URLhaus Database

You are currently viewing the URLhaus database entry for http://xn--b1aafke9aadcbbkcup.xn--p1ai/wp-content/KZkQthxvlDYLU/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry


ID:200302
URL:http://xn--b1aafke9aadcbbkcup.xn--p1ai/wp-content/KZkQthxvlDYLU/
URL Status:Offline
Host:пропроизводство.рф
Date added:2019-05-23 00:06:05 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL:Not listed
SURBL:Not listed
Reporter:@spamhaus
Abuse complaint sent (?): Yes (2019-05-23 00:08:03 UTC to abuse{at}beget[dot]ru)
Takedown time:3 hours, 7 minutes Good
Tags:doc emotet epoch2 heodo

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-05-23INC_616956243622US_May_23_2019.docdocd41489cb0d0504de15f08ad997705f2db3f05e85d71ecb2034fbe1a51ac25dadVirustotal results 20 / 60 (33.33)Heodo
2019-05-23Document_4931287148US_May_23_2019.docdoc1dbd7a3e1760453301a48e728acd4d235d74af47640920b0b046de689c66824dVirustotal results 18 / 61 (29.51)Heodo
2019-05-23DOC_537506713660US_May_23_2019.docdocb3de11f2d9a35f0ab55f86928036e4da3c3112e05a0bb7c42e03ad1a670a83cfVirustotal results 17 / 61 (27.87)
2019-05-23INC_3865743163US_May_23_2019.docdoc84acef047e3ed4c2e6301ea0a23633c98431262c0d2cc8969c4a9e31ad8c746cVirustotal results 18 / 60 (30.00)Heodo
2019-05-23DOC_59500251381US_May_23_2019.docdocdd54251fb8f9186afdc65473e70d39f42bb36aa2f3eb9d1ac74c35f7cd895d78Virustotal results 18 / 60 (30.00)Heodo
2019-05-23FILE_86846958306US_May_23_2019.docdoca2629140b8f8e1fc71305fccc43e260443e92a9e2510b2ea1279a3204989c7f3n/aHeodo
2019-05-23FILE_06482712188US_May_23_2019.docdoc1d542a0fd8412e9cbd2dfadec126fb94cf1927a289b3cba8d2289ba425746eaeVirustotal results 17 / 59 (28.81)
2019-05-23INC_9774414180US_May_23_2019.docdoc6673817be34aa5db84a05855fa2364f04239bcb39d1956c00586357bc2e96382Virustotal results 17 / 61 (27.87)