URLhaus Database

You are currently viewing the URLhaus database entry for http://ft.bem.unram.ac.id/wp-admin/50826943916/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	271132
URL:	http://ft.bem.unram.ac.id/wp-admin/50826943916/
URL Status:	Offline
Host:	ft.bem.unram.ac.id
Date added:	2019-12-17 23:56:07 UTC
Last online:	2019-12-23 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-12-17 23:58:02 UTC to azhari[dot]hasbi{at}unram[dot]ac[dot]id)
Takedown time:	5 days, 18 hours, 0 minutes (down since 2019-12-23 17:58:10 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-12-20	QI_96234600.doc	doc	00afdadfea0ee5ca8374606d28b848901e961048ab2572114383f42e2db78959	31.67%	Heodo
2019-12-19	BAL_89637639.doc	doc	6654c36357d506c482c80fadd76c10be4277a27dc8c2a487e3504728d03d5c3e	29.03%	Heodo
2019-12-19	FILE_PO_12202019EX.doc	doc	c47565767b41e8ee3afc13533f44790a8d5134d4401fbe561df065d7d34cf6bb	29.03%	Heodo
2019-12-19	DOC_6882491541455.doc	doc	6964014b69bade0d221fd7af866add333c9b60291bfc41bef70f42263a57d6c3	29.03%
2019-12-19	7HW2TH8UJB.doc	doc	8bdd8549703961fea334d73b51eec33f047efce2f623f1ab43826595d7d0e5f2	31.15%
2019-12-19	FILE_65951839.doc	doc	329915e7a80ca2eaa941d1e7dd96c6308f5cdf054dbf8e8d546ae0571e5ebd43	25.81%
2019-12-19	SW_18180529.doc	doc	3588991c8173834c8c413bbee1c1f5dce7f308ead3e9339e250c75e95459921b	27.87%	Heodo
2019-12-19	OJFL_WX9330676879HU.doc	doc	cab558382c472327262ec622f65f4af66a95270001ead6dd4872294b51f7c426	26.23%	Heodo
2019-12-19	REP_KR2265213565DP.doc	doc	d72a222b6080f71609f51e12cb182d8aa0b37224caf6281ae9a00474cd312e87	26.23%	Heodo
2019-12-19	FILE_PO_12192019EX.doc	doc	1735d3c1c0d1500169d6a078c16216336af67c126f9dc97046f18d8f3c5a7d86	25.81%	Heodo
2019-12-19	AE7796129408GE.doc	doc	af99044dda284f10eb4fcd1757f0aa82b623b3193b48a5fd3aa1ea0ea19ab041	26.23%
2019-12-19	DOC_56402042.doc	doc	6a209d185231e9b9e146b04a44e886d6387f51a8972bcb3f0b492f9c11e8c0c5	22.58%
2019-12-19	FILE_55831007.doc	doc	f8e09058c07066ec081facf80968b241051ed56f16ac468a976bf07e6e31770e	22.95%	Heodo
2019-12-19	BAL_PO_12192019EX.doc	doc	32b16c30ff6c2a8ffbe3afd1318566c3bda00191296af85b263639d894eb4600	22.95%	Heodo
2019-12-19	INV_XZY_120119_URM_121919.doc	doc	d07e31eaade7bce50c22b42f17be0e4db0083b8e6f884692b90399d483931f72	20.97%	Heodo
2019-12-19	REP_93692147.doc	doc	dac88026e19503104c7460e82892bf8c80344dca9aa806f070a2c8c3a8c92c47	30.65%	Heodo
2019-12-19	RP_RDT_120119_FEQ_121919.doc	doc	111fba0d860fd979a1989e2b6e69b9acc88907a853d66c088c5194ffbac8fb55	30.65%	Heodo
2019-12-19	A5X3XUX86D9YME.doc	doc	ca0774fb16973d2ece0be648b888e477193ddf8a4ee79065845e730a8c3015d2	24.19%	Heodo
2019-12-19	INV_GDQ_120119_TXR_121919.doc	doc	7b59717378331890255ad1aee1b7581861360cc08cb8285756a7ba1bf76a6bf6	24.59%	Heodo
2019-12-18	LFM_120119_FOI_121919.doc	doc	2f37a55acc32e7d59e31d6c98effdc3171e447d51f5aceea59451fe493461b9e	25.81%	Heodo
2019-12-18	DOC_EK0521177307DP.doc	doc	53c21d965d731f212e3c62743ad88519b2a4290af20dfadf8ba74762743317bd	27.12%	Heodo
2019-12-18	NH6480725647RB.doc	doc	3c343dbc7eda88227ce41d5722e11d89a0c4edad93a4d82a954fce768e563d79	24.19%	Heodo
2019-12-18	P_AL3008723966PJ.doc	doc	8b974a004a4926372021ced18f1b480e32367d38fb9e5e8e29ef08f9b03232f4	24.59%	Heodo
2019-12-18	NMVO_H59A1TCDIML6.doc	doc	6f2ee6ab0615008c2f192248ddd134e9128b5c40bcd96650dfd4ae5b971b3dc8	23.33%	Heodo
2019-12-18	PAY_SS1310198173TO.doc	doc	c67ebfab527d11f2dd8e7bd5e2b7ba17304cfd6e8452647b8283a721141940d1	n/a
2019-12-18	FILE_20317672.doc	doc	83e5d3dd6d2e1ae224de8d75ee08d3ab332823d3c845777db0e532bf80851c0e	21.05%	Heodo
2019-12-18	32911954175048790.doc	doc	267c6b931989c13475cfdd22641b07a8fe42059c916f87d6c3f186981e675709	n/a	Heodo
2019-12-18	INV_PGD_120119_LXF_121819.doc	doc	751bc11854450888ec606d7c725c004e83771068cfcb57409ae20ee399d7e5f6	21.05%	Heodo
2019-12-18	NNC_TP5487526814YL.doc	doc	d19458049a137e1bfcd3f580aeef39686b6e1ea204dbf4f4a3abf79bcde08016	42.62%
2019-12-18	R_34538488372232161872.doc	doc	53f9a8929a317cef9ef0be07118146e7ca56149c35b7552645999b1c6ebae147	n/a
2019-12-18	C_LCV_120119_BJR_121819.doc	doc	862593f0ec4b40cc1593362375fb3751cc51fc9f73e14dd6e5681c81433d3472	n/a	Heodo
2019-12-18	REP_JC5398212292TG.doc	doc	d93540d00b3e0df9c0d44218338d46c79dbbe156480a89c7f298ae1ededbc1d1	42.62%
2019-12-18	FILE_9FBOODVLDOXUI6.doc	doc	7c7fe6921fd0483b165be4f787c8d10c0cc92e33a275dee48ab6454ced2df79a	37.10%
2019-12-17	ST_SPG_120119_RFW_121819.doc	doc	ec3693c1ad6fed48599d92a32c5297216f97a0ae8dec0137dd35834b35e49639	36.07%	Heodo