URLhaus Database

You are currently viewing the URLhaus database entry for http://closhlab.com/FTP/wm9w9-qu3xqis-hyxg/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:192799
URL:http://closhlab.com/FTP/wm9w9-qu3xqis-hyxg/
URL Status:Offline
Host:closhlab.com
Date added:2019-05-08 10:57:30 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@spamhaus
Abuse complaint sent (?): Yes (2019-05-08 10:58:12 UTC to ip-admin{at}coloquest[dot]com)
Takedown time:1 day, 21 hours, 56 minutes Poor
Tags:emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-05-097015210644DE_Mai_09_2019.zipzip203c8b9ba3557378e21b621a8b02ab9abea1a2abe6f1748e3c774583499a17c8n/a
2019-05-08610688337935DE_Mai_09_2019.zipzip8a8a08b154db8417596a0f43acde6da99b7176378d0673c81608c620fd4adbc3n/a
2019-05-08Rech_975984543773DE_Mai_09_2019.zipzipac4d31a94730d4668eea3e665ddb37a3ff800fc6faca192634c2b464bb13578en/a
2019-05-08Dokument_771125097563DE_Mai_09_2019.zipzip2c08e771b0cbd60eb438c322a25f1ccd6c43b8e110d21a4fbf447f1ad3cb1ef2n/a
2019-05-08Scan_1327483655DE_Mai_09_2019.zipzipd20bfdf812d1e2631eb600ec396c99e3b76f1d2df4f081238c851b1446e6257an/a
2019-05-0897665796675DE_Mai_09_2019.zipzipecc424a3cf33b1349c0eb25a7d45a1f007c4c58a425d4e28175c67f94b9afb47n/a
2019-05-08Scan_25701349842DE_Mai_08_2019.zipzipd2ab6a2367b90bfd881461e9be027050176a4a6c27ea8dfdd477098dd664b00en/a
2019-05-08Rech_25704634251DE_Mai_08_2019.zipzipdedd90f2a48b2ab68329ec5381120a38a1a21a3d2b8e6a48df108dddb3949854n/a
2019-05-08Rechnung_03788892735DE_Mai_08_2019.zipzip5fb1a51aa496d49472622b08075e3829fd733c7b1848b96dc0b6ff89808b3665n/a
2019-05-08Rech_50839624914DE_Mai_08_2019.docdoc37390a65227c1c3d33a74d43898940cfd4690953cea047db95f39e191a20dfb2Virustotal results 20 / 61 (32.79)Heodo
2019-05-086714198751DE_Mai_08_2019.docdoc8ea46d2e7b76e5d7298c7f8bfd87d9ae27ccc62f881caad23ff2bef3d898ed4dVirustotal results 20 / 62 (32.26)Heodo
2019-05-08583968892455DE_Mai_08_2019.docdoc9fca8a5a5331231d7c2e24f98c132be370fc4c1d314f6f0b674161bf086e32e2Virustotal results 21 / 61 (34.43)Heodo
2019-05-08Rech_64423889387DE_Mai_08_2019.docdoc4987eff30322e183f2564965c47cb409b92b466095d4c7ff3583b57419cc4cb3Virustotal results 20 / 62 (32.26)Heodo
2019-05-08433385991952DE_Mai_08_2019.docdocadfb40518e76da88b465cac35e6c32bb025e1f0188d96470a06ef516aef5d5eaVirustotal results 17 / 54 (31.48)
2019-05-087804023123DE_Mai_08_2019.docdoc50cdfcb1f7724fdab8da553f24f51686cb4835efef1d43f535ea00f220297ea7Virustotal results 19 / 59 (32.20)Heodo
2019-05-08790788297062DE_Mai_08_2019.docdoc55b414fdc1fd75ce344a26606b4f1a0260a4867c0a35a202a08de8f3d6c2bd1bVirustotal results 20 / 62 (32.26)
2019-05-0899439881664DE_Mai_08_2019.docdoc9fff48d7c0f4494bddbba99f1e95a2de9bcef7435ebc10c66d6b62aa57f62e95n/aHeodo
2019-05-08Rech_858853332130DE_Mai_08_2019.docdoc76078c12f217788bc8a017d80c6a7e207a86a0141792fe1e43009847c44dd365Virustotal results 19 / 59 (32.20)
2019-05-08Rechnungs_Details_9905369423DE_Mai_08_2019.docdoca6654bf3a1dc1407b542532d1a9d11c30b84cdd9cc736abccfec742eb677b117Virustotal results 20 / 61 (32.79)Heodo
2019-05-0816803925693DE_Mai_08_2019.docdoc033473cc78cd2c60e3bb42a6e5d9fb35fb15c5dfd748b7f0b35eaa606fdf8652Virustotal results 22 / 61 (36.07)Heodo
2019-05-08Scan_74785449415DE_Mai_08_2019.docdocce167af75e50476a8b2d4e8b9634594333f949ba78d64001efd6b16c9f4220e8n/a
2019-05-082406391260DE_Mai_08_2019.docdoc5610fb4f2521abbb5a78ce55ce5efaf6ea7d9c3125baeeb653e9248053417e8cn/aHeodo
2019-05-08068272898994DE_Mai_08_2019.docdoc0f13e41640e9281bb775ba53333af8c80f0ac73b5436fb497910b3cdd397aca0Virustotal results 19 / 60 (31.67)Heodo
2019-05-08Scan_0825243172DE_Mai_08_2019.docdoc64455bb11732d7b5a9935f85241a69e6b0549e480bb8d5ee55a0cb6f5bff0c6cVirustotal results 19 / 62 (30.65)