URLhaus Database

You are currently viewing the URLhaus database entry for http://gueben.es/wp-admin/Corporation/EN_en/Question/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:91585
URL: http://gueben.es/wp-admin/Corporation/EN_en/Question/
URL Status:Offline
Host: gueben.es
Date added:2018-12-07 23:54:26 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Blocked
AdGuard :Blocked link
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-07 23:56:07 UTC to cubenode-abuse{at}gestionclientes[dot]org)
Takedown time:2 days, 11 hours, 24 minutes Poor (down since 2018-12-10 11:20:41 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-08Invoice as at 08/12/2018.docdoc cf88e56a49dfedd35d6f17bb23549f69eab86fc825c73a6ef4d1881458e072b9Virustotal results 27.59%Heodo
2018-12-08Outstanding invoice.docdoc 2c1293204660fcb2eb1bd7ddeeec7f3cff7047a232a2d4bc870808da8a9e20dcVirustotal results 27.12%Heodo
2018-12-08Latest invoice - 115202.docdoc 0f5433ab920108d28f85dd26b966eea92d5b6b4139b25d3c0e3d5633d49264c8Virustotal results 31.67%Heodo
2018-12-08Accounts - Invoice.docdoc c8ab717c4553172911faafc6c020f43c3f0b85baec666bd59b2f3b1c8aed72c3n/aHeodo
2018-12-08Inv. no. 7596I6331.docdoc 866fcfba798f6c149d8d05d5fcd7b69923e062184be7dd8032a85f4dfe3ed077n/a
2018-12-08New invoice 3VYM613593.docdoc 6d803fd64139bbee1f626acd3c70bc7161830715b44690129776a0042fc9890fVirustotal results 32.20%Heodo
2018-12-08Billing Invoice - Job # 611172.docdoc bf3be68b7c4213331aa70774dac0b6b40e39fe2855a0720581a6d961cdbb1ed1Virustotal results 27.12%Heodo
2018-12-08Invoice as at 08/12/2018.docdoc fb2ade57df3cb19d56bf11630e3b4a4c5630c93f32819ac9b3be38fdb07265c6n/a
2018-12-08Invoice.docdoc 044e655d0fe512ce8520d60059e584f4249692b719a651625b5af8f611bc50d6n/aHeodo
2018-12-08New invoice 8RSA151617.docdoc 6900f9365990d8a07af60206f212c882a3f9fa94094ad5f0c830729bd07a7ec9Virustotal results 32.20%Heodo
2018-12-08Latest invoice - 332513.docdoc 89d8c90d091111f17323aae268bc8732132c82b6507a6e4773378a2e288e1fbcVirustotal results 31.03%Heodo
2018-12-08Invoice as at 08/12/2018.docdoc 31a5708017dccecb00745d4de9fc537f8f6bca063ebca4174e0a255bdcb68a66Virustotal results 31.67%Heodo
2018-12-08Invoice.docdoc 0c12a101913d4ff5a1613c5ca147235010635efb9d85d6925fbdc979fa56182fVirustotal results 30.51%Heodo
2018-12-07Inv. no. 8133W93101.docdoc c756afbd3876586b79f4d54ff38e623414f3809bff42d0f93df1cc1cb1908057Virustotal results 31.67%Heodo