URLhaus Database

You are currently viewing the URLhaus database entry for http://www.cankamimarlik.com/b79b/docs/docs/igy9cmaa/ag19bqa-4120684-4756383-jkiunbvc9-dv9q1mzg/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	288707
URL:	http://www.cankamimarlik.com/b79b/docs/docs/igy9cmaa/ag19bqa-4120684-4756383-jkiunbvc9-dv9q1mzg/
URL Status:	Offline
Host:	www.cankamimarlik.com
Date added:	2020-01-15 02:29:03 UTC
Last online:	2020-01-21 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (Ticket DCU002246084 created on 2020-01-15 02:30:06 UTC)
Takedown time:	6 days, 15 hours, 45 minutes (down since 2020-01-21 18:15:21 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-17	0D9IYLJ34E.doc	doc	6b6f8f60c0f80168c9c338393aa392a54f17b3b2a8f749a75a8dd99ff874746b	37.70%	Heodo
2020-01-17	Q_MX2389366815VF.doc	doc	92f80243e6766c07a9eb3c8ef28eff839d1f23a112c0387911cda51154751b9a	38.71%
2020-01-17	ST_K4WTDR80.doc	doc	3043a168a6f8c789c5ee4620047e06b338793136d2b2346dbfb4b03aab593baa	37.10%	Heodo
2020-01-16	INV_PO_01172020EX.doc	doc	37b0389ffe84107582dcc9d62fc7091cc3a71915977dc69f605fb398902b3ce4	36.07%	Heodo
2020-01-16	REP_23877080.doc	doc	8aa03e0069da2642cdf2b5951f6fc50e9bbdacd01a38e0e6c8d636a1afd522c7	38.33%	Heodo
2020-01-16	INV_GLPXL5FH436K5AQ.doc	doc	d13b7bb583d3175a5a66a45e56f859a8ad4f514b8461da2c589fd74c69bc4b3e	35.00%	Heodo
2020-01-16	5732239741.doc	doc	e314c8b472db81404961016b49758c54595600e83fa2801d5cba0089cb8b2223	32.79%	Heodo
2020-01-16	RP_JW2932510717UF.doc	doc	d2ce1838da599f490397183272a746696999155f408cdd5da5d82c3ae1df24fa	29.51%	Heodo
2020-01-16	PAY_AN5930546457RW.doc	doc	3c99ebde95d760948c4ff5db925c0272ec89b8409d698aab26e5785a42c88243	26.83%
2020-01-16	RP_PO_01162020EX.doc	doc	dee80fcc93fdf28fb6d796015785e587e2fbc779c948f6ebc6f3a5628d54f905	n/a	Heodo
2020-01-16	REP_TKPAW4VIO4CBMTNA.doc	doc	95c0c04d9077e6700cdae6bd1f365a488cacb9ad029a7db67bcc29e9992331e7	26.23%	Heodo
2020-01-16	IYWX_28492999489085.doc	doc	9d8dbba8a0e996de7449c8dfe3136a7eea73a02e9b6f67a095c53c54abb04111	24.59%
2020-01-16	BAL_PO_01162020EX.doc	doc	149889ce5c8bb26fa5e97f596ef4a8b87614e01998f4bb57fb25c82ddd84453a	24.19%
2020-01-16	G_02215676488888756644.doc	doc	0524eb39455f37b42182c06c755ef5bd2f83f28b3878fb53d663aba6a6a9f780	22.95%
2020-01-16	REP_904F1CUIVDSHFX.doc	doc	791dc93ca83900c29d93fc3641d199b853413a23d3899b119ed619f9223cb20d	n/a	Heodo
2020-01-16	BAL_TPH_010120_KUU_011620.doc	doc	aa274ffa9f14d1c8b54c39e538a8209edbd3ed7dc4668c60c98eb6db3c11cecc	42.62%	Heodo
2020-01-16	FILE_35734547.doc	doc	13aa89755abbea10d5958e7b1d6d8440f1b6cb0d866e6ae70de9a7513e80e409	40.98%	Heodo
2020-01-16	FILE_FO1219361415EM.doc	doc	6356502847f02747fde34ac7489acade27cd431984d33bd7800cbd4ea1bade78	41.67%	Heodo
2020-01-15	BBN_010120_MXV_011620.doc	doc	8a8e9cf03bf716afc717c9f37e86050a9d95c576836b48423d8c1b495831a54a	40.00%
2020-01-15	BAL_U41CHZQ4YRB.doc	doc	2c40438076c3f7beb36d70f56c99baf764aa9c3936060204d6fdba9f27e6c847	34.43%	Heodo
2020-01-15	718767495893493554.doc	doc	61f43d8d0d62618d329f18de21403cf9df1977bfb0eacfe1e3466df8f00a15c2	33.87%	Heodo
2020-01-15	C_XTBDOENQLDH94W.doc	doc	325df5875941d1bf51f7c6099269c3396771f3188c57b74bd17c51373b32b1c8	32.26%	Heodo
2020-01-15	FC_PO_01152020EX.doc	doc	93ab67a92f697263656aeaeb5f01d856f25f562772e46a1a486dfcc777667020	33.33%	Heodo
2020-01-15	RP_AT7189462899IN.doc	doc	61e450c9b2d012e639e73a8f459d889848f7eb1398cf87fcc1d8fd66491ee1b5	19.64%	Heodo
2020-01-15	BAL_QN0127353572FQ.doc	doc	e4fa19c4736ffb554aacdb6de08c4ad081fd55105dddc85b31eac5c6082e601b	18.33%
2020-01-15	SW_WR1778759544WX.doc	doc	057ac2697bd018e68358f325e91046a8c714d7fd5ef788e0a9ae564bb6701cb2	n/a	Heodo
2020-01-15	RP_22265628.doc	doc	a5ab4f49f85a942911907bda864337b1506a94af7fcf9b00838fca0315e0b7a6	32.26%	Heodo
2020-01-15	10293188.doc	doc	53316d2f235578afb76c4e839aa953af8e9dfb9e6b17307c324a88e42d7e47f2	32.26%	Heodo
2020-01-15	SW_848229935157056228.doc	doc	958b22bd337775f2226fecdcadf9125b8bbcad2518c23d026fd87b0714af1b63	31.67%
2020-01-15	SW_PO_01152020EX.doc	doc	e05aa4d17d2a8ef068f246bb5e9328c81f3fb36cc872dfe49c8b45419df2087e	30.65%	Heodo