URLhaus Database

You are currently viewing the URLhaus database entry for http://gluonpharma.com/fonts/W/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	938311
URL:	http://gluonpharma.com/fonts/W/
URL Status:	Offline
Host:	gluonpharma.com
Date added:	2020-12-22 13:14:07 UTC
Last online:	2020-12-25 16:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (Ticket DCU003189239 created on 2020-12-22 13:16:07 UTC)
Takedown time:	3 days, 3 hours, 24 minutes (down since 2020-12-25 16:40:47 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-12-22	CRDNYA.doc	doc	dd82b52d79bb68812fe7c148c7b28404b63b2fc1fd843d57c05f546f44a9a2a2	n/a	Heodo
2020-12-22	VR7EJJH.doc	doc	f75577ce378c5ad1dab7b8543b7767ed54d337b11d15fb8dd0b260d9a31b036d	19.35%	Heodo
2020-12-22	O79OP3YHYY3KKUA.doc	doc	628715602170e6fa97dadd0ea965652619994ef5eadd84bda8c45db0db3ef0f3	19.05%	Heodo
2020-12-22	VA21K878YPQ.doc	doc	b5cabad4213a8d3f738e1ad1145a3130b3f5fe2739bcb8e5aa1f1ac3fa3fcd7c	n/a	Heodo
2020-12-22	R38YFJRUAE1WCA4.doc	doc	636b5138fc52da9fd4cc02ade2b4dc4986baf4b8614fec61d464e4a55f8e7e22	n/a	Heodo
2020-12-22	I8WR2AC3359RGA1T.doc	doc	3cf79aa67b9b74d228fd5e8d25633f13d2282edaa63d6ebc02bc95d05ed4ef45	n/a	Heodo
2020-12-22	PM1F55.doc	doc	3bf3ce943eb3a98b8fb23de45f72f9eab5c5c7ea78a98aa07a8ba5cf0d190d1d	45.16%	Heodo
2020-12-22	C2DPI126MQI.doc	doc	513747f9adbaef9a6fd640e8b8a083530ee0d8036b547d02d2465dd760e94d4c	42.86%	Heodo
2020-12-22	9WID30K3QE0S.doc	doc	6191dcfff06f36e7ae3ffab9272718d60482913bac94ce985ce8a5eaca930e26	43.55%	Heodo
2020-12-22	TPIVYU5HOTKZBW.doc	doc	942e084f202a3423e74c8d347b68accfea9d0379d76ec084dcde6260b4032e65	n/a	Heodo
2020-12-22	GTSDSQ.doc	doc	6f31c56a8ea0949ade1a3cabc55e00d367bb073cfaf7f1b447258c79483910f4	38.10%	Heodo
2020-12-22	GIPI9D4TBZNRSR.doc	doc	f8a293a233f791740b03d5e9f763edbe9ce5b7118b45986d500a6951716f52c5	n/a	Heodo
2020-12-22	3A713E.doc	doc	884af4ef4c4cce6b4b6d059a23ddacf8aeb92b68fbb4dcedfbaae3352f1fc5cd	n/a	Heodo
2020-12-22	ULZRXAGE.doc	doc	87cad8283d151d96c90fd747887dabd30d0012320be4132f2143deeb69c9c4e0	n/a	Heodo
2020-12-22	ZK00HCYYRW20D5B.doc	doc	72526ea70462d80cfb3edea310592329d47c4081c3ee6df1184a219a17b1a731	34.92%	Heodo
2020-12-22	2HCK6M0UNFAGV.doc	doc	86942bbcea50514ec00c4794847620c7ab3863657d7cc8119cf593ffb539cae7	34.92%	Heodo