URLhaus Database

You are currently viewing the URLhaus database entry for http://wp.10zan.com/wp-content/US_us/llc/Invoice_Notice/fLAn-9L_jtoWMJ-zb/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:120125
URL: http://wp.10zan.com/wp-content/US_us/llc/Invoice_Notice/fLAn-9L_jtoWMJ-zb/
URL Status:Offline
Host: wp.10zan.com
Date added:2019-02-08 11:05:19 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Not blocked
AdGuard :Not blocked
Reporter:@spamhaus
Abuse complaint sent (?): Yes (2019-02-08 11:06:03 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:6 hours, 5 minutes Good (down since 2019-02-08 17:11:19 UTC)
Tags:emotet link heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-02-08PAY30401856460807.docdoc a5e4312ac990559bc22cc1f3a6d94459a54ebea26d70a63693d2319e9f23b4d1n/a
2019-02-08ACC136012732132.docdoc aef36d758c88037b4ad9e1fb77453694fd0e7a342e4915d8d6098466c35d2fd7n/aHeodo
2019-02-08ACC7249810875396934254.docdoc 86a56403d6bd67ca0b777d7efe3e3d020924c5f364d48f5b2b5c1a6f27a865e5n/aHeodo
2019-02-08MED154809393033444759.docdoc 256fecf66eef17cedb7190c9758575c5a975220eb3671c0a684074fabb1811aeVirustotal results 33.33%Heodo
2019-02-08PAY8550819606797294.docdoc 073837ce751895b7ad045f0865cb6a06f77ee37385a34b9116c74c34faa4d6d7Virustotal results 31.58%Heodo
2019-02-08QPRY090540334135.docdoc 47c9c4ee9b268b55d78ba5743be1a2e8dc960650c8b9265a75ef044ff4186b22n/aHeodo
2019-02-0825225494116540169.docdoc f5333503ffe26d71f2118f85fd8d58620ad08ca039a43da39a07ed372a106ef1n/aHeodo
2019-02-08US35687582985766.docdoc 5d653090e74f01b883ffb859dd024eaae5b7a72c61c718f25734160a77037bc1n/aHeodo
2019-02-08628132765.docdoc 54fb9896f364fb974573b3a50a83a39171bf0a6eb8107f38c81a4b9d3b4485c3n/aHeodo
2019-02-08XGQAG714647273.docdoc 64dcb8f8b30912fb443ada2e73a90353500e44d41b06a70c79a47b749f364cc4Virustotal results 31.58%Heodo
2019-02-08PAY1362759025.docdoc a39681227ba1bdb2f66c030f39d5397244040193f58e069e35930616b39c1420Virustotal results 33.93%Heodo
2019-02-08PAY81007189666253039.docdoc 0c411e60204a80768b18c2dd0d4e56070936f1c4991177784ed2eb29ce351ec7Virustotal results 33.33%Heodo