URLhaus Database

You are currently viewing the URLhaus database entry for http://www.reifenquick.de/Scripts/hl8-8w4cs-6325/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	432117
URL:	http://www.reifenquick.de/Scripts/hl8-8w4cs-6325/
URL Status:	Online (spreading malware for 5 years, 4 months, 3 days, 20 hours, 44 minutes)
Host:	www.reifenquick.de
Date added:	2020-08-13 16:36:10 UTC
Threat:	Malware download
URLhaus blocklist:	Blocked
Spamhaus DBL :	Abused domain (malware)
SURBL :	Blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2024-12-20 07:37:53 UTC to abuse{at}dogado[dot]de)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2020-08-15	Invoice G4 969162.doc	doc	b9d2bc9624f1e81b007fd1d89170294eb6eb29c779f83f4e75576a0fa3fa421a	45.45%		Heodo
2020-08-15	InvoiceUIH2928638181.doc	doc	8f88dd80520ccf01a78eb649cc1a7918ff8a0c36019a7b5ecf59ae9c79afae7d	40.68%		Heodo
2020-08-15	InvoiceVXDN32303965391.doc	doc	0ccc2593d4108d1ce672b8205e037ec656ad06154501b321cebe1214f2555636	37.93%		Heodo
2020-08-14	invoice_SYV243_557599.doc	doc	f63cf892be860fdaa9344fa756d261c0d729aa1944f58cf75a780cb92b639f4a	37.29%		Heodo
2020-08-14	INVOICE_218_324168.doc	doc	70e73ced6d83c5c3bb11b10011fb99a3e2f30b26ac105cfadf5391844e36f83c	39.34%		Heodo
2020-08-14	Invoice_ZHR9803_4996139.doc	doc	33a8aa9764e02d87f0cec4eefb1f0a698ad48b39a10a8a9f2d62856a30cce1bf	30.51%		Heodo
2020-08-14	Invoice-4-865209142.doc	doc	7547919d586a1ab27cf87b4e8b7031345a0ac4b24ac352d54627ede945055aa2	28.81%		Heodo
2020-08-14	Invoice-4-865209142.doc	doc	7547919d586a1ab27cf87b4e8b7031345a0ac4b24ac352d54627ede945055aa2	28.81%		Heodo
2020-08-14	INVOICE YCHQ8 32168413.doc	doc	fcb8e14f4f7c929c7459969ddc1c4e7cc6d538686e9e51e9a1b4c3a30dc444b6	25.00%		Heodo
2020-08-14	invoiceR98078781721.doc	doc	3d1d9383eb8fa943d9a30683c659bf8dbd0728daae34c9e0227d1585f26cb327	25.00%		Heodo
2020-08-14	INVOICEKPI9607186503.doc	doc	293db6d4097fc59a428a1318fc2332e001fe20b6a960f456a8e09bdc76eb6ea9	37.70%		Heodo
2020-08-14	INVOICE-F7347-684126482.doc	doc	e8516c23d1aec8faadd52ae68fd240339940d05f4a1db7c56afdbec1eb5de0f6	36.67%		Heodo
2020-08-13	INVOICE-CM1-047906.doc	doc	463bcc5733a76e65582954ec7a016110778b481079b98dff2389ba6c989ef60d	36.07%		Heodo
2020-08-13	Inv-IQ5286-327686.doc	doc	13c5ae01cdc3cf5c65ba0aa57e43e885848516ba544fdc422e8c16122b98481a	32.20%		Heodo
2020-08-13	Inv 8916 812235.doc	doc	a430b79aa886bc228b8aedcfd295bfdd9f860f814ddfefd8839d8c2159e24049	33.33%		Heodo
2020-08-13	Invoice_3_191835.doc	doc	ecab54e301b452142ecc261b2329b5603222fdd66c4785aaee3b0a1e54373879	33.33%		Heodo