URLhaus Database

You are currently viewing the URLhaus database entry for http://zingadata.com/wp-content/protected-680154094967-NkP2aIaG/guarded-TDUl5Ai-CW9oksOL8Jh/1705605-2vBjnW/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	414048
URL:	http://zingadata.com/wp-content/protected-680154094967-NkP2aIaG/guarded-TDUl5Ai-CW9oksOL8Jh/1705605-2vBjnW/
URL Status:	Offline
Host:	zingadata.com
Date added:	2020-07-17 15:42:04 UTC
Last online:	2020-07-18 12:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-17 15:44:04 UTC to abuse{at}ovh[dot]net)
Takedown time:	20 hours, 52 minutes (down since 2020-07-18 12:36:07 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-18	Mes.rtf	doc	8a20c5d41b0ea80165d9d900936696ea0d6e1aff5e22ec84913d2a8663f4c063	43.55%	Heodo
2020-07-18	rep 2020_07_18.doc	doc	40ff69629d016b471e8d629757c3cd4ab76c1958b851d9484fe5b9f12bd05b20	44.26%	Heodo
2020-07-18	MES-WH5497.doc	doc	fdb43ef55c448c1ddfb8f3f4285691274726e0ebea7bb77329da28e47d9e9eb1	43.55%	Heodo
2020-07-18	FILE-20200718.rtf	doc	140826ff8504695349da93d44b8cc8bc99720a9c4155b14653f7924beaba8e52	44.26%
2020-07-18	Inf_20200718_N31157.doc	doc	d83dda004c1f5cc3b6af587c3ceace1bb5f2e76e8cdb013a30c0078e100b2e07	43.55%	Heodo
2020-07-18	Rep_20200718.docm	doc	49b1db3ab05041bbb1b9a2cd6c9b4e33f1c3dc4771d4e5b35ca7e19135c5006f	45.00%	Heodo
2020-07-18	DAT_IEM2512.doc	doc	54daaf4068cebea8b89ef3f816d0b551095429f8fdd6a5b579753c27b23be06b	44.26%	Heodo
2020-07-18	Inf 20200718 SA83288.docm	doc	5a9e81f7254aa92662706fba57e78e6743c5506cefc521c3a7a3f7338202ef03	n/a
2020-07-18	Rep-20200718-194.rtf	doc	0c3d714fca3f5deadd848d030e8a87bb073c39ffef3f849eed2d405f34b84408	43.55%
2020-07-18	INF 20200718.doc	doc	0f62fa0eda89b4c7e9907ff92c9cbfcc2639c16eb162c40311c4bf40396c47e4	42.62%
2020-07-18	arc 386.doc	doc	e4f83f5b3d38b5bbe3b2372980bdb5303c74b1938b66e40288e0ad6c2c79d9b7	41.94%
2020-07-18	inf 2020_07_18 FWI253633.docm	doc	3b1ddd73153ba5daf34cb2df5a5bf96b2868d8dbb014d9e9e09ff8c50d07ef99	41.94%	Heodo
2020-07-18	inf 2020_07_18 475.rtf	doc	1fe6bff652bd2ae7803b24a5de11039367bea29f7f8cfd00bf212cbc841cd784	n/a	Heodo
2020-07-18	rep 2020_07_18.rtf	doc	5239c9a098468e61c38a839792ada20222fe9fc976df4b9605c5232033be081d	41.94%	Heodo
2020-07-18	inf-BK10693.rtf	doc	9cf2aa15ea104df20d27b431f823737c30c3472d1e678d799ccfdebe2dddac62	42.62%	Heodo
2020-07-18	Rep 20200718 XU73329.docm	doc	49163b028d55db6bb748928f543fc005282f09f209002ef17f6995f237498d4f	43.33%
2020-07-18	arc-77295.rtf	doc	1b571fc563b1cb2aad093ccdb4f872510cb7f649942195fa2fb627eaf1bfe8e2	n/a	Heodo
2020-07-18	Dat 20200718.doc	doc	970834bb4b0a1475a24293740d8149280249bf3b2b905605a54960a1ecf8945e	41.94%	Heodo
2020-07-18	Rep-2020_07_18-22073.docm	doc	96b7758b00c5b27afcfd1a5b7dc362e67103d42475e2b6eb4e4f7327943e312f	n/a
2020-07-18	LIST-ASP96302.docm	doc	0aa68db997d98b8133ee52c453e2c7b83a3eadbda9425b9ff2fc6e3ff283c48d	38.71%	Heodo
2020-07-18	inf 20200718.rtf	doc	e63e2812c446c40fb32224d04930d6d1c9b673cf580e93c6475fb2bebb50b7b6	39.34%	Heodo
2020-07-18	REP-2020_07_18-X990448.doc	doc	91c02fe37317be17fd879fd63a10cd9da611ae6098948f77ccdcdc94f83b5cca	38.71%
2020-07-17	list 20200718 SVQ32726.rtf	doc	b89bd8bfdf7fd5c0068f3ce823eb1b563cbd691a3bc70b9080b36b611af5e27f	37.10%	Heodo
2020-07-17	doc_QA8812.docm	doc	2fb80003eee9d2ded738ae5260c96a5b0b71ab7620f7b2e2d74344de868027d4	38.33%
2020-07-17	doc-20200718-29007.docm	doc	2fdb794642d195e0cf37d232ed02d37ed74b1b5ffa324fc9251b5cca3de8ed2f	37.10%
2020-07-17	File 20200718 0480.docm	doc	6264e94597601ac38cf03e59970036714ef4047d46a6c16f2de4716a4aee449c	35.48%
2020-07-17	Arc_IO56716.doc	doc	3f4547463b7ed3f83a9fe1f4aa956bf8e5302f0181fab9c1357d98f80ca8017c	32.26%
2020-07-17	dat_20200718_292191.docm	doc	4f650fae13b2f497c92dd327ff98b5126875ea6741d5e9db7f7f74bb2e471f83	30.65%
2020-07-17	dat.rtf	doc	53bf679028cc33a63e89aca4e94e08af3e5193436dfade18feacb14756907ebc	31.67%	Heodo
2020-07-17	Arc 2020_07_18 6085691.docm	doc	15823fbaaec62d56050309844e01b51c68e70ea470896e571eb673938c147a81	29.03%	Heodo
2020-07-17	rep_Z4641.docm	doc	d0640e7359f66f9c86770b4974d8d9b8f7a03f83ace42e21d03229059766b1ab	27.42%	Heodo
2020-07-17	Dat-2020_07_18-71665.docm	doc	ff77cfe15c2e60aea98f24924c68d7663556ed84f83a86b75fb9b7819d3780d5	27.42%	Heodo
2020-07-17	Rep MXH9839.docm	doc	e0dbd16c77a20262e645efb54ad25b76ebfd52caa1e6eebe10cd7e52a81119de	27.42%	Heodo
2020-07-17	arc-243836.docm	doc	0fcd9e5cdbfd7704545e03dd7c7a3deef28f11ae26911b0f86b20687fd46d2dd	27.42%	Heodo
2020-07-17	List-LQE881061.docm	doc	7314748358ee31f8fdfdc7972cb282d8675c0e843b07383c52e124ae3b937a7f	27.42%
2020-07-17	Rep 410.docm	doc	2f2bf71ff720e834455f232dad3c4c5a0b4e7a0160fe14230fd7d73e3b394883	n/a	Heodo
2020-07-17	ARC-20200718-AA06026.rtf	doc	4cb454edded5fb4393844fee5acd13a0e5b1ff881c2c184d01fd42f38fe99ec9	27.42%
2020-07-17	mes-2020_07_17-0232005.doc	doc	a64f2f02a7bb03fb55ca2a301f702c810582b38347ba2d3aff39c93e40df5d3f	27.42%	Heodo
2020-07-17	ARC.docm	doc	273b63046e85b9089957375db46fa53bdf6544588f42c68ac859af27aa61688c	n/a	Heodo
2020-07-17	Rep_2020_07_17_0248097.docm	doc	fc5976ea9262dda7f7fe8f62ede24a9fdfbed454fe8b0679e2e15a64243afd17	27.87%	Heodo
2020-07-17	dat-20200717-83624.docm	doc	9ce48179a4b378637be89a11806cc5163d83aad8d14834b2fd6c645aa4ab9517	27.87%	Heodo
2020-07-17	Mes 2020_07_17 AJC8557.docm	doc	5e20f76a136e863a01416716795a90ee97d009b2ce86b33ad78019ee5ea647b5	27.42%	Heodo
2020-07-17	Dat 2020_07_17.rtf	doc	f46e59311a5633ab62ea4f5b3784e1952ac3aa9134798e323e105dc6c8f67d22	27.42%	Heodo
2020-07-17	dat 20200717 316013.doc	doc	1567abdd65d465fc75f4c0532a0be49b97455d0b3bdcac9f9a6e33a5538747f3	27.59%
2020-07-17	file_20200717_Z213451.doc	doc	ef1f1a7527cab97e8d41b6308210121f218d42c9c052f000d0eee0e79924ab7f	n/a	Heodo
2020-07-17	List_20200717.doc	doc	7472c7e89fb0f2d1c2c6b136bc5f151624ac96b92297bc63baad78b84d7d4e07	n/a	Heodo
2020-07-17	LIST_20200717_NCK22809.doc	doc	a7b2be0fac8d748ff2bd542469bdbb0392bc9fb1beeb0a655f199ba90de780c9	24.19%	Heodo
2020-07-17	Mes 20200717.doc	doc	3f6cd2d9f5824d163dffe683601aee25638d36df49ba202cf1d10eb655c59b26	n/a
2020-07-17	Rep 20200717 SE445.rtf	doc	01d4ea7bf9431d892301a49392d076c42cd4ff54af14d7530696afb56517a94b	24.19%	Heodo
2020-07-17	list 681.docm	doc	98eebc8d2406afdf081538dbd2173224e7acf295b42545adbbaeb097399a9656	25.42%	Heodo
2020-07-17	Arc_M73240.doc	doc	61f184050c876f25f8c486f3efbdb25230876854fa9dd371610d212f7c738850	24.59%	Heodo
2020-07-17	doc 2020_07_17 944.rtf	doc	517476e80a66768db74eae2de0226011892f476ba4fd6fc971a1066a66d6149a	n/a
2020-07-17	File-2020_07_17-648360.rtf	doc	23bf8940f56854e022bd7db861e8571a6ca4215a13981adbde437fc90955da12	n/a	Heodo
2020-07-17	arc_20200717_64823.rtf	doc	c316e2a5d47552fb13ea2adc241236126eb6180da1516d453c823026dee8675f	n/a	Heodo
2020-07-17	MES 2020_07_17 PBM83689.doc	doc	27a83b12572b1a8e36fefb5359f26b51c4da21f1ede18268f3cf499c6a960e05	24.19%
2020-07-17	Dat_20200717_LRD563970.doc	doc	1985371ca1a398a61ee10dcee334fe74b742d501902b3f8ec8a0a2d848f8e3c0	24.19%	Heodo
2020-07-17	Inf_20200717_979.docm	doc	4145531e84d3d023ff4195dbb01c6d334b30d7aaa677e9242bb53fcf0c4c8d25	24.19%
2020-07-17	MES_20200717_368185.doc	doc	ef29dec0f39326e3c89db4dab74360466ab479c53a2c911bf09b91439102d494	24.19%	Heodo
2020-07-17	DAT 2020_07_17.doc	doc	28342db33e3d9cb2b5f93bcb68546a0a3d5856f0ddb1cfe22b540238eb65ac09	24.19%	Heodo
2020-07-17	inf_2020_07_17_VFI053233.docm	doc	c950c43e61a3d4c9a32409c18c2b7b327a2a1fc13ed4a63fba42a467c7868ef9	n/a	Heodo
2020-07-17	mes_20200717_8889.docm	doc	73c32b923a18c2ff2f2fc799e9be27227aac94148eaf5de8f9107dedf77781c6	25.00%	Heodo