URLhaus Database

You are currently viewing the URLhaus database entry for http://defiteqturkiye.com/Uh/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	435272
URL:	http://defiteqturkiye.com/Uh/
URL Status:	Offline
Host:	defiteqturkiye.com
Date added:	2020-08-17 23:48:52 UTC
Last online:	2021-02-09 14:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-08-17 23:50:07 UTC to onur{at}voyar[dot]net)
Takedown time:	5 months, 25 days, 14 hours, 50 minutes (down since 2021-02-09 14:40:17 UTC)
Tags:	emotet epoch1 exe heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-01	oRahbU.exe	exe	9fbfd39d2bd6b7036ffb2d07030f43150d77dca2548789ff43ddd1d209e739a9	n/a	Heodo
2020-08-18	TKhVTz.exe	exe	ca5f8b324f8bda5e04a3f445453842bd3f3b0e4b5c18ad88e3544e61e3e4c39e	n/a	Heodo
2020-08-18	ysr0foR.exe	exe	7af6e90935849ec7ee97b0a3851c3071db7b5540404cd2b332d61f58cf865672	n/a	Heodo
2020-08-18	OqVTUHU0BMobO5epBQVq.exe	exe	c721bf1fa2c7f9717138a6638ecb16ea9d49de1d087ce850a44f6a27ae27c181	n/a	Heodo
2020-08-18	NhRKXtYH1Jnb.exe	exe	dbd8a967a716077bdcc3b39ccb5ffa63319dfdfc1946fdcefa96e94fed34d0e4	n/a	Heodo
2020-08-18	Qy0bz6F6.exe	exe	39f3e7b3059fa047e731a92eec40375a25982d858dad0885239a0d5026d47ae5	n/a	Heodo
2020-08-18	XUuwZRl2KvgUwcwks6j.exe	exe	3c1077d04a6413f8ebd9074001ef1a13f7fb4a6e9f5567d3188a0110ca8ad51f	n/a	Heodo
2020-08-18	sBBenTr.exe	exe	034fc0dd21ddf57bfc5794b7831f93ddf5e4a50d945b7bb24a1d57d4f63f7715	n/a
2020-08-18	oLTQFe9K2bPZ7QXToN.exe	exe	95fdff76ab127a1a1a25e2104f27c84fcaff6bda9ebb6796d818ad8f49224fd1	n/a	Heodo
2020-08-18	WSSnGg0WTSGwUs.exe	exe	4317157062ba9c7dff9b02b09cb984ec27be0f7aa2c66f87d9fcfcc5ca49ee05	n/a	Heodo
2020-08-18	iTz2A.exe	exe	29bab0356ae986107cf3a50a2e06ade12fa1e5b4daf200d4be6d02f1dbfb9256	n/a	Heodo
2020-08-18	ozUzXOgV.exe	exe	71c919dd39aa7c73718e19da2ba99df79f3f8b95e67baa77a27c1dc9c76efb67	n/a	Heodo
2020-08-18	0OIDjY1wrl76AQspF.exe	exe	bdf38880ab884788e997051e8deb00fa7b076894cdbe9e0a73bc6bfa3564f2b4	n/a	Heodo
2020-08-18	chOe.exe	exe	408c82bcf348a47660adfa2dcbcfa7cc772aa077600f6a282d8734f01cabf48b	n/a	Heodo
2020-08-18	htgP12o2tO6QzKC2LU8F.exe	exe	ad9f0869598cdd53ebdfea5f91cb69213545a36c149d43ade0299bd9fd53a5fa	n/a	Heodo
2020-08-18	lErhN.exe	exe	e79d847413b857f25001a81ccaa6b9177aafea52fdd4fe06f810fd3c7f45c2f3	n/a	Heodo
2020-08-18	1xGVS7K4qYl1wFA.exe	exe	6f8cacb5d8eee22022213676c6dedce9c5e0cf232b7c92b8ffbafcf2c1eed7ca	n/a	Heodo
2020-08-18	tbQACBCF.exe	exe	85c107583e1eeb6d252191765946acd4758af3dfd50165fb52066f1185bffb23	n/a	Heodo
2020-08-18	KhEZ9X3eAMnFsEho4h.exe	exe	55b369209bbdbe1025e24977072da2736abf637900ecc836af372c352af93463	n/a	Heodo
2020-08-18	WFMh.exe	exe	8d7f31194e86bb199f285c9eaba0aa868a001547d2afc22442413538e087a007	n/a	Heodo
2020-08-18	SFV8BybyR.exe	exe	2b600f842ee2025b1b4f9fe9eda682df691d3205fcc9e6b0e8de72598bdad744	n/a	Heodo
2020-08-18	QZ741wYiyKgWgO.exe	exe	903ccf60be1b3f1916446b04eac70f4be6ee03b90d113324ff5045c4eba50f18	n/a	Heodo
2020-08-18	GdTPLXtOYxS6L.exe	exe	7e17c7de436905ceffaaf94689df9634f47b068aa0e3118d4bb5b9806e42dd93	n/a	Heodo
2020-08-18	zlx6BRRju.exe	exe	11ea3c300fb463111cc7579027aed61752fda96fc049bb4be8fe444eba0cba53	n/a	Heodo
2020-08-18	64H6m1rALxD5iYLXI.exe	exe	001b9b45b4a8d3c820d3121e8917dc954a3903ba18a9e10c787ab08d857fc899	n/a	Heodo
2020-08-18	XIzZf.exe	exe	972bff3412208e78da70dd0a74add7293efa45554ead051594708f660ce59dc5	n/a	Heodo
2020-08-18	IkIyeiZfedyvKks1.exe	exe	0c965e9b46d2d372ac9d9cbe5e7544af26b38b27789d90be483dbc83a945c583	n/a	Heodo
2020-08-18	RT0USOSVwKwg1Gvgw4P.exe	exe	ae50eb5f5f93e442ad3a49f9c6e7168394ca1c5a12dc1cf5b988f7946a2a3a41	n/a	Heodo
2020-08-18	GweH2G7.exe	exe	f14b0e8e1ab3e8be39a08f1e154634e9898f2ecc504caa04e6d836149b7d162c	n/a	Heodo
2020-08-17	e50i8n2GE47UpfKVgTnEZ.exe	exe	25608716e053b3911c202d9ef6080d0054309116c009755e411068aae92297a5	n/a	Heodo
2020-08-17	u3iZyvJobiB1SQmdWPPAP.exe	exe	d709664e6258b3135a9cdc2eccb685171669c39a34bc9101cd2cd6e8bbd6337b	n/a	Heodo