URLhaus Database

You are currently viewing the URLhaus database entry for http://39.97.180.247/4lh/statement/0lt445/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	416280
URL:	http://39.97.180.247/4lh/statement/0lt445/
URL Status:	Offline
Host:	39.97.180.247
Date added:	2020-07-21 20:16:07 UTC
Last online:	2020-08-03 00:XX:XX UTC
Threat:	Malware download
Reporter:	spamhaus
Abuse complaint sent (?):	Yes (2020-07-21 20:18:02 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:	12 days, 3 hours, 59 minutes (down since 2020-08-03 00:17:17 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-08-02	QOGH_GGK_070120_QJF_072220.doc	doc	05157d40e0b9fdf94de01e8877116bf9c509275c27909e2c9a17d49ca63479c8	65.57%
2020-07-22	INV_94516889.doc	doc	782736531e733d8dc455a8d1c25318d69d3bbe81a3d9ee2f8f26322d40d242a6	n/a	Heodo
2020-07-22	INV_GWQ_070120_VUH_072220.doc	doc	f1b7132df8ec796787268640384eeb445a1ffc5c0ad9f2c780ad7383f2b9e185	36.07%	Heodo
2020-07-22	REP_DND_070120_XKL_072220.doc	doc	e36be98a3e3d568430d52706ee06d935e126942b2a5c2453f5478d8c0d58acb7	40.98%	Heodo
2020-07-22	DOC_KPD_070120_YBT_072220.doc	doc	605e68db4024034f722b64cb62676029ba7c1ec38fe58ac535909068a5d53535	n/a	Heodo
2020-07-22	H_10967327.doc	doc	fd2c6130cd3a5d6056aebf171e64dd498f02a42d48ac937ffe344d43318776cf	40.98%	Heodo
2020-07-22	RY3398669570PT.doc	doc	067ba9cf327a1e5805876399eb60e0766480e8569c950130e43141b645b6a4bc	n/a
2020-07-22	FILE_PBU_070120_LPE_072220.doc	doc	4c7d082113207da04e3d77eac9e2bf7b4da07696a95ae196978d4afb789abd86	n/a	Heodo
2020-07-22	FILE_SJ8584588733QR.doc	doc	432d6d6881a6d2006ee6d849c32688e7243f4b6f06e42ebeaab0665807c3140e	40.00%
2020-07-22	ENEE_33407168.doc	doc	eb4051dc4e8ab1d0de977358994f5e9fe2b9028525fbcf19e270142a0ea54957	n/a	Heodo
2020-07-22	REP_84698419.doc	doc	382c3e95cc13f711cd343ed378dc4865b2e3f7b6fe31bdf6c7329624566f72f7	40.00%
2020-07-22	HRQL16B7O.doc	doc	3989307ebddd245bda87431ce5df1c47f236f62ffddbd75ea3d36a68ab9fc77a	38.33%	Heodo
2020-07-22	REP_31193675317334516.doc	doc	ad64b9d43e975aff3eea26608a183a9aa7f3558ad48b5dca3641aa50ee650eee	36.67%	Heodo
2020-07-22	INV_ZVH9FEGK3550G3UQ.doc	doc	3249c6416297b56a2e2b0f8e5a7953a0d8ed783591de7cdac42bdc694631f11b	37.29%
2020-07-22	REP_7855335665170476629926151.doc	doc	a1169e902ab8c4c2dc02af0a77012bbc44d149973cdf8002231a3f9f177a542f	36.07%	Heodo
2020-07-22	DOC_587195910.doc	doc	6ddb1ab381e127fb09e8aad4fe9c0b336d0b7642398da88031954d7ac6b94d54	n/a
2020-07-22	DOC_WP2277395893PS.doc	doc	5094c26c5d8795c7cfb7d55342ba1b11cd3d4407b6a42681793e6ecc8f9c5a52	n/a	Heodo
2020-07-22	BAL_2243848550.doc	doc	58fed77d65ab247bf9ed40e6b6af1893c6fcc68f323b8fabf25b25a5e5107203	n/a	Heodo
2020-07-22	BAL_4734734715876.doc	doc	15c078915b811f8f8fe55ffe072209f0b74b8ba3988940e179508e510a79cef2	30.00%	Heodo
2020-07-22	A_954199930492599226515220.doc	doc	ba4417524d4ec820b4eb5bc47ce13c88930355211107e1866f24d0888f36186a	26.67%
2020-07-22	19U9I9HE5N69H.doc	doc	99e4ace02c6584969197f86d1122c6dab6d35545343a0138df9821a3a71ddef3	n/a	Heodo
2020-07-22	DOC_97893122.doc	doc	5c1251139b141b728d3489236c0c8cbd8762fc941f5aa0476d86b6adf4a90c0c	n/a	Heodo
2020-07-22	PO_07222020EX.doc	doc	ee36488e9d6d8ea09cff02367c7212d0503f376346c3b40aed03e01c1b1aa668	26.23%
2020-07-22	REP_004067399533947932356.doc	doc	49e20fcd1ebe7943437c809b881031d59e45a98614d1c7af96b3c1835d4586cc	26.67%
2020-07-22	PO_07222020EX.doc	doc	44649b15c8270438769bec658bd63477e64a1164f0e721c002eedaffd43b5256	26.23%
2020-07-22	FILE_3270335164611675771.doc	doc	3d556f0009c372e7b8c40ee0d72ef13026b96bcf3268a7dd838eea37029dd3cd	n/a
2020-07-22	IF4882103793OF.doc	doc	61b94e8bbe7564405293dadbf39ad662250c4327556639f79c09ee9e56cf909e	25.00%
2020-07-22	BAL_PO_07222020EX.doc	doc	76cd4728c9c57fde8056079802fb6fdfb0c81026b26d5b095c8c08bed13f0e53	n/a
2020-07-22	U_PO_07222020EX.doc	doc	584fbf65a3d7eff0ed9282b47d237781da7f7aeb0092ecd034d3edb66adbc6df	24.59%	Heodo
2020-07-22	PH5388250058UC.doc	doc	91e07fd7aa524859f51ff55a874649b91f7d9a4672489458d204054fff2cb9e6	n/a	Heodo
2020-07-22	BAL_XLH_070120_SDK_072220.doc	doc	593793a914684244b3c51333736fffc1cdc69c51759831c888b66e6a07ef8b72	n/a
2020-07-22	PO_07222020EX.doc	doc	756efc8d3530d9e9b4141763d1a89a2092a54347108a59790356c0c3506082be	n/a
2020-07-22	OBBG_106256340.doc	doc	b45b106204a66b5d0111681b932137b590dae6124c7176abee5740917c77e871	n/a	Heodo
2020-07-22	14622714.doc	doc	ed1a41469969a80fefc58566124f44e0846bff21d8e51d897da0d10b2386174b	24.19%	Heodo
2020-07-22	FILE_PO_07222020EX.doc	doc	10963f8cec95f3f18634db9382cd4403523a624d72a459c29c9c3baf27097509	n/a
2020-07-22	B_PO_07222020EX.doc	doc	afb0e524b7db64a122b728e245c9696835a816e3cf272da3b39ac35bba514abd	n/a	Heodo
2020-07-21	REP_UXF_070120_QLB_072220.doc	doc	620ed9cdd6372b6bd9572a507c6c349ec07cd10cb45cb36216f21e2e6b025d2c	24.59%
2020-07-21	V_IBY_070120_UMX_072220.doc	doc	c6ca23f36d524391de9970059d2e0faf54270286e320503e3eadf282ab5082a2	24.59%	Heodo
2020-07-21	PO_07222020EX.doc	doc	036ad59b6976510e9ff4cf18b0c06525921206e2fb2d09135c41308923ff5d80	n/a
2020-07-21	OEY_070120_GNI_072220.doc	doc	443699b3e3b9a7f6acc2e21bce3a2bfab58a5fc166c408de2a1d5c8f57ed7376	24.19%	Heodo
2020-07-21	K_TRD_070120_FBI_072220.doc	doc	dcd97e231a7928660c49c35be9d5b8f839ccd3e2b8882ddd60c22b1bd012ac4c	25.00%
2020-07-21	ZN_YSYSW8CF0FRC7L.doc	doc	7e47c58806cf3cae28917cfb1b478bbbaaeea2623cd694c12056b2f2aafc7d48	25.81%
2020-07-21	YUV_PO_07222020EX.doc	doc	c0af5b3ed8e1c92c57aa0e1b6f60d24b4ddc6a95ae92906d793d88413fa9904d	24.59%
2020-07-21	INV_J1H50TP.doc	doc	eb1f5512e10d3a5224fa2b7a8d42a8b6fdb1b4fa705c24514c2b04fa6fa3bda1	26.67%
2020-07-21	FILE_11758450141872716250395.doc	doc	d8f6127bedd179ef5edf45af00d0b8df5f155b3809547852712c6d1db6774609	26.23%
2020-07-21	DOC_PO_07222020EX.doc	doc	8eb64aab66595068d57e0a19e1b9798ec6b5a087c929086cf1325fa98a3ff1f4	25.81%
2020-07-21	BAL_PO_07222020EX.doc	doc	ed83c94a771e57b78025258c6f5247debaee74c1bfed17a2cee430f31ff91f08	25.81%
2020-07-21	INV_RR6532101673BA.doc	doc	4a6f267daadb0dd612dfec5f99bfda7da3e527108b3105e2ad116bb9ccc92c51	26.67%	Heodo
2020-07-21	FILE_25955518.doc	doc	d8933ce36dd7bd2fbf2e372ca40c7ee22a00f7461fb60ad92cb80d82f0554ac2	26.23%