URLhaus Database

You are currently viewing the URLhaus database entry for http://sowka.pl/kwiaty/browse/9gqs792xyuq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:419892
URL: http://sowka.pl/kwiaty/browse/9gqs792xyuq/
URL Status:Offline
Host: sowka.pl
Date added:2020-07-27 13:44:03 UTC
Last online:2020-07-28 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-07-27 13:46:02 UTC to abuse{at}ovh[dot]net)
Takedown time:17 hours, 31 minutes Good (down since 2020-07-28 07:17:49 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-28DOC_75847495251516606.docdoc 20d81ffc64ba89a114dc4ee30c643d555945ab0ec0f3a17c96b56d6087ef3b13Virustotal results 42.62%Heodo
2020-07-2890454232717034274151894.docdoc 3bd36ab32026af0a6cb457a12a0ba75df13d8e6a288da64ca838af0bef9c2e24Virustotal results 44.07% Heodo
2020-07-28INV_JUC_070120_BXX_072820.docdoc 4b0e153c6b865d8301d0b569169faf4acbe77703f624f14215b5b5b04759462bVirustotal results 42.62% Heodo
2020-07-28REP_83762077.docdoc df3f07a28988e65741321c968afd02eaf8a49fa2dcf2e2f2685d04e13a236122Virustotal results 42.62% Heodo
2020-07-28FILE_67947743002854135.docdoc aa1b205f657a473a98b6226c6155c825302c9337eaed1550efbe8951d3ace458Virustotal results 43.33% Heodo
2020-07-28FILE_12338112.docdoc 9811d379398e1720f5eea242d0d007c3190bfc61a28ad236f23cf78e0ffb13faVirustotal results 43.33% Heodo
2020-07-280688391655814.docdoc 8cb2ee65b209dc77c33984c49bd4ed006fddd9fb40132c166c494f47cafbd5bfVirustotal results 42.62% Heodo
2020-07-2813451284.docdoc 6f725b4e11df45b38cea3502301ee5e92df17109fa860dc84523501a6940f5d6n/a Heodo
2020-07-2812557009.docdoc 085a4179c27fac8fe1ceeb6cb237242ae375f0be7b0eec75c057f1ab00389427n/a Heodo
2020-07-27BAL_DTA_070120_RVF_072820.docdoc ec58eee07fffa7a7af0387949a025a2ed4f748060d7420dc53316cb6b9a332e3n/a Heodo
2020-07-27PZJM_EG9679471170BO.docdoc 78b39f8d472206c5ee8e1cdcd47550cf56630aefc5e722ca39891b62a9c02d19Virustotal results 42.62% Heodo
2020-07-27INV_FA9562415006UL.docdoc 3a4fd8ba092ea2243de196e6a43f4568bc13d88e3c04ed3aaba6e494b4ec47ffn/a Heodo
2020-07-27REP_420471212181884732.docdoc d88b494734b0a01b33a3095214b8f76b448f625fa97248e6d6385ed6a1edc35en/a Heodo
2020-07-27FILE_07925704554811.docdoc 1025216058d489f910a0436f2fc8da78f7b0c69707130f006d627744e413067aVirustotal results 43.33% Heodo
2020-07-27XP5580414125JI.docdoc 9e6b07432484371908b25279a80c78f3f717726fdc1cee80af1458b9dcdd92bfVirustotal results 41.94% Heodo
2020-07-27PO_07272020EX.docdoc e014e7351a4ad87f016b72570a6ea61c63069ef368ef1501bf75c019760740d7Virustotal results 41.67% Heodo
2020-07-27DOC_6ZYA34Y21.docdoc 5d08f7fb64c5fc4af654eed617b862ed33cd458b34326c027882d886627f96d0Virustotal results 40.32% Heodo
2020-07-27DGT_070120_RFI_072720.docdoc 2317a555c5aabac7a3b94757661b5ca7f25d7612b4c4a93df00b35fa56fd8e9eVirustotal results 40.32% Heodo
2020-07-27N150U1Z5QRN.docdoc 638c2bca4d280ee089f6038536d990d264e547a0aa4848cf1777b3c73e448561n/a Heodo
2020-07-27BAL_PO_07272020EX.docdoc 331fdfa975f4a2d408e197f274ab95fc524b04df25be54ea4af222cdca4300e5Virustotal results 37.70% Heodo
2020-07-2785467767.docdoc 378afb3d981835d83ebce4c7aca81bc52456aa1373b8f0bbfe3635f7803ac3ddVirustotal results 37.10% Heodo
2020-07-27DOC_PO_07272020EX.docdoc 1f4d064b9ba98a36215b0e0ef53e9f4f6d955b17bc94da94f5e888c9990b0aebVirustotal results 37.10% Heodo
2020-07-27L_23852296.docdoc ee15b91ffaa6ccb45f34e54e28cac0313eeabf7ae3be97772023b75d65c1b778Virustotal results 37.70% Heodo
2020-07-27W_PO_07272020EX.docdoc 8e025046de6bebeb78e622c3486c470f91fa749f9e4add66dfdb8e84b9908defn/a Heodo
2020-07-27DOC_PO_07272020EX.docdoc 4d92403a02e3746fdf617e605110a9dc480a0e1832f309cc4e64fd8abaf05224Virustotal results 35.48% Heodo
2020-07-2726352098.docdoc 3139a080fb259f348c0117281ce68f5ddf97af673efa6814de5c3ccb9efee0f6Virustotal results 36.07% Heodo
2020-07-27INV_EDO6XIV1.docdoc cf253830c0484f6a93945b844e71d9d20ebe95c0a8e699fe12be87b07d04959eVirustotal results 35.48% Heodo
2020-07-27BAL_HR0794433100GI.docdoc 7ca74b3c7abb4df9b42143995e6df94e5cdc55a6736e58abee7a70bd20032c47Virustotal results 35.48% Heodo
2020-07-27REP_48732423.docdoc ab0f127714796541c566c6a6eac8962cc8fe2274d474690c9b4a17985ec45aadVirustotal results 36.07% Heodo
2020-07-27RKU5PE1ABADDG.docdoc b4652c4fcd8d9734cdc845dfe9ff6dbda28b6b6e8436aac9959217b4e34b2a40n/a Heodo
2020-07-27INV_8AU90LZ344F0T.docdoc aa15b2714319bb57b8f6dc0c835ee0bfd4337365f299c881a7be1257885d360bn/a Heodo
2020-07-27DOC_PO_07272020EX.docdoc 759a9925c0d0324b377d49fa37282f26912ebedfe841c72411aa4568540cbbebn/a Heodo
2020-07-2741828063.docdoc 46ede26ccbcd55d6f8304f67235e8c883b6e1baa9612e539c5f81331d90de5f6n/a Heodo
2020-07-27DOC_PO_07272020EX.docdoc d1f1e456cdbd8b54f3f7584340c7846baace23a2097ed2de44057a637d60717dn/a Heodo
2020-07-2740788522.docdoc 4de7205b3148a989443ace3ec09936ba3c9539639a254013be838994669344a8n/a Heodo
2020-07-27F_SHM_070120_UKF_072720.docdoc 91631b5f74221ef36cfacf1572e87d4a71c5876f16e20d1131401cf6f61f0c1en/a Heodo
2020-07-27BAL_PO_07272020EX.docdoc 09f7d48ed4d70c24ee8888b1ef67071cbca500ff3fe98267923a5ff68d113b28n/a Heodo
2020-07-27FILE_PO_07272020EX.docdoc 547d567c614ca6c134091747d88cba14c1fc559767abce1694a0ca4995dec3caVirustotal results 36.07% Heodo