URLhaus Database

You are currently viewing the URLhaus database entry for http://www.yunguji.com/wp-content/Scan/dd338476174971667033gjkbd11d976pl/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415487
URL:	http://www.yunguji.com/wp-content/Scan/dd338476174971667033gjkbd11d976pl/
URL Status:	Offline
Host:	www.yunguji.com
Date added:	2020-07-20 19:34:14 UTC
Last online:	2020-07-23 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-20 19:36:02 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:	2 days, 20 hours, 17 minutes (down since 2020-07-23 15:53:03 UTC)
Tags:	doc emotet epoch2 heodo ZLoader

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-23	REP_1509454299168.doc	doc	e8ffbce173f2005b23816ddb7c701c6409107504d3fc1244094df0811b49052f	57.38%	Heodo
2020-07-22	BAL_PO_07222020EX.doc	doc	ba4417524d4ec820b4eb5bc47ce13c88930355211107e1866f24d0888f36186a	26.67%
2020-07-22	86447137.doc	doc	f9c93aa61dd4cb64cf59976fbb246f87744328a2a1fd1233945c84fbda2c0aae	26.67%
2020-07-22	N_30201206.doc	doc	8429b0e1e5e18af38b4e6eef6fb6a207e17b74579be241d6e51283307653aaad	26.67%	Heodo
2020-07-22	09428536.doc	doc	e78c34be8e5c18a71a9aa4efce0a94da6f1478187b801178d37bbea90e1dc260	26.23%	Heodo
2020-07-22	ND2OU6FOWQ8.doc	doc	e563992a8b913e222c4f08cd1cb89a4e4af61dc33d30f455e7e3f4fbd039666d	26.67%	Heodo
2020-07-22	PO_07222020EX.doc	doc	adecd8241c21aa989810258e39d162aeb6ec0b86ca6a884fa3a542ad306a1c63	26.23%	Heodo
2020-07-22	DOC_462974776035390288.doc	doc	a76feea95a298d6f94ca0a719376f30e4409a18555e10bdb1e90a24c7facf294	24.19%
2020-07-22	W_79044447.doc	doc	c14ddeac4500ec2bb65828bcf770f5ce11a369ca829f2c68587632e1dccfd995	24.59%
2020-07-22	INV_09042000.doc	doc	584fbf65a3d7eff0ed9282b47d237781da7f7aeb0092ecd034d3edb66adbc6df	24.59%	Heodo
2020-07-22	TSR_QCP_070120_XDD_072220.doc	doc	f9b9806f9c7c88864e0ff685eaab801a085f8c567b7d6993101bafa58c4833b8	24.19%	Heodo
2020-07-22	DDA_09237836.doc	doc	0b88f7457627bb2ae6f62990289a2e3f1a378c01892e3715bec08b94d13206f1	n/a
2020-07-22	60391412.doc	doc	f4ca24a43791c023e2992042afaa7e31c98e1352f74e1b4366f6b52627a51510	24.19%
2020-07-22	PO_07222020EX.doc	doc	9dc3bf8aadd5819cf5be10ee9a0af6c94bc4b8a7a193cf539ef3ac9288ca9f15	25.00%
2020-07-22	INV_PO_07222020EX.doc	doc	e138da30fb56344429ee51040714270123930932db14186bb12630a53d904fdb	24.59%
2020-07-22	DOC_CG1X9XTGPGS1.doc	doc	7f54a50769d5234312b7defc3a81746444cd068f11c6b92c51dc5fb0c13f3cf9	24.59%	Heodo
2020-07-22	B_FC6403463626XN.doc	doc	afb0e524b7db64a122b728e245c9696835a816e3cf272da3b39ac35bba514abd	25.42%	Heodo
2020-07-22	DOC_WE38OS96U1Q6ULSZ.doc	doc	62f04c722299e8d193bfbe9dcde36cba23bf403f4476d6755bca71d6d49987bd	24.59%	Heodo
2020-07-21	22339624.doc	doc	620ed9cdd6372b6bd9572a507c6c349ec07cd10cb45cb36216f21e2e6b025d2c	25.00%
2020-07-21	4ZV6GU6Q.doc	doc	036ad59b6976510e9ff4cf18b0c06525921206e2fb2d09135c41308923ff5d80	25.42%
2020-07-21	PO_07222020EX.doc	doc	9219b02f05ac45df25ea9a7cab876c9836470d4f1b13a2652d25169d50e2fa84	24.19%	Heodo
2020-07-21	TO0462282252LZ.doc	doc	443699b3e3b9a7f6acc2e21bce3a2bfab58a5fc166c408de2a1d5c8f57ed7376	24.19%	Heodo
2020-07-21	55657410.doc	doc	a6f854e3c35ea6d6a5cc1ae65197f94c8274c5e72b7641cd8ab8f0537a05c9f4	24.59%	Heodo
2020-07-21	INV_PO_07222020EX.doc	doc	46ae24609f881a2a8e58a79014bc0f644673c954619610d6086f92289b7e5b8d	26.23%
2020-07-21	T_FUA_070120_BCX_072220.doc	doc	c95057fce46c3c402c202fb3ac124dde463a8e1de0c26047fd254ffd11084f36	25.81%
2020-07-21	DOC_LP7882471769BA.doc	doc	bfb0b36ae7105ad67727e68789279e3550b6750177ae7c2fc1007438f686f070	26.23%	Heodo
2020-07-21	31866706910217408088124.doc	doc	8eb64aab66595068d57e0a19e1b9798ec6b5a087c929086cf1325fa98a3ff1f4	25.81%
2020-07-21	FILE_370864450666502.doc	doc	2f4719fe8c7d6c5de85448ec6a443b49b51cbee1b16d7d67e6a8e497a3b5cd7f	26.23%	Heodo
2020-07-21	4WR8PH0C2KBL11Y2.doc	doc	6616cbabce1dd4cb3515191b2ed913e01a7ffc8b1cff8ec410600930bbdf7f3f	26.23%	Heodo
2020-07-21	BAL_KZG_070120_RHH_072120.doc	doc	a501ba4d5001cfc0fdb0e8b95b1dd154dc0c9c3d3e0ffdce873526f1855bc618	n/a	Heodo
2020-07-21	FILE_JNO_070120_GKJ_072120.doc	doc	dbda4797cc002eeb66a87ca2dc004b353d72aff451eb3ba1010bd900cac133dd	33.90%
2020-07-21	INV_2QBCLKNRXJ8M1.doc	doc	4fef736949eab2f9ad2e19b472ca28945327a76babb1f6038f3b297652843fed	32.79%	Heodo
2020-07-21	BAL_MA8918945605WO.doc	doc	6b606b07e4ddf623479f05fe2da2628bfb74b953116407b7e4ad3cd64421de36	32.79%	Heodo
2020-07-21	REP_SZ7WEIN8O6S.doc	doc	c10a582916f0da5e84bc38c9cbfbd8bc5b42f1626d9ccebffda99a7a48b90fc9	29.51%	Heodo
2020-07-21	ATKO_TKL_070120_OOK_072120.doc	doc	c22e26dfab6e9d1a9b274c81e01683828409ad629bf7883a0d58600c1f8db403	31.15%
2020-07-21	BAL_PO_07212020EX.doc	doc	6acb37f46741819ca10ee4ccb7f88dc94b5dc36a3a1c5c366450d76db4b42a6c	30.65%
2020-07-21	PO_07212020EX.doc	doc	fdd63d0b6f6654abf830b1328dc6c506ae2d56e0a36a2ab27fe004a14e2a2bd5	32.76%	Heodo
2020-07-21	KHC_070120_WRM_072120.doc	doc	c3db961b04941123b6924d69f2c5b149df9b54835cffe9dc0f693fd0dfca31bc	31.67%
2020-07-21	BAL_49453417.doc	doc	15416a6fc11e7393653dbfbadaf3a03a0948ecfa7aef70fa367412c3b68d5ede	n/a	Heodo
2020-07-21	REP_11RQY5H987Z87.doc	doc	15ba2dc607a608b61e883029246434bc1dccbe316219fdb1b11775c3eed0df12	31.67%	Heodo
2020-07-21	GPSS_PO_07212020EX.doc	doc	ad09bb5a5aba85dbd01596a1cdd77d12eca89c079abac382e0894e000a9a50b8	32.20%
2020-07-21	BAL_25594488465671981687162.doc	doc	c50850a81ad3ce08fc961162e1082494177f8e501dab0e698bce46ffef854ef6	27.87%
2020-07-21	BAL_PO_07212020EX.doc	doc	2deeb69125cd75fba93b9bc64b1defe43dc4e1ea009f2f44bc8fed64c5f2a003	n/a	Heodo
2020-07-21	Q_40513750.doc	doc	454c1cc1f9583beec51230534131bba60e6483bb9363ead5a4b7b33f54e30a51	30.00%	Heodo
2020-07-21	REP_4932038963628239504299458.doc	doc	e8eff9852fefe1a01b140600735f3b9abecfd2f1bb93929c8955778bb11d0681	n/a
2020-07-21	FILE_QX5522913010VR.doc	doc	219041450e975540e8f7983404fefbe09f654c6d76cfa4c691fdfda36fbaa360	28.33%	Heodo
2020-07-21	453455393381118486669077.doc	doc	5f3da5a1b6d61a46a16169eaf72e463f3f5483f15213d0799b577d4684e38a70	28.33%
2020-07-21	DOC_NR3643318703CM.doc	doc	1d9ee4266d8ea670f230420a2bea062bca45656a0827a2f222a6ece8d1d48f20	28.33%
2020-07-21	RDJ_070120_UCL_072120.doc	doc	28c3869c9796a32f17c0d9c08a13fa07d07c03b13420f83f05b27dfddf2c87ca	26.23%
2020-07-21	MYCM_0276329621653022526.doc	doc	974a9bde6fa374685e63b50d21dd8254256dd8f6418d9d65e208a465a0141f73	24.59%
2020-07-21	BAL_PO_07212020EX.doc	doc	8f5c9735c5189f1b809aba58ae06fa7432eaff2ca15ec97d918d82dc6082a69b	24.59%	Heodo
2020-07-21	REP_PO_07212020EX.doc	doc	fe7bb6362bb3a11a4579b9c0c36fb7d1df5b57d43ff14b8b4ada2254224180e2	25.00%
2020-07-21	SO_PO_07212020EX.doc	doc	4501457e1fae31cb83a1d2818d169525f75627a017efc573932fd412e6e2c406	24.59%	Heodo
2020-07-21	L_PO_07212020EX.doc	doc	b1a935c9a64f8a2191e613e696c6df7a5892c608ec14c6f72c3459c4a62f2865	25.42%	Heodo
2020-07-21	DOC_GB1278274315TS.doc	doc	3f65143957146edc136d123a62507f50497de812d31cf82785b88dc67c7f4792	22.95%	Heodo
2020-07-21	BAL_73600322.doc	doc	2244d87c2c6131e7df121cd684003eafdf3dfb9e5770c802d5d999569ab9b47b	28.33%
2020-07-20	K_EY8367396504CV.doc	doc	1d9333d44f7442890d84cbc3972b9d00c93bf1556042f7b58c1386365eae3c76	n/a
2020-07-20	INV_QD5123245705VQ.doc	doc	5ef34d47ef171a2b5cab01782a4a45d9a12f01d70dde381936b6975ca93dfad7	n/a	Heodo
2020-07-20	67823217701.doc	doc	49f90436f418a86b0f4e55e14bcf74793954cc90596ad08dfb6355a1e50a8f27	n/a	Heodo
2020-07-20	REP_6101315434357667064659.doc	doc	80b27b3a7242ea8cdfbcc0d266c4fe489cc0b035fb614b755e2546c80cdfbed5	n/a	Heodo
2020-07-20	53602709.doc	doc	db25e5d9d7e9141385c443268866698c14432d243af5aee0906b93bf713ff820	29.03%	Heodo
2020-07-20	DOC_379664588262324971098088.doc	doc	f073a991092d0dc2ca2d7308e64b58992ce0cb00fe5da928b65b58530c10e7a9	n/a	Heodo
2020-07-20	FILE_EIT_070120_PSP_072120.doc	doc	4ec7f2a0359b740dbbc849705f2856818bccc8fafa5a2237fd79640e61423255	n/a
2020-07-20	DOC_MD6NIYUAZP1.doc	doc	a6ce3b9c522d36ac4e91cf8e2cf1581bc9d7e6548f1e66ff998e11662f6894cb	n/a	Heodo
2020-07-20	YXB_070120_KLF_072120.doc	doc	148aa06dceabdc99c7588bd48277867f3d0528fcf04463562707fd66f953045d	n/a	ZLoader
2020-07-20	PO_07212020EX.doc	doc	d076c294bf588b7c9f8db6b5f35a63758c5710feb5920c263ceb77a501bb9133	27.87%	Heodo
2020-07-20	DOC_BA3003456842XM.doc	doc	cfb6588d9181a97aa1f93b2b9f8af82134836e916938a80a217cd03fe4294811	n/a	Heodo
2020-07-20	FP_LJ2909297829EN.doc	doc	401dadd7c1211dae181b8767949d274790aa4fb72e78a3d57ae92ac2cf925da8	27.87%
2020-07-20	15919343.doc	doc	33c897cc3c1d11687231644af13032e24358c594f4b484a7040a3eeecfae7145	27.87%
2020-07-20	REP_316176174413563321974.doc	doc	0acf607beb7b1d944c892c27acd49b254a36f39059812903c9d8bcde71acc6e5	27.42%
2020-07-20	DOC_PO_07202020EX.doc	doc	a00bd0c41a60173a7d02bec198e21b3be8ce018289a2120a48b3cea32160de78	n/a	Heodo
2020-07-20	G_LVK_070120_HWU_072020.doc	doc	70fd23e6a829661f7fe775e5b73c20b09a4dbeb5b97648d0851dde0591a3b304	n/a	Heodo
2020-07-20	BAL_04004595.doc	doc	8811f4498f1b1d8729556a61a5683ce20c4270a64ee5ad0223185110adac5f2c	n/a	Heodo
2020-07-20	BAL_5VRHIHVRP4OC.doc	doc	f479686dfc59c7e2cf8607ef958b067288d47d2de6a92db1b0c1268b9862f42b	27.42%
2020-07-20	41510767.doc	doc	69167697c3c077b3ca6449ae55750d1712c20bc33196537fdbbe05e463aab195	27.42%
2020-07-20	HEQ_070120_NXJ_072020.doc	doc	1e146c18d65265b27e23f9ee84a8f1d20c046aa76c30ed386710a10cb0da2960	27.87%
2020-07-20	Z_DJY_070120_VXW_072020.doc	doc	4cf16b8ae2f4acfe07cf097092f011d77005a1289ed6b609851c04fb52dd78f8	26.23%