URLhaus Database

You are currently viewing the URLhaus database entry for http://babursahinsaat.com/yeni/sites/pg-17754814-87050936-jel9-7hgoxwi0p/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:288480
URL: http://babursahinsaat.com/yeni/sites/pg-17754814-87050936-jel9-7hgoxwi0p/
URL Status:Offline
Host: babursahinsaat.com
Date added:2020-01-14 20:05:21 UTC
Threat:Malware download Malware download
Google Safe Browsing:Listed (Phishing)
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Not blocked
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2020-01-14 20:06:19 UTC to abuse{at}ni[dot]net[dot]tr)
Takedown time:1 day, 1 hours, 47 minutes Poor (down since 2020-01-15 21:53:49 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2020-01-15IW1791962224YZ.docdoc d497afabc9f95e52de2b44e62a03de53764ad772a44b5435500de43e92434a9fVirustotal results 32.20%Heodo
2020-01-15INV_PO_01152020EX.docdoc cd958479778f022baab419d6b96434981d657554a73431d466668e2262c08db2Virustotal results 21.67%Heodo
2020-01-15INV_84075550.docdoc 0e0a399c81d33e87b7aab322fbf562d8c4aae27cc067a553ee092f13bc71221dVirustotal results 24.19%Heodo
2020-01-15CQ2606419533PA.docdoc ae23c3284230d31527a8b2f8a4721cfa9d31535c93604fcd9be10894eeffc01bVirustotal results 18.33%Heodo
2020-01-15RP_PO_01152020EX.docdoc 9982b18660c6aa9b8419bd84843d2d578fd2afb2516782ac69f0e7f8eee4efb9Virustotal results 18.33%
2020-01-15E_FK3E3HLTENLK5U.docdoc e4fa19c4736ffb554aacdb6de08c4ad081fd55105dddc85b31eac5c6082e601bVirustotal results 18.33%
2020-01-15PAY_49188929260413.docdoc a7d4e714a1656fa280fa345e1956d3b62141ac7b29d8fc4563c85a5616f886aaVirustotal results 37.70%Heodo
2020-01-15X_PO_01152020EX.docdoc a5ab4f49f85a942911907bda864337b1506a94af7fcf9b00838fca0315e0b7a6n/aHeodo
2020-01-15FILE_622934444754503999.docdoc 17cbb232fc64e8c775b7ed47a28ec7a2cfaf6cca790994fad3c41fb60a648062Virustotal results 33.90%Heodo
2020-01-15PO_01152020EX.docdoc 958b22bd337775f2226fecdcadf9125b8bbcad2518c23d026fd87b0714af1b63Virustotal results 31.67%
2020-01-15REP_PO_01152020EX.docdoc 556f0f62580588094bb0d595bdbb880b58a48148af61569258c9a84653374cbbVirustotal results 30.65%Heodo
2020-01-14INV_PO_01152020EX.docdoc bbf79cb4aa35f097ee65fbf27c2808626e53c4460eeec58c2a828aa669b50b74Virustotal results 26.23%Heodo
2020-01-14FA3216205382TU.docdoc e8e877eb89bc1a478fee7e89597bcac889a3776e27aae4692b63920428f58e53Virustotal results 19.67%Heodo
2020-01-14RP_IN1803755582GX.docdoc ab64970192ee2528cbaf2bca407cd2f9b7a2cc8c8134973a4aa250afd2c18b57n/aHeodo