URLhaus Database

You are currently viewing the URLhaus database entry for http://www.krausen.ee/cli/gevfff3b-na4wr-resource/individual-forum/bjir54i-533xw3/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	426354
URL:	http://www.krausen.ee/cli/gevfff3b-na4wr-resource/individual-forum/bjir54i-533xw3/
URL Status:	Offline
Host:	www.krausen.ee
Date added:	2020-08-06 14:49:18 UTC
Last online:	2020-08-19 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-06 14:50:02 UTC to roman{at}compic[dot]ee)
Takedown time:	13 days, 0 hours, 8 minutes (down since 2020-08-19 14:58:58 UTC)
Tags:	doc emotet epoch1 heodo Quakbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-08	arc_O804.doc	doc	fcc0bbc42e2e7c52087a0a4da5dff8a2ed8efddd80d6a4805aa9fccfbfdd3910	40.98%	QuakBot
2020-08-08	Inf_2020_08_08_478.doc	doc	cb59fe31661123327d6efebb10d883b195b318c6da1739d129dfe2616eb3a7a2	42.37%	QuakBot
2020-08-08	mes 156.doc	doc	5293588efc9ab0d7fb9777c0bf75ed1974bcc07364bd907aa5ff69b13de3aa46	40.32%	Heodo
2020-08-08	ARC OM8765.doc	doc	424cf5c4a91c06c70e70f85621afca02a6335435bc3aca17a07b860ca1d9cfb2	43.10%	Heodo
2020-08-08	Arc_2020_08_08.doc	doc	93ec25c002b55c38fb31a036675ae4137bf12ddff82518ecd596e4282c2d08d5	44.26%	QuakBot
2020-08-08	doc 2020_08_08 0931.doc	doc	da431f9f7888ba7c9912a4ddd22f7d4bb12fcb99f9003d0e5b37a30ba731462e	42.62%	QuakBot
2020-08-08	REP-512130.doc	doc	2ef95fd9c222a0b299b53659e79526a1281e9d076b75aafaedb447034237ba36	44.07%	Heodo
2020-08-08	Inf-NDQ2114.doc	doc	f21e6c6dd73f1a99d913d80b3465c4aa3df89467e4a9711cda9de6b9f3c310bb	46.77%	Heodo
2020-08-08	Mes.doc	doc	8d118098701f23422ec3560934134ab170767e28ea66c8a336be4dc8ec102987	44.26%	Heodo
2020-08-08	dat-2020_08_08-56468.doc	doc	70d75d5cd67db6987e30cdec0ba5856d4d7acaedba8e771af42a12151b44295c	41.94%	Heodo
2020-08-08	list Y4772.doc	doc	f7d99e7dccbb7f860f4188ef450ddaa922d31492887b916a96a802c556303f5f	42.62%	QuakBot
2020-08-08	ARC_2020_08_08_I61492.doc	doc	a0106e59dd260be14700f439f7a350fc5c02d1c3f1eea2c3da779ea8edbdee42	42.37%	Heodo
2020-08-08	INF-UT35949.doc	doc	68fa39fdeeb2482b9dbec2a1c2a7649e0a1e4b883528ef42b407a240bac4065e	40.98%	Heodo
2020-08-08	DAT 20200808 65575.doc	doc	62112657085b9dc12429d5002978a67b6a792db61dca0bfd23db9d5370717ec5	n/a	Heodo
2020-08-08	mes 2020_08_08 NML9305.doc	doc	d840943a1f750210b98a2f26d5852b1c58ce7e454a38b38884f0b5371ec1198a	40.98%	Heodo
2020-08-08	file-95464.doc	doc	a671e2959966d9a945046df0dd4a878fbe99b378e108e50c8de5a2746ce7dde8	42.62%	QuakBot
2020-08-08	FILE_20200808_537166.doc	doc	4be780211b5eeca427c252f629f2ed5b1e7062193463819a056e705ffa9df1ba	n/a	Heodo
2020-08-08	rep_20200808_PQJ913383.doc	doc	ce5d6aa5b1cfe76e48ec485669e784f6e6fa115c5c008cd89c499726b2a74652	40.98%	Heodo
2020-08-08	ARC_20200808.doc	doc	e9bf95d02c5b2b1e8ac21c595cce59294b8a54da32e71a619cdf2ed03448dc96	40.98%	QuakBot
2020-08-08	DAT 2020_08_08 LG851.doc	doc	1562546e7af2a1ae8fdc323c8c8efb077d72b897914796be46b612c6379b1d29	40.98%	QuakBot
2020-08-08	rep.doc	doc	eece4ec540e8ae52c63b4384986f2de0003b5b51d486ee8602de1709feb06dc4	n/a	Heodo
2020-08-08	dat 7961.doc	doc	e49e34bfeed9d527f6a2c80df9f388d89705278aafa1aa2b250556754ac38944	n/a	Heodo
2020-08-08	Mes-20200808-81718.doc	doc	132a79f10403808ae939cca854d6eb7a7f061536f04f3d1b735c0284ac46b163	40.98%	QuakBot
2020-08-08	arc O80242.doc	doc	4749be0b925b0d49c831813a68772865cc0448b80e10fc43d06b81c93c5c9e34	n/a	Heodo
2020-08-08	ARC-2628.doc	doc	63c966c20ccc686dfa62a5063bff299d385ea9f159cc9a5b79dc59063fb9514f	43.55%	QuakBot
2020-08-08	doc.doc	doc	ec11d3cebaa5d4d05ef93c8b88ab79e34d82fede8daa5a821d119d12de060ffb	44.26%	Heodo
2020-08-08	doc 20200808 J99709.doc	doc	f3be0b911d44447b80b1337f332187ad596fbfe6a0739cdacdd2f9d759e12114	44.26%	QuakBot
2020-08-07	doc_1151768.doc	doc	53ac99d5826bd318da8d98fc65d4b28ee61fd3f4cf67cdf387cc88e35a0fed86	n/a	Heodo
2020-08-07	arc_2020_08_08_RL464954.doc	doc	5d2b88e4fefb1593bca1de5b27276ba0d00140416c91339fc6fd44431c8ccbd9	40.00%	QuakBot
2020-08-07	Doc_7010027.doc	doc	e8cfc1ea617361564b695bbb732436a5b497bec2660b878ca91e398406298900	36.67%	QuakBot
2020-08-07	Rep_2020_08_07_41975.doc	doc	a69000df0de02fa33f76a39760c10e3b343cf3987577aadd182e361f49d7f5eb	34.43%	QuakBot
2020-08-07	Doc_5944233.doc	doc	646ccd64823cfa77dbb491953dde3333f48c8c19ac7a2753088a96dce8b0d397	33.90%	Heodo
2020-08-07	Rep_2020_08_07_7408281.doc	doc	1efe160047fc230f05990587dea94ff8f3a0677431f83670f9706ad2fe7d69c7	36.07%	Heodo
2020-08-07	mes-2020_08_07-122258.doc	doc	72e7b1f1f982d507c7ffcce28b3d49cd61c6ae305f47ade10cb7da5f3210ba5a	33.87%	Heodo
2020-08-07	mes-20200807-8493.doc	doc	7ba25693e2acb9afa6c453839ed62fb82efd94369f13a1549a0b57b8949cf0cc	33.87%	QuakBot
2020-08-07	FILE_B806871.doc	doc	5cc4b2533d3e8e5c1b21cdae7a43f181f01351036c17fb3b35fd05c59383552a	34.43%	Heodo
2020-08-07	mes-879.doc	doc	420cf1f6784246f59cc804ab9685106d033fb5d1d8d3e76558418bc0786f7b69	29.51%	Heodo
2020-08-07	List_J1284.doc	doc	612b33cca81c88e812436d48c987273b54a73bdc04a908102beac2aaf50b5825	26.32%	Heodo
2020-08-07	MES-AG683990.doc	doc	e3fcefe4f56ac0b117abaaf8fb063b466bdfa3a115a2992daa4cd928cf46b3ce	27.42%	Heodo
2020-08-07	MES-162755.doc	doc	9f3d4befc75b49a5e090558b5cf953d5da87bfac56db564bfdde1d36d6ad7b74	25.81%	Heodo
2020-08-07	Inf-20200807-CM621.doc	doc	5080eb6df265a19a54691328b412d3f78cee2e6e21284f98c03a973300334a72	26.67%	Heodo
2020-08-07	list-H599549.doc	doc	bb249753b6fd6220b43602a1122cd458d29055d3e37603c1a3a1e2f21a81366e	26.23%	Heodo
2020-08-07	Dat-22258.doc	doc	a288dd3026142c4fb729f070fdb05a968a11a0cb77d24bdcc066866ac51eb936	26.23%	Heodo
2020-08-07	file_CVH709487.doc	doc	3ec975d212b214553bac033787cb72d8310c493b5261f76b8ba3b5421b9f31e1	26.23%	Heodo
2020-08-07	Dat_MTG107362.doc	doc	11a879a7d8dec97462c1c9185051ef6a793dfa91fa064697aebc8e58839b888e	n/a	Heodo
2020-08-07	List 181.doc	doc	3915157ac78131871b91bc6eec62153f53f74c5f6e7b6c23451f4b55688a14cf	n/a	Heodo
2020-08-07	INF 2020_08_07 IDO573.doc	doc	c9446d50702574217eb30ddf8a9f1752c77215b5a1d6a451532920aa2a8ad5e5	n/a	Heodo
2020-08-07	list-2020_08_07-08321.doc	doc	382174823a7c36d512b36fa77c017170465f34034a645db3517ca6de6e902aaa	25.81%	Heodo
2020-08-07	Rep-2020_08_07-LDY86754.doc	doc	d55a2e0971027bd30b6722f6827d6344f1126b7f7ba6c04a91179b881ca6e98a	26.23%	Heodo
2020-08-07	dat.doc	doc	1cc3fe55cd9952581cd54ff7b1a12d5a7a2aa90d760fda8b9a6b2ea8d010e1a7	44.26%	Heodo
2020-08-07	List.doc	doc	e3cfb2e0648535875890582842fe912425271c2dfaeb7c1ef7f982a9ac41c18f	37.70%	Heodo
2020-08-07	Dat-2020_08_07-GS740931.doc	doc	fe032b45e17799af19f0dff52340131849e761ed8072baa910c48854206f12b6	36.67%	Heodo
2020-08-07	file 20200807 W8016.doc	doc	2a7f0551cd0fa000ed5992db4346987430e32084240b9eb53ad0369763734b71	33.87%	Heodo
2020-08-07	REP-1461160.doc	doc	ff8de7de95e6aa0e4144a28e204c568e2b0897039d3c6925195053aa742cd7f6	37.10%	Heodo
2020-08-07	MES-2020_08_07-66360.doc	doc	bde536ff0957de3adb9867d66016e8c3cbf60783323bb1589b762ca55e034fd0	37.70%	Heodo
2020-08-07	ARC-20200807-E902.doc	doc	ae908684371dfff2fef8392c36cbf6a27800823f0c41b16230094f8dce844029	32.26%	Heodo
2020-08-07	Mes_2020_08_07_202493.doc	doc	8dee1c489137e967d7674246af7a20f33986189be2bc33d2d1c2a766391d65d1	32.26%	Heodo
2020-08-07	Inf-20200807-LEC701.doc	doc	13c170ae434fbb8b3aacd4d570a8e87de168decd5016266098bff59c7b388df0	29.03%	Heodo
2020-08-07	LIST 20200807 12823.doc	doc	a9f3247aa61118e5538983621ebddd91a88c6fef1097fd3f142ce169b078cd7e	29.03%	Heodo
2020-08-07	REP 2020_08_07 R09737.doc	doc	6c822bf85153ffff4d424e12352a19e60d31782008681d7287a00bf4750feb70	29.03%	Heodo
2020-08-07	inf-502.doc	doc	5bb39eafa5028062850d6792e1c03eb121c1102ab0454e68ab2ae662305c2f3d	31.03%	Heodo
2020-08-07	List.doc	doc	cdad26800b0cbf8b3c591cc545378d50c93a28c735fada99d6bbe4228f2ed6b0	27.42%	Heodo
2020-08-07	doc_VZV290.doc	doc	b8dacf3ee73cdfc545f0e66e81dd8331ad345136a5a94dcc78f387bc7dfbea3f	29.03%	Heodo
2020-08-07	Doc 20200807 SNS7284.doc	doc	2a005cc6ecad083fbacad57dd64f003039138ab3058b1914a4857ea7390df298	29.03%	Heodo
2020-08-07	dat 939.doc	doc	2d9e8d19691ccc198cf997196c54e831404e2577b1bd3c17ae29b1c78b0f95a8	29.51%	Heodo
2020-08-07	File OT0024.doc	doc	cb965595bedf28e722085f2c70f7ade49c8c594ecc499ce0c78bd06d6365cab8	26.23%	Heodo
2020-08-07	FILE-IE468794.doc	doc	90f8bbf6dee1ad7d38d610ea379dd8fd80444592cadac1f1497cad9b6d4e5caa	27.87%	Heodo
2020-08-07	Arc_2020_08_07_OGD0704.doc	doc	ce537cebc52ef63cd5bf7f35abb10712d236835b821443089e3c40551d3cf481	29.51%	Heodo
2020-08-06	mes_95164.doc	doc	3a17dd818992725fb9bf1c2e0d4d18141f5b9fe15a184e7ebac32b935fe7e60f	26.23%	Heodo
2020-08-06	mes_20200807_935.doc	doc	2c5b7f8488ec8abc944d1a90f84293494cb7c6dea6cd23bad40fce8429f41442	29.03%	Heodo
2020-08-06	doc 71982.doc	doc	834ae3e3344f994a972b0a6dd3850fc3a7d26a9d1ab48ed2c3ec49e34239147e	29.51%	Heodo
2020-08-06	Rep 6493.doc	doc	9fda153dee6f47ac4ab198402cc17dac3bd96bd975458ef5dc23e2345abe48bd	26.23%	Heodo
2020-08-06	LIST Y1840.doc	doc	a1668530748354caf4b83b007f729aa168414a2e53c2c87bc4043bdd0c7a3c06	25.00%	Heodo
2020-08-06	Dat 2020_08_07 50284.doc	doc	60317c70b7bf645aaa1486df2110ed8d5b562fa849d73b3d6c850093713545b8	n/a	Heodo
2020-08-06	Doc_2020_08_06.doc	doc	2390a70453dddc7b17d5b2b8ddccf943b3004dc5550d6537d2bbaa9b5e7feff1	n/a	Heodo
2020-08-06	DAT_20200806.doc	doc	e4c0b9acd76b72b5cfaae774818c9222ae052b5fdcb6c29bac642d6c0b720477	25.42%	Heodo
2020-08-06	Doc-HGD2974.doc	doc	ec158636bf6fa445fa2815c7ca11d6d21210ab8d95180bcc110164193210fa58	28.33%	Heodo
2020-08-06	doc_2020_08_06_NK012214.doc	doc	8b7d452fbddc7ae83d98a52e61df4d58e8376e0aac9419dcfa40777aa279a0a1	29.51%	Heodo
2020-08-06	List-20200806-O89993.doc	doc	6fe8349ccebc45f037092980a9e57cb7b5187dc2058c54b5a2be64d57c0cead7	n/a	Heodo
2020-08-06	Arc 560310.doc	doc	5d3307535ae53d63979ef1653955d6d158dd1b5b91a623eac5e044c4d8fcb54b	n/a	Heodo
2020-08-06	REP 20200806 964754.doc	doc	8de17adc871dd2bf55bc2e2f0b799772bbf81891cef9f28bdbbb5783a260e38e	n/a	Heodo
2020-08-06	Arc-2020_08_06-5949.doc	doc	b1f9e43e7c341f9cf6b44ef2864eaecb8d70e417f5e0550b805d1705b75dcaab	n/a	Heodo
2020-08-06	MES P41299.doc	doc	d0a24444d0f97ecbc49b529c1e8ad930ad3c32d18b825aa7f90cb9ddc45ece0a	23.73%	Heodo
2020-08-06	Dat 08127.doc	doc	3ab9a472141139b40fc79113a1938a4e2a47b4e3ef657dcb687fe93a3ef23299	22.95%	Heodo
2020-08-06	Doc 20200806 Z1110.doc	doc	8c7bd0ce39e4ce213d3a16f12ad37431978b78982519ba7500a61d180929d45a	23.73%	Heodo
2020-08-06	list QJ518252.doc	doc	19b8385b0b03c41090e393a31e0b86cb628b2d697fcbe1c18e359dac4fbc83e1	22.03%	Heodo
2020-08-06	Rep_2020_08_06_6004.doc	doc	f1b9b760caf05e99ffa15c3744254dd36a6b3523523d3796930179b9edd909d7	23.73%	Heodo
2020-08-06	list-0892736.doc	doc	cdc18ee9b39177102976aecea6f2bd6bd760ab97431acd2dc4524483aef5a903	22.03%	Heodo
2020-08-06	Inf_2020_08_06.doc	doc	197e3c11e30b5ac40cf44d64892fde49f4c6dc66bcd343027d78159fca14ac18	22.95%	Heodo
2020-08-06	ARC 20200806 U63580.doc	doc	48c9122a26741dad73b2b5eb26728c9aea5e93081462554216fe3710ce612a22	23.33%	Heodo
2020-08-06	List_20200806_H073635.doc	doc	4d8a76fb397eadec8bf35a9af47f70773ad8d08b861c9c8a30563621dfc15dd4	19.67%	Heodo
2020-08-06	MES_20200806_EN0794.doc	doc	0033641fe77d34c44e49129342a8e4af7454780aadfaf2a9b9e5e0bcfcbc8491	18.64%	Heodo