URLhaus Database

You are currently viewing the URLhaus database entry for http://kualalumpur.samanea.com/wp-admin/closed_disk/test_eDSmXk1l9I_6FZW32aU/eOZB56Rb_Ju25tu3y6nzn/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	300740
URL:	http://kualalumpur.samanea.com/wp-admin/closed_disk/test_eDSmXk1l9I_6FZW32aU/eOZB56Rb_Ju25tu3y6nzn/
URL Status:	Offline
Host:	kualalumpur.samanea.com
Date added:	2020-01-29 03:43:09 UTC
Last online:	2020-01-31 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-01-29 03:44:03 UTC to qcloud_net_duty{at}tencent[dot]com)
Takedown time:	2 days, 6 hours, 40 minutes (down since 2020-01-31 10:24:22 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-01-31	List-JWI138768.doc	doc	a7eab93ccef05320d0b18ab0da86b5cf916b2e1aa536562d71bac0a1a4fda68f	37.10%	Heodo
2020-01-31	doc 20200131 OEX026.doc	doc	8cf8b5bd984c809a86c9c425d500393b50115233149a953678de79dca4bdc223	35.94%	Heodo
2020-01-31	rep_20200131_JA082648.doc	doc	95e97a58c14852a0f72290721cde5276dd7d9255c97e0bf0c166a85955db30af	34.38%	Heodo
2020-01-31	list-20200131.doc	doc	8ac6cda8c7b4094b736c508bc231f782f410a72cecec097edb943014ce610585	33.87%
2020-01-30	Rep-2020_01_31-ORA08527.doc	doc	38ed0185799cc1cb1e2fcfea1f554229ad2ddee7695a8eee704426cf83a6b7e6	33.33%	Heodo
2020-01-30	INF_20200131_1448.doc	doc	7e928307f956ba7153481f9c5ff422807d3b210a51be147e9fe988fa41d392c4	34.38%	Heodo
2020-01-30	rep_2020_01_31_HIS384312.doc	doc	5d669f3035b344006960d92b8e182bc4805b2f45783fc1393e39b27498e25cba	34.92%	Heodo
2020-01-30	list-20200130-433.doc	doc	3d0d29f9f42fa9d58abba5af05b9a74a48a861b54ea5a1759c4115bb77bf8801	34.92%	Heodo
2020-01-30	Dat-20200130-VP7174.doc	doc	88d2169711b161c4ef3ad2a293d5d31f96681e8341468acf5a7d8f77296a0649	39.68%
2020-01-30	Doc-2020_01_30-468782.doc	doc	162e460256ab76b13ecf9daf16f1867bb2e13925b3894c8f56fc2d360781c389	38.71%	Heodo
2020-01-30	Dat 2020_01_30 3000343.doc	doc	2b5bdd3bfb73fa7e1bd1b322c377a0ffd4386f783c6658748a15a25679b09b51	38.10%	Heodo
2020-01-30	INF 20200130 8240641.doc	doc	11078ef33eb1bccdd13fee326af0b5a51e5d9bfb1335c25004cf281c01ccfdc3	37.93%	Heodo
2020-01-30	List 2020_01_30 6779.doc	doc	33bff75b0b0477fe5ebb1baa53a6e72f2c569227d8ab61eddac59592d02d28fa	32.26%	Heodo
2020-01-30	doc 20200130 RA964597.doc	doc	2d865b1d71a6827ca4eb3b7f884d08cc2acbcea2e862ce53a15cea4128959e8c	30.16%	Heodo
2020-01-30	dat D9218.doc	doc	dbafc866496ce6edbe3c92ff5b13a847d53b29e211c6061de2f2881c8301233c	26.98%	Heodo
2020-01-30	rep 2020_01_30 U065450.doc	doc	6cbdcc0ba57b84c01a9533651f01585aee4755d88da9396ea266f936201496c6	29.03%	Heodo
2020-01-30	doc-20200130-U240349.doc	doc	6686a87ce4ec03815de4f384705a2a876aee4195ecaabf95d727a6d63030d4e8	29.03%
2020-01-30	file_S9230.doc	doc	093fe06865cc5cd449e9684d621efaf181505881f5e0e818b0ec9c4459ef1ba9	22.95%	Heodo
2020-01-30	DAT_2020_01_30_VB094320.doc	doc	ded73d524fe7544ecb69b5779a5bddbef01386b55ac338c83fb4d25d31745584	25.00%	Heodo
2020-01-30	rep-20200130-9194.doc	doc	cbfd00a796bdd447134f7dc1f38823e8e2eefb7075068cc197ec67c044ecfc24	24.19%	Heodo
2020-01-29	List_2020_01_30_3440.doc	doc	0c899fbd963450fdf0d3d487fd91c0ef00e8c4191115d99d58a6b75476b06254	22.58%	Heodo
2020-01-29	Dat_2020_01_30_CU083.doc	doc	2c7a2ffff7a4a2fcb7a86235dafda3b02ce67330155e00a22408d6c14b2f5caf	40.32%
2020-01-29	arc-20200129-9920.doc	doc	e49d66744b97eaa47dae870c0fdd5f6b3a52e1b2245e8567ffa6b8a344663fe8	34.92%	Heodo
2020-01-29	file_20200129_DDI428084.doc	doc	7e8c0e91d30b485bed7963d9d3169c243edb3f5f2ce5e8049df4731007ea4d61	32.26%	Heodo
2020-01-29	Doc-ARZ449.doc	doc	edcbcb15f211dd24abf15ab6fc923528a0836b3e8dfb5bfab6742a5a9ef384ad	30.16%
2020-01-29	arc_2020_01_29_9639205.doc	doc	c0ebbfa695c1e2d054d32b340956dfffb4c155a4e420caaf593b0f1bbccbbd18	27.87%
2020-01-29	dat 2020_01_29 261.doc	doc	a6f8d6e5f80b47b55146e82c61a78c5ed8c451bcb68d157dee574d02c768ba30	26.56%	Heodo
2020-01-29	ARC-2020_01_29-VGH924240.doc	doc	1b2ab9713101a1224f92f7b670acc6debff91071765f456e98552b87fe6c6750	25.81%	Heodo
2020-01-29	FILE-20200129.doc	doc	ec9b05ca4512e2e594339751e698ee57b1373c749a8c8b26cbe5c79dc1e978cc	26.98%	Heodo
2020-01-29	FILE FPI719874.doc	doc	a570252bf1c2fa10675c88c55f9ef2362c2c7d3ac6e6bc1400102a49f2aac861	n/a	Heodo
2020-01-29	Dat-2020_01_29-713.doc	doc	aad9025b37d955a0929dc76185e7b87d374e735e3a30a258bd549dcfc7a1bf27	26.98%	Heodo
2020-01-29	LIST_20200129_93081.doc	doc	f8a5336b371ee216fc6fb0d0b23eca343a30c1d0ff719e61a847bffaaaf64a21	25.40%	Heodo
2020-01-29	arc_7027744.doc	doc	9e66ad03e7885710b534addc2f0c5637987970b3c6185b27cb42a4fcfa06dfc9	24.19%
2020-01-29	Mes-H23542.doc	doc	94e0d6de6118c26179d6f05dd39b5583f1fe79c66151f666734b93a655a71930	23.81%	Heodo
2020-01-29	REP_3968042.doc	doc	c2b2cd3b90f72db2fc325fdac1161626765153b7cb874ee42bea9fe3caf0eb6c	25.81%	Heodo
2020-01-29	doc 2020_01_29 687403.doc	doc	d6548725e281a6fac0ace4af505c15a21b8e1582ab951ad62e29dc42cae45885	n/a	Heodo
2020-01-29	DAT-20200129-4864774.doc	doc	f5c5c5efd56a06272577f6aa8fde6fe22660095ec9332d7449f3e0769fa11b8e	42.86%	Heodo
2020-01-29	Rep 20200129 4814.doc	doc	f91280092134731c71224191a19c89ea78bbfcedfcf8aeecc76d6f4483043d7e	44.44%	Heodo