URLhaus Database

You are currently viewing the URLhaus database entry for http://138.97.105.238/Backup/edre/closed_section/lNGUzroo_34gEpycq2B_profile/254579057_7wm0aU7hyQhc/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	287536
URL:	http://138.97.105.238/Backup/edre/closed_section/lNGUzroo_34gEpycq2B_profile/254579057_7wm0aU7hyQhc/
URL Status:	Offline
Host:	138.97.105.238
Date added:	2020-01-13 23:47:11 UTC
Last online:	2020-01-27 08:XX:XX UTC
Threat:	Malware download
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-13 23:48:06 UTC to abuse{at}expedient[dot]com)
Takedown time:	13 days, 8 hours, 45 minutes (down since 2020-01-27 08:33:42 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-15	782-1857999.doc	doc	9e913e243c7afdd8ac60b37b1154fee238fee4d43277ce5abdf9ff8eabcec2dd	42.62%	Heodo
2020-01-15	Attachments_485899-85550.doc	doc	78616833085cfea2eb679516f1d7f7a22c930463f5d32622b2b5f3af4474021b	35.00%	Heodo
2020-01-15	Attachment.doc	doc	2a72d798a8c83d6eacf6b07c27ff4774da7d2b2a8b5e469cffaf22ac22a061a9	33.87%	Heodo
2020-01-15	Untitled_file 0173333_853623.doc	doc	35a6c928ace899581d72bbb94aecb90fc54a9ef85b852a12cc77ec1a7fd4a239	32.26%	Heodo
2020-01-15	attachments-853089202.doc	doc	b6b82abc3013b9508bc3ba643777642915ae96821173af69949b19506e67aef2	38.71%	Heodo
2020-01-15	Attachments.doc	doc	498ba73b01d20bf622b233b774f02d1f612e4ac63f2a7147e50219cd2ca14a12	35.48%	Heodo
2020-01-15	Untitled_file-871687 2242233756.doc	doc	285f500998c7cffde0ed4c2898adaef16fef8f6679b2be40b697b4b6ade4495d	32.26%	Heodo
2020-01-15	FILE 152.doc	doc	c41155d2e8ce4ee09707a46b488e2bb2c03c051f64b3808a3e817e092902ca74	29.51%	Heodo
2020-01-15	Untitled_124557_62087.doc	doc	b5843429f96a0800f2d98e232f3690da3dabd7410ff883690032f9819c4be1bc	25.81%	Heodo
2020-01-15	UNTITLED 7644173.doc	doc	98bb0f81197453d87b17ace9204d09b4fd741c54e3791545ece0ecbf0e70a07d	24.19%	Heodo
2020-01-15	Untitled.doc	doc	f0c8c7aa210e54d0a08ba7d62fff6ccc440d642115ff921cd2c38096962b2350	22.58%	Heodo
2020-01-15	Attachments_6085 985932.doc	doc	609637f33b697bf3cf03c6198e03538893f491cef1aa0894fe101dae3bf4b67d	18.03%	Heodo
2020-01-15	Untitled-577658.doc	doc	ecefe47cefcb37ce89e775b96dec3eddf6ffa0e3ca0f367b7e3b6cd36c3b1626	18.03%	Heodo
2020-01-15	Untitled.doc	doc	c758eda50e69cf30766e229c8a0e31a6ffd61ce8c06ccce6be7448668b19b002	18.03%	Heodo
2020-01-15	UNTITLED.doc	doc	eb7720d15e2ca5938cb439a13b187140ee9208b83488eb3d709a14d5f9178cd5	36.67%	Heodo
2020-01-15	Untitled_file 079941704 352103.doc	doc	c636c11066e62ea00c1ba222954ee31a971816b3c5fc4403b487ad4ff78332a7	32.20%	Heodo
2020-01-15	Untitled.doc	doc	d8d5b2b633ee63d37479e20677b732a78e17bc33409d6a9ef49a7f7a45cce08e	31.15%	Heodo
2020-01-15	Attachment.doc	doc	2488e751178a194ea6dda9997f7406bd0ecf72184d0c3e5926aefc4246efa1e7	31.15%	Heodo
2020-01-15	FILE-385807.doc	doc	abbac4cfe051493dc1f2e9622f16494e6dddd3bea503031cd4d178fadf50593e	31.15%	Heodo
2020-01-14	attachments-28479913_04726.doc	doc	94c08dc1525df7f0ed38e3c7b6b60c548e0e1387ecaf0691b835388d35d625e3	24.59%	Heodo
2020-01-14	Attachment.doc	doc	719cc760cdcd62afd663e6813781d494443f47988388cf0ba10ec6b93f74103a	n/a	Heodo
2020-01-14	attachments_019983309.doc	doc	4c1223741a1939b66319e3972456e7ea3c841c5caa2effb988690337597ee041	19.35%	Heodo
2020-01-14	Untitled 94656820393.doc	doc	332b8d880563f40f51b5ae8e3ece66e99c9a833c0958228c321f422ba98ac381	18.33%	Heodo
2020-01-14	Untitled_3275793302.doc	doc	98b79477e4f220891c9f9aa31f64337cf58acec560e7ab1506ad3dccdcfacb34	17.74%	Heodo
2020-01-14	attachments-71680847.doc	doc	5d1c744128c843bd6c8a922c3cff297906b92be3c61d28476831a1aa7d627482	18.33%	Heodo
2020-01-14	release_02967966162.doc	doc	30fb02af268a7f0fd4e12fb7d0ec2cbd2ed783cfbf7a87bfae05d1596c7f65c0	17.74%	Heodo
2020-01-14	proposal_996216406.doc	doc	1fbf985a4884bf0afc6d86d8bddf3cddfd2320ffcc53589dc7493b06da302ebb	17.74%	Heodo
2020-01-14	Untitled_file-7448168803.doc	doc	418d4bf645ebc12e28da5bb5de51656e77953f2f41804066b7576a6e7a00cf1e	18.03%	Heodo
2020-01-14	attachment-11838157.doc	doc	89e757ca21a67d9d8990b71adf7bf42e4a7613c0826fbbcb7abf02561df68db6	20.69%	Heodo
2020-01-14	Untitled-24742645.doc	doc	eeaf2d1387e1c3e12785eff4e0f804abfa7a43c41e45cc4849f763dddc94e5da	17.74%	Heodo
2020-01-14	Untitled 93814875408.doc	doc	99fb9b5fd3b72396164a8c5da4efe2fec50ef6e8aedd2a1964f02ba6a0611868	18.03%	Heodo
2020-01-14	attachments 821740020.doc	doc	4b7983f92708249c1ffdfec4942b21c05b623a46bd11235c56dc6ff1486663b3	16.13%	Heodo
2020-01-14	release-3473677.doc	doc	d62e005fce134fcc72bb3085c602be86b1b2311b123fd60cc3d7425822c419b1	40.32%	Heodo
2020-01-14	attachment_57417528725.doc	doc	4abef54041a141ffdf94146e58bc25b07f0cabed22d110d38ee3ce8fbfbdd9b2	n/a	Heodo
2020-01-14	proposal 3285273209.doc	doc	a8451e3d58ce089033e4ebed53857517e56aa0d0919a40fef5abe52efa9a390a	37.10%	Heodo
2020-01-14	FILE 07721312868.doc	doc	f93c3a6165225aa63f7ebb806ee66b44d93e345fbe23951180ee33b959821665	31.15%	Heodo
2020-01-14	Untitled 1217731682.doc	doc	ce2363eb383627bbfcb15972774ef3dd573a8b2921c5a615e72fec0eee9f2f6d	27.42%	Heodo
2020-01-14	Untitled-042959848094.doc	doc	2b516b9dfbc9515ce03bb72a7c5f1bc08bb71cfb3cbfb1bc0d88071ddda14994	25.81%	Heodo
2020-01-13	Attachments_81537669166.doc	doc	0c32cad7ef0e9ca89709be3c7e17d2e0f2fd61764a4463bc9e2c5bf8c934fe10	24.59%	Heodo