URLhaus Database

You are currently viewing the URLhaus database entry for http://kugrup.com/cgi-bin/esp/Nz0xOrRugjQkOWlkJ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:626121
URL: http://kugrup.com/cgi-bin/esp/Nz0xOrRugjQkOWlkJ/
URL Status:Offline
Host: kugrup.com
Date added:2020-09-30 02:01:17 UTC
Last online:2020-10-02 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-30 02:02:26 UTC to abuse{at}namecheaphosting[dot]com)
Takedown time:2 days, 15 hours, 11 minutes Poor (down since 2020-10-02 17:13:50 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-013202-M998775.docdoc e7e065422a4f53ff6f3260a29f59719111b3bdd8fd148a6682cb5f66ed28bab0Virustotal results 35.48%Heodo
2020-10-01DAT-20201001-A174864.docdoc 2316491908b1b0175a9782d21fef85f16d29b5dd05d72c00c8dc943ee110afb4Virustotal results 35.48%Heodo
2020-10-01UNTITLED-20201001-012.docdoc ccf93c2ab74f6f2f92abeba4a4ee4d1c5cf50928906b1793fd008b8284409e51Virustotal results 36.07%Heodo
2020-10-01Attachment ZG563315.docdoc bae61d952a3f4eced141514b551812240ae6ef483a185a834760c8421992f1e3Virustotal results 32.79%Heodo
2020-10-01Doc_20201001_232.docdoc bc473e3c095e5c8fc312b29ee596cfb5c7f89bd4795e09377e0a3258761b3c25n/aHeodo
2020-10-01Inf 1449.docdoc 1127939b95fc439579b8513866e2a50ebeb5657a717a1d6425d49782213b55aeVirustotal results 29.03%Heodo
2020-10-01Untitled 2020_10_01 QU2785.docdoc 6b860b1c9d7e92d8ac4e346503ce13d6ddf993cd471d17ca26ad437fde1b2809n/aHeodo
2020-10-01FILE 2020_10_01 36001.docdoc 750f3ddf6c6bd8e7cf26c3d8103a0dd26becbf4a754fbd78bcb33a8bd165741fVirustotal results 27.42%Heodo
2020-10-01doc-20201001-OS5240.docdoc 40c1adc94c0e2bc34dfb84c1c426ccbf50749fe7b5d367759bb22cb69cdf3764Virustotal results 27.42%Heodo
2020-10-0155853-20201001-BZ5975.docdoc 1a4225aa9c57fb8c97a5859dc3d004a323c5a31ad17def4ea965f4ed6fb8dd88n/aHeodo
2020-09-3067018 2020_10_01 034.docdoc f7454110fc14b94a8de1a15f118873db33d5dff0040b860e7a74775a986c8196n/aHeodo
2020-09-30Dat_20201001_KGO871573.docdoc 06c7dc1301836c796492d6ca99e8461840a031969bfcaacde4cba2113ac79069n/aHeodo
2020-09-30List_2020_10_01_60583.docdoc 24a4f7d8cf601311928b7d9c78fd6067e4b6e6a47c641fbdc86703b0dd3f1ee7Virustotal results 27.42%Heodo
2020-09-30rep_2020_10_01_3029.docdoc 00811b4a43db0ac2a88c49f0f4cbda45da02316ba871e9e1fca39f1217a92f46Virustotal results 25.00%Heodo
2020-09-30rep-20201001-392.docdoc f11d0274ff135a761481a1bb14c95f9c150546817e0a85e6f05184d628df0144Virustotal results 26.23%Heodo
2020-09-30UNTITLED_2020_10_01_0465371.docdoc a45457d61dc4348ead8ec41d69cbf25f7a141e5ccf3cea45583e5a1a666cef6dVirustotal results 25.81%Heodo
2020-09-30Dat_2020_10_01_03550.docdoc fec01c1bae4abd3f9440381c855227b0f1482882e766d147e42f80cd257cab3aVirustotal results 25.81%Heodo
2020-09-30Dat 20201001.docdoc fe188a82b959918eac4007d04f619ee4ad081730eaa6da718e8e4e0cd9d594a0Virustotal results 25.81%Heodo
2020-09-30ARC_20200930_08315.docdoc 9e657e5f3e756ddb72a1f39cd10f7a729a3870660ce4ac1170124a197f9bbfc8Virustotal results 24.19%Heodo
2020-09-30DAT_2020_09_30.docdoc 9cee1e4dc71831888865312ede140d40ea8091824bf6af5428fb7ecdce64ac4dVirustotal results 24.19%Heodo
2020-09-30Rep-2020_09_30-XQA98785.docdoc e92f158f2faa36f1af7c6995a3e4433ef891eb4dcfa6a15c6ad994527c01d680Virustotal results 24.19%Heodo
2020-09-30list_2020_09_30_6523.docdoc 9bd5e78a295d861307808771659e53c1312461fb22f61de2b49e870ff1d7ce81Virustotal results 24.19%Heodo
2020-09-30Arc 2020_09_30 035195.docdoc 6d3070759d62eb8f488c0a3a950b71f92a75f47a9a04d32bfc04321fdc7d4fdan/aHeodo
2020-09-30Attachments 2020_09_30 706881.docdoc 3a32e39ed3b9c84dfecee400132af0b2b351401106e37ce1ba7a050f016560e8Virustotal results 24.19%Heodo
2020-09-30arc_136.docdoc f83ac83b76893b32fe71e9ce9fff80c0392ffae0ad66425140513c71a568885cn/aHeodo
2020-09-30Attachment-20200930-479.docdoc 2f161d1a3025c5e9ef5eec5cebb8c9c24e3753826e7674a8e61de0ece779a54fVirustotal results 25.81%Heodo
2020-09-30Attachment_20200930_36547.docdoc f8a0032c67b67834e10cbad2375a77947b460a0e6f59115dfdd850fef6dfd0beVirustotal results 24.19%Heodo
2020-09-30Rep 20200930 HM3223.docdoc 1468c682dc57d15bafffc2d182c51a4c2c823c74a5abd7fdb416be0b1fe71869Virustotal results 24.19%Heodo
2020-09-30File_2020_09_30_237.docdoc 0c8d831dc603899f7ee798ed2307feb57bd13b252196a509a1b3aaf7a49a4ae5n/aHeodo
2020-09-30DAT 20200930 ZS54359.docdoc d170d4853313c3d42e35cf2c19593158ef3d0bb0070faad32f65ddefabed67fcVirustotal results 22.58%Heodo
2020-09-30mes 20200930.docdoc fe2b3b26f27a28edd30637e0731391445f14567e3b456f3ce5f2250d3ba58d71Virustotal results 22.58%Heodo
2020-09-30Dat_0243.docdoc 2888b551e17e7d62e62ca0cec57591c6d9e40b39c0db60b31ba14b2e39fd86e0Virustotal results 22.58%Heodo
2020-09-30inf 2020_09_30 2554.docdoc bb859c1cdc55c8efda32c573ecc7e09c0692cf12de6a7c4bdc300e6e86456782n/aHeodo
2020-09-30doc 20200930 48785.docdoc aa5f51ed04026aad5af58f4d5ef9ab31771b70fb02bd536162e5ae19f6e3531bn/aHeodo
2020-09-30list-2020_09_30-I01528.docdoc 4038d38d4c957482462c94556199ce2c3724320b291a7141716e0ca752915298n/aHeodo
2020-09-30DAT_20200930_47891.docdoc 6c775f2e53176b776bb73bfd6c6a98f652a94ae4fb0b74b29f56aff911c3de0an/aHeodo
2020-09-30inf 20200930 048239.docdoc d8e405782c4f5b141b6031715d78b4d56a4b64b6f8f61f6de6af59c7cac4e96cVirustotal results 21.31%Heodo
2020-09-30inf_IHN919.docdoc e5f595a826309d1309411963281babb3e9d29b8149a7f105059242d22a207863n/aHeodo
2020-09-30list 20200930.docdoc 90de4105fc91aa76e474d5d94fe9fd26b8d6983986653c2d8592f39376ba5652n/aHeodo
2020-09-30rep-VX777.docdoc 2fbc53c50b9b33c49311e11a41aa64660b305c9c7d4a4db3986c59a1a77696a8n/aHeodo
2020-09-30Attachments 20200930 47453.docdoc ec9d596dea9e8934a188f8d65b878a79dd49654e8159980d96eadf857e90cf7en/aHeodo
2020-09-30ARC-20200930-625.docdoc d6bbe11ddd654ddbbe527d2480acc4580acedbe6e462e7ac78847aad24b18253n/aHeodo
2020-09-30FILE-20200930-617.docdoc 6a8fc6ea0a16a349b6127200b4c1398c112a6251339536b6e0c034c035cb5eceVirustotal results 22.58%Heodo
2020-09-300867-20200930-653533.docdoc 1710e41764e75b641009119a0a1632eafbfca1ea76a900667509d9e06f7e84a2Virustotal results 22.95%Heodo
2020-09-30Inf 20200930 9331.docdoc 5bf5490d9daa5f884b6597377c8d3f4200a86f12a88c613b3b633681f3998191n/aHeodo
2020-09-30DAT_20200930_TF1403.docdoc 1ae2baa185c14e948bba0b1f389e85ec3a9310871617b68296641f3b4d3f0828n/aHeodo
2020-09-30ARC_GR2101.docdoc 71982d0bf9cc749ec9a19c977e29cd16ec613b3a2a3305de01a2c0f319de5f52Virustotal results 21.67%Heodo
2020-09-309395307_2020_09_30_21498.docdoc ea0313fd5620c355be450cf83271f033601347eed4e661eddef0fbf152e5808an/aHeodo
2020-09-30inf_20200930_5061179.docdoc 70db34d112d37fb9ef582c07b67230b79d3eff439664e73aee64a08ed08df157n/aHeodo
2020-09-30Attachments 20200930 XF640839.docdoc c2fd3ccb55360792d0d8b09904444e642fca832f64abbfc28c7a729f98473414n/aHeodo
2020-09-30ARC-2020_09_30-2939.docdoc 799ad9ba2f68222b08e1a3728b0e9ec9ba943db3978c06ce8febd8e74f57a0d8n/aHeodo
2020-09-30list 20200930 BJG1470.docdoc a3f7b976b0c108284bf0de59187798f84d509ad7182c92761cedbb9b35ba4a3dn/aHeodo
2020-09-30Arc-20200930-7899.docdoc 9183ddb23d6f66213b70bc4fdd6a990a5ab487e74a41f18d800a3a897a5e4dd1n/aHeodo
2020-09-30rep 20200930 ZCN32198.docdoc 12ac85eae36cadb62fd9e5f907ddfb4be98326edce0e3e073622a1c87563cfa0Virustotal results 20.97%Heodo
2020-09-30MES-8680.docdoc c150b29360cf15b5be8f3cfba987464841892845367de5fc5985678600998bb3n/a Heodo
2020-09-30file_2020_09_30.docdoc 591579fba418bcc6bd1fc4bb4a299348db435c11b203cd049b17c9830f211087n/aHeodo
2020-09-30List_2020_09_30_BZB008.docdoc e4c0e12e6e90cabe22fab698bc2684a13e9719668942b682bfaa1ea0bd3336a4Virustotal results 20.97%Heodo
2020-09-30Attachment 20200930.docdoc 32ec09ab815a3ca2d96ed124d841dc8dadc0f752aade3f0cd9ea04c51c6f1eb9Virustotal results 47.54%Heodo
2020-09-30File 20200930.docdoc 9514f8559ebc3346ee2ad8a0dc066f680f456064bcb9dc07a2b528f14293d522Virustotal results 46.77%Heodo
2020-09-30Attachment 74748.docdoc 3bdee9fdd814363fa073be396eda19d9242d4bfd82702110dff7564d61ef4a8eVirustotal results 46.67%Heodo
2020-09-30Arc 266.docdoc 869911e995bc11a3a2e87a02de6611b59d26ddd5b21c6c77e72f327620f526c2n/aHeodo
2020-09-30HP300 20200930 3318.docdoc e8687463d9ab753f201293dcf26cc49ccc1d536ca5eb2807821502b5e45a4b3cn/aHeodo
2020-09-30File-20200930-604521.docdoc 33477bed1839bb45bcfd3358705d97b3db5e567c2c551e666d8ac934ec20dd9bVirustotal results 45.16%Heodo
2020-09-30Mes Q04033.docdoc 892d8f9cfb26bae3277304d3396027dd55d0899e78181a1431bb43e29dd3e857Virustotal results 43.55%Heodo
2020-09-30Untitled_B413.docdoc f72f43e5d32d5bf4ab91a6e04550dbef93f82764320a7403d8b59952c208beadVirustotal results 40.32%Heodo
2020-09-30UNTITLED 20200930 6064675.docdoc 6c41e3d735a4fb3193de47e7bbd9b06515ec6f7ebcb390c53ea06c00c855851en/aHeodo
2020-09-30mes-20200930.docdoc a3aa47fd0e69bb9abfdf3263e13b7d854f23cc07579e8e294a8930e6498d6143Virustotal results 37.10%Heodo
2020-09-30Inf-PF1640.docdoc 12eacad71c2a295436f6909c437715e14ed8ab2c4c2417d845ee7e4155768b1bVirustotal results 33.87%Heodo