URLhaus Database

You are currently viewing the URLhaus database entry for https://www.wnj.co.th/cgi-bin/OY0Zinga90YG7z1oLcuaKFi/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2123183
URL:	https://www.wnj.co.th/cgi-bin/OY0Zinga90YG7z1oLcuaKFi/
URL Status:	Offline
Host:	www.wnj.co.th
Date added:	2022-03-30 19:52:06 UTC
Last online:	2022-04-02 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 19:53:06 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	2 days, 8 hours, 33 minutes (down since 2022-04-02 04:26:40 UTC)
Tags:	emotet epoch4 heodo redir-doc SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-01	KIC-98096031331758.xlsm	xlsm	038b2b0b380d3768f3d9527e452bde092d4900c621bdc393d324415ebac36b8b	n/a	Heodo
2022-04-01	XYQ-4106233373.xlsm	xlsm	60c4d1f685f36a0120a23c7fd8aa5ca2ae442c84ade6fc63771c5463defd9bd7	45.16%	Heodo
2022-04-01	NN-11797685230.xlsm	xlsm	178e56af34b8983297784e7e795578c7567350c8ef3be2b30a43a05de59b9e8b	47.62%	Heodo
2022-04-01	UTE-2072134842.xlsm	xlsm	fc98891573651d036bc91667cbf079a445077325572a44f03802b5d6974c9ff0	43.55%	Heodo
2022-04-01	IL-39425907353080.xlsm	xlsm	bba184efb454972191ec837362eddc4ef35f60b616033ef54cbd77d1a70f8f3f	36.51%	Heodo
2022-04-01	GV-885452941722282.xlsm	xlsm	534f4ab246459c91599d4d14e916a2f16707134075a5a88d897105a0e782632b	n/a	Heodo
2022-04-01	DF-186634381874.xlsm	xlsm	2efeae28ad35e91b7abb28eec555e20e394693d8454514a43fc119fde473348e	42.86%	Heodo
2022-04-01	BB-1987240.xlsm	xlsm	f0f09aa290ea5163df87f24d45da92c595dbae836d83283915154fa7e2d0a3c3	n/a	Heodo
2022-04-01	OOI-3368895790001.xlsm	xlsm	dd701c6097144f29f8fbdddc93a18a1c0ce3c3b51d5b4f0c6683e906ba8426d9	n/a	Heodo
2022-04-01	DL-39539602348665.xlsm	xlsm	fa5f3e1ad7a0966fac2a2d091be90b6c0d70c79e258c9b19a2e93c47cd0c4818	n/a	Heodo
2022-04-01	MN-00373760966818.xlsm	xlsm	393d4fe454720708127a511564d5d5aab745e714a3e0dedafea5aa94c2d4980e	n/a	Heodo
2022-04-01	BO-414436167.xlsm	xlsm	989afb22d889ef10aefc7185c5a8d051fa3dd6c0f2a6a811c1a89498e293b615	n/a	Heodo
2022-04-01	JW-661199712.xlsm	xlsm	fdaef695835e1a9e056fe2496ef611e4250388f7712102116b6717894e578f50	n/a	Heodo
2022-04-01	DR-4063106.xlsm	xlsm	09e3e96e0e415868e1458e08a45745eefd6455c7bc1d978a1dc345c4274c15d2	n/a	Heodo
2022-04-01	JP-8200819171431.xlsm	xlsm	fd9c7b2de5f9a936c9a16ba8ae8e5215dc92021e435a8285fb36ccadd20e871f	38.98%	Heodo
2022-04-01	AI-2976296.xlsm	xlsm	21878746d787b1e233ca736e023094af743ff3c853baceaaba65afcd7cdb6823	n/a	Heodo
2022-04-01	UZ-62384009673.xlsm	xlsm	e40bfb9b0a236fa78f9150e560fa82b899430dd6cf6da41388a30f8e09496ece	n/a	c8fc17ff030feb3383d8889f69abbb
2022-04-01	ATV-2915474.xlsm	xlsm	45a99040aab95ccb6eae75a169ae10f79883e11c53c29bc41ffffd0a329940ce	n/a	Heodo
2022-04-01	RTZ-44877938.xlsm	xlsm	4c7b060bb7b1693ef3943692ce9c62204426393f9af92ca39c4c57e09b03cc25	n/a	c8fc17ff030feb3383d8889f69abbb
2022-04-01	TIQ-621853935.xlsm	xlsm	f44647dcfb785e6463e4203aaecc8f5d7dcbebf18418667ed31c226c92372383	43.55%	Heodo
2022-04-01	KCZ-95277806748456.xlsm	xlsm	9703f8b1fa17b92402d32f6c4862122f218a13d6f0a11dae499dbc77d7a9cdc3	n/a	Heodo
2022-04-01	VMR-1012397.xlsm	xlsm	bad29f90618ce3abdf8296b3212e2b256d0ba9047f64c50681339f93fdc7a729	n/a	Heodo
2022-03-31	JWR-415548372473804.xlsm	xlsm	1f89665519be0af8fa6ccf11e12d78adc54cf5560f8826352dd036d8663a9bdb	n/a	Heodo
2022-03-31	WVG-417222828.xlsm	xlsm	5fb54e96fe17c395fa69dc06933558b083ae9cfb1391218f12c539c2645a8311	n/a	Heodo
2022-03-31	XJ-6501732790479.xlsm	xlsm	65d9f4ae7d90232314fd04917e53e9f4e2a214ec3670daad35bd2f51fe9a45d7	n/a	Heodo
2022-03-31	XJ-213670698199130.xlsm	xlsm	73a1d60faa31200f09f2567671137d6b5f9be02a97eec33fc20971d151d5c8f1	n/a	Heodo
2022-03-31	VGR-258231025.xlsm	xlsm	a395d2ca627270c1b53481050d39c6395c778682e98aeedcb00d1f68fd1ec23f	n/a	Heodo
2022-03-31	IPS-422523744.xlsm	xlsm	99bacd00ff714e00339dc64c1418b2c0c26ca69120e34bd32ba8e73d2044cd9c	n/a	Heodo
2022-03-31	XFN-13684949178.xlsm	xlsm	8115bc600c3294ed207ae6a9310eb986b107f74f69a64db674837ba2e2957ac6	40.32%	Heodo
2022-03-31	YJ-542508272883488.xlsm	xlsm	0e92cfd04405b8b597562761080285f19807c04c48c7278fe7632271ded41c3d	40.00%	Heodo
2022-03-31	WS-906681652988.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	TSF-043902295124212.xlsm	xlsm	53ef2d3a553342c46f5d3011cb07634e1f02b36dae99808e47dd459dd384e388	n/a	Heodo
2022-03-31	OC-1657335379.xlsm	xlsm	a7ae8fb40c5d93e9ddbfc68b000b65ba19b085e7a19d3a5d9bef1c243a6add91	43.55%	Heodo
2022-03-31	KOP-69009598689775.xlsm	xlsm	b5df411a9037fcd4dc6b3e92145aae14064c20edf7476a543c778bdb8af22600	36.51%	Heodo
2022-03-31	LT-938665409809381.xlsm	xlsm	c3a5d5bc890f935056c127bdeda35cfcfbb8e292e59774a24ca5611e94430907	37.70%	Heodo
2022-03-31	KQ-7212166788528.xlsm	xlsm	41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aaf	n/a	Heodo
2022-03-31	NW-360524980930341.xlsm	xlsm	4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533	n/a	Heodo
2022-03-31	VEV-1141421802.xlsm	xlsm	a4e22b806505d549a037a67123efb6b397193d7d2ff28e32d8b73185438fb5ac	n/a	Heodo
2022-03-31	YML-10751273046739.xlsm	xlsm	ecfb46439586ddfd60ed5763f7b103d7487e94bf095208d8967dd838c5a68c27	n/a	Heodo
2022-03-30	EH-361212931.xlsm	xlsm	f6d9028f6903f57570a969a97a510120fa11d93ce778cfeac61862c36d6b6bd2	38.98%	Heodo
2022-03-30	AUP-652818797.xlsm	xlsm	51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578c	35.00%	Heodo
2022-03-30	ME-38293044589017.xlsm	xlsm	a9850d81856c9d96fc75ccfe0a62c2142422d5feb66ad218a0b057a52bc4c554	n/a	Heodo
2022-03-30	EQT-940601011.xls	xls	82be92d18fb73fad9b6f0e90da074abbf2aaffd91c4493491620452f19bd281d	26.67%	SilentBuilder
2022-03-30	n/a	html	e37923f9424ab6f89390d5ee0405e46d579d3db461c2a4698ed33e5c4f8f56e6	n/a