URLhaus Database

You are currently viewing the URLhaus database entry for https://xcxcd.360aiyi.com/pgdt77wo/skH/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	302165
URL:	https://xcxcd.360aiyi.com/pgdt77wo/skH/
URL Status:	Offline
Host:	xcxcd.360aiyi.com
Date added:	2020-01-30 05:17:12 UTC
Last online:	2020-02-04 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-01-30 05:18:02 UTC to abuse-noc{at}west[dot]cn)
Takedown time:	4 days, 21 hours, 19 minutes (down since 2020-02-04 02:37:58 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-01	invoice-IGY67_195393.doc	doc	970df6100d8375af169bb259df2c7bb1ad641294e34ed57dc3ad02a38371b4c7	36.51%	Heodo
2020-02-01	Inv-DA8714_9504156.doc	doc	b8293e1621d18a41ab502785bdf7c9db017b758601839425ee13e60cd88b9d47	35.94%
2020-02-01	INVOICE G9802_805118868.doc	doc	33b3ec4162e08d960a63f59db559c88ea8d64d270e61f84b3df6c1e712447831	36.51%
2020-01-31	INVOICE_QO5_3987265.doc	doc	0e515b40fbfacc6e1f632f89fda79c5bc01fce11baf9bb015aba19ede05b2775	38.71%	Heodo
2020-01-31	Invoice-IU6_017559.doc	doc	291fde1b7df03ea3c7e5e4db7fc76f74ac51dd876d9295da30fa9b7ad026388d	32.26%	Heodo
2020-01-31	Invoice-NK849_060636491.doc	doc	13da986a6313e4f7d8bd759fab4372e49889bc08c005eb19c7942cd26b3d36d3	31.25%	Heodo
2020-01-31	INVOICE LTYX4214_37379770.doc	doc	7d36bd087bf192b32fc6a40a94b79081e1d7d25d356a9697a158b29bcc1d073a	n/a	Heodo
2020-01-31	Inv-H9582_173432.doc	doc	bc79e24ba2ac5c6cfe39026ed82318cd18feb73fd5f8987ffcf5b7f9cdd9af0b	34.38%
2020-01-31	INVOICE_96_635100125.doc	doc	48aece09b58178b17b2a09cebbb26f2da0bc3e6140b65d86b642060ec00689e5	33.33%	Heodo
2020-01-31	INVOICE_FT2_81080019.doc	doc	3e43537c29e5174e6e982ff2cfa6b7752413a26de10839b58420ceb8a425c316	28.57%	Heodo
2020-01-31	invoice 5233_288785197.doc	doc	e01b9d1ec39ab6b746fab54011b045e107974f3d979db52766632eec495d9b59	33.33%	Heodo
2020-01-31	invoice-547_9106539.doc	doc	cf5dba5032b0f5bb0d64f3622bfeb7e35d27c6892d6ba1daa6f07cae87b1566e	20.31%
2020-01-31	Invoice MKQG77_549287.doc	doc	02d0fca16499272621f28342b9c41dfc3c6133eb9cc3d485b8334de09bc9825f	22.03%	Heodo
2020-01-31	Invoice_I6_59798581.doc	doc	0668a44b54d70499bb0ba03c8fc66fe388ac0acdbb91c6284ea3683c00aad183	17.74%	Heodo
2020-01-31	Invoice-GYH5_5729627.doc	doc	3566860336b023d9bfc9ea68bdc1228a6897a65cc344973a63e87b04a41c74f1	20.63%
2020-01-31	Inv_JOPD24_39697693.doc	doc	e37ea56013de3f5e376abe94907f943d3d382cac1855f56a3841694118a80c80	20.31%
2020-01-31	Invoice-562_1009940.doc	doc	fc244aba71a46c59805f50c5e9bfbed39277b6c94199062748330ab074a89a11	20.31%	Heodo
2020-01-31	Invoice_DKUD365_418114.doc	doc	1fdae9fc6aa69ff362c050d3b72b7ea035f4347be47b332d1cf733a6a60ebf62	20.63%	Heodo
2020-01-31	Inv-P1_381463722.doc	doc	ae1cdc48a32c38051b8709d02ac807627572fa24244b491c0d3c9fdb7e73da8a	36.51%	Heodo
2020-01-31	INVOICE_GKWM4_452773703.doc	doc	27d755aa7bf58559ed73cec0d481fe32fe0d81d2f18da774763c0da9e5c15b5b	33.33%
2020-01-31	invoice-REM8_50863079.doc	doc	8a06475b5843111147926b32b1aecdad3780400157cfae38379d64a78b36139f	33.87%	Heodo
2020-01-31	Inv_J0_287323042.doc	doc	5f956252e9f433a4b7675b2422ef016eac5627672a114bfafbc0c667a22db5dd	34.38%	Heodo
2020-01-31	Invoice_Y792_61960985.doc	doc	8dece0d2130198c1d3acb7688f96392e3ded40745d7d8f7c01f03337209801f9	34.38%	Downloader.Upatre
2020-01-31	Invoice Q0_254394306.doc	doc	ae370246a5b55b8f9dc4d3d0d7041d03f466f3d4260bf0beb48ff4dfa85a5b11	34.92%	Heodo
2020-01-30	invoice_R1015_974930682.doc	doc	228960ea68978d82cf8f245946c0522095c90c78bd4a188a620e87d306c2619a	34.43%	Heodo
2020-01-30	Inv_U2_190352816.doc	doc	344ec62beaa38421243bae13fa80d39d7457a5c8a11c3347366c3e638d1326e0	33.87%	Heodo
2020-01-30	invoice_FFYB3958_994064822.doc	doc	55e09691a61d983f8bb5cb7d81ca1c07171d3248c62cfcd4f3b1a89f5e9a66f1	33.33%	Heodo
2020-01-30	Invoice-R5284_428821.doc	doc	0cd2361c959ed9e7e67f305e10241dac8c04cf6aa8816a02fa0ecd57f3b8e66e	35.00%
2020-01-30	invoice_O5049_507058.doc	doc	2e05dae96f07956982b9edba6d64d8668b4ff90f56d548ce2ef2feee40a6e6d5	39.06%	Heodo
2020-01-30	INVOICE TXZ232_0896392.doc	doc	4817eb0931e095dcd5ad20af4725b2da9bb8bd800841f34789aee319897eac87	38.71%	Heodo
2020-01-30	Inv-C8_4317440.doc	doc	70029b2efe245977665727cabe746a92f951297bf034a85f96c12a828c18a682	38.10%	Heodo
2020-01-30	Invoice-4_1554555.doc	doc	444380961c88bf398e9078529bf648cf7f4cc69a583fea9d036c4427e533d8c5	34.92%	Heodo
2020-01-30	invoice-COAJ5975_498083543.doc	doc	c5a0f28856e753658d7979a6ab18b47e0a0b4166332f19e992f0091bdc09afe8	n/a	Heodo
2020-01-30	INVOICE WL3027_31046765.doc	doc	d204a8808c41d9dbf3ad604139c838f916986ce563143b7e41b33c85d22d5973	n/a
2020-01-30	Invoice UJTT48_21116692.doc	doc	5452b9448c3310adaa86f6020c32d6ae4727fce5049f613ad9242e2f35e94eff	26.23%	Heodo