URLhaus Database

You are currently viewing the URLhaus database entry for http://genccagdas.com.tr/assets/MRzxnRKVcE43yeQx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2123270
URL:	http://genccagdas.com.tr/assets/MRzxnRKVcE43yeQx/
URL Status:	Offline
Host:	genccagdas.com.tr
Date added:	2022-03-30 21:24:05 UTC
Last online:	2022-08-11 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 21:25:06 UTC to abuse{at}trdns[dot]com)
Takedown time:	4 months, 13 days, 11 hours, 24 minutes (down since 2022-08-11 08:49:32 UTC)
Tags:	emotet epoch4 heodo SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-01	YQO-16018997564.xlsm	xlsm	f23c909e93da5046220289a169b11f2e4425e3d46a97ac879fa01d36a223d366	45.90%	Heodo
2022-04-01	AWF-388899394719873.xlsm	xlsm	a068e4ae3d4eb8e24837270bf32d462f6abc2a28b5f416520cc5874085ab533a	n/a	Heodo
2022-04-01	KYM-6715888929.xlsm	xlsm	0b569b4831594fab8660fe3693ef3035fd3a732d7d1a7d52d3a953fedf83408c	n/a	Heodo
2022-04-01	QK-9839514458753.xlsm	xlsm	8d85241fa9e4b815618a159681381b11248ae1d6ebac31af9036814028b205ec	n/a	Heodo
2022-04-01	VAM-9807491610.xlsm	xlsm	dd701c6097144f29f8fbdddc93a18a1c0ce3c3b51d5b4f0c6683e906ba8426d9	42.86%	Heodo
2022-04-01	VPK-71866622247.xlsm	xlsm	de11fbbfacd6c871dc2033f96f1dacb1815ef7122825f3a2fd1fbcc9459ce4ce	n/a	Heodo
2022-04-01	PBU-5697547.xlsm	xlsm	b67f378396a813307cf0d9d7c4f272be83010272fcfa9af1791b517cf4f1ba05	42.62%	Heodo
2022-04-01	FJ-6699448182.xlsm	xlsm	d5e9766c94d91e4da90999a0ea0d9a7b3918973c857c7f9faca5686288b53db2	n/a	Heodo
2022-04-01	MAU-95912431.xlsm	xlsm	12defc6352bb846667f7048ac22b5ba0a7bededbfdc06aba79c5629671d59f33	44.44%	Heodo
2022-04-01	EG-4747201148044.xlsm	xlsm	f29f0ba02cb498dad7d65453ecc558f159db3694f8f5cdba8d96fe63fb61d986	41.94%	Heodo
2022-04-01	KYX-465825731613391.xlsm	xlsm	4ae4ca72fe760544514f37bb851baa845776b0dd55a78172d28a1d9ad185bed9	39.68%	Heodo
2022-04-01	MRB-63135391048.xlsm	xlsm	606cbdc0ecdc8c68efea96696850b401a2f42925109a960adc15b100ad3c8175	n/a	Heodo
2022-04-01	JTY-5263001.xlsm	xlsm	b25b9d420c3585bd014abd2e590a74feab98bbb0ee612c465a5e152b28c67e0b	n/a	Heodo
2022-04-01	OQ-139719188892276.xlsm	xlsm	e487c02def7287335acf2278332f27a4a585960d8ba68a14c0b8370535440c3c	43.55%	Heodo
2022-04-01	EB-6011828.xlsm	xlsm	4fe9cdc6b35e9992d206f5a0bb6ebcb063618ed502e651ba2f5c014a2aea5776	n/a	Heodo
2022-04-01	WKQ-8875399254369.xlsm	xlsm	525f6667c0439d7c21905eb0aec33c64c4b4ee34d0f3896f67f5140927b44d90	42.62%	Heodo
2022-04-01	FF-0239187786.xlsm	xlsm	b42ac7850efc6c39b4c7db61d4be9a131d78b545eaaa868dab373c45bff2fd72	n/a	Heodo
2022-04-01	BZV-65256839814.xlsm	xlsm	2a6631c9dcb2385c65248a43d84d9d2063d4c0bec3ef9325c437a5ee31ef4dd6	39.68%	Heodo
2022-04-01	WOU-3752375241.xlsm	xlsm	7347e4cf31a837aec00dd4d093a63e3f2b67a89b6af8965707c47717e8075482	n/a	Heodo
2022-04-01	WL-6781526854.xlsm	xlsm	9ae3ff917d99c0e0ba1f6dde3bcfebd781ab332d65552b032855ca627606cccb	n/a	Heodo
2022-04-01	HF-7729163609.xlsm	xlsm	dbf83f486a7c984113454c8adbaf67592ca234b8918c265d2f37e174aa0bc1ea	n/a	Heodo
2022-04-01	QVJ-90682976938561.xlsm	xlsm	4c7b060bb7b1693ef3943692ce9c62204426393f9af92ca39c4c57e09b03cc25	n/a	c8fc17ff030feb3383d8889f69abbb
2022-04-01	GET-2668019323675.xlsm	xlsm	73dc0a16c8430b50b28054c9e0b1e54cc8174554e7b63b4e2fa4be17c3cac1d6	n/a	Heodo
2022-04-01	SA-33327655.xlsm	xlsm	3390185d81ea6becb7bb5c59f26400a3c75b99da77bd95eb76e9417ca984b4df	n/a	Heodo
2022-04-01	DO-23341110599.xlsm	xlsm	55af29e8285944f573d931d856bd099dac92ab1868000f8346d13a0bce7f1e3d	n/a	Heodo
2022-03-31	NOY-55569119008.xlsm	xlsm	172069d53028518eba0b857e88be2520acea926685cda54cc456c55d3f94d5f3	n/a	Heodo
2022-03-31	NB-2165089211514.xlsm	xlsm	bbf1ee7ac4c4ec95b8f5be027d6d0063d9067480f0bd4f7efcdbeeaa827dceef	n/a	Heodo
2022-03-31	SE-88247930227.xlsm	xlsm	5144b4176d2f9e56ad483565884642378be09039de1f2a353cb355c00dfa1894	n/a	Heodo
2022-03-31	CAE-8831640798945.xlsm	xlsm	441ae7dcf7d20f39dce4201542202d7c62c067457d1476c2bda9c819979879eb	40.98%	Heodo
2022-03-31	RTT-4231026162.xlsm	xlsm	0baff6c11648937580735dcff8208034790a0e1ee649431e79b2b6221d825c40	44.26%	Heodo
2022-03-31	PIF-199524063861.xlsm	xlsm	0a23b203754e6a043fa99f6cf518c8ffa19a34557a7471edad072d54c4a76dac	42.86%	Heodo
2022-03-31	QJ-04608238367.xlsm	xlsm	46c4bca622e4ec244f8999280567cf11b73d31d875ea21c347d737e6605992ab	n/a	Heodo
2022-03-31	OAO-75766535015058.xlsm	xlsm	48f3f48c930933448b555efe67aa364e098504f2273ec2a4792803cb4a21b8bd	40.98%	Heodo
2022-03-31	FML-236090074564.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	WVQ-8160928.xlsm	xlsm	5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366	n/a	Heodo
2022-03-31	JY-2263843461.xlsm	xlsm	9098c46a233798193c0587711f5a9be2a4aa97567db08504452748dde516053a	n/a	Heodo
2022-03-31	TWJ-159791160022044.xlsm	xlsm	96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51	41.94%	Heodo
2022-03-31	GBZ-4597027.xlsm	xlsm	484ac30b71e02b553efb54dd38ddc6e86610a68995e280411a4b9f30c8630c77	n/a	Heodo
2022-03-31	WDN-6750024.xlsm	xlsm	d4f941f7232c98be2d39a4a97edcad5b4648430bb60ad5a21747b37e705ff2d2	n/a	Heodo
2022-03-31	WAB-968757715849.xlsm	xlsm	4f1ab8d0a0a6f8a7964b32b8a4bdd94bad95e6774501cf7685028a40efc761e2	n/a	Heodo
2022-03-31	QIA-469254818762533.xlsm	xlsm	162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231	n/a	Heodo
2022-03-31	FHZ-844142324105724.xlsm	xlsm	ecfb46439586ddfd60ed5763f7b103d7487e94bf095208d8967dd838c5a68c27	n/a	Heodo
2022-03-30	WJR-78510898301.xlsm	xlsm	b4f7a7bd6f99c0ea09617160e6bf753419f6d731901828662049ac8abfed4959	36.51%	Heodo
2022-03-30	BW-0010140621520.xlsm	xlsm	533372e6130ad44ced6eae30ab3af8be4ae172cc7585719b61074bb861f2dbbe	n/a	Heodo
2022-03-30	OJD-733223345900694.xlsm	xlsm	168a9aa1b5fa37a354fd6ccba71dcd29cbcd503a578504c69feb38bd84a8a691	30.65%	Heodo
2022-03-30	NZB-488255079.xls	xls	f3101b6d16751623f8a025bfbf75ae9a32c68b534dccbab4452ee72a9fbe0f5f	28.33%	SilentBuilder