URLhaus Database

You are currently viewing the URLhaus database entry for http://osberatung.de/cgi-bin/http:/esp/HM7r90NdRX3oWK/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	453094
URL:	http://osberatung.de/cgi-bin/http:/esp/HM7r90NdRX3oWK/
URL Status:	Offline
Host:	osberatung.de
Date added:	2020-09-04 06:59:11 UTC
Last online:	2020-09-04 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-04 07:00:15 UTC to abuse{at}strato[dot]de)
Takedown time:	15 hours, 30 minutes (down since 2020-09-04 22:30:42 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-04	inf EH591953.doc	doc	e4006ffd7617f48dca3ed5e7220e159de2160b07f86452e1fcb7fa0f27ed1d9a	35.59%	Heodo
2020-09-04	Attachments-20200904-DVJ1975.doc	doc	24401840c0ce4a3b8e35bdf4f126f227be7487c4747c57f1bea55e0d488ade46	35.00%	Heodo
2020-09-04	Arc_20200904_5179339.doc	doc	d4416a6ff0dbbf8a60d1df15030c7eeaf6be3883b9f4df72bd6312eb84caa672	35.00%	Heodo
2020-09-04	85978571_064.doc	doc	0fd7dcfa200a1b0da02cc3578b15e97fdb192f4085d66ac383db864551155bff	35.00%	Heodo
2020-09-04	Rep-UW845841.doc	doc	60417a3fac59e91bb0031c7e6fc97a808021296c159f11631bc3ac3e34ec5603	n/a	Heodo
2020-09-04	file LOL399.doc	doc	36ffaaac1fb3d49840166459ad272836f1add6d89d8733c4245582048c7b55d3	n/a	Heodo
2020-09-04	Arc-20200904-9505175.doc	doc	3616487fc9577f23d340266d9936a2e2553b1b9c340d3217345e74a4af603666	28.81%	Heodo
2020-09-04	Rep-20200904-UO396856.doc	doc	ac6a5c2f72c10af857d73db327000d07f01f791fe6638c339362584fe1293a4f	28.81%	Heodo
2020-09-04	list_975.doc	doc	be6a2393d8d58557a21737649e0977851d793862f1b80f1d27a1ee2ee70b3154	30.00%	Heodo
2020-09-04	160_2020_09_04_834.doc	doc	d7452abd23b4d0a252d67436bea5f98b177d6d4a707ce10ce71852940cf97a3c	28.33%	Heodo
2020-09-04	REP 2020_09_04 0031160.doc	doc	533b65838696f229623a8367b9367b80001a7af8125899e324d550f4b4c64456	28.81%	Heodo
2020-09-04	mes-7806078.doc	doc	794287d8176f07c6943cc4ca303d03de2ec84b37ff7262e148c0451087177c86	27.12%	Heodo
2020-09-04	Arc 2020_09_04.doc	doc	cba83b613d73f634da924685c3cfdd701edddbc80bd28399548cbdee1e5f4df1	25.86%	Heodo
2020-09-04	Untitled-2020_09_04-MND031.doc	doc	e04a181d4f71e29d0e1dd60e7ddaa50e20047dff94667fefcd0f582f5e3203a3	n/a	Heodo
2020-09-04	File-FAA8050.doc	doc	3b8964cde0e41b835a06f77a2d1834dac132f78cdebaf8b6e89214daf39b8752	n/a	Heodo
2020-09-04	list_639.doc	doc	c27583344f73b13cb65d7c3cd67e313618cc794ef5b48f1db3e39adde0dd90c9	25.42%	Heodo
2020-09-04	Arc_2020_09_04_827352.doc	doc	52a1f3085fece2adb5e447183da5a37ab0c90019b2237702ce65ead6ba03cf96	23.73%	Heodo
2020-09-04	22158605_279.doc	doc	f7347d7eb634ea2c2bdeb69d026c099ca12acf563a5b6681e6467ce9c7260619	n/a	Heodo
2020-09-04	Attachment 2020_09_04 1663.doc	doc	6b6138015363422437174a3e66d6fe9830722c6af61b695c5bef3200fe97a98b	21.67%	Heodo
2020-09-04	INF-21037.doc	doc	eae2a3c4e7a60e5476ac2c92926540cf3c70568a318f1a20a996ebeb53e8749b	26.67%	Heodo
2020-09-04	YQ7611-2020_09_04-1204729.doc	doc	8f5f4ee85f4ddec3e575c12be4dc7594cb6d941c85bd06c9467e917a9d6a04f4	27.12%	Heodo
2020-09-04	arc_20200904.doc	doc	8c4a8a1c7d4ddbfd0b727a5f169b6bc78e7997fd2b0947299d663a215bb3a9d9	27.12%	Heodo
2020-09-04	file-AHW78453.doc	doc	ca900ae40752b2a78feb23b6d8c3f29f674621fc5a6d90b99c3f2f2c6efbe075	n/a	Heodo
2020-09-04	DAT_20200904.doc	doc	9896f6412623c9c75887ccf147bc7461f10527fbfb3463272f2086e56cc0b645	26.67%	Heodo
2020-09-04	MES-2020_09_04-5396372.doc	doc	fd0d939541eb264d595d05201e003f4665e42c0066e74a244579ea23b2b9deea	27.12%	Heodo
2020-09-04	file_2020_09_04_CO028860.doc	doc	76edab16c0826931fc12090a44f6f773625fba9165acd2459a0e27eeabe00cee	26.67%	Heodo
2020-09-04	DAT 2020_09_04 C9243.doc	doc	4dd07b5f70becd9fa1cd8ebbb833f449c200db06f39d962f13d96d55f4e61802	23.73%	Heodo
2020-09-04	UNTITLED_2020_09_04_658329.doc	doc	e514ee40aaf58363f83b55c5bb9e01e591be5d5fbea0402363bfe659405e331a	n/a	Heodo
2020-09-04	file.doc	doc	2f0f9e8cde5b53aa80b32d713adc28fff055196706c5e13da4e760a06873daff	23.73%	Heodo
2020-09-04	Attachments 2020_09_04 XDY13568.doc	doc	bfc004f7ac8d0c2e241dc8086e3e58fb542fcc47b5114ab614fa893199328acf	23.73%	Heodo
2020-09-04	rep 20200904 U72963.doc	doc	6e80f8c0bcada5875b9aeb8c66983961fcf02d5d34173f58dc2a8834db676703	n/a	Heodo
2020-09-04	mes.doc	doc	47942152b879136b37f93a091fdc0995ae8dc63870ec7644620fc97205c8aa51	23.33%	Heodo
2020-09-04	Attachments.doc	doc	f372c016209e74fc743edffac2666aff370e45615c65b28ec1ddb77efcbd87a0	23.73%	Heodo
2020-09-04	dat-90629.doc	doc	d9c975b6db619552db6df9461b3c0947dbeb829698591386f2c86994a414e005	23.33%	Heodo
2020-09-04	arc Z66399.doc	doc	dd4feaa43e89898264a8512b2339c67fb1207b97e5c6c216fe656ff6234c0098	n/a	Heodo
2020-09-04	list-2020_09_04-B7370.doc	doc	d38918707adc1b43963df18c7c3483e35cb906f58221fbe54adcbf770706feaf	21.67%	Heodo
2020-09-04	Rep-20200904-W841846.doc	doc	a116a068131b7ef0d015c07614c3e6f346f604fd7d9b5b974b9f09a997916732	44.07%	Heodo