URLhaus Database

You are currently viewing the URLhaus database entry for http://www.kyesgroups.com/cgi-bin/i0boam6/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:422320
URL: http://www.kyesgroups.com/cgi-bin/i0boam6/
URL Status:Offline
Host: www.kyesgroups.com
Date added:2020-07-30 18:51:05 UTC
Last online:2020-07-31 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-07-30 18:52:09 UTC to alliance{at}qualispace[dot]com)
Takedown time:16 hours, 43 minutes Good (down since 2020-07-31 11:35:15 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-31KX_PO_07312020EX.docdoc 9d977100fbc0696a384555e8b0e6890ad2468aacc5eb30bfdf9ab29030908f20n/aHeodo
2020-07-3133394271.docdoc 728a0a1d8f9a71bd86dce389f0dd100a5abd819ea428304f97e35104903c0a28n/a Heodo
2020-07-31XDG_070120_IGS_073120.docdoc 49607420463039be83e2fef6d13b6998ba5829ba255f017c28ce9fbb5f45487cn/a Heodo
2020-07-30REP_26178285.docdoc 74f0fa0d9032c0301195d7f01ae3c8bb80b14c34b5fd2073dcfadb9c859f9eb4n/a Heodo
2020-07-3097879654735942749842586.docdoc dd4fb6c70656957415214f04b8140c86f59491dd53c396283d1968888e5a48fbn/a Heodo
2020-07-30PO_07302020EX.docdoc 739999be96da622abd32dd18bf0df9df34bc9ffa588947f3bf6d8bbbc62560d3n/a Heodo
2020-07-30DOC_87491575.docdoc 0dfe8241724d2db0c393e179062ae196f5655be6e3335c37b05cca6cbb2e9205Virustotal results 47.54% Heodo
2020-07-3066919372.docdoc f3ceae5781ace1e523935bb48baaf6484791c5cde8e95f8ce6db69f31b2917a4n/a Heodo
2020-07-30BAL_PO_07302020EX.docdoc b3c476526978c5ce2f22627e47f21fdd3a16f03b166965bac3be05ca29b80575n/a Heodo
2020-07-30C_IGAZYASVOPGHM7.docdoc e36e626e95cc4e2feb34bfba30b423f08786bde39a1ddda5fa65ce1abc18bdb7n/a Heodo
2020-07-30E_HOB_070120_FTM_073020.docdoc 480c09c767d7d8bee2916835636723b23b4937624419029f35e16f4ab1ed6293Virustotal results 46.67% Heodo