc	doc	dfd14cdee37ce2e553ccccff81916d88857b9fef88abe657911e59c39d9bce4d	22.41%	Heodo
2019-04-17	3389989143_DE_April_17_2019.doc	doc	a5c7ef873c4dff06978f874ee497b2fd958b56e263244febc3b7e53eaa27517b	22.81%	Heodo
2019-04-17	62270209161_DE_April_17_2019.doc	doc	af507b0d98ed536a00361562696bcf00caa81b642eee407fdafcf89811f85ff1	22.03%	Heodo
2019-04-17	97435857508_DE_April_17_2019.doc	doc	642fe50465ced7e3d59a39e5776dc37e4c500a5cb9363d0c1ca2a7fdd72fa359	22.41%	Heodo
2019-04-17	60747938029_DE_April_17_2019.doc	doc	566c79acc5b6aca21ec8ad0859b2f53a1f0d4a00e793b4e6cba5fdb53cb2bafa	22.41%
2019-04-17	3007178833_DE_April_17_2019.doc	doc	dc80c7b6ddd24d941654891dfc10cfac301241ee4fc1fa452edba96cd3729045	n/a	Heodo
2019-04-17	45909840297_DE_April_17_2019.zip	zip	78ac689af90be07d7c25a1aed1d3ba822acf8d83fb87d26c5e472f45117bc98e	n/a
2019-04-17	814922332676_DE_April_17_2019.zip	zip	bf46fd6310b3d3036aa885284a08c74889707b0a276ed5317e9dc3d585a37c8f	n/a
2019-04-17	57206110440_DE_April_17_2019.zip	zip	9e411551dd8453e802355c567e98e2808f59c8643c1d411f5aa804f33fe67999	n/a
2019-04-17	327090351261_DE_April_17_2019.zip	zip	b8a9862cd3a035c2e64164ea81d90a7672d41619e708cf3de40ffc0ebfd1fccd	n/a
2019-04-17	1773989206_DE_April_17_2019.zip	zip	ebf919d30e30ef9b7775d9ffce5f6e1db85443d7e206e60d3fd4404a3f1ae37e	n/a
2019-04-17	7306541475_DE_April_17_2019.zip	zip	50ce5458c6c99114e69bffa20179cc7317a76b139dd80cb9d3f9092cd255f8c7	n/a
2019-04-17	559001251365_DE_April_17_2019.zip	zip	163d82aa526ac4158a6a892c39700ddc6a46bef32f850dc3362803bcb1abcd7d	n/a
2019-04-17	7013021566_DE_April_17_2019.zip	zip	2ce5668c1b47fb8df745cced4e638fe68b63d4842bcbd207617d9f0da1aee4e0	n/a
2019-04-17	214192066808_DE_April_17_2019.zip	zip	61843d0e8a8641efe957b1ce50e3115ae5cdc08dfc797cd7d3605007fe8e2800	n/a
2019-04-17	7787913960_DE_April_17_2019.zip	zip	ec02b8fc4af44bd79edef62ec73f18b6468b63cf7c167fc6868d6fb4ec3a79d5	n/a
2019-04-17	35528038327_DE_April_17_2019.zip	zip	3e0bc9f882b4b6b5e7726ba6d786218e0a186cf1cfdbdf3779333475249cf9a3	n/a
2019-04-17	6749121529_DE_April_17_2019.zip	zip	657bdd90b6040c4ef318c7c158c943ddfb8149f19a95c0fcc7e2da3451545ef9	n/a
2019-04-17	72041761040_DE_April_17_2019.zip	zip	b0d8a8fe4c13738a5331f90466ec604653529cde96321568d56e0ee9b6f00467	n/a
2019-04-17	332902790720_DE_April_17_2019.zip	zip	2b8072b65c05e99a5496f5ec686905ba73038ced8e13eac6c7214ba898513fdb	n/a
2019-04-17	600500322097_DE_April_17_2019.zip	zip	b1a62387e0913d77c7d2c40e33396b97b62a20c988633bcec4f485ff7d26d0f5	n/a
2019-04-17	82815269841_DE_April_17_2019.zip	zip	5eb43edb6f27c18dce448884ba0826e3ad53ec8ef16f7908edbba83a13e57e52	n/a
2019-04-17	914648852742_DE_April_17_2019.zip	zip	78979c7e7a151377f7b0c57435d6a18ddfd9980d4f64be0b2104b7fab75add90	n/a
2019-04-16	49115896844_DE_April_17_2019.zip	zip	ded15ec9c4431d042bcca93d6e0561f8d25b106ce166ebee6725cc8d83048ad2	n/a
2019-04-16	2372840919_DE_April_17_2019.doc	doc	3828b5d43c9a954b999a9aec7777e8a36b97d8a00de5ac023fbcd09b210cb543	25.42%	Heodo
2019-04-16	421790706473_DE_April_17_2019.doc	doc	318647298c1370e2a454acf4afaed6bf692d1bd51759b4a7e0e78e925148f1a9	n/a
2019-04-16	803342588530_DE_April_17_2019.doc	doc	4b1ccb75644b61d0f3c1df18a238066171bf3f3b8ffbdce21a963a032676bb61	24.14%	Heodo
2019-04-16	78779719256_DE_April_16_2019.doc	doc	3824b2db3b14d88a11d155d0894a6af22bedb3bc12a029f9563344208354aff6	35.09%	Heodo
2019-04-16	510717908009_DE_April_16_2019.doc	doc	8eba23049d725aabd84b63f8cd4b079c78f26cde6f7bb8be1d2477df0c0d5127	32.76%	Heodo
2019-04-16	9461451437_DE_April_16_2019.doc	doc	141e277b2165595334f404edd83397057b2a4ef8a52eb8edba79203f0aba44d9	30.51%	Heodo
2019-04-16	134472736941_DE_April_16_2019.doc	doc	33eb8eed7c8660a54e9b99e8b8719fa1a83484d5ba41805f1767cd8605d28fa4	31.03%	Heodo
2019-04-16	2622455029_DE_April_16_2019.doc	doc	033fa72fe48a853b99e41ed7467c1ccc488d5abe69dff887b8a6b7b2c5a5452f	31.03%	Heodo
2019-04-16	0874001828_DE_April_16_2019.doc	doc	7fae139edf9512b5788f271e05878e6d556721b4eddd8f556096824c3b9bec69	31.03%	Heodo
2019-04-16	789081841840_DE_April_16_2019.js	js	e328f1a48cce3e9220c38d847ccea9f81b6135d120bd76b224c4be21405f700e	7.27%	Heodo
2019-04-15	54210078528_DE_April_16_2019.doc	doc	8cd4e36661364ce87f1ab5d766e5dc204b3087c58acb95765dbfeafcf5f43534	47.37%	Heodo
2019-04-15	681397069876_DE_April_16_2019.doc	doc	20d7d49169b444120397f4fdcec5d5c94ba9a6f0dc8e0a3485566dcaeb73fc6b	42.37%	Heodo
2019-04-15	80399149760_DE_April_16_2019.doc	doc	d1955591d99761d8791f430051a1fcf750ccd18dabfdfd3ce56a5f4183ec0b7a	n/a	Heodo
2019-04-15	775571504268_DE_April_16_2019.doc	doc	1e26565545390a2adf648fc1763031f5397c21b3b1233ec899adfdcbbe920969	32.76%	Heodo
2019-04-15	7233254043_DE_April_15_2019.doc	doc	f8def05c21bfefe7089645b558a8275aac14deab1359003dcf4abdad48613efa	29.82%	Heodo
2019-04-15	4486154817_DE_April_15_2019.doc	doc	70d4b462c94fb97f5ce63a8e2b5f50b6d08bb45821dd7ee81eb50ef137c94a8a	31.03%	Heodo
2019-04-15	215929371243_DE_April_15_2019.doc	doc	3bb7d4f4f6f53b750781940dc8f6adf33b45648cb1259764eadd56000bb19f43	30.00%	Heodo
2019-04-15	76862105815_DE_April_15_2019.doc	doc	02c313983e665eecadaf2a75484980fb266c386cf92a33fa45c2ab00f9c0f532	n/a	Heodo