URLhaus Database

You are currently viewing the URLhaus database entry for http://gn52.cn/css/LLC/yPvjbOhgRRNgSKXFMOOhsLFFZAey/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	191676
URL:	http://gn52.cn/css/LLC/yPvjbOhgRRNgSKXFMOOhsLFFZAey/
URL Status:	Offline
Host:	gn52.cn
Date added:	2019-05-06 18:48:08 UTC
Last online:	2019-05-16 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2019-05-06 18:50:03 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	9 days, 15 hours, 22 minutes (down since 2019-05-16 10:12:42 UTC)
Tags:	emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-05-08	LLC_33603163824US_May_08_2019.doc	doc	4ba386fc55054b552861920518ad12c69e8d9879a3e8b2e7ec433f06f7c28d1d	31.15%
2019-05-08	LLC_701235150794US_May_08_2019.doc	doc	8ea46d2e7b76e5d7298c7f8bfd87d9ae27ccc62f881caad23ff2bef3d898ed4d	32.26%	Heodo
2019-05-08	INC_150433317641US_May_08_2019.doc	doc	2f4d7eb0480b6c47bbeaaf362fd64fae9aedc5fcdeb35f7defe26ca9bba23f28	35.00%	Heodo
2019-05-08	FILE_545264399378US_May_08_2019.doc	doc	abb657219fa4293bdb3ea83eef9701a8a1b8db399122ac9b78988d2d7670f05b	32.26%
2019-05-08	SCAN_4010441143US_May_08_2019.doc	doc	adfb40518e76da88b465cac35e6c32bb025e1f0188d96470a06ef516aef5d5ea	31.48%
2019-05-08	LLC_4345746937US_May_08_2019.doc	doc	05a1b779f06811f6f3278380db221fc143ef10a8b3b0868b046ba6661009d3c5	32.26%	Heodo
2019-05-08	LLC_680241785255US_May_08_2019.doc	doc	1e38f977023236a6846336944e69af0ec5c89016191720fb97d1aa7b8ca65768	33.33%	Heodo
2019-05-08	FILE_3682952855US_May_08_2019.doc	doc	644420b3e764f5becc1266ffda8af58fbc5290b8dc111da82d1cc03c894a10b5	31.15%	Heodo
2019-05-08	Document_6750005678US_May_08_2019.doc	doc	7569c44f5d04fef27c5b9be4b22eee2f5f81edb46857e077255f4d593cf09d33	32.79%	Heodo
2019-05-08	SCAN_2387887744US_May_08_2019.doc	doc	9adc9066332115a8bb06624f01c63cf46cac833799ab8c34d9443a30d0eda268	38.33%	Heodo
2019-05-08	FILE_40010914236US_May_08_2019.doc	doc	910b21b089dd8f21d37f4a08fb65efe7d20807abedda2a694bb1bc42dbbf4b90	39.34%	Heodo
2019-05-08	FILE_79762156107US_May_08_2019.doc	doc	56a81f054ec9d600f1085245e2cb9e6e88794c3c91069b4f088a764fa03e9021	37.70%
2019-05-08	LLC_2052100680US_May_08_2019.doc	doc	5610fb4f2521abbb5a78ce55ce5efaf6ea7d9c3125baeeb653e9248053417e8c	n/a	Heodo
2019-05-08	Document_05347949378US_May_08_2019.doc	doc	24267568d3fa011adb7ef53f107f6aa01162750e40eef869781ceb0ce6651f54	32.65%	Heodo
2019-05-08	FILE_5870674752US_May_08_2019.doc	doc	9f1c7192efe5fd241d1df09e7705fafd9356fb2e03e08e0d82ee4a26535b4ab4	30.65%
2019-05-08	SCAN_0808638819US_May_08_2019.doc	doc	9fdc9305eec872f1ca504b377314371c1ced1b0772987356ea9fe9ab7662633b	30.65%	Heodo
2019-05-08	DOC_25175231427US_May_08_2019.doc	doc	70f4d11f59ab292faf7be98442a8075b1847f6201ae29f07525107fcf44637eb	29.82%
2019-05-08	Document_85848948508US_May_08_2019.doc	doc	ba914a678ad010cc2bbe98ad8eedf42154633867e2a9222186c7ea69f420826b	30.65%
2019-05-08	LLC_2498587466US_May_08_2019.doc	doc	d7fc74cd2d6f34bcc7e02522812778a91bbc6591f4805164208847add84ecf2e	33.33%	Heodo
2019-05-08	DOC_2665997266US_May_08_2019.doc	doc	f431544f9099b4f86cf43b676b6be9752436fc4773cf672f23f743b17c41eb9d	n/a	Heodo
2019-05-08	DOC_41060517343US_May_08_2019.doc	doc	d97f2899ee64066ec4a0e641b598c9203a52800de6f3bebe11edad394043add7	n/a	Heodo
2019-05-08	FILE_364071501626US_May_08_2019.doc	doc	4199ac96a54a1125914dd6d442d3827273228153c600083f1ad4290c9dd2030b	n/a	Heodo
2019-05-08	INC_60195483803US_May_08_2019.doc	doc	28cd75af6569612c8dc642936de3a2680f75d49e1d38be1a3a782fcf11dedb31	26.67%	Heodo
2019-05-08	LLC_87684871460US_May_08_2019.doc	doc	97751f7f85a31dab44e329097291f769be1f4f616b727338faf73cfe603ada69	27.87%	Heodo
2019-05-08	FILE_41818814821US_May_08_2019.doc	doc	f47066b0cc76015cc75de6b864de2d94048b07e5907d3aa8de1716050d655b22	28.33%
2019-05-07	SCAN_2681052762US_May_08_2019.doc	doc	0d259d80a2460b40a664d20e76eebbe3bea398cc0a391c3bb201e6fbf18979e7	25.00%	Heodo
2019-05-07	LLC_46171774756US_May_08_2019.doc	doc	e0cca29fbe79912a60ba57c8776d7f84e85495fa54a0e5244c0917df09b6b359	24.14%
2019-05-07	SCAN_965825498841US_May_08_2019.doc	doc	497fe0c5adffb28afd5d1add4b8fff359cd9a43fcb88aaa1f0e3ff9c30e268b8	26.67%	Heodo
2019-05-07	SCAN_19249017594US_May_08_2019.doc	doc	bf55a3a3036d1f003f56596666d4ee9d217fd276a3a24bf38d1eb2f4d581f149	25.00%	Heodo
2019-05-07	SCAN_828225578790US_May_08_2019.doc	doc	b1483f528d6f343065873260bd457abe6436aff1c7cb08d3df1f4a293028fc90	25.81%
2019-05-07	Document_2462157693US_May_07_2019.doc	doc	e6c5cf2d7f36d84ab09e9785e24783ee44b08a299a445f514a8d8aeec7f70a31	26.23%	Heodo
2019-05-07	DOC_223900179951US_May_07_2019.doc	doc	0aaeaa93626bdc87153bcbd213712de5c3fa7f98f2455f1e6e5cd2f46c03b0d3	23.73%	Heodo
2019-05-07	FILE_88473367267US_May_07_2019.doc	doc	f412a78d93f03f39f6a58c865c75d6481a3ecfb83a3fdbf1ed32c0c546a773f5	37.70%	Heodo
2019-05-07	LLC_25953567839US_May_07_2019.doc	doc	2852a51e9338a218c5e3877e7979a58b5dfc4c639d158860b5de7a63c730ceb3	25.81%	Heodo
2019-05-07	DOC_350708095502US_May_07_2019.doc	doc	6e9e2069fd301514895562e6dcea62dd8453d0097a129fc0861718c5b41fb025	26.32%	Heodo
2019-05-07	FILE_983445986021US_May_07_2019.doc	doc	51dd24ccbe52ae79f2325057045832374d3c494ecf7c6839778846c72f86653e	25.86%	Heodo
2019-05-07	INC_180225418032US_May_07_2019.doc	doc	e9771e82271beb5c983f81566668f27bb2b45d500277e14612dc3cd86ac4b9c8	25.00%	Heodo
2019-05-07	DOC_67440977495US_May_07_2019.doc	doc	28e68b85f1bb66d9f63b619a9751c51f270b12f221ed712b879ee9c8c4963140	25.42%	Heodo
2019-05-07	SCAN_017553767724US_May_07_2019.doc	doc	1c9028db91010dec623486a707f05a6df29570eafa32b1f3c1243b3578fd559d	26.23%
2019-05-07	Document_660503200884US_May_07_2019.doc	doc	568d369f2f809d7d70481953b14401f4d72fe4879ed817d66512cc7cd83f63f2	26.23%	Heodo
2019-05-07	LLC_568441031246US_May_07_2019.doc	doc	c0b07e095ee0f8c7584d5521226c70d1ea1054130e7157f052c2d11461f3bd1f	25.00%	Heodo
2019-05-07	Document_84861824107US_May_07_2019.doc	doc	644eb7976025866cb83fb07f99802dabb9ab0100acb262c43488b5c63a068e9b	26.23%	Heodo
2019-05-07	SCAN_20676995903US_May_07_2019.doc	doc	6fb876df141e97d3e77ac20e9382dc6d07b901820ed45f8c89913069555ca567	27.87%	Heodo
2019-05-07	FILE_62995233133US_May_07_2019.doc	doc	89cf5a3d050ed936c030df8a3df1658dbc95bdf2c9cfb8abf52ca87020c8f727	n/a	Heodo
2019-05-07	DOC_429510441091US_May_07_2019.doc	doc	95c225d91c6742ee6e9de9078232173b4460b7eba84d9028d67a30403bfe4781	28.33%	Heodo
2019-05-07	DOC_350055562961US_May_07_2019.doc	doc	7991d998fbfed68935eef7674e2d86c453574448070a43be7dc54568005788c4	n/a	Heodo
2019-05-07	Document_14417191198US_May_07_2019.doc	doc	ea5bc88cfbb5d264ce5618d10691dc17d9363ee80775446c88aa7024bd9bf5d5	36.67%	Heodo
2019-05-07	DOC_139848085992US_May_07_2019.doc	doc	1ebc995bd0203de608ba84c57f8a98077f5cb558d9a256587641ac370763fec0	n/a	Heodo
2019-05-07	SCAN_1237291964US_May_07_2019.doc	doc	db2682ac87baf8bf0fce33057ccbcbda5863c92f93289c220c933f3963ada679	n/a	Heodo
2019-05-07	LLC_4392671296US_May_07_2019.doc	doc	89dc7cdb288773512c86d6b0acf246b477307da0b6e34d0c1093012164148657	35.00%	Heodo
2019-05-06	DOC_178460718541US_May_07_2019.doc	doc	50913fde5c989b2abda49269d9cc1872ef9f7ce9fe42391b08126415eb5e51b8	32.79%	Heodo
2019-05-06	FILE_679627251472US_May_07_2019.doc	doc	453dfb404901f133717a9bfcd40832dbbe9ed7a24622cde124065b7367479388	33.33%	Heodo
2019-05-06	FILE_24382079928US_May_07_2019.doc	doc	26b4ba9fce4653c52725f4d90a104e68f4c065a0457c6c842f0983575174ef15	33.87%	Heodo
2019-05-06	FILE_5523187482US_May_07_2019.doc	doc	4e4a1205fbf5a1fd85009df8475be2d2e8db957ba0c71b6793c9f11118165d22	33.33%	Heodo
2019-05-06	Document_669112199207US_May_07_2019.doc	doc	4ad58d06638a399c4b1ea742585e6d555722ce89a94ae63ac657e77b34688f9c	32.79%	Heodo
2019-05-06	FILE_5804450579US_May_06_2019.doc	doc	bd21e6f1da5dd385350a8631c49b13197c82ef4331a7da2710d7a38d85d7c4bd	31.67%	Heodo
2019-05-06	Document_13491711988US_May_06_2019.doc	doc	e9b4a303c1572b9aa9374b4ec654f02c4508b2b0f7c4ab52e77bc6c0b8a4c411	30.00%	Heodo
2019-05-06	LLC_343333489678US_May_06_2019.doc	doc	14e2c112179900b4a24259af0f459268113ff941cd93d5dde161d0db48e34bb9	n/a	Heodo
2019-05-06	DOC_35164081717US_May_06_2019.doc	doc	0397702cb6aa2280fc7200248972194bf1c12c9463b1ed41e163b7e1a4e65532	27.12%	Heodo