URLhaus Database

You are currently viewing the URLhaus database entry for http://lejintian.cn/wp-admin/parts_service/u0hovmjmmyv1l32_tyg484j-650166756659060/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:195642
URL: http://lejintian.cn/wp-admin/parts_service/u0hovmjmmyv1l32_tyg484j-650166756659060/
URL Status:Offline
Host: lejintian.cn
Date added:2019-05-13 18:07:49 UTC
Last online:2019-05-16 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2019-05-13 18:08:06 UTC to ipas{at}cnnic[dot]cn)
Takedown time:2 days, 17 hours, 20 minutes Poor (down since 2019-05-16 11:28:43 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2019-05-15DOC_7411756417US_May_15_2019.docdoc 8df835a0bf2251c91d7c607742cd028f8a97a2dd9adb2c95643d6cff5b302e5fVirustotal results 11.48% 
2019-05-15INC_69444149359US_May_15_2019.docdoc 827608c8a4854bfc571b21271fb2b6311a05daa95f60b0cc69de8dcca02d1d64Virustotal results 12.28% 
2019-05-15SCAN_79485676976US_May_15_2019.docdoc b593b09f27224656a01d5aabf8cfa0ac8dc8dfc13fe8e307cc9bcc9c44fe9f7fVirustotal results 13.56% Heodo
2019-05-15DOC_032994111259US_May_15_2019.docdoc 89d27d3e106583ef2e07d184e62702f5653f94454be7bef136968ab9b0f1570eVirustotal results 11.48% 
2019-05-15SCAN_03694701373US_May_15_2019.docdoc 90e4c4d3e28cbb8079e45b77198bedfb25fa9dc5383277f2cbaf8bd0c7c7ce54Virustotal results 19.35% Heodo
2019-05-15LLC_318670581880US_May_15_2019.docdoc 7a4881229ca767839e8b9995cbfcf443be9a032905dd8995ec5d6acb6ce050c4Virustotal results 15.00% Heodo
2019-05-15SCAN_911765369168US_May_15_2019.docdoc 9cbf289774b328e8b65cad33374da81d3a8ac28281ba4b99edb25d98fb04aa2bVirustotal results 14.75% Heodo
2019-05-15SCAN_5725440446US_May_15_2019.docdoc 781057e4fc05d8206913611da110145548311a440f0922c5a238dcf4839f963bVirustotal results 13.33% Heodo
2019-05-15SCAN_86770337087US_May_15_2019.docdoc f2c356a5be1efb7ecd91c0cdf1d9526c539c7477f448eec89342ff38dac8d918Virustotal results 13.33% Heodo
2019-05-15Document_324682779893US_May_15_2019.docdoc 0e97304127079f3e4c6cc267f2f49eaf6e5a66736f8fd0e8ad73d6e4641243b7Virustotal results 13.11% Heodo
2019-05-15DOC_3292522347US_May_15_2019.docdoc 769cc3e61d5656e37f834b89fec79ba90093a635e9fec85ae8d33164ba3d9149Virustotal results 11.67% 
2019-05-15DOC_947125040108US_May_15_2019.docdoc 3adbfbd11a5299f0f18788996d5d89720bf672ebbc1008fea02ef732f50017c0Virustotal results 11.67% Heodo
2019-05-15DOC_612822491845US_May_15_2019.docdoc 5193eb38e48695aa084621411de74c0c61759e7dcc253ba2be0947a80c0b322eVirustotal results 11.48% Heodo
2019-05-15FILE_8086497540US_May_15_2019.docdoc ccbf4c1d8d50c097b3d50b2211242670f8dfafa0f62411cc9fbf671ccbe5b5a5Virustotal results 11.67% Heodo
2019-05-14LLC_020964177502US_May_14_2019.docdoc adc07b7378fe4151f14b3b95e74c2672265af06b3defc0d178101a4f3b471ef0Virustotal results 34.48% 
2019-05-14LLC_2093007028US_May_14_2019.docdoc 7b24e6266c7a15da11ee8858bfd8bee5239e61321bbed785e7b59fb0e286a51dVirustotal results 13.33% Heodo
2019-05-14Document_087652644040US_May_14_2019.docdoc 5f7df5ae858abc5f9143bef4fdb5dee06a82fac18181010b7c3ee40d2dab86d1Virustotal results 35.09% 
2019-05-14LLC_513670357048US_May_14_2019.docdoc a5f234ffe4236cbcde90ef95db56e9ce0f2af4dec1a82d3e77cee501920ab4c4Virustotal results 13.11% 
2019-05-14INC_762025125827US_May_14_2019.docdoc 6dfc0b213c2b9114b1f3bdb6fdd22ea839fea568c3e009c426a9d23714cc4459Virustotal results 32.76% Heodo
2019-05-14FILE_928628263022US_May_14_2019.docdoc b41990cb22aa0c188e2f554bb19f5c964670d3db64a8b5efc21ce908dbd7298eVirustotal results 34.43% Heodo
2019-05-14DOC_16088040854US_May_14_2019.docdoc 3eddc6f302caa969ec96c25129c1c30c0b3291024bb3a822d85e8a5216b5a378n/a Heodo
2019-05-14INC_426210407520US_May_14_2019.docdoc 012ae3cbcb08ad063dae6f61c5989efdaf8bef9374cd85ac67033724a7b35493Virustotal results 20.00% Heodo
2019-05-14LLC_84825715485US_May_14_2019.docdoc fc453bf2b437e194f0068004a58dccc68c58bea217aa03f8795153058eac1cb9Virustotal results 14.75% Heodo
2019-05-14Document_623784786086US_May_14_2019.docdoc b23666e8e3a88e7c584a5714c9c57f023a6f091ade23349a002616c39811f619n/a Heodo
2019-05-14DOC_322255914951US_May_14_2019.docdoc 46c6a318203f47e262dce8f6305af0ead6a8d65fde6f875a55ea7715f79c8b0aVirustotal results 15.00% Heodo
2019-05-14LLC_9736730954US_May_14_2019.docdoc 683399ef7bebef73259f00a0d9cc1b564bfa7b167cfae83a9f70363b489299b9Virustotal results 15.00% Heodo
2019-05-14Document_8409990631US_May_14_2019.docdoc a449bb74a723db8ca33e09bcea613e6aae370a4722e2f03387945aa9c91fb21eVirustotal results 15.25% 
2019-05-14FILE_5219760605US_May_14_2019.docdoc 894005342c01da06b240c3b9fd27c23fe641c86a62733945142b53c2e92142afVirustotal results 14.52% Heodo
2019-05-14Document_688112205691US_May_14_2019.docdoc 56b9f6c0b0e06a06a9f25519343accdb00776206015feebbd8f2c7c2d35961f6Virustotal results 13.11% Heodo
2019-05-14DOC_61889886971US_May_14_2019.docdoc 130fa99c6112e4b60f5fecc8c59809f5386b341cdd7a1b06fb34688cfb4fa9f7Virustotal results 14.75% Heodo
2019-05-14DOC_97484424378US_May_14_2019.docdoc da81949e8612caf52635b73cde3d730d4fadc63bb05bf073106f79b2153877e9Virustotal results 14.75% Heodo
2019-05-14INC_56954104116US_May_14_2019.docdoc ff42488751f31e94afae338c095aacf8cf2c997d79e8d39e38bf0e8713d04d17Virustotal results 13.33% Heodo
2019-05-14INC_547969222091US_May_14_2019.docdoc b23f739d582fd46ef2bebe99960e05dddc3558d8a637ff8a3270da961f563adaVirustotal results 26.67% Heodo
2019-05-14FILE_12858997525US_May_14_2019.docdoc 4ee32f5983285060104ec1a7699f69a03d77a910a890e494fa0c57de32aa49bdVirustotal results 26.67% Heodo
2019-05-14Document_161574487425US_May_14_2019.docdoc 77151f28477ebd0f46573593dbe4073afa7bc1221908579a89d2183a3ca5c926Virustotal results 26.23% Heodo
2019-05-14LLC_8592266776US_May_14_2019.docdoc 0ac02bafc7497a175e8b6321f393b4f4a07f60e1c16065cca1eeb27b00217b46Virustotal results 23.73% Heodo
2019-05-14SCAN_94922395279US_May_14_2019.docdoc 32d970641625a2a33d5e1cdc052c528249b2e4f408ad304d430180fa299d4540Virustotal results 25.00% Heodo
2019-05-14SCAN_7289105324US_May_14_2019.docdoc 41939451681d0d76293cded1a2826c7f1bd62ba0dd030d7cc823d373efdc9c0cn/a Heodo
2019-05-14Document_3495544453US_May_14_2019.docdoc 8f4a02c8a1ecbf0131226b34c9d39f5dcb5ef92663e8dc40f4b49392d606e4a8Virustotal results 22.95% Heodo
2019-05-14DOC_657019254417US_May_14_2019.docdoc 5c4496cdd3ee86af8935d9e1f64e6337c732741df7824571cf15e426f7913923Virustotal results 23.33% Heodo
2019-05-13FILE_4647300777US_May_14_2019.docdoc efff06ca2c68747883b27ae3102b91edfccbb147f2817543219039446648404aVirustotal results 19.67% Heodo
2019-05-13INC_818845027953US_May_14_2019.docdoc 95b76cb37e2e3caa0e07f01c9aab219e128ea4ac3cab80aa48e9fc2733713343n/a 
2019-05-13INC_8751459724US_May_14_2019.docdoc cee6e8328110a0ba748a787b78d8eebed99ed183922003aa96a7ef7e235f306cVirustotal results 16.13% 
2019-05-13LLC_58276283285US_May_14_2019.docdoc 0028a8ec6e89822bc3faa5e797caf836c057153d3f019d590741060716a55343Virustotal results 16.39% 
2019-05-13INC_429632004979US_May_14_2019.docdoc 2ee3c7107a9831e1b1d90d57365700c94ab4033e6515890204c82203e25c7808Virustotal results 16.39% Heodo
2019-05-13SCAN_81261337488US_May_14_2019.docdoc 8813cd8261963dcbca65371321507b6502aa57883cd91ec4dfe8c5fe17e48076Virustotal results 16.39% Heodo
2019-05-13DOC_650099503678US_May_14_2019.docdoc b311c5c0a459527071166668752e087223a3e5ca6a8c8319ec6ddb0f8ebb110eVirustotal results 14.75% 
2019-05-13SCAN_86719413548US_May_13_2019.docdoc f69b477c18524ba73acae4f93ae321077aed3645fd473eaf75cef1314dfd887fVirustotal results 16.13% Heodo
2019-05-13INC_0533209460US_May_13_2019.docdoc 1595c376a6dbe775478a9595ad780829572095d3264e2ad8dd6e9710f9a18522Virustotal results 16.95% Heodo
2019-05-13FILE_3447083140US_May_13_2019.docdoc 9f5351f25afca434053ad6ff7799422a3f59a83f09982e32a20048730fd0b5f4Virustotal results 16.67% Heodo
2019-05-13LLC_35433629919US_May_13_2019.docdoc 3081d8809d6e4dfddec906b6bc2fde8ea99ae2f2e6c96fc09ce6216ec413189dVirustotal results 22.03% Heodo
2019-05-13FILE_5964083168US_May_13_2019.docdoc d1fe265dd306d12a23abe6fb309fb7a55df3cd5072b13e87f9441bfb27bd98b2Virustotal results 19.67% Heodo
2019-05-13SCAN_9420508269US_May_13_2019.docdoc 6c91e700f82440568c9bb8af07957861829be2801cda74f1634b68080007f492Virustotal results 18.03% Heodo
2019-05-13INC_227122828960US_May_13_2019.docdoc 470961ff90751cc95e11591bfe11720e7ca2c57ba385f7de6bacf250526748e3Virustotal results 18.33% Heodo