URLhaus Database

You are currently viewing the URLhaus database entry for http://kkorner.net/6748227RST/SWIFT/Commercial which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:58485
URL:http://kkorner.net/6748227RST/SWIFT/Commercial
URL Status:Offline
Host:kkorner.net
Date added:2018-09-21 08:24:03 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@j00dan
Abuse complaint sent (?): Yes (2018-09-21 08:26:04 UTC to abuse{at}godaddy[dot]com)
Takedown time:4 days, 12 hours, 51 minutes Bad
Tags:doc emotet heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-09-22BIZ #519026JFFZVES.docdocfa964842244e752950fd4ed711759382a8950e13cc2794d6f73ab7eb9169e5een/aHeodo
2018-09-22SEP #8N.docdoc32890a02a2a9812703b9370e7b93f6a8f2af449323187d9da98ee68c6f077e4aVirustotal results 21 / 60 (35.00)Heodo
2018-09-22PAY #8895KNPB.docdocce8eba00ed5d24f06d762cb90280383de8b58d9227e867215ead99ede9216077n/aHeodo
2018-09-22SWIFT #744WLRO.docdoc85f57a86e855fc2f64cd9b43e12a6def19fe8b881b2360c20e0ab6750206ed09n/aHeodo
2018-09-22SWIFT #0895653EPADNPNY.docdoc5c6f0d4213853c76808f7a345745235ccde96164cc92c4bd2d30efc0ad9a5d7fn/aHeodo
2018-09-22PAYMENT #5QUYE.docdoce10491f9ba051cb82007b7a1cced46a6cbb028e1889c3cf6e1376ca40a9d0040n/aHeodo
2018-09-21PAY #33729YHAFQBT.docdoc977c278fdbab0ee6627f82aaa5877986587e60c1374f6f2bd922278dff0a7727n/aHeodo
2018-09-21SWIFT #33173BZ.docdoc512e4b3c402dcd131cf1736cbfdf55800e9018323486844ab4546613b980c57fVirustotal results 19 / 60 (31.67)Heodo
2018-09-21BIZ #6351TPV.docdoc4b04d7245c1d6f64efd042317a07da392972823797bb84e8ecbf5f23077ec31dVirustotal results 17 / 59 (28.81)Heodo
2018-09-21PAY #6166G.docdoc7bf94f96f298cabab792d094909b8e5fa3ef7a15d1e2a796d8a6ab6dd9c35e89n/aHeodo
2018-09-21PAYMENT #239898IEEC.docdoc8515ead01042987accdf59d362080403ba4067def7baf993702df826cbbc0640Virustotal results 17 / 59 (28.81)Heodo
2018-09-21BIZ #727RIFIEX.docdoc7e7eb5fbfa21524784a4c5756fa5cf19091ebf441651ea2d02211f569d602a60Virustotal results 16 / 61 (26.23)Heodo
2018-09-21SWIFT #1HSMQQOXM.docdoc78e297673aec3eaa604d2a45bf6051329fe36729d396c540972e48f5d0741cb2Virustotal results 28 / 61 (45.90)Heodo