URLhaus Database

You are currently viewing the URLhaus database entry for http://gbimkd.org/wp-includes/mzYzedwYUHNvfwTTy47Ey0o5tKUyazH0oXIs/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:944671
URL: http://gbimkd.org/wp-includes/mzYzedwYUHNvfwTTy47Ey0o5tKUyazH0oXIs/
URL Status:Offline
Host: gbimkd.org
Date added:2020-12-29 15:44:07 UTC
Last online:2020-12-29 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-29 15:46:07 UTC to abuse{at}isi[dot]co[dot]id)
Takedown time:6 hours, 27 minutes Good (down since 2020-12-29 22:13:50 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-29VLPVR4FYWSR.docdoc e7fe9ca43e289dc2bd9bf4266a4626a9383a283009072a247ecc6c1f84c45e0dVirustotal results 48.39%Heodo
2020-12-29PR43R68ME7585XN0.docdoc b74063353bf2fccaa3e2072c2e02dec2c760ab480f73a069277bc389ecd4c929Virustotal results 46.77%Heodo
2020-12-29CY1AUAH0GBSN3YY.docdoc d61737a9f3206f943c7569e31f9ce318fc7f361f86b01309bc476a1e2c7571a0Virustotal results 50.00%Heodo
2020-12-29S8V2XUZGV84AGJP.docdoc c646ad33be355d18204f947f227e88997569facb081f5a09a9f0b82c5127dafcVirustotal results 47.62%Heodo
2020-12-29K3MKUDCRC.docdoc 59d3ff3d4c70d115ce2c6d6ee0b71174c04ffc9a3f483fe2590b91d2eaca4518Virustotal results 47.62%Heodo
2020-12-29WHEOXXZ.docdoc eb762ceff6eec6519ea345df6e5eff8b01a57f121c2a12ae7c3b8a379df36691Virustotal results 44.44%Heodo
2020-12-298TV914.docdoc a4054bbf81bc4f704dc9ee14d6f2e5df7b22f91edcd2fb569c14c1fc82064bdan/aHeodo
2020-12-297EUZF2PJYBLB0CGZ.docdoc 4b4b26aeed40ceb7e56e6e67e73f85bb0bbc00b2a911ef3a11bedd4a5798c462Virustotal results 41.27%Heodo
2020-12-295O1JHYTITAILX.docdoc 5274d3939ba8eeead72b38ac7fc4308be7b3db616801d845d304469c9cf395a0Virustotal results 40.32%Heodo
2020-12-29CZRJATAGL0OS.docdoc a2e08d6b288a78d55fffdbd8423b533ebc20fceba7c21b42630039d99f2e2369Virustotal results 41.94%Heodo
2020-12-29S90OJXUUQZ.docdoc b4ce0900f2c0d6d99075edf48d95f3bc52c5599e328590495a27720bf183f25an/aHeodo
2020-12-29N66RSNYPGZ6RSCP.docdoc 1e4c5b5a91bea84b88ae1b8bbff23fd1ac5fe3c85cccd4959ab117614f8f34c1Virustotal results 40.98%Heodo
2020-12-29TIHI6Y.docdoc 8f10d60b80d0b00b1b41bf52766651f77547c5489f8a6fa946e3fe8a25a28185Virustotal results 41.27%Heodo
2020-12-2985IUYNV3I.docdoc 7a9bcc373514abad49c519a28a4229cc43b1e255bc0c8f2035ced9a1e973689cn/aHeodo
2020-12-29I4DCLSC7KE5JVV4V.docdoc 9c664d5072dd450e110f36bbd5fe6cd4d600de7104677fbc31378905c832e953n/aHeodo
2020-12-29T3LBAG6476V.docdoc 87fde4723bbbdcde8c933fca20f34a74b2d6ca37d6c015a228e5e33c86ce7eddVirustotal results 40.98%Heodo
2020-12-29YJELGNJ8BG.docdoc 9e8e9da79ceb229ae85c9db0b90211541c80c35d6b07b45031fbbed646bff3b0n/aHeodo
2020-12-291VAQ07EKGIZ.docdoc 124887797dca2ad4d4a16a53439033033cdbec96a28b5ee788dcef410b4a42bcn/aHeodo
2020-12-29ELMMIJWO.docdoc 66dee1c531293e20e26da0ffd7b7d4825876218dc4a90d537af904966fbb7db5Virustotal results 39.68%Heodo
2020-12-29OOA2CE4326.docdoc 605ea5154e06e5f2f924f710ca1d11860d6a1d580c332e987d868bb932f74d69n/aHeodo