URLhaus Database

You are currently viewing the URLhaus database entry for http://jkshaonv.com/wp-admin/FILE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:549365
URL: http://jkshaonv.com/wp-admin/FILE/
URL Status:flame Online (spreading malware for 5 years, 2 months, 27 days, 16 hours, 7 minutes)
Host: jkshaonv.com
Date added:2020-09-18 00:06:15 UTC
Threat:Malware download Malware download
URLhaus blocklist:Blocked
Spamhaus DBL :Abused domain (malware)
SURBL :Blocked
Quad9 :Blocked
AdGuard :Blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Blocked
OpenBLD :Blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2025-04-27 11:25:09 UTC to abusepoc{at}afrinic[dot]net)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2025-08-1124c1788b89f1eb6e216edfea0e93836c4a6f69adfd6a402b0cb9271280987d0c.jsjs 24c1788b89f1eb6e216edfea0e93836c4a6f69adfd6a402b0cb9271280987d0cn/a 
2025-04-27c448ad4f02d8dff98b400a50b43237c890d2aa6e40c71def98ea2f9ae352fb7c.jsjs c448ad4f02d8dff98b400a50b43237c890d2aa6e40c71def98ea2f9ae352fb7cn/a 
2020-09-19INV_PO_09192020EX.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107eVirustotal results 34.48%Heodo
2020-09-19GJ0783773303AD.docdoc 82f568f61de9734c8e33acfb3b6f83db73cfa15b32d02ec8d126a8ce89fc054bVirustotal results 40.68%Heodo
2020-09-19EW3668577448DX.docdoc 6f78fbb2d641a076bd2f40a39b2802a3ece7627b834468e1af726bc6bcec7237Virustotal results 40.68%Heodo
2020-09-19D_UN3FIZYHT8WFQC8.docdoc 6ff5d18efc03d5074a5c9d0c27a7ab6738e189f681af930bed2809da5a8f7544n/aHeodo
2020-09-19REP_T7UT0EP4Z36SS.docdoc dd1eb5d6665fa95590fbb058fdfb8311563d8d5b62f6b8b538cb33c967f22362n/aHeodo
2020-09-19244421474573.docdoc 48516090408f4d8cfbed9330748f7647d9e7c7d03fc6845dff52b900751f2c3aVirustotal results 42.37%Heodo
2020-09-1986151015.docdoc 0fad7aa076137ca0eea07801301e4a9799bfe63d5f5ac04aa449db6fa4201512Virustotal results 41.67%Heodo
2020-09-191601772997797385697.docdoc 69a7764872a4adde097d4595c00bbaa60a1c1147c462d9fc47a4456decc6f3efVirustotal results 40.68%Heodo
2020-09-19WZSDMYV4RI33I0.docdoc 35b7b5b1fcf159556bb2f5363ef7d7ac72b3f4d1e9357d0e2a452b8c99bfd0e5Virustotal results 40.68%Heodo
2020-09-19REP_MMZEJEVPQO9Q.docdoc b19f8522e5a2528e85dc936c8c83e1a9ed3bed5055ca06a67433b2b5201fb1den/aHeodo
2020-09-19V_55532712.docdoc f985df117771ea00d82ebee99e084f574e31d0134d0ac1d15dff5478c02f6b91Virustotal results 36.21%Heodo
2020-09-1998K97T4D.docdoc d91d2431d24606feacc84e4da63711d8b8d5dcf15cbb86be20d2f11fe07796d2Virustotal results 36.67%Heodo
2020-09-19DOC_16527573.docdoc c066bc4500ead9e0889bdaa4bc27671470aaed708c36824216e519d2b9325dfeVirustotal results 36.21%Heodo
2020-09-19REP_NOS_090120_WTC_091920.docdoc 36156e8a513ab8e144b478cbcdac6ed738f83e03ce174a02228593813a701692Virustotal results 37.29%Heodo
2020-09-19C_HI2631025325KZ.docdoc 1963ec47acb4c6d57b2e6d75de7d45de3b479c9f24760d5a0456a3accc66ddb0Virustotal results 42.37%Heodo
2020-09-19DOC_927981758506671585825828.docdoc 64e48a3ff70c94d505c873e8a67d31e9e482b8abca66fdae7b73d4f89b69c7c3Virustotal results 40.68%Heodo
2020-09-19DOC_QWW_090120_XTB_091920.docdoc 918a64048af4a066fdd935050729fcc70f074457f2943f59469ee5f3bdb0a70dVirustotal results 35.59%Heodo
2020-09-19FILE_29892061.docdoc b8818fbdeecde51adf7270365592b9812f1e323c4cdbf81f12885c590727d3f2n/aHeodo
2020-09-19DOC_5782872235.docdoc 9075458c2a7a9b59a7e7f9e575757a3069952452198a9c17ce3211d3de14eadbVirustotal results 41.38%Heodo
2020-09-19BAL_PO_09192020EX.docdoc a0427b223aa7c526dd3cebfcc4d97cc8a6e9d272e790a314a0ebeda94ad3f183Virustotal results 41.38%Heodo
2020-09-19XA_XGW7P5SJTB22H.docdoc 86b1a6a408c5639132533fa3f488087c8f0a47c3c1a5b57cb8edaba5501166f9Virustotal results 35.59%Heodo
2020-09-19F_35157328.docdoc cda0f300f10989d730a1ea43471dfadb97cb10e13a73fbabeb565b5fbfd6bc30Virustotal results 45.76%Heodo
2020-09-19WY7258703656EK.docdoc 778c345084d688acf88bb52a9c052c1e852688885a2b4c6c3938f6f471888d44Virustotal results 29.31%Heodo
2020-09-19O_PO_09192020EX.docdoc 32fb5e68e6524e8f2ea13cdf8686e2f0a5fd28042071482fde48d4110a714158n/aHeodo
2020-09-19WSQ_DBR_090120_QWU_091920.docdoc 3d64095f4564ebc30eadbe6a61d8dd290bf34c82c7c49a9accc8179312fc53edVirustotal results 46.55%Heodo
2020-09-19DOC_55791762.docdoc e3917f2ed0855bcc9400817a19340a2e860e4235af3697c42483a6f2d69642b0n/aHeodo
2020-09-19ELLC_AA5372570265BX.docdoc 0bcd580a11c4c381df0d95cc1544a14b5f69b52117cddd2b01f4e84c0bdfcc10Virustotal results 35.59%Heodo
2020-09-19X_PO_09192020EX.docdoc 1f267368325cfd8a9665680a987d4b866cbc949478dd3d8485e357ec821295f3n/aHeodo
2020-09-19BAL_FDU_090120_DUH_091920.docdoc 375b8adece65a4d295e2b9104fb0e7fa3c3c7cc7ebb3dea4607776d050029316Virustotal results 27.59%Heodo
2020-09-19Q_91035766.docdoc 3f8ac48efd3eef3c80e8979f8cf9bbf0e0d98511a42e7517063cebdf73789e60Virustotal results 31.03%Heodo
2020-09-19923669625263556.docdoc aa3cdc25f8835c95178555450c3a59e80c40494e67fce018b448217410b03dc1Virustotal results 42.37%Heodo
2020-09-19DOC_CC5460977944KV.docdoc 283fa803d0bcd99ac43b6d04b267e8fe8de71ea98d41f73ff426fc27fcba6dc2Virustotal results 35.59%Heodo
2020-09-19DOC_RUG6PXR191KD.docdoc 3c2d30dc81db1b5fd85d00649cc0efb7f00b2be6a2a8be88fcf3ab9e627c346bVirustotal results 36.21%Heodo
2020-09-19BAL_LZ6052419953WC.docdoc 0549a96b45be7693d38af5e4063355260635db3e33191b92e82e43c49eda7901Virustotal results 38.98%Heodo
2020-09-19VRK_MCI_090120_DSB_091920.docdoc 61e0ad6b0713f35c85474bdccb13d97ddbc1f384dbad75c364224d9b65c1bf51n/aHeodo
2020-09-19S_49948196.docdoc 30ee1918a15e45641f559b5bda9985c8aceb4a0e4e64e49de6364d24982556afVirustotal results 37.29%Heodo
2020-09-19RV7228373953BG.docdoc e1ab557b296ca131391eacfd8b4f90d7aee4de9848750b5df4b8adf770a5ca9cVirustotal results 25.42%Heodo
2020-09-192729217315.docdoc dd13b659498d74b258fb4a1c4bdd684ec3f2e264a202de63086c804abe195010n/aHeodo
2020-09-1810346867.docdoc a89a3fb97be7cefc4d26bbdfb463943abc4b7a4ad8f448b559cabed432592458Virustotal results 35.59%Heodo
2020-09-18REP_98311436.docdoc 40ef54fdb8b602c1bc31e33706b32c183df8c253a7d90563fd9504d73a7ecdf2Virustotal results 33.90%Heodo
2020-09-18G_YVL_090120_YXV_091920.docdoc 143d3dfeff768c6ff529e34fe2134d9fcd1e8adffa35118c52d37eefb124abedVirustotal results 35.59%Heodo
2020-09-18DOC_3BLCNNQWBRIZCYQ.docdoc 5821c7c1347704d941ccc1073e11d9621eb821da3227c358e87ca6666e81107fVirustotal results 38.98%Heodo
2020-09-18INV_PO_09192020EX.docdoc e351cb48427d30ca802f3beabc78c164446cadd34d2f040fa46a3842299b2f82Virustotal results 37.93%Heodo
2020-09-186324856001735995881.docdoc ea676e753bad13801a314d24b69b710dadbe8afbaaf399c1ad2dff18c0d7b3f2Virustotal results 35.00%Heodo
2020-09-18INV_VTLYKRS0QNT.docdoc 6a500490be1db393b419c4d2dc1bd43557bd87fe40b7b996037834fb137d8d0eVirustotal results 31.03%Heodo
2020-09-18REP_21493394.docdoc f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4aVirustotal results 42.37%Heodo
2020-09-18C_29316713848.docdoc 83ef8a546c7ee56fc9fdd0a7cfe3651582d97a1e63ac0d51ea91786703752e48Virustotal results 42.37%Heodo
2020-09-1854023724944.docdoc e2f56917b3d099c1181df4dca64371a0f7bf81e02f1ce666637390ea0c95c18dVirustotal results 42.37%Heodo
2020-09-18BAL_AHX_090120_MEQ_091820.docdoc c0922c3c055ffde4da5b482105dea26df27c58e1a615ec81afc024d55010f8ebVirustotal results 42.37%Heodo
2020-09-18BAL_PO_09182020EX.docdoc bf658688cc7faba6a890a39e62dda1f9ee6e74b0ca2abd8f22c74823f7fa386cVirustotal results 44.07%Heodo
2020-09-18AAK_090120_ICP_091820.docdoc 4e500dc20300e081376f4f6951330ba0b37700ae0b23ac5662a2e96e2cd9a755Virustotal results 43.33%Heodo
2020-09-18INV_PO_09182020EX.docdoc ba8631c356bab8573b3b7bbac984856e3ae826f3c6503286c2e8396330f263aeVirustotal results 44.83%Heodo
2020-09-18REP_PO_09182020EX.docdoc fbb0768a54c96daabef7659e5ec321d26211a023027f8beb9b9b5bf49f36d583n/aHeodo
2020-09-18IZD_090120_JQM_091820.docdoc fe79ed4902c209d55bd37446fc8d4ce7b37f241e85e7d17264051a8cb300fa5eVirustotal results 43.10%Heodo
2020-09-18PO_09182020EX.docdoc 844364fc7fd27d3f478237624a434b3255b9f564ed64e272e1935914ab559d9aVirustotal results 36.21%Heodo
2020-09-18FILE_PO_09182020EX.docdoc d81e151fbf63278ef5320ad506045027ea5427813ed63ebca0f919970b41460aVirustotal results 40.68%Heodo
2020-09-1883932397.docdoc 529620cd21b208f373dc72c4efcc0cf9f3ce6bfbb8bd0e44bf371084cc1bb9afVirustotal results 39.66%Heodo
2020-09-18INV_239311091336977148307518.docdoc 0411a8edd0fb791e01eeae0687331b988a6d3d32369d8ad9cca32229e4a4c931Virustotal results 42.37%Heodo
2020-09-18X_OWT_090120_IFE_091820.docdoc f6dee1b273f9ff061e9c1bcd320d7f98484283f3f6ce1973877bf93231a08562n/aHeodo
2020-09-18FILE_PO_09182020EX.docdoc 5f669eaa381cbe719de4bf1c0797e827639abba64b165820dc2186f68ab55552Virustotal results 40.68%Heodo
2020-09-18FILE_6803385127122561708832726.docdoc 187fa9efd453d2ebb879b0e88696b9f620cc2196c046743118650ab772759cecVirustotal results 40.68%Heodo
2020-09-1858606364.docdoc de9a57408a1c753a7cabc64d88c3922102c9be764e0192253e638b4c332f3da9Virustotal results 38.98%Heodo
2020-09-18WKUZ_ODA_090120_GLG_091820.docdoc 14d4a9b0fcaf5e4ca2f256c713a3d11328f128ce09841b02479238cd866b9f11n/aHeodo
2020-09-18DOC_PO_09182020EX.docdoc 10324f7f83b2b4c0bfe54d94c21ff44cb1e840e5652621fcfc29cd6b9426606fVirustotal results 37.93%Heodo
2020-09-18INV_70842188827.docdoc 8389b0d8b9f07eb8e55e2d7c3d6bad98dc5d0c37eb030652e43b799b0a5ee5b7Virustotal results 36.21%Heodo
2020-09-18FILE_JU1246344582GZ.docdoc d0fbfd4dc83b404a1168591a1d4a52b1cb9da8f58c55e95719dc0199efe6fdb5Virustotal results 35.59%Heodo
2020-09-1886931497.docdoc 1d55fdd4f6aa4b5c9cd2c2403b68667142a71582d3021724542c6c0582de0ce2n/aHeodo
2020-09-18N_EKIDR90F6B30AR.docdoc 15c49ec4dc917425fbbe700b8f340f1d1629be55957693427600488b42eb5156Virustotal results 34.48%Heodo
2020-09-18HX_OKO_090120_BYE_091820.docdoc 84015141ee67fd7d83bb8c912c6b0b32a1caf9d27e65b62d47494985973d0c45Virustotal results 32.20%Heodo
2020-09-18VVKH_PO_09182020EX.docdoc b02fe797b672303974d385294fa02def7aad1778e2108e67e7d4bff8d574d724Virustotal results 27.12%Heodo
2020-09-18I_PO_09182020EX.docdoc 1e3201bbb2deffb9ba87ab7c3c4a40d86a2453bd105b0bede74c0ede7aada9b9Virustotal results 20.34%Heodo
2020-09-18PO_09182020EX.docdoc 03dc985b52725fd858b9aa8c59742e209b646a9bc6d49f57884f15a187e2bc3dn/aHeodo
2020-09-18BAL_91812681.docdoc 1bd22346068e0c3ebd43f84602033625137f3f35c3b3dc18473cd089834f4541Virustotal results 24.14%Heodo
2020-09-18REP_YHB_090120_OVE_091820.docdoc 37adedb2ef245a78142b80b0da888715d3abb817111e00ae9f6c2976a79136f4Virustotal results 25.00%Heodo
2020-09-18TAC_BDZ58HRUDDL3DPAL.docdoc 6abcae841dce14d172e12d2c27729756c194836844ccbba13a69617a31dbdd07n/aHeodo
2020-09-18P_VKT_090120_KPD_091820.docdoc 83676faad35894bb04262d898f1279995a52ca4f91f343223e0403b6c915311eVirustotal results 49.15% Heodo
2020-09-18INV_YSV_090120_WYC_091820.docdoc 7d6af6fb5524fab475918225161ccfa03fd6b0893b5d6aab343555908978e002n/aHeodo
2020-09-18W6O11OJ6VHA.docdoc 01dc05c389198097e73f0e51d7e1ea7d9038367c30cf1e0408129374d3ed7db3Virustotal results 49.15%Heodo
2020-09-18948FE3AOXHL.docdoc 745b257e46ef158e2288faa30152afd8142646f1d7acec0a0c1e9424bbdab31fn/aHeodo
2020-09-18BAL_PO_09182020EX.docdoc 95aa58c779d17b78ffab83759ad0e70fdf40edf24f573b20839e2da83896d55an/aHeodo
2020-09-18PO_09182020EX.docdoc 8780a28bd25c92af4f9ad2f7a4b99acaa81ae7f410964f7155f9b69037cd2c15Virustotal results 48.28%Heodo
2020-09-18FILE_BO7438175800CD.docdoc 72a840be472b024fe4cd2e80a56e9a80988be7d4f16fa5df74eed66262615262n/aHeodo
2020-09-18INV_OHB_090120_HUP_091820.docdoc eaf897448ba42c47e03919da87640483febb9e38c0f457471d5b91d0bd6b99e7n/aHeodo
2020-09-1873938847.docdoc 37058579c0adf49f3f4170d008f3e01704bb07a33edd9b8bb1173e8127c85904n/aHeodo
2020-09-18L_IE1N8U76P8MSI5VJ.docdoc db5b2b2884b15b7c147a886a252cc856516d36b4c8fb587dc9a46063f39153a1Virustotal results 40.68%Heodo
2020-09-18441311262584.docdoc 7a087796ba52981da1f8e06f79b5bd1bdebeb961afe1f01af7864edfe071712eVirustotal results 42.37%Heodo
2020-09-18ONRK_JY4006065915KP.docdoc 7c59a227af18d0ce74f71bcd465aeb811332968c24b837a6d9761a61bf0b2abdn/aHeodo
2020-09-18FILE_179118911469.docdoc 3c04b25b3db13173771d70f4aa9fd25006b34fc0c02f707f2dbd8f9b15938720n/aHeodo
2020-09-1827473344.docdoc 07610dc0b3d7c1c61c9b30505f85c5cb407258560a13dd183500c1693dec0dadVirustotal results 38.98%Heodo
2020-09-18W_PZO_090120_LEY_091820.docdoc 4b9a2688db3fd6465d84ee5baf9fbdf6c50772a16d3e7c265c758ae284e8a63dn/aHeodo
2020-09-18FILE_59262332.docdoc 66d95a630376c2acfd2946fcec3ec5d5e076028bf1c48c388939a3f054c1a6b7n/aHeodo
2020-09-18S_KDK_090120_CFQ_091820.docdoc f6bd46837e705aee39428d412f28116876f6351e1148b7ce01d5e1848b7d0061Virustotal results 36.67%Heodo
2020-09-1823AARXVB7N2LL.docdoc 230fa7a324c31b742bc3e78cd724d571d7a462ba188b8e6dfc9f7060cb24fbc6n/aHeodo
2020-09-18INV_NX9588974500CU.docdoc 344be8e47a1c334ca0f6e8d6383c509d62ca9004f050e5a368e064e87e2e947fn/aHeodo
2020-09-18OSO_090120_VRI_091820.docdoc d95aeafb85cdd18684d7a50288bd895c7549455d652bc1997dc4b27c26788c92Virustotal results 33.90%Heodo
2020-09-18X2O4V3LGYCOMJ.docdoc 5c9ee841d3f2ca4934e2df7970319d3d7eaa875a68f3df8f691f19191fd138fen/aHeodo
2020-09-18PO_09182020EX.docdoc 09c747a3e72d8531c6bc31fb7da3dd71c0112e6bdc7a08c92794adbe46857574n/aHeodo