URLhaus Database

You are currently viewing the URLhaus database entry for http://nguyenquocltd.com/wp-content/closed_resource/security_profile/4zskjhw_v3yz0ts586s9us/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	270903
URL:	http://nguyenquocltd.com/wp-content/closed_resource/security_profile/4zskjhw_v3yz0ts586s9us/
URL Status:	Offline
Host:	nguyenquocltd.com
Date added:	2019-12-17 18:03:12 UTC
Last online:	2019-12-27 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2019-12-17 18:04:03 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	9 days, 15 hours, 13 minutes (down since 2019-12-27 09:17:05 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2019-12-19	Christmas_Congratulation_Card.doc	doc	02d28a0e8f94dea2e7eee7d7d292af1489c3bdc23fa23e02cb6f9b32ebb3698b	24.59%	Heodo
2019-12-19	ChristmasCard.doc	doc	05d6a9aee095f8567bf1afed98b7e64505bb0bf9dc87c61644f32c8f63bc26f1	24.59%	Heodo
2019-12-19	Christmas_wishes.doc	doc	e4a6b6d906f970b2963c433b1cf85895a9c9f060eedc982f011c3199b7c9df7d	24.59%	Heodo
2019-12-19	copy 12192019.doc	doc	2c122baed94846843fce1113133b49bd5bb711328ba94ff02f397031fe9b6393	22.95%
2019-12-19	0k530rr2u4p5qk7.doc	doc	9f8ebcb75801c7ae8d18f034893759901eccdd2e3e18c83b038edcd4df072f8b	21.31%	Heodo
2019-12-19	PART_12_19_2019_9162083.doc	doc	61fe55be0a1c2a52426f90abfa9778eef565c849a24ae59e31c6c8ba403462e8	21.67%	Heodo
2019-12-19	12192019.doc	doc	6a876e7d6136471f30899b8264a1c1ba02bdcbc3213d35d8eebeee9f4d210805	21.67%	Heodo
2019-12-19	12_19_2019 A47558109.doc	doc	f958e5ef1f89a03267c2d99256d791d61ee8cb151111e21b2686ebee09292dcd	24.59%	Heodo
2019-12-19	info-12_19_2019 GAG53781.doc	doc	3cb1650cac5770870949aeb67823e4c9f1b8bebc56fdec50beff5eac826f98fe	21.67%
2019-12-19	k0rks8ut.doc	doc	746485abf564bd23adc65a36749ea9b54368e444a0e6b5167fae083fdb180f2e	22.58%	Heodo
2019-12-19	W4516887 315194.doc	doc	c15e005ca7af90c7fddc7fe79b646e5b520fa94946e4f62f4ace5de94b37887a	22.03%
2019-12-19	list_12_19_2019-299636832.doc	doc	8a375c796318cfaf7c7ac3c524f9c401ded50195b94059176d97992ec3832da2	21.31%
2019-12-19	UNTITLED-TCY95876403-5703838.doc	doc	d9c0dd65766e2d2c84672023f2b4e3103ca5d7a686bc06c84488092de91ff1e3	30.65%	Heodo
2019-12-19	Doc_XJ1154347902.doc	doc	cf65b38b2650623e1361a482d1e8e8781019d7a29cb757cf79c1e276583838a8	30.65%	Heodo
2019-12-19	PART_XB6185191-34804861.doc	doc	72ce3df7bd7da4208c97989fe0b93c23a8f3c4348ddd24adf59fa6539cd148eb	31.67%	Heodo
2019-12-19	INFO_EYW83323054393 264258.doc	doc	0c45e14f368d59e03d4881e280642933dd8287a088108931f5c4f1425c442300	24.59%	Heodo
2019-12-19	list_kq47lnoq.doc	doc	39c1d85d9122a432fc48e0162b6720734ab8b31d97fad0dcac4d0d6f6517b6a5	24.59%	Heodo
2019-12-18	doc-12_19_2019-2C65692.doc	doc	14431f1c5a3c66befb90b519ffdd0824f1f13e5521823c31a679a5fe6dc58c46	24.14%	Heodo
2019-12-18	PART-PF06142 101583185530.doc	doc	b1470fd56dc1adaf558a75b6ed75c32cfb5bd8d78e2280d9ec9df85512d9b7b3	26.23%	Heodo
2019-12-18	list unrv21ss8.doc	doc	3be9f66ef6e3feb291bca66c44fd8651d392ab19807b9bce1a7fad00d4a518a6	25.00%
2019-12-18	UNTITLED_4k0n4m6rn3q.doc	doc	6998c2f955541d5a517fd68d96604f2ea2efa83d0d1c0a04fa3d09c629bf3e18	24.59%	Heodo
2019-12-18	J93703338349.doc	doc	5badf79d2041f3f0cc65f49685e0fd05803d25cfc00bcf33a7bd02df10a5ca61	20.97%
2019-12-18	release LCD67898466.doc	doc	661c6e38c4c0089068eec2d5b60d67887e4ddd4c374706a0af0544e726b68160	24.19%	Heodo
2019-12-18	DOC 6qlntuss4ou8q.doc	doc	43c08049eabb097bd65da44392027b6626e52a6bd358485346f0517aa921806f	24.19%
2019-12-18	12182019.doc	doc	11b0ed5fd91147500dc80ea454121eb3a38bc73a789ff7ab2517eaeaa98adec1	22.58%	Heodo
2019-12-18	Untitled-WDJ09844.doc	doc	a5c388ebbee623f26938d67427170bb063976b1dd0524f6ea18b402809afed4c	21.67%	Heodo
2019-12-18	12182019.doc	doc	235a1b8259c33245014cce467f619a2eac184be4c09a020850e4106170388f3e	21.31%	Heodo
2019-12-18	release_ZQ121337903.doc	doc	a9b41646ad51dd5bc762a07a0efce3c6f5d6f372281699b1ba4747ad29e74c9f	n/a	Heodo
2019-12-18	doc-12_18_2019_61548861500888.doc	doc	561126bfb39ff16fe82c097bf9150a1e4b4f4e5674359c8c07bd900befb3378c	45.16%
2019-12-18	uuvqs9u0.doc	doc	96eeaeda0e8075bdc21431cfa17b07d5ebdedcd515b5073c4074b64202419735	n/a	Heodo
2019-12-18	info 6VD251255344.doc	doc	992d05921516c9f141fca70dfe31a45a23b8eb4a1ed260bac73a3b5aa4c78638	41.38%	Heodo
2019-12-17	info 5400.doc	doc	c5d5567a19f89c15c6f550ae1d8470b6b6d777dd2e8086d4aae4fbc8f63376ce	40.00%
2019-12-17	Untitled_1EI95626369353 74807.doc	doc	5eeb8f8625be1a807a4cdbceb5d5bf167158ad4643e679d5b37f4b9abf87eb4c	n/a	Heodo
2019-12-17	SP6289371-2805620.doc	doc	babd2db09be571cf6283d08571375e65df5560d5af2bc50fe50621284f4b951e	n/a
2019-12-17	Untitled file 12_17_2019-09B8152007588.doc	doc	ceae4c14841343d702281180491e9442cbd7d06234492418f059381af8b54d21	n/a	Heodo
2019-12-17	rep_2442.doc	doc	b7c5359912e1c89f19135f60e2df6d473fa8a3b32c7dde466b65245bf8e20682	n/a	Heodo
2019-12-17	COPY-Z81646993.doc	doc	46a66f010f62de62c733a35ca049071db334beb17019ae8532117fc59b1a47eb	n/a	Heodo