URLhaus Database

You are currently viewing the URLhaus database entry for http://gravitel.org/wp-content/INC/TbQxSZJEoZInJEYtPTcgNVmCnJOpmk/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	241539
URL:	http://gravitel.org/wp-content/INC/TbQxSZJEoZInJEYtPTcgNVmCnJOpmk/
URL Status:	Offline
Host:	gravitel.org
Date added:	2019-10-09 06:12:29 UTC
Last online:	2019-10-20 19:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2019-10-09 06:14:20 UTC to lir{at}di-net[dot]ru)
Takedown time:	11 days, 12 hours, 54 minutes (down since 2019-10-20 19:08:36 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-10-11	DOC_EKJ57P46VL7EPK.doc	doc	eafeedc8839f64e7cc8c2dd9abef1f0934b65aee4a5716e5637acf79f7083f0a	37.74%	Heodo
2019-10-11	RE_5B2Z9PG6HNDBOT_H_10112019.doc	doc	bc6d39faad64e70a270ea4eb06fbcf05c459349b21ea6420f3a04ca23e3cfa3f	32.20%	Heodo
2019-10-11	FA_JT5IW4P4QL_UM.doc	doc	c8fc8eedc4b906accb507c39a0908bcf54bf11faadbbfe538d843f3638ef893d	33.90%	Heodo
2019-10-11	FA_4KZXXJX91.doc	doc	edd0ab17a61f95c20b02d9c7b58ef29911fc287846fdd80d6804d7e325e6b4e5	32.20%	Heodo
2019-10-11	FILE_93095300040593_10112019.doc	doc	33bd1e5d97265753389685d400934b69456479b92137b4b4ff0457e83e7aa8cb	33.33%	Heodo
2019-10-11	NMA1FB2OLM5Z.doc	doc	803eb60e4df6ced789199f41674ab0e5521dbb469d32ad3a2adfff2a7a2da2d7	30.61%
2019-10-10	INC_04519371399.doc	doc	51de13d18a23740342f1c681de4cb6c2baf116f2a4df4730c5338439d05823e4	35.59%	Heodo
2019-10-10	LLC_30304774707.doc	doc	47cad341e26f67d00adaf1c4e3d0adf77eafd64d24999e35500e364f046361dd	n/a	Heodo
2019-10-10	INC_3KBDYEK8TVI748_ZM_10102019.doc	doc	7a8a800c29c6e9dbf732d98fd5eccb9e78078101fee30d287dc534e83e58a22d	n/a	Heodo
2019-10-10	INC_GAKX01GEYU_10102019.doc	doc	cc88b6c2e36692379df13967b38df23ea41e6e39403ea6da5bd20097c74d4142	31.58%	Heodo
2019-10-10	NO8Y09KYKZ4TR_10102019.doc	doc	2edaea083ea39aab08670d19867627d5516f1f78efff05973e3524c3f897a4c9	27.78%	Heodo
2019-10-10	LLC_7707248709.doc	doc	cc4e1646b1d94db4dae3f14ca2a85a2c46fc3ed193833e0913959b4a07904e64	30.51%	Heodo
2019-10-10	812758239925.doc	doc	8a55de0566e608798651dff59eaf776fc3a270c09091862fe1e0a089a9a68122	30.51%	Heodo
2019-10-10	SCAN_0612054224627_U.doc	doc	9b3076d6ab321a0bfc1762f3f24fa1896f3bcdfdc9fe22081a37a11a92b4ff74	32.69%	Heodo
2019-10-10	SCAN_7762124428642_PPZ.doc	doc	cc82bc7177f26107263871628ac0c38e385d8f26010182f0f7fd6352221fca33	26.32%
2019-10-10	DJI_26952160151255806.doc	doc	a9c3dd24c5d7018ede1f2c2ed330ac15462510f7bffcaaf8badbdb5a4da623ae	25.86%
2019-10-10	FA_QRS5Q8P3M.doc	doc	396d30709bc95e4e35aa4f3555c72763de26c34ab5b2eb64b1712d287da7ae9e	26.92%	Heodo
2019-10-10	INC_039433175313.doc	doc	6fdaa046ff8def5c39cb32e45cb3755f9997d46fe8db480f1659f6b48f9f9bac	25.00%
2019-10-10	GKTJ9SEF0NOE09E_10102019.doc	doc	f75488fdecc020cb293614a8864c2108c3406975002d525853e3e1906cda5125	26.42%
2019-10-10	SCAN_3803519558563_UR.doc	doc	b95fe809d7d628b0f222e07defab508432feaf10b7793dbf665671987ddda6e6	25.53%
2019-10-10	SCAN_BO2OWWY5JBP.doc	doc	361b9eb186d6b5b0cb035335a8b2ed19979af4d7f407455891188860f1b82fde	25.42%
2019-10-10	FA_MYZNXIWJ5GRQM.doc	doc	463b181c8a2ab03ea6d9de29ba46f49516d937f5b20c81784bc4baa94efc5fee	25.00%	Heodo
2019-10-10	DOC_S2IMO4X2ARORMT.doc	doc	9721c4330f905e38fab4232eb4971bfea42bf5195b9953e371ca272e5a93f4b8	25.86%	Heodo
2019-10-10	FA_8161648057850.doc	doc	82822a6d9b3d52a07fb3de64bdeefcbe471e2fb5fa06d31452c07a7c0b71c6ad	24.14%	Heodo
2019-10-10	DOC_6172923738260909_10102019.doc	doc	6d12ec981fc193f0f70e1396c9b5d1c687a0f922e8d3abef29aea87a92c97603	40.68%
2019-10-10	SCAN_GXE5063XJTB.doc	doc	58eded6711ac307b2b48e309d869ed1c4d88c6a23815973779b6d610704a3f12	n/a
2019-10-10	DOC_V00I8G7FKI_A.doc	doc	4ce3cd5384e274663b11c2b145e0ae0eced9b2061864841ac0adb8f30977ea37	38.98%	Heodo
2019-10-10	FA_94ZVG90KQY98IIR.doc	doc	7344c6d38f46a38419082b72d7ee3d622be05dc86c93e87f55600942b8da470e	n/a	Heodo
2019-10-10	LLC_5933758448956525_O_10102019.doc	doc	0c421092cfe868bfc29d2e6f007bf424f8d02edf05fda335f832f5d67fa57d27	33.93%
2019-10-10	FILE_G5F6W0B8W2_PIB.doc	doc	81df3c431ac69a6e7e3a86c8dadb02988b5babec45dc15e7c7ef71bd566fe262	36.21%	Heodo
2019-10-10	BL_681152748834146.doc	doc	c0e484299000d1bfa92236a4e9dddbff222c9da2d7176c7714737def791a27f3	33.33%	Heodo
2019-10-10	DOC_4885216050973889_SRL.doc	doc	93d3e110f803099c89c63c9e08bece512f373ea47bb55949e2fc9c3d221c6370	n/a	Heodo
2019-10-10	74059199980888376_V.doc	doc	6da107e20a4bde15076e46114cd08f53e2a082c6afd30a36b05de9b97fa66474	34.48%	Heodo
2019-10-10	FT_CSH51ONP4ACG1.doc	doc	b4dd04c27697f3b87422d720c09d3a81af3823ba993e20e05de8a285932f047c	30.00%	Heodo
2019-10-10	INC_3976593914272_10102019.doc	doc	144d03ea075288b15252acf044fc37f946c00e044fe29ede864507d477c3129d	30.00%	Heodo
2019-10-10	FA_DJOQJFVY49GOAA2_I_10102019.doc	doc	f6656a930a16a48259f70d4042f09c64afb7d19cc29e17ce719ea4840eb68e6a	n/a	Heodo
2019-10-10	SCAN_447847447849678_BN.doc	doc	fc13915dcf6948edbe4bb35e72d68abc124fd2703b6d7cb8e54901b490010a75	30.51%	Heodo
2019-10-10	DOC_79S06EN5DPWQAX6.doc	doc	6cadae1df63f52f3abcb5a95d3d4fe31b90f238da742e61e8edc716373a52375	29.82%	Heodo
2019-10-10	LLC_S49KE71CCW7JD4I.doc	doc	4fc7f7b3f725c62a8cbc0ebdb3ce31b92406bd9fd895823d08e478c5440d3e36	30.51%	Heodo
2019-10-10	RE_34222927347.doc	doc	e333768e423c4aa3e8d064045ab3245ce04700293b0ea520ebf5e5475ebf8da4	27.12%	Heodo
2019-10-10	6481045062686.doc	doc	15d5d87f6ba3c6aee2c9a3f3bc9c4f83f6c42ed0ea305eec19c678160d6d15b3	27.59%
2019-10-10	FT_UFSSKSKHQLB87V.doc	doc	8f9307bb59d42b4317ed47e23470dc886580d809a3caa7026614baa348dd50e2	26.67%	Heodo
2019-10-10	DOC_3268876121_FC_10102019.doc	doc	4f25f7d86cf0f77dc97ebd3184a7e03e8da522ad421766bb559b8f928e53cd45	27.12%	Heodo
2019-10-09	DOC_BALD5Q2XYT.doc	doc	fcda00e376d44602c901c96c3a681e04a68ccf5e78ab8eb476872998eb23ad27	28.81%
2019-10-09	DOC_12745346721650_VAK.doc	doc	ab90dea096c0cd0114ae6aaf4fa406b524a5f503d2a5188a7742403c8cf48a33	28.81%	Heodo
2019-10-09	FT_6EC46BDU8AP66_10102019.doc	doc	746b0fb6a5475d9362ae677bd66041c4bf14a17adb5516546ca3393eaabeebc5	25.42%	Heodo
2019-10-09	DA_0W4PYZ8HI_U.doc	doc	72e80950c7a2f21ef7f6934e4fae280f8401fe83de4d6995fba8e0dfc559ef53	25.42%	Heodo
2019-10-09	RE_35172518703491.doc	doc	57f050a32c6ebd5ee2dfc81069588a910df9917b9770db07d84b5242629fa012	27.12%	Heodo
2019-10-09	GH_4993819084592498_10102019.doc	doc	b48704fe8b054beb0191bc2d7fcca10ac463af8fc2d9cb232026ec4c4aac92e6	27.12%	Heodo
2019-10-09	KJQRDGSW63_10092019.doc	doc	f19c01010e1074a20dab25d568e6459c73ad15d1866d8f701960eaf78d945c26	28.07%	Heodo
2019-10-09	NHI_68566078008018710_OQF_10092019.doc	doc	e1a5c331ed5d89af9ed1bd575692f6f5a7f80775cb43aa338becfd0019eb8442	26.67%	Heodo
2019-10-09	FT_2695106375.doc	doc	7222676fa925ced8216a6173b82d365e994e644690b628d33102d13d6ddd37c4	27.12%
2019-10-09	LLC_18271572159963_R.doc	doc	864b8b9d2b33b2902a9795d894be4833fa1e1fb62c79b45dfa292c8d5b2d5fde	27.12%	Heodo
2019-10-09	LLC_EZX0D12CMA0T_EYN.doc	doc	95dca0e1440d64cd9b0a1f67381772e46ec1828e77e48544239f031300382def	26.67%
2019-10-09	LLC_P7QW3PFF9.doc	doc	227111ce7f8b8b2fdc4bbd53fab958b27e33feebd790ee17ba8d06da410fac10	27.12%	Heodo
2019-10-09	INC_6JX78QJDSF5Z.doc	doc	534e91a24004f6a7738d6ea5a566447853a093f279603ec098964596322afd62	n/a	Heodo
2019-10-09	INC_72RBB9SBZZKV7H4_10092019.doc	doc	680e0f26be549bf15d1c04358e331056889a26edd605ff2870680b7f9cc83d53	27.12%	Heodo
2019-10-09	RE_J77NXOZ9DBZ.doc	doc	45d8f08d687befefa8950853a1dc483c2b5d2df3012ee15c45e166673330a12b	26.67%	Heodo
2019-10-09	SCAN_76482285657052496_IL.doc	doc	072a7e6f654adb46e871bab6b3e6a43a8021ac60a7cb4f1659596b79fac0d5db	25.86%	Heodo
2019-10-09	DOC_J31BJ07F0BIW.doc	doc	717415998233e6c11784a3d7de4c81cbd1cf1631e0c7c37ad2fca26d8c8f4b03	25.00%
2019-10-09	FT_48766362713145.doc	doc	a5c3f1dc9c03fe2df101ea82a64fc7b2d8c3aee0bf3e0d265c1cbf3da2ad8815	25.42%	Heodo
2019-10-09	RE_4UBM42HJAYU_CQU_10092019.doc	doc	ab47a7deb307f5d70096f44b7698c17c814d0cc9b37dafebefd1759b64ced6b8	28.07%	Heodo
2019-10-09	DOC_7M2YTP036_CAO.doc	doc	765e97c7ce884767fc2038e235edd2dd1a81a78d2c10a9b93d4c88a098dc7e37	25.00%	Heodo
2019-10-09	BL_91275255336_B_10092019.doc	doc	83b5e481119a6df670ccf18d3a18b16d8d44c503fd15dfbfe0cb43afdebebaaf	25.42%	Heodo
2019-10-09	DOC_0P0AWGNRM_IRM.doc	doc	8b5db5a8fb38b8ae91a42ef038d1a9404dc3237c57cbf208ec17cb80b3440dcd	25.00%	Heodo
2019-10-09	67497455197202.doc	doc	42105c19ae3c59353da42fd93f7d1e418fdbf47ddd14b057708b31a9115edfdd	n/a	Heodo
2019-10-09	Z1N3WX8LI_10092019.doc	doc	051e6598ac379949458a7cc477846784ec21a6c5d4050395a87851db626becd1	25.42%
2019-10-09	DOC_VN8CCDF1BCJ1V_E.doc	doc	6b402b98e05150b7cd6cfe353232c9c90edc357c900487e7fd60adcc2b4ccb66	20.69%	Heodo
2019-10-09	SCAN_MMCFNLM3D6.doc	doc	fd50554b37b4bbd917bcd4ca8d79fc5cde03c68176430512f68af16a6f5439da	20.34%	Heodo
2019-10-09	DOC_C8E7EPHM9OEFYVL.doc	doc	bc0b6c060df94512811bed06c66e36528b6cbd2bb0861ed4cd1ca0be3956f836	20.34%	Heodo
2019-10-09	INC_1053660462920_DL_10092019.doc	doc	69aa75b522f9d32a2d9a58bcc7d72cc7a389b889844b1cb56431d25546bb0227	n/a	Heodo
2019-10-09	P3UGTLNOHQSN5.doc	doc	764be4e80aca56a9c315869b45ff6c2fbfc4a9ff24e0252ed19a1e1f2a17f2ea	20.69%	Heodo
2019-10-09	PB_8Z7FHKESP2_IZF_10092019.doc	doc	2f39759fe463f2863e147b4613ba800e82858c41c2d840053e8ff6f97e49fa30	20.34%	Heodo
2019-10-09	FT_V0Q69COA7BO.doc	doc	6d259f0fe9e4df9055b7c5dbcbd92f4673952ffa3023e4407db60350b3b82937	20.34%	Heodo
2019-10-09	645296993810_EJW.doc	doc	a1360aaf0123b9b2fbadf26ef1179696232af15c356dad56f0a3819164e6bb5f	21.05%	Heodo
2019-10-09	583753249906.doc	doc	c2e96967dfa38d75c6b1294b2bbaf318950edf1337aa779b7c7fc05b732fa478	22.03%	Heodo
2019-10-09	XQY0087N79ETZE_VU_10092019.doc	doc	e87bb68914c0ef7b9f18211e433f91bc4a6c4d82eba8436d98dce32167ffc1f9	36.67%	Heodo