URLhaus Database

You are currently viewing the URLhaus database entry for http://christoph-oberhoff.de/cgi-bin/attach/xFf/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	452064
URL:	http://christoph-oberhoff.de/cgi-bin/attach/xFf/
URL Status:	Offline
Host:	christoph-oberhoff.de
Date added:	2020-09-03 02:00:07 UTC
Last online:	2020-09-11 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-03 08:43:07 UTC to abuse{at}strato[dot]de)
Takedown time:	7 days, 22 hours, 39 minutes (down since 2020-09-11 07:23:01 UTC)
Tags:	emotet epoch3 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-08	00097569.exe	exe	7330b8140dd5d2f9ffc5aedb2aef2a04d81c9179358771121b9113ed0dac6990	n/a	Heodo
2020-09-03	bxDG0407691315726.exe	exe	3255c30ccac5d35d9b074e7d109a023f99e793f4d905d9e74966cce815ea59a8	n/a	Heodo
2020-09-03	ROKxHferzgM000012749630.exe	exe	c38232d05d928148eed9f9139003cf365bc24ee432ebc17da68dad3cf1edc26c	n/a	Heodo
2020-09-03	LPuxn10431285254.exe	exe	48a8d596af2342118b979220429a4e79d1916c041e1b5a031da0dde4270a96dc	n/a	Heodo
2020-09-03	E66E500068883.exe	exe	80b60eb5d1bbc0b07062c94b1df5bdf7a8a4c7f7fcf38d53fa30815947d14d36	n/a	Heodo
2020-09-03	7UDBZHCguDm.exe	exe	b5fe7c16349906deb0ce5b6aa42f5eeecfbdc93f0db399bde83ed0416f029e65	n/a	Heodo
2020-09-03	08367wKaFSovkIaEh.exe	exe	3ecb2294d4bb9b95cd2cd89ac071cfdb3bbd9fc0381c4bd498111ad95ad86631	n/a	Heodo
2020-09-03	tm0REKlSZB1259969.exe	exe	c86254204bc7966ec5f765bd6b5e3a97ccda59a0726e73916c167c3f5cae987d	n/a	Heodo
2020-09-03	jllWrlZ703322482431.exe	exe	5625226c585273120188b481da0a04e3bd83a4d4fb64cf49d3ccc2415b02d239	n/a	Heodo
2020-09-03	3U008.exe	exe	eaa54d0bb664bc12bf0591378ef05c95c91a358a23e0e840799916ccbacdd08a	n/a	Heodo
2020-09-03	3584624.exe	exe	c80fa2b7b4a9869444c65e68998ae5caf3e9f20278cf09b16028aa91b5cc3c86	n/a	Heodo
2020-09-03	V9PtQABLC6ii881895108.exe	exe	f574ad057d06f6f66ed431cdd2413de3dba61fd5671e2c215282b3d159d6c033	n/a	Heodo
2020-09-03	1Y24Tmhw21000478650.exe	exe	23c1bb8d2ed794d8c239ba48c96a99510d8888ef03345fe1042a1701c05925f3	n/a	Heodo
2020-09-03	f0p17617.exe	exe	55feb60740b43bd1f781fd4c57beca95ea30a561521115bf990ca0077d88ffbe	n/a	Heodo
2020-09-03	0001816115080697w7uJ.exe	exe	6c438274684777d0aa4746d23ed6f90e7bb535071563b4909bf9eee317a82b23	n/a	Heodo
2020-09-03	000002724078846.exe	exe	bb4f7d69ca582ebf3273c5c4f5534e8ce6d3e1b5e0333cbcba70b704f414a70d	n/a	Heodo
2020-09-03	Z5X31J000592.exe	exe	54abcb21c73f5d3dc5fa477a5795abd1476d986f245549d7cdbc3119ff71bdea	n/a	Heodo
2020-09-03	00003535482.exe	exe	90f225c7eabf0b47a3e511d35da96a9d2a8a1b257c11706377d692ca9fde8f7b	n/a	Heodo
2020-09-03	79aG37DTGn.exe	exe	96b4ba48a3ac90b31a3579505058f7b33029bf84e43b0956fc7f9ddbc2c5d701	n/a	Heodo
2020-09-03	E68Yd9s001453331901.exe	exe	3e2dc0a50e252052b5f8316aab17933aa0adb45eab704418b36a73d2032c1a87	n/a	Heodo
2020-09-03	oNxNvANNzg000447.exe	exe	d2ab846ee282ed8ace388a5f67f250130bc86dc54465a5e68c5924e49e1ba2fa	n/a	Heodo
2020-09-03	PCAy00058.exe	exe	08e75a220328ca83e34141eeef1d3f5dd9de06180a4fbc8ff42ae05de33166fa	n/a	Heodo
2020-09-03	0nlzATUquR56.exe	exe	eb0a9559f1c34037a21503f02da34de8bc62a89f1f2c8f30da89393ce04dc91f	n/a	Heodo
2020-09-03	00076291348.exe	exe	65a86c1027fcfa666719f274549029745bbc53a2249a789b9fc391d1f242e31b	n/a	Heodo
2020-09-03	0028206go.exe	exe	d79bab4a30961ff60d36c0c5556fe5fe5fea12299b3529495747daea52dd5815	n/a	Heodo
2020-09-03	Qds2PbJ0000990.exe	exe	58dc457805b2ed04958834fb163c08cda6b021a026a67f6aab6c942fd887ea8f	n/a	Heodo
2020-09-03	Uug3332915703504.exe	exe	9ae6195bc25c9592d41121514b83c124415f9b912126dbe7a6e7233a8f6e2969	n/a	Heodo
2020-09-03	6BNQq0g127.exe	exe	4c16f68e6908b10ff76d137e902724f6e16863bfa7326c743e3f5cebd90617ac	n/a	Heodo
2020-09-03	004280157JYXXo.exe	exe	23a186c9251ce2920000ea318f6282dcecca6d7a28c535697ddb1f8fa29c05ac	n/a	Heodo
2020-09-03	QxgyM6rqs2.exe	exe	f9d21a020448767ed1e396998a2318ff39400c87e2d3ae9d9d9e54178d096f75	n/a	Heodo
2020-09-03	ixqWfLi264Aa9215300564.exe	exe	ff93bbc511cf212db35cd6ecde1b3aef2788d60bd0a511e7a15792fa5ff646b5	n/a	Heodo