URLhaus Database

You are currently viewing the URLhaus database entry for http://kaleeza.com/qesnd/protected-module/external-profile/okOlo3K-23eHtcKw3ng/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	428168
URL:	http://kaleeza.com/qesnd/protected-module/external-profile/okOlo3K-23eHtcKw3ng/
URL Status:	Offline
Host:	kaleeza.com
Date added:	2020-08-10 09:25:35 UTC
Last online:	2020-08-12 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-08-10 09:26:02 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	1 day, 15 hours, 2 minutes (down since 2020-08-12 00:28:45 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-11	File-2020_08_12-G98722.doc	doc	db2aadedc60eea4a3a77bfbd6c1334cfca2091f721e34c196cde4f47624bcb90	49.15%	Heodo
2020-08-11	LIST 7297790.doc	doc	db647367365410a0e5641b0f84a8b1ca4da7a3266d34b01971653e29821aba39	50.00%	Heodo
2020-08-11	Doc-2020_08_12-099265.doc	doc	0241b1ed7a1656dab5d9fe64b7e59fec547126495769ca53d78220090b494889	49.18%	Heodo
2020-08-11	Mes_2020_08_12_910.doc	doc	116d5a4d0b83b31befcc51de658fe9a2a9554ada261572c59be7e4c01a077efd	50.85%	Heodo
2020-08-11	MES_O16185.doc	doc	593a1eee983e1c66c480fc52ce564f0ebb60c48d5cadef3f5ed4367d32f1112b	50.00%	Heodo
2020-08-11	Mes-78293.doc	doc	6c45ff153d6de80d056c6f69da227ecd5bbe257a22d4942cdc493a5d623d7cf8	50.00%	Heodo
2020-08-11	Mes 2020_08_12 24604.doc	doc	44724d6fab9198dd3ea8ae7603a47ccfc4d05d3341896db1598e321d4fa1e408	48.33%	Heodo
2020-08-11	MES-20200811-JNC8242.doc	doc	13114e608a7cc05973b50935d669f9bb5a135bee36e1f29a47243cdcb3cd7401	46.67%	Heodo
2020-08-11	DAT_20200811_699.doc	doc	6c43bac38a962a5ba3d1c691a45946526dc5a550897af82d14982b94077a6d29	48.33%	Heodo
2020-08-11	MES_20200811_N72319.doc	doc	9761b08fba6f220e64e7cd463ab0fade7ad359b78431e8272557bd70a7c4e7a3	n/a	Heodo
2020-08-11	ARC.doc	doc	fcf12915febaa89983bd1db12d8ee00046fe77d5012b2cf75a08fc8fa9aa2791	39.66%	Heodo
2020-08-11	dat-20200811-XZS2788.doc	doc	308dd9d0b4a83eed9cf0f4d5014a22bbb9f37b197d9f8304612cb48397cd5404	n/a	Heodo
2020-08-11	File-20200811-041279.doc	doc	9081c21cb26135e8d85675222746dc6dd85b90f195e45ca7cc051103751fa512	39.34%	Heodo
2020-08-11	arc_20200811_T9442.doc	doc	e55a8128dcdbeb38bece187c83b4066e4c92f5d4d2fc16cc1375139a39cf148f	n/a	Heodo
2020-08-11	File-20200811-WZ494533.doc	doc	0c2fd444f2fb9f77cde4f5629c19ea2ff814f7cda10a63a6bc6227d3ce403b4b	36.07%	Heodo
2020-08-11	arc-20200811-432372.doc	doc	4a0b580e9b59383cef5ee984231048e27d3e01c6bbc31f779fc80f435d286940	37.29%	Heodo
2020-08-11	MES 621737.doc	doc	3f42c82f2f7de6ef82c2ecb7cd33aead81989314771113ca39e4b739a0d8f4ad	35.00%	Heodo
2020-08-11	doc O24624.doc	doc	bef25908178e50a5ea5c9427e2d767e442719458414443980f1d1454659d4804	32.20%	Heodo
2020-08-11	rep-20200811-DKI444601.doc	doc	443267f63d955561b6da7e86366dcbd233c605fb7eb3b92e5863f7482738e692	32.20%	Heodo
2020-08-11	Mes-9298315.doc	doc	356e3d6505e5c614fd7fe96e3e20c392e04e5b6e552a28f069dd37250d00508e	30.00%	Heodo
2020-08-11	INF-20200811-QSG468186.doc	doc	c279b2621cc960bc14d86aa7b7a8ed1d61346e3e582e77072b43a1631871f3f1	30.00%	Heodo
2020-08-11	REP.doc	doc	db7193bd4ade13db9176b928367925a9c2a83e175a118ec2c74fc16697408d80	28.33%	Heodo
2020-08-11	File 20200811 647632.doc	doc	daccc3f4d9032a47fb56afa6a569152acebc38816483069d8101b8109759947c	25.00%	Heodo
2020-08-11	Arc 2020_08_11 023092.doc	doc	23315f65b06123e965e1949c08085c097b3efc919a3807955cd3e1acc596e809	25.00%	Heodo
2020-08-11	List.doc	doc	29d67f5bde2807da0a4316463578997237825ad1a5e219e2dc5d9c4efa4cf3e1	25.42%	Heodo
2020-08-11	Dat-20200811-67157.doc	doc	d990f8ea6afdd409b408fefaf18c4bb205c5fef6397e1e6d7c9466a47b138cb1	24.59%	Heodo
2020-08-11	Inf_978729.doc	doc	a6913ae8ba43c0a8e7e2b3ad3e2623096c45be801d9274e6162c679cb4fd80e7	24.59%	Heodo
2020-08-11	Arc_2020_08_11_2596.doc	doc	a72210e93b8fbc11a25dec4ea2f7d6f637a31a66e36a71a9b1c9ef71aed2b62e	n/a	Heodo
2020-08-11	MES 2020_08_11 ZZ426741.doc	doc	e110bbd4a3f29fa7c662bf2dc8a9c59cdf48bca88ea30bbb6d4ff9e1a84dabef	n/a	Heodo
2020-08-11	REP 2020_08_11 9744413.doc	doc	1120dc774813691b283970a1c385789e1348091375188983a903c5143f52beac	24.14%	Heodo
2020-08-11	list_20200811_770.doc	doc	536b576ee383293c352508e2258405e78d42a0230474639bb2ac5fa8ffbb69f5	23.33%	Heodo
2020-08-11	FILE-20200811.doc	doc	eaa9a3fa2103d303ee4a16d7a20d7fa41d0047bd31a6bd1e1a6718cf4df41881	22.58%	Heodo
2020-08-11	MES_2020_08_11_EDJ069787.doc	doc	a51e7379fef43bbf21941ddef5d6fd076412f983dafdc0f412b0cda171388b1c	23.33%	Heodo
2020-08-11	Arc 20200811 KFJ758.doc	doc	29ae6ff3622d09aca177f365b6d5a709ed8606b40eb32f9c7a9dccca27acf22d	23.73%	Heodo
2020-08-11	List-9548456.doc	doc	12587249744f2253a36fa401256c0bfe0d806185522023bd4862720f14b9cb15	22.95%	Heodo
2020-08-11	REP 20200811 42029.doc	doc	ac20765cdf4d1038df199a09c940feba4bb9cafde628ca8abbd316fd299463b3	23.73%	Heodo
2020-08-11	arc 20200811 WJV9443.doc	doc	c63d69fb1a335468a6aeebc2b8af051bf71cb55b4808a17409b332fc70728b8c	44.26%	Heodo
2020-08-11	ARC 2020_08_11 7830.doc	doc	61a3696a9198091587a55008ec682860adeddaf5a0cc68060e71647881009598	43.10%	Heodo
2020-08-11	DAT_2020_08_11_599.doc	doc	fce0f3d055c058d10eaff76ccd0a00bc87a7fb733b1ce6894e486b39ebf6793f	42.37%	Heodo
2020-08-11	REP-20200811-BUO5814.doc	doc	cae649fa4834fbe773a6759d1c55036ab5a152fa90aa2f64b7751e50b3e7deeb	43.33%	Heodo
2020-08-11	rep-C133535.doc	doc	353b24cd1dbb7be15133b64495afbbd1846a83e775870f07cef1efc21c411ddf	44.26%	Heodo
2020-08-11	Arc 2020_08_11 DL5451.doc	doc	bd21c54cff53a13d78966917cf55e87135e7020967d2416f6a0b259beba63dba	43.55%	Heodo
2020-08-11	rep-2020_08_11-ASE7521.doc	doc	980c5eb49f054079a587ddcfe2c193c45a1a6be41100c5f1179df24c87986712	42.62%	Heodo
2020-08-11	List-20200811-H674.doc	doc	92f8226b4916acee5abadfd888bd396b2979be223db46252b4decde8b4b3667c	45.00%	Heodo
2020-08-11	File-20200811.doc	doc	e4790d41e27c6978baf5ccf9461b74b1e9606fdc7edcb4d2022edafc3d8a6fd6	44.26%	Heodo
2020-08-11	Inf-2020_08_11.doc	doc	13c77da9bbdaea66303dfe4cfcb8b5a9f8eae8d46f1e710ab6574c73b2c1d91e	44.83%	Heodo
2020-08-11	File_PWK909.doc	doc	3b8c4e97505c638f5483d32e67e05043b3f245cb397a0069370eec83299bb2de	43.33%	Heodo
2020-08-11	ARC-062.doc	doc	884876d14dea6bbb5b0486ae70f7a87077f5f3fda54e5d2e4ac65a912e0456b9	44.26%	Heodo
2020-08-10	ARC-2020_08_11-315095.doc	doc	1ff50f088800028624af3ad83890529e6cd409d4c797d27b35f77e33fe36793e	40.00%	Heodo
2020-08-10	LIST-Y88938.doc	doc	a685d179f34dc5fcb9fdb968d93826a1931f9e729bd7fa6491dc6cacf4ca0c68	40.00%	Heodo
2020-08-10	Inf-20200811-HGH83095.doc	doc	230cc48c70942780ddd2cc9327ac6c9b96bd8c1272c1ad0ccde75cced629204a	40.98%	Heodo
2020-08-10	rep_2020_08_11.doc	doc	6c9c1e35a22b32ad9722b917f0562f65ec1e6f847bcbd63e4b5ca9a09738f860	n/a	Heodo
2020-08-10	list-2020_08_11-7740.doc	doc	57ceb97127a173ae60027dba4b90aca54c66a1b120c77c875faaed74b93a5f22	40.98%	Heodo
2020-08-10	Rep_885.doc	doc	73c17caafafa44d5ebd7a8d48e34c9bb754001950b197e63c5c97996246be9be	40.00%	Heodo
2020-08-10	rep_4670990.doc	doc	8bac60fe9c581db6206a5ca49fc3fc76df934a47006c8effcd145a6ab3c70cc8	40.98%	Heodo
2020-08-10	Arc 20200811 FJ966977.doc	doc	5c5c196f98303cb83fe01bd0c601c680ca5b4d5fc5d194a31da99bb0492bcda6	41.67%	Heodo
2020-08-10	arc_7417.doc	doc	00a5dac35c1407506376d2c973fe96bd386abd44446ded18aa36d986009ff2d3	40.00%	Heodo
2020-08-10	Doc 2020_08_11 PSJ75831.doc	doc	ebbaba5678052bce84258a50142fdf8cfd4b3e45e276ab994541824ba032b6c4	40.98%	Heodo
2020-08-10	ARC_745.doc	doc	6fdba2a3c021e527cc4d508e143f075fee286280cbb58cc759f2c7968248b1c6	41.67%	Heodo
2020-08-10	arc XE837309.doc	doc	9b16a279970535f938fcae16c2df00eaf040804d5eb740193210aced906a8e2d	40.00%	Heodo
2020-08-10	Mes-240693.doc	doc	b5184411717b5186e80a521f6b70c47091f21c4e9c586d2f565438dfaba70d7d	40.68%	Heodo
2020-08-10	INF SQ708.doc	doc	c48b063432f8c4c36dd9ded23c887ae172b3627e38c9443057fe642dbcaefdee	40.00%	Heodo
2020-08-10	MES-818798.doc	doc	5d65fe8e1743f0bc40290185bc0184e487a14435204b1f4b3dc13a81dce3575c	41.67%	Heodo
2020-08-10	Mes.doc	doc	6d218e558b2cf4b5f4564d9bbfe8feb68602b363228a53f9c7e7aba48ae19d1d	41.67%	Heodo
2020-08-10	List_2020_08_10_IK32377.doc	doc	3a2bcd46d722290108da96d36f9b0ba93b0135b9ec0363f0fbf116ecef4c7163	43.33%	Heodo
2020-08-10	arc-20200810.doc	doc	a183ad4b8a0e9fb7dca68946fd71e2382b7d6818ea27d5aeeee1eccb0c15ede7	44.83%	Heodo
2020-08-10	File_2020_08_10_HDM778.doc	doc	5f408255186026aae91da7dac783ae1d17a15678a5a433632286887f07555709	n/a	Heodo
2020-08-10	rep_2020_08_10.doc	doc	3ba827fdccdc439eb5e92985a6ce5abda57ef7ba59f302f21602034b51e817f9	n/a	Heodo
2020-08-10	doc_KO1138.doc	doc	4dffb1a174eff6ca9e15bf377021f66bf94f1e7f295d7129d6bcc673295f9948	40.98%	Heodo
2020-08-10	Rep 2020_08_10 GBU91012.doc	doc	2e963b6b02c41d46b47c87eb10658306c7b5db921c6075fef369b42287400900	41.67%	Heodo
2020-08-10	FILE 20200810 WAJ002.doc	doc	833a770e2cbdabb55ec018d7ef4df44ab3fa7713f3a008c7fa9115052590a6b0	40.32%	Heodo
2020-08-10	mes-4998.doc	doc	f93085363207df63463e918f54710d8958d46b5d0b25608a90ed707145215062	40.32%	Heodo
2020-08-10	DAT_2020_08_10_F49760.doc	doc	4a6ab005cf5848ec9e6c5890c0ad5f33be6e22210484b91a46dc8971e96287d2	n/a	Heodo
2020-08-10	list_2020_08_10.doc	doc	ca9f885fd57e5dfece7202171c1c8f2e519301687263a2af943d9da7767a156d	40.98%
2020-08-10	REP 20200810 992.doc	doc	a911b368b94dc3e0fb269c4d07d39d833670469f5a55427786035059cb194a67	37.10%	Heodo
2020-08-10	FILE-2020_08_10-GVK71840.doc	doc	45c4190948b0c2820d9f66648aa3c78b09071303b6dbbba413464384ce5d5f72	33.87%	Heodo
2020-08-10	DAT-20200810-4545368.doc	doc	89d64653ee0c99479f754d1fab19c2f114a1e7bfa9a9b56962605cd4cd4dc7e3	n/a	Heodo
2020-08-10	mes_20200810_YQZ687.doc	doc	48b138df9730d18cba8f70fc93609cca7c6559af542d1a28e3dd5299e5792520	27.87%	Heodo
2020-08-10	Dat 20200810 CHW06571.doc	doc	8f9af89d2ebf390e92bc66c56b6fe9fc28b7852a1333ceb33e5c37e7d58971f2	27.12%	Heodo
2020-08-10	Dat 20200810 66945.doc	doc	42aa54c97fd4610db06d1243f65542ff4e4fb19f46680240989a85e26b01f565	25.00%	Heodo
2020-08-10	arc-2020_08_10.doc	doc	c2656bdb8c85307a9506c4687ff7ef6324a66530c7df845ca1d7bb28022bd9d6	24.59%	Heodo
2020-08-10	Inf.doc	doc	180422e0ef48fc6ccd972ff5be4adb974f18a65fc2f7cabe648bacc9aaf8d2a4	24.59%	Heodo
2020-08-10	File.doc	doc	4d4ae1699db9838c38dee58dcd77506a4d264f9bb07868d8238c32f614162907	24.59%	Heodo
2020-08-10	MES_UJO966.doc	doc	0bf00915e9ddb010ba952f6ed1f1ddeeb3c5b89a793d21ea76c27311fff52bea	25.42%	Heodo
2020-08-10	List-2020_08_10-4091.doc	doc	4785c1a88f785775f3e1ff5d2a23655322d1beb91d61da3f9a328ca4f2443c0e	25.00%	Heodo
2020-08-10	Doc_2020_08_10.doc	doc	4444b37f6aaf2f5b9af16f423dc6c5932076ecdd8e6827b9a09e94b69576279b	n/a	Heodo
2020-08-10	Rep_20200810_RZN120047.doc	doc	575baad449aaa019e080f460bc4ad62e864a12b8b87fffe30e2257cf4f8abac3	n/a	Heodo
2020-08-10	Doc-20200810-60207.doc	doc	101402d6b18b5c17f2b8b49343e2709e079dc8d1d01c501c679536bc844126a4	n/a	Heodo