URLhaus Database

You are currently viewing the URLhaus database entry for http://gediksaglik.com/wp-includes/l5przd-dt-92393/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	287319
URL:	http://gediksaglik.com/wp-includes/l5przd-dt-92393/
URL Status:	Offline
Host:	gediksaglik.com
Date added:	2020-01-13 19:10:13 UTC
Last online:	2020-01-27 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-13 19:12:09 UTC to abuse{at}as42926[dot]net)
Takedown time:	13 days, 13 hours, 46 minutes (down since 2020-01-27 08:59:07 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-15	invoice-M400_1230.doc	doc	ced74a717f09aa4ee30f883e7140c28a91a1911384510acf14127ecd77ae577c	39.34%	Heodo
2020-01-15	Invoice I331_05380.doc	doc	778deae89ec045acee57fc11a0fa4caecdae059ed8b366eac5c0c6553075cd22	34.43%	Heodo
2020-01-15	Invoice E325_369.doc	doc	387b842a9903f350b0aec6eedf20fa0547a981cbf44f98732b4df63992a1558f	27.42%	Heodo
2020-01-15	Invoice_ZOZ92_526.doc	doc	abc61f312162f9df332438a4bbeec7b50ee4294b7ba314212f0b549bb14c08c8	27.87%	Heodo
2020-01-15	invoice-N007_70.doc	doc	dcedb53b529085ae7137a2988e6fae5bddcf56c9411337d2b8a2d449f0091086	24.19%	Heodo
2020-01-15	Invoice-NU14_39591.doc	doc	1fabb58144c2f9c747f5b159597f4c79eac43f28d291ab2b3ca814c2cf11258b	21.31%	Heodo
2020-01-15	INVOICE_S651_74.doc	doc	b7d6a9d883ceb3098ae6e82cb15a930133fd838486587f4f1fee1145cfc87b3e	22.95%
2020-01-15	Inv-I58_2761.doc	doc	96e249a1090aae9823e8caeb41b7880d7accce68daf01aeb720b17931be485e7	18.33%	Heodo
2020-01-15	Invoice-W234_64445.doc	doc	0be95290124a09aa4fb39e3c9069ee6c8078349d8fedc5694c2bf8e6291b4839	n/a	Heodo
2020-01-15	Invoice M38_07777.doc	doc	19a39820518f91c2a3d45a04e39658511d9da11c6285cd43830d62534fb62b2f	17.74%
2020-01-14	Invoice_JCL126_768.doc	doc	c912fbd5e3979ce3299c6cab4db775c4d86fcd1c779d4c2b402931f558484d99	16.67%	Heodo
2020-01-14	Inv_YH029_5531.doc	doc	9b812d6f768e7de4be8e12a32a010e64596ea5c583a830f8ef344e00df6e1d20	17.74%	Heodo
2020-01-14	Inv-V70_9556.doc	doc	574b2bb421e5876d279f08a21722a49102902d0a532730dc18a0051a9b53067f	18.03%	Heodo
2020-01-14	invoice GV92_49643.doc	doc	31dd37db91178b7322fb636945b684261911cf6efb80da7abe31315f8f5980af	16.39%	Heodo
2020-01-14	Invoice_FA998_122.doc	doc	e19211b7c079fa51a4c909460ad266587c4ac771648c802cb4af537d71e215bd	16.39%	Heodo
2020-01-14	invoice-ML600_0015.doc	doc	75eb88048fa201b46d96cca9fa12f4b4917232c3d963596554a6970d007a639e	13.33%	Heodo
2020-01-14	Inv-OOH60_1200.doc	doc	04899f2e89a00a9e6b019c7af86a24dd72d98328c91a7ba3a1a4e99d59f41e85	12.90%	Heodo
2020-01-14	invoice-NV039_29122.doc	doc	9da483dba842e1d6e0a0279b231c4088d2d69e0864cc837057eb78b177ed6d5a	12.90%	Heodo
2020-01-14	invoice_T94_3242.doc	doc	fae7e292b443e97b48949f711e94e1ee3c23e5e01cdcb3d890bb6c20d459d756	38.71%	Heodo
2020-01-14	Invoice N89_03.doc	doc	38306f435cab41dbc2b7719294dadb0854ee57b2e3d8e143bd3db4747ccf7fcb	38.33%	Heodo
2020-01-14	Invoice ZSP61_94.doc	doc	6384027a4dbfc0dcd5712a79436c9ad2cec5de14f6986091c07ce25b32e3d802	30.65%	Heodo
2020-01-14	Inv-DY994_65326.doc	doc	bbec91babc2513939b05530c6c50549b7d096c7bbd57e557b07d145f9d2c66e8	26.23%
2020-01-14	Inv-DGO665_39345.doc	doc	18b7a070ad16b8cfff48c011226af98c8df66202cf67b83d9229cad680bd053e	25.81%	Heodo
2020-01-13	Inv-TY375_3385.doc	doc	b096f29afe1925988127c55e6888cd8ef0c2a0f035841e7297e82ba223d66663	n/a
2020-01-13	INVOICE SR002_2482.doc	doc	0cc8aa9425011bd359ce2f1c6436de0f9c496296266a11741a4898687aea2fbd	35.48%	Heodo
2020-01-13	invoice_VLK908_147.doc	doc	273658cb6f95ae9ec4c1697e2e3552a9fd5e85996691be591edd20beb0897359	n/a	Heodo
2020-01-13	Inv U319_780.doc	doc	9b05c4b5d80df78be11361e5b04e0b47af0f8541579f2e3355a71a0632226041	27.42%
2020-01-13	Inv-T688_52.doc	doc	375560490c302576b872bcf697ee3f8499fd5f696dfde8f0df73e906229c51f0	25.81%