URLhaus Database

You are currently viewing the URLhaus database entry for https://www.189cj.cn/wp-content/personal-74488-pMGbpegMJMZAuBJF/special-warehouse/azkb-wz8uvz932vv/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	414181
URL:	https://www.189cj.cn/wp-content/personal-74488-pMGbpegMJMZAuBJF/special-warehouse/azkb-wz8uvz932vv/
URL Status:	Offline
Host:	www.189cj.cn
Date added:	2020-07-17 18:58:05 UTC
Last online:	2020-07-22 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-17 19:28:03 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:	5 days, 2 hours, 47 minutes (down since 2020-07-22 22:15:50 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-18	list 20200718 5142.rtf	doc	8a20c5d41b0ea80165d9d900936696ea0d6e1aff5e22ec84913d2a8663f4c063	43.55%	Heodo
2020-07-18	Rep 2020_07_18 EIU5680.rtf	doc	40ff69629d016b471e8d629757c3cd4ab76c1958b851d9484fe5b9f12bd05b20	44.26%	Heodo
2020-07-18	REP_06060.docm	doc	fdb43ef55c448c1ddfb8f3f4285691274726e0ebea7bb77329da28e47d9e9eb1	n/a	Heodo
2020-07-18	Mes 20200718 725.docm	doc	d83dda004c1f5cc3b6af587c3ceace1bb5f2e76e8cdb013a30c0078e100b2e07	43.55%	Heodo
2020-07-18	LIST-2020_07_18-2218.doc	doc	7d6df068905eceb054cf99c1dfef0ff1e8f7de2de4f3344edc1394b9bd14d555	37.10%	Heodo
2020-07-18	doc SQV550916.docm	doc	54daaf4068cebea8b89ef3f816d0b551095429f8fdd6a5b579753c27b23be06b	44.26%	Heodo
2020-07-18	List_2020_07_18_CCR5379.docm	doc	0282a9682b4c3f016f4cd84847a3973d205972a75993feb753b575895a162a46	43.55%	Heodo
2020-07-18	Dat 798.docm	doc	f6059b68359fc971b85eaf15867042805b0246083140729de8830fc239c0a4ed	n/a	Heodo
2020-07-18	dat-20200718-QN83597.doc	doc	0f62fa0eda89b4c7e9907ff92c9cbfcc2639c16eb162c40311c4bf40396c47e4	42.62%
2020-07-18	Inf_QB358.docm	doc	e4f83f5b3d38b5bbe3b2372980bdb5303c74b1938b66e40288e0ad6c2c79d9b7	41.94%
2020-07-18	Inf-2020_07_18-AD263.docm	doc	3b1ddd73153ba5daf34cb2df5a5bf96b2868d8dbb014d9e9e09ff8c50d07ef99	41.94%	Heodo
2020-07-18	Inf-20200718-M13551.rtf	doc	1fe6bff652bd2ae7803b24a5de11039367bea29f7f8cfd00bf212cbc841cd784	n/a	Heodo
2020-07-18	REP 2020_07_18 470129.rtf	doc	e11da7c7c88a7a2a16b8f4c7581b1349658d2629b5876da8384e4d4b1e7ddb96	41.94%	Heodo
2020-07-18	doc_2020_07_18_I7783.docm	doc	db7f888bc27f3625e1d2aa8dcd1f473d1b6c3f18425041aeb9d6317a5cf977c4	n/a
2020-07-18	list 339515.rtf	doc	49163b028d55db6bb748928f543fc005282f09f209002ef17f6995f237498d4f	43.33%
2020-07-18	List_8354.rtf	doc	44737c7b4475fb2a259af5c0b23c7f14945dda0d119491a61f2004f59cce8105	n/a	Heodo
2020-07-18	doc R67607.docm	doc	96b7758b00c5b27afcfd1a5b7dc362e67103d42475e2b6eb4e4f7327943e312f	n/a
2020-07-18	DAT 2020_07_18 771067.doc	doc	c4fef70e62aafcefd6600e91edd401ccd941dae7472d89fd2cb164219eeb34f3	n/a	Heodo
2020-07-18	File_20200718_GL072.rtf	doc	f821386a84c5ca5ce96218b63990b6ef7ba0016e43aae95ebd78c9bda997b6f0	39.34%	Heodo
2020-07-18	List-20200718.docm	doc	91c02fe37317be17fd879fd63a10cd9da611ae6098948f77ccdcdc94f83b5cca	38.71%
2020-07-17	File-2020_07_18-74137.rtf	doc	d0a6228f0457c0dab131d8c3cbcc69b48575c993d2c1e3745087337415144d9c	37.29%	Heodo
2020-07-17	List_20200718_NLJ22251.rtf	doc	b89bd8bfdf7fd5c0068f3ce823eb1b563cbd691a3bc70b9080b36b611af5e27f	37.10%	Heodo
2020-07-17	Mes_2020_07_18_ZX209952.doc	doc	2fdb794642d195e0cf37d232ed02d37ed74b1b5ffa324fc9251b5cca3de8ed2f	37.10%
2020-07-17	mes_20200718_VHN3713.doc	doc	d12ad51a2c2b91323324d970ffa092041ec804bd5a52d66c75ba5af96b22afac	37.10%
2020-07-17	ARC-2020_07_18-4771.doc	doc	3f054364f4de6d79966887c8d95c9c4bbe25fbb622c1163ff73ac7d345f73731	33.87%
2020-07-17	LIST GP50895.rtf	doc	4f650fae13b2f497c92dd327ff98b5126875ea6741d5e9db7f7f74bb2e471f83	30.65%
2020-07-17	FILE 23396.doc	doc	53bf679028cc33a63e89aca4e94e08af3e5193436dfade18feacb14756907ebc	n/a	Heodo
2020-07-17	LIST-2020_07_18.docm	doc	4efb5eea71e20c735df86a96e1cc7d69fc118ba4e71b69c98811dbe49742b755	29.03%
2020-07-17	Dat_2020_07_18_895358.docm	doc	d0640e7359f66f9c86770b4974d8d9b8f7a03f83ace42e21d03229059766b1ab	27.42%	Heodo
2020-07-17	MES_20200718_LX522770.rtf	doc	ff77cfe15c2e60aea98f24924c68d7663556ed84f83a86b75fb9b7819d3780d5	27.42%	Heodo
2020-07-17	LIST-2020_07_18-512.doc	doc	4fd042bc7f87d15ab7e39173c26a90e9365eceab07ec26c62b16c6cfafbe2f4b	n/a	Heodo
2020-07-17	Mes 20200718 KFH39262.docm	doc	7314748358ee31f8fdfdc7972cb282d8675c0e843b07383c52e124ae3b937a7f	27.42%
2020-07-17	MES_L305644.rtf	doc	2f2bf71ff720e834455f232dad3c4c5a0b4e7a0160fe14230fd7d73e3b394883	n/a	Heodo
2020-07-17	MES_20200718_CF748898.rtf	doc	328a1ddb0998b010e99d5314354fa47de97745a0e09b6682e043ffba500f19cf	n/a	Heodo
2020-07-17	Rep_20200718_3524381.doc	doc	94505c9b0c3294f476b2b3f08867a48c6730f1dfcad5d043c90eaeb520858ede	27.42%	Heodo
2020-07-17	MES NU936768.rtf	doc	deb9182b6e138520576458d85048d5069a4e20f11acf4938b081ba4e8765365c	27.42%
2020-07-17	Rep-2020_07_17-P44537.rtf	doc	770fd6643c934cc3aa0fddf589d643b7b59e18a005ff89fc9113bd8181c21a2f	27.42%	Heodo
2020-07-17	List-20200717-7220.rtf	doc	cda9436fa557c4829240ea266b287d29715c5d9c9e706886a7755ef20de25ec0	28.33%	Heodo
2020-07-17	INF 20200717 X120118.rtf	doc	5e20f76a136e863a01416716795a90ee97d009b2ce86b33ad78019ee5ea647b5	27.42%	Heodo
2020-07-17	mes-640612.docm	doc	493accf3563320001bb8c5d727fb01bd790bdd20df7f179b12e771330274ddfc	27.87%	Heodo
2020-07-17	file 2020_07_17 UMO173085.doc	doc	1567abdd65d465fc75f4c0532a0be49b97455d0b3bdcac9f9a6e33a5538747f3	27.59%
2020-07-17	LIST_2020_07_17.doc	doc	ef1f1a7527cab97e8d41b6308210121f218d42c9c052f000d0eee0e79924ab7f	n/a	Heodo
2020-07-17	ARC-2020_07_17-K962160.docm	doc	681ac1ca82308e1b4c5d59e522eda836ad9efc547335dba3871ba363e2f7ea60	26.23%