URLhaus Database

You are currently viewing the URLhaus database entry for http://kedenburg.de/cgi-bin/https:/public/j4E1pYUpOR1fYwGHbNtu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:453201
URL: http://kedenburg.de/cgi-bin/https:/public/j4E1pYUpOR1fYwGHbNtu/
URL Status:Offline
Host: kedenburg.de
Date added:2020-09-04 10:31:10 UTC
Last online:2020-09-07 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-04 10:32:13 UTC to abuse{at}strato[dot]de)
Takedown time:2 days, 22 hours, 45 minutes Poor (down since 2020-09-07 09:18:10 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-04dat-500.docdoc 6679f5b0900d978a3f0c3c6e101bb18ef6a043de0a83d202f80c4cd6c77a2378Virustotal results 35.00%Heodo
2020-09-04REP 736.docdoc 4500dc04802c13fe7026076c983b30e2762694f15df4a35bec777b09e64b899dVirustotal results 36.21%Heodo
2020-09-04INF_2020_09_04_8679.docdoc 95718b95b1e8732ffb58a93557e44c7e7f99a0dec4ab200ad2ffa83e6b455780Virustotal results 36.21%Heodo
2020-09-0487063756 2020_09_04 TIG544.docdoc 380c46aa7a6ebfb32b4e005930aa368ca90386ecf02e2587a0c6f035569df404Virustotal results 35.59%Heodo
2020-09-04inf Z26553.docdoc a49d6ff985f57e4d6e09893b343f97b9da664ae8c0b7c0e95f18f1a8f119f1a8Virustotal results 35.00% Heodo
2020-09-04Mes_5803.docdoc 113c8c78cdad0ed438501117f87ca9b0d52b672ddd8b015284541ded516827e6n/aHeodo
2020-09-04284CX 20200904 J466976.docdoc cc4f7c86201d0618e4cc76f2030913800e738cb4a46496daa65e8f3507b3e12dn/aHeodo
2020-09-04REP_20200904.docdoc 403170a4ca043be478bde432c994bc04e0ec0bb95f4d457928890829a998e46aVirustotal results 35.00%Heodo
2020-09-04File 2020_09_04 VKV56424.docdoc 5f507662f25de9c594d9c295a8fcd49bab262c3b83c2a470ca2a0303834b57d1Virustotal results 35.00%Heodo
2020-09-0467262937-20200904-YEO64868.docdoc e4006ffd7617f48dca3ed5e7220e159de2160b07f86452e1fcb7fa0f27ed1d9aVirustotal results 35.59%Heodo
2020-09-04FILE-0177.docdoc 0cac10e553ca0da14b7f6e1bf4c0586be92226b4edb922d9d7a79fd366142df8n/aHeodo
2020-09-04list-20200904.docdoc d4416a6ff0dbbf8a60d1df15030c7eeaf6be3883b9f4df72bd6312eb84caa672n/aHeodo
2020-09-04Arc_2020_09_04_YTC206152.docdoc 482e43557c2b67031f8b9141f11291ebb6d9fa946193ab1287ef2010ab18b462Virustotal results 26.67%Heodo
2020-09-04ARC 20200904.docdoc 20f0a0ba4cd0dac615e918dd489d36a9dbe9da8eccd28074379ccb9297f44202Virustotal results 30.00%Heodo
2020-09-04INF 3151.docdoc 088de2c93ca2a5d1c4e17cab469aa2ea619a58e4c03c744b338f74787e4dca86Virustotal results 30.51%Heodo
2020-09-04mes_C432.docdoc 9c82f57cbccf6ba04020fd7828aff371796a2f69e908f5ecf8c25d921a13abf6n/aHeodo
2020-09-048043091 2020_09_04 37768.docdoc be6a2393d8d58557a21737649e0977851d793862f1b80f1d27a1ee2ee70b3154n/aHeodo
2020-09-04Doc-7338.docdoc ba82dfa2da1757e5cb6ed6f9bb2d2c820d055dbab664b798475fd4a94d8476b9Virustotal results 28.81%Heodo
2020-09-04List_20200904_6857520.docdoc c3850d62a95518f0ec62ce9f3f83163aa67b240ac7b21a8b6e1bf5e24005a4d0Virustotal results 28.33%Heodo
2020-09-04REP_20200904_S684443.docdoc 794287d8176f07c6943cc4ca303d03de2ec84b37ff7262e148c0451087177c86Virustotal results 27.12%Heodo
2020-09-04File_20200904_L9818.docdoc 4f1efb479047eb160b579acb41f5f020b5c98546b837d8f74862d98ffef4840cVirustotal results 25.42%Heodo
2020-09-04ARC-2020_09_04-8077.docdoc 3b8964cde0e41b835a06f77a2d1834dac132f78cdebaf8b6e89214daf39b8752n/aHeodo
2020-09-04file 20200904 CAD6044.docdoc c27583344f73b13cb65d7c3cd67e313618cc794ef5b48f1db3e39adde0dd90c9n/aHeodo
2020-09-04file-938.docdoc 2e6992209a57f96c89556ed36c0e872bf312cc0e79e673c6888fe3b263c1ce06Virustotal results 23.73%Heodo
2020-09-04dat_20200904_G416.docdoc f7347d7eb634ea2c2bdeb69d026c099ca12acf563a5b6681e6467ce9c7260619n/aHeodo
2020-09-04LIST-2020_09_04.docdoc 85bfcf83a2189cecee6fa6a8afbbed1f9986025e4783fda2ae91921c38e8b2c7Virustotal results 21.31%Heodo
2020-09-04Dat-20200904-306.docdoc a3a6ac7d192be2e1805c8322a5902acff68c4ed635490764dff2be34287a7b6fVirustotal results 26.67%Heodo
2020-09-04LIST 20200904 49987.docdoc feeb5bbd5f395644d93d971b4f704d098364e1ab526f6f0a8ce14d95e5be7a5eVirustotal results 25.00%Heodo
2020-09-04dat-779661.docdoc 8c4a8a1c7d4ddbfd0b727a5f169b6bc78e7997fd2b0947299d663a215bb3a9d9Virustotal results 27.12%Heodo
2020-09-04Dat 20200904 734.docdoc 2ccde651fa61c7cd21ea8fde6ff8dbbd3945693f2e19a1ee1feebf25294199cfn/aHeodo
2020-09-04MES-2020_09_04-R67436.docdoc dd91e0f54696016ac33f44dbbabf15a089d0d2685b7e468529013e86c9522a99Virustotal results 27.12%Heodo