URLhaus Database

You are currently viewing the URLhaus database entry for http://karstenjohn.de/flash/rh2-sxl-48831/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	422520
URL:	http://karstenjohn.de/flash/rh2-sxl-48831/
URL Status:	Offline
Host:	karstenjohn.de
Date added:	2020-07-31 02:12:14 UTC
Last online:	2020-08-14 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-31 02:14:02 UTC to abuse{at}strato[dot]de)
Takedown time:	14 days, 6 hours, 20 minutes (down since 2020-08-14 08:34:47 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-31	InvTOKB9992630807.doc	doc	6b6e072d0d18e1b1c941206ff11fb1a9126c5bc5472e7466c68ff933bfd016d9	47.54%	Heodo
2020-07-31	invoice_5_0855805.doc	doc	90cf710734cf6dbbb39b138dfb1edd67ac308fe77cd9d0c8a7afbde0c1530000	47.54%	Heodo
2020-07-31	Invoice-EXFF9367-290800.doc	doc	d9df9c11966105eb6d7c6e8755e2efb6ea5fd54974fff23d390396b8ee1c746f	n/a	Heodo
2020-07-31	Inv-VAR6-3523826.doc	doc	604d8d4b25d82a9fa60525c21b4f7ff9f0edf0d00aea808ceef6bef8e9e4f4c5	49.18%	Heodo
2020-07-31	Invoice_WK0848_20865001.doc	doc	9420fbed8bbf98010e41a960a8bf2314eadd6423e12163e88553e78439867a83	45.90%	Heodo
2020-07-31	Invoice-ZQXG94-3683940.doc	doc	25c12d4806108d86841e67f79d958093ac0ee1b28322cbeaae2e7527322b66f5	46.77%	Heodo
2020-07-31	InvKEF252059011972.doc	doc	b2671d67c068a833209094947cc1f15c6169a854e02006f116cd342528850f15	47.54%	Heodo
2020-07-31	InvZQ687216499.doc	doc	527f944dd4527a40856fb21937f1dae339f1e6a6b1b1fb1f3aaea15220d261e1	47.54%	Heodo
2020-07-31	invoice_F9631_9946558.doc	doc	9ec1af1c1b3db0ed2a30a9c8c48a5cf7e16df9e7ab9a85d6bcf0e2195eaf36f7	n/a	Heodo
2020-07-31	invoice-N9-49952519.doc	doc	8d668df833984a5c527237ca2ab0cafd0d9358925912ce0c64cfb8fb749d09f8	47.54%	Heodo
2020-07-31	InvoiceM1780822467.doc	doc	2793dc7590ad4da3c118e4aac6a771ee48f213454bea29f708b1d4590fcf2ba8	46.67%	Heodo
2020-07-31	InvoiceM1780822467.doc	doc	2793dc7590ad4da3c118e4aac6a771ee48f213454bea29f708b1d4590fcf2ba8	46.67%	Heodo
2020-07-31	INVOICEDFQD8042983687.doc	doc	286e883e3fd7042dd61a284aafd1bb8cf55e274a5a5cae78da6f6c2e8084a24b	45.76%	Heodo
2020-07-31	INVOICE-HOQQ69-99239308.doc	doc	5e3e4c0db013c193ec0fc613f3e0876bd36a6ba53ce477f2b989f8732f645dd7	46.67%	Heodo
2020-07-31	Invoice-610-4383742.doc	doc	1610113eacc5e61b5d26ffd007e56edd58fc824c44c0c235f6f8f434acc125de	47.54%	Heodo
2020-07-31	Invoice-SV131-815648.doc	doc	f38d973c25ff2fc00109ee8ed445e3bdaf3fcaeff6db54b863ad025a9104ae24	49.15%	Heodo
2020-07-31	Invoice J290 202592375.doc	doc	99b43c6e14bfddc98c87cb9dc35cd89b59a2797e8893f5005eb0868226027f35	46.55%	Heodo
2020-07-31	Inv-UYDA3231-72042986.doc	doc	bdfb558047f777f0a0fb66e81bab1d2eefe9a0041a72d203b52456717f30a594	44.26%	Heodo
2020-07-31	INVOICE BOD4754 626819407.doc	doc	eb06e5d66d21212c7eb73e44c67b0748a034545ff7a5127eba4ca016692e4786	n/a	Heodo
2020-07-31	Invoice OBUK07 265057391.doc	doc	26a1feed3df8164358b5997371f3ccad341b539859c7ed75914f15c59df315dd	44.07%	Heodo
2020-07-31	Inv_CC59-972366287.doc	doc	3d8ef147ca84e9943fdc850171e2de9c05b0db3472cd05901e4f109e7fbe07f1	50.85%	Heodo
2020-07-31	Inv-CAGT2_087761279.doc	doc	c7ed06b6f4284ba3fd857f03875187654aad78683efa88d3ed984fe057d484ab	50.85%	Heodo
2020-07-31	Inv GGVO9386-2344151.doc	doc	c66fa17e4f5d76079707aa28d126feaef92ac1245b1ecb420e7e632e8eeb76a2	50.00%	Heodo
2020-07-31	invoice-CK2-007656.doc	doc	e3c6519f7b0b581bc58ccec2a76f8bce09e09658d05624ef33b7c5cce0197b6b	50.00%	Heodo
2020-07-31	Inv-FVQE573-710283244.doc	doc	1d15a177160eef1bf592ab1b3f84d6153b13e07216de245a2ceb317635b7ada5	n/a	Heodo
2020-07-31	Invoice-2{:REGEX:.doc	doc	9d87ada7dcb70d012d66826ec3f4f26a2f853edce07b15282c119048283a80ed	50.00%	Heodo
2020-07-31	InvG3725_423026610.doc	doc	cb27bed9b173d425693fe6c19d0d7502d62645a8fff074790841a362952e9936	50.82%	Heodo
2020-07-31	invoice U8 517889.doc	doc	1e253d59d5ef3aaf08431b406cd5c024476603459b847f6b40dd0f86827492c1	n/a	Heodo
2020-07-31	Inv CUA5383 8884744.doc	doc	c8e498b47aef6cfa8fe5259b40faf397127d496992e126c2f4f6026f7945813b	50.00%	Heodo
2020-07-31	invoice_KHR9097_590846749.doc	doc	4f8f6304215b6672eb28a000d84a4476f5a323270f08606b2970f38293051d21	50.82%	Heodo