URLhaus Database

You are currently viewing the URLhaus database entry for https://u-firm.com/tpbnh/ajfx9t4a2gz/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	415726
URL:	https://u-firm.com/tpbnh/ajfx9t4a2gz/
URL Status:	Offline
Host:	u-firm.com
Date added:	2020-07-21 05:25:16 UTC
Last online:	2020-07-22 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-07-21 05:26:04 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:	1 day, 1 hours, 39 minutes (down since 2020-07-22 07:05:06 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-07-22	RZHV_480978687546594904044.doc	doc	e9803e31e8dd4c70a9e476d9dd61e927988fcc98f5c901e18e0597c8dd765b60	27.87%	Heodo
2020-07-22	BAL_0UDASNAUNRARCWOC.doc	doc	f9c93aa61dd4cb64cf59976fbb246f87744328a2a1fd1233945c84fbda2c0aae	26.67%
2020-07-22	REP_KU0688930005DX.doc	doc	6999be5570232cb11189a152478254ef33470426036d88fa74b45305031efb73	26.23%	Heodo
2020-07-22	DOC_PO_07222020EX.doc	doc	ee36488e9d6d8ea09cff02367c7212d0503f376346c3b40aed03e01c1b1aa668	26.23%
2020-07-22	92982127.doc	doc	e563992a8b913e222c4f08cd1cb89a4e4af61dc33d30f455e7e3f4fbd039666d	26.67%	Heodo
2020-07-22	INV_PO_07222020EX.doc	doc	adecd8241c21aa989810258e39d162aeb6ec0b86ca6a884fa3a542ad306a1c63	26.23%	Heodo
2020-07-22	DOC_VTGPATDA57YL.doc	doc	a76feea95a298d6f94ca0a719376f30e4409a18555e10bdb1e90a24c7facf294	24.19%
2020-07-22	INV_HC3492450747AJ.doc	doc	c14ddeac4500ec2bb65828bcf770f5ce11a369ca829f2c68587632e1dccfd995	24.59%
2020-07-22	FILE_THZ_070120_CUP_072220.doc	doc	5f5a353ccf0dbcfaa0859d0a1db152f2d40735bce47864d7ef9c12ab93c8ca88	26.23%	Heodo
2020-07-22	INV_OS1683426524BP.doc	doc	f9b9806f9c7c88864e0ff685eaab801a085f8c567b7d6993101bafa58c4833b8	24.19%	Heodo
2020-07-22	FILE_29831111.doc	doc	0b88f7457627bb2ae6f62990289a2e3f1a378c01892e3715bec08b94d13206f1	24.59%
2020-07-22	J_FE6PM440B04H.doc	doc	f4ca24a43791c023e2992042afaa7e31c98e1352f74e1b4366f6b52627a51510	24.19%
2020-07-22	DOC_032039816525.doc	doc	b45b106204a66b5d0111681b932137b590dae6124c7176abee5740917c77e871	24.59%	Heodo
2020-07-22	FILE_6LH7MSMSV58Q4.doc	doc	1ff7a8450997cc013c4527af47bac34423607b8fcda043bca82df0e6b3e823e4	25.00%	Heodo
2020-07-22	YIS_070120_KTJ_072220.doc	doc	ed1a41469969a80fefc58566124f44e0846bff21d8e51d897da0d10b2386174b	24.19%	Heodo
2020-07-22	PI_08999012759687138.doc	doc	10963f8cec95f3f18634db9382cd4403523a624d72a459c29c9c3baf27097509	24.59%
2020-07-22	REP_27385779.doc	doc	73962239e4a48429f588ed5950e69d8ba450efa22a2265afe97bf689935caf47	25.00%	Heodo
2020-07-21	REP_3793996482912887111.doc	doc	c6ca23f36d524391de9970059d2e0faf54270286e320503e3eadf282ab5082a2	24.59%	Heodo
2020-07-21	DOC_PO_07222020EX.doc	doc	737dad0010dfc90068d5db4073a76c04f2e9aa7549373686028374e3bbbdb652	24.19%
2020-07-21	DOC_6787744624510283485.doc	doc	5c3d472318679572aeebf4c76cf7f2ead0f39f72e9d9d3e26604c88f35364b4d	n/a	Heodo
2020-07-21	INV_NTA_070120_LRR_072220.doc	doc	dcd97e231a7928660c49c35be9d5b8f839ccd3e2b8882ddd60c22b1bd012ac4c	25.81%
2020-07-21	NZF_36010770.doc	doc	bc7398dd8ac94a9ff8ca7a93f0755681ec84ca7fd05058ddc053cd16e1b3f4e3	25.81%	Heodo
2020-07-21	96533494.doc	doc	c0af5b3ed8e1c92c57aa0e1b6f60d24b4ddc6a95ae92906d793d88413fa9904d	24.59%
2020-07-21	SQ5976870400NL.doc	doc	eb1f5512e10d3a5224fa2b7a8d42a8b6fdb1b4fa705c24514c2b04fa6fa3bda1	26.67%
2020-07-21	11758007.doc	doc	bfb0b36ae7105ad67727e68789279e3550b6750177ae7c2fc1007438f686f070	26.23%	Heodo
2020-07-21	BAL_GLP_070120_QLE_072220.doc	doc	eb3009e003594f7c6d5a2c373db44fe65d9acc0be9c31c317bf9ebfad08e633e	25.81%	Heodo
2020-07-21	FILE_16210437.doc	doc	2f4719fe8c7d6c5de85448ec6a443b49b51cbee1b16d7d67e6a8e497a3b5cd7f	26.23%	Heodo
2020-07-21	INV_ATA_070120_GXI_072220.doc	doc	0c69f537211ca18ffdcd88151cd0e09636aec3e5708e6fde3df55bea4884ba5d	26.23%
2020-07-21	406305614.doc	doc	cd6f41e3821d55917fa4a0cdbe223abdb97ed8da6f7870d449d8e81ed6f9ec69	26.67%	Heodo
2020-07-21	SQ8591761429AA.doc	doc	6616cbabce1dd4cb3515191b2ed913e01a7ffc8b1cff8ec410600930bbdf7f3f	26.23%	Heodo
2020-07-21	REP_PO_07212020EX.doc	doc	5966dbc11d924231b5d148a1a821154f88e469adcb6e884d4dd5102c9e598e9f	24.59%
2020-07-21	REP_FRL_070120_QHB_072120.doc	doc	a501ba4d5001cfc0fdb0e8b95b1dd154dc0c9c3d3e0ffdce873526f1855bc618	32.26%	Heodo
2020-07-21	REP_FRL_070120_QHB_072120.doc	doc	a501ba4d5001cfc0fdb0e8b95b1dd154dc0c9c3d3e0ffdce873526f1855bc618	32.26%	Heodo
2020-07-21	DOC_OZ2078270187JK.doc	doc	ed1fa22cd74f33f9e0a5d4191f4b7304925eae53db04e752d2095134b6f0100f	32.26%	Heodo
2020-07-21	PO_07212020EX.doc	doc	3272cc94248da1f2887200825c05ff98d655ad34c77c5f92e87ffca784324a54	32.79%	Heodo
2020-07-21	FILE_56506213.doc	doc	c10a582916f0da5e84bc38c9cbfbd8bc5b42f1626d9ccebffda99a7a48b90fc9	29.51%	Heodo
2020-07-21	X_T3UI0199GNBVZMR5.doc	doc	4b9e26f2c63d249bd9be365f44513691d3aa8461f77b10638c5f27fcd5144568	31.67%	Heodo
2020-07-21	REP_EFGPJ95T.doc	doc	6acb37f46741819ca10ee4ccb7f88dc94b5dc36a3a1c5c366450d76db4b42a6c	31.15%
2020-07-21	REP_EFGPJ95T.doc	doc	6acb37f46741819ca10ee4ccb7f88dc94b5dc36a3a1c5c366450d76db4b42a6c	30.65%
2020-07-21	DOC_BZ3727967185ZI.doc	doc	bd6a09f3141166fa7bc1c7b79ffb618c31312131de5f1829c37ed66f6099b284	31.67%	Heodo
2020-07-21	FILE_TWA_070120_CWK_072120.doc	doc	4bfbfb5923eb71f021f091cbf5ee00a93a33fa778ffc90650b2245de3ace463c	30.65%
2020-07-21	25914545.doc	doc	15416a6fc11e7393653dbfbadaf3a03a0948ecfa7aef70fa367412c3b68d5ede	n/a	Heodo
2020-07-21	FJ5792943925TU.doc	doc	d159652e82699b29e122292ae41629d7c880e1f62e23842f6977cb04533365f9	31.67%
2020-07-21	64252348668195490976.doc	doc	cead2b444fb70319f7ad607f10b254f3888d97ee61adb8a5be9492f259718ec9	31.67%	Heodo
2020-07-21	FILE_6U9Q6RTZ4FHYKK.doc	doc	c50850a81ad3ce08fc961162e1082494177f8e501dab0e698bce46ffef854ef6	27.87%
2020-07-21	BAL_LYC_070120_YMC_072120.doc	doc	9730ab9a8c60bf06cd93ddc13f7a80f30ce61e20782b9ff1c85dbeff59e3062b	n/a	Heodo
2020-07-21	19534090.doc	doc	26d6a947ace5dc20b8511699014a7230d627b181f37246807ea85cdeadea61fe	n/a	Heodo
2020-07-21	REP_DKH_070120_KIX_072120.doc	doc	b256eedac4c8041fbc722fd1b36b17e5fd7a9a5004f974cef3afca5b5ccadcd3	29.51%	Heodo
2020-07-21	WAZT_XA4345423371VI.doc	doc	e8eff9852fefe1a01b140600735f3b9abecfd2f1bb93929c8955778bb11d0681	n/a
2020-07-21	INV_PO_07212020EX.doc	doc	ace3f1e921953c5ef33479a1772138bf5c88c39e1677a8e5a78905066d4818fe	27.87%
2020-07-21	M_T3S7YNRS.doc	doc	8d53a88575b2b26b3fe78df74205c739baf12ccbe1d51e27853d2ec4ed6aea5b	27.87%
2020-07-21	69903922587455792428.doc	doc	ced32d6bf400cc3bb59aa1929efa4c17228064153ca0615288fc1fefde35f11b	27.87%
2020-07-21	DOC_AFCKCF06XDLR.doc	doc	6aae57a7a60c8c2529948a9290becdc90f10be950ad2133ef7cbb1c366693f4e	26.67%
2020-07-21	C_4951291802228584055201.doc	doc	5f79033b6a54db8f8075b5fa3c0629142bb73e654e4aabb10f5e905942a4871d	24.59%	Heodo
2020-07-21	FILE_1135361197.doc	doc	b4f865e3011a63a5b8a0da14876282d97d5144e153f8316025555d276602d335	n/a	Heodo
2020-07-21	DOC_JUR_070120_GOH_072120.doc	doc	281280ed257511ed8f8f2b291a83ce2978bc6e6f14c52ca9ce10540c70cf0605	24.19%	Heodo
2020-07-21	Y_63429207.doc	doc	a77f0d09a07d8f85b737d25216501b343e22c4e04a6f88b16dc1ab9ea1b2a222	25.00%
2020-07-21	6ISB969DDX3RVO.doc	doc	b1a935c9a64f8a2191e613e696c6df7a5892c608ec14c6f72c3459c4a62f2865	25.42%	Heodo
2020-07-21	BAL_UQJEYLCJ.doc	doc	d40a13f38676eec40c7fc38f03d55507495374f948219045d50e6ae6af725275	23.64%	Heodo
2020-07-21	BAL_PO_07212020EX.doc	doc	6ea128ea049d2ebacb539514c677bb05791d9844046f47e6e1e3dc783f2942fb	22.95%	Heodo
2020-07-21	C_PO_07212020EX.doc	doc	003110462b096556a9d96dca0472feaa2dee2edaf6d8d0e179dc08a8a8f2b775	23.73%	Heodo
2020-07-21	REP_MF0461652356HJ.doc	doc	76135328ce70dd5755fa54408d962b10954d6bb5c47f883a7c2bdd1defbebb9c	22.95%	Heodo
2020-07-21	L_PO_07212020EX.doc	doc	7205124c976d15cd097c35d5c82d63d616b710da7b82ead06faecf91fd620405	n/a	Heodo
2020-07-21	BAL_GBU_070120_XUW_072120.doc	doc	f2e0593ca696ec36f6b813e857b8fe6741252d7b65df42e5e16bb3c80bc7a90d	n/a	Heodo
2020-07-21	I_G2RMCXKDD.doc	doc	49e7f3d18db1b3402794fa15a11d36c41d2857d4a668834b6178d0c739e2f821	22.58%
2020-07-21	6746273430420714472.doc	doc	59e827ab690ebe0398ef2409db0e89fd63ebe9c9a198ed0cd9febc218813f6a1	22.95%	Heodo
2020-07-21	FILE_WCE_070120_FJD_072120.doc	doc	b946948073ee057b1f1cdf3b7c54098e9eb35bb8736104d13e2f3febb038f2b3	n/a
2020-07-21	INV_US1226746309QY.doc	doc	252e3f0055225fdaaf98be11f4b12f61d98b7311d4aa43aaf9cca4de02b07a26	n/a
2020-07-21	REP_HK3687283991IM.doc	doc	660ff4d3124a99db58894556a3461eda17393ca94c27e075185e72536eb6735e	n/a	Heodo
2020-07-21	BAL_VHA_070120_YOK_072120.doc	doc	fc2bb7719f33ff249113e3c05c4b2b6fdbc99190e250b3073295e271c553f0d0	32.26%	Heodo
2020-07-21	INV_CKV_070120_WJK_072120.doc	doc	c5862b85395572c8c73f166d1a10c2c92a01f07540ac888627c50ebc89097e02	n/a
2020-07-21	FILE_IP2316263092HV.doc	doc	53b9a409018adc25ac26a608d9fae417659211d8754dbf7f07c3e4710a026774	32.79%
2020-07-21	HZJ35M9EQMKR97H.doc	doc	f17f0b864c299e49d3d4bb400964b37b9eb15412b9c8f931029fcf68417aebe9	30.65%