URLhaus Database

You are currently viewing the URLhaus database entry for http://ulrich-bredlow.de/Sachen/UgW/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:436851
URL: http://ulrich-bredlow.de/Sachen/UgW/
URL Status:Offline
Host: ulrich-bredlow.de
Date added:2020-08-19 20:52:03 UTC
Last online:2020-08-22 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-19 20:54:03 UTC to abuse{at}strato[dot]de)
Takedown time:2 days, 14 hours, 54 minutes Poor (down since 2020-08-22 11:48:06 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-21Y04 invoicing.docdoc 7555106c591341176ceac9e9ea2a4de283f585ac357301c59fd7eb0692644191Virustotal results 32.76%Heodo
2020-08-21INV_196798.docdoc b43df5c0df066a651a976b156ca480e58acf3b61caeb45c08fadfcdb82e46addVirustotal results 31.58%Heodo
2020-08-21WO2638564569XD.docdoc 5ad1d00e81e5e6bbc93829790980fabae6eab63a8638ed9bc024a27d083ffb87Virustotal results 25.86%Heodo
2020-08-21Payment status.docdoc 43638c344ac4a446af722c229682fee9a8434923ce1cf6dd1a19bd2a0fc78c21Virustotal results 25.86%Heodo
2020-08-21Payment status.docdoc ed0a6eec86f44151f9815362fdc3c778a7f176378e582bfaf012098d9b98454cVirustotal results 25.86%Heodo
2020-08-21Inv_2454.docdoc b76166d90236fcf6a548f8e77f55c56ee763ee2278a941d20f1c0a360fd63171Virustotal results 25.86%Heodo
2020-08-21invoice #100730.docdoc fa793702b351ab1f22fa5ff1d20c7f6bf822bd6954f637389577767a163275bdVirustotal results 25.86%Heodo
2020-08-212226840163AN.docdoc b7e0ba8f8567d8ee7a59765814c534ba0c4b1044ae4dceca564f53124b45aa36Virustotal results 25.86%Heodo
2020-08-21INV #07280251 FOR PO #08069345719.docdoc 78a36b1f41b0c09c31d6bc4665036ff311e872b98404bb726312e26f0d559803Virustotal results 24.56%Heodo
2020-08-21invoice #9668.docdoc c6c8fb9bb0d155bb4fe8b4b7904de586efbf5c79f49877313b380b848ad12da1Virustotal results 27.12%Heodo
2020-08-21Form - Aug 21, 2020.docdoc 49612d16c5034da0d220d8300787064bc2c03459f17a84b5eda167e9a2e50cfcVirustotal results 21.43%Heodo
2020-08-21Invoice 16242.docdoc ac7776c6da02640991e93e813cef246b2ec625dc7a53b7c726d71da39a0be6c5Virustotal results 22.03%Heodo
2020-08-21August Invoice.docdoc a99b807165ca13d9f9b50acacbb5c81c8e155e9347c5ff01cee84f4f19806a22Virustotal results 22.41%Heodo
2020-08-21Invoice #3269.docdoc abedafc5e19de68937c53f7be30c1b392975062ba9a11d34a991ca703cd3c578n/aHeodo
2020-08-21invoice.docdoc e8b022037ce9db5f0d89c476b1774684986ea2b643baead908f4a06f22012bacVirustotal results 22.41%Heodo
2020-08-21Electronic form.docdoc 13fa777481b0ef753826e2f217ba603567e9cb0b86cf7560b440caaa935e829bVirustotal results 21.05%Heodo
2020-08-21Electronic form.docdoc eeee33ce9e2286f03410cca48f68b1eac155b167eb430f7cb01333cc359a4d4an/aHeodo
2020-08-21Form - Aug 21, 2020.docdoc ba4bb5f049cb59a1eb23f083cf22fe726a7d87f12e9b577f2eb52102b55496bcn/aHeodo
2020-08-21Form - Aug 21, 2020.docdoc ebf536cc3ab147667e77823b5feaa2f72da1042d653ad11a26298800a7a86d77Virustotal results 19.64%Heodo
2020-08-21U-080120 VEZQ-082120.docdoc 4da5e980866878da930be670800361fd6b9b6ec73983dd60cdba9eb29bd09ab6Virustotal results 22.03%Heodo
2020-08-21August Invoice.docdoc 1c8f1124a4ccfc01bfc51367aeeda6685df4fc2ffc245deca3430582af9e816aVirustotal results 20.69%Heodo
2020-08-21invoice #788502.docdoc 6bfe2a94bb14cb68d7ac4a146d4ebd2ece1cacec94b5260c9d59be8816a63601Virustotal results 20.69%Heodo
2020-08-21August invoice.docdoc 762a08ff51aabd7ee2cdcb6f27fe687ead902ab8f3b84925b013904d356cb622Virustotal results 18.33%Heodo
2020-08-21invoice #95534.docdoc 8ffb84f76b863917f3ef52c3c75dfa70bc77599b7deb86067b43c413c8ff681cVirustotal results 20.00%Heodo
2020-08-21invoice #73876.docdoc 13d2079b2caabbd56dc776517810d9dbf355138869ff3030314e9f4905e68192Virustotal results 18.64%Heodo
2020-08-2100411802951.docdoc 0d9f1f173fd3806d10312760c50f85b6fa23b65193732358ef675b670c84f5eeVirustotal results 21.67%Heodo
2020-08-21Form.docdoc e6554a2e22bd668e8d313c650ce0c96376d32455aa01d0dadb819d9e7705491cVirustotal results 21.05%Heodo
2020-08-21Z-080120 QVQO-082120.docdoc 2038376e7b3db5ffb8103caf52d4b9b374f1235fd0f9bba8d1ef3aaea90143feVirustotal results 21.31%Heodo
2020-08-21INV_89982.docdoc 595bcfd89190ec1ce1b6c75d8b8b2b4f924106df47bb8d5a3671dad83104d473n/aHeodo
2020-08-21L4223052831MF.docdoc fe21d7c3b7bf725c58793f7d3fa3c8cc7dfbfd48c10a2d9f90b6e4f0e7a708c4Virustotal results 18.64%Heodo
2020-08-21Inv_3520.docdoc 8bd0a1327645a9ae845837795dd708e65e529f2b0baf0c5dbc548ef787a20024n/aHeodo
2020-08-21invoices 94758 & 7272.docdoc be0c986b37c30a192c9f2e62d6c85b635a3e25bc10cb8a8b4ddac390bbc93163Virustotal results 21.05%Heodo
2020-08-21August Invoice.docdoc daff53b3f31512e392f8dda6d5b14fd834122189c03f9887514c2ef91599969dVirustotal results 18.64%Heodo
2020-08-21August invoice.docdoc 1313ff749e2cbb39eb12cd00b080dc06159270b9309b7211be0fb2223b924d1fVirustotal results 20.00%Heodo
2020-08-20Invoice #541412.docdoc ed8f3cd480b6fef9996f65e02cc1cb3d295447728fd009032ac3838d32e01f37Virustotal results 33.33%Heodo
2020-08-20PO# 08212020.docdoc 9c2952185499dfb564607790c299bf8a01a0bd16d64484be1812bfc88c5f5a06n/aHeodo
2020-08-20FL05 invoicing.docdoc 73edfc2aba2a5e763fb0b40b55a4695a6d9e6f0069b17e693c982385b150b4c7Virustotal results 32.76%Heodo
2020-08-20Invoice.docdoc cfc44b8a1d4f143fe85d73f5f4fb235a387a34ee7bc8d52a79e97624e075fa55Virustotal results 32.20%Heodo
2020-08-20R8007018454VP.docdoc 5f721fa567c8707cbefd2292d75f13cbe60f70a768b9a902547ae56d954a7b81n/aHeodo
2020-08-20DI-080120 HIDU-082020.docdoc 5fa853ef0f61449fd95c38ca7e61ac05ab40c240e9d88e8cb0a80e9a3f8f82b0Virustotal results 32.20%Heodo
2020-08-20invoice #47156.docdoc e39276fc7b5a1cf340d080a626b6d285ee5d53a47b231b7a3da7fc341671c8ccVirustotal results 30.51%Heodo
2020-08-20Invoice #4895.docdoc 205b245311901312ed7d08e486ee280d59cf15060b656390f4ea347a7eb6d485n/aHeodo
2020-08-20Payment status.docdoc acf06f69fc335f401184ad3a218aec5075641fe29bce91e0f71b698c062b3e0bn/aHeodo
2020-08-20August Invoice.docdoc 76d365a5b93ff03e1887ad487f1ad59d74d6b0530b2f66a47413ddb27f99d942n/aHeodo
2020-08-20A0014637991QQ.docdoc 78d50f9a994e6725152681b7a070cac90847542c838e5b17685cc21b237d7717Virustotal results 27.12%Heodo
2020-08-20INV_22718.docdoc ae09a760faec9e5c8f9d147329271cb1fa3971b119943d8cc9e16ce71c8e5fd3Virustotal results 25.00%Heodo
2020-08-20Inv. 0079644244.docdoc e3b9adfab9f86293c439dc64a2392bdf6645cd200616eb185bc3c8fa23cb0839n/aHeodo
2020-08-20Payment.docdoc 722219128e30ae7a17fbcf0d24147c7713f628e28f3af2117130c95e0d75005dVirustotal results 22.03%Heodo
2020-08-20August invoice.docdoc 3a9ab8d5a3d76cba944447091197434086ecae7e4ba97affdb86c17fd77c31b3Virustotal results 22.03%Heodo
2020-08-20PO# 08202020.docdoc fb7cec2bb2ac4c31c65e299f198a586f5c5918f975075467063f59d48d28844bn/aHeodo
2020-08-20INV #005330747 FOR PO #056888285.docdoc 59bcdfaf3c246f428683928bb6cd81d848f24678c624c51b53617c3b00c71c62Virustotal results 21.05%Heodo
2020-08-20Copy invoice #6558.docdoc 7e06ee4704f2c5f8a4ed2f68565f3f7518dd9ae22b9ae4fde59b898d8d9647d0Virustotal results 21.67%Heodo
2020-08-2000788083.docdoc 1a379d36dbefbacb5038e5d9d5652788e66d50131190771a2716690a2f063976Virustotal results 21.67%Heodo
2020-08-20VR00 invoicing.docdoc c2860e92b00a96df1031b68a98c104f55bfdc472da83ab5c7d4ebfada4a70383n/aHeodo
2020-08-20Copy invoice #186390.docdoc ce4cd4d124a577ac6f489568a077a53e6745170cb71a64c5b4bcba502af51347Virustotal results 21.67%Heodo
2020-08-20Inv. 052858.docdoc 700b22e0508a889751892ce66df22fe34fcf52222db541d24e6d338aa351cfedn/aHeodo
2020-08-20INV #00912 FOR PO #070534231978.docdoc 88b2e8e9fce8d57e43a9babac92605fdc43c417e3d6fe2f67e7463fc7dc41424Virustotal results 41.67%Heodo
2020-08-20invoice #64646.docdoc 105bd46a4e0a001415c70450ac451246d9031e940943bc510da745bf2370e1adVirustotal results 41.18%Heodo
2020-08-20Electronic form.docdoc b462b6985f21115db5a18167bd1701f4a2599116fe237a0156cc2cce93e96edbVirustotal results 38.33%Heodo
2020-08-20August Invoice.docdoc c500d1d7cc11d82b241b378d7e3015d381ddec5170984b634f89786580b27a24Virustotal results 40.68%Heodo
2020-08-20INV #6429636 FOR PO #0061478169.docdoc 96724ca5aa5c891ca6a5e5ba740b3ec303445857cfd63cecc5828087c6171673n/aHeodo
2020-08-20invoices 44225 & 6588.docdoc 210f3cffbbc984d2b04c012fb54991ba7cec609aaf5d6e97c4b7715fa179a770n/aHeodo
2020-08-2052198.docdoc f1a7f5de80b5f75e5e52318197ab69af5a862ec92c7d2c27680503abc81e989cVirustotal results 40.00%Heodo
2020-08-200043827150.docdoc 252905fc07b8d4de77b22dd1c68bba23716cb7bfbf56bae15a624f59b7e69c70Virustotal results 38.33%Heodo
2020-08-20PO# 08202020.docdoc 2dfbbfd99447ae402c9cf005efa8fc29ff91103dd7471e1d3aa3dc83ec4973a5Virustotal results 38.33%Heodo
2020-08-20Electronic form.docdoc 42c878ac8d64be01ebae36247f206a89d0802d503c19e81d187ed9f1eba96bf9n/aHeodo
2020-08-20Inv. 0016648933.docdoc 7525c4f7d0c94e9857d4b84b20357ed327900e78defe3291bbed47d0d29e1de4Virustotal results 38.33%Heodo
2020-08-20INV #08536 FOR PO #03025841580.docdoc 416a4f17b5bc066941020cd43640276363268db7cb067a8cc7f1d27c3cb3cdb2n/aHeodo
2020-08-20PO# 08202020.docdoc fa10393ccc08487ee9b80a41d01c9e5e87c3c7690a74327b1b19e47f3638b66cn/aHeodo
2020-08-20Form - Aug 20, 2020.docdoc 2cceef317fac265bf56fc5819196f6a58b95574e8085a889f61ed9cd5c6c387bn/aHeodo
2020-08-20invoices 211 & 03251.docdoc 741eedc40d043df1d8abba1e18fdeab3d276fd970087ad3b980243aba3c4878fn/aHeodo
2020-08-20Inv_98202.docdoc 04a14a477cf1d1d2e5a426b932542d931d6264a101a10da26141be2752db8a72Virustotal results 38.33%Heodo
2020-08-20Form - Aug 20, 2020.docdoc cf817564329bd4a2f3c9cdb4ce0609048d648917967fa9f9ff5c05a656ee3cbfVirustotal results 35.00%Heodo
2020-08-19PO# 08202020.docdoc 8fef0fa03aec63f50c5f6c1b055fc5c7c90f092a2b4549ef022e6696d49c9bb7Virustotal results 35.00% Heodo
2020-08-19R05 invoicing.docdoc d225f5ee78fabc34f19b2f3cce92c9ba74649bd52222615bc3c7d4301e1d174dVirustotal results 32.20%Heodo
2020-08-19invoices 89770 & 26852.docdoc 3f50adbc111dad1db785e1c67241fd31740db030e0307cc9a2f1e4ff21aa2f56Virustotal results 28.33%Heodo
2020-08-19Form.docdoc 2a532523cb09773c9d7a9dcdd27af27c026dcf5a433abf13c392fa73b32b8fb2Virustotal results 27.12%Heodo
2020-08-19invoice.docdoc 9318cf92c7e976a17c5fbb59cf477b976df4769fb71e7f523bc4f42edfa6393bVirustotal results 25.00%Heodo
2020-08-19046443.docdoc a42cda56ab706210a825c2992a112c9ede1476180e2564ea2d1d9a5e21287c1cVirustotal results 26.67%Heodo
2020-08-19August invoice.docdoc d220bbc8081710b4776297c19f586d5ea6353b14ae1b1dcc7819e1f969aead89Virustotal results 26.67%Heodo
2020-08-190326395.docdoc 7dcef62f0fc5ee7984311d8c0520820bed4f9d2daba7926f4371d2dee98d6f9eVirustotal results 26.67%Heodo
2020-08-19form.docdoc a6b164586e8342d4cb7b428030b8966c6a84bee4743752f5e3099eaf72bae0b8Virustotal results 26.67%Heodo