URLhaus Database

You are currently viewing the URLhaus database entry for http://txshop.50cms.com/wp-admin/INC/mjz6d4hx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	293069
URL:	http://txshop.50cms.com/wp-admin/INC/mjz6d4hx/
URL Status:	Offline
Host:	txshop.50cms.com
Date added:	2020-01-21 00:10:12 UTC
Last online:	2020-02-18 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-01-21 00:12:02 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	28 days, 7 hours, 34 minutes (down since 2020-02-18 07:46:29 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-13	PAY_PPQ_010120_BOT_012320.doc	doc	5ca03aebbbc2fcff5ebe9dd87ea5452d628410b32b96504343c95bcd9a4af245	53.33%
2020-02-06	PAY_PPQ_010120_BOT_012320.doc	doc	3179aea37a927eee5afd36bd736d536002c273d077c6bb69b63249bb9b953f30	n/a
2020-01-23	PAY_PPQ_010120_BOT_012320.doc	doc	12097857acc64c8d928dccd8f4a31d15a7f8028a90860b0f9a69bb4ce51363c3	26.56%	Heodo
2020-01-22	REP_OH0154770287XE.doc	doc	29487cc347b96694240c5003b2fde7f8e509ac63ea9365249aa1a23c122502ce	27.42%
2020-01-22	SW_JU1427066671JW.doc	doc	669eefc104d806bd76c96aea4774af65b2fdc557d7bb93f72910014b7093d9c3	26.56%	Heodo
2020-01-22	RP_IX4450503428OI.doc	doc	0fed8a6d0f31e05943d5e786c31313260f8187f838e8ee21b42c285e41df16cb	28.57%
2020-01-22	PAY_CYPFWTTWIX.doc	doc	9756dcc678b46451f83fdfda2c1b587c0c0ed23f343a60636bf2a41683f15f20	28.12%	Heodo
2020-01-22	55397897075358209.doc	doc	1edd209142cc223e891e8dd444c153f50de141b3239f20dfad8f44bf278752a9	28.57%	Heodo
2020-01-22	SW_AH8134931075NG.doc	doc	1acea02225c6650692c85051717ea09e03791a57fe39ab10730263373f7fbde5	28.57%	Heodo
2020-01-22	Y_1EAW2IY9OWD.doc	doc	ab600b906dee873222585e34ad20f43a3eb8dbc281f88b10eac0e7ed4b8f6f8f	28.57%	Heodo
2020-01-22	SW_68634341.doc	doc	074ec6f9a2776114bc1d9e2da2250b73417843b3357ada6f17a5f4b606ab9a91	31.15%	Heodo
2020-01-22	W_PO_01222020EX.doc	doc	1e915eb0c2bb8a17312910316e63a7cd6a78b3781876e44743855ea5b984c1fe	31.75%	Heodo
2020-01-22	LQ9840477579RU.doc	doc	a8e86ce1edef7bad9f725d8f9b127d50d0a80a4e3477a2294f61bd2be001bfc7	31.75%	Heodo
2020-01-22	INV_XQC_010120_YIG_012220.doc	doc	cd1d589c80332498c1497b75ec3532ce643fa739a27ce32fc53e53551562361e	30.16%	Heodo
2020-01-22	YR75AE86ZE317X.doc	doc	609678cf042b2eef7db729034aeb79f91c90692e7182f94ba9a08b7854909ed4	29.03%	Heodo
2020-01-22	ST_5576909722265120948001584.doc	doc	ae732e2481c442c721b9c70bbbafde35384fc2d9c8e8426e67eabd9863b3e009	26.23%
2020-01-22	INV_PO_01222020EX.doc	doc	ef2c024ea8044358a0cccd5cc4d0a39745ceb272e550c3718c2617c16b822de0	27.42%	Heodo
2020-01-22	SW_YW2122362948ST.doc	doc	336ab3a461e1a9206d529c38bf94f01e340884585fe63edd765c3fd0821f68e6	29.03%	Heodo
2020-01-22	BAL_PO_01222020EX.doc	doc	a85351653bf9a0c8c76db9f4c1076418ba4fface5c3a7f373d29186bf46732e0	25.42%	Heodo
2020-01-22	8196415420501011168.doc	doc	6386c6fdd8a1eb4f6fc7bf14c51236c53a6d7dc8419ff7add51d3a75c46d3610	20.97%	Heodo
2020-01-22	INV_OQE_010120_KCX_012220.doc	doc	4608dceeebae9faa5e9e2416bee85509b67e80af4422fb61baec34056ada48d8	n/a	Heodo
2020-01-22	EV0YK9D.doc	doc	a0855eab3940a455dc8d9abb41fe9a44d09eb1153e79da6e813565d5dac82f24	19.67%	Heodo
2020-01-22	SK3624953617RX.doc	doc	8bb40f94230c4779d38d4849765d3c668b37c66d257ecbf89fe76f042c850958	19.35%	Heodo
2020-01-22	REP_GD4836793494OD.doc	doc	6321d13c864a5af9a0a39e72120db0999714232489e7bf8461b8a795db19a222	19.67%	Heodo
2020-01-21	PAY_MTD_010120_UMR_012220.doc	doc	73ae92b67a773aeb211f7520d6d98ff0b4f01babd23ad51535129e1c09c78e97	21.31%
2020-01-21	REP_WJH_010120_PLO_012220.doc	doc	97e30189b2d55dda8919c75177d0ef9f6a7922a82a9d14b90f334d3a04a281ab	19.35%	Heodo
2020-01-21	BAL_LHB_010120_UWL_012220.doc	doc	616b942341fb4aa9e7ef9a9812fc490798f6d57020915c7fdeeb4d6abd868b77	19.67%
2020-01-21	BAL_UHV_010120_GSO_012120.doc	doc	b719fe6775a43df4cc11ea66ffbb5923fd8fb3323fe1bacff9bafe830eff8658	18.33%	Heodo
2020-01-21	BAL_37787085.doc	doc	b27efe734620499ff72dafb2bd9cf0650ea42d6b08f670e80149d1a7087d4f51	19.67%	Heodo
2020-01-21	O_922493516604358548873.doc	doc	0ba2bc2d8ddd7c95e3a17870d34c390e31968ea645b5ca3c5978da28719eeb99	19.35%	Heodo
2020-01-21	ST_PO_01212020EX.doc	doc	0ac7a98f0bbf451a51cb75aa5b065d00e46c0860c7cd1c90a194e8a40a56aa93	19.67%	Heodo
2020-01-21	FILE_XSD_010120_RZF_012120.doc	doc	2f2a0cf5f701e2014ef05a565aab080235be85106bd630e67bb5c9e1aabefad5	20.97%	Heodo
2020-01-21	SX4719715611QM.doc	doc	e66db17dd18cb67fb844077a28bd0374fc21fcae8531576e65fc8ec755c52407	21.31%	Heodo
2020-01-21	V_QOQ_010120_PEJ_012120.doc	doc	ac0a043ddb5cd2ef939889a7dface6d1464766b504e1cf491e8d05d6983e0d12	22.95%	Heodo
2020-01-21	XV0651359211RE.doc	doc	e4932995a94e0c841f96d023503d1a1bb8e8278fe5478a736b9a4cbc83283ab7	n/a	Heodo
2020-01-21	FILE_ZSD_010120_IQG_012120.doc	doc	0e9e43c0429b560afae123776797b95528cfb7b3564487c82a25a57c81570144	n/a	Heodo
2020-01-21	TCSL_72942745.doc	doc	02ffafb9df3c1817c1407b645b452bf63dea66ee2992bd41a6a1dbc7ffed0bd3	21.31%
2020-01-21	FILE_981457961242030.doc	doc	73deaf5540bdd8aa881f769754e29998a7f895666230e06afc6a7452998d6067	21.31%
2020-01-21	INV_527541263945.doc	doc	1a54c57512dbcac388648552cf8ec7536827af1c60f032cf6b3b6fc3197033c4	38.71%	Heodo
2020-01-21	RP_47888053.doc	doc	a02cad1bc2e1e070005d123abd1ed33ef20a502d65d597145a77c7f1983a8888	37.10%
2020-01-21	O_DP2271213259OI.doc	doc	97f55cd9a4169904bb304d25dec8f7e772082dc8c1aa3468206307bb6e95df26	28.33%	Heodo
2020-01-21	INV_PO_01212020EX.doc	doc	6f95ea0f92c00748e1215edfe2c7b4c7e772776fc5e4c48e67ead100f4c5c835	26.23%	Heodo
2020-01-21	DOC_PO_01212020EX.doc	doc	852d7c2fe2e50b54bcc8b4bd89978251dbcf736f134ce9226fbb287d77394db9	26.67%
2020-01-21	O_3556253167733909608305.doc	doc	df533b50a5025d7357f0b73c84d71956e33a9e636ee8d344035cb3074936672a	28.57%	Heodo