URLhaus Database

You are currently viewing the URLhaus database entry for http://ferienwohnung-malcesine.de/html/OCT/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	421073
URL:	http://ferienwohnung-malcesine.de/html/OCT/
URL Status:	Offline
Host:	ferienwohnung-malcesine.de
Date added:	2020-07-28 20:34:34 UTC
Last online:	2020-09-05 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-28 20:36:02 UTC to abuse{at}dogado[dot]de)
Takedown time:	1 month, 8 days, 20 hours, 45 minutes (down since 2020-09-05 17:21:40 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-30	REP_HQ4000832704FJ.doc	doc	294520a166faa7311a9bb92201a90c886a78c0a499072f3771dfef49baeee7e7	49.18%	Heodo
2020-07-30	PO_07302020EX.doc	doc	b3c476526978c5ce2f22627e47f21fdd3a16f03b166965bac3be05ca29b80575	n/a	Heodo
2020-07-30	PO_07302020EX.doc	doc	e36e626e95cc4e2feb34bfba30b423f08786bde39a1ddda5fa65ce1abc18bdb7	n/a	Heodo
2020-07-30	PO_07302020EX.doc	doc	21670c1b2f6bd3739bdf6a11f4edc5cf70af68046eb16b6a392cffccb2cdaf84	48.33%	Heodo
2020-07-30	BAL_44UY5QO6K1XS9.doc	doc	07e776c54df1af3395854812f0a6b7915acfa69f07c466e088eab9655d99d886	49.15%	Heodo
2020-07-30	PO_07302020EX.doc	doc	bae631a4bcfb6f64cb01a26d307ddcfa85d0d63f8765a7020242e2e5b7ba979e	45.00%	Heodo
2020-07-30	DOC_AI7405227686HK.doc	doc	b4891111091f062e79d0ee997b7422c1681080f74a0d0b14dad258caf0e1c162	43.33%	Heodo
2020-07-30	DOC_FAW_070120_ZFB_073020.doc	doc	9cfdca3e78754a9d8fbbcc8008ede38e26c1501f867eaad9d7e2b5f35d86add9	40.98%	Heodo
2020-07-30	PO_07302020EX.doc	doc	839a966436672446a68fede0e400e5e124c90bae0e6166de896bcc790899a376	41.38%	Heodo
2020-07-30	FILE_UEB_070120_RFP_073020.doc	doc	6dd19eefd49748972e3b786c5f0bf83bc9686e1a74b67dc286cfbc09224ec503	40.98%	Heodo
2020-07-30	INV_PO_07302020EX.doc	doc	44e198d158e76b7f97f737aa5b74de20f159ad7f13b41608d7ef9b793201cb62	40.00%	Heodo
2020-07-30	REP_AK0928407068VK.doc	doc	fd2c870bab01edcb6af885cc070a9ededf595bb1b3613b83fb9313a3caf5e014	40.98%	Heodo
2020-07-30	33369202.doc	doc	47c48111a87bb2eaa02eeea65c8d80648d437d73124be5135ae75b968b0ee41a	46.77%	Heodo
2020-07-30	FILE_63808273296277250075.doc	doc	7d44f831d3f2a872bb859afa8572c6b61b11da75e5db08dc662221a6ae37008f	43.55%	Heodo
2020-07-30	Q_GPW_070120_GNE_073020.doc	doc	13e73da4adc126fa03c4f6e776fd1e257e0f3a50809ad6b9402d9498da8a5ad1	45.00%	Heodo
2020-07-29	FILE_PO_07302020EX.doc	doc	cb4750ddc6268762d29e9a7f31c375291ab9212cb5fb7f237b07610277735637	43.55%	Heodo
2020-07-29	DOC_NO4072084053JO.doc	doc	1e24e58cb2c121a7ade3a2ce349ac533fbb210d2b116a57aa10eeedd434eed12	43.55%	Heodo
2020-07-29	V_PO_07302020EX.doc	doc	b02f78dff91115955b8f45334cc5a532d1c96cf54823bec9cde37502564757a0	42.62%	Heodo
2020-07-29	DOC_606600826730130788714.doc	doc	ea1d07ae55467195b610358c91f9d4cb4f280d055e9a86158339ca3bdba8ca15	38.71%	Heodo
2020-07-29	INV_9VE3KDM9XJNJ2STN.doc	doc	a1337b78d948a4c579b396e2c35ae69111e6af596065944b6730552491a80d21	35.48%	Heodo
2020-07-29	EV6273439683GU.doc	doc	018beffb57923eb38dac054bea5fce0c4e9aca87f1971e226c7a7bacad5606b7	36.67%	Heodo
2020-07-29	PO_07292020EX.doc	doc	2943633ba53e10d5841fd2093f08d7cc931d48d3a78549260c609dbc8e8fb9d1	35.00%	Heodo
2020-07-29	DOC_44824877046.doc	doc	49b654c7a3f3c144f890e718d2f175223df6e2e0cc88ab5a5c27bb7dfa6c2684	29.51%	Heodo
2020-07-29	FILE_9572469206504484.doc	doc	4947e47ca102585589473567e7e3f0e8b9051aea7f9d08ee1409ddb7ad6bd2e9	28.33%	Heodo
2020-07-29	QNPY4D2VKYNSHIS.doc	doc	d760a46487725541e8c44463c4330d83efb97f55a550e307000db217380797e3	27.87%	Heodo
2020-07-29	REP_FNY1EFMXXUNKL.doc	doc	d6a5a7b0d69125f158c23719cc7bcebda6b8589bf4d5b051c3a1ca3371ae689c	27.87%	Heodo
2020-07-29	DOC_FG7N5OZHLI.doc	doc	65d7eedb3656e14a63cc6ddd0147af860bee960946e2e6d2bb020469f40cf61b	27.87%	Heodo
2020-07-29	THJ_070120_OTV_072920.doc	doc	db9b63cdcaff706197aea2e1a576f55006b3513170c106f6e2ee66586482b6f6	n/a	Heodo
2020-07-29	O_PO_07292020EX.doc	doc	b051dcc8a4c8215cd5456b9ff9d3de2ca7d04f269134ce6ebe467f79185046ad	n/a	Heodo
2020-07-29	ILQF_DYK_070120_QMB_072920.doc	doc	075c7bee49676a5bfce88288211ed92365f0a09e0d5c16e01ecb04398e9ba991	n/a	Heodo
2020-07-29	BAL_33362280.doc	doc	9ab92090f841355a66c7a8807dd706180f5326f0ac8711a80b36953821641740	26.23%	Heodo
2020-07-29	DOC_0R1I5H2Q60.doc	doc	0bf9db8ce1e0a3c281a6fc0f6eb156c9ba993b6b0c2372d808c2a6631f7e7b78	28.33%	Heodo
2020-07-29	BAL_KX7704067187QQ.doc	doc	b3a825ec435cb3188c7e312d426ebb88fc14bf826a552888d2b27110ec074175	27.87%	Heodo
2020-07-29	INV_SWVZILJFD6K5V8.doc	doc	9e3690a0a71dc239833dddc5b2aa94983eec61d88a636aa96f12bcfac9898592	41.94%	Heodo
2020-07-29	Y_ZPM_070120_TEG_072920.doc	doc	7c0d398298f8a56ad9ec3dcd76f6d3d3ec37d0235722697cf910b162f5c46ed2	40.32%	Heodo
2020-07-28	BAL_PO_07282020EX.doc	doc	840a3b8168fdf4428b543d87650addb48e7373d78b0caba579d8a4e49c6cf99b	41.67%	Heodo
2020-07-28	INV_MD7710505336TC.doc	doc	5b34e19f5078133f593980de384659c6fef2e32d0eeed63455151dec178fd2d0	n/a	Heodo