URLhaus Database

You are currently viewing the URLhaus database entry for https://yun.xuezha.cn/data/Documentation/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	559721
URL:	https://yun.xuezha.cn/data/Documentation/
URL Status:	Offline
Host:	yun.xuezha.cn
Date added:	2020-09-18 19:33:10 UTC
Last online:	2020-09-26 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-18 19:34:15 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	7 days, 22 hours, 31 minutes (down since 2020-09-26 18:05:36 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-19	INV_PQN_090120_DHH_091920.doc	doc	e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107e	34.48%	Heodo
2020-09-19	53248000355168743555236.doc	doc	82f568f61de9734c8e33acfb3b6f83db73cfa15b32d02ec8d126a8ce89fc054b	n/a	Heodo
2020-09-19	FILE_49995583.doc	doc	7c266f2e5ff601cc96e9a3b11271921adc8347dc35f9eadfbbd514dbede04266	35.59%	Heodo
2020-09-19	MEE_RU8840017599VU.doc	doc	9f77870d3740686f81155c4cca802ccb196cdd875714ed8e25d9a920d2d2adb4	n/a	Heodo
2020-09-19	INV_NSY_090120_TOV_091920.doc	doc	dd1eb5d6665fa95590fbb058fdfb8311563d8d5b62f6b8b538cb33c967f22362	n/a	Heodo
2020-09-19	ROCO_13680715431253270213.doc	doc	ca235f31bad34b88fa114fb3657583c68ff80a1c5fb637b51b4338fbe6134f94	n/a	Heodo
2020-09-19	FILE_85393136.doc	doc	20afdfa7a7c7a299565cdd046c41bcbea4b1cbdc4041edc9f0e51d52dac04a0c	40.68%	Heodo
2020-09-19	FILE_PO_09192020EX.doc	doc	1d1abdd47fc063e3d5a2ae7655ac0b570b3e34e2109a2154825ce1b59686b6a6	n/a	Heodo
2020-09-19	INV_IZG_090120_YMF_091920.doc	doc	d7f9f33aa1e41e5cf3ed675039323eedced58cb2e29f20b2fb2b6df79ab141d2	n/a	Heodo
2020-09-19	OD4224968279EG.doc	doc	7a015b6833969e6837d78d58ac9b507cdf02d2272798f7cef35fdf534b58b52a	40.68%	Heodo
2020-09-19	33448234.doc	doc	b19f8522e5a2528e85dc936c8c83e1a9ed3bed5055ca06a67433b2b5201fb1de	n/a	Heodo
2020-09-19	FILE_53885477885515253509.doc	doc	977202ad05f3dc22921ff8db4e7555d1ba9c34fea406b306febc83513fce069c	40.68%	Heodo
2020-09-19	DOC_HRJ8WVFVYB14D.doc	doc	32d451b2bae3e18f7c033f617f08f633bbe77e2bd4a98bd72d6fccb66ff80900	50.85%	Heodo
2020-09-19	PO_09192020EX.doc	doc	81523a851dc168a96087f9f0d7c8239e37792b2de78822fd4c2e39afb4258fdd	n/a	Heodo
2020-09-19	REP_KXBDOV3AF.doc	doc	fff500c894e8ce1ddc024ef40ece32c51ed45d3d85eee507a81a1c2d0115db85	n/a	Heodo
2020-09-19	G_FU2563728396TN.doc	doc	f3bea1e9a17c2c0596fa59400e54751f3101a0905e12055bec42c1e02ef96d8f	n/a	Heodo
2020-09-19	K_XRN0FKU5YJ0W57.doc	doc	b8818fbdeecde51adf7270365592b9812f1e323c4cdbf81f12885c590727d3f2	35.71%	Heodo
2020-09-19	28491247415771193636037.doc	doc	9075458c2a7a9b59a7e7f9e575757a3069952452198a9c17ce3211d3de14eadb	n/a	Heodo
2020-09-19	FDIP_PO_09192020EX.doc	doc	fef97dd65403e6df050dd694228616294f6a82327a011603fd95d931ec99219c	49.15%	Heodo
2020-09-19	66125545.doc	doc	7991a69a5cbfa005b7685a29ded3f4f849b24fed6a340cbba97dc86d6db9b0a6	n/a	Heodo
2020-09-19	REP_PYI5JB9B55M.doc	doc	aae82415f0c1d33438261bb6ea1039cdff8bccc786541f5177e6938497f5b2d1	40.68%	Heodo
2020-09-19	BAL_319269482516618.doc	doc	b1be0fa6951b0252445d71a28ba08ada17974551790e1c61194c013249c97425	n/a	Heodo
2020-09-19	BAL_71899989.doc	doc	e04d0fb983378ed4932296cee99a78050dc18fa6b09cd6fb726eb90978a6d6ac	39.66%	Heodo
2020-09-19	D_1933746152012253567412.doc	doc	3d64095f4564ebc30eadbe6a61d8dd290bf34c82c7c49a9accc8179312fc53ed	46.55%	Heodo
2020-09-19	REP_MH3470828201IM.doc	doc	90e191cad172245af9b6ffe8c5ca065163bb8ae54f8a3b6c573663f7179dc471	27.12%	Heodo
2020-09-19	BAL_56029925.doc	doc	4b9de007a12dfbcc6b19f1bd5cf8d12f6ae9a7d2a3c3c04b1147e448974d9486	n/a	Heodo
2020-09-19	4AY5017ULA.doc	doc	a750366c2526e29a08f729005ab062b1a98ae9774f4c3d0ff22d881c67405c41	41.38%	Heodo
2020-09-19	65788738.doc	doc	5cc754b56ea15b372576406cb73285d5c74e09ee434b62bb955e5c02caca6b68	n/a	Heodo
2020-09-19	BPD_41683550.doc	doc	085e7e7f6527b89c4e08c3a4094c41e50f2f10bf83f6f38feeeb5291f9ae9491	n/a	Heodo
2020-09-19	DOC_VY0882093580VY.doc	doc	cc21dad99db9fe14ebb5e963372e9b2bb57c453683119891b367387d06f812ed	40.68%	Heodo
2020-09-19	NCT_EY6057823245EH.doc	doc	eda809ad0a26585bd981ed4836c84dd4c4844d775d5ee471d3c35e980e71cd10	30.51%	Heodo
2020-09-19	FILE_72355235.doc	doc	ee2bfb3bfc62ad36246c4533bb4bb8c41aa21ffeb8bd74b216d3c6088cbc7b62	37.29%	Heodo
2020-09-19	X_EA8696206594EQ.doc	doc	56813b1ff2c178be52fb844d4656d77d7d061aeeb71e90418d1665f9aac64978	26.32%	Heodo
2020-09-19	6076901970770812.doc	doc	c87f8fd591bb21b8ee7da412593310605e465dc013f1607cd0f67c0e39d58685	n/a	Heodo
2020-09-19	I_N1W35KP6DYGAG6SB.doc	doc	d59d39c60431ec6eecee3ee2b23f4ef8b22020fac5da115f07105432a953fa09	37.93%	Heodo
2020-09-19	H_PO_09192020EX.doc	doc	e8ba52929c7417d389ec7c09ee6326be03a51186987ca74d8ef79a98803150b5	40.68%	Heodo
2020-09-19	QR6579837659VV.doc	doc	a6a8b9e3e602b8727f2687f6906dbc66a534b711594e7064776f9128f0582e0e	30.51%	Heodo
2020-09-18	47952910.doc	doc	ec0a9a535ccb576248f4c7900428f2a898853aa83d6cdff165a23414125d8a68	25.42%	Heodo
2020-09-18	541854526298109108508.doc	doc	3a245c3c3ba3257272ead17995d6b4913540dd24162a40430a05199d36f50768	36.21%	Heodo
2020-09-18	INV_TQ3629440299WS.doc	doc	afc7650429d1bb92b43bc1bae9ac07c7e3ff7d34b10949e03b97c1a43cab0930	n/a	Heodo
2020-09-18	FILE_KT5954538957DX.doc	doc	143d3dfeff768c6ff529e34fe2134d9fcd1e8adffa35118c52d37eefb124abed	36.67%	Heodo
2020-09-18	FILE_70280972.doc	doc	e767562438c04ed2d3dee57114d125b4446278c036106d12eb8e7fd9d9a93940	n/a	Heodo
2020-09-18	92321924020736.doc	doc	51a455b1fd51bbbeddc6805c7d1304d1100dabc2c5611401df5b4f834f62b07a	22.41%	Heodo
2020-09-18	VLME_12131731.doc	doc	6a500490be1db393b419c4d2dc1bd43557bd87fe40b7b996037834fb137d8d0e	n/a	Heodo
2020-09-18	CBLJRYF8G.doc	doc	f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4a	42.37%	Heodo
2020-09-18	Q_MI5695880503LJ.doc	doc	9d18ad242b906738ecf1a87d38dfa1b46320cbed0c62244a23c7585251350efb	44.07%	Heodo
2020-09-18	DOC_39338334.doc	doc	c0922c3c055ffde4da5b482105dea26df27c58e1a615ec81afc024d55010f8eb	n/a	Heodo
2020-09-18	K_FXB_090120_VQN_091820.doc	doc	33099cd71cd92838445b2b6beaab0d5f29220c7866510e1a83dd32c0779c91a8	44.07%	Heodo
2020-09-18	FM_PO_09182020EX.doc	doc	4e500dc20300e081376f4f6951330ba0b37700ae0b23ac5662a2e96e2cd9a755	n/a	Heodo
2020-09-18	REP_PO_09182020EX.doc	doc	d30150c62052607c9dd68065e9bf07da7c7490bdc0be48077a770b13f28d77b3	n/a	Heodo
2020-09-18	79341913.doc	doc	4000d1ab30db6a5d94686c02f9a7e6e687231ff9bfd42bf56e3f9f1e8750ede2	28.81%	Heodo