URLhaus Database

You are currently viewing the URLhaus database entry for http://horal.sk/lm/protected-GwJhA-F49HcaNS5gWP54/security-forum/mdvdlAG9bV-HLI0tI7ztmNvm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	308943
URL:	http://horal.sk/lm/protected-GwJhA-F49HcaNS5gWP54/security-forum/mdvdlAG9bV-HLI0tI7ztmNvm/
URL Status:	Offline
Host:	horal.sk
Date added:	2020-02-05 11:13:15 UTC
Last online:	2020-04-16 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-02-05 11:14:03 UTC to ripe-abuse{at}swan[dot]sk)
Takedown time:	2 months, 10 days, 21 hours, 38 minutes (down since 2020-04-16 08:52:41 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-07	rep.rtf	doc	9e0f471dcc7e1f874dc550fa5ea840391bfe33e8576e26218351b6fdbbd75b33	n/a	Heodo
2020-02-07	inf 2020_02_07 B2370.docm	doc	9f2b441a576b8b1d1a2af975d5d53633a4000ab8ca1f6df2e88312e175a47595	n/a	Heodo
2020-02-07	Rep_22950.rtf	doc	e3adf368b634569aa1ca2545bb340ffb5df4c918cf629e3afec00b6f43d444fc	24.19%	Heodo
2020-02-07	rep-XH07872.docm	doc	132db44bc08611c35e13cca6b1bf4d7592f107cf9c0126aa2bf055f0953f0975	24.19%	Heodo
2020-02-07	ARC 1896987.rtf	doc	006766d9879f75d74de2c385ce8418fb838989af2046d8d329ad6ae7dc6d26eb	n/a
2020-02-07	DAT.rtf	doc	c8a251f2d070fafec42b79dbdd0e73a0993c8cfd2a5f1a69722327dd810742bc	43.55%
2020-02-07	rep 2020_02_07 641609.doc	doc	60a2db35f6a200f89387811492bf70f40551c72578c80be36bc21dc7abbcce67	43.55%
2020-02-07	FILE 2020_02_07 3112.docm	doc	ae0dba6208040d7656556bb876279d0ee3708e7cba62fdf3777e81466021bcee	n/a
2020-02-07	inf 20200207.doc	doc	dda86e610dc7cd7c6dc32877c7933dc7c341e6e57f35219c82c674fb4f85f7b4	35.48%	Heodo
2020-02-07	List_2020_02_07_39348.rtf	doc	4de743bb5a807944570907fec4e4ca12efe2016c5c50e04f718ed117b26a76ee	32.79%
2020-02-07	list.docm	doc	92b8d8f3f3a3e0ad2e5f751cc4b2df9f4d01027617eedbc44823360bdcf35491	30.65%
2020-02-06	LIST-20200207-4181.doc	doc	2ab5454468bf092401bb674e12f9577b0102b97450e07cc6ffdbaec61eb40953	29.03%	Heodo
2020-02-06	File.rtf	doc	ac7760c7ac85f9e8058a9af1862e8b503ba18efe9bf1ebfc820845a33714ea8a	29.51%	Heodo
2020-02-06	doc_2020_02_07_134718.docm	doc	b7676cdb8dc6fbbbfb658a4eccf03a5c3290883a4fda239945b7a3c012950ed1	27.42%
2020-02-06	arc_555.doc	doc	b6a866cd6767e85ce9779e18601e4ff38f6a25e8bf459d47936489b9d58ba9c9	27.42%
2020-02-06	rep ER468.rtf	doc	69caf04e8e1e56614bea23015c10066190147415d1c1699accdc79c49531cedb	29.03%	Heodo
2020-02-06	MES 2020_02_06 036.doc	doc	e62205f9ad8ce110e6f628a4622e7f12d9db3b4c2cc100e1d464b06f2a2b0afb	n/a	Heodo
2020-02-06	mes-20200206-624240.rtf	doc	43f10fe26a0ef0775cf82202ccdb01f65cd38e6aab4086fa49b4b2391da9f0a8	29.51%	Heodo
2020-02-06	list-5507156.rtf	doc	00810a12662ed1714ce797c700855a606ab35c246a1c1a2ada47b503d612a82d	n/a
2020-02-06	ARC-2020_02_06-HB2933.rtf	doc	e2242f427a47cdd239a61505c64bb7956f2c451a95ae9dfcf44f845fafeab46a	25.81%	Heodo
2020-02-06	arc 20200206.doc	doc	3c9d9f7c089af3d74e37371950a676a966f7160c531930a218fcefda342beee9	26.23%
2020-02-06	Mes-2020_02_06-910.rtf	doc	ad59ca837e5e359b406767791e57fab4f0d74cf3247166885df2167e442cba64	23.33%	Heodo
2020-02-06	file 20200206 2777727.doc	doc	b99125a74c2d36d2875478ee03096a69ad74f272c1ced98d2e22ea0f2a3d3191	22.95%
2020-02-06	arc 2020_02_06 644101.rtf	doc	6975ed31fcf619923b119bc26d0f005ef935aaa2e20b25553b47389844f6005d	23.73%	Heodo
2020-02-06	arc_20200206_US6386.rtf	doc	413a1918fa059d5be9e47bd9fb404c1f58c2c5262e3c2f4371a88f4cab9a9c93	n/a	Heodo
2020-02-06	list_2020_02_06_SEQ13421.docm	doc	6359275fa65b551a691c324e03fa5c3c73ace835ca4f3d90087dc3332f76ecec	22.58%
2020-02-06	List 2020_02_06 Q404.rtf	doc	d0ba1020328bfa59129c6d94b6bfd8979bd652574b24407bcfdadc75fcf28fb4	n/a
2020-02-06	MES-2020_02_06-JFU516.rtf	doc	7713e180e8a62f6041738a796b29f6efeab8431f8b6425016a4242f64df7061a	20.00%	Heodo
2020-02-06	doc_20200206_QN09495.docm	doc	17593bcabe9abc1036651dddd696d02cb77c94ed237afdea9922c48880b9ef4b	n/a
2020-02-06	Mes ESV88443.doc	doc	c7662c41a76803dcb646c8d920e316033baf7eaeda42b42305d4bab1a3a49fbe	33.33%	Heodo
2020-02-06	Dat 2020_02_06 H3048.doc	doc	43e38902740c39567550fd0e4c87c00947c5fe577765eb00051f0212c05d7cab	33.33%
2020-02-06	inf-VK376776.docm	doc	702b22d598064f664dd6fbf97fb50364269f0215cbeabf867165861dd0b7d82e	32.79%
2020-02-06	LIST_J8739.doc	doc	9005832cf404bc1202dcad8865b5250a9826f2fa18a6e23ee0a7e705c1d63ab0	33.33%
2020-02-06	Doc 2020_02_06 3879721.docm	doc	24bc1b322505611fc96f657f00be75ad4a096d02fc3e78d4b45369b13358575f	33.33%
2020-02-06	DAT_N38819.docm	doc	77016ff9da8e219908f060ccb135597a6d365ce13a53cb4f40e13ec91bbc37b3	32.20%
2020-02-05	mes_690039.docm	doc	6ce8037ede79b5758219b73a2ec4cc67731872b60410bf0aff7b7cbd8e9a5964	n/a
2020-02-05	list_20200206_X9714.docm	doc	335e92129e141d12928fdc17fbb6c1dfe8b6fa59b2ff2a4ad0c60f4f0637ee83	27.42%	Heodo
2020-02-05	arc-O455387.docm	doc	c1d36e9aab2030f23a10178cc432f92255b74c7e2382840bbae1ad7c099e97a9	26.67%	Heodo
2020-02-05	Rep_355.doc	doc	1566745273aeac5249400c456f82b70e870825a50ee2457479f734c7686dfb54	26.23%
2020-02-05	arc-2020_02_05-0241822.doc	doc	79b3a51440b181671112045cb234739a360169bc4c6ccdb30a3907a50a055963	26.67%
2020-02-05	doc-20200205-GY358133.rtf	doc	c0b9c90ce017a4e5196e744c7948464ff57431da4a1d820793c5aea57cc0a095	n/a	Heodo
2020-02-05	inf-20200205.rtf	doc	da0b1e331a89bd28e4338a886d224c01e9194a764a6ded30bac8b16670a589b3	26.67%	Heodo
2020-02-05	INF-A07049.doc	doc	15323460179dd0de74e3613b5cb65b86ab486b8c92c062c9c0a5756ce96b4e2f	n/a	Heodo
2020-02-05	ARC_20200205_69546.rtf	doc	593ef299e4bcf8e836dd1522653ec33230104646f6e8c376e9c4a9957ca5ca3b	24.59%
2020-02-05	Inf 2020_02_05 38113.doc	doc	ab556aef3f7baf74127e682541cd5bb674af38a62c4c1f89ff43f09388894af2	25.00%	Heodo
2020-02-05	arc ZU959380.docm	doc	03b3fb6363d17eaa9f38facff48a244fc5b897afd2e74f173a3662616f4583cb	n/a	Heodo
2020-02-05	LIST 2020_02_05 W668854.doc	doc	4d87879312946df36ab67edcf0f7a77c8cb8051a479d2639049760e4df5a22bc	25.00%