URLhaus Database

You are currently viewing the URLhaus database entry for https://cxwlc.top/wp-content/browse/AqO12AbNhl8l0Fo2I/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:532837
URL: https://cxwlc.top/wp-content/browse/AqO12AbNhl8l0Fo2I/
URL Status:Offline
Host: cxwlc.top
Date added:2020-09-16 14:30:40 UTC
Last online:2020-09-17 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: spamhaus
Abuse complaint sent (?): Yes (2020-09-16 14:32:25 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:16 hours, 29 minutes Good (down since 2020-09-17 07:01:27 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-17MES-2020_09_17-353.docdoc 115a640bbaeb2f1e723b968b7183fbf51a129d98e03399f3321547fc16e766aeVirustotal results 30.51%Heodo
2020-09-17LIST 2020_09_17 QB037.docdoc 254a33e1b25338514edd5ba6d1d64f958a599a411ae5e53777ac52cc6aee8258Virustotal results 37.29%Heodo
2020-09-17Untitled 20200917 1072.docdoc 6ad7d6517b01019c7b440ffae67f0cb3a1234ad5ef679615f69741aac503b38aVirustotal results 37.29%Heodo
2020-09-17Attachment_2020_09_17_4475.docdoc dad3849c48e7bcab3910f21714cf78be123d625e4198309441654f24ec7b2b9eVirustotal results 36.67%Heodo
2020-09-17rep-XY162153.docdoc b3e8aa4e6563484dad4b6b339c0603f32a036f34e046ecf2f301c2ee412e5bccn/aHeodo
2020-09-17Arc.docdoc cc91b3ba3b838911e1fab454a436dc5cd64906c0546c9555d84698ed04462c35Virustotal results 37.93%Heodo
2020-09-17REP 2020_09_17 469.docdoc be20f5c8e432d65baa21e6758f82d0b3994eb4615d14a7ad56c7af30135d5919Virustotal results 37.29%Heodo
2020-09-17Inf_TG586173.docdoc 35088b84f2026bcbde876c9c9188d18287ccaf07b304b1fa9910f476c7aa36a7Virustotal results 37.29%Heodo
2020-09-17File_2020_09_17_0445.docdoc a5da9c7c791c0c911dbef2332dc03be1f01cb406f25c6aa8b313bbdf9b6ea68dn/aHeodo
2020-09-17file UNL2070.docdoc dc7e2135030000c1ea2210105e8eaebc8efd26a873cf4828a4e2d84a0b81805dVirustotal results 33.90%Heodo
2020-09-17File_20200917_P7387.docdoc b5f66f63b94f4110e86db6413837bc402b645520542f1c9638a70173e2234223Virustotal results 33.90%Heodo
2020-09-17inf.docdoc d1202687107a7741189869aaf59e41c0204405239ccabc3d9dec7e770943cfefVirustotal results 33.33%Heodo
2020-09-17Dat 20200917 HVW2208.docdoc 68b722df7ebc8c17375e2a8490c5054b77530b12e82fbb5645bac262b6fbed82Virustotal results 32.20%Heodo
2020-09-17LIST K98356.docdoc d452df085e4fa1e9de2c26da033abc9944b538757f876b06980b6ec948953f08Virustotal results 32.76%Heodo
2020-09-17Mes_20200917_5975.docdoc 4a302b44df11e4712e28d8e684fd9be280473a1f16ede2d69ee10c7aa97122a8Virustotal results 31.58%Heodo
2020-09-17DAT-2020_09_17-V941.docdoc 3f4bf548088814d982137a7a86ee7ef03c92225d8190047c8f06d3a98440b63dVirustotal results 30.51%Heodo
2020-09-17MES-BW38888.docdoc 52d1e34446e3375a5113383a78e7bc3a0a6c4a1791c2ef347e56564217852ca0n/aHeodo
2020-09-17776SA_20200917_628.docdoc 0177e8b43a79a29ce762f763112f16f7d07e7cd0de070fae63e9123ad5196423Virustotal results 30.51%Heodo
2020-09-17UNTITLED_513699.docdoc 36520787124e23f3b9b90ee7cb3a803156b9e3926960cb92dd80a7e88f552b04n/aHeodo
2020-09-17UNTITLED 2020_09_17.docdoc 2af1ab2f6d90a659c195d1c00701bb985a6832bc342fa817f3b24c1e590dc9d0Virustotal results 29.31%Heodo
2020-09-17INF_20200917_NG25785.docdoc 3538192f3f10da92ecaa87637e9f5a9614f36d3da3b52866d70bf314c7c7d26cVirustotal results 31.03%Heodo
2020-09-17List_2020_09_17_I4039.docdoc c5b888495a9bfa112794f936114fe7d3ab9bbbb1fa68b41d1d25a67f6372efb5Virustotal results 31.03%Heodo
2020-09-16791Z_135918.docdoc c7f64e6d64eb913fe7ff98e6407db3f38448cec6eaf8523531da0b29843acd09Virustotal results 30.51% Heodo
2020-09-16UNTITLED_2020_09_17_XVJ535.docdoc f88f0a7229385f58dbacac46414edf48aa7a582c937572b4bd89f12e66f33874Virustotal results 26.67%Heodo
2020-09-16DAT 2020_09_17 LE105923.docdoc 126de0c216fa9611fda901caef9fb54f2fd0ce1c73166dd5bc838cce50cd1560Virustotal results 27.12%Heodo
2020-09-16Untitled P66269.docdoc 40afaa1f04f40b23a4002e09b26fbc3ca750eb0aa30a69c04b3c5cd33af2185aVirustotal results 25.42%Heodo
2020-09-16inf_YDW703499.docdoc af2b9358b6b12eb46cb2ae27e6e4ed8574314b6cdabc512591c7e7bb5a034f17Virustotal results 27.12%Heodo
2020-09-16File-20200917-USH576942.docdoc 97214e11cc4031687da4e0f6bd8d5c8d1d671f191e3e0cd29ff774dd79df8d3cVirustotal results 27.12%Heodo
2020-09-16rep_2020_09_17.docdoc 6ca66bb2a18b0b27d6f714ce2099b199103b2b56c28a5c1036db6ef08b2e7ae2Virustotal results 25.42%Heodo
2020-09-16Dat_20200917_SW7107.docdoc 107013365a4b85d03aa73c76a98301d0575066e5fd70618a975e56745b1e94b9Virustotal results 25.42%Heodo
2020-09-16inf 20200917 YLI97755.docdoc 3dab2e072aca268d55eeb64247c9401dcea8f1f29ebd22d9be7fbfa41a0a7220Virustotal results 23.21%Heodo
2020-09-16arc.docdoc 65a375716183e1cd6f4dcefb005efb7a89b1be9c1012ee9d0505c03a56bde12cVirustotal results 25.86%Heodo
2020-09-16DAT-V98058.docdoc 6e2cda657096507928f8bb65b77f8d938d6d2ade6834ab9c0fab27458f8e2566Virustotal results 25.42%Heodo
2020-09-16Q4156_2020_09_16_35494.docdoc 3b55026ff065fe702f88ae19e41ec9321db485c8ae0454ffd5e2cf71a8f06baaVirustotal results 25.86% Heodo
2020-09-16INF-20200916-54055.docdoc eb506f5b83426c50a773ddb5d49857cd3b9c4527a253e9eef965f737ee8d88f6Virustotal results 25.00%Heodo
2020-09-16Inf 2020_09_16.docdoc 93fa64feee9e039727b15052ec8db93881da2ee406266fa3c3771a4dd500d46dVirustotal results 23.73%Heodo
2020-09-16doc 20200916 KW592.docdoc c3fe6563886f089db487609709f1ee223600ad3aed2af94a1cc2c89a450a0327Virustotal results 25.86%Heodo
2020-09-16INF 20200916.docdoc 4c4b899193138d5c65384410b57109a0fbf89f47fa7de6429dd4e1a6b1f96346n/aHeodo
2020-09-16FILE_20200916_QEL7530.docdoc e92d708294f99fd7f0a654d96cf541c806646e633b446b36cb88c38ee3dee73cVirustotal results 25.42% Heodo
2020-09-16inf 2020_09_16 3662284.docdoc 841ade1862842587fda1a43d1b032c6613823754aa4f7aa90e7fe675add82c25n/a Heodo
2020-09-16Doc_20200916_5724.docdoc fbf61fd3bf77b0bc7042c9d1126ba25b5bf6ab64456b8d6b93718c10cf7b191bn/a Heodo
2020-09-16list 1712.docdoc aff13401e7b8a7ffe133469b277f3e453dccc4e3679ca7434c7ad00f1b485e1bVirustotal results 23.33% Heodo
2020-09-16Inf 2020_09_16 9415.docdoc 015412693eba6a715224f08c39df5788dd74fe7a11c3c27caeef64247bea5fa1Virustotal results 24.14% Heodo
2020-09-16REP-8821335.docdoc 7b930201cb033b831735669649c902f92eb9f3ee0f94a615e1623b6ad39df3beVirustotal results 39.66% Heodo
2020-09-16arc_2020_09_16_LR729.docdoc 0438b8261f9c42981e9bff4ebe33aad2ba0b5003b8fb917808ff1cd73432c71bVirustotal results 38.98% Heodo
2020-09-16I884-2020_09_16-25880.docdoc cb49d339a81f559b1782a41af78c44f3036b5da514997f5dd428f57034c33015n/aHeodo
2020-09-16dat-AG202.docdoc e882979684968578df7329a0032967c88b2f999b1ea55833f8637259b4124accVirustotal results 39.66%Heodo
2020-09-16mes 20200916 197.docdoc f705caf3b7dd3cb911c258ee86b3c77fa6d5eb999f7799044ce66986b39fda81n/aHeodo
2020-09-16List-20200916-056.docdoc 5b176693bd034c2640fbd079a73726cafaefdfe64d9e5814a24b157bfcbcfd42n/aHeodo
2020-09-16file.docdoc 0500d9340ad3906abd3b1e971f21832f7e71b62f0f47ca9e6043f07d29c29bd8Virustotal results 27.12%Heodo