URLhaus Database

You are currently viewing the URLhaus database entry for http://www.cuneytkocas.com/wp-content/GS_466/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1971855
URL:	http://www.cuneytkocas.com/wp-content/GS_466/?i=1
URL Status:	Offline
Host:	www.cuneytkocas.com
Date added:	2022-01-12 21:22:04 UTC
Last online:	2022-01-13 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-12 21:23:07 UTC to abuse{at}internetbilisim[dot]net)
Takedown time:	12 hours, 19 minutes (down since 2022-01-13 09:42:40 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-13	4686185.xlsm	xlsm	ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305	n/a	Heodo
2022-01-13	EQKJH_095192.xlsm	xlsm	c841d1d5ae704ec93026da23d3f2b9e5f00d5a229a91117df6188db2e444e87d	n/a
2022-01-13	uqV_560297.xlsm	xlsm	ff6fd9c7c63b598cfeaf21e261d13bc4807564dde366b8f407be4d189390f883	n/a	Heodo
2022-01-13	cjnggd_27083947.xlsm	xlsm	22ed1803ea7fa2aa21adb614d88627eaf141fb5663bac536d56f3db835dd0811	n/a	Heodo
2022-01-13	GQPJP-745.xlsm	xlsm	27142990970a1968021bca00b4005ef206e3a553179b2e717e82ebfe8a8af1b9	22.95%	Heodo
2022-01-13	19708_2.xlsm	xlsm	8e8824a855908e301cb873fe67e37eb4af99b32f75fb1ea8997af913540ece02	19.35%	Heodo
2022-01-13	6644-913.xlsm	xlsm	49ec26f8a352003e43a32615495ae4554e0bb8485ef889e7ba57cf869f026c4c	n/a	Heodo
2022-01-13	hl_547815514.xlsm	xlsm	967d8e1ecaddadf97ad824647e734535d41e1996b725dd594a03a043d3795b1f	n/a	Heodo
2022-01-13	159219248128.xlsm	xlsm	8e2712e45fb0cbdc5a565ba4f5582ef6b0d871a0159abaed0fb6c4d519382547	17.46%	Heodo
2022-01-13	61179_6.xlsm	xlsm	9eb7d16794f6e4e2e701458af298b2b16c91a04dd45361cc306f32bc5fd25491	n/a	Heodo
2022-01-13	4888UVUDDQJQ83697850.xlsm	xlsm	d96dba578ec6bbb043e6ef20f9f43779bd471f5329b9ba5416a0a4785564ebd6	n/a	Heodo
2022-01-13	718043-38581.xlsm	xlsm	37bb74fcd5b1ff6bbd323163e21277b3ed80d124cc4d727f4ec64d1048a2c85e	n/a	Heodo
2022-01-13	CHSfq_73.xlsm	xlsm	32d200a99b9495fe0dfcab75190eb5fcb348e6fa879763d132c924fe25bfc799	17.46%	Heodo
2022-01-13	IEG_614002.xlsm	xlsm	7307f52f4602fafb7f46175f916f3008b1ad82ef146a8b59bceea6e2b060a2f0	n/a	Heodo
2022-01-13	20085-39148.xlsm	xlsm	64825f1053e2b84f1722fa107fb145a1d75eae2332ad47973a102f015a7a9d33	11.29%	Heodo
2022-01-13	1246OZZEQWF_51.xlsm	xlsm	d9d0e65da97a353a9cc189af41082ae0bf1dff0acb39bb620a34ddb0c642ac79	n/a	Heodo
2022-01-13	AYCV_878751.xlsm	xlsm	e5443ba12fbad5317a3453443db7196c10c1819f92872377cb8b61212aa56804	n/a	Heodo
2022-01-13	8983_666005.xlsm	xlsm	4e334f1e7d8c85ec0ef565959898a1ddbe225377df8590e806143832bc768320	n/a	Heodo
2022-01-13	VPNaN-09342.xlsm	xlsm	b98bb81e71273e575642ed7f7099c846ad35017b883a860554a891c23ab9595a	n/a	Heodo
2022-01-13	834237-00816.xlsm	xlsm	bda64d87a6c5a5cd6926f31ff7be5bbe30123e2285e026e4d00028eb2e3221d5	n/a	Heodo
2022-01-13	229VEQEF1716817.xlsm	xlsm	bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16	n/a	Heodo
2022-01-13	wjcca8.xlsm	xlsm	e479adbf5f0acc27094c482523f9ae3ad97b43f50f4df328d126ab9e98f0bbf0	n/a	Heodo
2022-01-13	8273304.xlsm	xlsm	07efdf65fbb6c43bdc3ac46453701f3d1bb0f284bad5865fb4f4cf54c127708e	n/a	Heodo
2022-01-13	ILL-17.xlsm	xlsm	18c55721fbff7b023ffab344abd151b7627bcdac0645f7074a1ad6b311828779	8.62%	Heodo
2022-01-13	ZXEI-3967527.xlsm	xlsm	e19c4cdeb5c2e9417e8976342dcf2494d337be7e4f6be1f465e9eacf998a6d5d	n/a	Heodo
2022-01-12	041480-0.xlsm	xlsm	20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6	n/a	Heodo
2022-01-12	CG_49031.xlsm	xlsm	60610dee4927e907b5a6a4ac49f8c921fa8af7005b2e8deb2b26ffcc1cac6322	n/a	Heodo
2022-01-12	HUyQNm-8458383.xlsm	xlsm	31ca17b03ef6422b7d631d23ad6af8ceefc4fb869ec0eab149172ceb59400342	n/a	Heodo
2022-01-12	nTGHq62.xlsm	xlsm	b0567570cc27cb35b55793660817b24f15272b40b9ee6e8c733c3c12ef981aa4	16.13%	Heodo
2022-01-12	57229270KSUXU_6886452.xlsm	xlsm	292826fa66737d718d0d23f5842dc88e05c8ba5ade7e51212dded85137631b31	n/a	Heodo
2022-01-12	IXS-359735.xlsm	xlsm	33c82b63397536a8a585f5d1987fe791d2f3c7f7a59c28e18d261d95cf574da5	n/a	Heodo
2022-01-12	217_81465.xlsm	xlsm	a42f26a92b5577ba3b49e955cd4d80d61ce39343f2cac4a17868774d87f08499	n/a	Heodo