URLhaus Database

You are currently viewing the URLhaus database entry for https://ghltkd.000webhostapp.com/wp-admin/sites/5mohqk00/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	293201
URL:	https://ghltkd.000webhostapp.com/wp-admin/sites/5mohqk00/
URL Status:	Offline
Host:	ghltkd.000webhostapp.com
Date added:	2020-01-21 04:12:06 UTC
Last online:	2020-01-25 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-01-21 04:14:03 UTC to abuse{at}hostinger[dot]com)
Takedown time:	4 days, 3 hours, 39 minutes (down since 2020-01-25 07:53:46 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-23	PO_01232020EX.doc	doc	91b43a10d55096d465d155a3e02a19afe445cee2649e7a9202a2ee2b54ecb45a	30.16%	Heodo
2020-01-23	NX2100865529WC.doc	doc	9af2280771f435166b53ce4682f2cedf9072877a0fd338920e1a7ae4434c47ca	30.16%	Heodo
2020-01-23	W_VN1045246321QC.doc	doc	a7da95cc5af2d5b4e1d2b4e16f96007855b5783f4383c199878f2230aaf11453	32.26%	Heodo
2020-01-23	BAL_PO_01232020EX.doc	doc	e63aa1c3401d847d86e7d7a0183b1b09932060991feb79d6e2b775a27f30c36b	30.65%
2020-01-23	DOC_1579136887403273532470.doc	doc	c902819826aded735fa4ea8025d726e7b868dbee374343fde8e6b5a3fe6733e0	28.57%	Heodo
2020-01-23	INV_GBK_010120_PPL_012320.doc	doc	1fc298251ecbc967c1a852ae8549568c2d11d20ff8c2fe5795d71c0701dc0d1b	27.42%	Heodo
2020-01-22	SW_00760165.doc	doc	29487cc347b96694240c5003b2fde7f8e509ac63ea9365249aa1a23c122502ce	27.42%
2020-01-22	FILE_2742698331190278250813923.doc	doc	72bd6822c6587d7476c2bce9cbb767b7f392c8c960c6a5f08b75f5ef154f6a2a	27.42%	Heodo
2020-01-22	RP_AI3578513395JP.doc	doc	c551f97351c13e0f158f87d3c11bbdb5b9f2b2b10576509755d225e3f3bf46c7	n/a	Heodo
2020-01-22	RP_28677310.doc	doc	31e49b1899bba2d501d48db72766686f1c0d77627dd79e5585b8f5dcf1de7054	28.57%	Heodo
2020-01-22	KBA_010120_VWB_012220.doc	doc	1edd209142cc223e891e8dd444c153f50de141b3239f20dfad8f44bf278752a9	28.57%	Heodo
2020-01-22	934289781386777.doc	doc	1acea02225c6650692c85051717ea09e03791a57fe39ab10730263373f7fbde5	28.57%	Heodo
2020-01-22	SW_RLPTSMJUAL6Y5W.doc	doc	ab600b906dee873222585e34ad20f43a3eb8dbc281f88b10eac0e7ed4b8f6f8f	28.57%	Heodo
2020-01-22	ST_Y7Q097Y8GT02.doc	doc	478f1dc50e192ecb20ebcdb9a37e7c312e9a8cc20766a5f86f95b3d9c09cc0b3	n/a	Heodo
2020-01-22	INV_NZM3OPU9BHDVTI.doc	doc	4c80edcbb0062e3b1f50fd07de05afa15805203131f6a34ae1dd4f4591dfcf20	30.65%
2020-01-22	PAY_PO_01222020EX.doc	doc	a8e86ce1edef7bad9f725d8f9b127d50d0a80a4e3477a2294f61bd2be001bfc7	31.75%	Heodo
2020-01-22	FILE_VMH_010120_LNU_012220.doc	doc	2e5f9f296d5addeabf6f8caa5e1e989363265c1ca3cba2201a933e734bcf8635	29.03%	Heodo
2020-01-22	REP_BHMYY2OULGXZY.doc	doc	8866f17525978f2cec2f21518499d6d84bd654adcc1bfc22f90d7fc47eddd406	29.03%	Heodo
2020-01-22	95966534.doc	doc	ae732e2481c442c721b9c70bbbafde35384fc2d9c8e8426e67eabd9863b3e009	26.23%
2020-01-22	PAY_WOC_010120_YKG_012220.doc	doc	2060f7df174027271307cce5c7a8ec61c05546b084780a80186d00fc343a2b0f	27.87%	Heodo
2020-01-22	PO_01222020EX.doc	doc	a85351653bf9a0c8c76db9f4c1076418ba4fface5c3a7f373d29186bf46732e0	25.42%	Heodo
2020-01-22	REP_PXBJS4P8N.doc	doc	6386c6fdd8a1eb4f6fc7bf14c51236c53a6d7dc8419ff7add51d3a75c46d3610	20.97%	Heodo
2020-01-22	PAY_VNZ8BFKBEK3NI.doc	doc	8205eac5713b6e780f44ca0ead54f7b14258c7553e717184eee2ab927d901095	21.67%	Heodo
2020-01-22	NOF_010120_JTO_012220.doc	doc	a0855eab3940a455dc8d9abb41fe9a44d09eb1153e79da6e813565d5dac82f24	19.67%	Heodo
2020-01-22	ST_CB0022477931IW.doc	doc	7a2981d0930261cea557f3e13fe0f3c8789b4c3d07ceecf861481ab926156b0d	21.31%	Heodo
2020-01-22	NDV_010120_DRH_012220.doc	doc	6321d13c864a5af9a0a39e72120db0999714232489e7bf8461b8a795db19a222	19.67%	Heodo
2020-01-22	INV_482186279352128.doc	doc	368d63a431bc9d979e6ad0775f7327956d973a19119aae25175bae3b42ce1c5d	n/a	Heodo
2020-01-21	FILE_94560686638976811.doc	doc	afc71ff2f950fe201610ccb3658ecabd28277de445f299d235048e06bb3c02be	n/a	Heodo
2020-01-21	E_69816231.doc	doc	f6bb39c8461a893a69f23d81190fcd6b5f19470c17632ca95cba8516acdcc20d	19.35%
2020-01-21	GTZ_010120_PMP_012220.doc	doc	4a5b9b9742ab79ec97f03a713d79186193ea89fbdce64cc486bdfeb117c7e7bf	19.67%	Heodo
2020-01-21	PAY_03688201.doc	doc	2b0dc7a3f1517e44bdc07ad1f4e244e973879e977697384256d409300c3d8396	19.35%
2020-01-21	REP_PO_01212020EX.doc	doc	f8b7610b7621a91b5d28857ea340a864fe7c4b11e544e0a8d55b06130078f520	n/a	Heodo
2020-01-21	FILE_3D485H3X4V8IUEIF.doc	doc	87f198aab109437e66b753398ed36d61115bcd349c900750ed31b89952b9f3bc	20.34%	Heodo
2020-01-21	PAY_37647705.doc	doc	0ac7a98f0bbf451a51cb75aa5b065d00e46c0860c7cd1c90a194e8a40a56aa93	19.67%	Heodo
2020-01-21	INV_EUA_010120_STJ_012120.doc	doc	f8cd0ec825c89fdfbdcebefa1756132a3f4d14e798d4b8f1833de4b6db4eeb91	n/a	Heodo
2020-01-21	PO_01212020EX.doc	doc	8efb9bd8a23cc1688102e8bc9b1e436656af9e65c14951dd13b2b8e04aa9beb6	23.33%
2020-01-21	BAL_RY0081505932RH.doc	doc	b3027e1a517aecd6ce516879fe1f0b6ccb4565a07aedac1df279f168ab71abd4	n/a	Heodo
2020-01-21	M_MW7555950624UW.doc	doc	d1117a28a75e18b39ecab237339947455fc2f362df875ff30e726b14dc16ee62	25.00%	Heodo
2020-01-21	FILE_0NNPDHZ8K.doc	doc	e4932995a94e0c841f96d023503d1a1bb8e8278fe5478a736b9a4cbc83283ab7	25.00%	Heodo
2020-01-21	INV_IPAY4X8UX1FQ7SU4.doc	doc	0e9e43c0429b560afae123776797b95528cfb7b3564487c82a25a57c81570144	22.95%	Heodo
2020-01-21	RP_8C9LAU3AA6B.doc	doc	c5a685afc7986b2e868818c0a531726711bd19cb5e60ed99da8ccefce4cc95d3	n/a	Heodo
2020-01-21	DOC_46356982.doc	doc	b8083992ca8cf08ef3353bdea04c93eaeb2c2d9a0840119f89868e27b2261a32	n/a	Heodo
2020-01-21	RP_UWN_010120_WFJ_012120.doc	doc	a02cad1bc2e1e070005d123abd1ed33ef20a502d65d597145a77c7f1983a8888	37.10%
2020-01-21	D5UCCOJZ879U6FV.doc	doc	771aeae2ed024260630905213e772b48fc8a0d525c1673edd92ca83a282b17c2	33.33%