URLhaus Database

You are currently viewing the URLhaus database entry for https://wolfgang-rulfs.de/cgi-bin/http://browse/MdKP5k9q2hUsyj5OD/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:452587
URL: https://wolfgang-rulfs.de/cgi-bin/http://browse/MdKP5k9q2hUsyj5OD/
URL Status:Offline
Host: wolfgang-rulfs.de
Date added:2020-09-03 16:58:03 UTC
Last online:2020-09-04 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-03 17:00:03 UTC to abuse{at}strato[dot]de)
Takedown time:17 hours, 23 minutes Good (down since 2020-09-04 10:23:20 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-04DAT 2020_09_04 K050231.docdoc 6cd410ea9e6acb847aa11305ad2f523edf3d087d6395719c5959c4ed434485e9Virustotal results 26.67%Heodo
2020-09-0438812TOG_20200904_97418.docdoc b808a0657398e4cc49797e07b5519fd56682909338a9cd618547970286279268n/aHeodo
2020-09-04Mes_2020_09_04_111.docdoc 390dbf28e54b33d822c2790277611076c2a2520346d27caef4371d09546e1dc5Virustotal results 23.33%Heodo
2020-09-04390 2020_09_04 825.docdoc bfc004f7ac8d0c2e241dc8086e3e58fb542fcc47b5114ab614fa893199328acfVirustotal results 23.73%Heodo
2020-09-04mes_GFY9232.docdoc 6e80f8c0bcada5875b9aeb8c66983961fcf02d5d34173f58dc2a8834db676703n/aHeodo
2020-09-04Rep-2020_09_04.docdoc f9ea09e0474333e9c3d7ef368863f79db7654109197ee33b969b73757bcbf091Virustotal results 23.33%Heodo
2020-09-04File-2020_09_04-VC94979.docdoc 52253d5cc807567a8465a7cf37b1101897ed3c19596c3261041ce32593e2f467Virustotal results 23.73%Heodo
2020-09-04DAT_20200904_DYZ159400.docdoc e265891012d31e17fb6e3c8029d29b874cc7fd9bfd6c0ad065560e291b7eab4dVirustotal results 23.33%Heodo
2020-09-04File 937.docdoc 8b8167f9f9f0fb034acba8cfca499300531ee06a2c9ee705d976d007bb636f21Virustotal results 21.31%Heodo
2020-09-04dat_2020_09_04_X6923.docdoc 970e16cc8aabea583a577bb3ca6a50b795357231ff02822fafb8aa7dd143667fVirustotal results 22.03%Heodo
2020-09-04INF_1133179.docdoc 2be118d48f3e89cf53df13c43a01cdea40d8ffc9ed68e343636386badff6200dVirustotal results 22.03%Heodo
2020-09-04rep_LA13050.docdoc 4e3917d545fe670b0ea8dd1cf91701595c3cbe5ab87b5c53a826514778bad6f6n/aHeodo
2020-09-04List-2020_09_04.docdoc be658261ea85360800d4b052f23fd96dbadfe7171d308a38dba22b5fe4efadf0Virustotal results 41.67%Heodo
2020-09-04Dat 2020_09_04.docdoc 4abe421f4bf82588ca7772c685416eab8133054e1ae9fcedc245167e272b6105n/aHeodo
2020-09-04Mes 2020_09_04 JZY015.docdoc 933a5acf70c2c8f24a3d359a43ab898e556cdcae740ddcaf33acbc356ae1d9d5Virustotal results 38.33%Heodo
2020-09-04doc 20200904 9074317.docdoc 0ff1c95a7d850d74903fb10610c4d99e54fd900d51cad0f2deda82e1122f403cVirustotal results 40.00%Heodo
2020-09-04mes 2020_09_04 196144.docdoc e65695efbab165615890ff748629c8f55ca9d41d32545193018429b58b8ca746Virustotal results 41.38%Heodo
2020-09-04Untitled 20200904 M45984.docdoc 05558fbc6250f15d45880b5ebfb3798d415fad3e982b503fd6b61e658d902aaeVirustotal results 40.68%Heodo
2020-09-04LIST I015.docdoc ede8d998dc31e2c855d01100bae27909e6fad8672e5bb1e7afced120b025c6a4n/aHeodo
2020-09-04doc 20200904 848.docdoc 7f52e258980628fde30f218b911a2e930d0bb7245dbe6093e35eaf7e61c3e688Virustotal results 40.00%Heodo
2020-09-043629398 20200904 65908.docdoc 4808444c5d5d505fcdfe5814913d92dea2c41dbd68018cff2817cabd134441a6n/aHeodo
2020-09-04FILE_2020_09_04_2806596.docdoc 9a9c96896e784dc4ac0ff44a3052d2ff2d7cb744fcf3255981f30894e95d6c42Virustotal results 40.00%Heodo
2020-09-04Dat-2020_09_04-882742.docdoc b25414b4b759b6517cfc1ce36e58d10a5aac59912adc8230095f50f6659af778Virustotal results 40.00%Heodo
2020-09-04File_2020_09_04_3175.docdoc 90d7013803edb798ee2da7fcf3de07420ccd536dd01c96d0c787a80c0923f08dVirustotal results 40.00%Heodo
2020-09-04list 7930537.docdoc d771bd380512ca62d90490660909fd428aa582bd97ee49d263deaa6334170f65Virustotal results 38.98%Heodo
2020-09-04LIST X577208.docdoc cbf75dba4c6b4f8cbcfb647112f9a0a4f8efb293526aea73ffebcd800379e08fVirustotal results 40.68%Heodo
2020-09-0482244TQY-20200904-VXU51695.docdoc 1fa1544383bbda2ef984f9c0a8a1e3ec9c37ede4a0e897d8177d7e92d3809ea1Virustotal results 40.68%Heodo
2020-09-04Untitled.docdoc 595e8a24f2e5e51e56138296f7c6cd58e709e8f532dbacc38ae66f462e0e071dVirustotal results 40.00%Heodo
2020-09-04ARC-20200904-Z602.docdoc b0eafc0cd064f11cf1aaea20c1f55afc0770f81b4a59723d453b1ea6f6dd276cVirustotal results 42.11%Heodo
2020-09-04BT5520 20200904 DE549893.docdoc ed80367a721e5c5ea3048c5688d5b8446bfed75afd70f06932dd66e94a437a93n/aHeodo
2020-09-04DAT-2020_09_04-G726.docdoc 7eba76e504a537e3600311969b0b159744d8f78d48891c9f06dfd9aa9798b9e3Virustotal results 38.98%Heodo
2020-09-04File_20200904_MDL147318.docdoc ee7586771fa02df0ef18b9f88c3bb45135371e5f7a16f6304b1b500a99a0ca6eVirustotal results 40.98%Heodo
2020-09-04MES_20200904_923.docdoc 69e91274a22bb98b54013be9509ad757c17fd9ab44d80c5a8585ec639ea6f04bn/aHeodo
2020-09-04061ROI-2020_09_04-V57635.docdoc 40e46d87637cea2a6a20ca199855bdf702be9effdbbe4114bb50c812d1de9d4bVirustotal results 40.00%Heodo
2020-09-04dat-20200904-125.docdoc 945f9c6c84eff86e098fcb02268e716fb80f5c6fa8a5e64e08175a306d3c0a2bn/aHeodo
2020-09-0470279 20200904 1334385.docdoc 479a6416cfb665d2d0f0b6e39d11282a0d31d799d87898d50f066e8d564808f6Virustotal results 36.67%Heodo
2020-09-03inf_2020_09_04.docdoc 2ce02bed93b32642de024d52e2b8b0cdfc0716e8a0d1e617b67cdf14c195583eVirustotal results 35.00%Heodo
2020-09-03Inf-2020_09_04-750897.docdoc 5b1c5637bea570eeef52ff79044a41de92de4e33ddffcde3b3611bee6fc8e5b1Virustotal results 36.67%Heodo
2020-09-0345967996-MG803.docdoc ea4fc36885f9979ad9f5fa421926dba611a7a272abbc518fdb4da57125d0f548Virustotal results 32.79%Heodo
2020-09-03Arc-2020_09_04.docdoc 5870705910f4290f13346efd3c9113483974723cc840cd330844efa6f5b3be19Virustotal results 34.48%Heodo
2020-09-03Untitled_2020_09_04_450508.docdoc 939b166130d34042d2f4e49e43067b7670e409ae8dfe5e7d675160a838878230Virustotal results 31.67%Heodo
2020-09-03Untitled_20200904_LR637891.docdoc 93b78de73040a3429d67f551e6a789cd2a141185e4bdba2cb74d575346b169f8Virustotal results 31.67%Heodo
2020-09-03Attachment_2020_09_04.docdoc 2f9910b3fffce2373726bb19cee907def1ad66df1c9210d955647c7a638ef9edVirustotal results 30.00%Heodo
2020-09-03NFV18643_20200904_EMM910947.docdoc c9915f741ce8d4cf9ca8c30d7711a0152562b3b68514486b5b49442ea9fc3b06Virustotal results 31.58%Heodo
2020-09-03inf_20200904_YOB28108.docdoc d0b12e270e83660cf1af25738d605f6c9a9edbd56f777bf405d01602fd42a201Virustotal results 30.51%Heodo
2020-09-03inf-JDC15034.docdoc 3c9f9e08bf1785b8c6c1fed306eb5e322fb63ea73a8d01a9fc83af4006d64008n/aHeodo
2020-09-03Attachments 2020_09_04.docdoc eff6ba195fc7d083d41cc3c5d0bf90588ba4de22599bc9adeb053e04f0f4d55cVirustotal results 30.51%Heodo
2020-09-03ARC_430148.docdoc 4eb0ea9ea11d15ca77a809f48e8303d336ce6d204ddc6712cc67164a580a9de5Virustotal results 28.81%Heodo
2020-09-03FILE R3503.docdoc 42ccf0abf046317f8dd2f1b447cbc691402c7d009419cbaa98148c4812f9fe14Virustotal results 28.33%Heodo
2020-09-03FILE_20200903_MSQ042922.docdoc 473941d39d5c25ffe3ce4b7d3da0b2e3203fc8fd7123c8392d025ea706d45d32Virustotal results 28.33%Heodo
2020-09-03UNTITLED-20200903-K98600.docdoc a0c7d7125079c31ddaf2b7b1955bf7992183d25c6c03b5d81ce1a17ff8ad612dn/aHeodo
2020-09-03Inf_2020_09_03.docdoc e5115c3e86dd21ece011508d8b1b576b6b5b38eefde8dea14cdaac4a6a06f4e0Virustotal results 28.81%Heodo
2020-09-03rep-2020_09_03-H61765.docdoc e727d2e04c5bc6f27e4a73ce18b8074fc192758dc0abaed60480c0f1dcbbaa0bVirustotal results 28.33%Heodo
2020-09-03dat 20200903 K30874.docdoc bbb8481db8d91e443182bfc4898ed75ed829f7120eec1117572bc21d3c7f611bVirustotal results 28.81%Heodo
2020-09-03List 20200903 108.docdoc c6100db3ca252938aefab6362140d6d30f93610ca723dc5fcc71f3caad117317n/aHeodo
2020-09-03Rep 20200903 A435.docdoc 509ecb6a2610738956ebdf8a885bdb413fe84bd8143e1012a1fb4a4e14333d19Virustotal results 23.73%Heodo
2020-09-03Attachments_4642.docdoc dfb1031ce56f9f39a32ed410629d9f46e753b4e0671d121c063d52a7a23785f8Virustotal results 22.03%Heodo
2020-09-039239992-2020_09_03-78256.docdoc bc4ee7e49e05ab462e199c1a2635de8de23b9ca32d8c7634cc4902f425967e22Virustotal results 23.33%Heodo
2020-09-03inf-20200903-4672252.docdoc 87dc054eccdd1cd6182d372f5fad56aae34971c4a0ab10e92fd242ee82e9c785Virustotal results 23.73%Heodo
2020-09-03MES.docdoc 75e21b06b155b76eeb61cf02a1e3d2ed091b180853d2c6dba9aa7f4afa014aa8n/aHeodo
2020-09-03WB44781_20200903_I2141.docdoc 1695d227dfe87081d279c0a10163f9230da66348eda90255188700c874414c8fVirustotal results 21.67%Heodo
2020-09-03mes-2020_09_03-GEG7691.docdoc b66793cda5150365d467a564f89991b5d8c1942368050aeefee9db6fe5c8a107Virustotal results 25.42%Heodo
2020-09-03DAT 2020_09_03 K219592.docdoc 039593442d9e6207131ebcf1a580c3e5bec865876db4457c1f8caa6947159cbdn/aHeodo
2020-09-03Mes 667307.docdoc f2e1cc10cb894c7264750cfc469984c28817063d9209aaf2b6160732cfd9a833Virustotal results 25.42%Heodo
2020-09-03Doc_20200903.docdoc 7a10fa5e42ffaf9baddc54567556ebe14f3b6a31b1c4cd39193fc742546d6538n/aHeodo
2020-09-03UNTITLED 2020_09_03 021.docdoc a3458f8fe772eb9822b81f0318752a5e5c4827d89073d509023de35617504a50Virustotal results 25.00%Heodo
2020-09-03List_IF995.docdoc afec2bfe8925c1750c88f1532f6c9f067e3751ce6beeca628db4850efd1d7bccVirustotal results 25.42%Heodo