URLhaus Database

You are currently viewing the URLhaus database entry for https://shagua.name/xjj/vNcts1QRe0-NJt7cc3-modulo/zIPilvMeg-D8Q2k2pUttt-zIPilvMeg-D8Q2k2pUttt/NJZv1p-2ze0zyzIr3/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	309600
URL:	https://shagua.name/xjj/vNcts1QRe0-NJt7cc3-modulo/zIPilvMeg-D8Q2k2pUttt-zIPilvMeg-D8Q2k2pUttt/NJZv1p-2ze0zyzIr3/
URL Status:	Offline
Host:	shagua.name
Date added:	2020-02-06 02:49:12 UTC
Last online:	2020-04-18 05:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-02-06 02:50:09 UTC to ipas{at}cnnic[dot]cn)
Takedown time:	2 months, 12 days, 2 hours, 14 minutes (down since 2020-04-18 05:05:07 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-02-07	oferta-F462308.docm	doc	c59dc2c1dfeeb1396f7d5c6dd909f830da34247b35cb8610414414385eee6fb2	24.19%
2020-02-07	OFRT-p982mq5305.rtf	doc	b78604080c721c59f488c01bc4ca9e86ac375242397666a738689216dccf54c7	n/a
2020-02-07	oferta S143811209506.docm	doc	8f3a0e19e00397efb39708dacfd129d2722146fa6d169e6a7c601c0cc02a1359	24.19%	Heodo
2020-02-07	Oferta 1716379235556.doc	doc	5480139ad1a7d156879a92736b3feda1f6e9bb49c6b7bd8b92471e76e92fa60f	43.55%	Heodo
2020-02-07	OFRT-02_07_2020 73306861442877.docm	doc	88d2e0f1e728a7142e0fa0f277f4020c91bb5e4222ccfd8162d9e0b6beb60e5a	43.55%
2020-02-07	OFRT 02_07_2020_45316998.doc	doc	fdeb04909ae31e34780d50be105ea57867dbba4d1306ce1b536dcbf132d96772	43.55%
2020-02-07	Oferta MAA724218_8258266792.rtf	doc	ed52942baf8ed14a9b9da31174f471dd978344583c83f0851abbbfa219f15167	41.94%	Heodo
2020-02-07	Oferta 2XH984924086954.doc	doc	8e6abe5bf56e9dbda4b891c693256da6a372b0bff0aa7047df4be981134d8e07	36.07%
2020-02-07	Contrato-145946460673.docm	doc	9707abd47ef72798f3d0aa3c5f58c076f401350bb34bef7d5c7660108eab8e42	32.79%
2020-02-07	Contrato-8n09m0.doc	doc	24cc00288998f8deb1ec06f90b3dc247584cff225033e281607b281525f98c91	30.65%
2020-02-06	OFERTA_02072020.rtf	doc	0b878e218014a87bc4674a3f8c7113b207cf3e3203ba565c9e3fcf62cb5f18d6	29.51%
2020-02-06	Oferta p133p6q94366503.docm	doc	ac7760c7ac85f9e8058a9af1862e8b503ba18efe9bf1ebfc820845a33714ea8a	n/a	Heodo
2020-02-06	contrato_L7168.rtf	doc	0f9546ef0fe98af36e43a06ae58080335e7051c19f85fa72157d75d7e85f12c1	26.23%	Heodo
2020-02-06	Oferta 941539.doc	doc	69caf04e8e1e56614bea23015c10066190147415d1c1699accdc79c49531cedb	29.03%	Heodo
2020-02-06	CONTRATO_02_06_2020 E2391744.rtf	doc	e62205f9ad8ce110e6f628a4622e7f12d9db3b4c2cc100e1d464b06f2a2b0afb	29.03%	Heodo
2020-02-06	OFRT_02062020.doc	doc	548c32e1f7c11d658a1b45cc341ea2480b28c86e352baf366289aaa70a9e9292	29.03%
2020-02-06	contrato 02062020.rtf	doc	aa8a7fbcafbe8970eda3aedec8ff466cb57e0a78f8f11066bceadb365ac74d97	28.33%
2020-02-06	OFRT 31p6p9m5.doc	doc	6518e632fa6ae2b5961ba05d77e16bbec58ffabe10c6f79557a2d1b48b2807a6	26.23%
2020-02-06	CONTRATO_501316.rtf	doc	9d589a2e6c2556df3dabf97bfb5d53fbf92b2303d2b44b92b864eea6df244f80	26.23%
2020-02-06	CONTRAT 712p8m4172.rtf	doc	80f98a0cc63cfcab0ab3cd556448bab9023036aefdebd2eeaf9239f3df354bc4	23.33%	Heodo
2020-02-06	CONTRATO J008718364162.rtf	doc	6b1d90ff1212f95e6fb72180e90a64d316ee24b22f2803c46dedaca64ca09914	22.95%
2020-02-06	Contrato-02_06_2020 5A572561.docm	doc	6fb9d59fbb6b095e0d539b47649b868ec32360b9e6d115630fba8d061f93b6ab	23.33%
2020-02-06	contrato-5Q053029774303.docm	doc	6359275fa65b551a691c324e03fa5c3c73ace835ca4f3d90087dc3332f76ecec	22.58%
2020-02-06	CONTRATO-m569m0.docm	doc	d0ba1020328bfa59129c6d94b6bfd8979bd652574b24407bcfdadc75fcf28fb4	n/a
2020-02-06	contrato 7Y547025649.docm	doc	c163d2a385feadd582c11612d2692072b57c78c665520df24672437a2bd549e1	21.67%
2020-02-06	CONTRAT_I5719557-8344.rtf	doc	fa37e0cba4786db4ba847c2e4f9b4ee78aedbf0eea4491228705fc00980af4e8	32.79%
2020-02-06	CONTRAT_02062020.doc	doc	346d01cf657414934f8c87af6f0ae07d23875f613db84e483f2174b6353ab405	33.33%
2020-02-06	OFERTA-3q899n403q8n0.docm	doc	84e6bb18fc4d5994987feb9edc02eaaec7cc0988b27845fb8735d3c45591e5cd	31.67%
2020-02-06	OFERTA_688307586519.rtf	doc	00788bb2b24d0e0cb6eb61a72e29440b474f722cd5c10a79b29d02bae8319929	32.79%
2020-02-06	OFRT-03342138p1.doc	doc	d78c414534b2c95eb600a9212c16d14e0799fdb0cc31c1029dfc9928f2affb24	32.79%