URLhaus Database

You are currently viewing the URLhaus database entry for https://zidaimpex.com/wp-content/attachments/0449rwp4wz/v4afll294189608z0ahbwcso6ijhqh6hh/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:521569
URL: https://zidaimpex.com/wp-content/attachments/0449rwp4wz/v4afll294189608z0ahbwcso6ijhqh6hh/
URL Status:Offline
Host: zidaimpex.com
Date added:2020-09-15 23:04:15 UTC
Last online:2020-09-16 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-15 23:06:22 UTC to TechAdmin{at}megavelocity[dot]com)
Takedown time:13 hours, 26 minutes Good (down since 2020-09-16 12:33:03 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-16PO_09162020EX.docdoc 0e0913f7c913e70406fdc7b5e47f2455d7152c4e461770cc1b9bee581491fab9Virustotal results 25.42%Heodo
2020-09-16REP_832490818793.docdoc ba11cc626e1527c8dec4bf3fe20af2a338030cdb646252a4e170d19512d19d89Virustotal results 27.59%Heodo
2020-09-16FILE_WKZ_090120_TSC_091620.docdoc b3f649438cba7dc8f34dbdea69bb67a356906ead944752b8abcc4fcc23b737e6Virustotal results 27.12%Heodo
2020-09-16FILE_QB8301404724AY.docdoc 1a928fa0be8bd88f7c432604d00e22c102fe85ddf613d7c8ef120bd19fdfd911n/aHeodo
2020-09-1639090201475076100988.docdoc 716dc594b3320a3bc8601253c2e46721df663c180acbb2b8e62c64f7362b06a4Virustotal results 22.03%Heodo
2020-09-16DOC_EPO_090120_NNV_091620.docdoc 4127d459a04c32375faea92c1b93077f9a79c1c7ffff36dd050303fe2c295bccVirustotal results 20.00%Heodo
2020-09-16DOC_WQ9588260923CR.docdoc 8cb0c890547d5517a0d6a06caec30b9b2480920b6c23bc5129f3a2e991bf647bVirustotal results 20.34%Heodo
2020-09-16DOC_PO_09162020EX.docdoc feb760d598f3b0a810214edcedd3e0ccefa48d12ba8c1dfb200aea8d382b4070Virustotal results 20.34%Heodo
2020-09-1677796765.docdoc e94ff7ee99e57be629d1e0f2be3bada9aa1ae3c87560e031697f35d0d1799945Virustotal results 22.03%Heodo
2020-09-16REP_PO_09162020EX.docdoc 85e8c954fc64556cac2d3c01b725c69f7b2640b92ee156c1875c02f923db643aVirustotal results 20.34%Heodo
2020-09-16INV_22449925801.docdoc ca193911fda7f38dae553f8746afb6e4021eb40f46144ae77d2c8883da2c3d82n/aHeodo
2020-09-16INV_TE5499395811AP.docdoc 6b2eab389a7a3b060a0531979a56b8ed93a525cadb8535243ca02b29d3fdb1aeVirustotal results 20.34%Heodo
2020-09-16INV_6429092087256587.docdoc 3e62fb780c0ad60d1b4e8a1cf6e61782262a3376a1b6552c72c17df57d5375eeVirustotal results 20.34%Heodo
2020-09-16C_EULRMS7QE0LK0F2.docdoc 44927564de41b160f9e8d17034e9a21927e2e0b9fc2a429c4560e5c6be524793Virustotal results 20.34%Heodo
2020-09-16FILE_ZYC_090120_FUI_091620.docdoc a7f50bf321bf73c7af879ec128a67f16868adbb11239f8c21520fb3ba193eff8n/aHeodo
2020-09-16K_PO_09162020EX.docdoc abd53fd5f66e4ea484f4c037e59274f3933de850d9e618d2cc9123d48a571affVirustotal results 20.69%Heodo
2020-09-16X_UVWJNPI4O8.docdoc 1bb4012e89aef09b80eda22d99a564f0d3e923f96cbf25dc4a78ff6de6dbb31fVirustotal results 33.90%Heodo
2020-09-16FILE_QADMVR7STOAE.docdoc aa77119b93a22eb88f6ca54e820ebcb3c8df83ce1fc35435eb00f52ff88c26b4Virustotal results 33.33%Heodo
2020-09-16DOC_PO_09162020EX.docdoc 32b64c216d2a44427fdf3edfe941de9017c0ac4864f88a73a252fd4256c7024cVirustotal results 33.90%Heodo
2020-09-16DOC_9K5IYTC3FIFGECQ.docdoc 1b96135a2846d7a48ebfda9e2ca65dd11d6820c9fb6f1ef9a9b2b15395cf48c9n/aHeodo
2020-09-16INV_TIM_090120_OKP_091620.docdoc 63179447814d11c06c79d802adbf84daa1d758ac37a1591e280194ac6db52e16n/aHeodo
2020-09-16Z_PO_09162020EX.docdoc b7ef6487132afa596eee56ae8e75e130b2cb003eb1f2b2a765401d651fa6a61bn/aHeodo
2020-09-16VNL_81981963591135.docdoc fbe1133ef2dd689ebe616ac9a5013fc0788d7427697a118bdbda6aa1eaada5abn/aHeodo
2020-09-16DOC_RZ7501192995EL.docdoc 305d99490d1652cba0e4ee0e78bbc8ecc201e44033a823f4cdbbfa5c43c41c51Virustotal results 32.20%Heodo
2020-09-16REP_6797N249LDAV7.docdoc 3a008e06592f52dd80d9010935d5c1600be581e27402f7b909fb7d66aca492cbVirustotal results 32.20%Heodo
2020-09-16WZYS_50538054571849759475.docdoc 5e96a02fb1ec1284bbdd4f122425a6f635312ee541211269b39acd5addd3dd5aVirustotal results 30.51%Heodo
2020-09-16DOC_TCURRRAN0E.docdoc 588439f42539c073b150e685ee9d555a0012c8bfbd92b3bb4091b6ba21ed3d6dVirustotal results 29.31%Heodo
2020-09-16N_PO_09162020EX.docdoc a643c8295a70cc3882662f7eac8da65ca398f824961fcd9a47454364138218e0Virustotal results 28.07%Heodo
2020-09-16DOC_PKV_090120_FKE_091620.docdoc ed810a173660499c4d9356a3183b890ec5f2d2c6dba475ff95a77ac09d81378aVirustotal results 25.86%Heodo
2020-09-16REP_RG7T72HGUXRBU.docdoc 6f04f539195c899715c54e7cc3db85949143180e021314c0e670e09722d2afacVirustotal results 27.12%Heodo
2020-09-16L_27845042554893379266901.docdoc 57f88105c170f6a9c0718d37fc98fc60ebc7eecbd83b74780b5284d5412ff8adVirustotal results 25.42%Heodo
2020-09-16BAL_562576747645758950641961.docdoc c22a92c3f9f72a3ac154573621c47a61ea04bc8df6fbd72a14f55b0ac858f385Virustotal results 37.84%Heodo
2020-09-16RK2066446558TU.docdoc 7ed2061c4e694c21459db2c680fc101f2f2ed9bb6b8b8768a3bfc2b19ca14ef5Virustotal results 25.00%Heodo
2020-09-1654138278.docdoc 4d6b056c7bab909b0af3f0a3a24f5b7fbc4453e31746d29c0c3d60122def5705Virustotal results 25.42%Heodo
2020-09-16BAL_325254496676.docdoc 3b610a0aa4890a007dcf6df33178a042c25d7ae68a3fdff4d368a5728f811a78Virustotal results 25.00%Heodo
2020-09-16G_320469055419172553622974.docdoc 231d8f32ef0ff8e1a2b69db9bf1bf6c665c0cdff42bb4e3407cf7fe579304994Virustotal results 25.86%Heodo
2020-09-16BAL_13520760.docdoc f8b89f97feff5649f70d133e5a998bb941c042aa450267dafba9ed28a95b7f59Virustotal results 25.42%Heodo
2020-09-16DOC_01210197828835453030.docdoc 9a29066aa3490e60be3e563dadcd9f7ef75e6eef752abd1bd40ab5323a57a83eVirustotal results 25.86%Heodo
2020-09-1630229764.docdoc a4161a1c0ab452048658bdf4e30fe550fe9da9f47ea4525fdb2858949f42887eVirustotal results 32.76%Heodo
2020-09-16INV_82054323.docdoc 1e8efc4f5bc3f4c1233e6072bba8d608c2c37a722e84f3a69a5776225d962922Virustotal results 25.42%Heodo
2020-09-15HLMQMO2.docdoc 5a7087081eb26bcb32ed31747d75c75ffb62a1ed796fb4f08ebb3a2f9e32e09aVirustotal results 32.20%Heodo
2020-09-1541262181.docdoc fca275c16aa901a7fff33e9ab6ef4a73787f1020eabc602bfdd18bb08c4e78fcn/aHeodo
2020-09-15HVA0HLP3XWQ.docdoc 67cb2e599dc74d3e6f8048e4f19b08bb8852579326ae869f8c39fa818ef144bcn/aHeodo