URLhaus Database

You are currently viewing the URLhaus database entry for http://garel.co.uk/Document/tbZYZiEYgTehWPwTHSSWOKw/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	205174
URL:	http://garel.co.uk/Document/tbZYZiEYgTehWPwTHSSWOKw/
URL Status:	Offline
Host:	garel.co.uk
Date added:	2019-05-31 19:41:03 UTC
Last online:	2019-06-03 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-31 19:42:03 UTC to support{at}hostpapasupport[dot]com)
Takedown time:	2 days, 19 hours, 11 minutes (down since 2019-06-03 14:53:09 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-06-01	FILE_2544057668US_Jun_01_2019.doc	doc	ef62880b29c9e9403633bfe2c0572d75e5d9ee3fa4fb698697dceb9efc99ec3d	49.18%	Heodo
2019-06-01	SCAN_68751986933US_Jun_01_2019.doc	doc	570a32b3a97f12b17246e9940817c9c72ee63ac383f6983e342e09f79debb17e	49.18%	Heodo
2019-06-01	SCAN_4487663627US_Jun_01_2019.doc	doc	bf032ea596d973c8333c4a7d4e7338cdb4276e3d2e8ae5046b8bfbac20941c92	50.00%	Heodo
2019-06-01	FILE_3020721628US_Jun_01_2019.doc	doc	51b855cbe57d74b049f542899bba538e6a47f83b9d6e15e8e5f38cc758664f8b	n/a
2019-06-01	DOC_9086364558US_Jun_01_2019.doc	doc	545a4700f14d2cfd7f03499246dbb2738f5555f92ed45538f5301622f220c985	n/a	Heodo
2019-06-01	SCAN_064864023751US_Jun_01_2019.doc	doc	e5cd9fb3599e112d7f690ec64cc87eaca100d75fc46123812fb4a690ad71be55	48.39%
2019-06-01	SCAN_97898256714US_Jun_01_2019.doc	doc	84a66f8e7292ede26e286442de89b8a1fed1521c29552f9b8b1bc17da0d26e5f	48.28%	Heodo
2019-06-01	INC_323296782584US_Jun_01_2019.doc	doc	78f1f6d72541c029a695ff06e0b00368d8c2e76e40a24f220ae805149d55daeb	49.15%	Heodo
2019-06-01	SCAN_76320690950US_Jun_01_2019.doc	doc	6db3364c302d5c19db16a08c2bc81b3d4c2950d667272c12dcbd6827654aeabf	48.39%	Heodo
2019-06-01	FILE_8749569706US_Jun_01_2019.doc	doc	d777840280b22871584a1f1a9fb73dac5b7b335ed3089c35c638e0ad6984eb5b	n/a
2019-05-31	LLC_317764196999US_Jun_01_2019.doc	doc	6b463f47a75d8cd145a110eb5099ae2942d3f9a2374845cd37251ad8b11d1ef0	45.90%	Heodo
2019-05-31	DOC_775665948441US_Jun_01_2019.doc	doc	f8e39ecf6d736e3e321da3e786e095c108564c0ada8a0916f70e04bc642e60d5	n/a	Heodo
2019-05-31	SCAN_21756977012US_Jun_01_2019.doc	doc	99c2414e4cad9af316a182fbfb3a7dc910d3b238120a127030ffbd9e0abac894	44.07%	Heodo
2019-05-31	FILE_45343503889US_Jun_01_2019.doc	doc	e1e0d91e131669f5c88bd9a851b270f11c8eb364f13253c1adc7c965db858dca	45.76%	Heodo
2019-05-31	FILE_9162205230US_Jun_01_2019.doc	doc	7894381b0ab455b3f831f689607a32a015b1a244cb633a040c887eb3976258b8	46.55%
2019-05-31	INC_968182164239US_May_31_2019.doc	doc	995b28abfc1f4ecb8a0ba990334fcba0709ad10b550b2aad9000a4bcef8acc90	43.33%
2019-05-31	FILE_70287513842US_May_31_2019.doc	doc	aa42a5f10fc08dd7b5e163a4e84cdf5e7f8315f53b3cbd258003e4cda1859a56	39.34%	Heodo
2019-05-31	Document_160395322560US_May_31_2019.doc	doc	edf358c80943c0c2f96b4091362de54118ab381a0c0002676e93c16c52f7331e	36.07%	Heodo