URLhaus Database

You are currently viewing the URLhaus database entry for http://chitgarbar.com/01/closed-zone/additional-cloud/944464-DibhSAOQ7C/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	416144
URL:	http://chitgarbar.com/01/closed-zone/additional-cloud/944464-DibhSAOQ7C/
URL Status:	Offline
Host:	chitgarbar.com
Date added:	2020-07-21 17:31:03 UTC
Last online:	2020-07-22 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-21 17:32:03 UTC to abuse{at}hetzner[dot]de)
Takedown time:	21 hours, 52 minutes (down since 2020-07-22 15:24:34 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-22	Dat-2020_07_22-Y621.rtf	doc	997f3689474b1e1be428b19fa9eb6927ccf37889b64e7cb0814a1effb83d6912	n/a	Heodo
2020-07-22	LIST_20200722_3679.rtf	doc	a01d4df7ec965c82ea4ba5fa2d607e1fc1c14ee2ce6e6eed9bc5508be71769a0	n/a
2020-07-22	arc 23036.doc	doc	7dbe324e0d12ad78dce60ff5e9cd95569b85088bdc2d6a21671c60e099767b7f	43.33%	Heodo
2020-07-22	File-2020_07_22-I629771.rtf	doc	488c696ee2debc2fb1afc0aab20d756276fca35ca9f91008fcb07568b79ede95	36.67%
2020-07-22	doc 2020_07_22 156355.rtf	doc	d89c2b2131e03e4f8eac35b8cb25de8095bafff8642629e1a4b64b391a014a77	34.43%
2020-07-22	list-2020_07_22.docm	doc	79cb28f01264a585e6d085eff860653eb72ec7b1976323c1f310ff7bdf0b1598	36.67%
2020-07-22	file 1285985.doc	doc	2bf6770c0abd36c1d4bf26b47dbe953c8f1f7968fac457a4a370a1b198945d4b	35.00%
2020-07-22	Rep-20200722-BS4389.rtf	doc	623c4ed3bff71e9b92646983452b40e40499ac21f3a3aa0647bbf37d3581b909	32.79%
2020-07-22	doc_YZF67391.rtf	doc	0f118e682037e3a2415cb85caf3c45494072c60591a6a8ddb51a1a0d3b07eac5	31.03%	Heodo
2020-07-22	Mes-OY47738.doc	doc	ad0b84b38f613391231e63d53e800947407c72b0e2b87c9a79cb58d7d3520146	28.81%
2020-07-22	inf_8085.docm	doc	8e68dd2720dc2775d2a42abaf76de80d689fdd34c0367de007c414def3d2d33b	28.33%	Heodo
2020-07-22	LIST-2020_07_22-AC643137.doc	doc	3f0439068eefa5ef762b899f9eb133708916084d5e2f79a0344093fb19c3c026	30.00%	Heodo
2020-07-22	inf 69567.rtf	doc	194c758a5ff19785134e06f7efa9ee11bc4e3d42cc2005d93581915fcb9ef005	26.67%	Heodo
2020-07-22	FILE 20200722 0860.docm	doc	b68476e293e35d7cbbf80b3561d23bad553eddd9b04a07ea072ab1ea17f1d78e	26.67%
2020-07-22	dat-7643877.doc	doc	d831521ed1fd89695ea1f405aea9680401dc470716ead9076e1c428afc608093	26.23%	Heodo
2020-07-22	List 2020_07_22 186175.doc	doc	21443c68d64ecddd740c7966067a4bed9de79aa081c06b9ad97fe8d8d0e0716b	25.00%	Heodo
2020-07-22	List_20200722.doc	doc	46ddfb783ed7cee9d4ec3196ec9297e861503dbfdf905203eca8be9bcbd448e3	25.00%	Heodo
2020-07-22	REP.doc	doc	656f9f7c087bc9a3d272d1aea2c369dcfa89d33e5fe59b61e4a57d7b181904d2	n/a	Heodo
2020-07-22	FILE_521661.rtf	doc	cf527cd37a84ec65c4b6d8a8b816c739b62805416400d1527c8ffd7d3931a298	25.00%	Heodo
2020-07-22	List CC717.doc	doc	a018bebb6f4d713eff5d16c6b80d20df72bab7d5e055c287018f1f842f952e1e	25.00%	Heodo
2020-07-22	file 8745.rtf	doc	a73ea0967cbcfbf0070a32f075b9b8e4f448d2d60f08f78ef9439b64394fc035	35.00%
2020-07-22	Dat_20200722_GL32995.rtf	doc	8cf9d9d42298a4668f016012416111f8bfcd129c4b0ce9050c28a283734568ad	32.79%	Heodo
2020-07-22	Arc 7190334.doc	doc	eed180c709224d892fa8a82e0c51bf623d7057a65ca483d45e3d005984dc6588	n/a	Heodo
2020-07-22	File 133.rtf	doc	7eb51f8c4719f0171a98650b63385c15908628fc4ef7838c410fc53c46a0b8a6	33.33%	Heodo
2020-07-22	doc 20200722 IR05855.rtf	doc	3e24c4373b1e2ba1e3d16925cd0d4a1752452402ae4aaa8ad8ce498bbff5335c	26.23%	Heodo
2020-07-22	REP 20200722.doc	doc	3113c9be4e91ab866a9d0a0a3a71236962f0598a11a4345f114dcf1e3feae621	n/a	Heodo
2020-07-22	rep_927299.rtf	doc	b58dbe82f7a65596a2277d1c5ef1e42945e45cd0ad84c35872e1ed404607b9b6	29.03%	Heodo
2020-07-22	Doc 20200722 014651.rtf	doc	c07649d058f6470af27cb972b0a9306496e2641bf959dd66206f3feff56b83c1	28.33%
2020-07-22	File 20200722 923922.docm	doc	80cb12a6bbe9b2c3065f9007e9740b9f7d75dcf2bc68651848cb08f4ce619b39	26.23%	Heodo
2020-07-22	mes.docm	doc	3374b8c7bab8c4d65f45434d84b29231b7a403d578c2b123e75507b6bbe14653	n/a
2020-07-22	List-663791.doc	doc	8d70f6580cf02bcae5c4c14396951b6e6c1ea10bcbcbb89f835c29dc7d2c8ceb	n/a	Heodo
2020-07-22	DAT.docm	doc	3e65642f10d2b821a0c08b74d0ddfd34717dca5f9918551779815db934ae7963	26.67%
2020-07-22	File-2020_07_22-287.doc	doc	d7b8fec9f533a9c31e7fe587b89552973d00bff30e4c7d8f7d4f2d93bc0eda1f	26.67%
2020-07-22	dat-2020_07_22-TN219278.rtf	doc	ea444cde5a8ef5b6165a348732af41e4c634669259036caae42e242c5a7c9b1c	25.81%	Heodo
2020-07-22	rep_2020_07_22_QCF76513.docm	doc	7fb831a6988b9e816af85e485721d4e44b500b6a9d30af5b82cf9ec4d28eb584	25.81%	Heodo
2020-07-22	Doc-2020_07_22-231609.docm	doc	d3bfea33a12c522ea8faa7840613e14c78035362c064c858c1467513a68ac9a7	25.81%
2020-07-22	rep CNM61265.docm	doc	812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981	27.12%
2020-07-21	list-2020_07_22-57401.rtf	doc	c20821e80c5ce943d4b87b9416329f0502a4da3c97044c8fd7016172353e1626	26.67%
2020-07-21	Arc_2020_07_22_18652.docm	doc	3ef294ca4013371b69d6af647114806b71bb3dc07fd56f12c078703411d61b3d	25.81%
2020-07-21	INF-248.docm	doc	c1cc356eaf49711b7673b9c27f015163363a60417ad3b9b7e6883015b65d80d8	26.23%
2020-07-21	Arc 20200722 IR35905.doc	doc	cbccd20b9bc23454ec01bec4a0094e77dcc43d577666259f8d97aa30a118ac35	26.23%
2020-07-21	Doc 2020_07_22 J5330.doc	doc	2027e8348e8d2f364d55b2bf47f9a4b37fd2ff7aabdda5ed056e3f6cd42cf777	26.67%
2020-07-21	file_2020_07_22.doc	doc	139f5bcf4c7fcbe0a8a5d940c5d38dd847e2c979df74dcf680208e73b8ac668d	26.23%
2020-07-21	DAT_20200722_I171.rtf	doc	205a04626bdf6f3da605d8f8ba60126d02451085528330524d899a38520be8c3	26.67%
2020-07-21	inf-20200722.doc	doc	6852b34db0c7a6150c1095a704236a1938b4ed46cd9d7bdfd412555ebf61890a	n/a	Heodo
2020-07-21	inf_20200722_AZM646893.rtf	doc	b88eeea6841abee77c07e6b5243d98213c6997de1033e14ddec0cf10b9b11c35	n/a	Heodo
2020-07-21	FILE Z6749.doc	doc	ca4ae10db92df8cf44bacee70e7560ae411a37d1559687ad47687282ca447526	25.81%
2020-07-21	ARC-S45476.docm	doc	96f45a5c51839644dbf8e9f7ffaa226944422285dd997fc0ff8c23a883b18410	n/a
2020-07-21	rep_20200722_34098.doc	doc	7262452af523481d22f70888f7619a9a6da291bacfefdbc45ed95492326d2274	26.23%
2020-07-21	INF 2020_07_22 5596.doc	doc	fe0262abd2e28972585a28e0db4036c88dc6bc7858de8135e9cf58c599228037	26.23%
2020-07-21	ARC-N1076.rtf	doc	df064d2b2c29dc8f110dcd919081328a7f481f69cc521b3cd2c6c40cb1c92eb4	26.23%
2020-07-21	doc_20200721_9422.docm	doc	6c9063989cd23941fcc8533284a0e2ccd26555ec3b40e4f292ede0bf59605f1f	31.67%	Heodo
2020-07-21	FILE_20200721.docm	doc	7fd4027186cad2b91bd60610992523540ae00d02b8bce17010e9cfcff62836cc	30.65%	Heodo
2020-07-21	REP_2020_07_21_581.rtf	doc	954e8a3b2f224ae59b0cbc54c3f0585184cc2e26aed9315eefae4f05fe73a708	33.33%	Heodo
2020-07-21	mes-224373.doc	doc	50d5051a82f97571415ca2550517c6872eca80692c7d6db605082a0b9876d34d	31.67%
2020-07-21	Mes 2020_07_21 24492.docm	doc	23c6039e4db511bc4f78a07eab4780a9f8a41e215b277e15bbefb19faa85171d	29.51%	Heodo
2020-07-21	LIST-2020_07_21-815.rtf	doc	f76760e19ef8c715a396435ac9a3fc931699e03a431a25ba0f9d0f20c104495c	n/a
2020-07-21	DAT.doc	doc	2d765d996ee252399e74572c6d32bcf5d221d6c7383ea2f309c413cdbb39b167	31.15%