URLhaus Database

You are currently viewing the URLhaus database entry for http://gundemhaber.org/EN_US/Details/112018 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	80029
URL:	http://gundemhaber.org/EN_US/Details/112018
URL Status:	Offline
Host:	gundemhaber.org
Date added:	2018-11-14 15:58:25 UTC
Last online:	2018-11-26 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Blocked
DNS4EU :	Not blocked
Reporter:	unixronin
Abuse complaint sent (?):	Yes (2018-11-14 16:00:06 UTC to info{at}fiberserver[dot]net[dot]tr)
Takedown time:	11 days, 18 hours, 3 minutes (down since 2018-11-26 10:03:42 UTC)
Tags:	emotet heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2018-11-23	eFILE-2715613263.doc	doc	6195196c46c199f782c906cf8bbfd89e24ee3c77dcd4648675cf0dc30bacedef	55.17%
2018-11-16	file-596864861381.doc	doc	cf53fd4d67bef004c93368ab5b0a206187c3e46607a103e2fe17107da84b3f6a	n/a	Heodo
2018-11-16	DOC-9666470926943846.doc	doc	8e57c4cc83559c365ee46a558904127bd85f6d392ea649b580f4077150bb7253	25.86%	Heodo
2018-11-16	eFILE-49121682305826.doc	doc	f26e16e76f58ac05c4b6c80efd54a0da2de37bd3e2a3740e8b35f46d29b4bc0a	n/a
2018-11-16	Untitled-97780274444661.doc	doc	65172c366059deb25a4ea09c26cf37d4a870bdad43f56d5592ab92a8418857dc	n/a
2018-11-15	doc-5512696135420.doc	doc	fd83a337f59204f26517ca8e46cffdb57bb1743da265f5e7459c2687678c35cd	n/a	Heodo
2018-11-15	FILE-26692507654.doc	doc	36e4e66491a3a766c20092065b29b120760c13558f0ccf039068215e938a0eb3	22.03%	Heodo
2018-11-15	DOC-32222428802440.doc	doc	1d6fa30e6c19936ebc423db16a98eb9c4361d59bee48347ce655d3f3240cce44	22.03%
2018-11-15	file-3751693227317422.doc	doc	ebd855763c68aaaab46f85996f5923d70ddecec3b72bd4ba40024f18fb430397	30.51%
2018-11-15	eFILE-43392473596.doc	doc	8046bbabbec42f28bf3fef090cc026e847683f36f340d71732009edfc6ebbb76	25.42%	Heodo
2018-11-15	file-12735502541374.doc	doc	72b6a198cdc160c0fded64b3999d10670f88d2c72951ddba4cac13f1cca963d1	22.03%	Heodo
2018-11-15	FORM-249006791943.doc	doc	83987b42872150d5ab352c35fab36f29561642f3383d8501cbd430f3809b6f60	22.03%	Heodo
2018-11-15	file-0961504458.doc	doc	4bacae6838115916aafe7077a78e68a4f0804f4ba7a98731069cab75c3b0d1d3	22.03%
2018-11-15	doc-57927383583961.doc	doc	fa9c688eca6d6bce62daa188325f51aede4f4342c23b9dfdb4c5592ee6b14f9a	19.30%	Heodo
2018-11-15	DOC-84382340219.doc	doc	576e0a6ed02651d2e06a7face89a78f9f5b5ec24c7dc2c2fecc0bb676747888e	15.52%	Heodo
2018-11-15	DOC-0191086221.doc	doc	4d12b8d73d68c14c5c765906aaa07aea20839a74c9cd0f00f926d7c5bfda9edf	n/a	Heodo
2018-11-14	doc-73729357659714.doc	doc	e68125b87c26994e9356cc2bc7e31ae6e3a16a8ec86975307efb481e1e927391	23.73%	Heodo
2018-11-14	Untitled-32457059826.doc	doc	a62bad38fee41715cddcba7bc9828dd86de629762b21cdc86eba7ab86e39ae34	17.24%	Heodo
2018-11-14	FILE-808989196226476.doc	doc	43099c7f72b6aff08e3ddb1566e32735c66b1751500fff124af6e1a761c1ccbc	16.95%	Heodo