URLhaus Database

You are currently viewing the URLhaus database entry for https://kotova.fi/cgi-bin/https://FILE/hS1Gt8udKeRV5wF6np3/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:452464
URL: https://kotova.fi/cgi-bin/https://FILE/hS1Gt8udKeRV5wF6np3/
URL Status:Offline
Host: kotova.fi
Date added:2020-09-03 13:46:33 UTC
Last online:2020-09-03 19:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-03 13:48:04 UTC to info{at}hostingpalvelu[dot]fi)
Takedown time:5 hours, 45 minutes Good (down since 2020-09-03 19:33:25 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-03Doc-20200903-8813.docdoc dfb1031ce56f9f39a32ed410629d9f46e753b4e0671d121c063d52a7a23785f8Virustotal results 22.03%Heodo
2020-09-03Attachment_SL5039.docdoc af81984de14d081c2a5d015a4266dd625fd7eb4153810cb71c2ba3e9dbf382ddVirustotal results 23.73%Heodo
2020-09-03LIST 95190.docdoc 87dc054eccdd1cd6182d372f5fad56aae34971c4a0ab10e92fd242ee82e9c785Virustotal results 23.73%Heodo
2020-09-03list_2020_09_03_7949200.docdoc 75e21b06b155b76eeb61cf02a1e3d2ed091b180853d2c6dba9aa7f4afa014aa8Virustotal results 21.67%Heodo
2020-09-03UNTITLED-27123.docdoc 1e8ea370168c58d9ea8d88b67552e2397a879ea142fbb091ab2e258d51db9f69Virustotal results 22.03%Heodo
2020-09-03inf 2020_09_03 SWE920070.docdoc b66793cda5150365d467a564f89991b5d8c1942368050aeefee9db6fe5c8a107Virustotal results 25.42%Heodo
2020-09-03MES 2020_09_03 Q67691.docdoc 039593442d9e6207131ebcf1a580c3e5bec865876db4457c1f8caa6947159cbdVirustotal results 25.00%Heodo
2020-09-03Attachment 20200903.docdoc 7a10fa5e42ffaf9baddc54567556ebe14f3b6a31b1c4cd39193fc742546d6538Virustotal results 25.42%Heodo
2020-09-03rep-2684828.docdoc 95a7e791afc63ee2afec1fb8ed9283881d2afc17110419804e6dad34cf0914ddVirustotal results 25.42%Heodo
2020-09-036878EQ.docdoc 68d32abf2673eb48f6df74b063aa17e978d10a50c746d8e0f27ba51c93779d01Virustotal results 25.00%Heodo
2020-09-03Untitled_FM7390.docdoc b14443ae26e257ef4d41a942b378470af758b31d9c8d7946861ebb13f8f853dan/aHeodo
2020-09-03ARC M1934.docdoc 71ffbf141f5aebe290a6af65bb7c1f043e16b70bca63e9d098d5102caed37d96Virustotal results 23.33%Heodo
2020-09-036768815 4368554.docdoc 74d79a261c4dfc93f6f3c199d88022fe60feb23345414d0054480883e2a4888dn/aHeodo
2020-09-03UNTITLED_20200903_555207.docdoc a174b2bf75543a4a1190ec9dc367943e05b0ad1872ef71382a25e16c6d104399Virustotal results 21.67%Heodo
2020-09-03List 1183018.docdoc abeaab23c1c9c08c2cc470f886b692a6bb23a1a63ae63bacf06ed1d9ce181280Virustotal results 21.67%Heodo
2020-09-03Attachment 2020_09_03 W927899.docdoc 22f195db5856009d2d9a8a6c82daa0ba4e31d3970ae907e9311cbc5c94925ad3Virustotal results 19.67%Heodo
2020-09-03531839-5225.docdoc e066308839f458b9477414e501caff74c793580cb0188acb9cc3bd188f5aa215Virustotal results 21.67%Heodo
2020-09-03Untitled-352742.docdoc 735617818e8d2ea0cf674f7722f0a4c73128aed869e1adffb63f34567a9d4647Virustotal results 20.00%Heodo
2020-09-03arc 160.docdoc 7e979900e46de15883815a5c253c87cbb107219db542870c2c3da283394b7fc0n/aHeodo