URLhaus Database

You are currently viewing the URLhaus database entry for http://www.holz-knecht.com/w4ybackup/public/2hk82tv2f-088/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:441159
URL: http://www.holz-knecht.com/w4ybackup/public/2hk82tv2f-088/
URL Status:Offline
Host: www.holz-knecht.com
Date added:2020-08-25 18:13:04 UTC
Last online:2020-08-26 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-25 18:14:03 UTC to abuse{at}world4you[dot]com)
Takedown time:16 hours, 40 minutes Good (down since 2020-08-26 10:54:20 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-26INV #04835 FOR PO #186446881860.docdoc 73af3e3d835d616a3f9e44aa68344f07c681f1f5e0e329fd0e08f2bb0ea02b97Virustotal results 29.31%Heodo
2020-08-261704458801.docdoc c2e1752a4bd5a694402e04334b50e8efd9714164c9fe3dd70d2e3b1dde45d600Virustotal results 28.30%Heodo
2020-08-26INV #08621 FOR PO #44650586.docdoc a653ed7fc7b44191a6e35885e211f29497f5a16fe3bf716c6ee745cbe315614dVirustotal results 29.82%Heodo
2020-08-26INV_671067.docdoc 90706311f68ea29bbbcde95593221febb3c17d6a4dd687990ec5fbefa3b527aen/aHeodo
2020-08-26invoices 0950 & 53369.docdoc b60271526a7451453ad499895f184105c6cda717c680f22a7e345e9af79f4ce5Virustotal results 27.59%Heodo
2020-08-26INV #020495 FOR PO #0051989218723.docdoc 412e0e7ed9daa4e84104ddce01794a0fa488ec977a1da62f33e8ed57672c5593Virustotal results 27.59%Heodo
2020-08-26INV_52311.docdoc dc6646ccdc79497c62390c8411eac6291fcf522ee18a3bc6d05d142c75ad30ben/aHeodo
2020-08-26Y-080120 CHMZ-082620.docdoc fc4926fa279164ea7a47ad961891810477d685da36bdef0c51ae6e712eb41bc7Virustotal results 31.03%Heodo
2020-08-26Inv. 11648329536.docdoc edf042c7f48eeca9b83d2f316eaa34a7274b386a0ace0c3dd4a97227852a64cdVirustotal results 31.58%Heodo
2020-08-26INV #0853996 FOR PO #598117754.docdoc cd6816d2aa0cf74845a993d21eeaee85e28d9480bd6c1322d7880b0640bd8248Virustotal results 30.51%Heodo
2020-08-26Inv_104172.docdoc 8bf9a63b2f36c474f3f20fbc3d268d1183e77f8479ffdb272f60027db9f66cc6Virustotal results 31.03%Heodo
2020-08-26E63 invoicing.docdoc 885506e9990187ad03eebbf630b4a73e3c6a73266a7bf9997fd18fee0504035dVirustotal results 31.03%Heodo
2020-08-26Copy invoice #215688.docdoc 910eee0361a7b5135cea38da75ec98b71cecd2957a59b136c83baad0b2ed2861Virustotal results 31.58%Heodo
2020-08-26Payment.docdoc 391b29bbfeca47bf67b0fc05596c5c478efe548b39e530b8cb8d32b3f4ae6df9Virustotal results 31.58%Heodo
2020-08-26invoice.docdoc da31dd9726bc4aff67976a72360ce783753f92f2036c0453ce46a0b7fdc99bb1n/aHeodo
2020-08-26Copy invoice #6193.docdoc 30a43e3c1b38fe5a37ce0fcdcaee4cef05b4d6682e668d782131c7c54de0e292Virustotal results 31.03%Heodo
2020-08-26Invoice.docdoc 42b5ec8818761156c634688567929519114fce1416142648e9271aa22d9f921cVirustotal results 31.03%Heodo
2020-08-2656738.docdoc ad4c1465a9c3713992b6fd761417e5c47a9986ad08c70f4551ed239fc9376219Virustotal results 31.03%Heodo
2020-08-26Payment.docdoc 6282804da28bbcfa5f066e7d761472227040865f5e082e26ce88115eb9da6379n/aHeodo
2020-08-26August Invoice.docdoc 43ea239dfae5a4b79c29b5ab2e18e6e2bb2456d1912663dbbf6762ab93a53694Virustotal results 31.03%Heodo
2020-08-26Invoice.docdoc d9501951fc4a9f05142eeb935e40f705bb839c1005a1a1beecfd7cb5ca5bd636n/aHeodo
2020-08-26August Invoice.docdoc 4544d813fc5b91be214eff065bf8193df36917dca2e5cbce1a6ee9a782f54d0an/aHeodo
2020-08-26Payment status.docdoc e855b2146c3ff83410f1aedeb77814c39ab935c13e8211739447b370d1470af0n/aHeodo
2020-08-25invoices 093 & 86348.docdoc 46247b3c957958014124c16b8416eef58b16a51927257d7ddfd13c776f5d2656Virustotal results 30.00%Heodo
2020-08-25Invoice #54011010.docdoc 4bee0e9dc93d0cbb9370e57eb809950418847ffa4317c8ceedebc988d5e0dba1Virustotal results 30.51%Heodo
2020-08-25August invoice.docdoc 822487b7f0a37323ea127ee32b7d1492a120d4d8e3a881a03586c51c9c2c03e9n/aHeodo
2020-08-25PO# 08262020.docdoc e3056c02d20728d79c09d5b6c78054fae5c45336ed6ac191c6f5e6802aeca1bcVirustotal results 30.51%Heodo
2020-08-25invoices 4116 & 55633.docdoc d94cafbff132a1324df8774b53913b72189f9f6321c2717acb6f07bc19ef7895Virustotal results 31.58%Heodo
2020-08-25Payment.docdoc d20011bcfb209e6b0f23255c75907a43cd4cf4bb1a007736331854d8d5bb8abcVirustotal results 42.37%Heodo
2020-08-25Inv. 403149.docdoc 3d076cf9dc53d66b0c8d6dc591fbeaac8bb85f82db4f6fb725b876cbafbb3bb2Virustotal results 43.86% Heodo
2020-08-25August Invoice.docdoc 5266fb5179fc40c9b032f6b38213aa59dbbe2df76ab0a3ebb44bfccbb2d0d997Virustotal results 43.10%Heodo
2020-08-25Form - Aug 26, 2020.docdoc 7ce9a336de658fe52da707ffc48f94117f5d0ce634cbfbad2e9d9d3cb1665afan/aHeodo
2020-08-25Invoice.docdoc a6ddcca8eeaf98dffa78d60fff0f55aea1664aa1f9702c3ac7a8101f1546a7e4Virustotal results 43.10%Heodo
2020-08-25August invoice.docdoc 6a7fbe4b9135fe151bb392e19483959296f6c2ba0d32b9b643c34bf208f95ac8Virustotal results 43.10%Heodo
2020-08-25form.docdoc b871a74259dccb76d57570bf83c9dab05f818925296cd0a0ef8bdf53cba88de9n/aHeodo
2020-08-25Inv_159109.docdoc 816ca2cb148d690b81ca98d48f79a2143e1887c440d75e26c0137c9cc843c3e8Virustotal results 40.68%Heodo
2020-08-25Invoice #257.docdoc c55a6e53bf3e250023878bfb39d955c305a12cb408d96adb4ea80b0e3877edc6Virustotal results 40.68%Heodo
2020-08-25August invoice.docdoc c8142544adc7873a572c20cbc0d0b2e3440afc7e21f7b2091a90cf7d827ae4bbVirustotal results 38.98%Heodo
2020-08-25SD7330801454AY.docdoc 6760a52c9132d1c0c1940505f9a4000ab19ec4e6a8a768c2b27fe98058f2d275Virustotal results 38.98%Heodo
2020-08-25INV_30904.docdoc aa0dd9385b0d41d1ce5e3e2817842f023a860c367bb172dc8d2c6e98432b8c40Virustotal results 40.68%Heodo