URLhaus Database

You are currently viewing the URLhaus database entry for http://www.cankamimarlik.com/b79b/statement/6b9zy2/o-387360640-231081923-1n87-3ezq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	288705
URL:	http://www.cankamimarlik.com/b79b/statement/6b9zy2/o-387360640-231081923-1n87-3ezq/
URL Status:	Offline
Host:	www.cankamimarlik.com
Date added:	2020-01-15 02:25:03 UTC
Last online:	2020-01-21 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (Ticket DCU002246075 created on 2020-01-15 02:26:05 UTC)
Takedown time:	6 days, 15 hours, 49 minutes (down since 2020-01-21 18:15:21 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-17	FILE_45919306.doc	doc	be035f21045625171a259dea7ec7b6952cbc49b4be98c46341560e28ccd5b605	38.33%	Heodo
2020-01-17	PO_01172020EX.doc	doc	92f80243e6766c07a9eb3c8ef28eff839d1f23a112c0387911cda51154751b9a	38.71%
2020-01-17	RO2307743179CV.doc	doc	48844b331c7b74aac980dd55bd8d8388d187e2d3041712303c59644ef3fa16b7	36.07%
2020-01-16	XC_36387513.doc	doc	ec7daa97138174c5878ea751f64fc280edd5c475f1ad353be67afe6c74b2e857	37.10%	Heodo
2020-01-16	SW_PO_01172020EX.doc	doc	6251dc8ce7ed89205baf4e6a3d316ab1e4fd974b5507a102fe8a8dbbddcc47c9	37.10%	Heodo
2020-01-16	REP_31193675317334516.doc	doc	1f3e3d25e4bf6b2abe937cad881f13233701da7dbd9a165f895856e56e0e0ee3	36.07%	Heodo
2020-01-16	DOC_TQK82CYG1.doc	doc	a9c48a4f2a96384b1fe947448cb44eaadeb7c0a7754cd17a6899c7f6ae31f2e7	32.79%	Heodo
2020-01-16	RP_266562405422561192085560.doc	doc	d2ce1838da599f490397183272a746696999155f408cdd5da5d82c3ae1df24fa	29.51%	Heodo
2020-01-16	ST_71674SSD9.doc	doc	8bf5586fdf5c09bd987b2246b8a60988842d2b3ca683a4fdd6f0a698d17909b0	26.67%	Heodo
2020-01-16	FILE_SQ5XV5CG.doc	doc	dee80fcc93fdf28fb6d796015785e587e2fbc779c948f6ebc6f3a5628d54f905	26.23%	Heodo
2020-01-16	REP_OR1870199099FT.doc	doc	743632f16eaf4dffd8109a5ea7c14e341db9af20a96f44838a046b9c6b183fdc	25.86%	Heodo
2020-01-16	NG_75771623.doc	doc	fe6f474786ca7ae00ef0969337551f4f2b639e640014ba936d413e532bd994cb	24.19%	Heodo
2020-01-16	80721964.doc	doc	21222de7dc129cc2ceb960d884aab5660f053b0186d85f48f302257ae6075bd5	25.00%	Heodo
2020-01-16	INV_VNC_010120_MOW_011620.doc	doc	a7d3f5474bdca4af088225b9280da969e8678960b6768ab6944a72866252c9dc	25.42%	Heodo
2020-01-16	SW_9480163113508.doc	doc	a8daa5abd8b28562b74c89b4eb926bba5e5bfddc7746e95a5d4055896680ea69	22.58%	Heodo
2020-01-16	FILE_ENL_010120_QZP_011620.doc	doc	1811c88cd612722c68074102f9a909b3b8fbd412f4c6aa68837ad23c3162d166	44.07%	Heodo
2020-01-16	INV_14476881.doc	doc	95b02c0e112270751b5fe7a49866ed9d31594f0b8d26e823e2242bcc3b902b26	42.86%	Heodo
2020-01-16	VGZ_010120_TOH_011620.doc	doc	e986e2699cefda7e454ff5fcc49b5189f28820627ec920d2f4c2232d5412e64d	42.62%	Heodo
2020-01-16	FILE_LPJ_010120_JBQ_011620.doc	doc	6356502847f02747fde34ac7489acade27cd431984d33bd7800cbd4ea1bade78	41.67%	Heodo
2020-01-16	RP_LDC3RV9DIHQXS7JQ.doc	doc	ce8d4dd1617fb895654d24feaa3f6da3c4408ab00f22ec1c7adf958c9425c89e	41.67%
2020-01-15	014K8V1N.doc	doc	2c40438076c3f7beb36d70f56c99baf764aa9c3936060204d6fdba9f27e6c847	34.43%	Heodo
2020-01-15	FILE_PO_01152020EX.doc	doc	785feba560f2467465e64cec8a888b0ed5d477f94ce139eae8f6448508942595	33.87%	Heodo
2020-01-15	PO_01152020EX.doc	doc	60d2c8f3e62e237ab3c9d9f1e822485b7cb0751b9c389cb2230222adfd189a97	32.79%	Heodo
2020-01-15	RP_PO_01152020EX.doc	doc	33c109c33a748ebb55fa788c5a5f0b4e575d51e007a9961f0026ea079438091e	31.67%	Heodo
2020-01-15	ZT5524572284OD.doc	doc	f9e2be2a0caa6cefaf4283589b74bc8522504fcd989307520c9d9c9908cde5a9	18.03%
2020-01-15	V_AKRXC717IV.doc	doc	e4fa19c4736ffb554aacdb6de08c4ad081fd55105dddc85b31eac5c6082e601b	18.33%
2020-01-15	INV_67254376.doc	doc	d3edd09e8e4e9e89dbff176e69131f189175abf1a598c18593a3bb194fc45c2e	37.10%	Heodo
2020-01-15	ST_NK5780837369ZW.doc	doc	a5ab4f49f85a942911907bda864337b1506a94af7fcf9b00838fca0315e0b7a6	32.26%	Heodo
2020-01-15	INV_JS3266355539ZY.doc	doc	17cbb232fc64e8c775b7ed47a28ec7a2cfaf6cca790994fad3c41fb60a648062	33.90%	Heodo
2020-01-15	A_WBT_010120_WIC_011520.doc	doc	958b22bd337775f2226fecdcadf9125b8bbcad2518c23d026fd87b0714af1b63	31.67%
2020-01-15	ST_PO_01152020EX.doc	doc	14623bd34509c1ac8a864c3fe625904e41f5487ff211bb55fefc880db03eb83e	31.67%	Heodo