URLhaus Database

You are currently viewing the URLhaus database entry for http://kusa.co.in/cgi-bin/DOC/34fid8phvbm5/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:719579
URL: http://kusa.co.in/cgi-bin/DOC/34fid8phvbm5/
URL Status:Offline
Host: kusa.co.in
Date added:2020-10-19 19:41:03 UTC
Last online:2020-10-20 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?):mail Yes (Ticket DCU003022736 created on 2020-10-19 19:42:05 UTC)
Takedown time:1 day, 1 hours, 29 minutes Poor (down since 2020-10-20 21:11:34 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-20PO_10202020EX.docdoc e6ed92a2be8cac09be62e066409f461a6591959a0d772b5dc6fe04c356949852Virustotal results 45.10%Heodo
2020-10-20OX_FRL_100120_UEH_102020.docdoc b4ac4dc450ecf4d75f1f27dfc8a32944dd874d230dee4c978d49c74961cf405bn/aHeodo
2020-10-20INV_0791891686208972.docdoc 23a9e81e5c9457c32d731feaf07be0b1d576fb91bca54fa944bf0f935fc2e277Virustotal results 42.59%Heodo
2020-10-20REP_YH3011346826IA.docdoc 73fee094af28a164510ef4a3fb7af33aace675c2c0c2f043d2dcd918e42f54b5Virustotal results 40.74%Heodo
2020-10-20DOC_EQR_100120_GDI_102020.docdoc 621a14c4ff1196a5f40b5abd1aa47738a2855dcb1ac4f16c7e577d6f53935c08Virustotal results 39.62%Heodo
2020-10-2020270865.docdoc ab0f780d3717e6b5be76ac64376d1d82b1b0e1b5da173cf7e602e60d0a9d1f9bVirustotal results 39.22%Heodo
2020-10-20REP_QWNT88F4M.docdoc 0814539fe701be5e31be5338175861ae8ba2d64713435551da42ddf5ed80476dVirustotal results 38.89%Heodo
2020-10-20REP_WI6438475691OJ.docdoc 1c8e7401a41b022fdd5b02a9e8f6c4b2f28453f77fc97675de400be7359b72a9Virustotal results 41.51%Heodo
2020-10-2004151614049.docdoc 0b33909d1de860077dc12ccad80a98be0ecf15d1b1fd16cba5d16f49189e4ae2Virustotal results 40.98%Heodo
2020-10-20REP_JK6221269766CU.docdoc 6f573af4b3c05869192e431cbd3a4b5b8e58becd49abdecaf8f5d04b09638904Virustotal results 38.98%Heodo
2020-10-20VMZ_100120_ITG_102020.docdoc 3a8287a81d763e34609872325add4dfcccd8609540be210a698596e019647947Virustotal results 38.71%Heodo
2020-10-20REP_93113099.docdoc ad758bc59fac01bf0e88ea434324c0bbc246df3cbd4feb1a6f6080d05dc10d35Virustotal results 38.33%Heodo
2020-10-20M_71427733929.docdoc 90729f88ad312b680c7a276d76314c700589095e2b6b7507fcaf8b4457fafb68Virustotal results 38.71%Heodo
2020-10-20INV_MC69O75J23W6Q8.docdoc 55d272b806611b58ec2d9daa68b80036ea1110ee1bcec7406b4c4dc1f311dff2Virustotal results 30.65%Heodo
2020-10-20FILE_PO_10202020EX.docdoc d5f91e755ac8a30effb49d42cec3f28324efed4fa814de5d5ec2464fd1136a62Virustotal results 33.87%Heodo
2020-10-20D_W1NP40NJY52WRN.docdoc 96220b48da8d87785f5eaaf4bdbf6fd3b1b36215fada943ccbf3e4ef18455beeVirustotal results 39.34%Heodo
2020-10-20REP_96835422067.docdoc d9c9f08d81a920cf8e16a4166d72bd553478b07b90aaf5eff7f6c637e3c94303Virustotal results 37.70%Heodo
2020-10-20T_ZSJ48GXTXG9W2O.docdoc 9e1bbec7e9134cf807896248560151efff4f98cbeaaffe5a400a24de26aabcd0n/aHeodo
2020-10-20PO_10202020EX.docdoc 731c494ee06a5fe125c88bd6c5962d440734d6237fd8dd68d3fae0950cdb153dn/aHeodo
2020-10-20FILE_40742801.docdoc 7b664501734d9f55316f7ffbd0178031b2b0501610f3065ada226a0a04e4e014Virustotal results 49.06%Heodo
2020-10-20265801788.docdoc 4a9bdef24eed1deb564eebabf43f1296dc75f336b8cedf58f1e531a1a9e69e95Virustotal results 48.33%Heodo
2020-10-20FILE_RKO_100120_DYO_102020.docdoc dfde9cc85916bd77dd4bd0cec6b988c49597cfde37839cf29f966bf8142b9b2fVirustotal results 49.18%Heodo
2020-10-20L_67623220.docdoc 60e75d4083a16372c4e4b2fbb32241d576d2c25e2e72eea6cb414f19cb470caaVirustotal results 51.67%Heodo
2020-10-20BAL_4414364425703830434.docdoc 3224f8ffc0e8bd8b76b65bfe60dba30ce2f51e2ff5aa038c890b2a11e4d4b16cVirustotal results 50.00%Heodo
2020-10-20REP_66579742.docdoc 1707593938e446bad3b6d2852be7c32e2bb1a2a376371ca2d3be41b80a089694Virustotal results 49.06%Heodo
2020-10-20BAL_40326318.docdoc 2f5f911119edd3b215647b74686ffd1c8130e36f7ad19ea88bad1329dbbd5bb4n/aHeodo
2020-10-20F_18706301.docdoc 8bf073f99d2eaf5d61ab0aff7e4d8c764fdc59a98d011f9f0f45619b079fa2acVirustotal results 50.00%Heodo
2020-10-20PLD_100120_QLT_102020.docdoc 529117d0294d9326b40b4b6d9aa5f717f93c21d8b2c9a30989f2ac9eb3dc180cn/aHeodo
2020-10-20INV_PO_10202020EX.docdoc 50c9426575f1d5d3e6a7b47ff0fd82095b8e376b08a2388d8de17256f0997d3dVirustotal results 48.39%Heodo
2020-10-20REP_PO_10202020EX.docdoc e937596ac429c68d194ab211eb7ba487b4f913696bd6049798063b48b2ab1f92n/aHeodo
2020-10-20EO_94399105.docdoc 5c2800e73f66d8ffd5060d01074dd76a5f63dfd7ef6bd2c73b63bccb6fddf9bfVirustotal results 50.00%Heodo
2020-10-201876390394517797.docdoc fa8275575e6245fd36e756a1b98d85156b62277541fd928701809d7f1e428be8n/aHeodo
2020-10-20FILE_HK4213177774SI.docdoc 9c0b540853af7ddff2a2b4c65cbe5a2f7fc15a61512d89b44d40be929c163969n/aHeodo
2020-10-20O_PO_10202020EX.docdoc 25fbd5d4abfc8825056faeb812b39029cb907bf117d1bccb5935d2c8f091dc24Virustotal results 46.30%Heodo
2020-10-20VVMZMBSM.docdoc f22a2e1ffde1f1013983eefa4e4dc25cd58590aaf8ae33f7989b9d0a5cbe6b15n/aHeodo
2020-10-20BAL_806118171309665564138034.docdoc 73b6c10bafb00d4f9dd27964f985c9d4eb4df9962a6500e8df8686198a15eb53Virustotal results 45.90%Heodo
2020-10-2035463376.docdoc 886ff49a670a583572de65190cb27ccf2b32e875d56ccec77c6dbe0ce9883824Virustotal results 45.00%Heodo
2020-10-20BAL_N4IX0V692FZV.docdoc b115c55302deeae4e7e088c8dd801349c25089e867dc300251bb75936f96260fVirustotal results 43.33%Heodo
2020-10-20NHV_100120_TNY_102020.docdoc 7c97c02470de9409781c5d2124456af10eee6ca92664eccddf2ad51c9e729f33Virustotal results 43.33%Heodo
2020-10-20Q_57618617.docdoc 3e5e2b291ee178a407b5754c636e6e1da5ce3cae63164fd9962a23838935e99bn/aHeodo
2020-10-20XXBAOFQ9.docdoc 8337cfc31ce0d2a11afe2ee6a21927a95783115eb07c10ad21f4f015338fc7d5n/aHeodo
2020-10-20INV_NLV_100120_IPT_102020.docdoc b67eab2bf91ed9762b4c7e513ae9d60d1411ca80821e9e0c7763b6458687ba00Virustotal results 45.16%Heodo
2020-10-20REP_PO_10202020EX.docdoc edb3881186a3db995e00c5909b9f64dbcc81f44d79277f0ab7a31cfb80bb1789Virustotal results 44.26%Heodo
2020-10-19FILE_INJ_100120_GUL_102020.docdoc fcee7dbc5b468506c17395baa69a4ecf7efc61dc1994fc1f563c27cdd9792cd8Virustotal results 37.10%Heodo
2020-10-19GMXK_KZHT4UQFF.docdoc f543aabce238c1d2fc2327951348e1d92c319b2defff5be404e0ffca6e036558Virustotal results 37.10% Heodo
2020-10-19G_87100725.docdoc 30152a6c0f59f8968dcc935f1384a25fcb1e25cd3467f63e7ce6412931166d02n/a Heodo
2020-10-19FILE_AVFY9RTVKE0.docdoc 7fe2b58881dc1b3b075d548c102f49957b1fce31dd4a904e266b3be3191c3cb3n/a Heodo
2020-10-19REP_36654432.docdoc f0d849bacbe624239a8e073b2a3d4edd7e98639b66ae1553ce4e7f9e986d357en/a Heodo
2020-10-1978812280.docdoc de03a7b73f65426eaf1bd2ce4ddb88c4e288be92a679a7390d760ec9a6017712Virustotal results 37.70% Heodo
2020-10-19FILE_LV0564386668BZ.docdoc a782aaea95d16ef668df3dc7e0077fc4f0ce87244fcc493ebce465fff7911c68n/aHeodo
2020-10-19THTO_SI1847551544YX.docdoc 24aa0b76e29bbdca3ce724f547c7cd8ecffbd973e9c800a142a172abea94a44cVirustotal results 37.10%Heodo
2020-10-19HF8500257065XV.docdoc f3534f5aeaff350f232360f9ef4a823ce2730f82a38e507da056e0b4679ab505Virustotal results 36.07% Heodo
2020-10-1903337936.docdoc 5721030808d7af4c33735dbb75cbcd42a947aa4a322e71ccf5a1f1ef87ee75a7n/a Heodo
2020-10-19PO_10192020EX.docdoc 9c3d7d09101e37120b82aa8acc29dc413e213fb067538fac72bf2a11f45aabfbVirustotal results 37.10% Heodo