URLhaus Database

You are currently viewing the URLhaus database entry for http://blogs.sokun.jp/DE_de/TEJQSYF3366492/GER/Rechnungszahlung/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:109220
URL: http://blogs.sokun.jp/DE_de/TEJQSYF3366492/GER/Rechnungszahlung/
URL Status:flame Online (spreading malware for 7 years, 5 months, 10 days, 17 hours, 40 minutes)
Host: blogs.sokun.jp
Date added:2019-01-24 09:49:12 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: oppimaniac
Abuse complaint sent (?): Yes (2026-04-13 17:28:11 UTC to abuse{at}gmo[dot]jp)
Tags:doc emotet link heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-08-1584264944386532.doctxt 19597e6d8add104c96b26aa9f97d8f198063550c8e679ee204f63a3aa73d2f47Virustotal results 62.07% Heodo
2019-01-2592291285969968873_2019.docdoc af55c121ac3f0dbfbbe0a5f27c38b2a2abeb280404c7eb7f975a6a107c65e617n/a Heodo
2019-01-25KHK531800504.docdoc 98564ff725f49fe7c524de5175f5d9e905c9df282aed774e8df373c52e4e7761n/a Heodo
2019-01-25BDZ1253242094391017_2019.docdoc ffbacf8af1ec37c184ec303dcd5680a36eff71734f9487678fea4ae8a84de36en/a 
2019-01-25706885692606081.docdoc f0b31462d6070603a5288c0c3850f9f98b1b89179bd46d46a1d6e1d0bad7c6e5Virustotal results 30.36% Heodo
2019-01-25ZCQH785485863138_2019.docdoc ad970109b2372b9df53bcf8c517b75342b0910b5914930ab3de92393352e4266n/a 
2019-01-2571926938305498773.docdoc e9a7a0a33bbdc4d77bd413b8ca6b887ffb58aef273104e30802e71081d63b179Virustotal results 27.59% Heodo
2019-01-25KORU546460355_2019.docdoc 6b5a27bff483c190b7dfb441fea3ee42ec9001b93a01cd0914c947940a4ae16bVirustotal results 29.31% Heodo
2019-01-25Q01732036071.docdoc 92b2a3a649730e5de2109c2e8d6136a7ac438fa2b6804ad8d8223712674aaf28n/a Heodo
2019-01-25MK924207188126_2019.docdoc 60445973c29a79abccb9488faad57236de308f77ef702c84bd2cb8063fb298c0n/a Heodo
2019-01-25T8297247314700537460.docdoc d066e338e42908621e50b2a953cb19a08877b102e2ded59531f016dbebd1cb63n/a Heodo
2019-01-25J99223858275.docdoc 77bf69a2d9bddf1afd916d9dfbdf78534a235f7ba691e681d689f4739cc72ecbVirustotal results 28.26% Heodo
2019-01-25K781487689842.docdoc 7061da3ae23c95688e9ac32be19c7e7212ae158cbfa61cda5ce59458cf177444Virustotal results 25.42% Heodo
2019-01-25VJS0183459025.docdoc 33d74d1c3d4b734d36d7b32fee55c68bc0d15db8ad94b41f3d7bd6eba0c65286n/a Heodo
2019-01-25377496935.docdoc 6295e72a5cc79f26427bf84b481758025e172e2c80db850abb716efbc858aea0Virustotal results 25.86% Heodo
2019-01-24PD1054009674756982585.docdoc e9bdaa27af50e7b4245d17d9670db852bca4a061f6744bc502101f09ad9ade8aVirustotal results 25.42% Heodo
2019-01-24BQ0355819774681_2019.docdoc f0c79afca549bfaa56762ef101af8d1b2c0e6d4455e7092bc4ce2c6df805ac65Virustotal results 27.59% Heodo
2019-01-24N280259187339663520.docdoc c72da8d329c3f9fb1256977ef9598ddc9c71010529cf47a39119972492cbcdc5Virustotal results 28.07% Heodo
2019-01-244484687051.docdoc 240425bf2c94d58ea9fe0a7dc6033cf532bc81aa2a2cfc3bdf14b9d45e8164cdn/a 
2019-01-24466953281799716_2019.docdoc 227671b6b0585077640c3b7924fb71ad4d4d45e07edb06b0452e9fdbe7ce34d0Virustotal results 27.59% 
2019-01-2475124698936.docdoc 9721761568822e5e9ff06abb9bf2f43ad17c6520548823a93e6d7f5afa9b02f4Virustotal results 27.59% Heodo
2019-01-24VHHZ50398222671_2019.docdoc c7a9a1febb7a2bf7e8ec2a4e745aac234a551901060badd8942c0a1412dce9c1Virustotal results 25.42% Heodo
2019-01-24GE9514786420797_2019.docdoc d5bc4983d69ec5e07bf739f4cfe1fe430cbd0e424b4bb9efed33bb563814dfb9n/a Heodo
2019-01-24GPV621721916.docdoc e8651029c797a42dcd4a906de7e5f38ec919a37e7c625efe3b61323ea2fa4d6dn/a Heodo
2019-01-24W989389101735_2019.docdoc daa470a82a7822b227caee8ac4ca37fb0fd048735c3c0935b34aa7392f25bfa2Virustotal results 25.86% Heodo
2019-01-24X551616367401810.docdoc 4bdd0a64c3427d8e6063cec4ce66c57480e865bf17b2ca1c387fa5e0d5ffc3c0Virustotal results 25.86% Heodo
2019-01-24R251926317207399_2019.docdoc 18989a9f30a1cdfb3fd795a4c9f75f38786a12254ae71bf8ed49aac067be6c5fVirustotal results 24.56% 
2019-01-246355582536.docdoc 95befac880462dedd2f18842ee3fe9a5f083b869e6accf293dad3869a7d8b523n/a Heodo
2019-01-24714173736025.docdoc 62ce4812156514f66f066c9d79819f96e48063cd364e88b2d53781c52588bf0dn/a Heodo
2019-01-2441973042897715.docdoc efa454d51613df1dc6106e5470e11a78acb353b407f95ff7becc48dcca9a704dVirustotal results 24.56% Heodo
2019-01-24398122609246311419_2019.docdoc 72bb31f07407d948a9b97ff68b83db30860c0b8ce94d41172eeb69f5172dc5cfVirustotal results 25.86% Heodo
2019-01-24RF6191490130200_2019.docdoc 1a34a4312d22c602dd049171349471681c517448de38b037c4de201655691a9fVirustotal results 24.14% Heodo
2019-01-24YTT3330563617364803586_2019.docdoc 2437b6e513fdd8f13ae879d56abc802a4f2b737aedbd37355441896b5244b637Virustotal results 25.45% Heodo
2019-01-24569179098880_2019.docdoc 17f6e081d098a50b0a44bd1532df2e924a7204a02b9bc484f45315860e119be5Virustotal results 25.86% Heodo
2019-01-2489612397270993749111_2019.docdoc 2d7d80de48d115b6cd785dfd752e786d3408b9c4ec9c44f94909f7c1a91c4892Virustotal results 29.82% 
2019-01-2489926875247460_2019.docdoc c9653ed0d78f26ce57891f7b8afb1c378e99c6f1ceb15c4fbc5b2f45451b9ccbVirustotal results 31.03% Heodo
2019-01-24QS3225344574215652.docdoc ac88241813798013f264374c9a4809c956df0b641216dfe3c94ed84d2de6e6eaVirustotal results 29.82% Heodo
2019-01-2477435737196323.docdoc 1ee09eb22f6dcef9676c6badfaf74987d5111b1d817f1602673045fac2008278n/a 
2019-01-2454359407648980177673.docdoc 950a45ae2c40d3bfc9c1dff6b4796bdbe16c1c25f1ca5c7073149d3ec3bbb8e0Virustotal results 27.59% Heodo
2019-01-24WG338662703736297.docdoc 9f9f6610d6bc6f2aa0d2569a5786b0cdaa543a74a960f346a9bdaff74f75350eVirustotal results 29.82% Heodo
2019-01-24PP44241490292276620.docdoc 5e690bf25b98b02cbf459f057da33d770af2b008ec1e1968fd0f266955bf7652Virustotal results 32.14% Heodo
2019-01-247029916251978682776_2019.docdoc a01aa222e13941f98f2f8f05cf530fce2b54c42761e4610c6cbc29c64e6d3888Virustotal results 30.51% Heodo
2019-01-24OEQ42172722679319904159.docdoc 8813d12f358f65cc6a203ad65fc779d04803993e7482e9ca11c1fbb7a6a7b97an/a Heodo
2019-01-24WAFK20827653119_2019.docdoc 73c620d28fe0ee41693665012d9d40d549f0bacf6e2a4dc735b4c6d26b3d1e91Virustotal results 33.93% Heodo