URLhaus Database

You are currently viewing the URLhaus database entry for https://www.zibofu.com/img/kEnbwzvVT/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	308465
URL:	https://www.zibofu.com/img/kEnbwzvVT/
URL Status:	Offline
Host:	www.zibofu.com
Date added:	2020-02-04 22:35:20 UTC
Last online:	2020-02-14 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-02-04 22:36:04 UTC to unom{at}ucloud[dot]cn)
Takedown time:	9 days, 17 hours, 5 minutes (down since 2020-02-14 15:41:58 UTC)
Tags:	doc emotet epoch3 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-06	Inv-AL99_0055934.doc	doc	9f32e4c7cc39fae73045b625140d782b1dcf5b5e592d899da32f46a708f4b9b1	29.51%	Heodo
2020-02-06	Inv W96_119687559.doc	doc	0d52884323396c99de2994a867ebe7ccb325a7a33a6ae3317f4290517232a3ed	n/a	Heodo
2020-02-06	Inv_ST315_36915867.doc	doc	4a24444820e9cbd0c73e0d97f291e4679d283f5c6fd44db547c58a37d62b4b83	29.03%	Heodo
2020-02-06	Inv-04_517048661.doc	doc	cf97fc92739f7d431c0d391d38dfe6096c9fb8689a40a8754a5bdcfba6f97fbb	n/a
2020-02-06	Inv-YZ494_204138.doc	doc	6c06954cbc088900ecf406f49cd3620cb6152c02121a754986fb65f7935bd043	n/a	Heodo
2020-02-06	invoice-KMJK2967_669550.doc	doc	6ebbb4bcb4b52533f8fbbcc0a2a7691cb7e670688b6930fb73868507dd71baf4	27.87%	Heodo
2020-02-06	Invoice-J8265_5074646.doc	doc	a22067b37f97aa4ed866b27ae8891c6af526a3b0ef093d55e638577cf66567cb	n/a
2020-02-06	Invoice_OK59_047513566.doc	doc	81fae48623d822ab3081546ad2888a2ecb9c1c93e996888dd154be91b9d8ff74	n/a
2020-02-06	Invoice 3_481895208.doc	doc	f529e7394604d172959df3fb126f30946377ffcbed5a186bee86ce1ae13a2902	24.59%	Heodo
2020-02-06	Invoice_S490_207145.doc	doc	e10f7b95c27f399f5a1a28c5e94c61bc47ffb9f8bd9ab3bb562cf27be6460e88	26.23%	Heodo
2020-02-06	Inv_0241_5348317.doc	doc	d8a98e712d6775091bbcdbe1e2b1ed30135d7fcb59a9ec4ce71bd80823438c5a	23.33%
2020-02-06	Inv-118_780142.doc	doc	bb7e9b7e57b944f2a0191cc0ef6e8fcb0cb24c61758a836379f80137bfef9cb1	22.95%	Heodo
2020-02-06	Inv-ASBT2327_9268353.doc	doc	b0568d9ff726c394e4b6a7b7a59c6dcccfff57c4d618bb531c30dc3ffa5aaeed	n/a	Heodo
2020-02-06	Inv 8_98469451.doc	doc	c137f96ad20933f15cbd33dd13a59de4aa1b0e84ba2d9ffeca8835eb21d271e8	n/a	Heodo
2020-02-06	Inv-PD375_2524096.doc	doc	a71f70e5c9147e91776353601d4c7ddf221e1776266686d334717a70d113fe31	22.58%	Heodo
2020-02-06	INVOICE-F7152_8814630.doc	doc	5f1d9dff136888c71d8b157e91821d73a94faa92af1bdc04912d223b7b1de32d	31.67%	Heodo
2020-02-06	invoice IFXT251_049689.doc	doc	aa1a76b81c26b3039f992fa97b4738751e8bd457072a3c63260ce986b96488ed	33.33%	Heodo
2020-02-06	Inv Y5_56446810.doc	doc	9eca08bea00fec73f8bdc769abf28f857d39de7d922c4d0dfd4017dc5981d2b0	33.33%	Heodo
2020-02-06	INVOICE-TWG7_7101556.doc	doc	c7b6f46f5a55f557c829d3a1e6d171b7fc2577517bd72b3219b805304f56a2fd	33.33%
2020-02-06	invoice_NHU82_988961233.doc	doc	1065371a2d78cd0aab5f8bf32772f611df9ef917c441a35bb0a84d051c8647f2	31.15%	Heodo
2020-02-05	INVOICE_RZ4_277546.doc	doc	fbc7e227ec8bd45144bdd33ac13c8a9b563282ce2c47bed6f613e71ed22dea4b	26.23%	Heodo
2020-02-05	invoice_ICM8_727715273.doc	doc	10f919530c917ae446dda34a70e6c51343f7cd00368b4fc1078c909c80df7d22	26.23%	Heodo
2020-02-05	Invoice-KGA42_0533208.doc	doc	4152d52f1411482170163f5c1a548319cf7bf6b6e3b95a2d5dce87a21ef76708	26.23%
2020-02-05	INVOICE-XNG3_748452.doc	doc	a2de78a3a39c2c5d3d3c617de7f83a6ee2ba59eeb411de1095a208d4b21ecffe	n/a	Heodo
2020-02-05	Inv_9285_912554.doc	doc	710cf49cc2e88e70dca61cf80d2b6fed3cc9da29c01dc5067cc97110df25ff96	26.67%	Heodo
2020-02-05	invoice-03_690755.doc	doc	80ff1f7758139fb61d82afe12894afc778068701ba7fc6acc78f1e05b8e6d90b	26.23%	Heodo
2020-02-05	INVOICE 82_077137.doc	doc	2592177b8fc2dad7890e1d568a33bde6b00c015fc0c96dbccf47299f5f0953b2	27.87%	Heodo
2020-02-05	invoice QIR59_84868273.doc	doc	96d1b5d403e6b4250eec9ffc4b8167f47fb96ad00208299b8de9f645762ef2bb	26.23%	Heodo
2020-02-05	Invoice-FV966_071525385.doc	doc	3d86715a18dc19cdf1364d58ff7deee2c387cde502de5b43166a7c0d98b2a24a	n/a	Heodo
2020-02-05	invoice_IQGR440_121041.doc	doc	446c9664a7a29f18d084223fe43663b01df9ebf01ad93cd95cacb6f1e64e68fa	27.59%	Heodo
2020-02-05	Invoice 4564_580790.doc	doc	fa5927f2181dbeaef9cab75616169a02fe02b41df92e598cabad444619c3befc	26.23%	Heodo
2020-02-05	invoice-GLF93_772934.doc	doc	6e6b6b51d4a9dd7f74e82c53490f95ead4a4d2a9a4adb06f1cbd991bc2b225a7	33.33%	Heodo
2020-02-05	INVOICE-5438_06227649.doc	doc	d753eaf7b22aea01dd44dfba5b9fc26ebb5677f4a713b4afa69d8c34efe836f0	33.33%	Heodo
2020-02-05	INVOICE-FJO720_488232.doc	doc	471942cfd9aa93923bc0f054e64201217913ae24a3e192919207202918c628fc	32.26%	Heodo
2020-02-05	invoice-WDUX5_79612409.doc	doc	50ed2de7492f944d8a34c9d454c3757a58d26078f91dd5de90ac595eb6279dc7	42.86%	Heodo
2020-02-05	invoice-TEGJ68_78163316.doc	doc	25d98e7b0341be2da85f8fbbe279863673a1b0744c9773c8f6bcaa0c0666c935	34.92%	Heodo
2020-02-05	Inv-3_5307849.doc	doc	fe95a5f68fe689f22c1ba6e479febd867fbb29760f0063700ad27d7d8b482d67	34.92%	Heodo
2020-02-04	Inv-21_61431186.doc	doc	c01faf044c1df797bde7ae50e931236add55e532401115f33435ad6802eeb184	33.87%	Heodo
2020-02-04	INVOICE WRVS62_7058803.doc	doc	71cb0a76ffe68d03665445da985c3949ee036259e2d5cfd300e18bbc6b17a5ac	33.33%	Heodo