URLhaus Database

You are currently viewing the URLhaus database entry for http://lpma.iainbengkulu.ac.id/wp-content/uploads/US/Clients_transactions/122018/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:93850
URL:http://lpma.iainbengkulu.ac.id/wp-content/uploads/US/Clients_transactions/122018/
URL Status:Offline
Host:lpma.iainbengkulu.ac.id
Date added:2018-12-12 19:37:46 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2018-12-12 19:38:19 UTC to abuse{at}telkom[dot]co[dot]id)
Takedown time:47 minutes Wow
Tags:emotet epoch1 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2018-12-12file-860458255089230.docdoc181c3ebe7f8c9dc8ae1841e9329ceea8fe4e1ac360fc00c53893a891364879a4Virustotal results 14 / 60 (23.33)Heodo
2018-12-12form-5491076447783.docdoc317994330385b96d1addaf7be4e513f89cf2e27b51c223679797de3b8b19a8aaVirustotal results 14 / 60 (23.33)Heodo
2018-12-12DOC-61081455684565.docdocefe9babd6aa28950a5d6e591e4b5b1b8830abf7f60467c78aa02282bd9083c07Virustotal results 13 / 59 (22.03)Heodo
2018-12-12eFILE-5995723725.docdoc3617a13ee58793c5b07acd997ab935d2cd8b8167bc6e9ee673a2c2451d924342Virustotal results 14 / 59 (23.73)Heodo