URLhaus Database

You are currently viewing the URLhaus database entry for https://www.52osta.cn/qza/swift/l-778-550900116-4n6y1ii-0lsjz/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	289711
URL:	https://www.52osta.cn/qza/swift/l-778-550900116-4n6y1ii-0lsjz/
URL Status:	Offline
Host:	www.52osta.cn
Date added:	2020-01-16 04:37:08 UTC
Last online:	2020-04-14 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-16 04:38:05 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:	2 months, 28 days, 21 hours, 45 minutes (down since 2020-04-14 02:23:25 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-18	ST_XQ8054071870SB.doc	doc	9360a477eafe49b7201165c2b2992b85819430dedf852f679f29e03bcb183522	27.42%	Heodo
2020-01-18	REP_0NP0VLT48.doc	doc	a54e809b6163c56c3a3f25d2c7a54f2240785b00414dcbe2ad9b8c687f6eea2e	24.59%	Heodo
2020-01-18	ST_X2DQHL2UC2LFTIOO.doc	doc	9ba523a49280a5213dbdd7832ba69bbfed94fe8c05f269bb8319c05003a1a1b0	19.67%	Heodo
2020-01-18	RP_2U7LZ41.doc	doc	910cf54e7950d880c8bc459c76df3dfa906226ac6eaa41adc218c83a0bf03078	19.35%	Heodo
2020-01-18	RP_00509330.doc	doc	898938c960a20b8e73e9c648590cf2a66a823aa28cec79d54c0a3a6db9176e5e	18.03%	Heodo
2020-01-17	REP_9211195851226300036895425.doc	doc	de952748c6ec69af07599737adcc6f274bd8c73dc723cb218c14b290d2ed6600	22.22%	Heodo
2020-01-17	R_07625532.doc	doc	397485a2bb27c1afd95ff7c8b962c7ebfe4983db30d1e65b71c0529cdddb2f08	18.64%	Heodo
2020-01-17	REP_QOIYU91H.doc	doc	7e89360cca8f0234341841cbdf174fef602631feea9e9870c553d8dc29a7b0f0	18.33%	Heodo
2020-01-17	ST_67364170.doc	doc	dc39f6329f9d5e3ffb4bdb5c07b09c998df175286575e1859da2fa4d3e30fa76	18.03%	Heodo
2020-01-17	PAY_07129959.doc	doc	b8662d6e10f9dc0f0c27460ff54e4f215ddc996fc96e8bcee1c3e925f206a9fc	22.58%	Heodo
2020-01-17	RP_PO_01172020EX.doc	doc	a15fc49e8cc5aa4591a364cb628abc498d133d2fc578877364b5d38ff38e8830	21.67%
2020-01-17	INV_PO_01172020EX.doc	doc	c19ed390ed704a6787c48c4d9b7c642a62bd6ac39eebfa03eed96e590889ccb7	21.31%
2020-01-17	N_E7AKUM7D6PKLBB.doc	doc	398c180bca3820858404f155f0050ec466519c6ad151414f5489e1e9f8395abb	22.95%	Heodo
2020-01-17	BAL_35DP7QPNY.doc	doc	1cccdc74817414b1cd45f3994d81744f4c979dcc6017f6ea3f7b15b3c720faea	21.67%	Heodo
2020-01-17	BAL_PO_01172020EX.doc	doc	f1569c025b21d44c68867d142ebb944c3550240673430dceaed626e80acf386d	22.58%	Heodo
2020-01-17	BAL_GY6492437348WN.doc	doc	a13b037457db0cfd6982e62e3f76dd834a9ae2ab29af1bbd7b72023221c47e69	23.33%	Heodo
2020-01-17	AR2640496838WX.doc	doc	b341338022811ab111de218e305ca99facf3a53ac083bc122255f0c2c9b8fd79	19.35%	Heodo
2020-01-17	INV_76446089.doc	doc	75531f65c3988bb542828939f328dc572429bac0a0adcfbd6b81367b670055ff	19.35%	Heodo
2020-01-17	Z_05937008.doc	doc	541cafe691e8266f1c35a6b075b44aef3accad6dc2024f8bb0c11717dfc54788	19.67%
2020-01-17	FILE_102704576159611006.doc	doc	01803cd4cad276de7bde227f5eac222a512d1cdc85252fc4c34d23c36296fb05	20.83%	Heodo
2020-01-17	DOC_85637473.doc	doc	b5b1a9c9342c9be2197fc3f9fc5c0a9138b052bfc06583f9719773397f567e34	43.55%	Heodo
2020-01-17	NOU_010120_UIF_011720.doc	doc	9db035bd19c8d9db27e5c352d8e713cfdd13b9a155772e9266b18ec30d67fba7	41.67%	Heodo
2020-01-17	SW_IZC_010120_GHK_011720.doc	doc	242bf1a0026fb7d1e3e4c0187c229aed599cacc94382f096f08f8ac65514ec7b	39.34%	Heodo
2020-01-17	BAL_D6PIFAX3IC3OX8WT.doc	doc	92f80243e6766c07a9eb3c8ef28eff839d1f23a112c0387911cda51154751b9a	38.71%
2020-01-17	PAY_95H6AI5HVFR.doc	doc	48844b331c7b74aac980dd55bd8d8388d187e2d3041712303c59644ef3fa16b7	36.07%
2020-01-16	DOC_BIJ_010120_CWZ_011720.doc	doc	228da1e8833b2deb4570eb45b4cb5ceff4c62dd963e802c3a5b769ca9d28ff42	36.07%	Heodo
2020-01-16	FILE_6S3GU9EY.doc	doc	58284dd1bedbf2c82204eb15cdad07525a70b52ff1729e051ac101c066531ce3	37.70%
2020-01-16	WYBQ_JB9596492740FQ.doc	doc	a1a7bf3c673d0f16683303b44ae4f3aac3b77e1d419397ea09fc45b3a5b9dd77	n/a	Heodo
2020-01-16	INV_LOL_010120_EYV_011620.doc	doc	86cbc728df6a04a246a877012acd772a8880f516d4dd8a9bd746a3298af1be0e	n/a
2020-01-16	5ZYEPOWS7ONL.doc	doc	fa978cd717f47c1ee29bb715045047cfb33ac65fb951e80b7bd122d42879021b	30.65%	Heodo
2020-01-16	PAY_SR9386904132PN.doc	doc	8bf5586fdf5c09bd987b2246b8a60988842d2b3ca683a4fdd6f0a698d17909b0	26.67%	Heodo
2020-01-16	H_PO_01162020EX.doc	doc	9aa8f08a047314cbf2c0a541131a486282da8e2657c69fd731624e2823ada6c2	27.87%	Heodo
2020-01-16	SW_OG7UAJ5IAINK.doc	doc	1126c643bff1cbc4e48db0e96c1bb7522d89a64e31bccdf10629cc5402a5bdc6	26.23%	Heodo
2020-01-16	BAL_PO_01162020EX.doc	doc	14aea8de9f3177801134498a4f81de17f490b3cd087fb826e8383a2b1f1e7049	26.67%	Heodo
2020-01-16	F_83826139.doc	doc	fe6f474786ca7ae00ef0969337551f4f2b639e640014ba936d413e532bd994cb	24.19%	Heodo
2020-01-16	BAL_SYZ_010120_NRU_011620.doc	doc	2fab2f5e3f28d6a81ba72956df8ac00de3d7dbea09496ae791fd20a7954fe1ec	n/a	Heodo
2020-01-16	FILE_AH1189622032NH.doc	doc	cb14f2d0b46d275f3d060cb7b30c4818b33aa25ce6fef05b7aab90043c79039d	24.59%	Heodo
2020-01-16	PAY_DPN_010120_QWD_011620.doc	doc	a8daa5abd8b28562b74c89b4eb926bba5e5bfddc7746e95a5d4055896680ea69	22.58%	Heodo
2020-01-16	REP_975140268011.doc	doc	b56a6e25f16b75f974d90ac920bb38757ba86412909d0844c3195a7b0a04c757	43.55%
2020-01-16	H_04632009.doc	doc	703b07275efea992224279b516f2910a007ce6c71217c6c00557d10fd68cac74	n/a
2020-01-16	VJ7260852727FQ.doc	doc	bc1ee7ea69d36c03a940c29cfce159c7e7225fbe58610eb697e091e0b242c08c	41.94%	Heodo