URLhaus Database

You are currently viewing the URLhaus database entry for http://www.uttarakhandghoomo.com/wordpress/INC/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	292574
URL:	http://www.uttarakhandghoomo.com/wordpress/INC/
URL Status:	Offline
Host:	www.uttarakhandghoomo.com
Date added:	2020-01-20 10:39:04 UTC
Last online:	2020-01-30 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (Ticket DCU002259572 created on 2020-01-20 10:40:05 UTC)
Takedown time:	10 days, 9 hours, 57 minutes (down since 2020-01-30 20:37:35 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-22	ST_EM8KCEC8FV9T5G.doc	doc	c4b215a59659e1c91fffadf971f2d9f6a0865a757e23c4ded707e894927c7837	26.09%	Heodo
2020-01-22	INV_WY4748530710QQ.doc	doc	609678cf042b2eef7db729034aeb79f91c90692e7182f94ba9a08b7854909ed4	29.03%	Heodo
2020-01-22	FILE_77068984.doc	doc	ae732e2481c442c721b9c70bbbafde35384fc2d9c8e8426e67eabd9863b3e009	26.23%
2020-01-22	6161729751284801871406192.doc	doc	2060f7df174027271307cce5c7a8ec61c05546b084780a80186d00fc343a2b0f	27.87%	Heodo
2020-01-22	PAY_105368580468598.doc	doc	336ab3a461e1a9206d529c38bf94f01e340884585fe63edd765c3fd0821f68e6	29.03%	Heodo
2020-01-22	ST_27880384.doc	doc	a85351653bf9a0c8c76db9f4c1076418ba4fface5c3a7f373d29186bf46732e0	25.42%	Heodo
2020-01-22	FILE_68613890.doc	doc	6386c6fdd8a1eb4f6fc7bf14c51236c53a6d7dc8419ff7add51d3a75c46d3610	20.97%	Heodo
2020-01-22	IFLNRAEHOALHVJ.doc	doc	a3bb6d6bcd9d88ac88e712c7414053eed187a6374f15e40ecdda06f08573ab44	20.00%
2020-01-22	BAL_KYL_010120_DBC_012220.doc	doc	6dd831fbe1f601834039bd80bbaf9b2bbe45f08d144b5d4ad5caa0e8135df998	20.00%
2020-01-22	J_19535426.doc	doc	1e54cd50a3b76b1793e808e5a24b2fce52575465d078bedf95d58b42d62ff7fb	20.00%
2020-01-22	REP_MLR3IAXB74PQ.doc	doc	6321d13c864a5af9a0a39e72120db0999714232489e7bf8461b8a795db19a222	19.67%	Heodo
2020-01-21	RP_RBU_010120_JET_012220.doc	doc	e7cfcc5924207c0384febd2ca4125ab12dc6c893443adf4fecf44f056f3e243c	20.97%	Heodo
2020-01-21	RP_HNB_010120_KXJ_012220.doc	doc	97e30189b2d55dda8919c75177d0ef9f6a7922a82a9d14b90f334d3a04a281ab	19.35%	Heodo
2020-01-21	INV_R859NNFTXDEU1SU.doc	doc	4a5b9b9742ab79ec97f03a713d79186193ea89fbdce64cc486bdfeb117c7e7bf	19.67%	Heodo
2020-01-21	FILE_FTC_010120_GBW_012120.doc	doc	3971d2f8dad1df7ae025551c02c685cf456405eb7ba164f380e38518f2d228ea	19.67%	Heodo
2020-01-21	RP_73809577.doc	doc	87f198aab109437e66b753398ed36d61115bcd349c900750ed31b89952b9f3bc	20.34%	Heodo
2020-01-21	75594794.doc	doc	fff53210bdb63327220fff3391a23e72f83f7224d0732a2993a962d3214adf38	20.00%	Heodo
2020-01-21	SDAM_15608895.doc	doc	2f2a0cf5f701e2014ef05a565aab080235be85106bd630e67bb5c9e1aabefad5	20.97%	Heodo
2020-01-21	RP_ABL_010120_UGT_012120.doc	doc	ce7997a982cda9e7c2591ab8566bbdc583595e079b68bb121820bd81bc0f5c7c	20.97%	Heodo
2020-01-21	RP_PO_01212020EX.doc	doc	61507dd50818260d95aaadcd23ed886f445d5c1afe613e53e1633c08ee5bdab8	n/a	Heodo
2020-01-21	REP_YSD_010120_GMX_012120.doc	doc	b3027e1a517aecd6ce516879fe1f0b6ccb4565a07aedac1df279f168ab71abd4	25.81%	Heodo
2020-01-21	K_I9T96IDK.doc	doc	01ab372c1239435dfa1408d630f4fa11960042bb5e58ec02c2b301c9d6a142e6	25.81%
2020-01-21	INV_XE1GS6WJX3F76YU.doc	doc	e4932995a94e0c841f96d023503d1a1bb8e8278fe5478a736b9a4cbc83283ab7	25.00%	Heodo
2020-01-21	ST_96975411.doc	doc	1a54c57512dbcac388648552cf8ec7536827af1c60f032cf6b3b6fc3197033c4	38.71%	Heodo
2020-01-21	CVQ_90019861.doc	doc	a02cad1bc2e1e070005d123abd1ed33ef20a502d65d597145a77c7f1983a8888	37.10%
2020-01-21	YV2990423170JT.doc	doc	072cc24887c1758229c7befd7344a81fcb6b04125c2a773a870b1a3f0ca917d0	n/a	Heodo
2020-01-21	6267293183863339.doc	doc	e25410f15ae5145a3b9fb099147c11d5ebb9839ef106c08b07b2aa53319d292e	n/a	Heodo
2020-01-21	Z_370886844347099291696.doc	doc	9eb87a1406bc1905c80510e1a4714254cf697f234f3e59d97b0b7a0b1ae69f2d	n/a	Heodo
2020-01-21	REP_05838716.doc	doc	852d7c2fe2e50b54bcc8b4bd89978251dbcf736f134ce9226fbb287d77394db9	26.67%
2020-01-21	T_SZ2913664855EG.doc	doc	ce417917d630c51e1bb6109039a5ce04622a3ca4ef6f05ed22256e1db647b5f9	26.67%	Heodo
2020-01-20	DOC_7040940075076831.doc	doc	1ea87b49c2446c87238b34dc111ec4a43ce7d35ccad27a5c61d601ff375dc6da	n/a	Heodo
2020-01-20	BAL_CCAZ08JN.doc	doc	67d56fd70045a83fe985eb978a43eeb2b0c2fbd7a032032a94a79999e1b802df	n/a	Heodo
2020-01-20	ST_PO_01202020EX.doc	doc	8b212105e4dd7b9d47c52091e38d101e89e4c2beed13016b478960b1ecbebb80	n/a	Heodo
2020-01-20	ST_1BHFS93JDNK5.doc	doc	7734b7567e0be38ff446e5f10780c4c5a7a424b938b04a98ee1114b91fc3bb0d	28.33%	Heodo
2020-01-20	REP_25485859.doc	doc	b16d36112cca3155b6cbef2da3016063331fb3e36f67c3ea1cfc45ffbffa858e	27.87%	Heodo
2020-01-20	WKAY_60782811.doc	doc	aa3c760924ba7c9087decd46d2af6ac7b5790dc6724f87102b5c9f3dcca76da0	n/a	Heodo
2020-01-20	SW_UQC_010120_QKE_012020.doc	doc	401366727856a23b5eaad06b1df4f9da0f5e59194b4699a4611e44ec39064cc3	27.87%	Heodo
2020-01-20	PBY_010120_DUM_012020.doc	doc	5f4d8154d77590f1ce6e87d58e6f5abe035861bb04b52fb33bd9817e094a1928	28.57%	Heodo
2020-01-20	BAL_YR7632798704TI.doc	doc	884facdfafba1a2e0680bcd8fb7bb26b01bb41480123c7a1be068e3c612cfc0a	27.12%	Heodo
2020-01-20	271410447022675547047.doc	doc	85f52ce0700048ef21e9b73d225f0466d5860521768a50f9f10bbf35836f5c60	28.33%	Heodo
2020-01-20	ST_FBAGZDV40XCGK.doc	doc	c9b678080ccb5769db65943649b9ec6468b150c65c65dd116a39c0bec4940825	n/a	Heodo
2020-01-20	QHP_010120_BTE_012020.doc	doc	b89d9eb1afa9efe104cd610869ea199a163d4aaa647a7c18a83acd81bdf40a76	24.59%	Heodo
2020-01-20	REP_7744749250928468575079118.doc	doc	847c6c247a39b31eec42ebe2e293b14b644d2791fa974fc1a456c4197307ad4b	25.00%	Heodo
2020-01-20	PO_01202020EX.doc	doc	cee1fe9ba8180b8e239586bb644d6f1383fe738b9a91df4071fa6018872aa2c3	n/a	Heodo
2020-01-20	KIQDBEXN773BK.doc	doc	4b3cc696ad4f26a10668d0f688b95b421c09bbb2193819af80dbcabd84c53936	26.23%	Heodo
2020-01-20	REP_IJL_010120_KGF_012020.doc	doc	681f8b29c5f12cb208390b3ac679f0e3b4e7622ad71a674014b24c379c708458	21.31%	Heodo