URLhaus Database

You are currently viewing the URLhaus database entry for http://ctopp.de/cgi-bin/http:/OCT/9FsIRX0egi/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:501808
URL: http://ctopp.de/cgi-bin/http:/OCT/9FsIRX0egi/
URL Status:Offline
Host: ctopp.de
Date added:2020-09-14 19:35:39 UTC
Last online:2020-09-15 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-14 19:37:22 UTC to abuse{at}strato[dot]de)
Takedown time:13 hours, 8 minutes Good (down since 2020-09-15 08:45:30 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-15doc-2020_09_15.docdoc f0f532b83c512e60370f4f66cfdcb7e11d1e2dd7eff883fb220bb128a215947dVirustotal results 23.73%Heodo
2020-09-15REP 2020_09_15 EH987.docdoc f97694da71b6d09abe7dce7e990340e1328b1e9647d6052cc2154065460f9d39Virustotal results 24.14%Heodo
2020-09-15UNTITLED-20200915-UEA57097.docdoc 8b2013ca811304eb6da971681eb1329b0442436f50f2931ca034fb3671b63af6Virustotal results 23.73%Heodo
2020-09-15file 20200915 5901083.docdoc 117ff974263e5ba8d7be16655458ab34722982734adac8b03d62ba9c0f8b6078Virustotal results 22.81%Heodo
2020-09-15INF-M710.docdoc 477c395b9e8ff0dbc9e1be2bc00fc237cd22130edf50168630af4a01c2bfde34Virustotal results 23.73%Heodo
2020-09-151378UM_2020_09_15_DH4403.docdoc b616ed063c3bd9e92331aeb05899b7ae31bf5e63b94c02e720e3a73fb584b477Virustotal results 47.46%Heodo
2020-09-15175205 20200915 SP6850.docdoc 6c6225685c94dc3731580b64ecab9c502b1a89defe6a0ac2c3d3ddb2726f9a65Virustotal results 47.46%Heodo
2020-09-15UNTITLED-2020_09_15-W3120.docdoc cf00026bf61471406d94a2ed4f58ba5c40cd51ce11251ee4e9699e8705915253Virustotal results 49.12%Heodo
2020-09-15UNTITLED_3136075.docdoc e0aad52f9de4512023a6d55564583a80a0c187c213055d7ae3f5c47da8d5d7ddVirustotal results 50.00%Heodo
2020-09-15mes-19782.docdoc 3e868560d166d6558acd1e5a23b2c695fbeaa76a900377c8da768ac562d17343Virustotal results 45.76%Heodo
2020-09-15File_2020_09_15.docdoc d4c9555b63b03bb49ef48c18edd3d1e1dc33617c56a00505f470823f6de5c394Virustotal results 45.76%Heodo
2020-09-15Inf 2020_09_15 XF079797.docdoc f15af8515126fa73c26c783a07b7b8102603af53319a2148b073ceefed8de267Virustotal results 46.55%Heodo
2020-09-15Doc 2020_09_15 645114.docdoc fc660ee423a47e5bfab7297baf2765d0d511c0880936244b14b5ef3cb786f10fn/aHeodo
2020-09-15Rep_20200915_COD311124.docdoc ced3e5fdf4b4632f136fe21e7a32deedb1bada34b697b4daf4fecc7063ab961bn/aHeodo
2020-09-15FILE_20200915_FR182.docdoc f17e30fcbb606a053ce0672cdff6f8b3402fb01346e7753abfd3add6f6fdfca4Virustotal results 42.37%Heodo
2020-09-15file-2020_09_15-394923.docdoc a5fe34f4f59c550793d6e628deeb7b0e77273be63dd3d68f950edcbbb2cc0d5cVirustotal results 43.33%Heodo
2020-09-15REP_2020_09_15_7279.docdoc 89966dd362b436e2a9f2c8c60424c4d6c29197c7001146a71acdf9e29600a348Virustotal results 38.98%Heodo
2020-09-15dat 2020_09_15 5745.docdoc af77b6d2c8b4ac5dd458b68e927c7ff84ed97c517498254d74eec800e9699b1an/aHeodo
2020-09-15Rep 4961592.docdoc 9ce006bb0e752354b2374803060115dedb3f8239567d4bfa6a2a027a74bd9b9bVirustotal results 38.98%Heodo
2020-09-15INF_20200915_3126097.docdoc e62e3ce49ce000faa67e3529b416113429d8e50c9a9a316886406f56e1a1bcf7n/aHeodo
2020-09-15doc 15112.docdoc 0b92085e3fef4b9cb196fb9a8e9bf64d4eb8664184ea2bdf46132abfa7f72a3fVirustotal results 38.98%Heodo
2020-09-15list 2020_09_15 W145.docdoc 7f270bf002e459e860698dbefae6fed9ece80b03830e5fc6bb156d2c5cd8f65fVirustotal results 40.00%Heodo
2020-09-15Attachments 20200915 LWT9405.docdoc 0fd1ea9df6c248cc1ef6ac65fc534db5ffb946cd912f8199503dd93fecbda5c0Virustotal results 39.66%Heodo
2020-09-15inf-20200915-QZA620214.docdoc c247ddf966fd2c2df2ffec2956e4798990741e8b0f7d121639bdd06fa98053deVirustotal results 38.98%Heodo
2020-09-144881Y 20200915 6102955.docdoc e16c524a4a5cdb8c78cf9413fda5b88385057a9f97e2a5c080f8c015fe1fa9e9Virustotal results 39.66%Heodo
2020-09-14Arc-2020_09_15-9238852.docdoc 353654c4a8d65e5878b00c7943ee5d2e19e6438c31bd949ad16452496ca627e0Virustotal results 37.93% Heodo
2020-09-14list_2020_09_15_474.docdoc 31cb6a8ec9ce8ce2ebb46aac51b43ce430c9d10d0ca1c7a98c671876457d2b02Virustotal results 38.60%Heodo
2020-09-14Untitled 2020_09_15.docdoc b842862b97e1bb3bf480e0edfa445124eb165f8b8c6208cdc3b40a25acd5c103Virustotal results 33.90%Heodo
2020-09-14ARC 20200915 SAU135.docdoc a3a4f5d06a54aa6e83e1cbb72c3f5d88950eb21fbf597d45bfb817fad8282f4bn/aHeodo
2020-09-14List-U74207.docdoc bb9d70097d986e6230a4cd39c7869a818c10a52574d3a7332db4fe1003d053d7n/aHeodo
2020-09-14Untitled AY32403.docdoc c53c6133584f62450a5d677c4e6b4d952099b50b10e90ed26e6a52053e476b1aVirustotal results 28.33%Heodo
2020-09-14dat 2020_09_15.docdoc 277b639551f761697d900d716ba951fb009a6946c9b45b9996d34445eb6bdd0fVirustotal results 27.59%Heodo
2020-09-14LIST 20200914 683632.docdoc f4c878657ae6b4e7739b6a3da75dd297c2807e070430e1ead9ada6a845efce73n/aHeodo
2020-09-144797_0306209.docdoc 46d68a20538c6593745ee8e77fab9dfc98fd184dbeb43fb35f0858b2e5f1bf79Virustotal results 25.42% Heodo
2020-09-14dat_180504.docdoc fe97e6888a6d15f734ad3dc205b5d6dfbda80116eb40473a63af913888890e7bn/aHeodo
2020-09-14rep 20200914 IGH0233.docdoc c9c354820f02ae6dfc24e0ec2bffe39a23788c33f0a7022088bfdb17980038e0Virustotal results 25.42%Heodo
2020-09-14doc_9244282.docdoc f15c1fb0ec48fcd1c8071b42da76037089d88aadb78c7fcd64ce6fa845c0e765Virustotal results 25.42% Heodo
2020-09-14UNTITLED_2020_09_14_IJ503466.docdoc c04d53318d6727682e77638d17a7d9563f9040c46a9a426576349dba7acec4ddVirustotal results 25.42% Heodo