URLhaus Database

You are currently viewing the URLhaus database entry for https://pronachfolge.de/cgi-bin/parts_service/uzAAOM2OezD2VYBkzzm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:558477
URL: https://pronachfolge.de/cgi-bin/parts_service/uzAAOM2OezD2VYBkzzm/
URL Status:Offline
Host: pronachfolge.de
Date added:2020-09-18 17:38:04 UTC
Last online:2020-09-19 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 17:40:57 UTC to abuse{at}strato[dot]de)
Takedown time:15 hours, 34 minutes Good (down since 2020-09-19 09:15:56 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19mes-2020_09_19.docdoc 9ad2fe8f74ea62256c9ad4c199d69c91b8c76f9a605cb5c038fcbec9d0e85054Virustotal results 22.03%Heodo
2020-09-19mes.docdoc 03caf29484a047db9c68e15e6117f665c59b1cc6ea7cdacba9042f80149861b9Virustotal results 22.03%Heodo
2020-09-19REP-20200919-89936.docdoc d28151cda4058aa8e8c1175ab6fea760c7c6812f758570a50fca1ad2b52eea2eVirustotal results 23.73%Heodo
2020-09-19DAT-2020_09_19-YV934532.docdoc cab5f70f9a6d1f300828e8c715696273befca7a141ca5e75b69b5a408ee432b2Virustotal results 30.51%Heodo
2020-09-19Arc.docdoc 8065f24a60e594dd6166d1474692a8497b370ea658769bea254a65eff805ca26n/aHeodo
2020-09-19MES_20200919_3523548.docdoc 7d635d13a89e28fd6b0237c35f566e2be9502c55ae2dee5b94c1b5281c018152n/aHeodo
2020-09-19Untitled-2020_09_19-NFK2180.docdoc 1d13a0fe58c9b38ffc4121ee00cb8c1c7bd55d755cc87f610fb1a3c306204474n/aHeodo
2020-09-19mes-2020_09_19-R951391.docdoc 2ec44c17b6b065e7bf34a965fe298674f2d0089335d479b0a504ca375f0d0c1bn/aHeodo
2020-09-19Rep T564690.docdoc 13431cff4346b87ec1e099ca8da43a0b6b7dca250d9c69bbc46b8f28dd09a68en/aHeodo
2020-09-19Inf-20200919-SII89054.docdoc 006e64b6cfe2567e6bc6685453e8009b6b2bee02a0ce99713266b04087241d0cn/aHeodo
2020-09-19dat_2020_09_19_745.docdoc 0b20a73da9e858ca63b3e038817d2cd82a98535eb4ed6c1dbb214e3e066bede2n/aHeodo
2020-09-19arc 20200919 RL501.docdoc 48eb7810be7073be627369d41227071fd89b859692c501707fdbfce2300e42fcn/aHeodo
2020-09-19Dat 2020_09_19 WH913.docdoc 75e37e5c3591743af109482748f2a48e550f1a9d767316a8cece66fb4fe8c222n/aHeodo
2020-09-19UNTITLED_20200919_397.docdoc e0343838dbe81e4a9395924017c0f16a9a100c8f03f14eb75fc8be10c72edd60Virustotal results 22.03%Heodo
2020-09-19List 149.docdoc 7da90a568b11f5619217fc3f607646d3fba7a56ef64303b2ab72b8751d9308fcn/aHeodo
2020-09-19Attachment 2020_09_19 024106.docdoc 59ee3757e66be242efc0972dd6c65966fd25efedac6d7183bf2ebb22f73ed835Virustotal results 22.03%Heodo
2020-09-19doc_MZZ500.docdoc a6d4e72568e642cf4b7ebface0d1efd59bb14b348af845c74bd132af71733f53Virustotal results 23.73%Heodo
2020-09-18MES-20200919.docdoc 000dd08101567f408a0ee2b7d095d3baa02f532ed3839f66b60b9d64ce065d17Virustotal results 22.41%Heodo
2020-09-18dat 2020_09_19 4011456.docdoc 7e37d762b881d0b1d6897e3d3c7ae449bebad8d250e6573923944ad8c0c22c28n/aHeodo
2020-09-18INF 894.docdoc 1b92e7710017ee24f07eb3119de1f3556bc53d686201c428cf4538d133fa8fa7n/aHeodo
2020-09-18Dat.docdoc c358d536ae6f128e4d3e87de606603d1eb16268041e18e130fac19804fb21de4Virustotal results 22.03%Heodo
2020-09-18File 2020_09_19 9417249.docdoc 7de7c890bf221f642348c57fd51a9d1ebac44cf9e5136ce1f0a12c7e587e69eeVirustotal results 22.03%Heodo
2020-09-18Rep_20200919.docdoc f13c7662ae4f7890dcaaeffec05902dec857b5cc7f106b1002c1b595add9912an/aHeodo
2020-09-18list-2020_09_19.docdoc 8de922c73adca515635e350e8e59e9e2470d9baab56386d9e8f3b3f9b6bfb701n/aHeodo
2020-09-18file_2020_09_19_686803.docdoc 7234cb8db24e20ba0abe1fb9f9a177573e1e83122a6f3b8debd45e34b67a7775n/aHeodo
2020-09-18Rep_20200919_SNQ297.docdoc a4ea07f63c702a260cfc87703c09e635cf2fab0a0ed510439a57936ee5f6d4b8Virustotal results 27.12%Heodo
2020-09-18Attachments_2020_09_19_QR486.docdoc 5f947b8388016997bed38166706bb096d920127a6a8c7823ff7dcebcaba8f81eVirustotal results 27.12%Heodo
2020-09-18File_20200918.docdoc 6c10c2ec829e5c74174f1c3237f44a6aaee6d53c6fa9eaec16e8caeacc3a8b9bn/aHeodo
2020-09-18Dat 20200918 6968659.docdoc 6582b37fd7a1c9ef797e7f6db679df941000a9f14475cff833abe8d4b78e51f7n/aHeodo
2020-09-18doc_2020_09_18.docdoc 62369ff5907322b724aa7887f89b56d02ca2c5e1388236064005e7c9d8451dc0n/aHeodo
2020-09-18rep-Q894.docdoc 0a18fed225d22e39aff79199651d91a2206b781439ad8017da76ce668ec88095n/aHeodo
2020-09-18Rep 2020_09_18 E162401.docdoc f8e7f7f012680a8d3f5624ea4deb0f4761bbf1b8b43d8696de50c5e8833f1c21n/aHeodo
2020-09-18mes_2020_09_18_NXR01509.docdoc d11e0d61ffbe21f3332d5c924ca98eb451fcdeb3f1b732a43f3fbaf00360b103Virustotal results 25.86%Heodo
2020-09-18REP_2020_09_18_995.docdoc 50d66616676d8ca532ea8333e2d545587d54e83abd08f0720012392cba583f26n/aHeodo
2020-09-18arc Z730.docdoc 59be634c99d32cc1d2bdfc3663c81ef4a20e38bfb841fb02cf3152233aa9f7b2n/aHeodo
2020-09-18rep 2020_09_18 619.docdoc c3b361e3ab7b82eb20f5af057abff8f96c2369d0dbc47472ab1430390ae8de1aVirustotal results 25.42%Heodo
2020-09-18Mes 2020_09_18.docdoc 0263b53f04598f5cadac5f4f8dda3b7caec39583ec1d6caff37e9183df96f8ban/aHeodo