URLhaus Database

You are currently viewing the URLhaus database entry for http://nkvkoilterminal.ru/cgi-bin/Pages/AgbFSr5IoOB88A/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:722259
URL: http://nkvkoilterminal.ru/cgi-bin/Pages/AgbFSr5IoOB88A/
URL Status:Offline
Host: nkvkoilterminal.ru
Date added:2020-10-20 07:52:04 UTC
Last online:2020-10-21 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-20 07:54:30 UTC to abuse{at}reg[dot]ru)
Takedown time:21 hours, 42 minutes Good (down since 2020-10-21 05:37:16 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-21DAT_2020_10_21_QJP9005.docdoc f0a7bb8a3fd0206c7c6e89cdd949a4697bbcfbfd54420e08727801b53c3ec0f3n/aHeodo
2020-10-21UD275 20201021.docdoc 43d04047627c2d334f2de109882639ae0bdacabad54dfa75e18e6387be466145n/aHeodo
2020-10-21List-022587.docdoc 8413f8bbdb69008a6bf239909f32ac15b8d1666e0548a132ea9c731144270aean/aHeodo
2020-10-21Inf-20201021-001526.docdoc 4e3e761ebff1b7e4d903dad33f0ef248562efc7c8ae950ef2ef68fcdbc365f55n/aHeodo
2020-10-21inf.docdoc d44b3c4852eacd4e0f3f74ee7ad98e9439b486312e5fd96d78c52922a35fd6d9n/aHeodo
2020-10-21Attachments-MW1827.docdoc 852c8d55772a4f7a0497ca1ecccd87961c0c25de156477c74fcb3c29003e352bn/aHeodo
2020-10-21Mes-20201021.docdoc 9bedcc0b34dbbcab87baebe329c2dc66a4d01287e541da22b3f08a80d07e1501Virustotal results 42.59%Heodo
2020-10-21Dat_2020_10_21_K17589.docdoc 41ecd60f9b52ec888a65419df5910382015ad496799b7b8865270fcaaf12ae00n/aHeodo
2020-10-21List-8132.docdoc 2ca5f560d67437d266d4f24bfc29b108a29b963d3e5eff6e05f7be37513948d6n/aHeodo
2020-10-21arc-23265.docdoc a3739438bd54340937905305ec828223cffb8c5735c69854d186f45169bd09c7n/aHeodo
2020-10-21Attachments YF689.docdoc 9a426ce994bcfe132c70f23dcba22c43b05864a64adcc072773d0b4c117964cfVirustotal results 38.33%Heodo
2020-10-21Arc-20201021-063956.docdoc 1161ccd91275ccbaac32ef4906e3492003bb10612a836f77bb185f608beaf64cn/aHeodo
2020-10-20Attachment 2020_10_21 0029.docdoc d89a7526499e9b53bedceaa103bae82a247aa6fe2544d50525a6a2cf87ecea6bn/aHeodo
2020-10-20list-2020_10_21-XA522.docdoc 0fe1e8504b3073bcac87230b7c8246dc263ad53568a2439f767e581be42409e2Virustotal results 40.38%Heodo
2020-10-20UNTITLED_20201021_J247526.docdoc abd190507abe82dd0ba2c472139f8bd5622c4ed59ec44a53eedd9979daa2215cn/aHeodo
2020-10-20Mes_9283.docdoc e6b6d9b6f5033db818313d95549bb3856ef27cdd2947e22fec5641af2d86ebc3n/aHeodo
2020-10-20file_20201021_WWC2405.docdoc 7b2c8ed709b78f72450d05ce48a750a1a7a4303689466699f9eb3961ab94fff8n/a Heodo
2020-10-20TK1824 5340.docdoc 4a19ee93449079a50d37492a9ff12bc04e5100405c05e6c907d5c043c5b7f65en/aHeodo
2020-10-20INF-20201020.docdoc 6242af547edfc24b0d1d59a0169dd8e612fab4d4ec5f56785ac1620bb52bc218n/aHeodo
2020-10-20MES.docdoc 634c51ed89df35214ed52b0b572b36393c4d5d8ac12201d5a565c2fcdf395872n/a Heodo
2020-10-20file 2020_10_20 M1230.docdoc 0c6c2877cf8a14d55573a74fbf8f0f70b4f912b905914ad9b77a53e04bcd6e44n/a Heodo
2020-10-20Doc 20201020 6659475.docdoc c1c8000a7dc89b2690959e6ed634cd1382ce17f993954ed524d59b0fd340a1een/aHeodo
2020-10-20DAT-2020_10_20.docdoc 3990d3ddd544db77ec9f7db002a4003b3fadade6921d821f8fc41fb38c793e14n/aHeodo
2020-10-20Inf T57427.docdoc 86ed6b53ac6710955d2a4b65da95550e5217abc3d0bf7585e6900983dda73f7en/aHeodo
2020-10-20Attachments.docdoc b8b0cad2bf62ed1d73b6eeca3a4b7a81478dcceff11ca6bceececdebad5e5237n/aHeodo
2020-10-2051898 2020_10_20 UVB956.docdoc a434bed312fb5707d130f067dbf4d73a486ca97da11d5c2a763f5074d09183abVirustotal results 31.03%Heodo
2020-10-20Inf 2020_10_20 UB772.docdoc ef6f58d61cb76b5886a5f0c9b7fc91d07c6da5130abdb537020db8b348b4df1an/aHeodo
2020-10-20Attachments_MA282768.docdoc 2762f9e4fb3fd982938d550c44a28ec54fe08ce9ab7e20c79cc50895e45763a2n/aHeodo
2020-10-20mes-096761.docdoc 065c898b6eb9319d32a4977ffef6b0cf820ea8610803f1b16b429303ee186064n/aHeodo
2020-10-20REP 7601.docdoc 12e07b82fad9e73b029e05af2bf09d2996cc9ffce7e8794880b3a4124018f808n/aHeodo
2020-10-20INF_N9799.docdoc 1746805251d59d454ed5964d4c15a58728d22eaaec3ee99c4f2866d2b11fceb9Virustotal results 32.26%Heodo
2020-10-20Rep-20201020.docdoc 15c109de6cc4acd8526fc63694f325867292228995c301378b9de3f144b311ddn/aHeodo
2020-10-20mes_883.docdoc f09df05f20e834968ad1977d3a4b5a2d33e1bfb1c85da0bc95ada1dec9b2a140n/aHeodo
2020-10-20dat-2020_10_20-GE1557.docdoc 46645d42144e971f703fcae6d2ba3789d217be78e5512cd11b87df16cedd736dVirustotal results 39.34%Heodo
2020-10-20UNTITLED 20201020 07237.docdoc cd0d77d3bcc5818ae0336fcb47a11ba8c36f5ec4c50e27bb9e762254c87f82aan/aHeodo
2020-10-20Attachments_5680000.docdoc 64e99051b9cb45a384b9ed588cf3d5a8734c29ec44da0a99b0f38414652bef7cn/aHeodo
2020-10-20Inf-20201020-52313.docdoc 1b352b6666e927f78ff2dcd4f53c554e2af3697ded24857b7b98bc8cd25b6ffbn/aHeodo
2020-10-20INF_2020_10_20_DJS699.docdoc f2a8ba85ee3795b7981a7e86b5df20f79e48bb94b7e7a1bae5fc14b92ff369e6Virustotal results 33.33%Heodo
2020-10-20DAT_20201020_753521.docdoc fe333a9f370254c15b5913f5bac702faddde7990452537d4fe148c25fd3f9a91n/aHeodo
2020-10-20Rep 20201020.docdoc 3f9097ae9a69048066939b773ee8003971659e39a80c2d587d25053612b78e08n/aHeodo
2020-10-20DAT_20201020_4907.docdoc 51b513cca5a4e90be640d97b66c713c274532ca0da6b3001c9c9bdf5aed5b050n/aHeodo
2020-10-20DAT-564.docdoc 85e51a74d42be93e3a95811a70265d81951e0061b1ce98ffb6f505e01cab19bfn/aHeodo
2020-10-20REP-20201020-NP039.docdoc b98bfff40e1a2305fe983aee8842e25ebbd00d027f693a77e97008ce6a5fb2faVirustotal results 32.79%Heodo
2020-10-20FILE-20201020-729.docdoc 4214c12f3ac9ed206ad2038d0411bb49825a196848cf8732c0857a1f33801221n/aHeodo
2020-10-20rep-W3929.docdoc 5336b97f003ee78bfcaebf605966b887096a918acae24114fb6efabcc308b88eVirustotal results 31.48%Heodo
2020-10-20List 2020_10_20 DZ24499.docdoc 8049f214ab570778ce97398a9890b5c3284140d34406a443c00758bbc488d851n/aHeodo
2020-10-20M276_673.docdoc 26c46a2f81a26a82f9a3db95648c0e3ed20387b57e0a8a6746739fa591c1dbf8n/aHeodo
2020-10-20inf-RZX34016.docdoc 1760a7148954c3b3ccf35f079923772534fe38520bde8a0e3c1f0e06458b728en/aHeodo