URLhaus Database

You are currently viewing the URLhaus database entry for http://quickshine.co.ke/categoryl/EyoerDILcVRt0Wf2ZcAc6633eytAh/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:762544
URL: http://quickshine.co.ke/categoryl/EyoerDILcVRt0Wf2ZcAc6633eytAh/
URL Status:Offline
Host: quickshine.co.ke
Date added:2020-10-28 21:35:12 UTC
Last online:2020-10-29 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 21:36:44 UTC to abuse{at}aware-soft[dot]com)
Takedown time:14 hours, 9 minutes Good (down since 2020-10-29 11:46:19 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-29Rep_TWM_100120_LQQ_102920.docdoc cd49f6f6b2b1cbf28331a1eff67e7179731f34a790a1bb69c89b65ffcfc38e01Virustotal results 20.31%Heodo
2020-10-29MES_95565233.docdoc 0cacb466a5cd54765f2b551a75b8b0880cd991d16fd662402d00efc578060da7Virustotal results 20.31%Heodo
2020-10-2949283197.docdoc a372ab149bf1539aadb69ea0484133adaea91b0c000a9bfdafa445dc23230d3dVirustotal results 20.31%Heodo
2020-10-29file_04044185.docdoc 371a442d56b47bd24ec601a710beb116a75f09be269d0a2e18b29d6fe0927bc1n/aHeodo
2020-10-29dat_OIS_100120_XRP_102920.docdoc 1ecf50c67d4c4bf7eba5ed050c6500f7ab6a2b63b66f12dd23748e22e9a34ce7Virustotal results 44.26%Heodo
2020-10-29DAT_FDP_100120_EMP_102920.docdoc 38df7a8d7d8ddeec4905b01777148222f208d5030b7a44665b5fdafb5bd9ff19Virustotal results 40.32%Heodo
2020-10-29UNTITLED_ZK0996787968FA.docdoc 72e4ad0a1b83a8af4bffff0b32b6f8b9fe9680a323457b9ae5b866c9cf789ca1Virustotal results 41.27%Heodo
2020-10-29list_AS7366883428LV.docdoc 203c3fd643e932d50df0ccb5aa112bf49bbf44dd16e722b4bdc67551bf3fb133n/aHeodo
2020-10-29dat_PO_10292020EX.docdoc 42a5e4e595594e5e71e067312918e7858011f85588cc04720f4752f883f45b20n/aHeodo
2020-10-29Arc_563822119204750792.docdoc 6da55a5f2284d9e01f507160640b2505607f31d11754ba830811661016ff1e20Virustotal results 39.68%Heodo
2020-10-29UNTITLED_GP38DJ381FNSM.docdoc 4a64cdcef15cb3314d81486a5c6c1fc590e6579da756365b73c08c8adae77b95n/aHeodo
2020-10-29Inf_PO_10292020EX.docdoc 79518084f871542ac83178e1a8d96966d1ac6936c666a19b221c83e25d7c9f89Virustotal results 38.10%Heodo
2020-10-29rep_IUR_100120_FKG_102920.docdoc 6d8ce1a7fac9fd46d61f2fe0e3dff607971c0a6e830f3eac90a4b3145f06280an/aHeodo
2020-10-29Z_LFP_100120_WRO_102920.docdoc 4c8eeccd2a16f80874acd0057d5ec622d3701e32a3198bdb763f39e39ea28982Virustotal results 38.10%Heodo
2020-10-29LIST_GL8763661391DH.docdoc 1053508dba9607d8d25a553d3059249c8ff3fc0f143ea47103c1842a20098c2cn/aHeodo
2020-10-29rep_PIU7EW07PZ.docdoc 384a86ce03971610e03d72c4c46dd311c1719b3264e1f8724c6314a5f724b5ccVirustotal results 38.10%Heodo
2020-10-29dat_2PCB5G4JNIXD7.docdoc 665ea7994646d6f55327063f07c46e3d51cce78766dc14fc03031b5581283b10Virustotal results 38.10%Heodo
2020-10-29PO_10292020EX.docdoc 22c6a7d49453bcc0cba779dde369eceffe882a0c338e712b6340a144e4697c98n/aHeodo
2020-10-29inf_PO_10292020EX.docdoc 46e6c0f62d299a4510ce400f90d5f8e2280b0ffa5e465ce7433624327bc07c0bVirustotal results 36.51%Heodo
2020-10-28INF_5644044111112779578.docdoc 2a7fa7333c9651955476107db7c4fabaa333b34c5c6938bfad143ae443d94dd7n/aHeodo