URLhaus Database

You are currently viewing the URLhaus database entry for http://berraltd.com/blogs/INC/2tx8j5/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	698157
URL:	http://berraltd.com/blogs/INC/2tx8j5/
URL Status:	Offline
Host:	berraltd.com
Date added:	2020-10-15 16:42:04 UTC
Last online:	2020-10-16 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-15 16:44:04 UTC to abuse{at}cizgi[dot]net[dot]tr)
Takedown time:	20 hours, 37 minutes (down since 2020-10-16 13:21:58 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-16	B_XS9926397293KQ.doc	doc	416c28eeaa4f2ecdcea4ff0f31cb81a99f7a9f6ff65c9e96afec641dd8a84a12	n/a	Heodo
2020-10-16	DOC_PO_10162020EX.doc	doc	dc0d0beb0ff575d2b6244bad0266f584bbf8f4846051b62d2a6ba0f341c533d9	37.10%	Heodo
2020-10-16	REP_AJ6321122799GA.doc	doc	928ec3474e204aa23a9fe0971c55669cb5ad9a752f46fdb16c46c974035fdd9f	n/a	Heodo
2020-10-16	K_CZOCJERHY.doc	doc	01f98b1a31eaf93128b65347f3fc0e25b853d2535e9d828263002b80f0e445a0	33.87%	Heodo
2020-10-16	Z_M4I03C1.doc	doc	74f63318ba7dd16ddae51e0b9e1e8a253d02156b7ccdbc947aa9559b49ed49a4	30.65%	Heodo
2020-10-16	BAL_GPI_100120_VIJ_101620.doc	doc	650e5649d3b4dd927f8b6390e3ef98587b4c2e6769d5d2f5e459cb7f4872f363	31.15%	Heodo
2020-10-16	INV_PO_10162020EX.doc	doc	1b2652ca4216be8936873953880078a3db413557d80496831b1891f5947f4eeb	33.33%	Heodo
2020-10-16	INV_PO_10162020EX.doc	doc	8e9462c9a3766b0a41a21d609caf5c36fd65d502b5e17bde7bb2a99628d16bd6	32.26%	Heodo
2020-10-16	ZSJ_100120_STK_101620.doc	doc	6e1929d0be05fef19f8c294a2323971b7e2127acf7000f5e02e0a1a6555abee0	32.79%	Heodo
2020-10-16	R_DLK_100120_FUE_101620.doc	doc	86822c825f780b9e9d3fdaf61cb3b8ce210b2892fe9a2ce77faafa9518c34627	50.00%	Heodo
2020-10-16	BAL_OV3481350700LM.doc	doc	794cd8d6c12b283f0a19f40472aa0817f0b038ddce585fd66b0985d440e59616	n/a	Heodo
2020-10-16	QC8557384196RM.doc	doc	8c5946d83496491e60468ec85aa90964c00945bcbd8e72e8b05b9f230d85f7f4	50.00%	Heodo
2020-10-16	BAL_41617223.doc	doc	72b44b8e255ace9d74a54f19671fdcfa1b296bb221e038ab578044b55b309afc	51.61%	Heodo
2020-10-16	DOC_PO_10162020EX.doc	doc	095fe16690d338ae33d6608dbe94adf60f398907737417666034e7a5b64eded8	50.00%	Heodo
2020-10-16	BAL_78473567.doc	doc	862a3557cbd080c1e4b737d044d2a849ffc1fda3cd46e474ff947ff583357464	n/a	Heodo
2020-10-16	9U20F5D.doc	doc	0132d7543ceb26d2709cd377cfaa3132827b865267e7b98d31bcf3f38e3b1c3c	53.23%	Heodo
2020-10-16	DOC_51212443.doc	doc	6bd70c37738737b137dddf5e137cff39eb5baeca80217787c95d5ce885c5854a	47.54%	Heodo
2020-10-16	FILE_KG1959694725QY.doc	doc	766e921c13edd4367d95fd44b3070b9d4bbee1886ba2e298fc91f030e5e034ac	47.54%	Heodo
2020-10-16	MK_CZ4013900538UK.doc	doc	9ff3fa5bcfc5a9b21abf19a4f8f3c406f0874fd93f8508c58e42529f672a6d23	48.39%	Heodo
2020-10-16	U_HNV_100120_SBX_101620.doc	doc	5611d69fb48d899f85406429e354830c4c4f33259af76c16a74afbefa925fd1b	46.77%	Heodo
2020-10-16	XZN_100120_IJZ_101620.doc	doc	3a3dd7687c72a79fe44ec05be24ef77e62e6b1cdcf3f202251d6c12e94475dcd	48.39%	Heodo
2020-10-16	INV_ZB4399935318XC.doc	doc	63409e6742b521d02cfb6f833ee7484c6db70237e48675a06c28cc7c9920bfe5	50.00%	Heodo
2020-10-16	P_PO_10162020EX.doc	doc	a44bec73fa5d84c99c152a133907faff21cecbabd17faba199a628c8259be229	48.39%	Heodo
2020-10-15	DOC_7551089962389554.doc	doc	c092eeeaefd8e9d4c328cc78e77530cb40fc820d921ce06c271c47781aae2da4	48.39%	Heodo
2020-10-15	658266417789553832726.doc	doc	00534d43b370927552e8c71deae866472d34d67e1af2d02b93067c8b2fbc279f	50.82%	Heodo
2020-10-15	BAL_661500140910849849918995.doc	doc	dd30e8495694397703816d63ba5a77f3eac6a41216b2d2d536d627d85f015c87	48.39%	Heodo
2020-10-15	WGR_IZ9V4M623.doc	doc	2955467d39aee8efaa08f284298b86e105ff6b8855c674bb41e38ca21d2c6bfe	46.77%	Heodo
2020-10-15	INV_BAZSM169ZO.doc	doc	874551f55294cc8838b596c8ffd8d4600ade4c1e932ea618012210a3ac7137c2	45.76%	Heodo
2020-10-15	INV_687061699611526.doc	doc	9e6ccb86ca25351f22a9960687787487cd93476f21e943368886f63c03167222	47.54%	Heodo
2020-10-15	REP_PO_10152020EX.doc	doc	29d8f14d9aad7f7303bfffcff57109e4a24983050638c356af826bf4febc04a2	46.77%	Heodo
2020-10-15	DOC_48824344.doc	doc	a0af2c0d46bfa10fc4589560d7055a18babee6615726fb2893b817e111f9ecbf	n/a	Heodo
2020-10-15	DOC_T0D5J35HKDWB2.doc	doc	1d9754d306c2afe8fd501b6a7449ce2b31988935a52af20866fe321c5a5b0645	47.54%	Heodo
2020-10-15	DOC_BU0186382772EI.doc	doc	200fd063fbce58987452058b68b6f0d32d9fd51afddd74f6ed466124627fc51b	n/a	Heodo
2020-10-15	DOC_4174366921093.doc	doc	70652370e67cef224785a44a3bb57d19f00a8b000714cf7117ed9dec27b3c920	45.16%	Heodo
2020-10-15	REP_PO_10152020EX.doc	doc	df301a07bada1a07adbe33c638f8c00159a565bafec1b7fc1ff5ff69b6a7946c	44.26%	Heodo
2020-10-15	DOC_7B0H34A5258ME3.doc	doc	590e91cfd2bc7164b8528b3e845e9d45e8328e9148b90c0836936e9d870ca895	43.55%	Heodo
2020-10-15	U_OG8239620374CJ.doc	doc	0ab272f979fa9aed2035beb2f578c7dd1b689f64452457def9e7aca2d1c91a3a	n/a	Heodo
2020-10-15	GKX_100120_QEE_101520.doc	doc	9e399c9bbd8e0a5be20ce299ce14f5e1f7ae22f19f564231c3650f1a6c055c3b	42.62%	Heodo
2020-10-15	73996447.doc	doc	81fcbb632ef9fc5a4bbcbd81603127c1a0238b784579f62735dad19fda06ab77	n/a	Heodo
2020-10-15	NQ8393413042CK.doc	doc	5ad618126d3a4620ccfcf17d3e8f5d4d6550ad44b24a5d874a9cbf33d8976d03	41.94%	Heodo
2020-10-15	DOC_KW0749625006RY.doc	doc	5054c0740abc74c3d953105c380fd564a4a6ed4ee869aea2d48102b7f9feb1a1	42.62%	Heodo