URLhaus Database

You are currently viewing the URLhaus database entry for http://school118.uz/wp-admin/uGnr-MAYlNw5DMi9ofk_XpHLtHhZW-kZ// which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	192607
URL:	http://school118.uz/wp-admin/uGnr-MAYlNw5DMi9ofk_XpHLtHhZW-kZ//
URL Status:	Offline
Host:	school118.uz
Date added:	2019-05-07 23:50:05 UTC
Last online:	2019-05-12 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2019-05-07 23:52:03 UTC to greg{at}uzsci[dot]net)
Takedown time:	4 days, 8 hours, 53 minutes (down since 2019-05-12 08:45:46 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-05-09	PAYMENT_1VHWVSELB_05_09_19.doc	doc	94bce68dfa8599a8c5a0e9b5bf3916b22b8c707f7c9252bc7457ffd0182e7974	27.87%	Heodo
2019-05-09	PAYMENT_1NGGWXP.doc	doc	0ceb403c18afd9af6c1ca2d1adcbb28d4b004c7a8b4cb4cf09d4df9b161d0bf7	27.87%
2019-05-09	PAYMENT_467XCXCPQWN_05_09_19.doc	doc	e9db7090bfba4b054bbcee481ca8c27eb198f5da5b4cec938dccd0cb763bbfba	30.51%	Heodo
2019-05-09	BIZ_2047NBHGBGJA_05_09_19.doc	doc	f25ef6f7473023004f61661a56cbf8c87f866daad7d9964b8e96c340ae50fd63	27.87%	Heodo
2019-05-09	PAYMENT_2477524RONTPRS.doc	doc	97b3e25e36bbaa072db286d9df19c84e83473e67eb4e3adb57a4f7e27c073746	n/a	Heodo
2019-05-09	BIZ_19OTUMEYJ.doc	doc	ea9f8dc56a1976c705ee69983ed7e27deb144af457c2bbd0e7f18dcbc1af6177	n/a	Heodo
2019-05-09	PAYROLL_1DOGEMS.doc	doc	e973853ebfcb0a181457503d5e00102f03e14645a61de6af19bdd3f65d276642	n/a	Heodo
2019-05-09	PAYMENT_364SXXSAIA_05_09_19.doc	doc	d5251409a95077da941c2eeb67c9db988728ef44c7abfc5002beb2f31c8faccd	25.81%	Heodo
2019-05-09	PAYROLL_186TPTHLIK.doc	doc	6afbf63f5d9aa9c4fe49b5ef5c12e2419de703bcdc76b10028081c36bf2c58ec	23.73%	Heodo
2019-05-09	PAYMENT_86LNZYFQ_05_09_19.doc	doc	f2608ee69eb369599dc93776ddd0382abce5f19f98dbeb52f3a506664ae15450	n/a	Heodo
2019-05-09	PAYMENT_53SECGHYIU.doc	doc	dfbb046ce3a129d416fc31f23b0d66097132cb33fbc522187df01b73ee66776a	n/a	Heodo
2019-05-09	PAYROLL_8366926VXHMOPD.doc	doc	9b36777e0ce27291b2c0aaa9cde7b9fdc7c144301bc087288cf328cbbc0df612	23.73%	Heodo
2019-05-09	BIZ_34359PBOLTZG.doc	doc	604a85fac22c26ed9dbc45f647f3dcaabe71b5b8a169da9f4d68b4f82dae871c	n/a
2019-05-09	ACH_8FHLVRBWT.doc	doc	7aa83b54bd472bff5b45e539b93451e396125c936e3288f49e884b36106a3f28	n/a	Heodo
2019-05-09	BIZ_4756196TWCVLA_05_09_19.doc	doc	e35f6558376d76709faf77746a03f9a08b620636997cf7578b9de8a29d1ca63d	25.81%	Heodo
2019-05-09	BIZ_4IFYVGNOR.zip	zip	288a2a25b43bc881b58b6618116992b2fd3695bff03727e286cda2ec72a966ec	n/a
2019-05-09	PAYROLL_34523RAXPVFC_05_09_19.zip	zip	b6ac85803edd272c734a7c791c2aa0ca2c3447c50dc8a58daf58040b2af1ffe2	n/a
2019-05-09	SWIFT_14DCRMAEY_05_09_19.zip	zip	46761e0c0cd181a0075af6510b3e88adb346a58df9a3d5f37d9f0d9e9102bb59	n/a
2019-05-09	PAYMENT_8BCKJOKD_05_09_19.zip	zip	ce3c181175476d16a5e42d5b184dfc798833e56c477e36c8b6406ec56cb6d327	n/a
2019-05-09	PAYROLL_7810LMVGWAU_05_09_19.zip	zip	bc8e9b63673e5ca2a701815f5688793d888561daeb2324e2e2023978130acd40	n/a
2019-05-09	SWIFT_9IYHDQW_05_08_19.zip	zip	54d4be4724a324030ea0d2d1b89d84762a37c21feaf25136e35cfaf2951aeee5	n/a
2019-05-09	PAYMENT_329391TMKWGPND_05_08_19.zip	zip	f13b66a27597430bbebcdd1c0730b8db8179da8c7c731723d488849ec8c4ebd0	n/a
2019-05-09	BIZ_1936323OWHLMTTO_05_08_19.zip	zip	c279425ff6fc751842bc66f36ddb1ddb1ee18b42e468201c7f02ce868115d656	n/a
2019-05-09	ACH_2933318YDWRVBJ_05_08_19.zip	zip	952dce2b9a82a751eb3b607abb1c91bf553f2f48a514981a036364dc15bd30ab	n/a
2019-05-09	BIZ_16DFETWE_05_08_19.zip	zip	3f5c258645dd99296d23d08ec6bee9a9f9f81159c59252cf9cc51ed8b0a9f68a	n/a
2019-05-09	BIZ_83KBCBTRH.zip	zip	6f77277c036ee0f94a0de7f0251e1a2e5d616601ddbab6922ab325fa3c540fb7	n/a
2019-05-09	PAYROLL_389629RIQDEP_05_08_19.zip	zip	625ec26ea2515b43a52337f16eef48bb5c26a5a1e9022f9de3da985718dcfc19	n/a
2019-05-08	SWIFT_7BVZZEMAY.zip	zip	e0524141cddc6b75d4820e5a0b0fa45ef9e9934e4baced96e687023d4ef6360a	n/a
2019-05-08	SWIFT_72PAERWLYJ.zip	zip	f4181b79a26c8fe07e66b19caa1fa7f475307135f6c1be749e5829ccf360fc21	n/a
2019-05-08	ACH_4GQGKOFZX.zip	zip	646d070469baa790901b1e0c9380dcb6a2b8a2be7844cd06845132ebd1f65c1c	n/a
2019-05-08	PAYROLL_799917FXFKWFNB.zip	zip	83f9cb61675171b7188fb789c88763716e45d2d67fee1544a0a30e58615612ea	n/a
2019-05-08	PAY_3YLHCCO.zip	zip	01711401f2504035baf53ed4bfe620a93d1a5b7321b8eb984def49b931902e80	n/a
2019-05-08	SWIFT_5MGDOSB_05_08_19.zip	zip	c38dfa198afba22e1e0433a34005f29de411b1bcb61093362f9a99c76d8cb2de	n/a
2019-05-08	PAYROLL_43AJNQZE.zip	zip	fd1a6c6f58ab58d2eedd99b6d06178ac7347ccdb603a830f9132acb9b1d2cb03	n/a
2019-05-08	SWIFT_10118GEPAWTAH_05_08_19.zip	zip	aad8dc3adf7c3c2b51912d714be822c461d6b4fdd94b70e5fedaec14db95653b	n/a
2019-05-08	PAY_624TJBBMCJQ.zip	zip	fa1e6c3b06a646e72d014d8bf960bb8337029f729e212cf44148f9ba312b850f	n/a
2019-05-08	ACH_72ODOGTY.zip	zip	8b47740d797f31f41b7cafe657afbcf868c04bad1403105720e56a4560a46cb9	n/a
2019-05-08	PAYROLL_1787114JXWTUR_05_08_19.doc	doc	190b11df7732d70d534d5f9efc969298fdc931c8beaff3a3b9592494a919fb05	36.07%	Heodo
2019-05-08	PAYROLL_0745LKAJIS_05_08_19.doc	doc	98c46f0bb26e4e59538488565084fce2edce3ed4bdaf1548e64cdc5e61ff95da	35.48%
2019-05-08	SWIFT_299KOIZOQTQ_05_08_19.doc	doc	8fa0addc0c1417dd05c67e654d3530a9fad4c40825cf2537d1b425b66f6e7deb	35.00%	Heodo
2019-05-08	SWIFT_49004DFJCRA.doc	doc	6964b98e57e916fabb11b9325e9610748e9154a71cd4a51c3f1eb9f26a3026c3	35.59%
2019-05-08	SWIFT_4LAFIBI_05_08_19.doc	doc	d448eb94b5e8751acbf1985ee01d4e74cf5e8c057788b925d7317b7b425d8d73	32.79%	Heodo
2019-05-08	PAYROLL_38MIGCJI.doc	doc	5691e8df84dece6ce7b50e4c289acdb5a7c17d2d0c773635bd56faee9dfcd8e3	n/a
2019-05-08	PAYROLL_15SWIWGSI.doc	doc	ee3387f37f72239aa8ea1c47c80627005fd966905566f74e6eae9f46e7ebd70d	n/a	Heodo
2019-05-08	BIZ_671965VTVSDJV_05_08_19.doc	doc	2f4a8482178f88a6a82aab7aa00505ccd1692da3234d17957f6e95ec7ae12f4a	36.67%
2019-05-08	PAYROLL_4ESAYDKG.doc	doc	e8ae2cde2f6d615a57c4f8de185979bf9e882a0519e49283dd7c4789a64b7db0	n/a
2019-05-08	PAYROLL_2SKTJTAC_05_08_19.doc	doc	5aa042c4337f710cdfbee3517a8f65cbe1d173bab103828cd3cff4deb3408eca	n/a	Heodo
2019-05-08	ACH_0496YVJZIR.doc	doc	5e416e9f9829f36b7e0f9b18b38b7e0fb83e72c1959e2080a76baee18d83768a	38.33%	Heodo
2019-05-08	SWIFT_328968CMDSMK.doc	doc	e7b9e02133ef7b8745cacd5a71838137222feb5b25b632a60678b0a4ef96999a	n/a	Heodo
2019-05-08	PAY_9727WYKOVYTE_05_08_19.doc	doc	9937a81a55b1205d1c436992bde547496754ce77a29177eaed7d1673032f37d3	n/a	Heodo
2019-05-08	BIZ_84735UHYZIFSC.doc	doc	9b1ee33ad69ae1b8c13bef2d7df35bd903703fa8c30744e2cfd9f7130c728ff6	32.79%	Heodo
2019-05-08	SWIFT_3JFXWGR_05_08_19.doc	doc	ef8716972370b8719474fe7c6d896d751cf27f0fa0a80bab6524f840ea05344e	33.33%	Heodo
2019-05-08	PAYROLL_18557PELYMML.doc	doc	57693c145ffdf48026c1948d309293da4e0007b524dc060b8de17034a41448cb	32.26%	Heodo
2019-05-08	SWIFT_11EQFCCY.doc	doc	735d79ebe44a283b4c97f2678b0879451f8f44c210b212aa749d9d47196041e0	31.15%
2019-05-08	BIZ_029MKFJXDS_05_08_19.doc	doc	99abc56ebba7819a27bfef97998622a7082c44eb00aa6f4e225a77af0e257ba9	32.26%	Heodo
2019-05-08	SWIFT_470WRGQRU_05_08_19.doc	doc	1445c07e94df1aab9b8d29c8bdc0d2dacaf61c5af509c9fd4e77b252a4259f71	46.77%	Heodo
2019-05-08	PAYMENT_0589GQULGDV_05_08_19.doc	doc	a71b8728cbc139ec32ddbafbde1c2b3bcd08e239523ef892111ff48e4ad93997	46.77%
2019-05-08	PAY_604274WEUDKE.doc	doc	f13b12b90d3f13577fb85c79d91b639adcfb07d1ac2216c74158f64a6e4659ca	n/a
2019-05-08	PAY_85JJXWVVZU.doc	doc	ea5d4c535f425371ab118f223fa14e9f54201700f1302e4b30fbe68f9c445b3f	46.67%	Heodo
2019-05-08	PAY_19374MZHLDO_05_07_19.doc	doc	a4c4dcf79d6b070599d3a813d8b542c8688a393b69f816012924b9f4d7f04059	n/a	Heodo
2019-05-08	SWIFT_564815BJNJKE.doc	doc	41289082e20c3e62e9f052b546c976a55040189acbb92e08c27bf88ad815807b	43.33%	Heodo
2019-05-08	PAYMENT_53201DCFFBJ.doc	doc	945d2d135ae3508e486be34ea2bea9305c48a699ae6447462ee1f251e4fd3b15	26.23%	Heodo
2019-05-08	PAYMENT_57BUPLDMQD_05_07_19.doc	doc	6c74e8cd204af8dbbb5ceaf66e4a09d1b5d0ab931f0d10f8fa3e5d392505c355	40.98%	Heodo
2019-05-07	ACH_16NZXZPXF.doc	doc	535af08c5e5a827b5daba5ff5df228e00ce08aae8b972997362e06675c0d8a56	38.98%	Heodo