URLhaus Database

You are currently viewing the URLhaus database entry for http://koogaya.com/wp-includes/sites/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415377
URL:	http://koogaya.com/wp-includes/sites/
URL Status:	Offline
Host:	koogaya.com
Date added:	2020-07-20 16:49:07 UTC
Last online:	2020-07-21 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-20 16:50:03 UTC to abuse{at}linode[dot]com)
Takedown time:	1 day, 4 hours, 13 minutes (down since 2020-07-21 21:03:26 UTC)
Tags:	doc emotet epoch2 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-21	CORT_PO_07212020EX.doc	doc	dbda4797cc002eeb66a87ca2dc004b353d72aff451eb3ba1010bd900cac133dd	33.90%
2020-07-21	KE_PO_07212020EX.doc	doc	25d8674a9a9f8dc39e05c8625561abfa731d499fa4fcf8ef72bb9dadb1d4c156	32.79%	Heodo
2020-07-21	INV_QP3053703225RZ.doc	doc	3272cc94248da1f2887200825c05ff98d655ad34c77c5f92e87ffca784324a54	32.79%	Heodo
2020-07-21	DOC_PO_07212020EX.doc	doc	adc75d7a700b766503c50f538a24148656ae2c500683944ad15c8a2c8e42b567	31.15%	Heodo
2020-07-21	806674202578.doc	doc	b2dcd1d5ee235a978ccd72a68fa2448f80577a051cf78c994fb62d41e7932e39	31.67%	Heodo
2020-07-21	BG1Y5E3XLQU9HL.doc	doc	6acb37f46741819ca10ee4ccb7f88dc94b5dc36a3a1c5c366450d76db4b42a6c	30.65%
2020-07-21	REP_80949148.doc	doc	ffc575665829ae7905ee6e5f2194883080c4ec8d2fa69ac1770319767a1b5456	31.67%
2020-07-21	09196536.doc	doc	c3db961b04941123b6924d69f2c5b149df9b54835cffe9dc0f693fd0dfca31bc	31.67%
2020-07-21	INV_PO_07212020EX.doc	doc	15416a6fc11e7393653dbfbadaf3a03a0948ecfa7aef70fa367412c3b68d5ede	n/a	Heodo
2020-07-21	W_SIB_070120_VTJ_072120.doc	doc	a543b622ebcc58314854fa85473ce89753b8c30877e2562d607aa9483023d16f	31.15%	Heodo
2020-07-21	REP_PO_07212020EX.doc	doc	cead2b444fb70319f7ad607f10b254f3888d97ee61adb8a5be9492f259718ec9	31.67%	Heodo
2020-07-21	BAL_NW2269290912QQ.doc	doc	2deeb69125cd75fba93b9bc64b1defe43dc4e1ea009f2f44bc8fed64c5f2a003	30.00%	Heodo
2020-07-21	BAL_833577709584317474.doc	doc	04aa8ab2ee7412b2c59325c52dbb46f1ce941b3d602ac44d01afcc1efb9c08ae	27.87%	Heodo
2020-07-21	FILE_PO_07212020EX.doc	doc	e59ab4e1a047866cf6ad7eea19330ef2c3ace4086662158f0e46d07333ea11eb	29.51%	Heodo
2020-07-21	FILE_57299958.doc	doc	eea895f78d31fab11d485cdedb1938309a53c01bcbad7657c9695879ab1f0979	30.51%
2020-07-21	DOC_WYI_070120_UUG_072120.doc	doc	e8eff9852fefe1a01b140600735f3b9abecfd2f1bb93929c8955778bb11d0681	n/a
2020-07-21	INV_45463352.doc	doc	ace3f1e921953c5ef33479a1772138bf5c88c39e1677a8e5a78905066d4818fe	27.87%
2020-07-21	BAL_58244692.doc	doc	5f3da5a1b6d61a46a16169eaf72e463f3f5483f15213d0799b577d4684e38a70	28.33%
2020-07-21	ZBJYIOB.doc	doc	ced32d6bf400cc3bb59aa1929efa4c17228064153ca0615288fc1fefde35f11b	27.87%
2020-07-21	REP_SIG_070120_JHX_072120.doc	doc	28d652dc57d7025b36ae37336947faf6ebf313cdcbdecbd236dedef9323f2b16	26.23%
2020-07-21	CCL_070120_MKV_072120.doc	doc	9d29290a0e2c6f3801444df8141e4099b9d87d0d3d3ba984bbc9d9684fcb5511	24.59%	Heodo
2020-07-21	FN_BOL_070120_FYE_072120.doc	doc	ab0c125341cfc43f2b78b409b59b4defac478f57c6989d3197f29790d5cba907	25.42%	Heodo
2020-07-21	BAL_UQO0C39X.doc	doc	281280ed257511ed8f8f2b291a83ce2978bc6e6f14c52ca9ce10540c70cf0605	24.19%	Heodo
2020-07-21	B_GZ5588894121SR.doc	doc	a77f0d09a07d8f85b737d25216501b343e22c4e04a6f88b16dc1ab9ea1b2a222	25.00%
2020-07-21	HJA_070120_PSL_072120.doc	doc	78ee28005bbef4cfe7fb058b986393b6a9210ad3420ed6941bb999e6b8a25e8f	24.59%	Heodo
2020-07-21	BAL_03109406525079250582613.doc	doc	d40a13f38676eec40c7fc38f03d55507495374f948219045d50e6ae6af725275	23.64%	Heodo
2020-07-21	S_HXB_070120_ZGZ_072120.doc	doc	2cccb5979a562d00936dba58168f63f56806a4013284bab9f2a8e84be5eee72e	24.56%
2020-07-21	NW7376068470OD.doc	doc	8969bcaa62533ea3d1c200c02009112d2d21e5b51ec3500698935d4689d46265	22.58%
2020-07-21	JLM_070120_RKW_072120.doc	doc	24008d212916e04542b1f308917ce152914fc98dea21a3ac690999db725ea0bc	22.95%
2020-07-21	INV_GPN_070120_UXM_072120.doc	doc	283288b5bb193523ad2659b4cf322feea153048b6f27a8fa9673ca683bca177f	22.95%	Heodo
2020-07-21	NS_PO_07212020EX.doc	doc	09828f45a3ecb9732b256236d772b4af278b4d4855c7ed217c1a7d7ea21ef296	23.33%
2020-07-21	DOC_TRJ_070120_QTX_072120.doc	doc	49e7f3d18db1b3402794fa15a11d36c41d2857d4a668834b6178d0c739e2f821	22.58%
2020-07-21	79782959.doc	doc	59e827ab690ebe0398ef2409db0e89fd63ebe9c9a198ed0cd9febc218813f6a1	22.03%	Heodo
2020-07-21	870186288989183878.doc	doc	2786a95d643bf9b6c90e2940c4387436c45e5bcd4f88746449713a6abdfb5c51	n/a
2020-07-21	30935424.doc	doc	597286f6b0f26fcb3c8507833ab54e1ecd981baf7b290a4f741c6e92064d5fee	21.67%	Heodo
2020-07-21	DOC_4308516872.doc	doc	660ff4d3124a99db58894556a3461eda17393ca94c27e075185e72536eb6735e	n/a	Heodo
2020-07-21	47HTQPRIO9O0B.doc	doc	fc2bb7719f33ff249113e3c05c4b2b6fdbc99190e250b3073295e271c553f0d0	32.26%	Heodo
2020-07-21	INV_JED_070120_OLP_072120.doc	doc	d604f20c04d25e448176ddfdf3e01865091590cdf5f2cd2c42eb9af7cf41c718	33.90%	Heodo
2020-07-21	5002381584995.doc	doc	99e6f4568c137fa746b98dfe1e68f86435c581cdbcd14c1ccc5ea04b9ff74c60	33.33%
2020-07-21	BAL_GAH_070120_CZG_072120.doc	doc	6c9bab65f28ed13d572adc91a1af99d0862edc49891f2ffa643423c75a0cc4c7	30.00%
2020-07-21	INV_88989444.doc	doc	9312e2d0d00f48b53f5ce88ad3c874968ebb3c219e93cf1c5848021de545956a	31.67%
2020-07-21	BAL_TJ9031685060VM.doc	doc	b5956950d2004aceecfee887e4d5435b6d7cdc6d13a6655cb5d81a7f7425555d	n/a	Heodo
2020-07-21	INV_9LX0EEC.doc	doc	4889dc2e25eb4a39c1afed23f47c68f25441da2a8a16860479a9af42e6588696	31.67%
2020-07-21	INV_9916126743048618915047372.doc	doc	98f9e3f351ef4ad0fa44e42564bff893ca18599495d514658ebc5bcc78534dd6	30.65%	Heodo
2020-07-21	REP_232203200812566936898134.doc	doc	31753fd36a9782bc8df01e639556c0f7a72a7eecc326382a981a6c69edc8d318	31.67%
2020-07-21	FILE_MI4AG7LM.doc	doc	9953004cdba2aa71a7552b41ec9b4718f1fcf03abe1589629ce524746cece259	30.65%
2020-07-21	DOC_HAY_070120_QOF_072120.doc	doc	926e68ce8e0ae5b9d2e935c1fe517533b3dc8cb4aa2250b0fa6ec86af0d78220	27.42%
2020-07-21	LL_XV9460686588SA.doc	doc	7e1aeb2be52594be4df58400922f10eb753ee56699771180bd21fed441171c2f	27.87%
2020-07-21	LU1676041162VW.doc	doc	e341cca78e446c93ee00c387cee3517341c104ac0587512879a602ff58871c64	27.87%	Heodo
2020-07-21	RA4401687269YJ.doc	doc	46e68edbdc3dd2b5e70179a93d4f788074fa29e649c64063f636ee4e37c42fbf	28.33%
2020-07-21	BAL_TCX_070120_BMN_072120.doc	doc	229710df49bb17b78fae2414fe4ff138609fdbbe410dc297f49d8b7bf10ad109	n/a
2020-07-21	BAL_WM5366395979KP.doc	doc	cff09d732ea9fe1f128dc29bff9f5d5d8ff78ea22eadb52fa4b5b8d7c056928b	27.42%
2020-07-20	INV_PO_07212020EX.doc	doc	1d9333d44f7442890d84cbc3972b9d00c93bf1556042f7b58c1386365eae3c76	n/a
2020-07-20	PO_07212020EX.doc	doc	49f90436f418a86b0f4e55e14bcf74793954cc90596ad08dfb6355a1e50a8f27	27.42%	Heodo
2020-07-20	FILE_1058490753159026.doc	doc	2a7edcd4009ca88459bd2ec64af866f700abb7acb68cc5b13a40315c51976df7	28.33%
2020-07-20	A8JZJ0XRQ.doc	doc	80b27b3a7242ea8cdfbcc0d266c4fe489cc0b035fb614b755e2546c80cdfbed5	n/a	Heodo
2020-07-20	R_ND6451669207BD.doc	doc	86dc2706e8cf0a78688e5a503d6e8db55275a7ec3de655ec33a9db2f6ffeef57	29.51%	Heodo
2020-07-20	DOC_5854921829641.doc	doc	f073a991092d0dc2ca2d7308e64b58992ce0cb00fe5da928b65b58530c10e7a9	n/a	Heodo
2020-07-20	INV_26427771.doc	doc	4ec7f2a0359b740dbbc849705f2856818bccc8fafa5a2237fd79640e61423255	27.42%
2020-07-20	DOC_4B2LGXIUUKM.doc	doc	53dfc48b5b049b05895bc4e2e5fca037946e69d083cdac2e6c222b76c86f4763	29.51%	Heodo
2020-07-20	FILE_71399381.doc	doc	148aa06dceabdc99c7588bd48277867f3d0528fcf04463562707fd66f953045d	n/a	ZLoader
2020-07-20	PO_07212020EX.doc	doc	3886724a53ad93931a6339f285e19c703a1bb1dadd7e348ca8dfca75ad42aef3	n/a	Heodo
2020-07-20	KCJ_070120_EJP_072120.doc	doc	cfb6588d9181a97aa1f93b2b9f8af82134836e916938a80a217cd03fe4294811	n/a	Heodo
2020-07-20	P_PO_07212020EX.doc	doc	401dadd7c1211dae181b8767949d274790aa4fb72e78a3d57ae92ac2cf925da8	27.87%
2020-07-20	MGLM_CRR5MVG.doc	doc	8163146178e6d55057843fa5f0da1b851d049bf802aea69b44aaec7352be33d4	n/a	Heodo
2020-07-20	BAL_HZMCQ2BFSHY3L52.doc	doc	33c897cc3c1d11687231644af13032e24358c594f4b484a7040a3eeecfae7145	27.87%
2020-07-20	FILE_PO_07212020EX.doc	doc	4fdba539896383e37ec2383fb569df4f17395dd40115ba8caba62127b7ebe949	28.33%	Heodo
2020-07-20	500PB4D6B.doc	doc	a00bd0c41a60173a7d02bec198e21b3be8ce018289a2120a48b3cea32160de78	27.42%	Heodo
2020-07-20	BAL_ALX_070120_KEJ_072020.doc	doc	265c8a20b2d97de3e6464bbc718b00cb55562ca2512c7ca4f8fd6034613fff53	24.19%
2020-07-20	AGI_070120_VSS_072020.doc	doc	021aa9ae780b058779de8a93eb224c78e1d856ebd0bf6a3de8810e1b20e88f7f	26.23%	Heodo
2020-07-20	FX_APR9QO69SN4ZHAL.doc	doc	f479686dfc59c7e2cf8607ef958b067288d47d2de6a92db1b0c1268b9862f42b	n/a
2020-07-20	18332953.doc	doc	69167697c3c077b3ca6449ae55750d1712c20bc33196537fdbbe05e463aab195	27.42%
2020-07-20	XVH_070120_WQV_072020.doc	doc	1e146c18d65265b27e23f9ee84a8f1d20c046aa76c30ed386710a10cb0da2960	27.42%
2020-07-20	REP_14166432337993492.doc	doc	4cf16b8ae2f4acfe07cf097092f011d77005a1289ed6b609851c04fb52dd78f8	26.23%
2020-07-20	BAL_PO_07202020EX.doc	doc	4a12475b07d363c78dedd7070df1730851f1871bd0951f703375692801ad2f97	25.81%
2020-07-20	REP_PHV_070120_RCR_072020.doc	doc	16a986a19d026da35781703a1baa7901b7c796b6a56c4cb47d21b741c9b47291	25.81%	Heodo
2020-07-20	ZYWN_8DEQRD4PC.doc	doc	dfd60a37d9d7dc24e9302548219fc2547abf5a5cf7a6f4df5812bd4c737c7f69	25.81%	Heodo
2020-07-20	HPB_070120_OLB_072020.doc	doc	6184126e3453b754392ed6f6123957890870d807b6f67d16cac4116de881e3bc	25.81%	Heodo
2020-07-20	QL8HP7N9N.doc	doc	0fee9dff045cb53ab19cad51113a8af4f6b38c19b46c50150f606626fd1a42c9	25.81%	Heodo
2020-07-20	BAL_52155394436040.doc	doc	f49f50e867c62fbba39a590c6fd467d0a6ae957409da5832c798cf31558296c3	24.19%	Heodo
2020-07-20	FILE_56823911.doc	doc	cab46a148c83d32a55562969c697d8f33682fca7d91c3b3980f49b2e964a5f88	25.42%	Heodo