URLhaus Database

You are currently viewing the URLhaus database entry for http://ft.bem.unram.ac.id/wp-admin/comun-seccion/Hn7Fl9W-zI34JrzD-Hn7Fl9W-zI34JrzD/wvn2q0zdrul3-s7797zzy/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

ID:	309947
URL:	http://ft.bem.unram.ac.id/wp-admin/comun-seccion/Hn7Fl9W-zI34JrzD-Hn7Fl9W-zI34JrzD/wvn2q0zdrul3-s7797zzy/
URL Status:	Offline
Host:	ft.bem.unram.ac.id
Date added:	2020-02-06 10:41:36 UTC
Last online:	2020-03-08 00:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-06 10:42:02 UTC to azhari[dot]hasbi{at}unram[dot]ac[dot]id)
Takedown time:	1 month, 0 days, 13 hours, 21 minutes (down since 2020-03-08 00:03:52 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Bazaar	Signature
2020-02-08	CONTRATO np5832pq8719q.docm	doc	7d37b6d909b0564605a92781d24f6a2da662b176d749562497aef5ee173c01f8	45.00%
2020-02-08	oferta 02082020.doc	doc	b744ccf555100a77b8621efe23c74aff3ed8e3f4fbb8e34b52483592c329de1b	44.26%		Heodo
2020-02-08	CONTRATO_02_08_2020-G68302915.docm	doc	69690cc935adae5a4d1123ce2eab3ad7cf528c95741631f55669dd7c7c5fb049	44.26%
2020-02-07	Contrato_Y19052414901-87096070.doc	doc	8f096567ebce98b023c9b7358799055fa60fbbc5c2baf4afc3362887c80416db	44.26%		Heodo
2020-02-07	CONTRATO_o65792o.rtf	doc	4cc1b4ee87c40a3f88bbe5071829a45bc86faacd799771061f62ff5c0a78eab8	n/a		Heodo
2020-02-07	OFRT 66338839.rtf	doc	6fc4a92196feef5bda8bdb05e2b5b05eb2c48450f60012863701e05f4aa73d03	39.34%		Heodo
2020-02-07	contrato 13n425974958p.rtf	doc	2cd30476c75ae344b11dd7925bf07afb92301623aebd72bd2b7f04aae7a1e4b6	36.07%		Heodo
2020-02-07	CONTRAT-m4951951n451.rtf	doc	3c873628cea9af9993ee2c252492745c92891d328cac320ad3d9816379df923c	34.43%		Heodo
2020-02-07	OFRT 6976899.docm	doc	b144bfb0c0b551a75359b720d19352b9aee15cdb9e94969663e8b8c7779bd3ed	31.67%		Heodo
2020-02-07	CONTRAT-02072020.rtf	doc	fc82b93ebd3025fe89dd902d3b0176f75cbdf5f0bdc5f190ac890c27f444aec1	29.51%		Heodo
2020-02-07	oferta CT107957310.docm	doc	525a92df722e1c87ab75ca88acc3e553d5bb67f19181868d3313c04984c6b9db	26.23%		Heodo
2020-02-07	oferta_619694m.doc	doc	42cd42296cd9baed631d10c6588da096bff32da86f6cc307b8874cb6340bd1bc	27.12%
2020-02-07	Contrato_1475275.doc	doc	170462e336ac154a81fbd1dac3df3b8ba07898ea6fab9687b8dca999b1f16f6d	n/a		Heodo
2020-02-07	OFRT-02072020.doc	doc	78cc10e34858a08e4f52e60d0bda06a9c07a5686be8dbd8895425eac340d3483	n/a		Heodo
2020-02-07	Oferta O736819540_40804.rtf	doc	20d2002cdaec9b8848ae5edb95b498669c6aab681b797669a5a3edebcd0aedf6	24.19%
2020-02-07	oferta-02072020.docm	doc	633fd36fe78137cb2cb3e7612ed4a14e4951bee819e697fe919d143f01fc3e92	24.19%
2020-02-07	contrato-660058.docm	doc	43f5a651e8c734d8fe1d40aaac30af8bdbac2fb7b25fb416531ce7f95e056037	n/a		Heodo
2020-02-07	CONTRAT_02_07_2020-354519809587.rtf	doc	8f3a0e19e00397efb39708dacfd129d2722146fa6d169e6a7c601c0cc02a1359	24.19%		Heodo
2020-02-07	contrato-02072020.doc	doc	5ca507feb0ca6a2f8a52379d1bbfd0903b03c4a1d6130f288d464792ed03eba8	43.55%
2020-02-07	OFERTA-15265.docm	doc	c8a251f2d070fafec42b79dbdd0e73a0993c8cfd2a5f1a69722327dd810742bc	43.55%
2020-02-07	Oferta 734qo07.doc	doc	60a2db35f6a200f89387811492bf70f40551c72578c80be36bc21dc7abbcce67	43.55%
2020-02-07	OFERTA_7Q479644413940.rtf	doc	ed52942baf8ed14a9b9da31174f471dd978344583c83f0851abbbfa219f15167	41.94%		Heodo
2020-02-07	OFRT 215592021247018.doc	doc	dda86e610dc7cd7c6dc32877c7933dc7c341e6e57f35219c82c674fb4f85f7b4	35.48%		Heodo
2020-02-07	OFRT-noq552248q4.docm	doc	4de743bb5a807944570907fec4e4ca12efe2016c5c50e04f718ed117b26a76ee	32.79%
2020-02-07	OFRT_FN2153240 488734.docm	doc	92b8d8f3f3a3e0ad2e5f751cc4b2df9f4d01027617eedbc44823360bdcf35491	30.65%
2020-02-06	CONTRAT-q1pnq3onpq.doc	doc	2ab5454468bf092401bb674e12f9577b0102b97450e07cc6ffdbaec61eb40953	29.03%		Heodo
2020-02-06	Contrato-Y837176652 2681427.doc	doc	ac7760c7ac85f9e8058a9af1862e8b503ba18efe9bf1ebfc820845a33714ea8a	29.51%		Heodo
2020-02-06	OFRT-02_07_2020 F77710158.rtf	doc	b7676cdb8dc6fbbbfb658a4eccf03a5c3290883a4fda239945b7a3c012950ed1	27.42%
2020-02-06	Contrato_02072020.docm	doc	b6a866cd6767e85ce9779e18601e4ff38f6a25e8bf459d47936489b9d58ba9c9	27.42%
2020-02-06	CONTRAT-02_06_2020-307533.rtf	doc	8ac7ed36748d60e4e5b3dca6805c79094a27204108ab3ed019a23190df1a1c49	29.03%		Heodo
2020-02-06	contrato 2W44029574.doc	doc	e64df8646782c78cec192fe4d2cc194a1b97e5701579809cb54273eeeb35d305	n/a		Heodo
2020-02-06	CONTRATO p50n0o9756115.rtf	doc	cddfbd7b249d0e0ebb3f68697690544c6abb69af1cb46f3b74c24cae2d3e528b	29.03%		Heodo
2020-02-06	CONTRAT-02_06_2020_ADF1759.docm	doc	3e2e9332429ca46e97d6d5b2d39864b216599b31498ebda448a3fc2adfc78a0d	29.03%		Heodo
2020-02-06	contrato_BC284431735-072087.docm	doc	85404d4a489d199d3055637e3e11f3d81b783d8ba7872bae892dded74dd0edd1	26.67%
2020-02-06	CONTRATO 6678719959717-424505.docm	doc	464e3fbff2832e347b5bfa5fd0151fbfc4f3107cf97f74b7addcbc2984b60143	26.67%
2020-02-06	contrato-705568.docm	doc	ad59ca837e5e359b406767791e57fab4f0d74cf3247166885df2167e442cba64	23.33%		Heodo
2020-02-06	Oferta 02062020.docm	doc	186ad5a4edbbc67f97e4c4d0236f263ae46435a2687639dba2a0a91edd0d6ce5	22.95%		Heodo
2020-02-06	oferta_79q21m680q043.rtf	doc	426f5a4910e1d8c7973f947554016a2945b0997ec5d7bbf3756cef42d9dbbfa9	23.73%
2020-02-06	Oferta-39256702147.doc	doc	4dd54ea400006d3fb77da680eeb4804397f421a543320021ce765948189855bb	22.58%