URLhaus Database

You are currently viewing the URLhaus database entry for http://cahoot.io/ub3u8/Reporting/h4j97k/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:417222
URL: http://cahoot.io/ub3u8/Reporting/h4j97k/
URL Status:Offline
Host: cahoot.io
Date added:2020-07-21 22:43:57 UTC
Last online:2020-07-22 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?):mail Yes (Ticket DCU002822337 created on 2020-07-21 22:44:04 UTC)
Takedown time:18 hours, 6 minutes Good (down since 2020-07-22 16:50:32 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-22INV_827904036825174737107.docdoc 4ab1de02515cdfd8f8ad61a1b7b8d15bc2be0d3e840dd8cf578fdebef9732955n/a Heodo
2020-07-22FILE_OD2637754113WZ.docdoc 71fc59c792baaf787bf4536e969036e4e2aff0ce6f9f8319ee51515bedbd7488Virustotal results 45.90% Heodo
2020-07-2236S0YI89A.docdoc 85b502308eea0d4c0b742ca6b6b9ccc6cd628d2d3d937d52d3cd912d55a6501fVirustotal results 42.37% Heodo
2020-07-22REP_AVH_070120_ILD_072220.docdoc 9250d08026b599f3db61fd76dbc27e4679aa734e469a9706c50d280c1d86913en/a Heodo
2020-07-22DOC_MJBGPDWQ.docdoc d5df21344644cb13c8c9b799aca8036d222a1e97aae7e51043dff695c0485ebcVirustotal results 43.33% Heodo
2020-07-22INV_YTE_070120_LMB_072220.docdoc 6a5b7bb6f7a3cf8967e8e966d17f4a94eef876a4cff2e66b5aadaf461f068b4en/a Heodo
2020-07-22T_02328698.docdoc 7301394356de0237cd27b967d4a2cfb13d5c2d4e5ddbd98a0488d26800d28849Virustotal results 45.28% Heodo
2020-07-22R_65854007.docdoc bf4fffe027c8d6b7f301f79506892c1666c59fbb0e01ee66e6326eae28c6c66dn/aHeodo
2020-07-22PO_07222020EX.docdoc b1715682c97f45a67eefba82b2f98e6e7f62d7d2c8b30c942fc9d763aa531223Virustotal results 43.33% Heodo
2020-07-22BAL_PW4430498475PK.docdoc 1173bdedb43ef07a3717e4779d911525bfe933b315c02c692dec3cd7b8b686f7Virustotal results 43.33% Heodo
2020-07-22FILE_VC0962730224BV.docdoc 9aa88e0b920319854af15ecf938c37ed20ef8922b14d3aef3c431e7244816a70Virustotal results 43.33% 
2020-07-22K_5BO3ZB5EJOC8YUQX.docdoc 1bd519d5cc1c15caa5852330cf48e62d99f39986966dab882ab7befff8962afbn/a 
2020-07-22BAL_PO_07222020EX.docdoc 9da867b47cb1f85364e0ea24a033e9d0fd9f79e6fd1f3ab4879547f87d8e4ca8n/a Heodo
2020-07-22REP_8W1EJ9WKYINNA6B.docdoc 782736531e733d8dc455a8d1c25318d69d3bbe81a3d9ee2f8f26322d40d242a6n/a Heodo
2020-07-22V_HGX_070120_CQZ_072220.docdoc f1b7132df8ec796787268640384eeb445a1ffc5c0ad9f2c780ad7383f2b9e185Virustotal results 36.07% Heodo
2020-07-22P_GHAL0CKCUQF0A3NT.docdoc e36be98a3e3d568430d52706ee06d935e126942b2a5c2453f5478d8c0d58acb7Virustotal results 40.98% Heodo
2020-07-22FILE_96726086.docdoc 1c5a6201f9ef900b5ccdcbea0c35b6c1ab1b6e2ceca9bf0afdb75f9697696f28Virustotal results 42.37% Heodo
2020-07-22INV_PO_07222020EX.docdoc 605e68db4024034f722b64cb62676029ba7c1ec38fe58ac535909068a5d53535Virustotal results 41.67% Heodo
2020-07-22FILE_SBFLU4Z.docdoc fd2c6130cd3a5d6056aebf171e64dd498f02a42d48ac937ffe344d43318776cfVirustotal results 40.98% Heodo
2020-07-22WZE_070120_QEO_072220.docdoc 067ba9cf327a1e5805876399eb60e0766480e8569c950130e43141b645b6a4bcn/a 
2020-07-22CNWR_68012040.docdoc 91420939d17611e6b1215827089e2e118b07eaeb3034e72059b79148104ae337Virustotal results 40.32%Heodo
2020-07-22INV_SK4347573006VI.docdoc a3b6c9b8acb5b16ebc30ed08ff4d24d310e3417939fcbd41d05a07a51a292945n/a 
2020-07-22PO_07222020EX.docdoc eb4051dc4e8ab1d0de977358994f5e9fe2b9028525fbcf19e270142a0ea54957n/a Heodo
2020-07-22ZAP_070120_OHK_072220.docdoc 0857814f3cbcc8df6a43272007e719bba14facd9a864545e13f58ba9bf6e1773n/a Heodo
2020-07-22IJ5600485221UY.docdoc 3989307ebddd245bda87431ce5df1c47f236f62ffddbd75ea3d36a68ab9fc77aVirustotal results 38.33% Heodo
2020-07-22FILE_73543504.docdoc ad64b9d43e975aff3eea26608a183a9aa7f3558ad48b5dca3641aa50ee650eeen/a Heodo
2020-07-22INV_1276646853029351891242.docdoc bff462e527dc2bbfbc6af92e64f4d57c7587401687561163e0a6a3ec37414d68n/a Heodo
2020-07-22BBVZ_AVAGO9Y83BEM.docdoc b71dcb72f916703f8da6d3760bb015c91418266de04be3406cecdc1eea3da42dVirustotal results 34.43% Heodo
2020-07-22NLAM_98UF4J4GT9NDWG0.docdoc 75976bde3b02341d4f05b9672041e7cecdc933663249a73fc38982cd66982d47Virustotal results 31.67% 
2020-07-22DOC_KYO_070120_RTQ_072220.docdoc 5094c26c5d8795c7cfb7d55342ba1b11cd3d4407b6a42681793e6ecc8f9c5a52n/aHeodo
2020-07-22BAL_WHB_070120_JDI_072220.docdoc dd584a748f37459bb1c1c14e33cf396479669e2a15dd267fcb952d788ae4a0bbVirustotal results 30.00% Heodo
2020-07-22Q_PO_07222020EX.docdoc 1e3af37e16412c773f67b690a273c0c17a35d7ff6ad70b411cfc8b8c9a269e14n/a Heodo
2020-07-22INV_ZJ0965385443BO.docdoc 00ef2d68251c66dcd85acb5c11837148de33e43d9a98eda9d28435c9d74477e3n/a 
2020-07-22CVI_070120_KGB_072220.docdoc 99e4ace02c6584969197f86d1122c6dab6d35545343a0138df9821a3a71ddef3n/a Heodo
2020-07-22INV_F15Z4BYS5C.docdoc 6999be5570232cb11189a152478254ef33470426036d88fa74b45305031efb73Virustotal results 26.23% Heodo
2020-07-22INV_35704009.docdoc ee36488e9d6d8ea09cff02367c7212d0503f376346c3b40aed03e01c1b1aa668Virustotal results 26.23% 
2020-07-22BAL_ZPO_070120_QCH_072220.docdoc e78c34be8e5c18a71a9aa4efce0a94da6f1478187b801178d37bbea90e1dc260n/a Heodo
2020-07-22DOC_PO_07222020EX.docdoc 44649b15c8270438769bec658bd63477e64a1164f0e721c002eedaffd43b5256Virustotal results 26.67% 
2020-07-22FILE_KHS_070120_HRP_072220.docdoc a76feea95a298d6f94ca0a719376f30e4409a18555e10bdb1e90a24c7facf294n/a 
2020-07-2203206336217.docdoc afdc038735cdf5c41cac67e5acc42de071d117d306fc7bcc5e801990f135a3b0n/a Heodo
2020-07-22X_25858793504986220493149.docdoc 76cd4728c9c57fde8056079802fb6fdfb0c81026b26d5b095c8c08bed13f0e53n/a 
2020-07-22FILE_PO_07222020EX.docdoc f9b9806f9c7c88864e0ff685eaab801a085f8c567b7d6993101bafa58c4833b8Virustotal results 24.19% Heodo
2020-07-229440520417313508456192339.docdoc 91e07fd7aa524859f51ff55a874649b91f7d9a4672489458d204054fff2cb9e6n/a Heodo
2020-07-226NJPVIZK1G6.docdoc 593793a914684244b3c51333736fffc1cdc69c51759831c888b66e6a07ef8b72Virustotal results 24.59% 
2020-07-22QQG_070120_PJH_072220.docdoc 756efc8d3530d9e9b4141763d1a89a2092a54347108a59790356c0c3506082ben/a 
2020-07-22D_36675886525255479.docdoc 1ff7a8450997cc013c4527af47bac34423607b8fcda043bca82df0e6b3e823e4n/a Heodo
2020-07-22FBPG_KPG_070120_DYD_072220.docdoc ed1a41469969a80fefc58566124f44e0846bff21d8e51d897da0d10b2386174bVirustotal results 24.19% Heodo
2020-07-22NREM_FIWOFE4LFQPZBTH.docdoc 10963f8cec95f3f18634db9382cd4403523a624d72a459c29c9c3baf27097509n/a 
2020-07-22INV_ZK5L8MAYXWN01YT.docdoc afb0e524b7db64a122b728e245c9696835a816e3cf272da3b39ac35bba514abdn/a Heodo
2020-07-21REP_PO_07222020EX.docdoc 620ed9cdd6372b6bd9572a507c6c349ec07cd10cb45cb36216f21e2e6b025d2cVirustotal results 24.59% 
2020-07-21557164348150501403160.docdoc c6ca23f36d524391de9970059d2e0faf54270286e320503e3eadf282ab5082a2Virustotal results 24.59% Heodo
2020-07-21EF2172974738IQ.docdoc 036ad59b6976510e9ff4cf18b0c06525921206e2fb2d09135c41308923ff5d80n/a 
2020-07-21BAL_2831QLTGCR0SY79.docdoc 5c3d472318679572aeebf4c76cf7f2ead0f39f72e9d9d3e26604c88f35364b4dn/a Heodo
2020-07-21BAL_PO_07222020EX.docdoc dcd97e231a7928660c49c35be9d5b8f839ccd3e2b8882ddd60c22b1bd012ac4cVirustotal results 25.00% 
2020-07-21S2DF4LK7.docdoc bc7398dd8ac94a9ff8ca7a93f0755681ec84ca7fd05058ddc053cd16e1b3f4e3Virustotal results 26.23% Heodo