URLhaus Database

You are currently viewing the URLhaus database entry for http://www.cliplus.cn/keys/open_box/external_HXGp75_L7PZJNaO0/6911549_gMzCc1R/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:416243
URL: http://www.cliplus.cn/keys/open_box/external_HXGp75_L7PZJNaO0/6911549_gMzCc1R/
URL Status:Offline
Host: www.cliplus.cn
Date added:2020-07-21 19:27:42 UTC
Last online:2020-07-22 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-07-21 19:28:02 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:14 hours, 32 minutes Good (down since 2020-07-22 10:00:27 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-07-22rep-20200722-O7361.docdoc d3d731e1c5ed00a3123112f5f1b4d029a74b742ddf0b5a2639209b85f2930b18n/aHeodo
2020-07-22rep_20200722_ZJH5211.rtfdoc 21443c68d64ecddd740c7966067a4bed9de79aa081c06b9ad97fe8d8d0e0716bVirustotal results 25.00% Heodo
2020-07-22Mes.docmdoc fe72f51e83a5d435947cbe8244e3e7c469c1728cdae403e320e0d86c99d8a4b5n/a 
2020-07-22DAT_WH932525.docdoc 656f9f7c087bc9a3d272d1aea2c369dcfa89d33e5fe59b61e4a57d7b181904d2n/a Heodo
2020-07-22ARC 09186.docdoc 586155893603026b83f2f51289bcb32825a2cbcf7f5b0bd9dad28b470d8453c0Virustotal results 25.42% 
2020-07-22Rep 2020_07_22 ITC76668.rtfdoc 5f8f03dac259139c91440fac04597d61760db8a622f10373db2ee788bad842c3n/a 
2020-07-22Doc 20200722 SOV904.docmdoc 737f7e0557c9203033464070e06e23e7675c8325abd0083d1ebbdaca3f7eac2eVirustotal results 37.29% 
2020-07-22dat 20200722.docmdoc 8aec85cd8e1f0f312d2a3442272e4634ea845690457c6a516b51378c868a1c34Virustotal results 34.43% Heodo
2020-07-22Mes-20200722-8346820.rtfdoc 20f29a9a1184a44a6ce629ca9668c86c1e6cbd4479a1bc1c3df082d17a1762dbVirustotal results 33.33% Heodo
2020-07-22DAT-WU718.docmdoc 80521c4140fb416730b8ae61ecbff6869f7ec3833a13b87ce652285e69632c58Virustotal results 26.23% 
2020-07-22List_20200722_46053.rtfdoc 812ed74f92912f98accd025c7c64b9c943032b3379fe1c9654a9deeac6d8b981Virustotal results 27.12% 
2020-07-21arc.rtfdoc 435f4fc1e9a6888f671e834bbdce6aafc5928c7dcffbbbe728f18573b73da965Virustotal results 25.81% 
2020-07-21REP_20200722_8509.docdoc f03863257ba6bfc7e029c245f3dd3f892fe5a6aed79b625b2c7314f3398b723eVirustotal results 26.23% 
2020-07-21Mes 2020_07_22 4510095.docmdoc c1cc356eaf49711b7673b9c27f015163363a60417ad3b9b7e6883015b65d80d8Virustotal results 26.23% 
2020-07-21mes_20200722_797.docmdoc fcafb5e437845e9ae17fd02ebb6233cf43399f17ea4371629c71a80ab5f17444n/a 
2020-07-21list_20200722_774.rtfdoc 2027e8348e8d2f364d55b2bf47f9a4b37fd2ff7aabdda5ed056e3f6cd42cf777Virustotal results 26.67% 
2020-07-21Arc_20200722.docmdoc 139f5bcf4c7fcbe0a8a5d940c5d38dd847e2c979df74dcf680208e73b8ac668dVirustotal results 26.23% 
2020-07-21dat-20200722-VX56107.docmdoc 205a04626bdf6f3da605d8f8ba60126d02451085528330524d899a38520be8c3Virustotal results 26.67% 
2020-07-21arc 168903.docdoc 7b6d030461fbd94c985e17703889f54e8012d5ba9af413f3009e010eb28fae17Virustotal results 26.23% 
2020-07-21MES.docdoc db88b385b97b7038cd233960f7f99ce350a72a3eecf6bbbcb227645f111d4e7cVirustotal results 26.23% Heodo
2020-07-21Dat 20200722 3437303.docdoc ca4ae10db92df8cf44bacee70e7560ae411a37d1559687ad47687282ca447526Virustotal results 25.81% 
2020-07-21file_596.docdoc 96f45a5c51839644dbf8e9f7ffaa226944422285dd997fc0ff8c23a883b18410n/a 
2020-07-21rep-20200722-97193.docdoc 8aa3e958943656f026b02437d4c84ed9268018560390b8ab0d9807c7b23c8b41n/a 
2020-07-21ARC_QUL985.docmdoc 98d8b98bd54ffaf58b4138432af87d23d2ae108878d2778b22625ff04317237dVirustotal results 26.67% 
2020-07-21doc 20200721 FGP131.docdoc a498a07bd860a86bd937ea230aea64bdbc55c3040d90c13e57a2670608c1af3fn/a