URLhaus Database

You are currently viewing the URLhaus database entry for https://btjinshan.com/zzxwf/DOC/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:560446
URL: https://btjinshan.com/zzxwf/DOC/
URL Status:Offline
Host: btjinshan.com
Date added:2020-09-18 20:43:15 UTC
Last online:2020-09-19 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 20:44:02 UTC to ipas{at}cnnic[dot]cn)
Takedown time:14 hours, 18 minutes Good (down since 2020-09-19 11:02:41 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-19MGZ_090120_QVX_091920.docdoc 6551f8c92068a9f5857920d06ee67a6c00db576cdcbf7901a645b734994a0e8bn/aHeodo
2020-09-19V_QYP_090120_HEX_091920.docdoc 0fad7aa076137ca0eea07801301e4a9799bfe63d5f5ac04aa449db6fa4201512n/aHeodo
2020-09-19TY81PG6BR3UL.docdoc d7f9f33aa1e41e5cf3ed675039323eedced58cb2e29f20b2fb2b6df79ab141d2n/aHeodo
2020-09-19LB3073356386XX.docdoc e5d9bb556a385de29f04eccbf388a0e8f73f556394bfcaff0a6c7ffb15e85a48n/aHeodo
2020-09-19FILE_PO_09192020EX.docdoc d737e6973c1db753444e7bb9eacd01acd35b8fe2e88cc795f668ff59f0ce2027Virustotal results 35.59%Heodo
2020-09-19AL1100477342IX.docdoc 161a56d18d19f07897fe02a41e186be65f9bb1d33230e6bc26787c0d5a20231en/aHeodo
2020-09-19REP_419100072627946.docdoc fffbe59f1dc6c2deda79ca2307558610f2c5abb3e030a07d7e0be1969e2fd45cVirustotal results 31.58%Heodo
2020-09-1909707513.docdoc c48a51d8de6403e9edfbd7add130002b895655dfbe014581e64d0fd7bee83155Virustotal results 36.21%Heodo
2020-09-19DOC_MK2343593906FU.docdoc 4165b27e5b534a04d00fd600c969784706dcd31a10beaa3b585e754f973d89b6n/aHeodo
2020-09-19PO_09192020EX.docdoc f324ce3dda20edd6a8a964eb14fe89ea1df9a7bfad867dc0abba653b22534357Virustotal results 40.68%Heodo
2020-09-1946348071.docdoc 918a64048af4a066fdd935050729fcc70f074457f2943f59469ee5f3bdb0a70dn/aHeodo
2020-09-19BSKE_5847290871446993364.docdoc 53c798816c0299b0b57dfc31682d5bc2a73573f248e05ce8b5427b1b9d908150Virustotal results 34.48%Heodo
2020-09-19Y9DOZINWCS.docdoc c416a530297805458112eb6bae320911725f393d317c8ff2d42ba709394d6688Virustotal results 41.67%Heodo
2020-09-19INV_28320034.docdoc 2f74b7cb39258bea3019a9fc83f6fdcd6ed4e675e175236ae83bf0ea02af0e0eVirustotal results 32.20%Heodo
2020-09-19FILE_VPPHNFFVIQ26YRG.docdoc fef97dd65403e6df050dd694228616294f6a82327a011603fd95d931ec99219cVirustotal results 30.51%Heodo
2020-09-19INV_60469045.docdoc 7991a69a5cbfa005b7685a29ded3f4f849b24fed6a340cbba97dc86d6db9b0a6n/aHeodo
2020-09-19FILE_SN2872824768UO.docdoc cde71f33068605eabce06bc83bd39ab037b0c00a1fcf116de871a44328981e08n/aHeodo
2020-09-19FILE_VR8468663512CH.docdoc 73620e838eb9f25fb84489e5a9b183790be59e762fb7aa8cd65a6958e83a00c0Virustotal results 40.68%Heodo
2020-09-19FILE_LJ8365960000PD.docdoc e04d0fb983378ed4932296cee99a78050dc18fa6b09cd6fb726eb90978a6d6acVirustotal results 31.03%Heodo
2020-09-19ZQH_PO_09192020EX.docdoc 3d64095f4564ebc30eadbe6a61d8dd290bf34c82c7c49a9accc8179312fc53edVirustotal results 46.55%Heodo
2020-09-19INV_KE2855116396JJ.docdoc 7032382798471056e86e6737c338291cdd791a526f78f36db74900e9a5293e4bn/aHeodo
2020-09-19RLNJPFTJ0.docdoc e3917f2ed0855bcc9400817a19340a2e860e4235af3697c42483a6f2d69642b0n/aHeodo
2020-09-1912813809.docdoc f45366fd48bfadbe704572fe3f559494d82fc82a99673cf792e760777f56ece1n/aHeodo
2020-09-19INV_8551814806247.docdoc a750366c2526e29a08f729005ab062b1a98ae9774f4c3d0ff22d881c67405c41Virustotal results 41.38%Heodo
2020-09-19INV_1Z8W2Y5PMKQQDP7.docdoc b906482b50c16f39e9ceb8f7fb0c7ea8b7f2480a25a5452f2006daea435d2d7dn/aHeodo
2020-09-19XF6976622485XQ.docdoc 3f8ac48efd3eef3c80e8979f8cf9bbf0e0d98511a42e7517063cebdf73789e60Virustotal results 31.03%Heodo
2020-09-19BAL_AK0518945665IZ.docdoc 8de8ea6861abc663aa24c26703bde4b83981117f06c438a6d82c295d178ce970Virustotal results 40.68%Heodo
2020-09-19NQY_090120_JDN_091920.docdoc 283fa803d0bcd99ac43b6d04b267e8fe8de71ea98d41f73ff426fc27fcba6dc2Virustotal results 35.59%Heodo
2020-09-19FILE_QKF_090120_SUG_091920.docdoc 99eda692ad8e7b4355aa54a8bbe79740fedcf0500c775ade59cd67ed7c7ecaaaVirustotal results 26.32%Heodo
2020-09-19BAL_MB1775844227GG.docdoc b837078057329148a35e96ef42c7c83e16fd7f203fa7f1f225fc1a42246349c2Virustotal results 36.21%Heodo
2020-09-19INV_PO_09192020EX.docdoc e701c5716c99c6e1549951ed3f1eeffb8b4a9625d8dadb55251998b731c7a109Virustotal results 26.32%Heodo
2020-09-19REP_PO_09192020EX.docdoc d9156e388b67c26c8f24291bc16ca0fab2a5ef2b1a4bdca9efd9a5c1a2262a2cVirustotal results 36.21%Heodo
2020-09-19DVI_BBJ_090120_USH_091920.docdoc cdb7ce8fb7effdc8c98c363838bd824c3fbcc6a08290601a0e6027f1c6faffddVirustotal results 25.86%Heodo
2020-09-19PO_09192020EX.docdoc ec0a9a535ccb576248f4c7900428f2a898853aa83d6cdff165a23414125d8a68Virustotal results 35.59%Heodo
2020-09-18INV_80894752.docdoc cdb734fc9234a80b1fda26d9fde564b0e14efadc283ba63e61e9031657f399ecVirustotal results 24.14%Heodo
2020-09-18DOC_PO_09192020EX.docdoc 86c2a46361bb27398793003ff2619e6242bf0e8de2c5d895ed923f766d40b7e5n/aHeodo
2020-09-18DOC_DZS_090120_KRE_091920.docdoc e6efa97f9a08f01b78d5a5e02d3ef06892f126a52bacb798cd5546dbfcb5e139Virustotal results 28.07%Heodo
2020-09-18GE9504981060UT.docdoc 05eb736917a11db255084e194c37d2af8e64f70d50bf4c604bc9eca81198fb74Virustotal results 27.59%Heodo
2020-09-18BAL_84610247002060.docdoc 4a0e1fa1af2997f150fe806a7ff482e45c83132a101a0808e8ced6e543de770aVirustotal results 31.03%Heodo
2020-09-18FILE_WRFR21V42LH6MU.docdoc 87172168a864a3749122b035ac2217ff9b8b5a26f2e55a5a0c74c3f2f52f67b8Virustotal results 22.03%Heodo
2020-09-18IJU_090120_TDS_091920.docdoc f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4aVirustotal results 42.37%Heodo
2020-09-18C_PO_09192020EX.docdoc 523f29c1434d7c2b71f1516c5c73cf9bd1546f0669e730fdf9282641ced7cfd4Virustotal results 44.07%Heodo
2020-09-18INV_FW6394011184XU.docdoc c0922c3c055ffde4da5b482105dea26df27c58e1a615ec81afc024d55010f8ebn/aHeodo