URLhaus Database

You are currently viewing the URLhaus database entry for https://kontaci.com/cgi-bin/yp0n_7g_nz30p2j7/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:431157
URL: https://kontaci.com/cgi-bin/yp0n_7g_nz30p2j7/
URL Status:Offline
Host: kontaci.com
Date added:2020-08-12 17:20:08 UTC
Last online:2020-08-14 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-12 17:22:09 UTC to ripe{at}dnshosting[dot]it)
Takedown time:1 day, 13 hours, 47 minutes Poor (down since 2020-08-14 07:09:47 UTC)
Tags:emotet link epoch2 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-13X8STUmmL.exeexe b086640c1b2548d233a52238fa5f644ff184df8a68766f4c523df4529bd0acd2Virustotal results 10.14% Heodo
2020-08-13NO.exeexe 37275bd786499042c51c08a4012ec898f238fa7e644e1572424809069ea650dan/a Heodo
2020-08-13o.exeexe 573b1abbd71f74258641c76004e9e1f94041722f95c51d731f366da629ae1efdn/a Heodo
2020-08-13Nljw2PdYHF.exeexe 11add97e703267e3bebdd7855ea4367a0adb0756ffca847603b70c2a08ea0a28n/a Heodo
2020-08-13EY.exeexe e5b9677bb46349e3e4931d6a57b153be7bf4212a8f4a508be59136f272268703n/a Heodo
2020-08-13CUcslo2.exeexe c48f78bf3e390e3ff04f1a8e6c3e2e3c89c18292d683b791f96777d1ed040f2eVirustotal results 15.71% Heodo
2020-08-13EfGo4OOuqvp5G.exeexe cfa76674970b1a1f20f6aeca68532b209bf5218b0b3fca97cb53c46ddeb9646bn/a Heodo
2020-08-13u2kdg3hh5bUmnBjp1E.exeexe 57eadeda431af1ee3836c535a38ff000d24fb00c720f176deac7d64e3df0342dn/a Heodo
2020-08-12GtLFEp1.exeexe fe420056ca2b76f29761e72730b3bbf7ce0ebd6f1681e6d4300c767162df8c92n/a Heodo
2020-08-12Cb.exeexe 6df5a87b5e070e3366c2b2873aaeaa2509d7b7f4b9f209ac8f3617dd385b3818n/a Heodo
2020-08-12dHuOin1Up5y.exeexe 66ef03d5b2b764d0c98528461aec1afc97b74c455e7a7f6eb4f52bf949003f9bn/a Heodo
2020-08-12dF.exeexe 6642190f9cc04345a30f3e0925e9fac9efe78f80492b9249a1ff8ae6cc1b6f6bn/a Heodo
2020-08-12rabdUmUV.exeexe d7af8d9640ef488d0dcbbf441758832cca11166ca35c3ecc759f2acb7400c0dfn/a Heodo
2020-08-12Haj.exeexe acbd0aca1abf514d4f14cd4cedce2d008f0862a3fc185b35944da1704d2b59f1n/a Heodo
2020-08-125v5.exeexe aa83522d3d1c5c9c21520b8e14adac7e4f30d9f830d88108e1288d25e57e8159n/a Heodo
2020-08-12oCQcUiH.exeexe fb12c7271d1fba2746819279427a42c2e2fa30eb0bbcee8090482cff5182fc4bn/a Heodo
2020-08-12PJM.exeexe d83a135ea636cbe47746161efdc43752e7925ddc6b47e2028dd3d38d95092b00n/a Heodo
2020-08-12Bt1AjBf.exeexe 58b46e9d256b94622393a7b2f5c388757b18f47526a537c585e89a0804931c9fn/a Heodo
2020-08-12oUvKTmgKW.exeexe 67bcd2697c96ec6186406ca5d4b77c186c2758adac9a5fbbe38f8505db176355n/a Heodo