URLhaus Database

You are currently viewing the URLhaus database entry for http://adentarim.com.tr/cgi-bin/UP4HV1WD/q8-6184-85-ofzekyz-5aizbjhypp6/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	288945
URL:	http://adentarim.com.tr/cgi-bin/UP4HV1WD/q8-6184-85-ofzekyz-5aizbjhypp6/
URL Status:	Offline
Host:	adentarim.com.tr
Date added:	2020-01-15 10:38:07 UTC
Last online:	2020-01-21 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-01-15 10:40:04 UTC to abuse{at}dal[dot]net[dot]tr)
Takedown time:	6 days, 6 hours, 25 minutes (down since 2020-01-21 17:05:37 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-17	ST_BUB_010120_YDJ_011720.doc	doc	5451e1f69314addd99d5271ca08be2b86b149648a0aee6e472c4a070691bc4dc	19.67%	Heodo
2020-01-17	SW_58504674767.doc	doc	c09c7c6d5294ba3e6b09892d5972b1c7fc98cacc844c424632a73592e3cdbc03	20.00%	Heodo
2020-01-17	FILE_1523042852461064035624779.doc	doc	fe932814b9fb95baf473284ceff4af5ea1100e4893f5a8edfa54b607ab6cd996	18.33%	Heodo
2020-01-17	DOC_PO_01172020EX.doc	doc	37278a792abb805166b18e71b5ff929822059156a73f739e9633dc16984d28ce	19.30%	Heodo
2020-01-17	L_ZE4OU8ZZFP.doc	doc	7bb5fdc2f055e22227b6471aa23ea22c95fa0235bc96bb40893513d1fc6e6d76	18.03%	Heodo
2020-01-17	DOC_AFUWI3QJMYA9R3.doc	doc	b5b1a9c9342c9be2197fc3f9fc5c0a9138b052bfc06583f9719773397f567e34	43.55%	Heodo
2020-01-17	RP_13T9QDCTQ6E.doc	doc	7fa223be816eecc1cb7c1193221b48e9168524b565439f844ee97934774953eb	40.98%	Heodo
2020-01-17	REP_IYKV0P9.doc	doc	ebd7311c5dc78aa03e65a9b555f31969fb3a6c72f8988b3a667d6b6e002bc437	37.70%	Heodo
2020-01-17	INV_PV3754897863EZ.doc	doc	aee82de11a80817171ad5f8919164b13551cb4b3bb15b91362ce6626d2c067e5	37.70%	Heodo
2020-01-17	PAY_UEM_010120_UPU_011720.doc	doc	48844b331c7b74aac980dd55bd8d8388d187e2d3041712303c59644ef3fa16b7	36.07%
2020-01-16	5773658625864621626.doc	doc	8def2ac70c2cb43d56c337a19ca6897fbf20b5b6807070d75a50964408de45a9	37.10%	Heodo
2020-01-16	DOC_TPI_010120_WIM_011620.doc	doc	862b4995090776854a12fbf924213919016691e4c85ccfa384c7fa92e02e8591	36.07%	Heodo
2020-01-16	DOC_QZ4784895433JV.doc	doc	197816a9e68e03158bf632170ced910411b22478535810022ec413afaa23be3f	28.33%	Heodo
2020-01-16	DOC_BRE_010120_OZK_011620.doc	doc	e01f0d1e2f3493dd4ae4dce4cb3f9756c92ad2d7d28ffa495fd8abe649418e4c	24.59%	Heodo
2020-01-16	ST_CF12EN2NEQCZSMJE.doc	doc	8f7528de459c08404bb34b2b574940ad939445c0f2c6c701f5f220e4de5d7cd9	25.42%	Heodo
2020-01-16	70308082.doc	doc	865c9a15553f021279913a615733b64a3c7afc750d307d2913a5a12543ba9af5	22.81%	Heodo
2020-01-16	ST_XX5472156981NM.doc	doc	8cf507a5d6fd40526c9419ace90c17b9d91a6949229cd0f5c8afa750836dcf62	24.14%	Heodo
2020-01-16	INV_PO_01162020EX.doc	doc	e986e2699cefda7e454ff5fcc49b5189f28820627ec920d2f4c2232d5412e64d	42.62%	Heodo
2020-01-16	PO_01162020EX.doc	doc	6755b22aabcd9dae95e3e99cacfe217231c85f91ed30953a1afbeab582aba025	40.98%	Heodo
2020-01-16	01182814.doc	doc	01d706d0a5e27c62abe9a72200925c5e23ed3c309ea88354dfcb55b36437c3ea	40.98%	Heodo
2020-01-15	BI5754707744OY.doc	doc	e763d67d538e1928f4e54ed83171e2b9495156d4c51598d1ef77162faecac2d8	40.98%	Heodo
2020-01-15	KGT_PO_01162020EX.doc	doc	12ab5cc68abfb6224f3a261e8f75acfceb88288023db49fa25ccda6e6620bc76	34.43%	Heodo
2020-01-15	RP_QNYRK63PP180CCW.doc	doc	785feba560f2467465e64cec8a888b0ed5d477f94ce139eae8f6448508942595	n/a	Heodo
2020-01-15	0101340554197873886104622.doc	doc	d791ee2aac6bb4ca4437d45678f50c6ff87d5e6c41ec9a707a183a50be2c7f52	32.79%	Heodo
2020-01-15	FILE_DR6510111321VG.doc	doc	3bd995e4229e3d5adb81c3572c5278e730524b0774cc7a8c4ea710bc4be1ae33	32.20%	Heodo
2020-01-15	DOC_FX8633344916AA.doc	doc	a083e27319fc4272f5dfc596e80b48cc91875ba5a2c29787c159929292ebe02b	n/a	Heodo
2020-01-15	INV_PO_01152020EX.doc	doc	1ed83f7ed0265fbb7fa1006f405773d31c4b7069ebfbbb6086f0196160f3d143	n/a	Heodo
2020-01-15	PAY_SG8242341602BA.doc	doc	cd776c68266bdc9dc86cee87e3c792b2100546c13632f5404c8ab9016484c8fe	26.67%	Heodo
2020-01-15	INV_RM1475337437PI.doc	doc	04f04f3107a199ae3c5a4ffb960173fc3be31f5c86183d0cb27a23c927d6af45	n/a	Heodo
2020-01-15	PAY_OHY_010120_FTL_011520.doc	doc	e9f1c310320479dfb1302c7fff4316413d8671df442f0b3552ecf6d9561db46e	n/a
2020-01-15	PO_01152020EX.doc	doc	0e0a399c81d33e87b7aab322fbf562d8c4aae27cc067a553ee092f13bc71221d	24.19%	Heodo
2020-01-15	N_FK2918356845LC.doc	doc	ae23c3284230d31527a8b2f8a4721cfa9d31535c93604fcd9be10894eeffc01b	18.33%	Heodo