URLhaus Database

You are currently viewing the URLhaus database entry for https://meng96.com/wp-includes/swift/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:514467
URL: https://meng96.com/wp-includes/swift/
URL Status:Offline
Host: meng96.com
Date added:2020-09-15 12:27:36 UTC
Last online:2020-09-26 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-15 12:28:03 UTC to qcloud_net_duty{at}tencent[dot]com)
Takedown time:11 days, 5 hours, 30 minutes Bad (down since 2020-09-26 17:58:26 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-22BZOS_PO_09162020EX.docdoc ed810a173660499c4d9356a3183b890ec5f2d2c6dba475ff95a77ac09d81378aVirustotal results 60.34%Heodo
2020-09-16TD3265919407SA.docdoc eb6bbcf1755a8438e950e632c5e1330ff4c78dc8849914d2126abeb732ec4360Virustotal results 27.59%Heodo
2020-09-16DOC_38255466.docdoc 8e6f30327f622ec5f0e0af698a465ea3e932a184bd57077e5561244208e45f8dVirustotal results 27.12%Heodo
2020-09-1668X4PR6X9NV.docdoc 722e0b21752c8eb64fbb26fcf4ef9ab58f89050b3b690fa97b068eae6a0b522fVirustotal results 24.14%Heodo
2020-09-16179382745163925641.docdoc c22a92c3f9f72a3ac154573621c47a61ea04bc8df6fbd72a14f55b0ac858f385Virustotal results 37.84%Heodo
2020-09-16REP_48946975.docdoc 1fdc71b89f5d3b5fce037341692415964a8c4141c9579be50045bf9d2e309afdVirustotal results 26.79%Heodo
2020-09-1695147848.docdoc b0ee242bd63c84fc1dc0a0688e6c44566078121fa2b637d55dc0584e5952c27aVirustotal results 25.00%Heodo
2020-09-16FILE_30206801.docdoc d4c8ce2687fd07ab7c3991cab5500c05e719381d7906228371f0457d260ded94Virustotal results 25.42%Heodo
2020-09-163R29FJ9Q7B69WMY.docdoc 8803b647321791051baa9ae249b48b03143908965ed583a37b955bf28c6a1c77Virustotal results 25.42%Heodo
2020-09-16INV_DGQ6FF96.docdoc 607bf68103d9158e576beb6c3a4b287bc5f5283c5871075a532d44efa448b9a0Virustotal results 25.86%Heodo
2020-09-1520436048.docdoc d2939ee7042da0a88a76cc4e60e5a8cfbc83e5b4fad03c547ffb13bb006a2c5fVirustotal results 24.14%Heodo
2020-09-15O_TG8183115661PW.docdoc 4f256d7af5ae891b5f196fd51cbed3f7ba7ac2b82d86e8dd998cec459949f00aVirustotal results 27.12%Heodo
2020-09-15REP_EC8376595147HF.docdoc 20843d0cdd4530871779caa7abdd86286747cf5422074a5f981d499aed8d19d3n/aHeodo
2020-09-15INV_PO_09162020EX.docdoc b408d1437535aab5eb52b147d59272e8056375f2e90e2ccef71c062980e36b2fn/aHeodo
2020-09-15BAL_9303781060144587144787281.docdoc 9563d877bafd1387934e2e5243284770dc969f8406fce65bc70b4a8741081548Virustotal results 31.03%Heodo
2020-09-15DOC_WY1234853283DM.docdoc eba11506102b0d17ade3dd25ef88614226a2faa5c3710af2a89b5588f49844a2n/aHeodo
2020-09-15R_382765390.docdoc cef5fe8cb42c84d6b646353c977ec12cd7118000eb906b2ff5625158c998c8b5Virustotal results 27.12%Heodo
2020-09-15WCI_HTF8AEDLM7I.docdoc 6f04f539195c899715c54e7cc3db85949143180e021314c0e670e09722d2afacVirustotal results 24.14%Heodo
2020-09-15NGC_34580679159087829280608.docdoc 57f88105c170f6a9c0718d37fc98fc60ebc7eecbd83b74780b5284d5412ff8adVirustotal results 25.42%Heodo
2020-09-15FILE_832494449718689096.docdoc 7cec88df6a841fbc1251142492e673c8a2cddc58f21d6fd402f8167ee96e194cVirustotal results 25.42%Heodo
2020-09-15FILE_63746886.docdoc 3b610a0aa4890a007dcf6df33178a042c25d7ae68a3fdff4d368a5728f811a78n/aHeodo
2020-09-15W_61700247.docdoc 231d8f32ef0ff8e1a2b69db9bf1bf6c665c0cdff42bb4e3407cf7fe579304994n/aHeodo
2020-09-15DOC_781696261672777460025464.docdoc f8b89f97feff5649f70d133e5a998bb941c042aa450267dafba9ed28a95b7f59Virustotal results 25.42%Heodo
2020-09-15NH6517947071RN.docdoc 9a29066aa3490e60be3e563dadcd9f7ef75e6eef752abd1bd40ab5323a57a83en/aHeodo
2020-09-15DOC_PO_09152020EX.docdoc 1e8efc4f5bc3f4c1233e6072bba8d608c2c37a722e84f3a69a5776225d962922Virustotal results 25.42%Heodo
2020-09-15DOC_3758700035469990337516.docdoc 726a51164eb4f89fd1fee9271d44eea1befbae96e4816673b46c2fdf7d71fcabVirustotal results 32.76%Heodo
2020-09-15ZUK_PO_09152020EX.docdoc c6cc0bc5f638343530d50e465ee7b0a2cf952d971f2d50d1b26c5ff8d2068280Virustotal results 31.03%Heodo
2020-09-15REP_D7II56WPE2CW5S5D.docdoc 81834b464c9d4cf11ffc357df7e18071f8e5d8f62d182e997059da665294a8b2Virustotal results 33.93%Heodo
2020-09-15G_ZC5FVYZX0Y37.docdoc 3a27d228a126b4876ded1657ddeebfc55df1277042bb3c9e8a88af914fead10eVirustotal results 30.51%Heodo
2020-09-15X_NBBDT1K5101AUOR.docdoc ce54926c6e6bb51a9f76b70e433f6745eaa79038969f753b14bce036ccf55c76n/aHeodo
2020-09-15S_TIG_090120_VNE_091520.docdoc b98c6bb5f406dd831d675d835a86587322ffbbcf4e47b5a01c471fad167f8cfan/aHeodo
2020-09-15DOC_WAP_090120_EGY_091520.docdoc 567b914c19e54fb78b9c487868550a0ead98ccc21e1f640d571b7d98ad1e13b1n/aHeodo
2020-09-15REP_96008232.docdoc df8e3bb8218a241d663a81c536d1ce5f64b91ade8fb09dbdc183006ab9e901a0n/aHeodo
2020-09-15NH5069165209NJ.docdoc 29e6800b32fe83e4c3eea894351d851e0ba7013aa256aa96ca27b0423fe084d8Virustotal results 30.00%Heodo
2020-09-15E_PPIA2Q1KECCEE.docdoc ba34bf775daa42ec9022cd46e6fc17cc035d968b15fd48a74a765e88acaec39aVirustotal results 30.51%Heodo
2020-09-15REP_99668403.docdoc 920c6c5caca9705a67c7133db7edb7a9c9752f138bf9e2ce372169cca625b083Virustotal results 31.58%Heodo
2020-09-15PO_09152020EX.docdoc f52574630b28b46badc771430bea7ed4811951b7ac44b12af4cf6497f1afff4fVirustotal results 30.51%Heodo
2020-09-15REP_6MKPAT6RNGH.docdoc bf726f4ccf307b79f32d968b3ec5145392bd3237ccf42905e75fa215cac2a476n/aHeodo
2020-09-15FILE_5CK6BZ6GN4.docdoc 7c71cb958a4a553e134ecba8798f78473999bbf2a378f6f2ba9dbefd509410e8n/aHeodo
2020-09-15DOC_OGD_090120_JPW_091520.docdoc 84a3218db211f14f6afaf90ced3a518193158b80bbbf43bbf82a955d6064fa2dVirustotal results 28.33%Heodo
2020-09-151860728837856718161202.docdoc 0ec418e8980ab3a6855c2e01e16335d606b8f8b54a4eb3dd9e3ac41201668ffcn/aHeodo
2020-09-15X_941484580098.docdoc 6b838dce48a2c790edcc3d3552a367f8ea3996c037a05e786df007bae459787aVirustotal results 29.31%Heodo
2020-09-1589593249565919023.docdoc 7eb8772cc7350453ef78a981f2c5a2e71c909ef4e35ed2585e6daab6bbe651f9n/aHeodo
2020-09-15BAL_LTY_090120_OOI_091520.docdoc a90cf1cb6d035bbb6b3ff86c2b93faa430ecce7ced8293cf7938bc913218084fVirustotal results 28.81%Heodo
2020-09-15REP_ZM8803807985HY.docdoc 155463c9c0f6ad4dc393997a8a05ef92ccfdcd3afecd7caf5a434422ae52d5c5Virustotal results 28.81%Heodo
2020-09-15635199335468779726.docdoc 2231867f5f922d40ae930f032654dc95e2966b101a79e3f6a4f86ccc3d46b084Virustotal results 23.21%Heodo
2020-09-15C_KYX_090120_ETO_091520.docdoc fd847c1ac2582df7fc923b1a1c5a5ab3c065151c082c2a2ed29b36210f899d07n/aHeodo
2020-09-15OP8279035155KI.docdoc d590291ac7dd3e6a44554bafcd4bf1bafffa63e97ae93a536a420a3378ecec21Virustotal results 30.51%Heodo
2020-09-15FILE_59044272.docdoc 66ff020fb95ced4f2653e4ecdff764a34d92c4e883e306f037fb46b470b5fbabVirustotal results 32.73%Heodo
2020-09-15INV_JO1174472739QP.docdoc b397f6734c037272b01c97d7f6272a06a5e6b7853cedf05f5931ec83619964aeVirustotal results 33.90%Heodo
2020-09-15REP_NDN_090120_PZI_091520.docdoc 1cc4e6ecab2c4d1d8867cc06c63c3287cc0f37d7c173d90b81fcd07ecd523bcfVirustotal results 31.03%Heodo