URLhaus Database

You are currently viewing the URLhaus database entry for http://dx.dett.cn/wp-includes/YDGGDijYgMwuobSu/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1850451
URL: http://dx.dett.cn/wp-includes/YDGGDijYgMwuobSu/
URL Status:Offline
Host: dx.dett.cn
Date added:2021-12-04 02:47:10 UTC
Last online:2021-12-11 22:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-12-11 20:21:14 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:26 days, 9 hours, 24 minutes Bad (down since 2021-12-30 12:14:14 UTC)
Tags:doc emotet link epoch4 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-12-05A01BZB5WKMP3I6.xlsmxlsm 33dc0546d60f496508e95293772364bf7e913d52ec3d606b326adff6cbfe7fd7Virustotal results 35.59% Heodo
2021-12-05BWOTM6R7KI7HC.xlsmxlsm c55496aa3102b469a63433fff09292a6d66a8baa95586a85a9e34d5f0bb95832n/a Heodo
2021-12-056M3JY3CH4IFXVG1B.xlsmxlsm 90602bc87d0bba8044f3c08a8f6472fa249e9e65422ab8e310cba8f26051a9d0n/a Heodo
2021-12-056VALCTF30BB2.xlsmxlsm c50d6249686ce59a825199049db4d2bc5d7ad611c1029d4e5ecca615877e8d63n/a Heodo
2021-12-046C2W2TONMT.xlsmxlsm e533c1f9e717eb333d32b2a36ce99c0c77bf3d17dd93362a7482b2537627119bVirustotal results 35.00% Heodo
2021-12-04HMJOBM6DM2PQ.xlsmxlsm c538307a14f55d21ff46077411598baa5c27a6e7c442b690b436687d56fa4cd5n/a Heodo
2021-12-041DBRGSGQTF.xlsmxlsm 3a91cea43f5b84c9d7b405b34ead59e7182a35c98622d7441733eaf20b23ad13n/a Heodo
2021-12-04H3OZBB2JJE.xlsmxlsm 4250fdc2cd3f68d5f71d41b533940e6f8082344e34e0b94cd0861aaa0eb49309Virustotal results 33.87% Heodo
2021-12-04A25XAIA.xlsmxlsm 9434f20e040f66bab8d1cb5adb0ecfeac1e7a76339c95d5e20a024133bf929a0n/a Heodo
2021-12-0470RY84XQF1I9B85.xlsmxlsm a2188e329da2699db6ace92829b385063eea0c8ac5f90ca5535a5a0eb74b956fn/a Heodo
2021-12-04PRT20AM9UB.xlsmxlsm 026547dbe2bafc2dbbaccf7fc988f22c2430b2eff77ea72eeb37ad3bc9c108f0n/a Heodo
2021-12-04TSCMS7EP.xlsmxlsm c8ba0a2f5ee17b56f19fa64fff0eb2387fb8469115d5e28bd015c721fc82956dn/a Heodo
2021-12-04X352OG9TR.xlsmxlsm 9f41d98af7de4e61b163c5307b1ae05bb42d5a0ba8ca82ecb6c251ac7bcede02n/a Heodo
2021-12-047I49WI3MTDV.xlsmxlsm cc20a421ab15b0345dc3f6048fe791e6023aef3f7c9b0481621cafef5ba4c7a9n/a Heodo
2021-12-04PKUVLNCZE90I9CK.xlsmxlsm 3465954f518dead663b5a353c55a6baead67ff5a7d16010ec23ad80b5e1b79b5Virustotal results 29.51% Heodo
2021-12-0478IOT1EGQYNHVC.xlsmxlsm 9fa6d82253573b5ce7329fb237981d0e927f47a243ce03eae5644c508652d4ean/a Heodo
2021-12-04QVWTV2B0FCDXF.xlsmxlsm a7bac70acfedfb6afe0885e35afde40b08ef1acd404bffc1c9b5707db5ac81f3n/a Heodo
2021-12-04FV7UJ5DEQE17HE.xlsmxlsm 878ad9d05e6601d7ff9061d178312f0a55cca2c77b4be8f13f0a726ae6f65b5an/a Heodo
2021-12-049SX1MUPREN.xlsmxlsm 78a06d28cbe2346fa7edca1cd19de10a1814666e4ee4cb5e68015738ac551764n/a Heodo
2021-12-04NYWMDM620X4RT2.xlsmxlsm 15a822484da7e49b08fa9a083977c402c6e5280d0f47a403c90450636bdb4a8cn/a Heodo
2021-12-04X7FSNPHZPJIG1.xlsmxlsm 3160379600fc275946fec07b9e675d2c331ee3fb1e4cd94f55a216830dc16961n/a Heodo
2021-12-04DCUH22IBSQGDL5.xlsmxlsm 34098ebd155838cbc294ba8563c9713ae8ef1c6e12caf06a77e85156cc7ed396Virustotal results 27.42% Heodo
2021-12-04ND6M2E7TW.xlsmxlsm 51ade39bcde138bbf62c3ac3628beab24ee98cf99a240c4f4681d182fcd7503cn/a Heodo
2021-12-04L13A8EXJ85W9J.xlsmxlsm f2f3696c4d3cf53f64e97bf3642a0b7503d79adf6294a3c38fbf64026fd3b38cn/a Heodo
2021-12-04CJPCSKU4G.xlsmxlsm 8c7528c317ca1109f224f1022a3f0fa4be93150ec3545083128b7e513a60ff5en/a Heodo
2021-12-0413TEQEH484REV.xlsmxlsm 9375aa8f89ae69e8fd679c6d267da7177ddb6ce2c43c00ccd2a0b059937b5b99n/a Heodo
2021-12-04F9OJPW85MQR.xlsmxlsm 4c433b048bd8c8f7caa63296d294bce674eafc917d54cf58e7901f00d39506e7n/a Heodo
2021-12-04YIV0M0RIV3HR.xlsmxlsm ce0671248520f57143edf86e4176372eaa799d345718abc1085d7544f42ace4an/a Heodo
2021-12-04TGFL4L9XUSW2Z0.xlsmxlsm 2d3fc2a151c8cf3230ebbf202fcc5210e14bebd19b918cc44012ac4c5c9c1ec7Virustotal results 26.67% Heodo
2021-12-04B5RYBYG9I2WM8A.xlsmxlsm a9e904283e1c3280a9c94df7de9526d45406f043bab61cfa89955ab26c9002e7n/a Heodo
2021-12-04G4BMN6ET.xlsmxlsm 4655b38eabeb0cf3dbfb6f333381ec452cbd5f8d8b6fc1309a5facfcec60e458n/a Heodo
2021-12-049Y22X3ZJ.xlsmxlsm 3053cb71462e267e451e0b87a6001516c3a6306a6abf373047d97d3cacdb2259n/a Heodo
2021-12-046VVW5BYA4MXD0KJ.xlsmxlsm 172e8a78726d8b62b7f8ca77e024e55f3df1fafeb21ddb22a804df109e477f84n/a Heodo
2021-12-043EV7N45.xlsmxlsm 9bbeb00ebe62ceb01bc9cc39b97e3ddacb8d21fe3dcd01551b9aaebc87b90a0aVirustotal results 24.19% Heodo
2021-12-04GEXB06J.xlsmxlsm 137af02d7c6481cd409e7d1777fd69d04bbcdf2de9094549c7493f6057e17af6n/a Heodo
2021-12-043T9LX6M8A.xlsmxlsm 47eb73febde8eca0b2a5efe4ae2bfdb60d84b151cbfe2cbbc03af74e801e67bdVirustotal results 27.42% Heodo
2021-12-04FGNUL56.xlsmxlsm ac56b054b71a4e28040c32a0d2726120aed5754c6d4f09910b2120a0c1249fa8Virustotal results 27.87% Heodo
2021-12-04K8FRHTN7QUL8YY.xlsmxlsm 2c2e95a77a86b511c38448c53b4bf034d2b4dad5b112e7519adc44ebca05ee98n/a Heodo
2021-12-04TBNWJ5GUFGW.xlsmxlsm b937b455457a962bc41c56f413580010f41dea635b7cda9269e7871c9eb5ffe2n/a Heodo
2021-12-0493IW83X17K.xlsmxlsm fc5a8a70db42e217d97c51399bf0c0091118097860ba599a5b6f2aa22978e52en/a Heodo
2021-12-04NF6A1JD3J.xlsmxlsm 47ede0bcbabcae68f03aa0c0679c5411ff74b474dbbded5a3f3745a21fc7aad4Virustotal results 25.81% Heodo
2021-12-04XA05ZLLKXPCO.xlsmxlsm 578ece55282eb8f61aa9d634c5aa7fee1c72d820c7d5fb097421a2e4c2d571bfVirustotal results 26.23% Heodo
2021-12-04SVAU1GL7Q03.xlsmxlsm 9dc8af2d8c4b3ac3236bf6854526079d258f981fd720152a6a71de7158aca5f9n/a Heodo
2021-12-0453HP5CJ8JNYBKH.xlsmxlsm 14a0b86454758defcabc6c6422ecfd500acb82a4b41894a543ada0b82562ecfen/a Heodo
2021-12-04GTT4TUD.xlsmxlsm 6f3d916042f12df984ddfa7652fc98e1238959c72b6f1c128834a39cbc2920d4n/a Heodo
2021-12-04DEL3O1I4F57V.xlsmxlsm 35092707c4872feec8d5c6de29dacada9cfbda7fa434eeb90302b5055219583an/a Heodo
2021-12-04WSUHY4I80AWQD.xlsmxlsm 335f7af6779683f4a9417bf2bacbeac22599d939975eb88c7d34ec2cf14e65f9n/a Heodo
2021-12-04EJQBU9QY8C0933Y.xlsmxlsm 45aa726b2ca6a38d0419f3d4995b9d49511378a95a1be683595faa492bf75dedn/a Heodo
2021-12-044FB0V3FQJ.xlsmxlsm fe6edb9fd62baef115f8bfa653e6e8d94aa4f2f6aa31da89708f064fd3c88d96n/a Heodo
2021-12-04TTLXJ92TNAS.xlsmxlsm ffb196995d67c74a4d6ecb56271fb5aa6b627d93f2947c379038a631bb3e9288n/a Heodo
2021-12-04F7NPBEKZ2616U9JF.xlsmxlsm 27398a3f2736fae1f040f051ab7ea4b36bf4a0949565531d64370f70558f1edan/a Heodo
2021-12-04XBZ2USPYFIRWE951.xlsmxlsm 50f44fa814a6c7b09ed4b7737d4d96d3795ed5c53d6f0769d2bbb8aa9c910210n/a Heodo
2021-12-04MY5P39G7UTAV7BWG.xlsmxlsm df548ffbe364bfcab388240bb79b0e022793e69993359ad2814bf4dcdd8e8c43n/a Heodo
2021-12-04WMWGEQJ.xlsmxlsm 7ff5d1d7db27ec611d2c20d2e49cda085a7e5befbabad0b7fa1735f863e9343eVirustotal results 23.33% 
2021-12-04MHHM5L5RR8I.xlsmxlsm b6766062ed5765af9e808758f192ef0a8157e98516b4e65a4e7072d6a0de135fn/a Heodo
2021-12-04VSMLKR8G18.xlsmxlsm 2ab7370ab8ac365b48a0837fbc88b83a37ff1da98d2af5f295fd578f5a6d0acbn/a Heodo
2021-12-04MDVJW2XD1.xlsmxlsm f4d33e567cb1707d6546c579dd4291dbe2c6c77b5772fabcde07381cf53a5eacVirustotal results 22.95% Heodo
2021-12-04ID575U69F793A3ZI.xlsmxlsm 3cd034945552b0db20496f64fe019b6100c496de25e609d070c799243a373837Virustotal results 21.31% Heodo
2021-12-04SSEK3IE.xlsmxlsm 9725802185b8ecc287a729eb4b1aa5f849af76fb7978734dbfd7de31f9592d37n/a Heodo
2021-12-042UQ7TX87YQ.xlsmxlsm aa57a381a01187264ddb62cf376a38826812caf6fe7d568319a6b9775d245bf3n/a Heodo
2021-12-0421K2RV4X94XFDJI.xlsmxlsm 4fa28e1d22d28b1cd95e382fdbdcccedd5491789252b3631440eab0fe9567cadVirustotal results 25.00% Heodo
2021-12-04USYEO2GVKICYQ.xlsmxlsm 9dfb03365a97994e9e328f92769225b1fa48216fffaa2181f229a532dc415967Virustotal results 23.33% Heodo
2021-12-04ZDPA5NAU5.xlsmxlsm 9cfe07eec025fccecf7dd8d2ea076b95f82f9a467f37ccc43fc6194358e67204n/a Heodo
2021-12-04KK09RH6R2G8.xlsmxlsm 3a0a22030acfd67b59f0c90741d3a63e786a9a9643878045ab9c22c368bf09b0n/a Heodo
2021-12-04WQDWQBHIYKE.xlsmxlsm 7eb5f1e0c302ea29c26d70bb868f373eaff06b7b82922a391a68b6e748437ccaVirustotal results 20.00% Heodo
2021-12-04K5TBLCZRUBS68R.xlsmxlsm 129abfe1daac979f2a6ac53e587087920fff466cf94900127c69289ab787777cVirustotal results 18.97% Heodo
2021-12-049211H56QJRTUPS39.xlsmxlsm c58040daa1306ba678529c75a0e43ea0f80d7072a49bfb7e935a489cd9aa630aVirustotal results 19.67% Heodo
2021-12-04VJ2FOYF45.xlsmxlsm 05764872764266ba76328699e110519eea6d317df30aa9f42337cabdfc0518c7n/a Heodo
2021-12-04WC5A0PJ7BK5M.xlsmxlsm 19940a1e1820b4aa1e0bc8ae018bd31dc2d870fd9970ffbb3a25a25676c60936n/a Heodo
2021-12-04QI7PQXUVW.xlsmxlsm f0170f7da3d53c6557a9e3ec9d95293c41f32d4ce011f80b3d3b51f54fcda479n/a Heodo
2021-12-04TGAF3KP5.xlsmxlsm a54dc686ce0431d4898254afacb3ccae2297f3dd949811fd326444d8688ba15bn/a Heodo
2021-12-04JAT8AKM.xlsmxlsm 4cd06ae56d216f369c0fc1956d794e869e403b789872ac8ddee9cac00e9a653bVirustotal results 21.67% Heodo
2021-12-04QL3GH3XZQ2.xlsmxlsm 1d82c0876d48a1d3b8b7d0cf658042b8c7bc4e0e609eb880e495f7024c3ab334n/a Heodo
2021-12-04NF0P8YTLPWWRTPIG.xlsmxlsm 8c6a9839f472ea4e2de80a43e68e3aa61447fe49e1fa08d04d42abd6aff80ee3Virustotal results 22.03% Heodo
2021-12-04KPPEURQ.xlsmxlsm aa6ab408990b7923655e0f63198f3779e70179a46a0599f8a16fcb027243486dn/a Heodo
2021-12-04XU4H2DNSIP9TKEH.xlsmxlsm 3a7b80be417d47a53348d0054cd67391c87750b5e035896df8907159a79a948cn/a Heodo
2021-12-04DU8SMERSZS.xlsmxlsm 640cb770dd4906e04ab1bf31b293f900e2dfcba94e6316378398136a7dd3e644Virustotal results 23.73% Heodo