URLhaus Database

You are currently viewing the URLhaus database entry for http://gojicreamasli.com/wp-includes/private_module/security_space/2021163_SDnFlEAG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415295
URL:	http://gojicreamasli.com/wp-includes/private_module/security_space/2021163_SDnFlEAG/
URL Status:	Offline
Host:	gojicreamasli.com
Date added:	2020-07-20 15:17:34 UTC
Last online:	2020-07-21 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-20 15:18:02 UTC to abuse{at}linode[dot]com)
Takedown time:	1 day, 1 hours, 37 minutes (down since 2020-07-21 16:55:49 UTC)
Tags:	doc emotet epoch1 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-21	doc_20200721_160886.doc	doc	cdc6366eb8899da37880fe16a52558bac01623624314e89adb8fcf039512905d	31.15%
2020-07-21	list-20200721-60904.docm	doc	3d808e9e116ecad94d0839d1a951f8aa24c96f6dfaaa774a889edbb38c857b56	31.67%
2020-07-21	arc.rtf	doc	262962b5fcfbc2fd14aa121ea6d5731ee54807c1d8f5cb14aedfa6437d1b764b	31.67%
2020-07-21	File-2020_07_21-283886.rtf	doc	2da4a10c384d2bf3468b73d621de109cab5a29179b9d6cf4102c7b46dd937261	31.15%	Heodo
2020-07-21	Rep_20200721_6624304.rtf	doc	ade92c771f3d31b85f839181d2c222569b9271fef181b82414798016840e0b37	29.51%	Heodo
2020-07-21	Inf-2020_07_21.docm	doc	84208f7aeaf31442b3b84394ec70e6c7d6d03b854990a567dffe1702c392bf9b	30.00%
2020-07-21	doc_20200721_OE320.doc	doc	a9e912c0733016338d181ec06475e1f30f28fc2159ee482787e913fc65085cf5	30.00%	Heodo
2020-07-21	LIST 2020_07_21 H852.rtf	doc	608a39d31a2ab34bf79ebd042bf10028b9bc7ed087dbb810306956dd1ba45567	28.81%
2020-07-21	dat 2020_07_21.docm	doc	c93cedd95b86e6902a23550fffd5be8beeb902d2a6cb4541588ba327a3978a7e	30.00%
2020-07-21	list-0957933.rtf	doc	37aed6f66e26d67c404f293d6eede26254f40b2470ec3bf486f9e7fdffec0ba1	n/a
2020-07-21	Dat_20200721_45735.rtf	doc	72f445f552fbc2a62d7f1cbf1e3a0e1a8afc5903d1c2c20ef5e1766b604b6b5b	28.33%
2020-07-21	Inf 2020_07_21 V108.rtf	doc	3485f666558c8e83a02eaaba8426ca24ac044afb5fbe04fc88287b424b31b234	27.87%
2020-07-21	DAT 2020_07_21 CAT84516.doc	doc	186a6ee6322d2e6656e0125cba0536eef43d3a66e4ce73e129332dbb236cab60	25.86%	Heodo
2020-07-21	List-20200721-WA6871.rtf	doc	15f2733b3a7dfc343c1186d5e821b8c4641d7823eae593d932faad5cbcd3c484	24.59%
2020-07-21	ARC 2020_07_21.rtf	doc	472c2ac90c92513e937b9396ae2d84359993dc64ba3e3f130191b0a9976f0262	25.00%
2020-07-21	Rep 5322.doc	doc	55a103c16b3c4d8958091e55cfb62091fd2d209e07ffba0a5c88252946b8ae39	25.42%
2020-07-21	rep 20200721 2237020.rtf	doc	31eca40e53bfafd9aba582a36d6acbd218f5c25002e67cb4d0bebddca0b73ce8	24.59%	Heodo
2020-07-21	REP-2020_07_21.rtf	doc	ad614712ee0ad71a7408a527a3a2051489b0ff4f08038b7a676ad967ea160fb7	25.42%
2020-07-21	File 20200721 9244.docm	doc	d5587b12a4f2e10f29d7fdccce2664458c54b7a2c6b4d546966be1f5b3145883	25.00%
2020-07-21	INF 10950.rtf	doc	98884fdd4917563990f4fc128cfa0ac0c45ad16b929ef54567b65ab2965d75e4	24.59%
2020-07-21	Doc-2020_07_21-AA34174.docm	doc	deb29a892e444cde34fe7642bacbee1bf74d35fcff478966636eec77c5e28646	25.00%
2020-07-21	File-2020_07_21.rtf	doc	ecdaf78dab236699d9244160f6b4865a5cdc8481ff2e8d798df9a342d10f1654	25.00%
2020-07-21	list 2020_07_21 9652.rtf	doc	7701cb5a8f75904004c1438e6e79eaac41be47f7d454a35f7ab373b2ef1aa392	24.19%
2020-07-21	List_2020_07_21_4701.rtf	doc	f84df4afb6ec0e756c79748271dd66528e1f262427405a4171c48b7ef395b22a	25.00%	Heodo
2020-07-21	REP 2020_07_21 085793.rtf	doc	77381e8fde74067c151274bc344395ef59df227e209ec80c0d7879aacbd5d654	n/a
2020-07-21	Mes_2020_07_21_T29620.doc	doc	590404bb24804914ea53c3480612bebc506f54e56553ef7b366d545a4eaac100	24.19%
2020-07-21	Rep 2020_07_21 051391.doc	doc	cf3b2f4e9f81af42df9884f8f3042a4a704fe949060f1997368c664d6db623ec	23.73%	Heodo
2020-07-21	file-5939.doc	doc	c915922a81a8064f3c80285e3615bd5aaeb6452a92f4588fe03bdc81caa840a9	24.59%	Heodo
2020-07-21	dat_2020_07_21_N38037.docm	doc	38ee970b2c3b2902e43212926ed41ad27fae79b76938baad0b96743897def42b	24.59%	Heodo
2020-07-21	dat_2704.doc	doc	a8d9eceee2cd3735b96abf3528e7ec3e8e2d8ceb8991c00c7ff479e9034655f5	34.43%	Heodo
2020-07-21	List 20200721 349.rtf	doc	aa4a6dae1e4ea4aaa6e4539fa9a3fbb129544c7d56807321757f41321b723abb	n/a	Heodo
2020-07-21	LIST-8386.rtf	doc	f78e874b4d5c5dedede72b85b571f2b04d8edba617b6634d95c2af181e6e4dd7	34.43%	Heodo
2020-07-21	doc-20200721-446.doc	doc	793132996a7b6875055c2bdbde2173f37e68ce5f04ab651acad13f84ab89cb82	34.43%
2020-07-21	List 20200721 OW146310.doc	doc	9e7349a986f7139a74245edcc8f0028bd6a10f81e79a7ac8bf7134e6d4932c2d	32.26%	Heodo
2020-07-21	Rep_20200721_YHW88526.docm	doc	754a0bebe018b079d9d9260256ea2106b4b5ad9a654c8b8a1989bf6e3f4568f7	34.43%
2020-07-21	Dat-GJZ0677.docm	doc	5816bc271d88617e627d64210b8ac9df417f8072b362af861ade766137eb1564	34.43%	Heodo
2020-07-21	file-CKH766.docm	doc	ace014e43d78870f28d2a732d72b60fe0c602b71dcc8771989e5cfc0bb1e0bef	33.87%
2020-07-21	FILE 2020_07_21 3474.rtf	doc	3bc869822322f3e700ec706660323daeca6ea90553d0bff45ce1fdc1ad6dfcfb	32.26%	Heodo
2020-07-21	List_A7068.docm	doc	122b0d68ee819b2ceb91c0b2cdcc0327860dadbb29f884a776968a58c9480ec4	32.79%
2020-07-21	Inf-2020_07_21-U5686.docm	doc	32a11fccc02f1372c54ca027f00c35e33268d3819191a348b9096fd3853ab6fd	32.79%	Heodo
2020-07-21	Dat-195650.rtf	doc	570d0bfaa6b14c83103c29fcbceba4f66df0c68406b8e2c61929ca743241b372	33.33%
2020-07-21	rep-20200721-RRU202797.docm	doc	276dfa20b9cffd3ac104aeafed599b2f70a9fd0e8d4faf1d86ffd46e8354a416	32.79%	Heodo
2020-07-21	Rep_KA7889.doc	doc	176237b901fd642cfb1c3a9fd8c50cdbf0d5ec30df6c98142d3a0e48839f9d51	n/a	Heodo
2020-07-21	Inf-20200721-9642122.doc	doc	6c7da386cdaa6398c065aafedeb01b31ec959ecf615e9601a81a2c86488c4c86	32.26%
2020-07-21	mes-OE1341.doc	doc	1236dd4116a2c4ba4427175d0a3e88c848f70dc6219f6b22f1997ae3ba80ba14	31.67%
2020-07-21	rep 3006193.docm	doc	4e34674eaa422795c92ef9cb66994e18a57553e217b4bb4de69c1369608e36e6	31.67%
2020-07-21	LIST_2020_07_21.rtf	doc	49b857e2068f710d1facd444264c6d8804ecc9e2ba9660953b24bbf213cc66ba	29.03%	Heodo
2020-07-21	Inf-20200721-53586.rtf	doc	33e64096db5340fb26c5b5d6f9b1dd89674d3a77a96a25fafcb878d9929fc9da	31.15%	Heodo
2020-07-21	Dat-20200721-06488.docm	doc	99c6c8f02c2fef792bc8a5a6406b0baa294156cb38b8df191f98cfb5a90547f5	n/a
2020-07-21	dat-2020_07_21-6710382.doc	doc	cce8e5e706869261ede523822b673dd52e48d4351de8600f5ac209a7f0189629	29.03%	Heodo
2020-07-20	DAT_DH74516.doc	doc	0d657d365282571dcf58adbb3a758c81fa3df50bc081a60d01f14c5431b9492e	29.03%
2020-07-20	file 2020_07_21 4867283.doc	doc	f83e32a15080c0f31451809377046083d52daef3354edecea6db6ccf4158a43a	30.00%	Heodo
2020-07-20	arc.doc	doc	68f85e639cf07fc84c8204cec1bd82fd8985d854aa17d02c89b58b255b98ed48	29.51%
2020-07-20	mes-2020_07_21-YCT988510.docm	doc	44c487bb620fcaf9ecd88961303e24f705390f3c23b0154b738fd30873832c0e	29.51%
2020-07-20	Arc-20200721-M142076.docm	doc	41d61ed5ec94c9f81d804487ad8f6132520d6ac7009a8c9a7b0c074ed0748e4e	29.03%	Heodo
2020-07-20	INF_20200721.doc	doc	616dde6dc6e22e28f4149e26996578dde114b40f896cee3cb36165d52ff70857	27.42%
2020-07-20	doc 20200721 OG7712.rtf	doc	1269bdbbc40be92cc1f13918a692b34fdfeec466bd7d872863ecc405ff38f77f	27.42%	ZLoader
2020-07-20	file_2020_07_21.rtf	doc	c6050ddd07c6d8c4aee73c52d0e50d6056ebd5f3e82550d8c771fc4353d489fe	28.81%
2020-07-20	INF MTL31190.doc	doc	3b93eda94becc07130cb0b7b3bd4f351444c2a0810a9bd983913a4a5d833b3a5	27.87%	Heodo
2020-07-20	Inf-20200721-54549.doc	doc	00593b1d3ba64e5ca39e6c503ab0f33dcade0d3afb65c2a73f2d4696cf8a7bb0	27.42%	ZLoader
2020-07-20	Inf-2020_07_21-2601.docm	doc	d28f9dea8c5837be7474d3735799da462ae74c0a0f3e7279a3eb8a50ba6183ee	27.42%
2020-07-20	mes_20200721_368.rtf	doc	d6da6435e94d2fbb2a3847c934bf0b6d41c613337ac951b10fd5851eb98a9bf3	27.87%
2020-07-20	ARC 0339906.doc	doc	6b5e8002c323071f83df953f977caf3a477d1a0c7178e0795674d263bc2dab15	27.87%
2020-07-20	DAT_20200721.doc	doc	eb1f1cf5bb142fb70ac9421ceb472dad3f583fcc852ae768c1ae347506cbcc04	27.42%
2020-07-20	ARC_MGF30174.doc	doc	d06b767d98bec7fa338114b2e77b1db8b1a8962819fda91258575e6cc7910b31	27.42%
2020-07-20	Mes_2020_07_20_213568.doc	doc	8f282a424b1167ed2e71b2355a7c4e6797a75d031969749e3ba21050292414e6	27.42%	Heodo
2020-07-20	Mes.rtf	doc	a596ea13973162232be90c68099e1b664aadeb7150a6c7e70ece1bae29dcce39	27.42%
2020-07-20	rep.docm	doc	eb193bc39825dc7e1397022e2a0a3a3e304be6b65d8128280fa02d2ebd1099c6	27.42%
2020-07-20	Rep-U6862.doc	doc	ed29b479d20901bb285c8146d9a69a73a34eadaa4f6c86aca69aeefe96f4fe0f	27.42%
2020-07-20	file_2020_07_20.rtf	doc	cbe8fa6812edba1a4e2b1fe7c30f6cbf05f21e5935e95ecbdda6d3f5d3b6de9e	n/a
2020-07-20	File_2020_07_20_360.docm	doc	fa441d24dc18f47c3205b5c37950b44346f110e1aaf7822e5a1d7894e2eebb49	25.81%
2020-07-20	mes 2020_07_20 K307410.rtf	doc	c8b4b7e686954bc7ebd4115f98ec29527b1b0d47d1a817adebc3c6b44c26d787	25.81%
2020-07-20	INF_600.docm	doc	8005b9ca1985b623968849a6db53eaa3dfa9e3a93ac623e439235d133d2042bc	n/a	Heodo
2020-07-20	MES-20200720-4642471.docm	doc	22c94747a2c09fbfbb75e072dfc2ffb576e21768830a37198601b369636d4beb	25.81%
2020-07-20	file 2020_07_20 36758.rtf	doc	4fe945b83567f1855dbc8ea4f8e0e0e2258117238ca2184dd10ba6cf797377a7	25.81%
2020-07-20	LIST_20200720_5876883.docm	doc	31adf970450cb8a76809bff658f19a6e62c31894dee3957e3374752544f042d3	25.81%	ZLoader
2020-07-20	doc_2020_07_20_5371048.doc	doc	130a66f245904ca4051c2eeb37eaa7b9157fb02b881164bef6a47aed0adbf12e	25.81%	Heodo
2020-07-20	inf-20200720.rtf	doc	c1c8df6d78506a08b7e90ec9675c7b914e7671064a55bea051de19c0b4f660e8	n/a	Heodo
2020-07-20	DAT_20200720.doc	doc	27e86fa1d58f503821260db0fd9caf987e41fc1a7595ade7d3e9a7a6f7058ffb	24.59%
2020-07-20	file 2020_07_20 830.rtf	doc	708b77f01ef2591030cd41826ac484f735d337267ed881bc98a37d4c766f3c78	24.59%
2020-07-20	LIST 2020_07_20 218.rtf	doc	2a8f533952321da2c782d9eee497bad0ddc4232a585ec82a664e5c72761fa429	n/a	Heodo
2020-07-20	Dat_2020_07_20.docm	doc	c5f4645b981298b8f3a81f6084fb7886c9bf908b43e5c265a5082dcabef490cb	n/a	Heodo