URLhaus Database

You are currently viewing the URLhaus database entry for http://web.pa-cirebon.go.id/mBAh-LmFuJXk2QFZdFSb_DGboxvqg-JMq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:103286
URL:http://web.pa-cirebon.go.id/mBAh-LmFuJXk2QFZdFSb_DGboxvqg-JMq/
URL Status:Offline
Host:web.pa-cirebon.go.id
Date added:2019-01-14 23:21:50 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-01-14 23:22:19 UTC to abuse{at}acenet-inc[dot]net)
Takedown time:8 hours, 4 minutes Good
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-01-152019_01Informationen_betreffend_Transaktion.docdoc15026ab099b9eb293bb8a9a5e417fda813c56cba92b02056d322ad4220d6db04Virustotal results 15 / 56 (26.79)Heodo
2019-01-152019_01Details_zur_Transaktion.docdoc31f2fa247154dff65f49f8d67e1cfea51800d08ff0ff37f416891dfa07967872Virustotal results 17 / 59 (28.81)Heodo
2019-01-152019_01Details_bzgl_Transaktion.docdoc07d23501a997fe2be3aa8005f55ebc1414d6d7bdcdb20abedbc4ab95a8ee32b0n/aHeodo
2019-01-152019_01Details_betreffend_Transaktion.docdoc806c6cbb989f9783d78b47e992ff9ecea883acc76a3bb576dc04eb12d48b754cn/aHeodo
2019-01-152019_01Informationen_zur_Transaktion.docdocb7a2ceceaddfcedb3ce8ac47087cf264d3115c9dace513585cbb66c18e0af0f3n/aHeodo
2019-01-152019_01Details_bzgl_Transaktion.docdocc494f6b22ab709985d185de9e349ddfe8d9411e5e51aaef3edf7f8b0ae06291bn/aHeodo
2019-01-152019_01Details_bzgl_Transaktion.docdoc6883ee85522c09576e85a9df443385cf9bd9ded5794bd0133136ba316e50d980n/aHeodo
2019-01-152019_01Details_zur_Transaktion.docdoc0f1f2793efb4d8a4bc07bd66cc608d0982e2025affaf0c1c0d67432f1b75a57cn/aHeodo
2019-01-152019_01Details_zur_Transaktion.docdoc841622c88881bad69ba65df05aa44c90edbed7dffe9734998ff76d9399786de4Virustotal results 16 / 58 (27.59)Heodo
2019-01-152019_01Details_betreffend_Transaktion.docdoc1e7818f7fd879c98a93a934c2ca289f29121371015430dc8921fea589c6a5a81n/aHeodo
2019-01-152019_01Informationen_zur_Transaktion.docdoc68539aea0795d265502368da42783aa4df61a5cbb7d84163decc7dc16dbf3e7bVirustotal results 16 / 60 (26.67)Heodo
2019-01-152019_01Details_betreffend_Transaktion.docdoc22aec89603d396d3566a5f3d5f355f9efc1791ba67f26b85f2aed141aa0c6aafVirustotal results 16 / 61 (26.23)Heodo
2019-01-152019_01Informationen_bzgl_Transaktion.docdoc4a5f793c1e2f5b8d8f040cbdc357b2e06b59a844ea7b5620440697fbfedc10b0Virustotal results 16 / 59 (27.12)Heodo
2019-01-142019_01Details_betreffend_Transaktion.docdoc75b23551aee14b1e4d598a793d11ed469f96d8721f919459781f4bb5e860663eVirustotal results 16 / 61 (26.23)Heodo