URLhaus Database

You are currently viewing the URLhaus database entry for http://91jzw.cn/wp-admin/statement/xhjkrxt/xnik11750750210oauk1ckphobfc7k4r39hpt/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:560797
URL: http://91jzw.cn/wp-admin/statement/xhjkrxt/xnik11750750210oauk1ckphobfc7k4r39hpt/
URL Status:Offline
Host: 91jzw.cn
Date added:2020-09-18 21:17:35 UTC
Last online:2020-09-25 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-18 21:18:10 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:6 days, 11 hours, 51 minutes Bad (down since 2020-09-25 09:09:14 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-1906431028.docdoc e9325a711e0f6f605b85898c5b507d4320e1f1dc672c68172b06cda359b5107eVirustotal results 34.48%Heodo
2020-09-19W_ABO_090120_XER_091920.docdoc 2219a032fd67333ac69e83d15651054f5fa2ebf7711e2ff700faf7cf27bb18f1n/aHeodo
2020-09-19QIFRT6XQ6AP2I.docdoc a76f26ab417e48dda54f238aad10c895f9d842783705b9946da669a7768ec8f3n/aHeodo
2020-09-19BAL_GU9423611577YQ.docdoc e59847a4716011efc546cd13c5a74ba637727c8f2e567faf344618a03ba1bb51Virustotal results 44.07%Heodo
2020-09-196CKD9ZVJ38.docdoc 6ff5d18efc03d5074a5c9d0c27a7ab6738e189f681af930bed2809da5a8f7544n/aHeodo
2020-09-19BAL_DHG0WFB4FOG2NTEB.docdoc e1e9afb5bbc575dbf36a065e3f986bdd46ddb7a3282b2d41a5fd8259520c1cfen/aHeodo
2020-09-19INV_AJ0353513756IP.docdoc a17adf48e5d1001ed87a1af31344545ee83df584126c6ade083cdec6fd158105n/aHeodo
2020-09-194816366961827970869.docdoc 20afdfa7a7c7a299565cdd046c41bcbea4b1cbdc4041edc9f0e51d52dac04a0cVirustotal results 40.68%Heodo
2020-09-1992841746.docdoc 0fad7aa076137ca0eea07801301e4a9799bfe63d5f5ac04aa449db6fa4201512n/aHeodo
2020-09-19FYSD_MTB_090120_NWW_091920.docdoc 1c8b7f12a321e7774f3fc6ef4a68c8ab12b525d9639168bbd5ec3b67ad260c05Virustotal results 40.68%Heodo
2020-09-19INV_IVQ9GN2TPU46.docdoc e5d9bb556a385de29f04eccbf388a0e8f73f556394bfcaff0a6c7ffb15e85a48n/aHeodo
2020-09-19XM0862805306RT.docdoc b19f8522e5a2528e85dc936c8c83e1a9ed3bed5055ca06a67433b2b5201fb1den/aHeodo
2020-09-19G_EN0661550337LQ.docdoc f985df117771ea00d82ebee99e084f574e31d0134d0ac1d15dff5478c02f6b91Virustotal results 33.90%Heodo
2020-09-1979015017.docdoc fffbe59f1dc6c2deda79ca2307558610f2c5abb3e030a07d7e0be1969e2fd45cVirustotal results 31.58%Heodo
2020-09-19BAL_35612260.docdoc 15533d02d9310a6707f2092410bb3deff89174f7bc64f893a98e946f2ae3ba3fn/aHeodo
2020-09-19UC7188738765IS.docdoc 4165b27e5b534a04d00fd600c969784706dcd31a10beaa3b585e754f973d89b6Virustotal results 35.59%Heodo
2020-09-19JLLO_UIB_090120_XGD_091920.docdoc 81523a851dc168a96087f9f0d7c8239e37792b2de78822fd4c2e39afb4258fddn/aHeodo
2020-09-19FILE_96597741.docdoc 23e85a68c4a3b9d299d2ed531ada64c13d44ea288cad289752aa9dd3d3e08884n/aHeodo
2020-09-19K_U1FHJPIR0J86.docdoc f3bea1e9a17c2c0596fa59400e54751f3101a0905e12055bec42c1e02ef96d8fVirustotal results 39.66%Heodo
2020-09-19Q5EQR338SQ.docdoc b8818fbdeecde51adf7270365592b9812f1e323c4cdbf81f12885c590727d3f2n/aHeodo
2020-09-19JD_PO_09192020EX.docdoc c416a530297805458112eb6bae320911725f393d317c8ff2d42ba709394d6688Virustotal results 41.67%Heodo
2020-09-19W_1WI0E3G.docdoc 2f74b7cb39258bea3019a9fc83f6fdcd6ed4e675e175236ae83bf0ea02af0e0eVirustotal results 32.20%Heodo
2020-09-19LTJ_090120_KBS_091920.docdoc a1fa34071ea34019a6dc2db84db432ae749b2577700cd493d6e83c8af8e06cdan/aHeodo
2020-09-19ZJ_PO_09192020EX.docdoc 5236f2813e8823eddc52a679a0129cb8f0edca6ffd3d3323cb9d69b037a86853n/aHeodo
2020-09-19T_33673023.docdoc 778c345084d688acf88bb52a9c052c1e852688885a2b4c6c3938f6f471888d44Virustotal results 29.31%Heodo
2020-09-19INV_13015199.docdoc 7a41acc2bae61a34f8177e8d2cfa0b5f268c583906f678bd7331d9aca266f238Virustotal results 40.68%Heodo
2020-09-19M_KF2436799535FO.docdoc 9126b6cf6a48ccd803d63160fbb3bf6dd1329fc766e2c660732b8a72d07ae0b2Virustotal results 38.98%Heodo
2020-09-19REP_277278764184068105093.docdoc 2d22cb6bb2684459c707f30b23c49d03c4077803ebd1e4256c071f8d365ada55Virustotal results 31.58%Heodo
2020-09-19REP_3174808106793.docdoc f45366fd48bfadbe704572fe3f559494d82fc82a99673cf792e760777f56ece1n/aHeodo
2020-09-19PO_09192020EX.docdoc 87888ab358912c8c811b942e25e6e58df8ad065a33cb1041ae790d60cfad79den/aHeodo
2020-09-19BAL_XQ9073086338MK.docdoc 5f38c1fbef4f42be0184fb63effb0a6d953cbb55009cae9ade7e21c580ace133n/aHeodo
2020-09-19DOC_OH7879661729YZ.docdoc 8edaaf5279e9bbfba0c2952d8545563f327f0648035e56774baef612d4777aafVirustotal results 31.67%Heodo
2020-09-19INV_9476361353302485.docdoc 6ad81544efe090dc97267a95d4f2b0c2b8165d43517570b269c170fe436c59b6Virustotal results 37.29%Heodo
2020-09-19WC2737924956UQ.docdoc aa3cdc25f8835c95178555450c3a59e80c40494e67fce018b448217410b03dc1Virustotal results 26.32%Heodo
2020-09-19RL_ZGE_090120_XIV_091920.docdoc 25f6bd48cd22ddd4c34475c97f148f31887d589bbbd02c7dd149be3d04958842Virustotal results 25.86%Heodo
2020-09-1966372354.docdoc cfa732f080d66f4255202de5836aedb5332dbe226ea5ff3e49c926ee56519cddVirustotal results 30.51%Heodo
2020-09-19268113637992789824534.docdoc 0549a96b45be7693d38af5e4063355260635db3e33191b92e82e43c49eda7901Virustotal results 25.42%Heodo
2020-09-19BAL_PO_09192020EX.docdoc e701c5716c99c6e1549951ed3f1eeffb8b4a9625d8dadb55251998b731c7a109Virustotal results 35.59%Heodo
2020-09-19BAL_AF6208297421FW.docdoc cdb7ce8fb7effdc8c98c363838bd824c3fbcc6a08290601a0e6027f1c6faffddVirustotal results 25.86%Heodo
2020-09-1980894484508.docdoc ec0a9a535ccb576248f4c7900428f2a898853aa83d6cdff165a23414125d8a68Virustotal results 35.59%Heodo
2020-09-18REP_CQY_090120_UTQ_091920.docdoc 3cecaccb2ac195f3828add4513535047bf92e18f3fd39df822a1aabf5a50ac4eVirustotal results 23.73%Heodo
2020-09-18BDAXYVF.docdoc c536931bec7f39621f1f86cd9b7b49ba58e35ba7a7f6ce7b92724de491137e3dVirustotal results 38.98%Heodo
2020-09-18DOC_PO_09192020EX.docdoc af7a05d648d4175f924ff2431748c2bf40e15eeb256d2135bfeba80f4adbd149Virustotal results 24.14%Heodo
2020-09-18REP_GE5415788041SF.docdoc 1bf95dd5920c9ab0b519c10b39e7de04eff938ea86f834885f202a0cec87d4bfn/aHeodo
2020-09-18INV_J225T6AQF4VO9DLG.docdoc e6bd87fbe016b6aa6adef6d0b44f84f03fac8c48fff4f7f50631787c51b36eban/aHeodo
2020-09-18REP_ZPGB1M7QZFW05QM.docdoc ea676e753bad13801a314d24b69b710dadbe8afbaaf399c1ad2dff18c0d7b3f2Virustotal results 35.00%Heodo
2020-09-18C_BZD_090120_NNK_091920.docdoc 87172168a864a3749122b035ac2217ff9b8b5a26f2e55a5a0c74c3f2f52f67b8Virustotal results 22.03%Heodo
2020-09-18G_7KEHVAGENQZS8E.docdoc f5fb5d637a37ec6c6c5288f46bb6ad3cb9559037f8df024aba1f9bde1d477a4aVirustotal results 42.37%Heodo
2020-09-18FILE_ET7011319430HG.docdoc 523f29c1434d7c2b71f1516c5c73cf9bd1546f0669e730fdf9282641ced7cfd4Virustotal results 44.07%Heodo