URLhaus Database

You are currently viewing the URLhaus database entry for https://kahata.lk/forgottenl/2ZCVSG8THJ7VHIB/Kd24Cnwl9xEikA5mDQB/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:750898
URL: https://kahata.lk/forgottenl/2ZCVSG8THJ7VHIB/Kd24Cnwl9xEikA5mDQB/
URL Status:Offline
Host: kahata.lk
Date added:2020-10-26 09:23:18 UTC
Last online:2020-10-26 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-26 09:24:12 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:9 hours, 16 minutes Good (down since 2020-10-26 18:40:53 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-26Doc-20201026-49890.docdoc 494b69d41cfb03a099041f1f8a9b94df29cc109ed9706f41afbdf31b5176a3a4Virustotal results 33.33%Heodo
2020-10-26File 2020_10_26.docdoc d90ed0030c1275bb1ddd893fd29e73bdcd9ba1321e78c8a7525f30e5786c4431Virustotal results 33.33%Heodo
2020-10-26WE5468_20201026_LE487341.docdoc cf10c7d0f84a73aa5df5e36396d655dd4c5aab34723e4465fc328187d7dae754n/aHeodo
2020-10-26799WQS_2020_10_26_3300946.docdoc ab5a5093d4781106a29fbba85d9e9b11cd417d333cf923a06240da02a0e576f9Virustotal results 33.33%Heodo
2020-10-26list 2020_10_26 E9175.docdoc cb7ba7a31e5fb8bae2b722fa5deb8ada4ba392a89068d2ae985850a4470f2e45Virustotal results 32.79%Heodo
2020-10-26arc-HMR0169.docdoc 5ed48d52b3361971f8fd0a9853c6a6850c0f012769a71d3f68e2808845ff1f09Virustotal results 32.26%Heodo
2020-10-26ARC.docdoc c4840ad377c3998eae6bcb0ef239f283ecbbb3c896e8004fd674d10234a00189Virustotal results 31.75%Heodo
2020-10-26UNTITLED_2020_10_26_892.docdoc 6e10d04f75eb03084b24cc9c1d08bf78c573375fdf35af45724038245061e11cVirustotal results 33.33%Heodo
2020-10-26Arc_3895378.docdoc 5bdfa0c917624bd7de8b3378352e10dfc48b33bd79c14f27cc5b3e9dfe1d1ed7n/aHeodo
2020-10-26INF_2998.docdoc bb93640e7a962d06bda3911de02f559229a6bff1cbe867bf5cd47c457b69064dn/aHeodo
2020-10-26Attachment_2020_10_26.docdoc 6da9962dbe01ce3030f39f6b03578ce1952a166115cd43bca0a654924443de55n/aHeodo
2020-10-26Untitled_OZ4179.docdoc 95227869de8a78a3849b2366b12e97b15206afa1aa96bc293f009afb7906bfcen/aHeodo
2020-10-26mes_20201026_047.docdoc fe14a4d7748bf0a3cce3ee87081d8deea4fd019340725af83271e36693b11389n/aHeodo
2020-10-26Dat-2020_10_26-7942017.docdoc 8fa6b4ff0a164073304538a362010521446ed8adc11963e56a59640c1e957e6en/aHeodo
2020-10-26FILE_20201026_720.docdoc 5eb5558d4c71465be427ddf9b051aa164d5ae1dd3b28ca9ff2d0e40ddc2d01d7n/aHeodo
2020-10-26Attachment_BIM672.docdoc 7782e6d54b09e02d28229fa2c1269f117aba4f28b27044855cc3fe4414fb1f4fn/aHeodo
2020-10-26Arc_20201026_07584.docdoc 6d91807585909756c047d6afd49811e9e0b4ff3bd9f57329990dea30b6948dd0n/aHeodo
2020-10-26file-08384.docdoc ff954aabba6a98a93a3e714a0043dc95e352d61ac86dc2b921ddcf1b5b7b2bb2n/aHeodo
2020-10-26List_2020_10_26_JN1878.docdoc cdaa8083ad98d4428f440e3983393841a1f33fd12ff7faad18b086ba96ada9e4n/aHeodo
2020-10-26doc-20201026-HA691.docdoc 396869e454b55a2adb6f0f3f13f4cc4720706003fc29e5d26be8dbafd129420cn/aHeodo
2020-10-26INF_2020_10_26_YQS75986.docdoc ee5922fedb91e7b89b4f1589d57a626eb370fb451659b95c6cd1a028c0643f80n/aHeodo
2020-10-26mes 2020_10_26 C4934.docdoc eae4719f917beb5858ab2c6234b7207c53b3742b1d8e86db08cf5a74e860bc2dn/aHeodo
2020-10-26ARC 20201026 ZVL35900.docdoc cc893eeed02465c72ddc6837a915957f91f098a3ab183b0e72629bb49c2a3a11n/aHeodo