URLhaus Database

You are currently viewing the URLhaus database entry for https://rubenwinkelman.nl/cgi-bin/https://eTrac/ocAAAtZkwjXalM/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:452766
URL: https://rubenwinkelman.nl/cgi-bin/https://eTrac/ocAAAtZkwjXalM/
URL Status:Offline
Host: rubenwinkelman.nl
Date added:2020-09-03 21:29:03 UTC
Last online:2020-09-04 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-03 21:30:04 UTC to abuse{at}strato[dot]de)
Takedown time:20 hours, 15 minutes Good (down since 2020-09-04 17:45:26 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-04rep_2020_09_04_BSM157283.docdoc 5da16c9f1af8807ac20e6adce0424c7e8fb78d5a4187584a3587876c2affb1e7n/aHeodo
2020-09-04arc_20200904.docdoc 530c8a300c489e40c554fb9c0be1d28633675699b2a84b520ff020fcebcf964dn/aHeodo
2020-09-04DAT_20200904_272214.docdoc 791553d28205023fcec3eb1d7b8e89736e5f99b90e7e8a1ddfa4452f1897a74dVirustotal results 35.00%Heodo
2020-09-04Untitled-20200904.docdoc 1be69671e6bec7358d5a7ea5bfe04ad1acad931ee84e73f3bcc53f78d28a7052Virustotal results 36.21%Heodo
2020-09-04dat 20200904.docdoc fbaa65a02cf8c771c0cf3656084a8b4168750f336ef53130fc96a219ce9dc121Virustotal results 35.00%Heodo
2020-09-04file_2020_09_04_J91028.docdoc 00a7e0634054721fe9f4467f8843d3558c3694215da05f6027c8444786c55d21Virustotal results 35.00%Heodo
2020-09-04Attachment_057.docdoc 60417a3fac59e91bb0031c7e6fc97a808021296c159f11631bc3ac3e34ec5603n/aHeodo
2020-09-04Arc_2020_09_04_889563.docdoc 088de2c93ca2a5d1c4e17cab469aa2ea619a58e4c03c744b338f74787e4dca86n/aHeodo
2020-09-04Dat_D7646.docdoc 9c82f57cbccf6ba04020fd7828aff371796a2f69e908f5ecf8c25d921a13abf6n/aHeodo
2020-09-04REP 20200904 RA252469.docdoc edbc22e742e12b2af45a775673812f2c751b4f9071a83b9565d3d547fa380655Virustotal results 30.00%Heodo
2020-09-04MES-L296.docdoc be6a2393d8d58557a21737649e0977851d793862f1b80f1d27a1ee2ee70b3154Virustotal results 31.03%Heodo
2020-09-04LIST_LHC09731.docdoc ba82dfa2da1757e5cb6ed6f9bb2d2c820d055dbab664b798475fd4a94d8476b9Virustotal results 28.81%Heodo
2020-09-04mes-STG62470.docdoc 07a163e438bc23f4ba37b5191bd5bd2134b87c7fe63924af48c3601f222bf676Virustotal results 28.81%Heodo
2020-09-04List-2020_09_04-DX08700.docdoc fe8b0f5cf9354ea102596195bbbf5947c2103a393c585873166112b4734d3169Virustotal results 27.59%Heodo
2020-09-04LIST-2020_09_04-375432.docdoc cba83b613d73f634da924685c3cfdd701edddbc80bd28399548cbdee1e5f4df1Virustotal results 25.86%Heodo
2020-09-04List-20200904-3431.docdoc 4f1efb479047eb160b579acb41f5f020b5c98546b837d8f74862d98ffef4840cVirustotal results 25.42%Heodo
2020-09-04Dat_20200904_DF1423.docdoc 006573a1a4acf93e1940fd56fea0e62fa51082d6e0209689974721fc1b3f9f7dVirustotal results 25.42%Heodo
2020-09-04doc_20200904_SOF049.docdoc 6ba1180f37e95dd4238a52435a56d2cb1483ed9a34af53b44e0fecd5863244ebn/aHeodo
2020-09-04File 2020_09_04 C443595.docdoc 2e6992209a57f96c89556ed36c0e872bf312cc0e79e673c6888fe3b263c1ce06Virustotal results 23.73%Heodo
2020-09-04ARC-20200904-KRM613620.docdoc 7c92d272756fdd2e928979df95e5559a85fac4b8fdd04cb6c475bd102fadebd1Virustotal results 21.31%Heodo
2020-09-04Untitled_H788.docdoc 0b32acf0a3322fe655fc8ea7251ece0b782a819ae84d5819cbd4f1e2ce7fb031Virustotal results 21.67%Heodo
2020-09-04INF_20200904_G923073.docdoc a3a6ac7d192be2e1805c8322a5902acff68c4ed635490764dff2be34287a7b6fVirustotal results 27.12%Heodo
2020-09-04567BWN-2020_09_04-OW24166.docdoc eb2264ac02ea6f6ca9efed74315f140e86357be821112bba1c3b3a1f8b70e8c5Virustotal results 27.12%Heodo
2020-09-04Rep_20200904.docdoc 1fd6598e530c78964c40e2d283b7eb345c92f4c161ca5f5254ec469366603439Virustotal results 26.67%Heodo
2020-09-04Doc 2020_09_04 HFD687212.docdoc 49ec67eefb48b7b1a629efed9521bbe30dfbaea3613d39d4fff12162ea10d59bVirustotal results 26.23%Heodo
2020-09-04File-2020_09_04-O541.docdoc 3707b5de1e09741a173a932af10c341420b9303dd71c5e228345a8a9076edc11Virustotal results 27.12%Heodo
2020-09-04Mes.docdoc fe091cf9eba180793119db32fe94d4816c743d95fe73f73f8f8a11df2cd0aadeVirustotal results 27.27%Heodo
2020-09-04REP 20200904 X2467.docdoc 6b12df90c4f1f8bdf2bcc412748ab826992ecf7c8f1d6dff2768fff19be85236n/aHeodo
2020-09-04Doc-743356.docdoc 76edab16c0826931fc12090a44f6f773625fba9165acd2459a0e27eeabe00ceeVirustotal results 26.67%Heodo
2020-09-04INF_20200904.docdoc b808a0657398e4cc49797e07b5519fd56682909338a9cd618547970286279268n/aHeodo
2020-09-04DAT_JWE19486.docdoc 390dbf28e54b33d822c2790277611076c2a2520346d27caef4371d09546e1dc5n/aHeodo
2020-09-04Mes_ATX538.docdoc 4db2255d31946791dda100686fe140e9c3b4df0060994abd723c697a68b5819aVirustotal results 23.73%Heodo
2020-09-04DAT.docdoc 741df8375c604df23cb9cc5bdbc6373f0b74df334fe2efd60bd6df7c5a398b65Virustotal results 22.95%Heodo
2020-09-04LIST-TV20823.docdoc 52253d5cc807567a8465a7cf37b1101897ed3c19596c3261041ce32593e2f467Virustotal results 23.73%Heodo
2020-09-04mes-2020_09_04-05291.docdoc f372c016209e74fc743edffac2666aff370e45615c65b28ec1ddb77efcbd87a0Virustotal results 23.73%Heodo
2020-09-04Inf-20200904-R20631.docdoc e265891012d31e17fb6e3c8029d29b874cc7fd9bfd6c0ad065560e291b7eab4dVirustotal results 23.33%Heodo
2020-09-04REP-2020_09_04.docdoc 8b8167f9f9f0fb034acba8cfca499300531ee06a2c9ee705d976d007bb636f21Virustotal results 21.31%Heodo
2020-09-04mes-20200904-BVM751536.docdoc f757b9a11463c3bb26ef5c9486e4ede7cd2899709fbbf17ba17042e2b75109e5Virustotal results 22.03%Heodo
2020-09-04arc 2020_09_04.docdoc 2be118d48f3e89cf53df13c43a01cdea40d8ffc9ed68e343636386badff6200dVirustotal results 22.03%Heodo
2020-09-04inf 20200904 FI75531.docdoc 4e3917d545fe670b0ea8dd1cf91701595c3cbe5ab87b5c53a826514778bad6f6n/aHeodo
2020-09-04MES 20200904 7141306.docdoc 425e52461ebc8d48bfd618d18286f0f60b45a26d89da4a25c07ea36cb359aeeeVirustotal results 41.67%Heodo
2020-09-04dat-2020_09_04-TKT465948.docdoc 44bd0a16a6f05906c4a20b9fdb23d798223e07db04cdbc4a4fb1adc219679627Virustotal results 38.60%Heodo
2020-09-04File_20200904.docdoc 4abe421f4bf82588ca7772c685416eab8133054e1ae9fcedc245167e272b6105n/aHeodo
2020-09-04Doc 2020_09_04 DOP743.docdoc acb81dc6508ccc95393a57308575ed700b2dca51e4f0658f6ce9dacfd214dd3fVirustotal results 40.68%Heodo
2020-09-04Dat-20200904-863.docdoc 0ff1c95a7d850d74903fb10610c4d99e54fd900d51cad0f2deda82e1122f403cVirustotal results 40.00%Heodo
2020-09-04Doc-20200904-X436756.docdoc a7f7db7e743de3993fe73005b54d739c61d8b922446cf434ecedcca82c63e922Virustotal results 40.00%Heodo
2020-09-04FILE-Q957.docdoc 05558fbc6250f15d45880b5ebfb3798d415fad3e982b503fd6b61e658d902aaeVirustotal results 39.66%Heodo
2020-09-04Rep 468404.docdoc ede8d998dc31e2c855d01100bae27909e6fad8672e5bb1e7afced120b025c6a4n/aHeodo
2020-09-04Untitled_2020_09_04_L8699.docdoc 6c3530951ad2bde0a96b5bda4698fb3638e360f5176d3f6aa4f9ea0570a3f45dVirustotal results 40.00%Heodo
2020-09-04Attachment-7550070.docdoc 4808444c5d5d505fcdfe5814913d92dea2c41dbd68018cff2817cabd134441a6Virustotal results 40.00%Heodo
2020-09-0498324GO-20200904-NQ862.docdoc 352ed1583217d011b59331d9df7069fb05bffbee3823ffe2603a5cd74f16b850Virustotal results 41.38%Heodo
2020-09-04UNTITLED_20200904_CGE901.docdoc 6fb9ee26a4d1cd44041b63fcb2e65e6a4e4b61ca73d4e847d56d47076abeb32eVirustotal results 40.98%Heodo
2020-09-04Attachments-627.docdoc 113f271d566b508aed976158e057211703fe30c314960665466fe58d9e08e50bVirustotal results 40.00%Heodo
2020-09-04UNTITLED-751.docdoc cbf75dba4c6b4f8cbcfb647112f9a0a4f8efb293526aea73ffebcd800379e08fVirustotal results 40.68%Heodo
2020-09-04dat-LWL459437.docdoc f9cb536060fce2bb170aa95f67947db48d9b7e43e2095dad2337eda509017040Virustotal results 40.00%Heodo
2020-09-043528_666743.docdoc b0eafc0cd064f11cf1aaea20c1f55afc0770f81b4a59723d453b1ea6f6dd276cVirustotal results 41.67%Heodo
2020-09-04Mes-0761.docdoc ed80367a721e5c5ea3048c5688d5b8446bfed75afd70f06932dd66e94a437a93Virustotal results 40.68%Heodo
2020-09-04mes 2020_09_04 2297.docdoc eaab7e71c3da44a79d28d2bef0582eeadb430df7d20febba2eed46323d6dd3eeVirustotal results 40.00%Heodo
2020-09-04FILE-20200904.docdoc 9fe427f893f6601d49765213f47af2ea3766457661b26cf705d4f30c267f3a73Virustotal results 40.68%Heodo
2020-09-04666_2020_09_04_78925.docdoc daa812c082d4d470cfad19c540bfc6ea7adbcd3859273af885dda81d2722e1e1Virustotal results 40.00%Heodo
2020-09-04Dat.docdoc ee7586771fa02df0ef18b9f88c3bb45135371e5f7a16f6304b1b500a99a0ca6en/aHeodo
2020-09-04MES_20200904_NQ11223.docdoc c9760ed3a6abb462e2d429280f83f0e912114c2b1923fa1fec74b3ee350afa78Virustotal results 40.98%Heodo
2020-09-04LIST_2020_09_04_6330.docdoc 40e46d87637cea2a6a20ca199855bdf702be9effdbbe4114bb50c812d1de9d4bVirustotal results 40.00%Heodo
2020-09-04list-20200904-MZ577.docdoc f5ace8d328883020ed6b37dfb50687886670fba064afbbbbf6e9e695ce35e490Virustotal results 40.00%Heodo
2020-09-04MES_20200904_IY04052.docdoc 479a6416cfb665d2d0f0b6e39d11282a0d31d799d87898d50f066e8d564808f6Virustotal results 36.67%Heodo
2020-09-03MES_GYC48960.docdoc 62f2e2f1e282bf930eaf8a31d9904112fa33e4c5bcb2d14f0efc91df5351ae54Virustotal results 36.21%Heodo
2020-09-03Arc_20200904_N92550.docdoc 5b1c5637bea570eeef52ff79044a41de92de4e33ddffcde3b3611bee6fc8e5b1Virustotal results 36.67%Heodo
2020-09-03Inf_2020_09_04_3114.docdoc d313ce8483aa86f33b4fb8f8eaf32cc9162fea1ecd980baf5fb9ae5ba1e2024cVirustotal results 33.33%Heodo
2020-09-03List 1007996.docdoc 9e3d362ff8dc1daec89813f11f73bac91ac2ee3f97f803fd413522874432ebb4Virustotal results 32.79%Heodo
2020-09-03140 20200904 304112.docdoc 939b166130d34042d2f4e49e43067b7670e409ae8dfe5e7d675160a838878230Virustotal results 31.67%Heodo
2020-09-03inf-20200904-B702.docdoc 93b78de73040a3429d67f551e6a789cd2a141185e4bdba2cb74d575346b169f8Virustotal results 31.67%Heodo
2020-09-03716MN_20200904_O8842.docdoc 10d9f95cbaae87c8e1ee5a2d4ed21022d9a419859eb29f5cb055497a345006a1Virustotal results 31.03%Heodo
2020-09-03File_20200904_D6775.docdoc eb96e6409fa3b1e2510201d45d3a629be387c1d50ca84645b13d0614702d7c62Virustotal results 30.51%Heodo
2020-09-03FILE_YM453619.docdoc 657e6e8ae1d0a5dd81e22e4c5966596510d091f0621e520d9f85c46ddad6f3b2Virustotal results 30.00%Heodo
2020-09-031348582_2020_09_04_SNI8868.docdoc 3c9f9e08bf1785b8c6c1fed306eb5e322fb63ea73a8d01a9fc83af4006d64008Virustotal results 31.03%Heodo
2020-09-03Inf_20200904_O946.docdoc 1acd260acd4f2daddcbb52022a1e342445482a1f4fbcec46d0351b82d0eb8d45Virustotal results 28.81% Heodo
2020-09-03rep.docdoc 4f5a405c856619a4ed5e618fd60249ffb0ec9437f94ba328f235c14375271a7bVirustotal results 29.31%Heodo