URLhaus Database

You are currently viewing the URLhaus database entry for http://zpmagura.com/wp-content/nux5wem-08/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:434726
URL: http://zpmagura.com/wp-content/nux5wem-08/
URL Status:Offline
Host: zpmagura.com
Date added:2020-08-17 15:51:35 UTC
Last online:2021-01-11 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-08-17 15:52:03 UTC to ipadmin{at}primary[dot]net,ipadmin{at}us[dot]net)
Takedown time:4 months, 26 days, 13 hours, 21 minutes Bad (down since 2021-01-11 05:13:42 UTC)
Tags:doc emotet link epoch3 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-14INVOICE-0007-774236219.docdoc 167ee9436eb95d05d7cf4c07db8fa73083970855861b65ab21399742237a6b74Virustotal results 72.88%Heodo
2020-08-18INVOICE_QU05_228921.docdoc b7af10f17d831a42dd1eefc247fd016dd88499aab5521fd75620eb73edf62c4eVirustotal results 45.00%Heodo
2020-08-18Inv 8067 710268.docdoc 4515cddc59a8dc9342609090554675d5c45463d8c0199ff0eddb6ce266316505Virustotal results 46.43%Heodo
2020-08-18Invoice_OJ086_4115166.docdoc d6f80fb5c1ee878bd45bc08a1205abca1d2f449283ee7e8c962a5562e5112f28Virustotal results 45.76%Heodo
2020-08-18Invoice-07-321645.docdoc 8d06e8933d9b298b1df8a120d91cd21ca279d61b25ec86a583755acf98d119d4Virustotal results 44.07%Heodo
2020-08-18INVOICE-WMT07250-6475882.docdoc b47329f479582583e225720683cdc0902a6d6e3fef894a972435b782a842aef4Virustotal results 42.11%Heodo
2020-08-18invoice-OGGN00006-794375.docdoc b446af8dbd692107992ceaea7fe76d5c6af658413e8fa990547319349362d81aVirustotal results 40.68%Heodo
2020-08-18Inv B0824 1107655.docdoc 4ee60ed7734d890f2db3f94d04a7efb1641d83cd11da0f28e4f1a554e9cd3ee2Virustotal results 40.68%Heodo
2020-08-18Inv-CPAF0001-69272260.docdoc 1e7287370cc53c7ed5f90f379996dab92032b889d11133d6358713d54401c260Virustotal results 40.00%Heodo
2020-08-18Inv-H000599-03838224.docdoc 40f7770f2b4cf7b9278695e6fcea916099ecedae08d4f4b3070f3fb47feb413bVirustotal results 40.98%Heodo
2020-08-18Invoice-G27-563340.docdoc a3224bdb1c93e4cde36918c2078ed886cfb4ab92e19bdd94579ca9650643dcd6n/aHeodo
2020-08-18invoice ZFJ003 08920272.docdoc 22a9b83d6ba8df6e5d38c7c93c4c43ed12d0b45cfdba2aa3baa84a2cf2d35531Virustotal results 41.67%Heodo
2020-08-18INVOICE-Z53-49545476.docdoc 78592ac8692e506cbf84de53eb9e18f8758944a5bd60a40fdc7a5b11218af2c5Virustotal results 40.00%Heodo
2020-08-18INVOICE_KR002232_279291.docdoc 34f6f3dfbf731cc3d87253cdb7a6cbf7cbbf8a47369e0ff4b5a2c966e8f2335bVirustotal results 42.37%Heodo
2020-08-18invoice005949684122818.docdoc 77b91e171886421bc7a87ccccd572453071795281331490c3984b3601ca941a6Virustotal results 41.67%Heodo
2020-08-18invoiceZHA0007022801212.docdoc 92be4a79167b433e9a255723e3b6e3e3b01bc350cdaa6bc01a1cb46653bdc086Virustotal results 43.10%Heodo
2020-08-17InvJAX090135839419.docdoc 4cfd1a4d130209a42e6f1463451b36e01d0290a5b62df9a4b6a802eaa6580dc3Virustotal results 41.67%Heodo
2020-08-17INVOICE_R0768_204886470.docdoc 78a2cd40d747f3c621c50eadc47b9f15eb11a59b729dda17d525ae52a89cac41Virustotal results 42.37%Heodo
2020-08-17INVOICE_B9_102266071.docdoc 8f519c2aaf3e05564df5221f4bf2f52e0ffb055e6f0466185ef43c721ad18757Virustotal results 42.37%Heodo
2020-08-17INVOICE-FGJ001336-337252626.docdoc 32754532f0eb0205b94c93df24d8c8dfadf0769460b0983c124988bc8c3a267aVirustotal results 41.67%Heodo
2020-08-17Invoice 035 008953.docdoc c194f0d9702a16ea1f8b9a5ffec32ddca75c5ab3076ad1e9d7e249fe6bab7d65Virustotal results 40.68%Heodo
2020-08-17invoicePFT0008754102469.docdoc 4de2466dd0aa46843aac10caf6fa9ef8a414ee57491d87eff8e1a4d6d3b7a443Virustotal results 40.68% Heodo
2020-08-17Invoice_ECP01369_44470806.docdoc 61ec87677af079740e9c49f8d26425ce9c1226a994c24e44e236880751d8dc14Virustotal results 39.66%Heodo
2020-08-17invoiceLD00926030051.docdoc a371adb4edd62c96f3ab2fd9c98a4977ab0731df912e3cee89fd7eff0cc98f5cVirustotal results 36.67%Heodo
2020-08-17Invoice-REJA00897-33063618.docdoc f5d638d5d64bfb767081e85f1be73d5d6d3bd697b9c44443f168ca765c3b207aVirustotal results 36.21%Heodo
2020-08-17INVOICE-HB051-91341881.docdoc 4fa07d2b92390ce810b09723ccf48c59d24051c791428e3daed60edd9bbe8248Virustotal results 36.21%Heodo
2020-08-17Inv W074 934505.docdoc 00e63f775ab6754542ad3fc9901605f2f2deffc3c9b94042334f3dfaa2d57813n/aHeodo
2020-08-17Invoice SEZ0074 137264935.docdoc 746d6b431ea0298e8c198ed25d40a2ebac830a9ab45a026e598b9b12da73d755Virustotal results 34.48%Heodo
2020-08-17invoice JX002642 747443484.docdoc 002fc17ef46f5a786a26f8463cd5ec94ae73ee28100e60d364eb8ac85e70a10an/aHeodo
2020-08-17invoice_KKU0675_0333819.docdoc a63fd6eac2ee50dc75e438aee7a9583cb97067bed45ed1c41a7ff5b6b3f89cf0Virustotal results 30.51%Heodo
2020-08-17invoice GFV003296 480575.docdoc 0858225435ef18d51362fbdf7228a8db3ed5b107ff8de17591a83a7366b936cfVirustotal results 28.81%Heodo
2020-08-17invoice-LV0746-25787270.docdoc 19309ee1d5e957ad48c03b80e1e6df757b9ae11d767e2fc16a7400a126a88fd8n/aHeodo
2020-08-17InvTTBD00053462690581.docdoc 45aab90e927c3a36af0a42f1a9518728836182a36d4dda34d69a80aac9184d68Virustotal results 28.33%Heodo
2020-08-17Invoice-QOWP06545-334213.docdoc 19f616fa8b36e081543ab44b72e5fae898845029fbc2dae6aa62cc7cfe3cefd0Virustotal results 27.12%Heodo
2020-08-17Inv-BYNH0052-312596802.docdoc ad7b95cd42cc634f74b82730c63941006b341cff953ab44fe3eb63fda9123fedn/aHeodo
2020-08-17Invoice_BSE0003_3627086.docdoc 8b03dc5fe55fec0064b3e0886526d6645dd239585dbd1aac5ccaa79d68bf51e4Virustotal results 22.03%Heodo
2020-08-17InvJ0007250728.docdoc 49ae1440ca7ad2c718e9d8144098580b50956c65d95b8d31c3e511d7122e7286Virustotal results 22.03%Heodo
2020-08-17Invoice-VXW0089-700883.docdoc 1fd07ddab4cb9aecb75208f1984ab69ba9f6fbfbed18307adcf8efe0bf7e3204n/aHeodo
2020-08-17INVOICEW003561585970.docdoc 78914d1610f2b33ab56dc9c16f5d6ef36a1094b1e8349cc078a05c37da758c4bVirustotal results 22.03%Heodo
2020-08-17invoice_056_4779243.docdoc c44ddcbb54399b54e123f47cf9753dd6376799ce5b101f6a809e957d0b087a3fVirustotal results 22.03%Heodo
2020-08-17Invoice-UPK004-826865.docdoc a3a27e98e3889dfc694ca63cfb46641acea5bb0019f87ffde4c79c2ffc95cbadn/aHeodo
2020-08-17invoiceCOQ0006786128602.docdoc 09ffc4b4cec8fd4e7071f214ce992e4dac4870b72ff58d734e672d763ccd77f6Virustotal results 21.67%Heodo