URLhaus Database

You are currently viewing the URLhaus database entry for http://closhlab.com/9 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:41811
URL:http://closhlab.com/9
URL Status:Offline
Host:closhlab.com
Date added:2018-08-13 19:36:36 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@unixronin
Abuse complaint sent (?): Yes (2018-08-13 21:32:08 UTC to ip-admin{at}coloquest[dot]com)
Tags:emotet exe heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-08-155928730.exeexe0006655a8a16a0334a991e2bc9c7ed3eb772d2f36546bb00760314f141000d6bVirustotal results 15 / 68 (22.06)Heodo
2018-08-15408.exeexee3fa3aff629f70dcb6699b6541445735fd716895b79197814972b6f130fd0d32n/a
2018-08-1539338.exeexe6dd61d14045d39be4c3c871175c060eb4247aef0f53249e767ee6f1fb039f770n/aHeodo
2018-08-1502.exeexe3ce859ce4ba7311307b6aa5c4672a120e9eee3e2a61e4f63203ed9e940195ee9Virustotal results 11 / 67 (16.42)Heodo
2018-08-159.exeexedf87cfa38e1631a62fb9c3ac9731ff1d1716f2114e5b8ea48110536b71d9d601Virustotal results 11 / 67 (16.42)Heodo
2018-08-140243779.exeexe559b042fdb1a15ca42babff1a33a9fd4072fe985165f75974a08940cd58865ecVirustotal results 18 / 68 (26.47)Heodo
2018-08-14419924.exeexedc8d523c79b5e72a08e7d0c788036acfae238051c61fe866b926765dd445c825Virustotal results 16 / 66 (24.24)
2018-08-1420.exeexe93d1c739e923d491288ff72760f52ae6a684916c0f795e431eb90799ada8bcfbVirustotal results 14 / 65 (21.54)Heodo
2018-08-1435.exeexeb9ab6e8d8690f7420f7a19e319419ca5eafdba4a54e76953729b0cd610b67057Virustotal results 13 / 68 (19.12)Heodo
2018-08-1473979245.exeexee440394baa91360901ef3244e650097dbd2f6e0bc7f5e80c556350be2261924aVirustotal results 14 / 68 (20.59)Heodo
2018-08-1417.exeexe596203b1ebbf964efe6aaf94b1cb345b6ff8583d1698c8f07bdeb60f48dfcab7Virustotal results 17 / 65 (26.15)Heodo
2018-08-1440931.exeexe4168237968a1e9c147dbd980e85a4693a4f30fd3f4f6703ea1826061aa0f639eVirustotal results 15 / 68 (22.06)Heodo
2018-08-14038.exeexee1c94ec2b51a9998f3c804cd4c6d6a8e3408f6442f1060ca5d5f5db0c1a53dc3Virustotal results 17 / 68 (25.00)Heodo
2018-08-137.exeexe5df4f3a3f2c15ace77ec9e4ca65977d8ccd7f0f040e09efc895499b173012c7en/aHeodo
2018-08-1325906838.exeexe77003607b1ac14cb1b71acf72218c3d265c82bd926de9727e44557f5e8ce96f2Virustotal results 18 / 68 (26.47)Heodo