URLhaus Database

You are currently viewing the URLhaus database entry for http://demu.hu/wp-content/OCT/7nlshff45/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	272229
URL:	http://demu.hu/wp-content/OCT/7nlshff45/
URL Status:	Offline
Host:	demu.hu
Date added:	2019-12-19 01:31:03 UTC
Last online:	2019-12-20 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-12-19 01:32:02 UTC to abuse{at}telekom[dot]hu)
Takedown time:	1 day, 14 hours, 58 minutes (down since 2019-12-20 16:30:44 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-12-20	RP_9326039809260517.doc	doc	ec73667fc30c8368436cd8c0aaa3cbffca32fce2f4260c9c4bf9336364092fcb	27.87%	Heodo
2019-12-20	OQ3991887124MT.doc	doc	00879d4062050fddc9a7e92039861a0834489622d61fe49d036c2afd8183f5c0	28.33%
2019-12-20	RP_PO_12202019EX.doc	doc	8f62870ed7ba3a13c0f2552e3789de9221819090622393d8f689e7af17a42ebe	24.59%
2019-12-20	REP_WZ5128785353DQ.doc	doc	01eeaba88f533aa53037198694250d11dbaf6c58dc5fee29e4051d00da85dcf7	24.59%	Heodo
2019-12-20	29037978.doc	doc	19f2c7093452e7e5230593bed7cbcf8ce570ee2eadd6fa0513349c4f2dd4a175	n/a
2019-12-20	DOC_KKM3J3FS7BLPZ0OS.doc	doc	d3fd6f753f0bcd2229739ebe8d3f3670c2aa78d467b59bd782cb167daa41601b	36.07%	Heodo
2019-12-20	IXMZF6XG3.doc	doc	d10b8661fdf417f1700879f39275b0f3a37f6f3603935ce813f57b737618652c	35.48%	Heodo
2019-12-20	BAL_EZV_120119_SXJ_122019.doc	doc	9e4b17c8494ca6655aba67f946f92aedd8f8ee42ea7fd8fc952a5fe6e7d568ed	31.15%	Heodo
2019-12-20	PAY_ZAR_120119_LYM_122019.doc	doc	fecd749716a57e87ee47765a5c72b1a5c50fe8a8695a722aea8fa89537aeb30c	31.15%	Heodo
2019-12-19	SW_86SFOJP0AYVYT2LB.doc	doc	db9c24d60e35b197741ade1553584eb831f3ac5cd6515bbd62dc5a8b76ff192c	29.03%
2019-12-19	RP_UW1459926634JR.doc	doc	c7bfcf3bfc977d6c1d531a4130b95272b14fa81257fb70cab743b8437a731647	29.03%	Heodo
2019-12-19	BAL_ABJ_120119_QKP_121919.doc	doc	993376fd645a2166d8334370bdb297ffd0cad9d79b562ffc9f9aa8daef5ba80a	29.03%	Heodo
2019-12-19	CG2064086224ZQ.doc	doc	ad6b961455a212d6505b4b8b903b98a059789e6d046c1c8133b44d6dcae8ccc4	30.65%	Heodo
2019-12-19	INV_GL7255232091VJ.doc	doc	1667943cac3b754e8669bbd51cc61883aa9646b01311dbbe88c1a9028e5fa7a0	n/a	Heodo
2019-12-19	TK3729643753LJ.doc	doc	fe2df8c2f00264ad3e9114ed7ea45812d76bebdb5d780a5970aa559975a7ae4c	26.23%	Heodo
2019-12-19	RP_PO_12192019EX.doc	doc	5b6cc554583e44d7e69864ade8d2a79cb71683349e79b407f05ccec1dcac8eee	26.67%
2019-12-19	FILE_PO_12192019EX.doc	doc	cdeba1be6ff661149500bbcb2f45ac5db0c0af310c302a1bbf4439e1aea7bfaa	27.87%	Heodo
2019-12-19	INV_53344647050.doc	doc	0daa6de717e589ea8c3126e8d7047ad5304119e733a8ba96202115ae84adf049	24.59%	Heodo
2019-12-19	PW3584288681DH.doc	doc	d72a222b6080f71609f51e12cb182d8aa0b37224caf6281ae9a00474cd312e87	26.23%	Heodo
2019-12-19	SW_PO_12192019EX.doc	doc	829263c831f1b2b0cec4218df826504150f2b0c15acb1a72e09300d5cf23c115	25.81%	Heodo
2019-12-19	INV_KA9288151062GC.doc	doc	cb85f97a43fcc49c76da83312f8d2eeb134f4802d0f52420856fb219d76c9dc3	21.67%	Heodo
2019-12-19	REP_PO_12192019EX.doc	doc	ea8762cde8721bcd9d366dd2c0cae94ce0ec0f44a624b76335c464d49d368d96	22.58%	Heodo
2019-12-19	008447758211158165.doc	doc	71f19dcc7fd3480cc2540137e1495b376eba753530886e1651bf8cbc12033153	22.95%	Heodo
2019-12-19	SW_PO_12192019EX.doc	doc	dfde887979e2a371477ada84d0cecb56737421b00cb048f0186ab16146f11fcc	22.95%	Heodo
2019-12-19	PAY_9270852717323415.doc	doc	22461874b83b6287baadcf227b2e495c257af92469d2ac02f98270dbc3fca8e1	21.31%
2019-12-19	REP_EBI_120119_BKL_121919.doc	doc	dc19d868cbfccec6608b904b7220dd1384fe24e6137be714af752d6c5c86725f	n/a	Heodo
2019-12-19	DOC_PO_12192019EX.doc	doc	eece617e68c6bd59cba0abfe3a92b1bd28f333ded755fdeecdf32aa5d9369d44	30.51%	Heodo
2019-12-19	INV_6I0KVRXW.doc	doc	5858055c94e91c3d9d3c04d19ec5f4b2e741b26353926166833f40ccf4e4373f	24.59%
2019-12-19	N_Y9FQJXENA1.doc	doc	5c1e47797fb7912102e6ca3a83e6c3de46df47affac293ce9976c888f1200e56	25.81%	Heodo