URLhaus Database

You are currently viewing the URLhaus database entry for https://zdkxww.com/ceshi/available-array/95d-7j8vrz1701bpjjz-space/liaedpfqek65xwrs-twsv900u1xu49/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	308908
URL:	https://zdkxww.com/ceshi/available-array/95d-7j8vrz1701bpjjz-space/liaedpfqek65xwrs-twsv900u1xu49/
URL Status:	Offline
Host:	zdkxww.com
Date added:	2020-02-05 10:57:37 UTC
Last online:	2020-02-21 05:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-02-05 10:58:06 UTC to abuse{at}allcloud[dot]cc)
Takedown time:	15 days, 18 hours, 21 minutes (down since 2020-02-21 05:19:45 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-07	Dat_20200207_57146.docm	doc	2db833801115b3a0d6c7f672c0a0e316e80349adb0f400577cc3c590c7fb5d8a	24.59%	Heodo
2020-02-07	rep_2020_02_07_NB62245.doc	doc	9f2b441a576b8b1d1a2af975d5d53633a4000ab8ca1f6df2e88312e175a47595	n/a	Heodo
2020-02-07	file.docm	doc	e3adf368b634569aa1ca2545bb340ffb5df4c918cf629e3afec00b6f43d444fc	24.19%	Heodo
2020-02-07	Dat_442127.docm	doc	4d46d038cd9f2a48555e70846240d75457b23f0c3a192d9a9bf8a498ea35e2ce	23.33%
2020-02-07	Arc_2020_02_07_527.rtf	doc	006766d9879f75d74de2c385ce8418fb838989af2046d8d329ad6ae7dc6d26eb	n/a
2020-02-07	dat 20200207 50009.docm	doc	88d2e0f1e728a7142e0fa0f277f4020c91bb5e4222ccfd8162d9e0b6beb60e5a	43.55%
2020-02-07	LIST-VOQ3758.docm	doc	60a2db35f6a200f89387811492bf70f40551c72578c80be36bc21dc7abbcce67	43.55%
2020-02-07	file 20200207 BUM876.doc	doc	ae0dba6208040d7656556bb876279d0ee3708e7cba62fdf3777e81466021bcee	n/a
2020-02-07	Arc_20200207_QRZ105.docm	doc	951c41a81d18a2577f97934a32f1a28463dc7cdf7b4118ed040c35ae62864843	35.48%
2020-02-07	MES-796.docm	doc	4de743bb5a807944570907fec4e4ca12efe2016c5c50e04f718ed117b26a76ee	32.79%
2020-02-07	INF 2020_02_07.doc	doc	4ea3c2e1f6d051de33d5c37e2dc88e621ad3ce6404691932b5787393c76fe8a6	30.65%	Heodo
2020-02-06	List-20200207-7558.doc	doc	2ab5454468bf092401bb674e12f9577b0102b97450e07cc6ffdbaec61eb40953	29.03%	Heodo
2020-02-06	dat IYE6887.doc	doc	ac7760c7ac85f9e8058a9af1862e8b503ba18efe9bf1ebfc820845a33714ea8a	29.51%	Heodo
2020-02-06	MES 20200207 000516.docm	doc	76ed65f4166ab70a504fa0c58b5fa4d5afbbdf92c3b7770185b137ac87aa37ed	29.03%
2020-02-06	Inf 7679.docm	doc	b6a866cd6767e85ce9779e18601e4ff38f6a25e8bf459d47936489b9d58ba9c9	27.42%
2020-02-06	Inf-20200206-YXE504901.docm	doc	69caf04e8e1e56614bea23015c10066190147415d1c1699accdc79c49531cedb	29.03%	Heodo
2020-02-06	rep 2020_02_06 91160.docm	doc	0395137796e0f9fe7c273562138c7e5f0c988214841e6ed4cda2e3978a98f1bb	29.03%	Heodo
2020-02-06	FILE 2020_02_06 975985.rtf	doc	43f10fe26a0ef0775cf82202ccdb01f65cd38e6aab4086fa49b4b2391da9f0a8	29.51%	Heodo
2020-02-06	Dat_U64566.rtf	doc	3e2e9332429ca46e97d6d5b2d39864b216599b31498ebda448a3fc2adfc78a0d	29.03%	Heodo
2020-02-06	FILE-2020_02_06-ZN4671.doc	doc	e2242f427a47cdd239a61505c64bb7956f2c451a95ae9dfcf44f845fafeab46a	25.81%	Heodo
2020-02-06	mes_7579.doc	doc	3c9d9f7c089af3d74e37371950a676a966f7160c531930a218fcefda342beee9	26.23%
2020-02-06	LIST 7420843.rtf	doc	20a0926fb970d58fb5681385d5b8bbc67f1abdfe2e240c721e1034857c14cb9a	24.14%	Heodo
2020-02-06	INF-3332.doc	doc	b99125a74c2d36d2875478ee03096a69ad74f272c1ced98d2e22ea0f2a3d3191	22.95%
2020-02-06	LIST 20200206 TG04555.rtf	doc	186ad5a4edbbc67f97e4c4d0236f263ae46435a2687639dba2a0a91edd0d6ce5	22.95%	Heodo
2020-02-06	Rep-Y1716.doc	doc	5c65f21a3869e1e15433c2263d8dff3827f622520c972b12f4686250b8e68018	23.33%	Heodo
2020-02-06	list_2020_02_06_WXZ9255.docm	doc	de051ed1500a8c104656fd5cdfc8735affb7c0bc996b98ab0872bedf6d4172ff	n/a
2020-02-06	Mes 9397301.docm	doc	7fe4afe59b087bf542c67a12ac54ccb89eab281656477ed8bfc41ebab0e0135f	20.97%	Heodo
2020-02-06	rep HK417.rtf	doc	7713e180e8a62f6041738a796b29f6efeab8431f8b6425016a4242f64df7061a	20.00%	Heodo
2020-02-06	mes-HI695054.rtf	doc	fa37e0cba4786db4ba847c2e4f9b4ee78aedbf0eea4491228705fc00980af4e8	32.79%
2020-02-06	ARC_639190.rtf	doc	c7662c41a76803dcb646c8d920e316033baf7eaeda42b42305d4bab1a3a49fbe	33.33%	Heodo
2020-02-06	arc_2020_02_06_XLZ50414.doc	doc	43e38902740c39567550fd0e4c87c00947c5fe577765eb00051f0212c05d7cab	33.33%
2020-02-06	DAT-20200206-LU72462.docm	doc	702b22d598064f664dd6fbf97fb50364269f0215cbeabf867165861dd0b7d82e	32.79%
2020-02-06	rep 20200206 311.rtf	doc	9005832cf404bc1202dcad8865b5250a9826f2fa18a6e23ee0a7e705c1d63ab0	33.33%
2020-02-06	MES_676.docm	doc	24bc1b322505611fc96f657f00be75ad4a096d02fc3e78d4b45369b13358575f	33.33%
2020-02-06	File_G054.rtf	doc	77016ff9da8e219908f060ccb135597a6d365ce13a53cb4f40e13ec91bbc37b3	32.20%
2020-02-05	inf_2020_02_06_25920.doc	doc	335e92129e141d12928fdc17fbb6c1dfe8b6fa59b2ff2a4ad0c60f4f0637ee83	27.42%	Heodo
2020-02-05	Dat 69236.rtf	doc	1ff329d123574f88d28f8fa9b93d185f2e70000a4bc1a630ee58c293b6d365f5	26.67%	Heodo
2020-02-05	List-2020_02_05-2874700.doc	doc	1566745273aeac5249400c456f82b70e870825a50ee2457479f734c7686dfb54	26.23%
2020-02-05	file_20200205_POF48568.rtf	doc	79b3a51440b181671112045cb234739a360169bc4c6ccdb30a3907a50a055963	26.67%
2020-02-05	Dat_7930.doc	doc	c0b9c90ce017a4e5196e744c7948464ff57431da4a1d820793c5aea57cc0a095	n/a	Heodo
2020-02-05	list 20200205 364.rtf	doc	59b1973230dffbe699193f1b10773d0e327fdde500ae9ce1a1af2024c5f38140	26.67%
2020-02-05	List 2020_02_05 OHJ762.doc	doc	4bda34084014e21ceb2db8fb9003f36f4b3a7bd5a8bcfb9b1badbf13529a6d84	26.67%	Heodo
2020-02-05	list_2020_02_05_1829.docm	doc	1d71db32310de6088f008bda0c652b8a1715c3b98c549cfca90601bdc70c59a8	25.00%
2020-02-05	File_2020_02_05_037.rtf	doc	371850e54872c538a8464ca44e70aeab03d5b92f663761bff7af669a5de8fe5f	n/a	Heodo
2020-02-05	inf 20200205 68037.docm	doc	ab556aef3f7baf74127e682541cd5bb674af38a62c4c1f89ff43f09388894af2	25.00%	Heodo
2020-02-05	Rep-558.doc	doc	e017e89646b0d091bc67504f4318ea078b5a279edd898f418ff735e40c432e28	25.00%	Heodo
2020-02-05	Arc_US8452.rtf	doc	1c936bf571a3cd6deb6e4c3a2f6e49abc2c37cdcf843f955fe7f002b5ad49776	n/a	Heodo