URLhaus Database

You are currently viewing the URLhaus database entry for http://gokulnath.me/wp-includes/common_section/KhCFbA7_sJYvdjh9_forum/DDmLLBDPlYFb_d40zzr0dG/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	416198
URL:	http://gokulnath.me/wp-includes/common_section/KhCFbA7_sJYvdjh9_forum/DDmLLBDPlYFb_d40zzr0dG/
URL Status:	Offline
Host:	gokulnath.me
Date added:	2020-07-21 18:48:37 UTC
Last online:	2020-07-29 05:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-21 18:50:03 UTC to dcundiff{at}a2hosting[dot]com)
Takedown time:	7 days, 10 hours, 40 minutes (down since 2020-07-29 05:30:21 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	INF_2020_07_23_2926.doc	doc	aec05999d3751d7cfd9ade2316388ee6da303748401fb7eada3edaf2b37a18a3	43.33%	Heodo
2020-07-23	list-20200723-OFK147.rtf	doc	b60064c8db21645429edab0b94dcb5dc93c7325774e13b65c0bd79497eef8296	44.26%	Heodo
2020-07-23	ARC 2020_07_23 5161.doc	doc	b27dff26a97f18384d8db6b7e5a3c5006d66ed61bba5313f802ebf96543c1c5e	44.26%	Heodo
2020-07-23	file_2020_07_23_AY795588.docm	doc	1a49241764ba049de98c9d050dd57d0c9089402768b9a1206e09dedde0282d0b	n/a	Heodo
2020-07-23	ARC-20200723-KP9658.rtf	doc	c685dc92b2f626e331f4d31a5db4b218823c143b7c5338fe29b8518455179cfa	n/a	Heodo
2020-07-23	Inf-GD377.doc	doc	0f79dd6c7bd7490955e93399a3e660272c22f6f7f5e97a24ff33d1d1af714941	45.00%	Heodo
2020-07-23	rep-2020_07_23-OF185.docm	doc	34184c5992ed62afbaee71a96232106fc41857b255341becc56b01722b343c3f	n/a	Heodo
2020-07-23	Mes_2020_07_23_AN286466.rtf	doc	654e6bd6920ccd6177242d7e58e504e354a9e5fc0be08816ce3afaa64b0dee93	44.26%	Heodo
2020-07-23	mes_41242.docm	doc	ac7930487897476241e49fbc630ae0da49daa5efde7a3b8f017ec4e1a6d97133	45.00%	Heodo
2020-07-23	Dat_20200723_6045734.docm	doc	907cdbd0036f8c72ef0830f26aee15b16f5498fe3fb88c9ac852fecebcfd2771	44.26%	Heodo
2020-07-23	dat 20200723 767.docm	doc	c4ddc964c0d911deab5fe24136c588c63d4fe247aeedd42d0ea37491e44af3e5	44.26%	Heodo
2020-07-23	ARC-20200723-77731.rtf	doc	4e765584956c4f9fe770cd92e1d32522023508d48ba53b6ce7ace6c04d4e8d83	43.33%	Heodo
2020-07-23	arc_5975483.doc	doc	cec6250fbf5fb227dd2bdf92b7031f41fa3d65fe1f1d5a441229c14913884ea0	43.33%	Heodo
2020-07-23	doc 20200723.doc	doc	3871eed6206b0a99254d0c9687c02a628857c89231e009285a476dacff80d98d	43.33%
2020-07-23	mes-636095.docm	doc	769b01f8c9dd10732e0a5d287a38b2946260496bcb17be7319e7070e4f3a62b0	n/a	Heodo
2020-07-23	Doc_2020_07_23_5624.rtf	doc	9a3ea141f8d72bc76545f030fe43d91476ce753bd525ed872269184599692c81	42.62%	Heodo
2020-07-23	Rep-LAA225.rtf	doc	79b3b0ed83202e34b8f1e3030face4fc7df332281b16802674bc0cd0dd27bf5a	39.34%
2020-07-22	list_20200723_4912.rtf	doc	b936ca1824141941696f21188294398f23a5bf8f6dc5211f7a89d68996eb1496	39.34%
2020-07-22	doc-2020_07_23-E671003.docm	doc	85c9b8464b14bbfbc90c01fe540a9ba134191dd42668aebfb5c09e35b1887dc0	39.34%
2020-07-22	File-351.doc	doc	8aa7ea8c9d1c9de29d54f88600c9ffc99c05fafa3017b298e03b7cbc73ddf5e7	40.98%
2020-07-22	mes 20200723 3286.rtf	doc	093cc1977c0adf342635037335e8d76802041ca0b406c065ee63bb3c4b0d30aa	37.70%	Heodo
2020-07-22	Mes WKQ570942.docm	doc	be720b7a706eae0e4fb267e2ed1709351ae68658728bc8e55a774921eb79a81c	38.71%
2020-07-22	INF 2020_07_23 765893.doc	doc	06ea16c8f47256c5551752bd00c34d5cb30e9b5ea7daa3434e35ca178ca75c2b	37.70%
2020-07-22	MES-2020_07_23-MG454.rtf	doc	9ca7a8bb979b122572d3ac88c0a7098b351bdc0146d1a2d1e0b37bb133d9c427	36.07%
2020-07-22	File-619.rtf	doc	7b0a43ed14a889ff1b2f26657bc4453ef52f45ffa85ed059e8109ce860239530	37.70%
2020-07-22	doc 20200723.rtf	doc	86ef20dcbdc30f082e16816d3281b197b1e34d03d05c1098a867b9d840802cab	35.48%	Heodo
2020-07-22	Rep_2020_07_23_PV0063.doc	doc	b7443aa0dd6d738e32a1c4fcd5990b7ca23d2fa98f65c703514e3e82d72d7843	35.48%
2020-07-22	Mes-2020_07_23.docm	doc	c1e8ca6ab04cda931078956f97ce9472cbac4e8d0718506c2d4f3c618514e7c5	37.70%	Heodo
2020-07-22	Dat_2020_07_22_RIO96706.rtf	doc	e11c9ba64714228bf279f8f486767e6c73cfa9103641d0295bec1dbf6e7bad2c	40.00%
2020-07-22	Dat-AD0471.doc	doc	61ac92f083c25879585954c7ade43b7b17fefbfadc38a09fa9793f769f33f9f4	36.07%	Heodo
2020-07-22	Inf_38953.rtf	doc	73d6cf5248a0604eba81bfe1a1f55473820a97df0c5746014dd47e3d10071cb2	35.00%
2020-07-22	arc ESX9924.rtf	doc	cf53854628d9e95bf9c5b164c75908fcd42e2de87401607eaa617f331d376864	36.07%
2020-07-22	MES_2020_07_22_763.doc	doc	4e5ca71ab308655fe2a2430dfbba2c2f7633fbda4a0e4c44714724f00e27dc51	36.67%
2020-07-22	list_775189.rtf	doc	ef64e139ac5120bcb2be7ca49559d2e39d9a00d5007ba03f7745618a805d08cb	40.00%
2020-07-22	FILE 20200722 557643.docm	doc	0eeaea647018150c88d5f2e63cdcdba4dbae14ad5e23b7ac5ae1a632965674c7	36.07%
2020-07-22	inf 2020_07_22 542.docm	doc	d516375ff9a645547e27b1359395936c1ba1c5725795a78864b281f8a8b426d3	36.07%	Heodo
2020-07-22	Arc 2020_07_22 XS07054.docm	doc	9386f4a822f6bb11eb7588717ea43c765b9501a32ca42607846f8f577ea7a8ee	36.07%	Heodo
2020-07-22	inf.docm	doc	8377d8c4302ad8a31a44fa320938d524ba143b4b076ad91fda4c5c1b73aa804b	36.67%
2020-07-22	dat-20200722-45817.rtf	doc	4e537fac2f1b71c8466b55b1539006dfebfcb9d8d01c793df2ba1198de425f12	38.33%
2020-07-22	rep_20200722_XK92538.docm	doc	96836e41326e43b6568b375f848f490a866b35aa2247df397caa46a4f00961d4	37.10%
2020-07-22	list O942194.rtf	doc	5f934443860f4ada8773989bf4ef1a4f9b25d5b0b8449222afdcc5ed0f44748b	37.70%	Heodo
2020-07-22	Dat-20200722-U679982.doc	doc	3cdc4b152007b8583277c7ae4ad9e2df4b455d70ea68db4e16537a0354c97362	38.33%	Heodo
2020-07-22	mes-2020_07_22-1747.rtf	doc	00f9030cbfb095139a4e8f6fc9e282149fb32fa202c75dd95063951b237bdcb3	38.98%
2020-07-22	doc 2020_07_22.docm	doc	663a5cc4bea53e83055d9c30b3724798add62c0a512896dac94c3366578d426d	36.67%
2020-07-22	file_3535.rtf	doc	d89c2b2131e03e4f8eac35b8cb25de8095bafff8642629e1a4b64b391a014a77	34.43%
2020-07-22	MES-2020_07_22-I90903.docm	doc	0d2b2e5794724ab6ae57c685edec0b231442d3fcd013fe7ef774aed48cc97bfe	n/a	Heodo
2020-07-22	dat_20200722_BK567313.rtf	doc	f20360cd3061597269d3c295d95bab2703ac3dec8db564d56299e29db66601f8	35.00%	Heodo
2020-07-22	Mes_2020_07_22_599741.docm	doc	933c7f05b56492f880e1716a1240b0bf1679fb740c973b5adff2f3575ae2a3b8	31.03%
2020-07-22	dat_2020_07_22_8009.rtf	doc	fb1530a751799859585501c02c6cce39addd2e4572d8df0149ae14735eb2f113	30.00%	Heodo
2020-07-22	MES_20200722_BZ442956.docm	doc	ea706b82af6db4923a45eb4f03a0e2fbffc2c8e5888cbe9539d101c7d139cf50	28.33%
2020-07-22	List-2020_07_22-V398525.docm	doc	6babaa931bc26a787edf3d1d3118c0a45416f2e9deb01bc741decf522a2bda49	30.00%
2020-07-22	dat_TDA3692.doc	doc	8e68dd2720dc2775d2a42abaf76de80d689fdd34c0367de007c414def3d2d33b	28.33%	Heodo
2020-07-22	mes ZC390.docm	doc	3f0439068eefa5ef762b899f9eb133708916084d5e2f79a0344093fb19c3c026	30.00%	Heodo
2020-07-22	Rep-20200722-HQQ38100.rtf	doc	bda45a277d1d57050ac2f680f22b728a35eb2aa5d67471ea2b55817d66a982c8	26.67%
2020-07-22	Rep-20200722-36753.docm	doc	6f567c0477f01c7cb169abe9c9bbd5a18c39d7a68160438508adc626a2835d2d	27.59%
2020-07-22	Doc_20200722_0957224.docm	doc	b35d6f30710cd9faba8bae89a03e685b49544da9744821e0123e6585740a0e3c	28.81%	Heodo
2020-07-22	FILE_20200722_539.docm	doc	4ef2c8006cf9685f61441f329dbce4b1cfab1f70eb6709bf48168b31c42eba0d	26.23%	Heodo
2020-07-22	Rep_20200722_0136413.rtf	doc	21443c68d64ecddd740c7966067a4bed9de79aa081c06b9ad97fe8d8d0e0716b	25.00%	Heodo
2020-07-22	rep-R552722.docm	doc	4a208003acf718f4503edc32f76f194bbe6169c8a1863c6b3b3846ae863552d4	24.59%	Heodo
2020-07-22	MES 2020_07_22 1359.rtf	doc	8a4dd2564fb906334e1702628a5b52b6ab20497d1a5522332c4879a1eb778c7a	24.59%	Heodo
2020-07-22	rep_20200722_A505.docm	doc	cf527cd37a84ec65c4b6d8a8b816c739b62805416400d1527c8ffd7d3931a298	25.00%	Heodo
2020-07-22	Dat 20200722 92480.rtf	doc	3550a00d6cf8efb047a97d984cc26719d87014434ff444e3b70427e1b1670342	25.00%	Heodo
2020-07-22	Doc 20200722.doc	doc	a73ea0967cbcfbf0070a32f075b9b8e4f448d2d60f08f78ef9439b64394fc035	35.00%
2020-07-22	FILE_20200722_ZW46734.rtf	doc	8cf9d9d42298a4668f016012416111f8bfcd129c4b0ce9050c28a283734568ad	32.79%	Heodo
2020-07-22	mes_2020_07_22_N106715.rtf	doc	20f29a9a1184a44a6ce629ca9668c86c1e6cbd4479a1bc1c3df082d17a1762db	34.43%	Heodo
2020-07-22	mes-076330.rtf	doc	7eb51f8c4719f0171a98650b63385c15908628fc4ef7838c410fc53c46a0b8a6	33.33%	Heodo
2020-07-22	Inf 20200722 347033.docm	doc	365f2b2480d704ba0fa82cf5c25d92895a3518ed02ec36ff5f150cfe091b3574	29.31%	Heodo
2020-07-22	rep-2020_07_22-FMK5535.doc	doc	b58dbe82f7a65596a2277d1c5ef1e42945e45cd0ad84c35872e1ed404607b9b6	29.03%	Heodo
2020-07-22	Rep_20200722_7398493.docm	doc	c07649d058f6470af27cb972b0a9306496e2641bf959dd66206f3feff56b83c1	28.33%
2020-07-22	list-2020_07_22-1506.docm	doc	04b189501cde3a8e14a2de3bb20b7313da30db8f0a7af0862cc14e400caebe06	26.67%
2020-07-22	list 2020_07_22 3575.rtf	doc	b9d12dfc9cfedd1db467c5663c3e1f8253748e5b4743b77fc487e6fe12ee657a	25.81%
2020-07-22	Arc 2020_07_22 6752.rtf	doc	3374b8c7bab8c4d65f45434d84b29231b7a403d578c2b123e75507b6bbe14653	n/a
2020-07-22	arc_UQ5283.docm	doc	ecec36458fac5fdf0031917d979c2539b70801bdee88e022ee090a48109e63b0	n/a	Heodo
2020-07-22	doc-2020_07_22-R06954.rtf	doc	a726db669cad36b2fd25878a66e81894a830c83827693b16c8e8e44b832036c3	n/a
2020-07-22	list 20200722.doc	doc	3e65642f10d2b821a0c08b74d0ddfd34717dca5f9918551779815db934ae7963	26.67%
2020-07-22	FILE 2020_07_22 PN47231.doc	doc	d7b8fec9f533a9c31e7fe587b89552973d00bff30e4c7d8f7d4f2d93bc0eda1f	26.67%
2020-07-22	FILE_20200722_632.doc	doc	ea444cde5a8ef5b6165a348732af41e4c634669259036caae42e242c5a7c9b1c	25.81%	Heodo
2020-07-22	Inf-20200722-920364.doc	doc	7fb831a6988b9e816af85e485721d4e44b500b6a9d30af5b82cf9ec4d28eb584	25.81%	Heodo
2020-07-22	Rep 20200722 543.docm	doc	d3bfea33a12c522ea8faa7840613e14c78035362c064c858c1467513a68ac9a7	25.81%
2020-07-22	MES_2020_07_22_FTK14659.rtf	doc	812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981	27.12%
2020-07-21	inf 2020_07_22 AX520661.docm	doc	c20821e80c5ce943d4b87b9416329f0502a4da3c97044c8fd7016172353e1626	26.67%
2020-07-21	Dat-LS34577.docm	doc	f03863257ba6bfc7e029c245f3dd3f892fe5a6aed79b625b2c7314f3398b723e	26.23%
2020-07-21	File 2020_07_22 K78996.rtf	doc	3e24c4373b1e2ba1e3d16925cd0d4a1752452402ae4aaa8ad8ce498bbff5335c	26.23%	Heodo
2020-07-21	Rep-2020_07_22.rtf	doc	4ed6d7c9f2e9292974253fd9e5b4063a391c156768d50cf6a8deff4425a099b2	27.42%	Heodo
2020-07-21	list_RFR2979.docm	doc	2027e8348e8d2f364d55b2bf47f9a4b37fd2ff7aabdda5ed056e3f6cd42cf777	26.67%
2020-07-21	DAT_2020_07_22_295322.rtf	doc	139f5bcf4c7fcbe0a8a5d940c5d38dd847e2c979df74dcf680208e73b8ac668d	26.23%
2020-07-21	Rep S810.rtf	doc	205a04626bdf6f3da605d8f8ba60126d02451085528330524d899a38520be8c3	26.67%
2020-07-21	Inf.rtf	doc	b88eeea6841abee77c07e6b5243d98213c6997de1033e14ddec0cf10b9b11c35	26.23%	Heodo
2020-07-21	FILE 2020_07_22 6749.doc	doc	db88b385b97b7038cd233960f7f99ce350a72a3eecf6bbbcb227645f111d4e7c	n/a	Heodo
2020-07-21	LIST-20200722-930945.doc	doc	ca4ae10db92df8cf44bacee70e7560ae411a37d1559687ad47687282ca447526	25.81%
2020-07-21	file_2020_07_22_05123.doc	doc	c14b2e55a66651e287542e13c52b9e5490534ee0d55cde933f5b6f0744ca27f9	26.67%
2020-07-21	File_20200722_ZYW7877.docm	doc	6ecd03bfb72de9f29bc5556f07f77b6a3ca030b9e385fe6b910678d2c8da855c	26.67%
2020-07-21	LIST_20200722_15679.doc	doc	d5af3b606fe2dd9a542f85aed4bab475b5d2f91b9dc5e3e5091cc385e4624869	25.81%
2020-07-21	doc_5049.rtf	doc	9be7c3f81952da7f9646905dc1eef8759806bebd07447af9e6c57f9828230843	26.67%
2020-07-21	DAT 2020_07_21.doc	doc	a498a07bd860a86bd937ea230aea64bdbc55c3040d90c13e57a2670608c1af3f	31.15%
2020-07-21	DAT 2020_07_21.doc	doc	a498a07bd860a86bd937ea230aea64bdbc55c3040d90c13e57a2670608c1af3f	31.15%
2020-07-21	Rep 20200721 97596.rtf	doc	2748fddcf19685fe54157b965c7332d3abe89dee666467ba9655e4ffb6d805e3	32.79%	Heodo
2020-07-21	INF 20200721 L978930.rtf	doc	954e8a3b2f224ae59b0cbc54c3f0585184cc2e26aed9315eefae4f05fe73a708	33.33%	Heodo
2020-07-21	Arc_20200721_817009.docm	doc	50d5051a82f97571415ca2550517c6872eca80692c7d6db605082a0b9876d34d	31.67%
2020-07-21	LIST-8360.doc	doc	5676204dc114c9f08d3e8b9d365abd67056893923c3fb15afed9d3ffe357507a	29.51%