URLhaus Database

You are currently viewing the URLhaus database entry for https://wiwa-lokal.de/sample-xyz-xlqol/jNWJBGbBCrGiaBgfAJCA7VJdv/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:949420
URL: https://wiwa-lokal.de/sample-xyz-xlqol/jNWJBGbBCrGiaBgfAJCA7VJdv/
URL Status:Offline
Host: wiwa-lokal.de
Date added:2021-01-05 11:40:05 UTC
Last online:2021-01-05 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-05 11:42:04 UTC to CloudFlare Anti-Abuse API)
Takedown time:3 hours, 38 minutes Good (down since 2021-01-05 15:20:13 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-05KVRPPXF12QZH.docdoc 7a3b0250eb31576ec30cb36ba111082fdb6d95f294a58c412327caf1bd885310n/aHeodo
2021-01-052NC843OVNPSTI9CD.docdoc e1ed12bcae0da4c4a1154924ad77715d27052249f5056a72f02f9c6a42a6ba59n/aHeodo
2021-01-05IA3XJI2032SL2.docdoc 62eb0fec7cbd5f5678dbf2c5760339f886634b8eb21cb6280e81ed8ba852eecfn/aHeodo
2021-01-05I7H16MQRGKQFC.docdoc 3a6c0312e735a06c37589a86a75939fd3fa9fe9ab71deda4a1c23c9fda307e7dVirustotal results 34.92%Heodo
2021-01-057O22M7OGQ15TWH0P.docdoc 35d0c557817977e6a991a0c32c5616c13a96abe0290c16f231cd53fd8e3b8d91Virustotal results 34.92%Heodo
2021-01-05FAQ5ZCUQRPOQIQ82.docdoc 56107ecbd594f1c684f729d239e501bb2d1561d6a584d7ba0a0d69ded2bbbb18Virustotal results 34.92%Heodo
2021-01-05MYOFASM.docdoc dec912faff311861c29da440acd2b9397c1e37bfb5be458cb8b21fcfc150d152Virustotal results 34.92%Heodo
2021-01-0576ZTE0V4LP3R8.docdoc 80fadde081a035c58538d60c3829934f50b57a18850e7506eae4157595906af0Virustotal results 33.33%Heodo
2021-01-05UPYQ9163XQH97.docdoc d5791f6ad240efa0352be66ee78df171c2a197ddcea9ad71690dddf695ca7bb5n/aHeodo
2021-01-05U43A8RK5GEYN6WV5.docdoc 2325bb3d4ffb081d6234ed1bca74f8662b1f85c6d27d6dec106e376590b7263fVirustotal results 33.87%Heodo
2021-01-05SNCPO1QDY11WIC.docdoc 5811f21b56ff4e4ebecda822447d72e3375952d4762d2289f132db72185e47eaVirustotal results 33.33%Heodo
2021-01-05M48AMSJ3OF.docdoc 01bce41750258f3d232b9eb7fe7901a88167254f0fe956f557bb33aced7cfec5n/aHeodo
2021-01-05M2I5S9TUP76171VU.docdoc 755c1e87c9c3e345b5eca450c1c72e05e691421932a8d8e26048990f9cb2ab5bVirustotal results 33.87%Heodo
2021-01-05NWGZS8Q6XL.docdoc fb98c716e390d5ee1a67d0672d65fb94afc21949fcb158f654fb6405c079071fn/aHeodo
2021-01-05ICJ19GCKOERL7.docdoc e5d4ec8668b4d36733a08b76bacf35b7ed8facd91cfb3e9be1825143539120a3n/aHeodo
2021-01-05PZBMTHUWNRM14Z.docdoc 79251159b9f14e17f66f0206b07ac7a9a696a3dd9e56aed33ef245bc1f28c6ebn/aHeodo
2021-01-05FLX9FTAF.docdoc bf7cae6c920be51d01231f410c3dd16183c89f983509ea4d25e5cb308cab7630n/aHeodo