URLhaus Database

You are currently viewing the URLhaus database entry for http://ft.bem.unram.ac.id/wp-admin/common-box/1472931-WQi5xHN2zH-profile/IUTAcbfrRQ-lh185J613vvG8K/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	307264
URL:	http://ft.bem.unram.ac.id/wp-admin/common-box/1472931-WQi5xHN2zH-profile/IUTAcbfrRQ-lh185J613vvG8K/
URL Status:	Offline
Host:	ft.bem.unram.ac.id
Date added:	2020-02-03 23:02:07 UTC
Last online:	2020-03-08 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-03 23:04:04 UTC to azhari[dot]hasbi{at}unram[dot]ac[dot]id)
Takedown time:	1 month, 3 days, 1 hours, 0 minutes (down since 2020-03-08 00:04:04 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-05	Rep-47670.rtf	doc	29ab65d0d310cded17a3f3813b2aaaa5ccf8cfd47693806ee9afd63cf5815090	26.23%
2020-02-05	Dat-2020_02_06-243673.doc	doc	c1d36e9aab2030f23a10178cc432f92255b74c7e2382840bbae1ad7c099e97a9	26.67%	Heodo
2020-02-05	LIST-O6382.docm	doc	23f4a774007e2fc64a2824e5973bb695a64667d8d832fbc29806976dad67d7f7	26.67%	Heodo
2020-02-05	doc 20200205 4908967.doc	doc	47ca3de0e80a4e9571311ab0b2470ecc29d18c990b063b57aef1818e5a3c260a	26.23%
2020-02-05	INF 20200205 9223.docm	doc	b03e332d75fae1c213d41742abe758225f46a5ae68755f6d57dd3cb44326312f	26.23%
2020-02-05	dat-2020_02_05-473.rtf	doc	da0b1e331a89bd28e4338a886d224c01e9194a764a6ded30bac8b16670a589b3	26.67%	Heodo
2020-02-05	inf_IUO77363.doc	doc	4bda34084014e21ceb2db8fb9003f36f4b3a7bd5a8bcfb9b1badbf13529a6d84	26.67%	Heodo
2020-02-05	REP 358007.docm	doc	e9de053b8046e662771b320b25a49cd709591ac896fb6bd4c324ba0b13f37b35	25.00%
2020-02-05	list-NK683.rtf	doc	6228be42f808ff1c2d59dc6df839b24c07a9e9640fffea33d21e69f3b2765a69	n/a	Heodo
2020-02-05	list_NN84581.doc	doc	08336d234edb1789ed3461c74e099d408f6a8926e23f9a2b38e210936edf765d	24.59%	Heodo
2020-02-05	Inf-2020_02_05-KV87524.rtf	docx	b0cbefc353db1c65edbf8b0934dd40cb3e036b1cc2be367d2d5f1ac7e95ce342	34.92%	Heodo
2020-02-05	rep WBJ6094.rtf	docx	a464fbbd0fd6eb2e09bb5c04dd46379d3cf1c4f67eeb3f4e9f0b9f7896a2192f	n/a	Heodo
2020-02-04	REP.rtf	docx	f189891eacbacefcd510376ad44060a48962b25cfabcdd82b7845acdb512bab8	30.65%
2020-02-04	Mes-2020_02_05.doc	doc	6464ea34b63546f7d2cdcb780b772b1250731bd38c105c2feb70e0928d49b1ab	32.20%
2020-02-04	inf-20200205-1059.doc	doc	3e807f7cb48c71df4ce8ba0a0024238ec14712f1e68e7d0c959ab376f2fbd524	32.76%	Heodo
2020-02-04	ARC_1516359.docm	docx	defe55c9dc26d0ae8ff07ac7bfa3e4b03c672b69761fa507e15b5715ead2abc4	33.87%	Heodo
2020-02-04	Mes-440.rtf	docx	226e3d9397801a0c20fc12e65373887d6b8e32d5d47ea818a8b891be4513e330	33.87%	Heodo
2020-02-04	rep 20200204 09694.rtf	docx	b652230d0ab5eba2fd05573b7ef10013f6563c1bb9f64d5f5106b15cc8a5ade7	31.75%	Heodo
2020-02-04	dat 20200204 3099901.docm	docx	265e4a2697fbfecc43edb76419d9e4a8928492d01b548cd7d6804226d6b2a593	37.10%
2020-02-04	Arc 675721.doc	doc	8abe3476f2e6ec41653192f2adc6b6095371ddb2fa46044e4e8644c6e5d9694e	36.51%	Heodo
2020-02-04	Mes DHC833968.rtf	docx	167323f590c8eea01e897581a3de8e00606c176ff6518fd3ac0a3d64dd2e7d9a	36.07%
2020-02-04	Inf 496.doc	doc	b71394268acf3acca757143450d5ccc9030bb60cd3e5e9e3245f81fa1b63e757	n/a
2020-02-04	mes-20200204-462.rtf	docx	3455fc14bf4bc55e2cd1a0d3e6ba9f195bd43d0a44099f3f23cb2c9b95310140	n/a	Heodo
2020-02-04	Arc_20200204_2777.rtf	docx	7866c794e416ef1f3bdbf8d29370390f025c8846d1b4e5d61b2c0b74daa75508	34.92%
2020-02-04	file EG38120.doc	doc	492eaa8d97a0af93ff3a9232d9b8be1e475cd9376086354471e1bca5055b5716	n/a	Heodo
2020-02-04	Doc 20200204 LA66743.docm	docx	002d694ef8bf683023d2285a4a16c1673c4ac35874c13d7cfd9c9dc9cee5854c	n/a
2020-02-04	LIST 20200204 9806459.rtf	docx	028f4c2dbdc1cc4dcc34a7dd5f190ca34075756f22fefa208b992649fedf8c14	33.87%
2020-02-04	DAT_WIT4855.doc	doc	7769ae1cce4e29c3e8bd982600d46a07804c1f66a2772bf00ea100aa24c227ba	40.68%	Heodo
2020-02-04	rep-58580.doc	doc	06ef3b76fdfb2eccd0a672a1023ffeff68a0dea6d2a4da527eaa596842391fc1	38.10%	Heodo
2020-02-04	Rep_PW100.doc	doc	0c5326e304b5b23196b990d4ba1000e7a34150acbfa3b3cd8aaa35a12f124e26	38.10%	Heodo
2020-02-04	Arc_JG476.doc	doc	821d5e01c6a22bf01f87a2cc063615e17a74dd2599e21bb6ec2de779f77c8d08	n/a
2020-02-04	inf-2020_02_04-HU338.doc	doc	b5bdbfe46cbe25168c809c0da1cd3018bef7e7821ead2808e7b22f4a01d76a34	38.10%
2020-02-04	Doc 4551375.doc	doc	b0bb80de572b15a0b0de99bed596703ce05859027b0b5a001b36eb8927608155	35.48%	Heodo
2020-02-04	Arc_2020_02_04_45261.doc	doc	25108aa43bad658dcec2d751b81cfe9598c164de1f28ba8e0d926229828d88d4	n/a	Heodo
2020-02-03	Mes-20200204-BOB84230.doc	doc	de283e104e0f841b1dd615a6400f671afa7271b94c0b3cece3f4e5dc244cda9b	30.65%	Heodo