URLhaus Database

You are currently viewing the URLhaus database entry for http://klein-stephan.de/cgi-bin/http:/sites/UgkXWPxjA0y/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	452663
URL:	http://klein-stephan.de/cgi-bin/http:/sites/UgkXWPxjA0y/
URL Status:	Offline
Host:	klein-stephan.de
Date added:	2020-09-03 18:18:08 UTC
Last online:	2020-09-07 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-03 18:20:15 UTC to abuse{at}strato[dot]de)
Takedown time:	3 days, 15 hours, 2 minutes (down since 2020-09-07 09:22:37 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-04	66707067-2020_09_04-AVI1529.doc	doc	380c46aa7a6ebfb32b4e005930aa368ca90386ecf02e2587a0c6f035569df404	35.59%	Heodo
2020-09-04	inf 20200904 641312.doc	doc	6811ea887aa1fb0b0947ae4c101b1bccd01e6be62529652d9a9c70a8879485fe	34.43%	Heodo
2020-09-04	Attachment-20200904-220.doc	doc	a49d6ff985f57e4d6e09893b343f97b9da664ae8c0b7c0e95f18f1a8f119f1a8	35.00%	Heodo
2020-09-04	Attachment_20200904_K4085.doc	doc	113c8c78cdad0ed438501117f87ca9b0d52b672ddd8b015284541ded516827e6	n/a	Heodo
2020-09-04	S41641 20200904 5398496.doc	doc	cc4f7c86201d0618e4cc76f2030913800e738cb4a46496daa65e8f3507b3e12d	35.59%	Heodo
2020-09-04	69790.doc	doc	4caf5eb87b69a8e37c3524c776870ace2c3a187f6d4956a9cf441148c4dc75cb	35.00%	Heodo
2020-09-04	571IH-20200904-8743934.doc	doc	3cbc74cc86834166223864b87a975cd733c121faa9d9119b74ab5d27c6a2c687	35.00%	Heodo
2020-09-04	Arc 2020_09_04 N00763.doc	doc	4f574c1f2f33241e9d1d44b74075d96778a9a152808b8c397f19a51c1b16ab2d	33.90%	Heodo
2020-09-04	rep_20200904_100.doc	doc	1be69671e6bec7358d5a7ea5bfe04ad1acad931ee84e73f3bcc53f78d28a7052	36.21%	Heodo
2020-09-04	Doc-2020_09_04-923.doc	doc	0d5e301807f834486dc3a5e55e4e04056e56cb6b8a2f2136c64f55a0ba12f1f3	35.00%	Heodo
2020-09-04	List CH28005.doc	doc	d4416a6ff0dbbf8a60d1df15030c7eeaf6be3883b9f4df72bd6312eb84caa672	n/a	Heodo
2020-09-04	PJ36413 20200904.doc	doc	482e43557c2b67031f8b9141f11291ebb6d9fa946193ab1287ef2010ab18b462	26.67%	Heodo
2020-09-04	FILE 20200904.doc	doc	3616487fc9577f23d340266d9936a2e2553b1b9c340d3217345e74a4af603666	n/a	Heodo
2020-09-04	rep_20200904.doc	doc	edbc22e742e12b2af45a775673812f2c751b4f9071a83b9565d3d547fa380655	30.00%	Heodo
2020-09-04	7536AE_AMN818.doc	doc	be6a2393d8d58557a21737649e0977851d793862f1b80f1d27a1ee2ee70b3154	n/a	Heodo
2020-09-04	UNTITLED-20200904-9993101.doc	doc	d7452abd23b4d0a252d67436bea5f98b177d6d4a707ce10ce71852940cf97a3c	29.31%	Heodo
2020-09-04	doc-L13957.doc	doc	c3850d62a95518f0ec62ce9f3f83163aa67b240ac7b21a8b6e1bf5e24005a4d0	28.33%	Heodo
2020-09-04	P0947_YO4132.doc	doc	794287d8176f07c6943cc4ca303d03de2ec84b37ff7262e148c0451087177c86	27.12%	Heodo
2020-09-04	inf_20200904.doc	doc	e04a181d4f71e29d0e1dd60e7ddaa50e20047dff94667fefcd0f582f5e3203a3	27.12%	Heodo
2020-09-04	File-2020_09_04-76525.doc	doc	d0faa29d011a7abe3a5e2d03346780cebd6a5dc766e52241014b96e58b4a99d7	n/a	Heodo
2020-09-04	005066-2020_09_04-393.doc	doc	9e9d7588b44ebf875c00651584227efb05e4af6e16f2600db20005064e8787fd	n/a	Heodo
2020-09-04	Untitled-2020_09_04-QZ501.doc	doc	05d812b5dacd80bc461304d3f5e745b7522bf28e626b1e1e5ce3b864ebf64f35	25.42%	Heodo
2020-09-04	Rep 20200904 F6184.doc	doc	52a1f3085fece2adb5e447183da5a37ab0c90019b2237702ce65ead6ba03cf96	n/a	Heodo
2020-09-04	1659006 2020_09_04 IEZ49716.doc	doc	29ffe94790ecabfa236c6b248a97808417fc07a48c0460dc56eac0c1820b0182	22.03%	Heodo
2020-09-04	Mes-2020_09_04-VG557.doc	doc	5e01f376491f37354db3791f6ec1c53893e852d5874971655f2b8c0c9bfa35cd	20.34%	Heodo
2020-09-04	inf_2020_09_04_073.doc	doc	eae2a3c4e7a60e5476ac2c92926540cf3c70568a318f1a20a996ebeb53e8749b	26.67%	Heodo
2020-09-04	List 2020_09_04.doc	doc	8c4a8a1c7d4ddbfd0b727a5f169b6bc78e7997fd2b0947299d663a215bb3a9d9	27.12%	Heodo
2020-09-04	LIST 20200904 G95673.doc	doc	49ec67eefb48b7b1a629efed9521bbe30dfbaea3613d39d4fff12162ea10d59b	26.23%	Heodo
2020-09-04	INF-3714867.doc	doc	24325dc08722e851f6637f34bd024e29a92a95a82f94fd5adf334df561dfd116	n/a	Heodo
2020-09-04	dat_20200904_T463739.doc	doc	b6c9ea0c6311713092b07d9f28b5b798d84789c78cba9ce6f80d967cfec02942	26.67%	Heodo
2020-09-04	Arc-2020_09_04-147.doc	doc	9da9e2af16844a3b0fc49e496b6a88773ebb122ac1471d654d696c4417c6c5d7	26.67%	Heodo
2020-09-04	54438500 UW052.doc	doc	21b9cc274053728e137bd7758073d320efc12110b9756712aa7d806b7205b1e1	27.12%	Heodo
2020-09-04	MES 747395.doc	doc	e514ee40aaf58363f83b55c5bb9e01e591be5d5fbea0402363bfe659405e331a	25.00%	Heodo
2020-09-04	40485252-20200904.doc	doc	5c3e085b8dc0398471b039b43d850dc0dd50acd421707eb3296026e53b65d5a9	23.33%	Heodo
2020-09-04	85198826_2020_09_04_T408.doc	doc	0333bff5ce7bc15e980682c145f4a161838a0772811528a5910da02b14a2431a	n/a	Heodo
2020-09-04	68004 2230.doc	doc	bfc004f7ac8d0c2e241dc8086e3e58fb542fcc47b5114ab614fa893199328acf	n/a	Heodo
2020-09-04	Inf_20200904_9775452.doc	doc	12f0fe0be2051b0b2db3468b20798d7813c859384af5be7c18845165d1bc9240	22.41%	Heodo
2020-09-04	Mes YJB51733.doc	doc	bbb72c4df6c036dd3b187c18c6ba7bf547ed934e658bdcd5d3c23d14d244c2ea	23.33%	Heodo
2020-09-04	EG302_20200904_EA21878.doc	doc	cf9b7b986e763e7ed395622f0e81f3ae662f65397ca0717169ada8127afce47f	22.03%	Heodo
2020-09-04	inf-20200904-FAB15840.doc	doc	dff60dc9f114e848e0904ff850adf4dfad09811c2ab905e56b1cb3f16dfbbe12	22.03%	Heodo
2020-09-04	List-0245.doc	doc	d38918707adc1b43963df18c7c3483e35cb906f58221fbe54adcbf770706feaf	21.67%	Heodo
2020-09-04	arc-20200904-9928973.doc	doc	f757b9a11463c3bb26ef5c9486e4ede7cd2899709fbbf17ba17042e2b75109e5	n/a	Heodo
2020-09-04	Attachments.doc	doc	4e3917d545fe670b0ea8dd1cf91701595c3cbe5ab87b5c53a826514778bad6f6	n/a	Heodo
2020-09-04	60333_278119.doc	doc	d310bc1324e7bd2e09dde5482cc4390a66257737f2da4ce7c2bc2f05d04663d7	42.37%	Heodo
2020-09-04	99284_20200904_1955.doc	doc	12faca932c77d851b530ebd1ee39f12e9c7b755904fb11fa61fd7acb92afdf62	40.68%	Heodo
2020-09-04	UNTITLED_20200904_MZR70178.doc	doc	933a5acf70c2c8f24a3d359a43ab898e556cdcae740ddcaf33acbc356ae1d9d5	38.33%	Heodo
2020-09-04	MES 20200904.doc	doc	ca1b62ba1f6df4e6e7ee6b0ae0cdbf41303c29e916602d32ba15df885ce8d527	40.00%	Heodo
2020-09-04	ARC 20200904 3458.doc	doc	0ff1c95a7d850d74903fb10610c4d99e54fd900d51cad0f2deda82e1122f403c	n/a	Heodo
2020-09-04	dat-2020_09_04-267173.doc	doc	6bb0dcdffbd9df010a6d7951c4a8ecb8596b694a6b4f59c866f30a012bc325f5	40.00%	Heodo
2020-09-04	Mes M643951.doc	doc	b928a4ea1aae65b1c3ee2634f0d4d3bba7d8f0d7bd647c3befb30ba0f8b6a1ab	40.68%	Heodo
2020-09-04	Mes-K700086.doc	doc	6c3530951ad2bde0a96b5bda4698fb3638e360f5176d3f6aa4f9ea0570a3f45d	40.00%	Heodo
2020-09-04	list_2020_09_04_DE264.doc	doc	4808444c5d5d505fcdfe5814913d92dea2c41dbd68018cff2817cabd134441a6	41.67%	Heodo
2020-09-04	DAT_6410.doc	doc	352ed1583217d011b59331d9df7069fb05bffbee3823ffe2603a5cd74f16b850	41.38%	Heodo
2020-09-04	file-2020_09_04-8261438.doc	doc	90d7013803edb798ee2da7fcf3de07420ccd536dd01c96d0c787a80c0923f08d	40.00%	Heodo
2020-09-04	UX27569-17124.doc	doc	113f271d566b508aed976158e057211703fe30c314960665466fe58d9e08e50b	40.00%	Heodo
2020-09-04	DAT.doc	doc	2f40ae83dd7e6ea630b731213a7f9629565af65eca2bf9990d77114dc2b441e5	41.38%	Heodo
2020-09-04	Z144 2020_09_04.doc	doc	cbf75dba4c6b4f8cbcfb647112f9a0a4f8efb293526aea73ffebcd800379e08f	40.68%	Heodo
2020-09-04	022861 K467.doc	doc	1fa1544383bbda2ef984f9c0a8a1e3ec9c37ede4a0e897d8177d7e92d3809ea1	40.68%	Heodo
2020-09-04	096 20200904 5051280.doc	doc	ed80367a721e5c5ea3048c5688d5b8446bfed75afd70f06932dd66e94a437a93	40.68%	Heodo
2020-09-04	852DHO-2020_09_04-862.doc	doc	41b51c9c72e134b6a5183ee31357d58d19e875c56db068adc0b5f8a3d12bdc3e	40.00%	Heodo
2020-09-04	File-705731.doc	doc	7eba76e504a537e3600311969b0b159744d8f78d48891c9f06dfd9aa9798b9e3	38.98%	Heodo
2020-09-04	K95933 20200904 TYG315.doc	doc	daa812c082d4d470cfad19c540bfc6ea7adbcd3859273af885dda81d2722e1e1	40.00%	Heodo
2020-09-04	file.doc	doc	c9760ed3a6abb462e2d429280f83f0e912114c2b1923fa1fec74b3ee350afa78	40.98%	Heodo
2020-09-04	Attachment 20200904.doc	doc	0bed9ceb6c02ac01c38804705e397d72379abfba81c416c2deca29e08e32bd54	40.00%	Heodo
2020-09-04	9672 20200904.doc	doc	d6da8adc7df4680bdfe56aded8385d20e63b8af6ac83ff2abdccf2910232809b	40.00%	Heodo
2020-09-04	File-20200904.doc	doc	945f9c6c84eff86e098fcb02268e716fb80f5c6fa8a5e64e08175a306d3c0a2b	41.38%	Heodo
2020-09-04	REP 20200904 704437.doc	doc	479a6416cfb665d2d0f0b6e39d11282a0d31d799d87898d50f066e8d564808f6	36.67%	Heodo
2020-09-03	Mes_2020_09_04_03581.doc	doc	5b1c5637bea570eeef52ff79044a41de92de4e33ddffcde3b3611bee6fc8e5b1	36.67%	Heodo
2020-09-03	list-2020_09_04-VZO92121.doc	doc	ea4fc36885f9979ad9f5fa421926dba611a7a272abbc518fdb4da57125d0f548	32.79%	Heodo
2020-09-03	Rep-20200904-DT123.doc	doc	9e3d362ff8dc1daec89813f11f73bac91ac2ee3f97f803fd413522874432ebb4	32.79%	Heodo
2020-09-03	UNTITLED_2020_09_04.doc	doc	dec0fc4e4611e340eb402f29ab07769dcc51d4a2806a8aa520f4332aca26f2db	33.33%	Heodo
2020-09-03	Arc.doc	doc	939b166130d34042d2f4e49e43067b7670e409ae8dfe5e7d675160a838878230	31.67%	Heodo
2020-09-03	arc-5236.doc	doc	bf1b9f0a76233f9cc5983b3b48fad1f4edff9c94e363dbab7f91cb8050ab315f	31.67%	Heodo
2020-09-03	Dat-20200904-J114.doc	doc	2f9910b3fffce2373726bb19cee907def1ad66df1c9210d955647c7a638ef9ed	30.00%	Heodo
2020-09-03	inf.doc	doc	184ba331ed727480fd65743bfe0cf1489eca3b4d49b68a31b970ee96288c9484	30.00%	Heodo
2020-09-03	30450-2020_09_04-VYV811696.doc	doc	657e6e8ae1d0a5dd81e22e4c5966596510d091f0621e520d9f85c46ddad6f3b2	30.00%	Heodo
2020-09-03	7783006.doc	doc	eff6ba195fc7d083d41cc3c5d0bf90588ba4de22599bc9adeb053e04f0f4d55c	30.51%	Heodo
2020-09-03	Arc-2020_09_04-J8719.doc	doc	4f5a405c856619a4ed5e618fd60249ffb0ec9437f94ba328f235c14375271a7b	29.31%	Heodo
2020-09-03	INF-20200904-N7235.doc	doc	9105168259043d626df11b59d12bb7a9f12c20d5ff437fc5a7ce5725eb048eae	28.33%	Heodo
2020-09-03	File-2020_09_03-F71213.doc	doc	a0c7d7125079c31ddaf2b7b1955bf7992183d25c6c03b5d81ce1a17ff8ad612d	28.81%	Heodo
2020-09-03	doc 20200903 1864.doc	doc	2bb99d9824b62fad58399309008db0c35224a435f3128a9f1104bae218fff192	n/a	Heodo
2020-09-03	AA1226-20200903.doc	doc	54e914ada679af6812636e98ea035a024075eb6c2d3c5691d7ecb4bc6912e3b9	27.87%	Heodo
2020-09-03	UNTITLED_VMP93975.doc	doc	3d79b0e046a8c799ccb81e9bac59c0b8f45b767a92e8c32465ebb56975ddbbc5	28.33%	Heodo
2020-09-03	REP_9353.doc	doc	45dfa0acd3e383703d19e0c80284cce37c8de2fa9e193ce08e94e49a97d530af	n/a	Heodo
2020-09-03	Mes E337911.doc	doc	11a48462bad54a423a4107a55186e4d10c0ec205bd1ca12673171f08fdfba500	23.33%	Heodo
2020-09-03	arc-2020_09_03.doc	doc	ec3dbbf918ff879ed2acace6adeae456cc9936f19185f5e2d8cbbf428379799a	23.33%	Heodo
2020-09-03	List 20200903 390.doc	doc	b1c32ab9829ce18688bdc2f48a63f967f67366e2d725ae16bad216cbc79158e9	n/a	Heodo
2020-09-03	List.doc	doc	af81984de14d081c2a5d015a4266dd625fd7eb4153810cb71c2ba3e9dbf382dd	23.73%	Heodo
2020-09-03	arc 113.doc	doc	63930b14af729c7269381e50fe9d2aa5c1e270c629023c4a39564d39ef0d42f0	23.33%	Heodo
2020-09-03	DAT 2020_09_03 24032.doc	doc	5df80bddf0952d4068c9d2bdab9045f148de414681c96277199b4b06253b1cac	22.03%	Heodo
2020-09-03	UNTITLED 20200903 9050636.doc	doc	1695d227dfe87081d279c0a10163f9230da66348eda90255188700c874414c8f	21.67%	Heodo