URLhaus Database

You are currently viewing the URLhaus database entry for http://dmgkagit.com.tr/INFO/YNAJ10335840549R/387445157/LWSK-AUVAD-Aug-05-2018/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	39005
URL:	http://dmgkagit.com.tr/INFO/YNAJ10335840549R/387445157/LWSK-AUVAD-Aug-05-2018/
URL Status:	Offline
Host:	dmgkagit.com.tr
Date added:	2018-08-06 16:26:25 UTC
Last online:	2018-09-08 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2018-08-06 16:26:53 UTC to abuse{at}cizgi[dot]net[dot]tr)
Tags:	doc emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2018-08-07	PAYMENT 5571616U.doc	doc	f77954325642d368e0c7d2ecf4a16210ad820bd61c633ba618023a5920aadb18	32.79%	Heodo
2018-08-07	PAY 5RCVL.doc	doc	ccfad75ef36d3ece9dc17dd8a26bfd5cad9643db70e2fd81aab60e82502a0bd4	31.67%	Heodo
2018-08-07	ACH 4IHTFADP Aug-07-2018.doc	doc	2f7c563a540acba4172ad80c899801b526702577cfe90803865331758eac2bc7	32.79%	Heodo
2018-08-07	PAY 4284919LBPB Aug-07-2018.doc	doc	7afd709cf8761dbf7ba69efec924f25d96186c32216c7d0790871ba5c49f74aa	n/a	Heodo
2018-08-07	ACH 4WCYQKEAA Aug-07-2018.doc	doc	e5626a7990f4a1d42f515c6d3c7d1fddb2ac1c2d3a4d7477cd1f58a299ba8cd4	31.15%	Heodo
2018-08-07	ACH 64013QDCNRL Aug-07-2018.doc	doc	132534ec9dd880715de5450666aee52b2e577c99d1d468851e04a025dc31520c	32.20%	Heodo
2018-08-07	PAYMENT 269113XFRBOFWP Aug-07-2018.doc	doc	5c4cbe7c04a215cc897996d4d0120b3e3fee42facc2320559dc5b0489ab7753b	29.09%	Heodo
2018-08-07	WIRE 918022LCF Aug-07-2018.doc	doc	1f5c6139d05aa024d7ebc6b3e02f240dfb1868e5b136073da4bb44aaa06ee602	34.43%	Heodo
2018-08-07	WIRE 308866XCLQ Aug-07-2018.doc	doc	858aeac15a64b278af88ddf9b00d8cdf1ead6d0046779a780b19d848014bf66e	34.43%	Heodo
2018-08-07	ACH 32568ONJX Aug-07-2018.doc	doc	e7d99cf53f2328ba4585028e7bb9d4f347419d4f9c8730371eec4842009ce8a9	32.79%	Heodo
2018-08-07	WIRE 08MPLTK Aug-07-2018.doc	doc	5a4682c742532742207b63f337424e123da83383bbe371ad27676b6567aceb45	31.15%	Heodo
2018-08-07	ACH 197274MGUA.doc	doc	09b0d092666fb12a7b8ee82be7fd876250174bb317592438a7ad1bbe2059e529	n/a	Heodo
2018-08-07	PAY 718VKJCBKCD Aug-07-2018.doc	doc	a9eaf48e4c339f53264a5d10b28641baf808ff290727e9066266ccaba2df03f9	32.14%	Heodo
2018-08-07	ACH 8535QUHFHJT Aug-07-2018.doc	doc	61a3876a4861e42a439af82e513e252754e7042dd464b507f42f4d339b8c1e8d	n/a	Heodo
2018-08-06	PAY 93JVYU Aug-07-2018.doc	doc	41de894847993b227d45019999d1d24d88673b2fb43023875f199d4e8891787d	32.79%	Heodo
2018-08-06	PAY 7WECG Aug-07-2018.doc	doc	0441badb226872dae7ee1e33a87a46d7e8b50e95e4ad1b981d613f1cac0f4cbb	35.00%	Heodo
2018-08-06	PAYMENT 503252MOHY.doc	doc	c5e34d7ab8f12a1f0a498549bc09fc7cf0ff8a10950ec5d77a43da473672578e	34.43%	Heodo
2018-08-06	PAYMENT 9XSXARIV.doc	doc	7844930232281da96ffbe45c4b24a99fc2621fc44784dd74745fd9d1e9430d31	33.33%	Heodo
2018-08-06	PAYMENT 03438HFUOJF.doc	doc	be88458b4f96574b2932ea2bc4389a1afb1f3720801b0ed04c0d227f009fd11c	n/a	Heodo
2018-08-06	PAY 6398TT Aug-06-2018.doc	doc	545823a2b946f5172a5c1c5e89cd9ec612b733dbea94524062fd1571e1655d01	30.00%	Heodo