URLhaus Database

You are currently viewing the URLhaus database entry for http://zzuzhi.xuezha.vip/themes/P/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:541977
URL: http://zzuzhi.xuezha.vip/themes/P/
URL Status:Offline
Host: zzuzhi.xuezha.vip
Date added:2020-09-17 06:27:08 UTC
Last online:2020-09-18 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-17 06:28:20 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:1 day, 1 hours, 13 minutes Poor (down since 2020-09-18 07:41:40 UTC)
Tags:emotet link epoch1 exe heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-18CVtB0gF2PAsdv.exeexe 550a2530191b3fb1c4bf9d809579647e3c070c215b0a887d408c9a4b0a887d8an/a Heodo
2020-09-186o3VrC8V.exeexe 92761cd9384c895d933d6898ef16e212d5e856fabe970d84a41a233098a7137aVirustotal results 20.59% Heodo
2020-09-18s2qsQrH.exeexe 008d5844d692fd68be8fc4d63d6413f7b3ae7e316c2d0b77b4116ce6e8046d2aVirustotal results 20.90% Heodo
2020-09-1845zoVYJkNMhvS9.exeexe 17c0536c241530f8a5c6867270e32d88d413ef0a9bbb3adc76a118fcd08a324dVirustotal results 16.18% Heodo
2020-09-187HRLIGeugP.exeexe a91246ba6d0a2f63660f04e4f37d96e3f81b234c6b6947ca5fbfd72843989b73n/a Heodo
2020-09-18EZ6wnM.exeexe a09c645a91c158dae8fe58d2a99f432f5694727e4893f12c2c6c11df7273739an/a Heodo
2020-09-18byyKdGZcIjR1tFt18L.exeexe f59ef6cffb951da56e5eec89848f5200e1e5e7b65d07a8c51e663889ce76a929Virustotal results 18.18% Heodo
2020-09-18j1D1ymQZevkz70XRJa0RG.exeexe 75abeae70f7b2946efbc29a26015f70024802020371476d8078c8daa0b5fbb8cn/a Heodo
2020-09-18aOehaoRrmdpk.exeexe 09fd055e7a58c50ca084da526cc538c3c818a7007f6b48d212372e78c4334743Virustotal results 20.90% Heodo
2020-09-18yiALLE.exeexe f403bfe69e291ec62cd751315c8eaa7e8aa9a705688055967b9d120a95f307ben/a Heodo
2020-09-18Zvn.exeexe 4168b08919c47a11590b5eb71b0b03de1fe1631c9633a8f8dd658685ece7312cVirustotal results 13.24% Heodo
2020-09-18InwTky8eNTTcVy.exeexe 61491e0c04fbcb8964f50c6b87d69b42583451b8a16791bdde7c5f4dcd63f1d9n/a Heodo
2020-09-18CKYVVxafkNNR.exeexe a45b25214e7c4332e1ff908cd8addd00d1a21c631927d27e8f1d1ae79ec07f27Virustotal results 14.71% Heodo
2020-09-18eUNF4Sr.exeexe 2702b40b41bd81ae9916214f2023b14567cb661959eb29400c7c60492549f4a2n/a Heodo
2020-09-1837u7.exeexe 28f8e6b72c533bebb4f9817e8bfdb3260d8039c7b492f523d42910e8487bdec2Virustotal results 14.93% Heodo
2020-09-18uUotws.exeexe e7c856f6a130ee857f002a8f25e09830b6a6f9891ebf23896bcec4a5a5aef3f0n/a Heodo
2020-09-18T9j1x9yyWesw.exeexe 40a5f8276bda5e5beb0c651f324a8aa6f81fcceea4565e6983c04cbb45411c70Virustotal results 13.43% Heodo
2020-09-18rfBal.exeexe 85cf3dc4a10afc6d1a0a04feb2f1ddd0a4a23aac3b857798fb89b208d19e8d2cn/a Heodo
2020-09-18iCVBBxvaRz0es41u.exeexe 80793dfca4d80b943af483a2890e376bd1851b3b755806e0d44e39816028910dn/a Heodo
2020-09-184Hh3z5hjnMziZ7ses.exeexe e132a0a662a296b222aed0cecf4f18388e08f5d8c4c45e710d8b5112974a9c9dVirustotal results 14.71% Heodo
2020-09-18ZG3FFtNydmmmEKQWCSu.exeexe 979cb948d19e2459126882233250b07b7bd47f7baec2aa0dc7eb14f09f616994n/a Heodo
2020-09-18SpuWFPCiYl.exeexe fbb9c1c64dd5ec3b5e0cbdfe5b4a0c877473f2b06558ecb8804a3598eff35385Virustotal results 14.93% Heodo
2020-09-18Jc1tVGJEVO.exeexe 3935a2b62e47dfa9c61f84432cdc6c280870f0ccc81bc9e89b6c55270086faabn/a Heodo
2020-09-188IlmKLWeBRNdkvL9b3d.exeexe 5b71a3fb653b1fa792ab3c9b2fdc95a01d72c74cd19954e7ce9ab0c975304e22n/a Heodo
2020-09-18ymz0.exeexe f81f87501da7fad13ee855fc8dbdb153953246e55b082a0d8b15cac55c3e8c6fn/a Heodo
2020-09-18w6CR7tdwfuBSKDLL0Y5fq.exeexe 25f041858c9b632687fb10a3e3186721f7930d2550efec6637b8b235df483fdcn/a Heodo
2020-09-17q4Yk.exeexe 250d965c2a2aa8f6b633f66d64a6a106bd01bea265c7fc3dafd4fe271a0783b1n/a Heodo
2020-09-17d4XP.exeexe 1cf3a2db586b10ab9f9193906ea142b65e3ddf22a4d0a17bc79acdcd372362a7n/a Heodo
2020-09-17OYdWgJxm.exeexe 28651f6dbfe9931303d49f6b916641dd7b1a0f5f702f9117b8e2a1143d533c46n/a Heodo
2020-09-17YFK3.exeexe a0b5a618375daf35a433493322afa8f3efbf7299052a85b9ea62e31215a7d3ffn/a Heodo
2020-09-173MZu3ZnppECsTSa88fzF.exeexe 9041b030e83ee72272a0e98cacb8096d6551cc3465f76e482d794aa3363f661cVirustotal results 11.59% Heodo
2020-09-17OP8I13IKiaRk.exeexe b02dc0095310fbc6499ff6ae3d22d9cd515c18b2ec505ee562166c308c91e2e7n/a Heodo
2020-09-17r986.exeexe f84483a40e323febc6c28e63c8506f197fcf53f9e7bf31d9925b6e155f5deff4Virustotal results 12.50%Heodo
2020-09-17YxzAF2hZcaQEXww.exeexe 59f4a08ff00dd24f4cd802f282d613240fd506544107b9b07087c0f536e7242dn/a Heodo
2020-09-17c9yI6fLflb0RkiYgTf.exeexe ad8f0de5b93434ec0fada70ab739e2ee551152290d622f2f20f9bd94e65fbeb7n/a Heodo
2020-09-17nK7Y6kzhB3eAGW5x4.exeexe c953314eb1189c52a106d7ed10034b6a0e9c7f78ef559bd31790268341717be6Virustotal results 17.91% Heodo
2020-09-17O4ugS.exeexe 7f4c36145a1baf2046e70ad571300cea27406cae03e1e043466377ccc39d13eeVirustotal results 7.35%Heodo
2020-09-17f7bpQ4KMDbNza.exeexe e32f6c381b2fb1600f1143f9cbee9ded9b41f0a242e6df463c8035287320be0cVirustotal results 17.65% Heodo
2020-09-17d9vxxAmOwRV.exeexe cd102ed98d1f109c5be71be01802053dbdc5bf024b5b039a6b7c5950728310fdVirustotal results 17.91% Heodo
2020-09-17adh7DYnEC.exeexe efca3fb2e5f8834ea899f988aa69df67d7afaccacfc899cd8a513d7aefb4629dn/a Heodo
2020-09-17dX4TSQNR.exeexe 1ad7ed4de999dea4fdc49ec95cba03812fd06970819a04ba0611a95d578b9d43n/a Heodo
2020-09-17BKeEnfXNppabSBC.exeexe 0dc856ea00fc9fd82a2d53a8da5da77f7142899293b537aac6a8006ec4ae007cn/a Heodo
2020-09-17UlO2fm57I8O64.exeexe 975e6cc774540a88b697a15d7e78f593fa9df48599733d80c234d01d1ba0a6f4n/a Heodo
2020-09-17pMmxe4v48TzKyVHLb0.exeexe 17456fd29ec04c39e3e85321d22345fdebacafc405216c27ddb4c9ba1d3b8738n/a Heodo
2020-09-17ZZeNq5Dgn.exeexe aa104dcbca4e1c4b710d18efdfd355113d29c551ad0323f88f29f8ef8550c883n/a Heodo
2020-09-17VxI.exeexe 0afe71b8b7d2fb78a943cbd6661379d443fba7ad508c602575e09396743b4392n/a Heodo
2020-09-17JpEG5Fp9aV22wK5Fwe7Fd.exeexe 5b7924c05007216a461a36795fae0c8ccd7911ba1a1c7038ce7df0aef40c6ecbn/a Heodo
2020-09-17dCo3emqYTM1amrSV2Iv.exeexe 366362854013d805c4de2d3cf4d16293c41507c2475051e9dc192848b22afd68n/a Heodo
2020-09-1780eP8vfZtkbu48.exeexe b2689526a42a6a52b002467924278a09ff387abc856b5069c5216b51a266984cn/a Heodo
2020-09-17hZplB7a.exeexe 650bb3ac4fa2c497cdcfb57a2c63e386723795d75b6a873b724e5fc5357a62caVirustotal results 27.94% Heodo
2020-09-17J7c3Q9QHDIIKh1uj88.exeexe 4c59679df9b00203905f6240c36a59a834c716c5c84dc68310fab208402c581cVirustotal results 26.47% Heodo
2020-09-17ckysbqYQAUKinPHdbbYK.exeexe 051e8448824db51e1326c89e275adfc56beb7396ffe8b6f40d84d4c3cd1c1124n/a Heodo
2020-09-17rICX.exeexe 95a90c16a71a73fc9fb47a584acc126d9b519e36d1c8e246400628c2fdcd7aedVirustotal results 22.39% Heodo
2020-09-17RcgkCcjpJyiUo.exeexe 2de5fe65c92bf203cb5da2f32834aa2231208eeb826cbf5f923d0f6146436c81Virustotal results 20.59% Heodo
2020-09-17gC0tm5IPTJtGaGQS3.exeexe 685ffc2069ce4a5a1b5e14812911a40d46eeb5242c26a62da878fdb07dfa2fabVirustotal results 20.59% Heodo
2020-09-17CRogYY.exeexe a6d098df32fec00a2386fd8af9022c2ed414cae60d18ec480275848b451945f5n/a Heodo
2020-09-17l5bt6NLYZid1An5HLpUQv.exeexe 4af14f8ce55b672bc7cbdc9cf6e4c076a4c884efa5be37225602003b52ec90f7n/a Heodo
2020-09-1709Qag.exeexe 84ac7388e65c548b5c0c4e00644edddb25611663704b9541f8020ddf221b024dn/a Heodo
2020-09-17hFjQCWyPbXZs.exeexe 40916e39814db51ea8390e87e124689e0be3d8ceab942f82755f318b00a74663Virustotal results 14.71% Heodo
2020-09-17FB0SoCQbqGVqu5XWYj.exeexe ed3e784a87a56dce22c26212a2c254f71ade4f0f71714e99e511dc3cbaa140b0n/a Heodo
2020-09-17P8x7NDuTIuBtQ8dJl1.exeexe 4ea3fffe9a3dd39c063d7f8f8dd36ae6d2d9d9895d9d8597599bae0a713428b1Virustotal results 13.43% Heodo
2020-09-17iWwMv.exeexe fb6cc8b768259755468d85f5c2dc1778204ba499b7c9dc4d584c335a3547cc86n/a Heodo
2020-09-17jqSjB5KH7lI6KZCaP56ci.exeexe 0c09d695c37eb6ad9464ed57671dd396e182c4e2f897ccdc216a02795c046a5bn/a Heodo
2020-09-177vdeqvNdiZo.exeexe 27f3ef112ea5edc5cef784b63355414fde25620b05eae8dad3bbc6fc21c35e71n/a Heodo
2020-09-17Q1Pe7CL0ECWvKgju.exeexe 4cc1b73cbc0a0517b2194e0ece1381f4cfb9a8f754c895af0d28215c9c78eeb6n/a Heodo
2020-09-17f2QZYOQIf.exeexe aef2eaff6cd824b39e8ddb51c575d1a6916d458eeb786c2602d55d554c4e87b6n/a Heodo
2020-09-17u47TCYn0mmRPZ6.exeexe dad0ebabf1dd0a7a2cb1fba1c06a85ab5e22a13b7a0de942927cd28e74bc4c3dVirustotal results 8.70% Heodo
2020-09-17TbY8IeOM.exeexe 89b90fec0707b0d5fffce5fc27d770038ab8c65537a57611ad3dfa2bd10b64b3n/a Heodo
2020-09-17Nv2WUwec.exeexe 9bfc11adb260ab397ff976f9c1a743793f4a4f9f59e91aa25851cdb92b67eec4n/a Heodo
2020-09-17hmoGZNfDHozJZ5hYY6DDb.exeexe 36795b286b2c0e26e36259a1c1b2ebaa94e20e156d9df257aa002ec918191c23n/a Heodo
2020-09-17fAryr.exeexe c601bcc95efaadb74cfe222aa83a19a7125eed9b0b81c664853e889eec5e620cn/a Heodo
2020-09-17Stg44.exeexe 3c153a69ed43017d73288e32477e5fbf675d112ab0b5976e841e15054c1885ben/a Heodo
2020-09-17ShQz1vMVokoDGPR.exeexe 7e3fb0944944067037c2290854387c756314ff8ced3c301fd7ac9b842cb77cc6Virustotal results 8.82% Heodo
2020-09-17ofz.exeexe 5e814aa08fe7582a4ad719776828b666b4ee3b340b242c46eb199ec41c31be0fVirustotal results 10.29% Heodo
2020-09-17cql3X66ArhGg.exeexe 805431190d98f1126a394d7d46222dee301a794ce2f8f6039c39d3fc5d1eb651n/a Heodo
2020-09-17qGvnemuA.exeexe c80051f8ca14b8bbfa3f1c004cf1654d1c6934b1d67b6d774054484b324a3711Virustotal results 7.35% Heodo
2020-09-171sFyK9B1M4Pl5n9.exeexe 295ddd0bd678229f7ba53fca239fa4e87cfad17665145f97a1efd1287e827a49n/a Heodo
2020-09-17HZglWboeVUvTdISsDA.exeexe ccd6153d70487c702ebe0b24bcfb853ce2415f3e328d45a6781c87e27eb911bcn/a Heodo