URLhaus Database

You are currently viewing the URLhaus database entry for http://fikirteknesi.com/wp-includes/YQmEElzYjaqiFb3ZEnl21rBM9Ka6s/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2119376
URL:	http://fikirteknesi.com/wp-includes/YQmEElzYjaqiFb3ZEnl21rBM9Ka6s/?i=1
URL Status:	Offline
Host:	fikirteknesi.com
Date added:	2022-03-29 14:15:05 UTC
Last online:	2022-06-01 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-29 14:16:07 UTC to abuse{at}ni[dot]net[dot]tr)
Takedown time:	2 months, 4 days, 6 hours, 48 minutes (down since 2022-06-01 21:04:26 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-31	DQ-4900098326599.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	TYO-6164507.xlsm	xlsm	b0fa5dda99558a54917cc9a5f6269d440cd8b30ed825f72c837d6e4044d9f628	42.62%	Heodo
2022-03-31	JK-07994092801.xlsm	xlsm	b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5	33.87%	Heodo
2022-03-31	BCC-9454698569.xlsm	xlsm	ccf8147ef96ae47288019a25336c2935e73d2e06b8fe73823e3596fb1596ba8d	43.55%	Heodo
2022-03-31	SK-564137028765540.xlsm	xlsm	24499993a94d9888bcdc8a5b9c58aadb86dbd363efdfc2fe1996d98dba57bde8	39.68%	Heodo
2022-03-30	SKR-3667498786.xlsm	xlsm	3bfd193ea92a687030d7b2fb3354e52980ad28ba1cae92579b53f5473b44f37a	n/a	Heodo
2022-03-30	KP-71971987654.xlsm	xlsm	ae3937925f18c7db77b2fd19394cb114cb460741dfa2b7c5bd10de9c5c2e35fd	33.87%	Heodo
2022-03-30	OMH-6675643304.xls	xls	a14fb7f51582ec1f9af65f4300ff4dde6a99d12bd2b08f70863ca16d508c72ba	28.33%	Heodo
2022-03-30	PGR-2174265791.xls	xls	88eb7648bf7a3c5eb3fbb953cd7b5df5165ffd0cd0249928a6e314f8958ebaf4	n/a	SilentBuilder
2022-03-30	WYT-0794012434047.xls	xls	2fba5997186a1e4e2da7496bd7a1bca3eaf425971cc76dd7be878f3fd88add07	n/a	SilentBuilder
2022-03-30	585046747674017.xls	xls	e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92	n/a	SilentBuilder
2022-03-30	6373119153001875084.xls	xls	dca8eaa3af3959b306af25eed2fa0edff0e0afc2eff8303e02086f3c9e2d24aa	n/a	SilentBuilder
2022-03-30	9529004812.xls	xls	89c9bba23213aec7d1d4ddbe14609b0d215e72dccc6c1d13444ec507d57c142e	25.00%	SilentBuilder
2022-03-30	495510500199028.xls	xls	aa86d1be623622ae373fc9dcfb7365d513d0e273891e34b480ab2d7b10d6a7bb	n/a	Heodo
2022-03-30	556332497321504.xls	xls	36525c62881502d638d137eef2414e9659a936b60d0ec784a833edd894e8d76f	n/a	Heodo
2022-03-30	9638326005108840808.xls	xls	05b7de9ea6dc7fc6aa9bee8c26c08424ecb944f734630f2f5f708dd38c643200	25.42%	SilentBuilder
2022-03-30	74212575037546992.xls	xls	38aef876f6ba7edc44d3bfc329a5448e28fd5754543256bd61687a7ad4f10227	n/a	Heodo
2022-03-30	4347117167.xls	xls	28c1994bc596421a111c75b795d98b2192edc5aa92b6d1e3adcefd40bd9d0bdf	38.18%	SilentBuilder
2022-03-30	8281665150012096147.xls	xls	5f803ebf6cab915de7c3d4713907124d3dab2177385ccda1d674efe03e8ccfd5	n/a	SilentBuilder
2022-03-30	3020536192250173.xls	xls	7f6c020c42ce81f72bb8d42b6ee843d05655bc488204531c351e5efbb6d8e4a1	n/a	SilentBuilder
2022-03-30	19388505116153577955.xls	xls	b77b0ef522691f56c326dbd8bfd07faa9b30f9426461ff385a1e744c3e469678	n/a	SilentBuilder
2022-03-30	110411415383.xls	xls	2b82324426c06592a76bf7c5c8aa1dee1ce453a2735ecdb3d54a179a452bc4b9	25.00%	SilentBuilder
2022-03-30	03770520710765405220.xls	xls	27689adb180da1eb3e8798172f075cb53164f1cea3502d0dbf09727810c3aee8	n/a	Heodo
2022-03-30	14283080988842899206.xls	xls	84e8a5c9e678935ebb0022e67a2160105d3f416ac8ff9118d76b0183acc1e233	n/a	SilentBuilder
2022-03-30	90744367314.xls	xls	e3c025ea969a7801acd598c71b4efadd504f65f294d81eabeecc4fda103183b9	n/a	SilentBuilder
2022-03-30	7840964098.xls	xls	fc11990e224dccd621a3e096de9d3ba9ea970ea8434a56a20ff5dbf00ac1bd90	n/a	SilentBuilder
2022-03-30	668064881525.xls	xls	40aa77bbfa6a11b156623be5f84634cfe0e8c07ef8cc481d448102a526c17007	23.33%	SilentBuilder
2022-03-30	4993354394536247999.xls	xls	7d9969135b930be92c93aac7e3057b98410a43fd0af360ee02b88b9ad570d116	n/a	SilentBuilder
2022-03-30	4158679346.xls	xls	572f3c796c65fbb9a53d51fc20f4956df1f7b10b0bafe869f5dd6d6f4182a75a	n/a	SilentBuilder
2022-03-30	8305913887658518643.xls	xls	5caf0f3f5cec0ebbe50d63c21c3faa4f3d9a7ab08a4c4951e045c8906a7b6e09	n/a	SilentBuilder
2022-03-30	99040012194422597.xls	xls	9e011d77b179dc3075654faa2f570ff83e31cb879ef14891e49805831790a329	25.00%	SilentBuilder
2022-03-30	0778994400879406420.xls	xls	2872a3f29c0e2652d14465e6ce5d3d0413e0a9c8729674c30c07548844641006	n/a	SilentBuilder
2022-03-30	5730393279617262928.xls	xls	795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7	n/a	SilentBuilder
2022-03-30	9711825321457.xls	xls	8e9245a7ff1bf4c43cee8e3b568af8044010cbaa655b23ea98c86a5ac18ca472	n/a	SilentBuilder
2022-03-30	1159031785601.xls	xls	04be056f53e92105f9812020c5d320811132f9c1c52a169578a969c1385660c8	23.33%	Heodo
2022-03-29	331395299997684725.xls	xls	ba13b12a743a11e9e409585874d281e4485fc74010a1f9d1c06e950d67e8f808	n/a	SilentBuilder
2022-03-29	3613001884364648428.xls	xls	bbfd1a6119f3e1a55e92ffce783efd08f462e72b34095a96c3590100fce48077	n/a	Heodo
2022-03-29	617216459697.xls	xls	fa71482fa174e9b6b3a1a1b356349d522ae45132349656afae93182a187ba493	21.67%	SilentBuilder
2022-03-29	781298332505548558.xls	xls	6ddbab092ea3334218e1a42e8c21dacd63db67a4c382a78095e0712c06d9a667	21.67%	SilentBuilder
2022-03-29	3387926164028.xls	xls	6e6f952722835457bd1d3a0e02cd84ceb3f7eb875aedf6ba2efb5f200973bf96	23.73%	SilentBuilder
2022-03-29	09622868755721893.xls	xls	f65a94d6277859d9a378a87196fb29020f43daa4f319b0e64d292a3d15fc8b9a	n/a	SilentBuilder
2022-03-29	53895604164020818.xls	xls	54d08522ffbd96a675e5aea3d3658b9aeafed3508940f376269fdebe9a930237	23.33%	SilentBuilder
2022-03-29	76968865932863688.xls	xls	9ee8c765cc806dba9a3cb89ca942431c9b7fd2b539696103f96589c04703aad5	n/a	Heodo
2022-03-29	06169924880165.xls	xls	867434fed6520d51d6ab9e462cc33d2a09e120de7603f17cb852687812ffb18f	n/a	SilentBuilder
2022-03-29	9129300425642756298.xls	xls	5bff4b82853506733c25f44c2619c4c6d8c7a828eaa9d5efb088548c4b7ef559	n/a	SilentBuilder
2022-03-29	8231362898081839444.xls	xls	d32e7772c5e0a4b5efc90ec207f69a7e3339f692038776b1532299a837356aff	n/a	SilentBuilder
2022-03-29	8564788447.xls	xls	16edd2b91e319c859000e5b7f14b093ef09d72a10753d1c7a3452c1a059bf2a6	n/a	Heodo
2022-03-29	0019355439.xls	xls	73baef7a8bc37374ee8275b8aaf5fb16f78627b699d6705a3788eb71bc57aeaf	27.12%	SilentBuilder
2022-03-29	113924002282.xls	xls	c28b963c8ebc03cf18551688a0c512e5e27557ae0bacda77943bd6740ff3cdef	28.33%	SilentBuilder