URLhaus Database

You are currently viewing the URLhaus database entry for http://ttgszx.com/wp-admin/FILE/zgstD5g1cSTbzVfx2xeF/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:538837
URL: http://ttgszx.com/wp-admin/FILE/zgstD5g1cSTbzVfx2xeF/
URL Status:Offline
Host: ttgszx.com
Date added:2020-09-16 22:47:06 UTC
Last online:2020-09-18 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-16 22:48:03 UTC to abuse{at}xtom[dot]com)
Takedown time:1 day, 9 hours, 46 minutes Poor (down since 2020-09-18 08:34:08 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-18arc_20200918_145864.docdoc c56f2412e4759fb07fcfaf0e3b30f041c10a86d3514f2e812844f42c23016248n/aHeodo
2020-09-18Mes_2020_09_18_032.docdoc 1455091f3d4f8b98aeaf8987443cd556bca8b6e72a1c88df6578e247f95735adn/aHeodo
2020-09-18FILE_20200918_L605413.docdoc cdbddc6e344dca0161e590649d5937d6271bd7c6fd53cdfac8ac5f235b4b2ad0Virustotal results 18.64%Heodo
2020-09-18Arc 0369.docdoc 6fc658810e553c73a9fbe5167def20b6919c2d71bd7b6e538cbc58bd147e6771n/aHeodo
2020-09-18Rep_2020_09_18_7077.docdoc 8cc271a3c843d86d10e06a206bdb54c29e0879fb671d22d8eacee4b90ce21f38Virustotal results 18.64%Heodo
2020-09-18file_20200918_42248.docdoc 4b552a4b1d58e620d17d255c9d618066b0dfceab6d7146304cea2afbfc53b4efn/aHeodo
2020-09-18535JZB 2020_09_18 IVK024.docdoc 802dd5e1e8ba9e22bf5e0844fb0c98b2f822c8411f9de09a6fe8ef31176d7899n/aHeodo
2020-09-184592 2020_09_18 8642191.docdoc 6f17adbca4f52f4dced97d473ed1b7b29e91b09a0433a5febfa6292962d92803n/aHeodo
2020-09-18UNTITLED_2020_09_18_3551.docdoc b2f4fe15d94caf88194505573376786dac796dedf0272c7f339e4c0455ff7abcn/aHeodo
2020-09-18Doc-20200918-C585.docdoc 2a4e902462327eea660cd484d54617960e688bd970e891f9de176f2564e1196fn/aHeodo
2020-09-18arc-9563.docdoc 44dcbec9953d3cf2568c5850042be34d73ad1aca1bff0e11683623b9b91dcc44Virustotal results 55.77%Heodo
2020-09-18inf 2020_09_18 57482.docdoc 6ea3f35c72f4386c51886db2f95d4c8158c9cc46d4852b02d4d12301c9ee6a8cn/aHeodo
2020-09-1802382 20200918.docdoc 2803a90ae1d2443a47eb09c48dc3b21cafff5fc1e70c87222b14a3379a757236n/aHeodo
2020-09-18doc-20200918-QLC7488.docdoc 96d436517f2e35248a049283382d963b8924ec0a569f93a093838f1cce8e3708n/aHeodo
2020-09-18UNTITLED 20200918 AIR914421.docdoc 183d2eb07d136cfe5f6d2657372d049e778254539c5793558efa55af754b5c38n/aHeodo
2020-09-18list_20200918_DR8061.docdoc 1cba542ea755572052ee0ee05629e5f1a0b3161fc11106ad6e2679fc5ee2a6f4n/aHeodo
2020-09-18037_2020_09_18_1125.docdoc a4f620f140f63dd60825bc9ae8c9ddc6eb6b639b6022d2d014661b008c409932n/aHeodo
2020-09-18INF_20200918_1128492.docdoc fed5e7580640c07c65d8f7dc61525cec900564c60b608e59670491b4e82d8e8cn/aHeodo
2020-09-18mes_20200918_91328.docdoc 2d8ed5e3ab00fa8a391a74010c5c60103922c5646f56544f780c761f73b20aebn/aHeodo
2020-09-18LIST-20200918-E39848.docdoc 1aa763675bb57de2419ff0c6db6954df9d9b83b1d05a49fbc33d8db379753db2n/aHeodo
2020-09-18Rep.docdoc 5408fc0375d93c087881cc171b925203fc6ff99a1bc78716bb0f2cee15a69c3dn/aHeodo
2020-09-18Attachment.docdoc 0fa784f6a6eaad808c6f9037d5515f435da8c204edba06b50d4839499bccd481Virustotal results 35.09%Heodo
2020-09-1892868-2020_09_18-P08335.docdoc 6d7657e6644c4ace4f65f6639704f74c9f7dd6d2e7e3e3be74c0651d5fc7346an/aHeodo
2020-09-18Arc_20200918_X49343.docdoc 393e7f7b1076dda565b8910fa5cbcd172477be0d32cb668b7ba7f32f122c1c26n/aHeodo
2020-09-18doc_280.docdoc 48d9902f9387ffc07af22ed14eaaebb093f37f8f63d4942f0d76744ae6f14f4an/aHeodo
2020-09-18INF J179281.docdoc 562c1a653b94bfc9219306d06089d0621f9f3fd9712476d1e543828e67d1eb83n/aHeodo
2020-09-18mes-50464.docdoc 68a6ee3668a51859a1ccabe683a3d6148c90ec6cab3ed3e4cbf58e3dbfbb5ceen/aHeodo
2020-09-18Mes-20200918-7115652.docdoc f9a9596b06fd6053fd9fe2f73a3cc010078c12423f3e963d553675df3a02b77bVirustotal results 34.48%Heodo
2020-09-17file-118.docdoc fac05b7ef1455e22097b936c48496ba95620364be0aea7125fce483d1bcd7849n/aHeodo
2020-09-17inf 2020_09_18 KWA1468.docdoc a799324029ea75b6b4a71f02bce59d976fd0926ce98d134c071d39e892f1da2fVirustotal results 33.90%Heodo
2020-09-17doc_12782.docdoc 7f8b0c4424e7380c14127e52a14ff6e672914b9b042fd9e899702e09bef69484Virustotal results 33.90%Heodo
2020-09-17462602_20200918_938.docdoc 75a2eb22895c4eb7c65e35555164b3e60dedc1c777558bc5cb8e0491744d3c7eVirustotal results 33.90%Heodo
2020-09-17list-20200918-4955.docdoc 4d24738568acaa4cb1874eb562dc8868c8097922ed0cedbb56f60f21135f5b93n/aHeodo
2020-09-17dat_20200918_54228.docdoc cac5c3880b032b19b17c49f22e4a4d6e6a488ea6c3691a06804eee1e6a443d2fn/aHeodo
2020-09-17REP 2020_09_18 JEA16331.docdoc d80641aed13ba5e1b8d4dfc10810d0a6533a51231342b46851f4357025945129n/aHeodo
2020-09-17UNTITLED 2020_09_18 0733393.docdoc 00d004d041cd6d18ac2b3b26f53b642816578698bb96055a921f74a0e16aca23Virustotal results 32.76%Heodo
2020-09-17inf-B1248.docdoc b8cb6d816022529aef9c494f18a512773e78a79da62cd85b03e664fc6b801834n/aHeodo
2020-09-17Attachments-4601132.docdoc 7a7facaf5ee1b9709ccc3bb2b8188ee0307b2a7be7e97cead7fdb9c02d232752n/aHeodo
2020-09-17arc_20200917_WKP08392.docdoc 0df824f36e56dbf8febc5fcb22a4017bd18feb908d157a5761754b81776f74abn/aHeodo
2020-09-17INF-2020_09_17-7968.docdoc 14e476c161d3f8ac920d9952493c507a6f5305c9661333847059ed101c75ecd5n/aHeodo
2020-09-17Inf_20200917.docdoc 077c0a643c4cb98dc959c64cb4a90a5ff304fba0d9c2dd5e9b96a30b606efad1Virustotal results 32.20%Heodo
2020-09-17LIST.docdoc ee3d9beddb37d34ac9153c4bf717005b5922b64eafc401378621594713ec5bddVirustotal results 33.90%Heodo
2020-09-17Doc RA3137.docdoc 6d190f3bcc3048ca2a325645cbae33b1048a29fcc362baa184af48c9080b108dVirustotal results 32.20%Heodo
2020-09-17List_20200917_110.docdoc 3aa4f27101991883f1d5ff18ca7f7188bb0f473eaf17b1525c590b5c0296a2b7Virustotal results 36.21%Heodo
2020-09-17Arc 2020_09_17 9453.docdoc 1d73c9029ef0fa7df4ae3ee9f8afb936c6528ffb9333bfa052652b58b5d13886Virustotal results 36.21%Heodo
2020-09-17File-2020_09_17.docdoc 4f623e4423ce4204a70d67ba54ed3d68b8dc279e8bb84f41e463b4bcf4f949acVirustotal results 36.21%Heodo
2020-09-17Inf 2020_09_17 3011462.docdoc c624b676e101d4cd1b16d080f4956782e75f55bb7ebbceb37cde73904ab336e6Virustotal results 37.29%Heodo
2020-09-17INF-86448.docdoc 353f0f463155f6b75683ef0d34afa369d3c72b75ff3ee326c2075c05d01a2b38Virustotal results 33.90%Heodo
2020-09-17dat 20200917 B77792.docdoc 47c0e29cfb88541480f39ddfc2d5db1491af396a026356531efc1df143c6d6d8Virustotal results 33.90%Heodo
2020-09-17MES_2020_09_17_VR865.docdoc e8deaa1c4ab1cf3f1b442441387ef5dff0204fbc8090e717e2d9db6c3a55e3a0Virustotal results 33.33%Heodo
2020-09-17FILE 20200917.docdoc 286e3b1ed98eaf7b7d6fbb24527e5a6e79e10ce0c1e2ce4b2ea8a81e04ae0293Virustotal results 31.03%Heodo
2020-09-17Untitled_20200917.docdoc a9efc44ccf4073ea8667329beee1689a890fe0ca71726ad021ea03094950df96Virustotal results 30.51%Heodo
2020-09-17List_20200917_RI306979.docdoc 4d99b66f422478d5244e0eb176917e73672c9b25d88de0118d373941a7c84989Virustotal results 30.51%Heodo
2020-09-17arc-20200917-59610.docdoc 66fb843e926bb1fa1f592b757a5839d23b6856850e3654dd7ef264088056641fn/aHeodo
2020-09-17MES.docdoc 754c1c6182cf24004ca005e843e007cff4a65d1a82f13da77528c05c8512c458Virustotal results 30.51%Heodo
2020-09-17MES 20200917.docdoc 1ee37e9d15c8e0ddf602115c14744881a35377665b3ebeb7d07b8fc212df29e3Virustotal results 30.51%Heodo
2020-09-17inf_20200917_CHG30218.docdoc b64102c3c3384e98998cfd34746faa10e46f81855ce452e4c0aec6fcc3b14ea6n/aHeodo
2020-09-17Mes 20200917 W794603.docdoc 260b0bb5de1e2ca1065a5cee4ae2bb461341f3c6c056a494860c222a1b180c7dVirustotal results 30.51%Heodo
2020-09-17dat-20200917-OAW69027.docdoc 3335005b1d10b660afc3bdf17651f15d892145971773989d9638aec5b012a015Virustotal results 30.00%Heodo
2020-09-17Attachment 20200917.docdoc 05ce719d6bbe09bf2fd00e9ce8c5d8a14c173ba82dd5a361d3a34c95586fe45dVirustotal results 31.67%Heodo
2020-09-1773763ZCB-20200917-M425210.docdoc 96eeeb31a1f499dfd36fd8dd65250c5639ec0b33444d5b47b2c37f95a2914336Virustotal results 28.81%Heodo
2020-09-17doc_2020_09_17_988012.docdoc 42f8349a51f2a89dc0e94db8a5437d9a51a817b6a12f77178b9beed274730b5dn/aHeodo
2020-09-17LIST 20200917 041937.docdoc 5e8c0fcb644bba90bd0c0ac83f40b70427fa7bf21c0538c4b5739ee5e81a7633n/aHeodo
2020-09-17Mes_2020_09_17_RNV886.docdoc 62a6d669ab37d9b2d5368aff64bf307489a7b54fe1944442cacfb202c22e24abVirustotal results 29.31%Heodo
2020-09-17Arc_20200917.docdoc 6b208d72f426f0e61a21ad820e4801637ade2fbbb31734f698fc144daae0f094Virustotal results 32.20%Heodo
2020-09-17LIST_415.docdoc b8df8ad18c3d755eb12ee45b59cf06643c3edcf77b47e869780b3be3cb1ab4b5Virustotal results 32.20%Heodo
2020-09-17Arc 2020_09_17 509431.docdoc 2f52d043d3663e2f9b2162352307f622a5fdfa13563207f9b303d2a0489f3e31Virustotal results 34.48%Heodo
2020-09-174175481 9364.docdoc f61d46dd57c4f0fab9586e96ed2990da9e5c71b02a46561cb6ef0ba0c222e62aVirustotal results 34.48%Heodo
2020-09-17Mes_20200917_A9225.docdoc fd02af19a05bf4f56d7be9cdea769e01cccd1c77bdc6c63b6463453de028cf7eVirustotal results 32.20%Heodo
2020-09-17Arc 20200917 Y738529.docdoc e3b8a6317a95ced172f2f8d639765d3562c92716bd106434dc0cc7bd82e0c1a1Virustotal results 34.48%Heodo
2020-09-17File_NOS794.docdoc b12f771df24eb6c3dc5d839637eace60ec5627a149199735953d808e79878b31Virustotal results 35.00%Heodo
2020-09-17mes-20200917.docdoc 496b9984d46488221b7d1e703c3e12ca2a8a516059fc2081ba346c248fccdfdbVirustotal results 34.48%Heodo
2020-09-17doc-20200917.docdoc 5603e51c1967a5e143dfbfd516ed1687bda619636e29f51d386cc34ca477179cVirustotal results 35.00%Heodo
2020-09-17002 2020_09_17 A607547.docdoc 276c1e19a028de75969db32ff6537380bed379b468823028f3f643433581f056Virustotal results 33.90%Heodo
2020-09-1764110007_20200917.docdoc 1a283e73180c2346d361c4a26658b11fe59e7d1afc66c02fae1b5cef9f09b927n/aHeodo
2020-09-17LIST_8068.docdoc 159d9695cba782d8b0504fda172db4b5d668b77a9b6673acdc7ead7afccb3f45Virustotal results 30.00%Heodo
2020-09-17File_20200917_876659.docdoc 3efda29907b74c348feb380198e81f82dfe13f13cf585d8738dc6a8d134ddafdVirustotal results 29.31%Heodo
2020-09-17mes_333.docdoc 0df96582929e65cfd240823ab1fab9b485135aa74403d0135ce6aa662149f68an/aHeodo
2020-09-17Inf-20200917-OOJ530.docdoc 4e62bcaf0162b7457f5312c801d092947eca595ab8853373cd599e47e71bae5fVirustotal results 30.00%Heodo
2020-09-17MES_2020_09_17_8569.docdoc 4bb878ee1d9dd9f68f79f3ac66c00340b0acedf325d4da537bab392a954d68fcVirustotal results 30.51%Heodo
2020-09-17list 2020_09_17 LL894423.docdoc 5a468353a435f890761d3728d9d3a3f749ab60c3a84a4130d3350e7c11ce4562Virustotal results 30.51%Heodo
2020-09-17Mes 20200917 KZ53966.docdoc 254a33e1b25338514edd5ba6d1d64f958a599a411ae5e53777ac52cc6aee8258Virustotal results 37.93%Heodo
2020-09-17LIST-SI3371.docdoc 0dbad315cddc667cb29f30d02de18c3d5ff0547e0814c5170510ba1a11766b7an/aHeodo
2020-09-17Arc 2020_09_17.docdoc 1f78ddc5ed3c3410d1dae6bbdf7801d065a07f11d652a3275d86939253a064c0Virustotal results 37.29%Heodo
2020-09-17Doc 20200917 436523.docdoc f2e99baaaedbd089392d2cf3fe482c71b0730b27875748932e3b9dad90a4728dVirustotal results 37.29%Heodo
2020-09-17arc_2020_09_17.docdoc be20f5c8e432d65baa21e6758f82d0b3994eb4615d14a7ad56c7af30135d5919Virustotal results 37.29%Heodo
2020-09-17524085_101.docdoc f0494fce3a56912126414f7dff89c40e70344f1125843833c065022cd26f5d70Virustotal results 36.67%Heodo
2020-09-17Dat 827136.docdoc a5da9c7c791c0c911dbef2332dc03be1f01cb406f25c6aa8b313bbdf9b6ea68dn/aHeodo
2020-09-17UNTITLED_20200917_544236.docdoc 84c4bededfcf319c65e87c3d55ebeec4d882c316c89e9716e5c29b9cf37a1821Virustotal results 33.90%Heodo
2020-09-17inf-LN3942.docdoc 65bf16cbd3175b7dda73dded17b19b4dc8d8501e4c40140b053ba45dcd480ffcVirustotal results 33.90%Heodo
2020-09-17Arc_435997.docdoc dc7e2135030000c1ea2210105e8eaebc8efd26a873cf4828a4e2d84a0b81805dn/aHeodo
2020-09-17dat-7091120.docdoc 68b722df7ebc8c17375e2a8490c5054b77530b12e82fbb5645bac262b6fbed82Virustotal results 32.20%Heodo
2020-09-17List-2020_09_17-XG6556.docdoc 8276711c50ee244236dd639fa767cd234f01e188f32bbe46b1ab5933a2e7a85cVirustotal results 32.20%Heodo
2020-09-17REP VD753.docdoc 4a302b44df11e4712e28d8e684fd9be280473a1f16ede2d69ee10c7aa97122a8Virustotal results 31.58%Heodo
2020-09-17REP_20200917_WM9337.docdoc 3f4bf548088814d982137a7a86ee7ef03c92225d8190047c8f06d3a98440b63dVirustotal results 30.00%Heodo
2020-09-17ARC 2020_09_17 CUE18412.docdoc 199401c497790c993de9b877216657ee4c03fdf8038ddcb5b66be9e4de7d080aVirustotal results 30.51%Heodo
2020-09-17UNTITLED_2020_09_17_31650.docdoc 993a838f26d59bf881c1748f0543e93e7a0a2408a38b30dcfae78a826dad9609Virustotal results 30.51%Heodo
2020-09-173006-2020_09_17-GNK079834.docdoc 9292f6dd43458e974f0c4a39a5574e21b543c84949612bfd88587187d0ab6a81n/aHeodo
2020-09-17Attachment-20200917.docdoc 5e0ab20f24e293d53eea6004bcdae7e97001bae4ca2c13f93f8d68196b6fc16cn/aHeodo
2020-09-175876MFL-2020_09_17-863030.docdoc e0ef54d4ccf770a88f53ddfc67ae2684ecc6a5af1261cef668c18943ebacae96Virustotal results 31.03%Heodo
2020-09-17inf 2020_09_17 G02623.docdoc 8e9f601f3aace10fc47195fceb165774f20e7a6f1060662eea3d4ecb95a848f0Virustotal results 30.51%Heodo
2020-09-17arc_2020_09_17.docdoc 5860ceec6c00a5db8a0407f7616cb0e54bd187d3ecd869bc4675bffe557d3565Virustotal results 30.51%Heodo
2020-09-16mes_2020_09_17.docdoc c7f64e6d64eb913fe7ff98e6407db3f38448cec6eaf8523531da0b29843acd09Virustotal results 30.51% Heodo
2020-09-16Attachment_0733458.docdoc f88f0a7229385f58dbacac46414edf48aa7a582c937572b4bd89f12e66f33874Virustotal results 26.67%Heodo
2020-09-16List_20200917_Q310643.docdoc 9517199ff23937f5824cedaa844f795b50e7ed9d127a62219051249d5da76b63Virustotal results 26.67%Heodo
2020-09-16dat-4403731.docdoc af2b9358b6b12eb46cb2ae27e6e4ed8574314b6cdabc512591c7e7bb5a034f17Virustotal results 27.12%Heodo