URLhaus Database

You are currently viewing the URLhaus database entry for https://dz.martinface.com/uc_client/available_array/m2b5ak5gnfnqu_6gp65uv1s299_portal/gzcnvnz3by_z702s8x/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415261
URL:	https://dz.martinface.com/uc_client/available_array/m2b5ak5gnfnqu_6gp65uv1s299_portal/gzcnvnz3by_z702s8x/
URL Status:	Offline
Host:	dz.martinface.com
Date added:	2020-07-20 14:34:12 UTC
Last online:	2020-07-21 02:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-20 14:36:02 UTC to ipas{at}cnnic[dot]cn)
Takedown time:	11 hours, 56 minutes (down since 2020-07-21 02:32:39 UTC)
Tags:	doc emotet epoch1 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-21	arc_20200721_MWP756930.docm	doc	1236dd4116a2c4ba4427175d0a3e88c848f70dc6219f6b22f1997ae3ba80ba14	31.67%
2020-07-21	Arc_V8878.rtf	doc	ead83fc91ca4d61d49957be440350122ea7f083e14b61eef430b9d7c5eb3f9a2	31.15%	Heodo
2020-07-21	rep_20200721_LVD1669.doc	doc	49b857e2068f710d1facd444264c6d8804ecc9e2ba9660953b24bbf213cc66ba	29.03%	Heodo
2020-07-21	List_Y071.doc	doc	33e64096db5340fb26c5b5d6f9b1dd89674d3a77a96a25fafcb878d9929fc9da	31.15%	Heodo
2020-07-21	Dat_20200721_QJ237963.docm	doc	99c6c8f02c2fef792bc8a5a6406b0baa294156cb38b8df191f98cfb5a90547f5	30.51%
2020-07-21	LIST-2020_07_21-Y52591.docm	doc	cce8e5e706869261ede523822b673dd52e48d4351de8600f5ac209a7f0189629	29.03%	Heodo
2020-07-20	MES_856.rtf	doc	0d657d365282571dcf58adbb3a758c81fa3df50bc081a60d01f14c5431b9492e	29.03%
2020-07-20	arc 20200721 16028.rtf	doc	518def77204a86e55289809beda7c491b0f9ab290b10d7b4bae1c670a0f69c8d	29.51%	Heodo
2020-07-20	INF-7423351.rtf	doc	68f85e639cf07fc84c8204cec1bd82fd8985d854aa17d02c89b58b255b98ed48	29.51%
2020-07-20	INF_2020_07_21_0715.rtf	doc	107cf68ace70917126432b415c7a9b4a18e3f87c304c1ea780b1fe0950167c29	29.51%
2020-07-20	arc_20200721.docm	doc	44c487bb620fcaf9ecd88961303e24f705390f3c23b0154b738fd30873832c0e	29.51%
2020-07-20	Mes_2020_07_21_9732243.rtf	doc	41d61ed5ec94c9f81d804487ad8f6132520d6ac7009a8c9a7b0c074ed0748e4e	29.03%	Heodo
2020-07-20	Doc 2820.doc	doc	1269bdbbc40be92cc1f13918a692b34fdfeec466bd7d872863ecc405ff38f77f	27.42%	ZLoader
2020-07-20	Rep 20200721 1990.rtf	doc	9d397f040fb1768faae4189e4e3e0aa60604b2b86617d979e1f61d90a8798fbb	27.87%	Heodo
2020-07-20	REP-2020_07_21-FR56333.docm	doc	c6050ddd07c6d8c4aee73c52d0e50d6056ebd5f3e82550d8c771fc4353d489fe	28.81%
2020-07-20	Arc_20200721_POU347603.doc	doc	eccf2d10cb44fb11136e2edaf7af5de351637d1479888142221354abf8986760	27.42%
2020-07-20	inf-20200721-6480894.docm	doc	ec87e9999c894cdef59c964d06c6de6c7a7134d373b4e754180d90dd5fb23f64	27.87%
2020-07-20	List 2020_07_21 WOI076333.doc	doc	5abab6688536c512612b7393fad366109bf1e80149a7d2f03d959f7addc85155	27.87%	ZLoader
2020-07-20	list-4245.docm	doc	3a26f638eddb01e30b8a712291a03088645dd9d2986cbe415bc1b87cd8eb70ac	27.42%	Heodo
2020-07-20	Dat_493.docm	doc	08f5ec28ca3c972a6d03a47225475ddf5930decbb10ca8de63dfe0544581ce14	27.42%	ZLoader
2020-07-20	file-2020_07_20-F8845.rtf	doc	dc9d3da24212096b6029163166558cefcd8b37aae588dd461d9b5c02700700af	27.42%
2020-07-20	file-2020_07_20-601495.docm	doc	aebb6c605f43479215ae38d93b7e2d6edc07769fa39cd79450d94a3fc2a50bb1	28.81%
2020-07-20	LIST-TAS4216.docm	doc	97e66ad16955f21f83dae53917dbdefba08fc07108392a96327eeef55698a04c	27.42%
2020-07-20	mes.docm	doc	6b5e8002c323071f83df953f977caf3a477d1a0c7178e0795674d263bc2dab15	27.87%
2020-07-20	Arc 2020_07_20 6599.rtf	doc	ed29b479d20901bb285c8146d9a69a73a34eadaa4f6c86aca69aeefe96f4fe0f	27.42%
2020-07-20	List_20200720_OA4529.doc	doc	cbe8fa6812edba1a4e2b1fe7c30f6cbf05f21e5935e95ecbdda6d3f5d3b6de9e	27.42%
2020-07-20	File_4797246.doc	doc	36a8c92bf1e17c731797dffede2d91ede145d83d3328bac42e2b046f296abf77	25.81%
2020-07-20	doc-20200720-763.doc	doc	d560fc37f131e03b741770ee4f23d889ba5d3bdedf3ec68efbcc8bd470e0d8ed	25.81%
2020-07-20	Mes 20200720 UM8199.doc	doc	8005b9ca1985b623968849a6db53eaa3dfa9e3a93ac623e439235d133d2042bc	25.81%	Heodo
2020-07-20	FILE-CBD66184.docm	doc	2ed0a17884d80b91110cc117b3963361ae603c91ce2cd60de6131972d6a047b1	n/a	Heodo
2020-07-20	LIST_20200720_H7381.rtf	doc	4fe945b83567f1855dbc8ea4f8e0e0e2258117238ca2184dd10ba6cf797377a7	25.81%
2020-07-20	file-2020_07_20-3698895.rtf	doc	31adf970450cb8a76809bff658f19a6e62c31894dee3957e3374752544f042d3	25.81%	ZLoader
2020-07-20	rep_2020_07_20_II7619.doc	doc	50907e00e7354e5037629c8a107f608e8eb29d24e78687d31e055e89ff4e9411	25.81%
2020-07-20	MES-20200720-EY282.docm	doc	9a5b99fb5558fc141343ebdcd0429d151840f7a5b8978f2a6584127455562d92	25.00%	Heodo
2020-07-20	rep-2020_07_20-PNG93556.docm	doc	27e86fa1d58f503821260db0fd9caf987e41fc1a7595ade7d3e9a7a6f7058ffb	24.59%
2020-07-20	Rep 2020_07_20.rtf	doc	5ddca7e14995275b692b30e3a111d3f9c3be92247d826cfdc9dd64394ee98ac9	24.59%	Heodo
2020-07-20	file-W984.rtf	doc	0d11a9ada31fc5442e6fd95bb8c653ee496cb2b12922933383296efe319185e3	24.59%	Heodo
2020-07-20	Inf 2020_07_20 086.doc	doc	832b91234d64a43383ec26a920d563fb0dda9d01fd4eadf921b788dbfe60c8f4	n/a	Heodo
2020-07-20	Inf-2020_07_20-918279.docm	doc	7c61c2eb287a285f8a1d86aea750d83d26b19682bfaef685835d0722f219cc6c	25.00%
2020-07-20	Inf_2020_07_20.rtf	doc	da8a9079a2ecaaf3eafa33ae0eadf2359975ce5b650921ebf15249c7fad07bbe	24.59%	Heodo
2020-07-20	arc_2020_07_20_Z9731.docm	doc	4d2a05f2d82b15cf0f0b86c50a4fa08f165b111aa03ce72d523695db2ace926c	n/a
2020-07-20	arc_20200720_291.docm	doc	c940abd4ccf7201c6709aaa6ca888e4c501d94e70c3c53c995c8ca4616c4efa3	n/a