URLhaus Database

You are currently viewing the URLhaus database entry for http://qualitysale.de/cgi-bin/http:/OCT/gQWoTboPyX1kRTeqi/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:453077
URL: http://qualitysale.de/cgi-bin/http:/OCT/gQWoTboPyX1kRTeqi/
URL Status:Offline
Host: qualitysale.de
Date added:2020-09-04 06:33:04 UTC
Last online:2020-09-04 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-04 06:34:11 UTC to abuse{at}strato[dot]de)
Takedown time:15 hours, 13 minutes Good (down since 2020-09-04 21:47:54 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-04Attachment_20200904_946722.docdoc 60417a3fac59e91bb0031c7e6fc97a808021296c159f11631bc3ac3e34ec5603Virustotal results 28.81%Heodo
2020-09-04Inf_2020_09_04_E43216.docdoc 3616487fc9577f23d340266d9936a2e2553b1b9c340d3217345e74a4af603666n/aHeodo
2020-09-04Untitled 056.docdoc ac6a5c2f72c10af857d73db327000d07f01f791fe6638c339362584fe1293a4fVirustotal results 28.81%Heodo
2020-09-04Doc_20200904_SNX65960.docdoc 2b92a083d78d4854c3fa6ee427357e1a0c4f3b5fc4b22546712e350870b77c45Virustotal results 28.33%Heodo
2020-09-04Attachment 20200904 622.docdoc ba82dfa2da1757e5cb6ed6f9bb2d2c820d055dbab664b798475fd4a94d8476b9Virustotal results 28.81%Heodo
2020-09-04arc 20200904.docdoc c3850d62a95518f0ec62ce9f3f83163aa67b240ac7b21a8b6e1bf5e24005a4d0Virustotal results 28.33%Heodo
2020-09-04ARC-6899910.docdoc 794287d8176f07c6943cc4ca303d03de2ec84b37ff7262e148c0451087177c86Virustotal results 27.12%Heodo
2020-09-04Doc_2020_09_04_YO362287.docdoc ed63266e67ad9944d1501d2221c8390e1585ed5aed9397212441db07dea0b7e9Virustotal results 25.42%Heodo
2020-09-04MES_AZ67417.docdoc 70cc4a26d40d9e224b57ee8a33fcdc4d45006e8d9c3fba8a851d735ae5cc1bf3n/aHeodo
2020-09-04LIST.docdoc 22541ac301b5c8fdf15f74cc06df0c5a237bfe5593f910699acdaa3ae869edd9Virustotal results 25.42%Heodo
2020-09-04mes_20200904_1972386.docdoc c27583344f73b13cb65d7c3cd67e313618cc794ef5b48f1db3e39adde0dd90c9n/aHeodo
2020-09-04File_IOO38498.docdoc beb360bbf4f0bf929e1a8d6e734b006c12269cf4e034909c884cbdd8a9374c65Virustotal results 21.67%Heodo
2020-09-04LIST 2020_09_04 VNR623.docdoc 29ffe94790ecabfa236c6b248a97808417fc07a48c0460dc56eac0c1820b0182Virustotal results 22.03%Heodo
2020-09-04S48515 20200904 PTE692.docdoc 0348b2d84a9245b99853803db4a5d8a6bb6b89ba2b30d2d201dffbe97b718d82Virustotal results 21.31%Heodo
2020-09-04INF_P683538.docdoc 0b32acf0a3322fe655fc8ea7251ece0b782a819ae84d5819cbd4f1e2ce7fb031n/aHeodo
2020-09-04REP 2020_09_04.docdoc 1c67628b01a329488b609ce13ceba3610a0d79cfe6bdb3d6750f714ffc97f27fVirustotal results 27.12%Heodo
2020-09-04REP_2020_09_04_DJZ4100.docdoc 8c4a8a1c7d4ddbfd0b727a5f169b6bc78e7997fd2b0947299d663a215bb3a9d9Virustotal results 27.12%Heodo
2020-09-04ARC-2020_09_04-XN217187.docdoc 57f3008f32e87ac39577db793a7b1137b95ef8f7423e8e6857da223f9969240dVirustotal results 26.23%Heodo
2020-09-04QD524 FBF278546.docdoc 9896f6412623c9c75887ccf147bc7461f10527fbfb3463272f2086e56cc0b645Virustotal results 26.67%Heodo
2020-09-04arc 20200904.docdoc b6c9ea0c6311713092b07d9f28b5b798d84789c78cba9ce6f80d967cfec02942Virustotal results 26.67%Heodo
2020-09-04Untitled-FE70249.docdoc 76edab16c0826931fc12090a44f6f773625fba9165acd2459a0e27eeabe00ceen/aHeodo
2020-09-04REP 20200904.docdoc f4eef88ac43280e02a24cc1884948db72e774e323c3b58c2effa0d72e45b3f0fn/aHeodo
2020-09-0435227BR-86050.docdoc e514ee40aaf58363f83b55c5bb9e01e591be5d5fbea0402363bfe659405e331aVirustotal results 25.00%Heodo
2020-09-04inf_F592.docdoc 35eae4bf4a4e774e6e01de12b1358e0b431ba0b625952ca4b650849e31cfb1f8n/aHeodo
2020-09-04Mes T76998.docdoc bfc004f7ac8d0c2e241dc8086e3e58fb542fcc47b5114ab614fa893199328acfVirustotal results 23.73%Heodo
2020-09-04arc_WR455.docdoc bfa8973f2e13b6e793f43e4c1d1b68e81e7928903e0f8edf9fd3b146ee1cb9f1n/aHeodo
2020-09-04FILE 20200904 CIB9535.docdoc 12f0fe0be2051b0b2db3468b20798d7813c859384af5be7c18845165d1bc9240n/aHeodo
2020-09-04Inf-O166907.docdoc 20c2046e2adf35a55ffe9f2c18069d578882d4225b49533e7e3e48f1c04cce09n/aHeodo
2020-09-04INF_2020_09_04_523245.docdoc d9c975b6db619552db6df9461b3c0947dbeb829698591386f2c86994a414e005Virustotal results 23.33%Heodo
2020-09-04mes ZE3225.docdoc 8b8167f9f9f0fb034acba8cfca499300531ee06a2c9ee705d976d007bb636f21Virustotal results 21.31%Heodo
2020-09-04Dat 20200904 FO256221.docdoc 1b9de5149166550851ee26d1ff101cb636ab70e0162faf31397c1b3d9efb8ac5Virustotal results 21.67%Heodo
2020-09-047571-20200904-7284080.docdoc 2be118d48f3e89cf53df13c43a01cdea40d8ffc9ed68e343636386badff6200dVirustotal results 22.03%Heodo
2020-09-04DAT 20200904 B422.docdoc 425e52461ebc8d48bfd618d18286f0f60b45a26d89da4a25c07ea36cb359aeeeVirustotal results 41.67%Heodo
2020-09-04File-835965.docdoc 44bd0a16a6f05906c4a20b9fdb23d798223e07db04cdbc4a4fb1adc219679627Virustotal results 41.67%Heodo