URLhaus Database

You are currently viewing the URLhaus database entry for http://oojo.ru/wordpress/available_zone/close_9OebNEzs8m_z9g3Jg8ABn/uydsbwaptsroph32_6s5w51v808xz26/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415387
URL:	http://oojo.ru/wordpress/available_zone/close_9OebNEzs8m_z9g3Jg8ABn/uydsbwaptsroph32_6s5w51v808xz26/
URL Status:	Offline
Host:	oojo.ru
Date added:	2020-07-20 17:13:04 UTC
Last online:	2020-07-21 22:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-20 17:14:02 UTC to abuse-c{at}hostland[dot]ru)
Takedown time:	1 day, 5 hours, 32 minutes (down since 2020-07-21 22:46:41 UTC)
Tags:	doc emotet epoch1 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-21	inf 2686041.docm	doc	205a04626bdf6f3da605d8f8ba60126d02451085528330524d899a38520be8c3	26.67%
2020-07-21	arc_882.doc	doc	6852b34db0c7a6150c1095a704236a1938b4ed46cd9d7bdfd412555ebf61890a	26.67%	Heodo
2020-07-21	inf-20200722-OI88435.docm	doc	ca4ae10db92df8cf44bacee70e7560ae411a37d1559687ad47687282ca447526	25.81%
2020-07-21	arc-2020_07_22-GLF4659.doc	doc	99b15b640124bbe2d317af00e7c30fd65e9b97abdb6e07947205d5bdd73c5737	25.81%
2020-07-21	Doc 20200722 8336.docm	doc	5f0b99c314488fa69352a7d73b64203da43208db1b90b18aa4032a84a0c57374	26.23%
2020-07-21	INF-YEZ52635.rtf	doc	1a3131840aa881ca39803d20f5224e9339a2cc959ac92ab756f6ded8d81a1a90	26.23%
2020-07-21	inf-2020_07_22-RB228516.doc	doc	bcc1834e956cf9ee218e2956ae6511170e810ad54d6738ed11f98620609a3e30	26.67%
2020-07-21	mes_JSD617.doc	doc	253d4ce06935b6b78211d3f7b0ef787b74e019761199199ab5720333db23577a	25.81%
2020-07-21	rep 2020_07_21.docm	doc	238dcc628d07c6b0935926310ffab263be40646c23d2b4e4d7b89a7a6eb52dad	33.90%	Heodo
2020-07-21	inf_20200721_1083.doc	doc	9e5640f95155193ba256e171fa3c82d7ee336931c3b88e12f1678197ba4d3081	31.15%
2020-07-21	Mes-20200721-UHV203.doc	doc	954e8a3b2f224ae59b0cbc54c3f0585184cc2e26aed9315eefae4f05fe73a708	33.33%	Heodo
2020-07-21	INF-20200721-5644527.docm	doc	50d5051a82f97571415ca2550517c6872eca80692c7d6db605082a0b9876d34d	31.67%
2020-07-21	list 2020_07_21 033.docm	doc	e79bfe79de1a90309dfce80db1cec1e5546d40c16c83e9bd96f19cb888a61f19	29.51%
2020-07-21	Dat_YNG75599.docm	doc	f76760e19ef8c715a396435ac9a3fc931699e03a431a25ba0f9d0f20c104495c	28.33%
2020-07-21	FILE-20200721-67279.doc	doc	193921b13cb10f97c4211e6694ee26cf2ebb7d6eff920ca64cc0d96252fc3487	29.51%
2020-07-21	doc 2020_07_21 3315.docm	doc	1b3a66fa218971358919a1dc0cbfcd9fdaac7ec3278bed6109f0df2550dfe3b7	31.67%	Heodo
2020-07-21	dat-2020_07_21-6183899.doc	doc	7203fa5731e4f60d782eb7248af9620384981a39282d70094f40946b1b7a60c8	30.65%
2020-07-21	INF_20200721_5750.docm	doc	3d808e9e116ecad94d0839d1a951f8aa24c96f6dfaaa774a889edbb38c857b56	31.67%
2020-07-21	FILE-20200721-YV08766.docm	doc	87d3dee382ec0e4a5a3c0c6979d2e460be44819c475c2cebe34bc5a83bb26b98	31.15%
2020-07-21	DAT-2020_07_21-398.rtf	doc	b245eea1d0569a4ba8e24c96f41af5fa75efa79b0308c9fc56adb52d053ea467	31.67%
2020-07-21	rep_20200721_3643.docm	doc	4702bfa3cce588e00e72da6918a41ca19da01547f668f0d07950765028a333ad	30.00%
2020-07-21	Inf_2020_07_21_R1111.doc	doc	84208f7aeaf31442b3b84394ec70e6c7d6d03b854990a567dffe1702c392bf9b	30.00%
2020-07-21	list_20200721_52264.docm	doc	620ec5ba9b3488d2f0df3f27c7efbd786e501f76dc0cd1e11e70e9783968374e	30.00%
2020-07-21	REP 190.doc	doc	608a39d31a2ab34bf79ebd042bf10028b9bc7ed087dbb810306956dd1ba45567	28.81%
2020-07-21	File-20200721-BVT62693.doc	doc	76b3bec66b692ad45b4c647003c0e5e5b5a3d416c87a613b7094960050adad61	29.51%
2020-07-21	dat-2020_07_21-403.doc	doc	37aed6f66e26d67c404f293d6eede26254f40b2470ec3bf486f9e7fdffec0ba1	n/a
2020-07-21	inf 2020_07_21 V761.rtf	doc	268a97dd90a672f712cdec3a39986e6ea760af1f34b3bb9924eb08a270e0c576	28.33%	Heodo
2020-07-21	rep 20200721 6884198.doc	doc	15617b37ed587c9af7ec3de8d4aabd3de95ded6604f652abea14822da2c94ce0	28.33%
2020-07-21	Dat-2020_07_21-743200.rtf	doc	186a6ee6322d2e6656e0125cba0536eef43d3a66e4ce73e129332dbb236cab60	25.86%	Heodo
2020-07-21	inf-20200721-1460769.doc	doc	75cb0d33fbd33b08aede2930d9ac79f7086ef7db06803c493d9214d84a4391e3	24.59%
2020-07-21	ARC-EYG0003.docm	doc	a82dd2141315d36a0f9ba74bb443a40e0495cd089323254c35d0c4686249de7a	24.59%	Heodo
2020-07-21	LIST_2020_07_21.doc	doc	55a103c16b3c4d8958091e55cfb62091fd2d209e07ffba0a5c88252946b8ae39	25.42%
2020-07-21	mes-785.rtf	doc	bde282cb96f5986ecffac2e217f661fa0f00c92f1e4b2a788aad9cbd53a2eb51	25.00%	Heodo
2020-07-21	list-2020_07_21-331.rtf	doc	ad614712ee0ad71a7408a527a3a2051489b0ff4f08038b7a676ad967ea160fb7	25.42%
2020-07-21	Dat-2020_07_21-91912.docm	doc	64eee4aab6935f2d3d11646b1c38bdd7519aef0367f417afc89d07c5b15b8eaa	25.00%	Heodo
2020-07-21	ARC_20200721_3793604.docm	doc	38a052e49569227f531849f52c6e801e5abb2c68a7dd2c5a9fca8e92ec6b0211	24.19%
2020-07-21	doc-2020_07_21-QSU887.docm	doc	48c64e836cbb9aaab5e723471651e7826d9bc032cf7aaba59ce8006ab14626ed	24.59%
2020-07-21	Arc_2020_07_21_WSW2972.docm	doc	ecdaf78dab236699d9244160f6b4865a5cdc8481ff2e8d798df9a342d10f1654	25.00%
2020-07-21	file 20200721 I151550.docm	doc	44d93b12f57a0d476e774d58da761e56ddd20f6d299acc2390a9111082e448de	23.33%
2020-07-21	arc 20200721.docm	doc	477bc137f269ae86b7049d592f7588c5f063e569db20bd09ff2bea3a04aeba06	n/a
2020-07-21	ARC.rtf	doc	77381e8fde74067c151274bc344395ef59df227e209ec80c0d7879aacbd5d654	n/a
2020-07-21	mes_2020_07_21_MUT462983.docm	doc	eec0262941bfb2dcb8d29f6ef1ccc699726ac66beb04d7d34e8da3281cf19c38	25.00%	Heodo
2020-07-21	file 20200721 913.docm	doc	2e716647297132c94bca63747c48379889273658b12366fbe0e689a2b9966470	24.59%	Heodo
2020-07-21	mes_212532.docm	doc	14f298945ba541ac7f6cf64b12d67423fffd432bbf2e598d25cd50f0e8cfd86f	n/a	Heodo
2020-07-21	Inf-20200721.docm	doc	7b19a0f8eec4e97830795e9551e2f09ceb4fe93fab484152127439f952f2b404	23.33%
2020-07-21	Doc 2020_07_21 M65600.docm	doc	a8d9eceee2cd3735b96abf3528e7ec3e8e2d8ceb8991c00c7ff479e9034655f5	34.43%	Heodo
2020-07-21	dat EJN7369.doc	doc	aa4a6dae1e4ea4aaa6e4539fa9a3fbb129544c7d56807321757f41321b723abb	33.87%	Heodo
2020-07-21	DAT-VQX322098.doc	doc	f78e874b4d5c5dedede72b85b571f2b04d8edba617b6634d95c2af181e6e4dd7	34.43%	Heodo
2020-07-21	List_20200721_9709628.rtf	doc	793132996a7b6875055c2bdbde2173f37e68ce5f04ab651acad13f84ab89cb82	34.43%
2020-07-21	Dat 2020_07_21 LL48226.doc	doc	bac082845ee6dfbda9489e3c6f1c90611ad4ba2546da7e855578225a51197eba	34.43%	Heodo
2020-07-21	file 2020_07_21 TTT586.doc	doc	9e7349a986f7139a74245edcc8f0028bd6a10f81e79a7ac8bf7134e6d4932c2d	32.26%	Heodo
2020-07-21	file-2020_07_21-7237979.rtf	doc	5816bc271d88617e627d64210b8ac9df417f8072b362af861ade766137eb1564	34.43%	Heodo
2020-07-21	Rep.doc	doc	d5a87ccc4bd01f38606d27a60a266aa20d88acc095b6a637e037c20ddb0d51bf	33.33%	Heodo
2020-07-21	Dat 4589.rtf	doc	3bc869822322f3e700ec706660323daeca6ea90553d0bff45ce1fdc1ad6dfcfb	32.26%	Heodo
2020-07-21	MES-20200721-987706.rtf	doc	122b0d68ee819b2ceb91c0b2cdcc0327860dadbb29f884a776968a58c9480ec4	32.79%
2020-07-21	LIST_2020_07_21_H108.rtf	doc	e2a49ec64650e56e967e8b0c31b7e21ad3f1ab14516c6dc02605aaeb90f7b87c	32.79%	Heodo
2020-07-21	inf-Z94997.docm	doc	570d0bfaa6b14c83103c29fcbceba4f66df0c68406b8e2c61929ca743241b372	33.33%
2020-07-21	MES-20200721-M408064.doc	doc	276dfa20b9cffd3ac104aeafed599b2f70a9fd0e8d4faf1d86ffd46e8354a416	32.79%	Heodo
2020-07-21	DAT.doc	doc	cd605825d74d60677fec41c84dc39462658ebbd5edd8e29cfe9610a29291b3e9	32.79%	Heodo
2020-07-21	REP_2020_07_21_92330.docm	doc	6c7da386cdaa6398c065aafedeb01b31ec959ecf615e9601a81a2c86488c4c86	32.26%
2020-07-21	List-2020_07_21.docm	doc	1236dd4116a2c4ba4427175d0a3e88c848f70dc6219f6b22f1997ae3ba80ba14	31.67%
2020-07-21	dat_2020_07_21_ZSS273.docm	doc	4e34674eaa422795c92ef9cb66994e18a57553e217b4bb4de69c1369608e36e6	31.67%
2020-07-21	File_WC874.docm	doc	49b857e2068f710d1facd444264c6d8804ecc9e2ba9660953b24bbf213cc66ba	29.03%	Heodo
2020-07-21	mes 20200721.rtf	doc	33e64096db5340fb26c5b5d6f9b1dd89674d3a77a96a25fafcb878d9929fc9da	31.15%	Heodo
2020-07-21	LIST_XUZ17678.rtf	doc	99c6c8f02c2fef792bc8a5a6406b0baa294156cb38b8df191f98cfb5a90547f5	30.51%
2020-07-20	doc_20200721_BAY97205.rtf	doc	cce8e5e706869261ede523822b673dd52e48d4351de8600f5ac209a7f0189629	29.03%	Heodo
2020-07-20	List_20200721_5879.doc	doc	f83e32a15080c0f31451809377046083d52daef3354edecea6db6ccf4158a43a	30.00%	Heodo
2020-07-20	inf 2020_07_21 SY69170.doc	doc	68f85e639cf07fc84c8204cec1bd82fd8985d854aa17d02c89b58b255b98ed48	29.51%
2020-07-20	Arc 20200721 I439883.doc	doc	a6ca24bb5b1de30cd63ecceac1727ca4102ed289d65fa05c550c4485e6ca372b	29.03%
2020-07-20	LIST 20200721 RMR590041.docm	doc	41d61ed5ec94c9f81d804487ad8f6132520d6ac7009a8c9a7b0c074ed0748e4e	29.03%	Heodo
2020-07-20	list-20200721-JW6866.rtf	doc	1269bdbbc40be92cc1f13918a692b34fdfeec466bd7d872863ecc405ff38f77f	27.42%	ZLoader
2020-07-20	rep_BN2827.docm	doc	c6050ddd07c6d8c4aee73c52d0e50d6056ebd5f3e82550d8c771fc4353d489fe	28.81%
2020-07-20	REP 20200721 8133.doc	doc	eccf2d10cb44fb11136e2edaf7af5de351637d1479888142221354abf8986760	27.42%
2020-07-20	dat-20200721.doc	doc	ec87e9999c894cdef59c964d06c6de6c7a7134d373b4e754180d90dd5fb23f64	27.87%
2020-07-20	INF P31769.docm	doc	8d861becdf66c056d51b6b585d1d2c98ec75e77bc3af28d354edb72f3ebb65ad	27.87%	ZLoader
2020-07-20	LIST_2020_07_21_KAF86397.rtf	doc	10e15c8850925b8f03210b06fdc2e0e87bd7339bf6a185992346e2063cbe1e99	27.87%
2020-07-20	Arc 2020_07_21 SD709.docm	doc	eb1f1cf5bb142fb70ac9421ceb472dad3f583fcc852ae768c1ae347506cbcc04	27.42%
2020-07-20	inf-RFK61132.docm	doc	dc9d3da24212096b6029163166558cefcd8b37aae588dd461d9b5c02700700af	27.42%
2020-07-20	REP-2020_07_20-GO1237.docm	doc	ba9dea8d19d91af5e263e8bb98b6ef25c7f8d994944b6d6a0ecae3fae653199a	27.42%
2020-07-20	mes 2020_07_20 AF625.rtf	doc	97e66ad16955f21f83dae53917dbdefba08fc07108392a96327eeef55698a04c	27.42%
2020-07-20	DAT_2020_07_20_DUY709412.docm	doc	6b5e8002c323071f83df953f977caf3a477d1a0c7178e0795674d263bc2dab15	27.87%
2020-07-20	Dat_20200720.doc	doc	ed29b479d20901bb285c8146d9a69a73a34eadaa4f6c86aca69aeefe96f4fe0f	27.42%
2020-07-20	ARC_20200720.docm	doc	3bcf67ec54f94ea28c8c35560ef2f6b2ef8090951c1ce2d0a94aebfd04a4786e	27.42%
2020-07-20	Mes_66817.rtf	doc	d2592f81840c6459ba7e0d05e58f48c703e29b3a97134a5bec16e60e85e72098	25.81%
2020-07-20	Rep 2020_07_20 ZBU05628.docm	doc	c8b4b7e686954bc7ebd4115f98ec29527b1b0d47d1a817adebc3c6b44c26d787	25.81%
2020-07-20	dat_XD645046.rtf	doc	0cd73a229418caf24e599b0db39e5ff3ae2903ffb83340c026c0ffa0f7e9f86b	25.81%	Heodo
2020-07-20	rep_2020_07_20.docm	doc	c80914cd78207fba0edb12b286a7d21c3d616e6d3ff2951298af4b2ed23d9e9f	n/a
2020-07-20	List_2020_07_20_X59679.doc	doc	4fe945b83567f1855dbc8ea4f8e0e0e2258117238ca2184dd10ba6cf797377a7	25.81%
2020-07-20	INF-2020_07_20-B842.rtf	doc	31adf970450cb8a76809bff658f19a6e62c31894dee3957e3374752544f042d3	25.81%	ZLoader
2020-07-20	inf 2020_07_20 387.docm	doc	ced320fc1306a4a243f620ee674dcf68044ff65ee78550b2c81b082de90478d4	n/a	Heodo
2020-07-20	mes-2020_07_20-FY33568.rtf	doc	2f2f3276bfebb391e62d48da6409cf08b82aa4247a1ebb51815c36d5df448b1c	26.23%