URLhaus Database

You are currently viewing the URLhaus database entry for http://www.ttuji.com/87/protected-sector/security-profile/DhCut-eNwm3xJG70tq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	308419
URL:	http://www.ttuji.com/87/protected-sector/security-profile/DhCut-eNwm3xJG70tq/
URL Status:	Offline
Host:	www.ttuji.com
Date added:	2020-02-04 21:57:07 UTC
Last online:	2020-02-12 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-02-04 21:58:02 UTC to ipas{at}cnnic[dot]cn)
Takedown time:	7 days, 23 hours, 25 minutes (down since 2020-02-12 21:23:39 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-06	Doc 2020_02_07.docm	doc	ace007f793e2872353ded84bfb5b4a505dcb23fd2bc9772920797b48805d2a39	27.87%
2020-02-06	Dat 2020_02_07 P525536.rtf	doc	a2f71346cd2d1bcea1a725f2bcd860a55fd65a096f8d8260b55ad45c5705e8d1	27.87%
2020-02-06	File.rtf	doc	903eadc1bcff1ede5e8a4887d539b907837b35b6ae79a1b7cd200ec455cee00f	27.42%	Heodo
2020-02-06	File C1115.docm	doc	0395137796e0f9fe7c273562138c7e5f0c988214841e6ed4cda2e3978a98f1bb	29.03%	Heodo
2020-02-06	Mes 2020_02_06 9221053.doc	doc	cddfbd7b249d0e0ebb3f68697690544c6abb69af1cb46f3b74c24cae2d3e528b	29.03%	Heodo
2020-02-06	Mes_7099504.doc	doc	3e2e9332429ca46e97d6d5b2d39864b216599b31498ebda448a3fc2adfc78a0d	29.03%	Heodo
2020-02-06	Inf_20200206_TIL2969.rtf	doc	6518e632fa6ae2b5961ba05d77e16bbec58ffabe10c6f79557a2d1b48b2807a6	26.23%
2020-02-06	Dat 20200206 1245994.docm	doc	f538db2aa0f3b0d5482fcdc4619de24a6f283718f78c5e1cea4ccb2c92b471c4	26.67%	Heodo
2020-02-06	DAT_XZ099.doc	doc	20a0926fb970d58fb5681385d5b8bbc67f1abdfe2e240c721e1034857c14cb9a	24.14%	Heodo
2020-02-06	list.doc	doc	186ad5a4edbbc67f97e4c4d0236f263ae46435a2687639dba2a0a91edd0d6ce5	22.95%	Heodo
2020-02-06	FILE-BNE5175.rtf	doc	426f5a4910e1d8c7973f947554016a2945b0997ec5d7bbf3756cef42d9dbbfa9	23.73%
2020-02-06	MES 20200206 92542.docm	doc	54d44a585a5b93e5478ad5ec770d9c665bee492e4f228946b91312637444ded4	22.58%
2020-02-06	File 20200206 537.doc	doc	7fe4afe59b087bf542c67a12ac54ccb89eab281656477ed8bfc41ebab0e0135f	20.97%	Heodo
2020-02-06	mes-20200206-484.rtf	doc	5c3ce056d5c4c031e62f29306f27698d258d673ab890eaf2c2bd06487933aa00	n/a	Heodo
2020-02-06	REP 20200206 56733.rtf	doc	fa37e0cba4786db4ba847c2e4f9b4ee78aedbf0eea4491228705fc00980af4e8	32.79%
2020-02-06	INF-20200206-W86832.rtf	doc	346d01cf657414934f8c87af6f0ae07d23875f613db84e483f2174b6353ab405	33.33%
2020-02-06	Rep-20200206-WZN1684.docm	doc	43e38902740c39567550fd0e4c87c00947c5fe577765eb00051f0212c05d7cab	33.33%
2020-02-06	FILE_20200206_A0317.docm	doc	9e7490ea59c003826b03252f70bd3fc3a4c910d44aa5c1cf377a0cb24491118e	33.33%
2020-02-06	File_20200206_5776.doc	doc	24bc1b322505611fc96f657f00be75ad4a096d02fc3e78d4b45369b13358575f	33.33%
2020-02-06	list_2020_02_06_82026.rtf	doc	408e410322052b154cc71d747cb64f2525be9909cc3046e32fd1aee7043266c0	33.33%
2020-02-06	dat-0763801.doc	doc	58f94895848e841464a8b36d26e332a50e9b082bd7df37c1c054168929b7b34e	31.15%
2020-02-05	File-72270.doc	doc	335e92129e141d12928fdc17fbb6c1dfe8b6fa59b2ff2a4ad0c60f4f0637ee83	27.42%	Heodo
2020-02-05	Arc-2020_02_06-064.doc	doc	8f2fbc53d8f8bdf05da88e924c8a768a3553ca543aabe034572e0b0f2b38486a	26.67%	Heodo
2020-02-05	file_20200206_803234.docm	doc	85d825b74358c12b84824b2d46cf048e3dfe836a8c320d88d301331a46e62ec2	27.12%	Heodo
2020-02-05	Inf 175252.doc	doc	1566745273aeac5249400c456f82b70e870825a50ee2457479f734c7686dfb54	26.23%
2020-02-05	Doc-20200205-B4831.rtf	doc	59dd4e381b291b460fa9a19705f59aa130ec42495f72ac9010d417197166b58c	26.23%	Heodo
2020-02-05	mes-20200205-0819156.docm	doc	c0b9c90ce017a4e5196e744c7948464ff57431da4a1d820793c5aea57cc0a095	n/a	Heodo
2020-02-05	mes-VG201484.doc	doc	da0b1e331a89bd28e4338a886d224c01e9194a764a6ded30bac8b16670a589b3	26.67%	Heodo
2020-02-05	Rep-20200205-705813.doc	doc	20b603562ad65e466c27733e3ba8368c3ed83caeec165555f4a935ed0cc6d4b1	26.67%	Heodo
2020-02-05	mes_9505702.rtf	doc	1d71db32310de6088f008bda0c652b8a1715c3b98c549cfca90601bdc70c59a8	25.00%
2020-02-05	FILE 20200205 983.docm	doc	ab556aef3f7baf74127e682541cd5bb674af38a62c4c1f89ff43f09388894af2	25.00%	Heodo
2020-02-05	rep_ZOI950.docm	doc	e017e89646b0d091bc67504f4318ea078b5a279edd898f418ff735e40c432e28	25.00%	Heodo
2020-02-05	arc_PG08632.doc	doc	4a45120dce1cd34a211f66e94d6a16a0e567d8aa85527c6fa830f99691cd1816	24.59%	Heodo
2020-02-05	INF 20200205.rtf	doc	4e82c0983f4287199416515585b3322785209242527d21f73fc1213fac0da816	25.00%	Heodo
2020-02-05	doc 2020_02_05 2301.rtf	doc	add57fd6782c427fbdbab1e52f313746c594f78a352135f6961c6e7d3d9ea2f6	24.59%	Heodo
2020-02-05	arc-20200205-826621.rtf	doc	8da9b64f05685802f69618feda838a3f4331363e5e7ad48cc004353b8a4dac2c	25.00%	Heodo
2020-02-05	MES_20200205_136.rtf	docx	3002799efe2f36491f41e0c5e350a6c6ae06bdc8fbef3c1ddf753c6c2e206736	n/a
2020-02-05	MES-2020_02_05-1490130.docm	docx	3c0292963e5af1dfc8aa14b1b0408c3d3e0873fde4dd75962bd380b5aa67eb36	34.92%
2020-02-05	inf-061.doc	doc	e96b3b96851ad8f49fa155f44b5dad11bedded8a6c96898fa814e872822f3eec	35.48%	Heodo
2020-02-05	Dat_453627.rtf	docx	a464fbbd0fd6eb2e09bb5c04dd46379d3cf1c4f67eeb3f4e9f0b9f7896a2192f	n/a	Heodo
2020-02-05	MES-2020_02_05.doc	doc	ab25cd8065a0df8608fcd69bd29689ae7657b263b8290a459052ff0cfcac3951	30.65%	Heodo
2020-02-05	FILE-2020_02_05-D096174.rtf	docx	c88c5193f9ffea07709eeb7dbe053ec079f2a2d4f142fd26ca76ed7f55c6e6ab	30.16%	Heodo
2020-02-04	LIST-20200205-7568.docm	docx	f2d5330b5aa423a1c21c6f960154447080fb0b6a7747307519ce8d57a310d1a0	29.69%	Heodo
2020-02-04	mes.rtf	docx	ec4146a69e81f690514da6199f759c184964dbe031f6ca7850b4af5d0d365150	34.43%
2020-02-04	arc 20200205 FXQ79094.rtf	docx	3e807f7cb48c71df4ce8ba0a0024238ec14712f1e68e7d0c959ab376f2fbd524	32.81%	Heodo