URLhaus Database

You are currently viewing the URLhaus database entry for http://natunkantha.com/wp-content/ffUKhyiX1ar1/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	944090
URL:	http://natunkantha.com/wp-content/ffUKhyiX1ar1/
URL Status:	Offline
Host:	natunkantha.com
Date added:	2020-12-28 22:15:06 UTC
Last online:	2020-12-29 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-12-28 22:16:10 UTC to ipadmin{at}primary[dot]net,ipadmin{at}us[dot]net)
Takedown time:	10 hours, 2 minutes (down since 2020-12-29 08:18:51 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-12-29	QJ5VPYU6HF4H.doc	doc	2c65b3ad0c28b1f2d1ca15afde94e344d663fa438341bf9a8d8634649026824e	35.48%	Heodo
2020-12-29	KNGX7OU1U58K17.doc	doc	e54bd0f6b647b09226b4d2a8436f15a1921877d85a1f7173eb6bfc8d8fd5f93e	n/a	Heodo
2020-12-29	VWTBN137CJ9P20TR.doc	doc	8464ce9c05a162a1b025bd1d312acb11b02371989481b2c82fac0cff35cd40ae	30.16%	Heodo
2020-12-29	9T5OJRATANGHX1.doc	doc	78b41c5f490bb27af82882cce670ccba92a5d25baef2dcd45e7efcc42e76bc56	n/a	Heodo
2020-12-29	D5J1ZGV7T3T94C.doc	doc	868e1f279db75c1af75c2aeb9cb452603048550fcc9c16f549e4ce524f30837e	32.26%	Heodo
2020-12-29	4VM7D5210XVE7BUI.doc	doc	fe829f49465fa85f7a3c46ee46583bb2607645f0fa5bf2b5446ff5508e9b340f	32.79%	Heodo
2020-12-29	QM6T34AR.doc	doc	351ef40fcf2e2f7447eca693ce677f24a13f75a05e9dd8d3f981dc268ac6aefb	32.26%	Heodo
2020-12-29	L56EBTQTGG8RW4.doc	doc	fc5042a0a7a79977b649e3a965f21e042eca483a0c23ace92ecb7262085df16d	20.63%	Heodo
2020-12-29	ZTQC1U.doc	doc	6912cfcfbbd57211314ac15f1f60de45708fd6dec388160710b1bada06a292b8	19.05%	Heodo
2020-12-29	IMIH4LG4CGQ8QTN.doc	doc	adddf3bf69b22644e48e094fe612082137f1dfd38d2f4d6f07f9824e1e0ad061	n/a	Heodo
2020-12-29	XUAEVCU59.doc	doc	cebbcd00eca12847a36571a9d527efc2e2c2a2f00e994ab7c6057de2f82c5cad	31.75%	Heodo
2020-12-29	MXOOSGI06XYJ.doc	doc	04bf812417d992c76ac28f24f029de65f9cf227b3d836032afc6472ceeb84e10	30.65%	Heodo
2020-12-29	6TXMIQR5AOE00K.doc	doc	7015585930577d63d591c0c67ef9adcead3f1b43a9e39a25ee23e42c7921ab2c	32.26%	Heodo
2020-12-29	S29MHZ52D3E8RN.doc	doc	6a6b38bbe6ab4ad48d5bdd6473f77b3591719ab4aefd21c5158ba603e855b784	n/a	Heodo
2020-12-29	DUA2NU53E91V.doc	doc	b269900e50a09030b6f6136a521a9699860ccb7c5259ebe74717711299da973e	31.75%	Heodo
2020-12-29	QS0UYSMXPHB15.doc	doc	848e0330cd1da1e2fb741d0be0318a12fa415811131c0a6b7c52e5cf867821c6	25.81%	Heodo
2020-12-29	8YJJ2INA35.doc	doc	587699784919c3bea79454f4cb031d3793801c4fed1d07b5767be6371ad8edd2	26.98%	Heodo
2020-12-29	ISRXRR6P.doc	doc	79a074f71a273b9dad370fefe33704deaf5e9b989812929e5d33900324dad3ff	21.31%	Heodo
2020-12-29	HP203DGL7.doc	doc	31635b1f0402afa859abcb541f33761eafab1551aec0b47118b78f3e671b1590	22.58%	Heodo
2020-12-29	B30NMPNQJQGX.doc	doc	f8558e66e35c0908e148fc2fee062a31346b00b7ef270ab1f062f17e6350a8cb	22.22%	Heodo
2020-12-29	U25EVF.doc	doc	3f9b8498660385229fa4c9000d3b46ca6a43f6f2d91bbde9391d1e752762134a	n/a	Heodo
2020-12-29	7V1V6EUPAS.doc	doc	fcc61c1b3639ee120a6b1e8e9709614682434b8a6017bea91fef29a063f0d3b9	20.97%	Heodo
2020-12-29	LGJBJSR2BQ0T3.doc	doc	4b2c9f87676f3cf3eb61380529d83e39e8ba3f87eaf2d64bde0dc70d75941104	22.22%	Heodo
2020-12-29	TQRMJYPAMGQKES6Z.doc	doc	6648b51c5a828a4b145d0292f72e3333278e3c97b08ce2faa174a6513b4964e7	20.63%	Heodo
2020-12-29	HEGMNGOZ6410CCIU.doc	doc	3e74772e9bdd856ca6c3d6f86e9f7b83f73f245f45316370725d07276660e6b3	20.97%	Heodo
2020-12-28	0KSVN2OK4U.doc	doc	20648a91667ad6547f61ad92bf6b7bfcccb4c3ecbafd54fae8cbcabf75cad1e0	22.22%	Heodo
2020-12-28	S69NFKH0.doc	doc	0b30502c830f8cc7c87978637d0e47918353373f4b11cc38c90853f3c1aee639	n/a	Heodo
2020-12-28	Z2P73LFTPGC1OT.doc	doc	e437f954e87f11e67021195a8e2f952ca08a52d6816f5742b999121cb1634c1d	20.63%	Heodo
2020-12-28	OSD2RSN9YFNGO.doc	doc	6e89e614b08b28c95ee56efc9086c1d5677b78fae8a8e48036f3d467f936f2ba	20.63%	Heodo
2020-12-28	WZQGBTJ9C.doc	doc	7b31f0e87b058f66367a842f7de451706cb4bdc9ba42669293fc7fad0d25dba9	20.97%	Heodo
2020-12-28	5TUSC65T58.doc	doc	ff93fe7d28dd2c2a8a72162aff79196bd63579f20438476d305375a3ec3b70e1	n/a	Heodo
2020-12-28	798IVBZ3NZF.doc	doc	34c2de918dd4a97d37efa6fcc06e6c8c635f13ceb3de47e1dbb0b04393b9c298	20.97%	Heodo
2020-12-28	4LYRUKF.doc	doc	cae404af78e1ccf5ea32dbb545812c3f072d88a53b7489af336ef649539ea4c0	22.22%	Heodo