URLhaus Database

You are currently viewing the URLhaus database entry for https://biyaofushi.com/xkf1bbx/open_module/security_a8n_jdy/1764518343_6WZkUj0kZ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415696
URL:	https://biyaofushi.com/xkf1bbx/open_module/security_a8n_jdy/1764518343_6WZkUj0kZ/
URL Status:	Offline
Host:	biyaofushi.com
Date added:	2020-07-21 01:12:09 UTC
Last online:	2020-08-25 20:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-21 01:14:02 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	1 month, 5 days, 18 hours, 54 minutes (down since 2020-08-25 20:08:17 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-22	file 2020_07_22 191496.docm	doc	9386f4a822f6bb11eb7588717ea43c765b9501a32ca42607846f8f577ea7a8ee	36.07%	Heodo
2020-07-22	Doc.rtf	doc	542819b27b072fd1341c7dd6e46836eed08511bc4ae33bea70fccb341d1da1a6	35.48%	Heodo
2020-07-22	FILE_20200722_DBV49074.doc	doc	2f70b16353998d59b23275fd2ce681d5b5a4ee90b2637c6417d3fd8c5cfb49f7	36.07%	Heodo
2020-07-22	list-2020_07_22-107239.rtf	doc	3e4ddd1938e731730e44eb64c507528103d4584d6e9e3bd99c11b9d7dd4c14db	37.70%
2020-07-22	DAT_2020_07_22_DR765.doc	doc	3cdc4b152007b8583277c7ae4ad9e2df4b455d70ea68db4e16537a0354c97362	38.33%	Heodo
2020-07-22	Arc_20200722_8975.rtf	doc	f7275664692ef040fefb14a865a8821366d9b10fb7db80143d16e9406b39965e	45.00%	Heodo
2020-07-22	List-20200722-5292.rtf	doc	fa8f19803cfe9a6e50df975944454c4515e6025fb2fd271c7dbc5e37a55b7a34	45.00%
2020-07-22	mes 20200722 X461.doc	doc	55d70c009a9690b0ee4c4ff74efc426c649dde346d12bf0fdaaa117ff24d6750	45.00%	Heodo
2020-07-22	file-20200722-GXQ8765.rtf	doc	7e1e28f3605a3ed7b5c08f64e8b18ac845ca5545d5369a4d5bc62c4d496b6f10	42.62%	Heodo
2020-07-22	Inf-20200722.docm	doc	cfd1367dc37fad8a57ccd20f446a4f38c4eefa466ee3acdaa5762d2aa9b6d414	41.18%	Heodo
2020-07-22	dat.doc	doc	6b7b40d88b504e60c8c99d8988c2092cdf4faf48091132c4ef021930829c255f	43.33%	Heodo
2020-07-22	List 2020_07_22 517419.docm	doc	f075848ad6d384c4cf68d031f2acb0454e37bc993fc8fba6a111d8e744fac9df	45.76%
2020-07-22	Arc-20200722-338.docm	doc	38ff0a4a502e7e0992adc7b5078f916bd301d0769dcba3bf19008581f73fda52	44.26%	Heodo
2020-07-22	arc_2020_07_22_DXV50808.rtf	doc	1a1a63c15492564a8a28122abb9e6e957ea626c145b1e2712a5cc9f4c10c7b9b	44.26%
2020-07-22	REP.doc	doc	997f3689474b1e1be428b19fa9eb6927ccf37889b64e7cb0814a1effb83d6912	45.00%	Heodo
2020-07-22	mes_20200722_A364940.doc	doc	734dad5230aed9526b58500b15b424dade5b3fdd867f62450b8ffdcca616aa86	45.00%
2020-07-22	File 393077.docm	doc	a2bca2dbf8410837475af5b8e83246f69c279f4b502019816a62568d1ea4fa46	45.00%
2020-07-22	Rep_20200722_MDU641.docm	doc	7dbe324e0d12ad78dce60ff5e9cd95569b85088bdc2d6a21671c60e099767b7f	43.33%	Heodo
2020-07-22	Arc-5600.doc	doc	c8ca212cf1f2f9b71bce380a66889dc7a1b43f11dce7e4a85469e30cabcd8b28	36.67%	Heodo
2020-07-22	File_20200722_UED257347.rtf	doc	3a41b5672541c103127d7150bbc0b39ac13eede1d3851fc7c63484a3700f659f	29.51%	Heodo
2020-07-22	Dat_2020_07_22_834212.rtf	doc	79cb28f01264a585e6d085eff860653eb72ec7b1976323c1f310ff7bdf0b1598	36.67%
2020-07-22	mes 2020_07_22 435771.docm	doc	933c7f05b56492f880e1716a1240b0bf1679fb740c973b5adff2f3575ae2a3b8	35.48%
2020-07-22	Inf 2020_07_22.doc	doc	623c4ed3bff71e9b92646983452b40e40499ac21f3a3aa0647bbf37d3581b909	32.79%
2020-07-22	REP-180.rtf	doc	bcefdd2db5550c86f7721b4324328f45370dd06b6fc7434278387d60ab7443a7	27.12%
2020-07-22	Mes 2020_07_22 DH889.docm	doc	6babaa931bc26a787edf3d1d3118c0a45416f2e9deb01bc741decf522a2bda49	30.00%
2020-07-22	ARC-2020_07_22-5790.docm	doc	fe944646b7cb0e0e9aa528369b1d78018fd53529ca7c62d36030ddeabcd04775	26.23%
2020-07-22	rep-2020_07_22-478.doc	doc	f0c9f76f342ea1c5905bd4b18f1988ecfdfeca17ad3d89bf82e9ad372ffab247	26.67%
2020-07-22	FILE 2020_07_22 4079186.rtf	doc	d4018d53a3514d01e64c911be4b11366f66653c6ec88ee98419c61b0ced10f0d	26.67%
2020-07-22	Dat_20200722_ST9232.docm	doc	6f567c0477f01c7cb169abe9c9bbd5a18c39d7a68160438508adc626a2835d2d	27.59%
2020-07-22	inf-OER8169.rtf	doc	d3d731e1c5ed00a3123112f5f1b4d029a74b742ddf0b5a2639209b85f2930b18	26.67%	Heodo
2020-07-22	REP 81128.rtf	doc	d831521ed1fd89695ea1f405aea9680401dc470716ead9076e1c428afc608093	26.23%	Heodo
2020-07-22	File_2020_07_22_WAL599.docm	doc	bf08d9f7924956f144f0211f6ea48722fea5cbcd8dff6c661dddc5a221e13742	26.67%
2020-07-22	REP_20200722_523.docm	doc	4db416be55570ba71279738d715adc20cb5c44d1d0725b6ddd828b5daa6cf345	25.00%
2020-07-22	MES_20200722.doc	doc	586155893603026b83f2f51289bcb32825a2cbcf7f5b0bd9dad28b470d8453c0	25.42%
2020-07-22	dat 20200722 5779.rtf	doc	3550a00d6cf8efb047a97d984cc26719d87014434ff444e3b70427e1b1670342	25.00%	Heodo
2020-07-22	List.docm	doc	a73ea0967cbcfbf0070a32f075b9b8e4f448d2d60f08f78ef9439b64394fc035	35.00%
2020-07-22	dat_WZQ3370.rtf	doc	ea2d7326d8e860e69f235da25af02c8b2160ba5fb454083f69979e5dcb2c1787	33.33%
2020-07-22	List 2020_07_22 3001.doc	doc	7f263a139f4f41bfc3b57d2d77bb678ec6c917ad670f90c250ea5e01f4b2aa52	33.90%	Heodo
2020-07-22	Inf_2020_07_22_909.docm	doc	ba9cfe27ae63d8503560cac8f305d6d2bbddaba373f98e92223fbfa94cb0cf89	30.00%	Heodo
2020-07-22	arc-2020_07_22.doc	doc	84ee9ec33d16ade130e8842b327ab3d4b8480fada3bb6fb25ad854dea738e9be	31.15%
2020-07-22	Inf_AI01693.rtf	doc	67a974e69b33e54421899fd9e7ea3b833607832d2ad8f7c1d5723735f65bed82	29.51%
2020-07-22	Mes 20200722 KNC797.doc	doc	28e77291fea150f98e5ed9a57a4d4074ff204abc6e20218a7e67bb0e4b6e23f4	27.87%
2020-07-22	dat KH4951.docm	doc	c07649d058f6470af27cb972b0a9306496e2641bf959dd66206f3feff56b83c1	28.33%
2020-07-22	Doc_JCQ478.doc	doc	04b189501cde3a8e14a2de3bb20b7313da30db8f0a7af0862cc14e400caebe06	26.67%
2020-07-22	doc 19406.doc	doc	c20821e80c5ce943d4b87b9416329f0502a4da3c97044c8fd7016172353e1626	26.67%
2020-07-22	REP 2020_07_22 865357.rtf	doc	80cb12a6bbe9b2c3065f9007e9740b9f7d75dcf2bc68651848cb08f4ce619b39	26.23%	Heodo
2020-07-22	inf_194.doc	doc	ecec36458fac5fdf0031917d979c2539b70801bdee88e022ee090a48109e63b0	n/a	Heodo
2020-07-22	DAT-2020_07_22-TQ60003.docm	doc	5ba62e60945b4eadc0eaa81b0f2b31ce3b6d8c785130a6000ce906dafef73afc	n/a
2020-07-22	Arc_2020_07_22_7147.doc	doc	a726db669cad36b2fd25878a66e81894a830c83827693b16c8e8e44b832036c3	n/a
2020-07-22	arc_JZ270.docm	doc	ad71158fd2fa3ad570d1764feac2737214e1900c2ddcce1c9b7d1e347a53e357	26.67%	Heodo
2020-07-22	Rep_20200722_630.docm	doc	350d92067aa4bdb91f2f885ce60577427a73a14bebe3267e72f8716987eb6da0	26.67%	Heodo
2020-07-22	Inf_2020_07_22.docm	doc	7fb831a6988b9e816af85e485721d4e44b500b6a9d30af5b82cf9ec4d28eb584	25.81%	Heodo
2020-07-22	rep 20200722 KX37920.rtf	doc	ffb87064fd80238bc3cc8cecd8d855f504e0e8ece871014875a625d3b0752eb2	26.23%
2020-07-22	Inf-2020_07_22-TT90971.rtf	doc	d3bfea33a12c522ea8faa7840613e14c78035362c064c858c1467513a68ac9a7	25.81%
2020-07-22	Doc_20200722_AB446.docm	doc	812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981	27.12%
2020-07-21	LIST 70233.doc	doc	3ef294ca4013371b69d6af647114806b71bb3dc07fd56f12c078703411d61b3d	25.81%
2020-07-21	File 2020_07_22 0184.doc	doc	f03863257ba6bfc7e029c245f3dd3f892fe5a6aed79b625b2c7314f3398b723e	26.23%
2020-07-21	list-20200722-NT822.doc	doc	3e24c4373b1e2ba1e3d16925cd0d4a1752452402ae4aaa8ad8ce498bbff5335c	26.23%	Heodo
2020-07-21	doc-VM216396.docm	doc	cbccd20b9bc23454ec01bec4a0094e77dcc43d577666259f8d97aa30a118ac35	26.23%
2020-07-21	INF-0758828.docm	doc	97d6a51f311c9af7f316be2f4d5ed00901bc5eb08c6daffb87fcf98ba3bd851e	27.87%
2020-07-21	list 20200722 UET923353.docm	doc	139f5bcf4c7fcbe0a8a5d940c5d38dd847e2c979df74dcf680208e73b8ac668d	26.23%
2020-07-21	Dat CYW4898.rtf	doc	7b6d030461fbd94c985e17703889f54e8012d5ba9af413f3009e010eb28fae17	27.12%
2020-07-21	mes-2020_07_22-85510.doc	doc	b88eeea6841abee77c07e6b5243d98213c6997de1033e14ddec0cf10b9b11c35	26.23%	Heodo
2020-07-21	Arc 2020_07_22 KC186722.doc	doc	1a7ea77822d704fd09f8d01732909d19a62bc18b5d1d4a327261fd1daafe1418	25.42%
2020-07-21	FILE-20200722-Z616927.doc	doc	c52c38b76abbabdc92f8ae120296d6a44c5479c5624695adda1cd3aec00a0ca8	26.67%	Heodo
2020-07-21	DAT_20200722_IGA122.rtf	doc	fe0262abd2e28972585a28e0db4036c88dc6bc7858de8135e9cf58c599228037	26.23%
2020-07-21	FILE V835686.doc	doc	9f943a83654e34af90ea126ca921eae3fb9394833e7356a9446aac1579995691	30.65%
2020-07-21	FILE V835686.doc	doc	9f943a83654e34af90ea126ca921eae3fb9394833e7356a9446aac1579995691	30.65%
2020-07-21	LIST-20200721-63820.rtf	doc	2748fddcf19685fe54157b965c7332d3abe89dee666467ba9655e4ffb6d805e3	32.79%	Heodo
2020-07-21	MES_20200721_053237.docm	doc	954e8a3b2f224ae59b0cbc54c3f0585184cc2e26aed9315eefae4f05fe73a708	33.33%	Heodo
2020-07-21	Mes-2020_07_21-T274685.doc	doc	50d5051a82f97571415ca2550517c6872eca80692c7d6db605082a0b9876d34d	31.67%
2020-07-21	rep-2020_07_21.doc	doc	d678baaadbc56de5d5136a2bae9b233710d4016b9d09094c907e6a1442f7fca7	31.15%
2020-07-21	Doc-20200721-K49192.docm	doc	0ae15b3bb5ebff672c18e41566673ca0a2b355a3291cabdf1e68eb3c24502d7b	31.15%
2020-07-21	DAT-JRG2599.docm	doc	3e9d864db108ff21b3dbc6aee0596264668e95aa02677c5e98cb40bc9bf40998	n/a
2020-07-21	ARC 2020_07_21.docm	doc	fa34ecd729ebdf64de47192d76713cce9390f4f77b2b0640ea2ed67fa54f4d5f	32.20%
2020-07-21	LIST 2020_07_21 726604.doc	doc	3d808e9e116ecad94d0839d1a951f8aa24c96f6dfaaa774a889edbb38c857b56	31.67%
2020-07-21	List 20200721 ES973917.doc	doc	b245eea1d0569a4ba8e24c96f41af5fa75efa79b0308c9fc56adb52d053ea467	31.67%
2020-07-21	REP 20200721 72036.rtf	doc	4702bfa3cce588e00e72da6918a41ca19da01547f668f0d07950765028a333ad	30.00%
2020-07-21	Doc-2020_07_21-050.doc	doc	84208f7aeaf31442b3b84394ec70e6c7d6d03b854990a567dffe1702c392bf9b	30.00%
2020-07-21	ARC_2020_07_21_PLL1038.rtf	doc	620ec5ba9b3488d2f0df3f27c7efbd786e501f76dc0cd1e11e70e9783968374e	30.00%
2020-07-21	DAT-7289309.docm	doc	76b3bec66b692ad45b4c647003c0e5e5b5a3d416c87a613b7094960050adad61	29.51%
2020-07-21	INF 20200721 FVG780.rtf	doc	cb0734252b9b348cf76a68b0be66b4f8d0b55eb1cde79ef55690241f2e3b6017	27.87%
2020-07-21	rep 2020_07_21 8001058.rtf	doc	d1f13cff50c5950b6842f81fb632405df63e1d6a953d4d912b3f5ecfb1afa55d	26.67%	Heodo
2020-07-21	mes-2020_07_21-A16473.doc	doc	15617b37ed587c9af7ec3de8d4aabd3de95ded6604f652abea14822da2c94ce0	28.33%
2020-07-21	doc_20200721_2660.doc	doc	c7822a15dfb48ca078ebc0a41816b3bb1925bba9198831892a7e77fe64e84f42	n/a	Heodo
2020-07-21	MES_20200721_WN84691.doc	doc	a82dd2141315d36a0f9ba74bb443a40e0495cd089323254c35d0c4686249de7a	24.59%	Heodo
2020-07-21	MES 20200721.docm	doc	64eee4aab6935f2d3d11646b1c38bdd7519aef0367f417afc89d07c5b15b8eaa	25.00%	Heodo
2020-07-21	Rep_2020_07_21_PGR253702.doc	doc	bde282cb96f5986ecffac2e217f661fa0f00c92f1e4b2a788aad9cbd53a2eb51	25.00%	Heodo
2020-07-21	inf-20200721-6575943.rtf	doc	ad614712ee0ad71a7408a527a3a2051489b0ff4f08038b7a676ad967ea160fb7	25.42%
2020-07-21	list_2020_07_21_SP54040.doc	doc	23bf0066e26b5b6e2403af2810c57d5ee5c0e04cfb175df6c134826cdb68bce9	25.00%
2020-07-21	INF-2020_07_21-9446.docm	doc	0f8288ecc5022d06cdad8fae0c835f114f39303b84778aa885154623802bf532	24.59%	Heodo
2020-07-21	Dat-2020_07_21-2676489.docm	doc	2ca73f1a05968d4b943d63a222a24f60dc110520525bbe15e68784c841b11e18	n/a
2020-07-21	dat-2020_07_21-PIG614895.rtf	doc	e4ec2e54b07ab9d2efbe99644cc82bfbcbbe04e644ec0f2a84738d51eb3434b1	24.59%
2020-07-21	Rep_2020_07_21_25333.doc	doc	7701cb5a8f75904004c1438e6e79eaac41be47f7d454a35f7ab373b2ef1aa392	24.19%
2020-07-21	Mes-20200721-WN288.rtf	doc	477bc137f269ae86b7049d592f7588c5f063e569db20bd09ff2bea3a04aeba06	n/a
2020-07-21	Rep 20200721 6319.docm	doc	77381e8fde74067c151274bc344395ef59df227e209ec80c0d7879aacbd5d654	n/a
2020-07-21	Dat ZV901876.doc	doc	eec0262941bfb2dcb8d29f6ef1ccc699726ac66beb04d7d34e8da3281cf19c38	25.00%	Heodo
2020-07-21	arc_45240.doc	doc	2e716647297132c94bca63747c48379889273658b12366fbe0e689a2b9966470	24.59%	Heodo
2020-07-21	Rep_T6056.docm	doc	c915922a81a8064f3c80285e3615bd5aaeb6452a92f4588fe03bdc81caa840a9	24.59%	Heodo
2020-07-21	doc-CFE812.docm	doc	7b19a0f8eec4e97830795e9551e2f09ceb4fe93fab484152127439f952f2b404	23.33%
2020-07-21	inf-4609764.docm	doc	a8d9eceee2cd3735b96abf3528e7ec3e8e2d8ceb8991c00c7ff479e9034655f5	34.43%	Heodo
2020-07-21	dat-8759499.rtf	doc	aa4a6dae1e4ea4aaa6e4539fa9a3fbb129544c7d56807321757f41321b723abb	33.87%	Heodo
2020-07-21	Dat_6004.docm	doc	f78e874b4d5c5dedede72b85b571f2b04d8edba617b6634d95c2af181e6e4dd7	34.43%	Heodo
2020-07-21	list 2020_07_21 RGO2782.rtf	doc	793132996a7b6875055c2bdbde2173f37e68ce5f04ab651acad13f84ab89cb82	34.43%
2020-07-21	list-20200721-359.docm	doc	276568f9c3bb230aabe183dbfd02ad1c36b7aa141d382d34a839a611a422c07f	33.87%	Heodo
2020-07-21	Doc 20200721 JLQ339790.rtf	doc	754a0bebe018b079d9d9260256ea2106b4b5ad9a654c8b8a1989bf6e3f4568f7	34.43%
2020-07-21	arc_2020_07_21_9039108.docm	doc	5816bc271d88617e627d64210b8ac9df417f8072b362af861ade766137eb1564	34.43%	Heodo
2020-07-21	Dat 20200721 VU18613.rtf	doc	64e7979a0a88d8e4966eed6599bb3da83701dd82475c6aaf386f829bd3cd0672	33.87%
2020-07-21	MES-QC482354.doc	doc	3bc869822322f3e700ec706660323daeca6ea90553d0bff45ce1fdc1ad6dfcfb	32.26%	Heodo
2020-07-21	Rep_20200721_W077594.docm	doc	122b0d68ee819b2ceb91c0b2cdcc0327860dadbb29f884a776968a58c9480ec4	32.79%
2020-07-21	ARC 20200721 EC9053.docm	doc	86615d32b685ca8d74d59c1c848216fac1eb779d126a183795f316a6ff0014b6	32.79%	Heodo
2020-07-21	File-359499.doc	doc	41718a7885dc57496b953e118a0e425ba2af1e37a2a3a868cf05ac83e3db792f	32.79%	Heodo
2020-07-21	Arc_20200721_372538.rtf	doc	17b13b1948a1c62c351e36b44e34a7396ba4ee8be1db4dcf19479b86dfa66447	n/a	Heodo
2020-07-21	REP-2020_07_21-857.doc	doc	cd605825d74d60677fec41c84dc39462658ebbd5edd8e29cfe9610a29291b3e9	32.79%	Heodo
2020-07-21	rep_2020_07_21_14731.rtf	doc	1ac71bc3a613397302fc4eefbe3d81f107740541b6a87e051b452eaa6e74f3b8	32.26%
2020-07-21	Rep 2020_07_21 9812.doc	doc	66b870c1a2306af292f8ec65dc352dfd8b27948e379bd63a843b965a2b301f99	29.03%	Heodo