URLhaus Database

You are currently viewing the URLhaus database entry for https://unityevent.net/cgi-bin/ckfqgn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:446248
URL: https://unityevent.net/cgi-bin/ckfqgn/
URL Status:Offline
Host: unityevent.net
Date added:2020-08-28 20:22:05 UTC
Last online:2020-08-29 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-28 20:24:02 UTC to abuse{at}ovh[dot]net)
Takedown time:11 hours, 20 minutes Good (down since 2020-08-29 07:44:39 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-08-28NKVDPXL7U.docdoc de518e6e375b2f26fb6424f1fc1846374bbe5128b0513a60b0494571f1d5ddc3Virustotal results 30.51%Heodo
2020-08-28REP_XN1UXK0WA.docdoc 3e8f3a7d0d0ce8e8ab7b5363b9c12f3219bd75974ac09118344ccc9c2b727727Virustotal results 32.20%Heodo
2020-08-28QBU_PO_08282020EX.docdoc e5cbe16ff82c0a8778906a889f99a6cc41def9921e1944cf107eab74e277559bVirustotal results 28.81%Heodo
2020-08-28INV_YUK_080120_PXV_082820.docdoc 7929c1da7c8465804313d9b78184055cd981d26668ae453390e622176663a8d1Virustotal results 28.81%Heodo