URLhaus Database

You are currently viewing the URLhaus database entry for http://nbnglobalhk.com/cgi-bin/s7bh4/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:262543
URL: http://nbnglobalhk.com/cgi-bin/s7bh4/
URL Status:Offline
Host: nbnglobalhk.com
Date added:2019-12-02 21:56:16 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-12-02 21:58:07 UTC to abuse{at}ovh[dot]net)
Takedown time:7 hours, 43 minutes Good
Tags:emotet link epoch1 exe heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-12-03bu4ee54y6pw2f.exeexe da9df4946ec9e1b4c1607a9b4744c275e2d41a2ebf74a25e5c88c284dc5af8b4Virustotal results 11.27%Heodo
2019-12-03cmztp02jwi5d14f.exeexe b385d570669afab792afe933da45a273ded7dfb81f05b370ce1dd5aa3f2a274bn/aHeodo
2019-12-03us7gy5su.exeexe 200f63bacf5794c4eaecb22b205962eccea82f4f12f2e060d0f4e83468766da6Virustotal results 10.14%Heodo
2019-12-03x3nvbp2y4.exeexe 7c69175963d6f01bf476757c3724bd971b7f0b9404849d92b9954a9cdb4fd2b8n/aHeodo
2019-12-025c3sk7u8wz.exeexe 514d57b1e1dd98fe789499e405d9015fb176d59623f51a0a0ff6ae454437cf7bVirustotal results 10.00%Heodo
2019-12-02uffy7.exeexe fa421a442611316980cb2485a7788a82615b9b6c8dd15340221a26543e6c23c7n/aHeodo
2019-12-02xw2rmsu.exeexe 2433a8139a1d8b908bf53947e2875e36073764f7e99719efc38d73679cf1bf32Virustotal results 12.86%