URLhaus Database

You are currently viewing the URLhaus database entry for http://elko.ge/elkt/wp-content/uploads/FILE/q29V0JkZil/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	184063
URL:	http://elko.ge/elkt/wp-content/uploads/FILE/q29V0JkZil/
URL Status:	Offline
Host:	elko.ge
Date added:	2019-04-24 18:32:06 UTC
Last online:	2019-04-25 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-04-24 18:32:21 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	23 hours, 37 minutes (down since 2019-04-25 18:10:09 UTC)
Tags:	emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-04-25	INC_514052336140US_Apr_25_2019.zip	zip	ae341e0f016cc69c1e37fcd89ddaab405f18ffd059f63be31b5945ab770a952a	n/a
2019-04-25	DOC_2444148969US_Apr_25_2019.zip	zip	57f244b5d8a8deea0c13edcae65207ff266e02ceede2863871962af75519aa25	n/a
2019-04-25	INC_664864973607US_Apr_25_2019.doc	doc	b3e6382f49c7cd0ca3321c6bfa1b08e7b3ec57ca9cad5c29e7e37f0eccd210fa	33.87%	Heodo
2019-04-25	SCAN_188138872246US_Apr_25_2019.doc	doc	be6473351331956dc550f794617da15925785c04c3c8bb63f998ef08b032aa2a	33.90%
2019-04-25	LLC_07205188507US_Apr_25_2019.doc	doc	47d15e14ae126a2a669ee71f409be3b80bb1127327933c8991b05ecd453cf656	34.43%	Heodo
2019-04-25	INC_600647479832US_Apr_25_2019.doc	doc	adb17498e7aef92a20608d0899bca2e9c61c730889b3105e8e56517bb54217bc	35.00%
2019-04-25	LLC_5527751562US_Apr_25_2019.zip	zip	626925218f63695c9e4ed556b14df3befde024344e3f549f347ef740a49cfc8e	n/a
2019-04-25	Document_63283769746US_Apr_25_2019.zip	zip	a6f2468ae524bef7940a67efc683328f1f5c5d15ab359b57c1546781c1826899	n/a
2019-04-25	LLC_6609181155US_Apr_25_2019.zip	zip	c5f6f2ecafa21cb62d659cde398dbe529e18f2673ff834ccb6a80b49bfdf4cc1	n/a
2019-04-25	LLC_28356991321US_Apr_25_2019.zip	zip	d177136b419543ff71bac91e8d416b0c26f901f47938fdcce64e7d798c338f3d	n/a
2019-04-25	LLC_49988356760US_Apr_25_2019.zip	zip	773ebe3bdcd355dd876b48e805ce55276295404169e6420a1ba79dc644805e95	n/a
2019-04-25	LLC_2629977336US_Apr_25_2019.zip	zip	66921fc2fa4ce7ee8809a09958e8316321703b573d1d55d4f7d22c6b19312f35	n/a
2019-04-25	LLC_2558616672US_Apr_25_2019.zip	zip	494febcbd6876c01d8b2a9efd6a220c0df207a653a2158db95c17b50e24fa070	n/a
2019-04-25	LLC_684861601182US_Apr_25_2019.zip	zip	8daea9f91e76e7f29f67fa7203fe55eff71c61b605c216a04c35074b1babf835	n/a
2019-04-25	INC_9753965522US_Apr_25_2019.zip	zip	a49a638c9339b91373aca1691cfcc508b785c625423720fd1a8aa0e07d39f11d	n/a
2019-04-25	LLC_7072473257US_Apr_25_2019.zip	zip	7913ccc5ef11df289036bf7493b101e3a9725f3903a51feb4c7f3b8b37ef8b71	n/a
2019-04-25	LLC_740061000012US_Apr_25_2019.zip	zip	25a04f67e9810c6a62770ee73d9616fed98e0302f2f960f30175fae208d7422a	n/a
2019-04-25	DOC_59893210249US_Apr_25_2019.zip	zip	684bec3bfd8262cb130ad1b1e746727ecc46d985e6c68b501343b71464c13eab	n/a
2019-04-25	Document_5165639631US_Apr_25_2019.zip	zip	3a66c04840601c3b90c9b6930660a9696e42d5fb2fa19baff790f5ea953d91eb	n/a
2019-04-25	DOC_370865953964US_Apr_25_2019.zip	zip	eafb972209151fbbbd5dd6a5bff9792d29a68f7372fb5ed75d858bf043ec4833	n/a
2019-04-25	DOC_72299886250US_Apr_25_2019.zip	zip	95d517495a11c9f1b1587465eda9ee56001c35642a5b8b6ecd68b48e8b5e0ed6	n/a
2019-04-25	DOC_4385500633US_Apr_25_2019.zip	zip	7b9112cde2ce621f194ad6496c9011c7ae8093fd46bb44c03adbaa04439d8a7e	n/a
2019-04-25	DOC_1485009110US_Apr_25_2019.zip	zip	d5516299c3f520ef5f5c838ff89c46fd6d74a8eab671e62d1fe263412acb6bb5	n/a
2019-04-25	DOC_80163568231US_Apr_25_2019.zip	zip	fb67799c5342fae324da791b1a458b2eb819b89713ec54863356cec09ae32d4f	n/a
2019-04-25	FILE_87433290165US_Apr_25_2019.zip	zip	9eb33dc549c7133223e3925a842cef82b77785d4ce02943ab05ef36b5b5e5acc	n/a
2019-04-25	FILE_33905770310US_Apr_25_2019.zip	zip	7c9b06d72c160a68f6953ea241e07f3b027cd1543b1e274c0e708cb96c7e4d71	n/a
2019-04-24	LLC_14835610138US_Apr_25_2019.zip	zip	93fbdc3d7c6b1989c2065302079c26ac04f6f67293dd8e33c1b0320cad1104a3	n/a
2019-04-24	DOC_578824124307US_Apr_25_2019.zip	zip	f87c90981bb31782c630fd25745062ad6444315dde802cee6472d24ac8fb16ea	n/a
2019-04-24	LLC_1281735528US_Apr_25_2019.zip	zip	44f7b0c90155cf9cfe0e2f420388e0ccac12e9752d577e46e632cfdcf2824204	19.30%
2019-04-24	FILE_10669502149US_Apr_25_2019.zip	zip	11051ba44c7980f154e3dd4aeaf105e014c416b96a90d9c41484ce9b1fa1c432	n/a
2019-04-24	FILE_00436659521US_Apr_24_2019.zip	zip	b274ceeddeab9ce90c4ea0e5ae13b795a324338e65f51909539592da36f8bed0	n/a
2019-04-24	DOC_342386979765US_Apr_24_2019.zip	zip	3e4b58a2f02232606c3166de53a3734b439523510d0bf43df3fef301f877227e	18.97%
2019-04-24	FILE_807847629563US_Apr_24_2019.zip	zip	2c3b5d1de739ba788a98a6f1a4d4a192b6426e3cc7d97b920b718a2f7c7f3c01	n/a
2019-04-24	DOC_270017597130US_Apr_24_2019.zip	zip	2cc0c97663a83083c638c7a4db22f2d70efce02620587e930895974c66aeb2cb	n/a