URLhaus Database

You are currently viewing the URLhaus database entry for http://wolfgang-brodte.de/3_jsb_1/InAUSx3_YvqcLPC50WmjwpA_6F42D_IlppKeWVoP/additional_Pl1BhCsQs_YZU1zDb4UNEM/jzl_90sst29933z/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	426364
URL:	http://wolfgang-brodte.de/3_jsb_1/InAUSx3_YvqcLPC50WmjwpA_6F42D_IlppKeWVoP/additional_Pl1BhCsQs_YZU1zDb4UNEM/jzl_90sst29933z/
URL Status:	Offline
Host:	wolfgang-brodte.de
Date added:	2020-08-06 15:10:05 UTC
Last online:	2022-01-21 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-06 15:12:02 UTC to abuse{at}dogado[dot]de)
Takedown time:	1 year, 5 month, 22 days, 16 hours, 18 minutes (down since 2022-01-21 07:30:59 UTC)
Tags:	doc emotet epoch1 heodo Quakbot

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2020-08-08	ARC.doc	doc	eea494e866becd4ce5d21eaf4ba21c10cb806a32d385336edd7517d8b14af028	43.55%		Heodo
2020-08-08	Inf-2020_08_08-CQN85240.doc	doc	ba50483a5407dc7d213263534638c2e4e0445d9d06f977dc496e979beda32f33	40.98%		Heodo
2020-08-08	arc_U734.doc	doc	84cce9a551dc2eb66990351d4d17dd8c37f457ad337bcb9984231f608208258a	43.33%		QuakBot
2020-08-07	Mes-2020_08_08-F059376.doc	doc	5d2b88e4fefb1593bca1de5b27276ba0d00140416c91339fc6fd44431c8ccbd9	40.00%		QuakBot
2020-08-07	inf_2020_08_08_T691.doc	doc	0ac47ffbd42f03c480345a7dd4402200a64b23da9c45e237bc7dd243e9047948	37.10%		QuakBot
2020-08-07	file_20200807.doc	doc	ee7b2f0042263d2cbc547f52e238a8a60507a9ff53e108b1d5b6b69f8b1f9cc5	35.00%		QuakBot
2020-08-07	INF-FMM412.doc	doc	acf64b8e97e3201f06314a33733d479adef77620d8c569663be2e02c3ef38e98	33.87%		QuakBot
2020-08-07	doc-20200807-5947.doc	doc	016ca89513a40f3189a3620d63b4ddeecb49bb57f1459ad75154e1ddd9f2370f	30.65%		QuakBot
2020-08-07	List 2020_08_07 860092.doc	doc	d44d322769b573492a8bb345b4ffa1062789e82c500080d25cd09227c79d8483	33.87%		Heodo
2020-08-07	mes_20200807_5736.doc	doc	072138e64fe9212286d645d47ab5325eaae32be326e84d10ccabd02db7a7a320	26.67%		Heodo
2020-08-07	Arc-2020_08_07.doc	doc	e557c9d2cc0e3f2aa2355b58c657834d11c61fe22903ea0800713dc9e09632c0	26.23%		Heodo
2020-08-07	File-20200807-O67215.doc	doc	bb249753b6fd6220b43602a1122cd458d29055d3e37603c1a3a1e2f21a81366e	26.23%		Heodo
2020-08-07	Arc_2020_08_07_P121.doc	doc	aaf9724d17a02da2ebb37c991ad51b1636ae22b4af318713bc3aa68538bb632c	25.00%		Heodo
2020-08-07	arc.doc	doc	6e71a853888a1003e802086ff2678b16c1ac8438a7aad302b425a38ddf758a49	26.23%		Heodo
2020-08-07	file-20200807-190.doc	doc	dcbca5178ec82c9ca7b5355ddb5428abcfdb200b495fbc9326d3692f7397817c	26.23%		Heodo
2020-08-07	INF 2020_08_07 5673.doc	doc	a6cf38618a58d0076e02ca5aa15020a6971e1367e0b8c00168775a31f8b92618	40.00%		Heodo
2020-08-06	list-20200807-402.doc	doc	bacc4dea56cd5fd7eb1e3ac21f3f21298ca2c977a2989aa1e5caedb79e6d566a	26.67%		Heodo
2020-08-06	ARC 2020_08_07 4601.doc	doc	4408cae66caeccce648cd57d6487635ff1ee6f3a9cac4830ef484df4b24c2fa8	29.31%		Heodo
2020-08-06	File_20200806_JDH898405.doc	doc	70600ea20b1ce00f93af9afd801ce0915972b4102901b00d37b8f9a7f782a036	26.23%		Heodo
2020-08-06	REP_5015416.doc	doc	e4c0b9acd76b72b5cfaae774818c9222ae052b5fdcb6c29bac642d6c0b720477	26.67%		Heodo
2020-08-06	LIST_20200806_B2647.doc	doc	197e3c11e30b5ac40cf44d64892fde49f4c6dc66bcd343027d78159fca14ac18	22.95%		Heodo
2020-08-06	Rep 2020_08_06 12239.doc	doc	ddb652ec9e00912f9e8a8906221af430f98963061d663c02245d43c49ce1ad4d	22.95%		Heodo
2020-08-06	ARC 20200806 RYS855.doc	doc	8c4880300209ca49fdbbe5ccc1b13e131a7c6cd2407e916c1f524caecc30fc3b	19.67%		Heodo