URLhaus Database

You are currently viewing the URLhaus database entry for http://uhren-lehmann.de/cgi-bin/http:/paclm/kPJNTV2KSva/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	453088
URL:	http://uhren-lehmann.de/cgi-bin/http:/paclm/kPJNTV2KSva/
URL Status:	Offline
Host:	uhren-lehmann.de
Date added:	2020-09-04 06:59:06 UTC
Last online:	2020-09-04 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-04 07:00:12 UTC to abuse{at}strato[dot]de)
Takedown time:	10 hours, 53 minutes (down since 2020-09-04 17:53:35 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-04	file-20200904-952.doc	doc	403170a4ca043be478bde432c994bc04e0ec0bb95f4d457928890829a998e46a	35.00%	Heodo
2020-09-04	Dat-0352161.doc	doc	5f507662f25de9c594d9c295a8fcd49bab262c3b83c2a470ca2a0303834b57d1	35.00%	Heodo
2020-09-04	rep 2020_09_04 K8574.doc	doc	4f574c1f2f33241e9d1d44b74075d96778a9a152808b8c397f19a51c1b16ab2d	33.90%	Heodo
2020-09-04	45818VQ_2020_09_04_VT903.doc	doc	0beda050f3d53272adb6212a1cb59024a6b126a0dfe9cbf0e8f5ec32b133a8c9	35.59%	Heodo
2020-09-04	List-926459.doc	doc	fbaa65a02cf8c771c0cf3656084a8b4168750f336ef53130fc96a219ce9dc121	35.00%	Heodo
2020-09-04	Untitled ME544122.doc	doc	7ba727e56ef8d6bd90965dcbe4450880fd516019d4c10f8a5d101541aa883dfa	35.00%	Heodo
2020-09-04	921 2020_09_04 2431.doc	doc	ff21a2ec6d99469e4b92b0e12a00fde35952edf0f9d9d296eb4a9f5ec13d2a49	26.67%	Heodo
2020-09-04	MES-20200904-164.doc	doc	088de2c93ca2a5d1c4e17cab469aa2ea619a58e4c03c744b338f74787e4dca86	30.51%	Heodo
2020-09-04	FILE_5650334.doc	doc	9b5118c972be1fdccab96caaa3644530d5a73cefcb8b7a048497c43b3e1867da	n/a	Heodo
2020-09-04	Untitled 86332.doc	doc	2b92a083d78d4854c3fa6ee427357e1a0c4f3b5fc4b22546712e350870b77c45	28.33%	Heodo
2020-09-04	REP-QY199.doc	doc	d7452abd23b4d0a252d67436bea5f98b177d6d4a707ce10ce71852940cf97a3c	29.31%	Heodo
2020-09-04	rep.doc	doc	7160ce21f102d1b919bee53947094d83fd11055b2eadb90b11d5923498d504c3	29.31%	Heodo
2020-09-04	Doc-2020_09_04.doc	doc	fe8b0f5cf9354ea102596195bbbf5947c2103a393c585873166112b4734d3169	27.59%	Heodo
2020-09-04	dat_20200904.doc	doc	794287d8176f07c6943cc4ca303d03de2ec84b37ff7262e148c0451087177c86	27.12%	Heodo
2020-09-04	Attachments_20200904_1803626.doc	doc	ed63266e67ad9944d1501d2221c8390e1585ed5aed9397212441db07dea0b7e9	25.42%	Heodo
2020-09-04	MES-089151.doc	doc	22541ac301b5c8fdf15f74cc06df0c5a237bfe5593f910699acdaa3ae869edd9	23.73%	Heodo
2020-09-04	216SWR.doc	doc	05d812b5dacd80bc461304d3f5e745b7522bf28e626b1e1e5ce3b864ebf64f35	25.42%	Heodo
2020-09-04	LIST-20200904-10744.doc	doc	2e6992209a57f96c89556ed36c0e872bf312cc0e79e673c6888fe3b263c1ce06	23.73%	Heodo
2020-09-04	file 2020_09_04 W60886.doc	doc	f7347d7eb634ea2c2bdeb69d026c099ca12acf563a5b6681e6467ce9c7260619	n/a	Heodo
2020-09-04	ARC 20200904 WT918.doc	doc	0348b2d84a9245b99853803db4a5d8a6bb6b89ba2b30d2d201dffbe97b718d82	21.31%	Heodo
2020-09-04	LIST_CP664280.doc	doc	5e01f376491f37354db3791f6ec1c53893e852d5874971655f2b8c0c9bfa35cd	20.34%	Heodo
2020-09-04	LIST-20200904-HJ0679.doc	doc	1c67628b01a329488b609ce13ceba3610a0d79cfe6bdb3d6750f714ffc97f27f	27.59%	Heodo
2020-09-04	Arc-2020_09_04-3410.doc	doc	1fd6598e530c78964c40e2d283b7eb345c92f4c161ca5f5254ec469366603439	26.67%	Heodo
2020-09-04	doc_418.doc	doc	ca900ae40752b2a78feb23b6d8c3f29f674621fc5a6d90b99c3f2f2c6efbe075	26.23%	Heodo
2020-09-04	Mes-8938448.doc	doc	9896f6412623c9c75887ccf147bc7461f10527fbfb3463272f2086e56cc0b645	n/a	Heodo
2020-09-04	list-20200904-6582575.doc	doc	fe091cf9eba180793119db32fe94d4816c743d95fe73f73f8f8a11df2cd0aade	27.12%	Heodo
2020-09-04	Mes_20200904_641392.doc	doc	9da9e2af16844a3b0fc49e496b6a88773ebb122ac1471d654d696c4417c6c5d7	26.67%	Heodo
2020-09-04	Arc_Q3214.doc	doc	e514ee40aaf58363f83b55c5bb9e01e591be5d5fbea0402363bfe659405e331a	25.00%	Heodo
2020-09-04	arc 20200904 LHE981592.doc	doc	35eae4bf4a4e774e6e01de12b1358e0b431ba0b625952ca4b650849e31cfb1f8	23.33%	Heodo
2020-09-04	140P_20200904_4859.doc	doc	2f0f9e8cde5b53aa80b32d713adc28fff055196706c5e13da4e760a06873daff	23.73%	Heodo
2020-09-04	File-2020_09_04-Z738691.doc	doc	bfc004f7ac8d0c2e241dc8086e3e58fb542fcc47b5114ab614fa893199328acf	n/a	Heodo
2020-09-04	inf-20200904-J799731.doc	doc	6e80f8c0bcada5875b9aeb8c66983961fcf02d5d34173f58dc2a8834db676703	n/a	Heodo
2020-09-04	doc_330.doc	doc	741df8375c604df23cb9cc5bdbc6373f0b74df334fe2efd60bd6df7c5a398b65	22.03%	Heodo
2020-09-04	Mes 20200904 407417.doc	doc	47942152b879136b37f93a091fdc0995ae8dc63870ec7644620fc97205c8aa51	23.33%	Heodo
2020-09-04	Rep_JCW74658.doc	doc	d9c975b6db619552db6df9461b3c0947dbeb829698591386f2c86994a414e005	23.33%	Heodo
2020-09-04	MES-20200904-0738805.doc	doc	8b8167f9f9f0fb034acba8cfca499300531ee06a2c9ee705d976d007bb636f21	21.31%	Heodo
2020-09-04	Attachments_2020_09_04.doc	doc	970e16cc8aabea583a577bb3ca6a50b795357231ff02822fafb8aa7dd143667f	n/a	Heodo
2020-09-04	MES 2020_09_04 267561.doc	doc	59dca4cb54c947789abfb907c7c1ac28d15ad9883a693d5d3b56654c75bd5d8c	n/a	Heodo