URLhaus Database

You are currently viewing the URLhaus database entry for http://kikakeus.nl/dgc0WYq9/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:95263
URL:http://kikakeus.nl/dgc0WYq9/
URL Status:Offline
Host:kikakeus.nl
Date added:2018-12-14 16:54:12 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-14 16:56:03 UTC to admin{at}spango[dot]com)
Takedown time:1 month, 15 days, 18 hours, 9 minutes Bad
Tags:emotet epoch2 exe heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-15this-site-is-virus.docdocc2e393ff568f4a87ce48011f10664138e569710f56ddc0462aa7f36bdad5ecadVirustotal results 0 / 59 (0.00)
2018-12-1562.exeexe7c3f9ab3bad94782779ca841542af0801cf6fdcf0f466f148c7abeb37086353cVirustotal results 13 / 70 (18.57)Heodo
2018-12-14849565.exeexefa98e97fa8e54aea8734974bae0cfcfbf265c289c1cf0608f81209e8f3c5089fVirustotal results 14 / 71 (19.72)Heodo
2018-12-1425.exeexebfda212d35cf8e938f04d326b9e36887476a9938db6ed49667f7607c2ba41766Virustotal results 12 / 69 (17.39)Heodo
2018-12-141533308.exeexe4fe6a6083775900230eab8b7ca97e68e66a174eb854c949708a996aa1e38e3bbVirustotal results 13 / 68 (19.12)Heodo
2018-12-1442784.exeexe07b97cef8ed1f3fe9cf592166931e48641e45422889f8d9ba756aedf564c6696Virustotal results 15 / 70 (21.43)Heodo
2018-12-145254706.exeexedf4fd49dc53618d7f3a14246f90e97b1061d976bfb86cba638bf32d47b0765e9Virustotal results 19 / 69 (27.54)Heodo
2018-12-142691769.exeexee7af213cb8e2eb7eb83395908d0fd344f08e989287e5edc9d1e780f8fbfa8cfdVirustotal results 15 / 70 (21.43)Heodo