URLhaus Database

You are currently viewing the URLhaus database entry for http://songtian.ltd/wp-content/INC/LnXGjDiFb3uNJJrBYX2/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:585868
URL: http://songtian.ltd/wp-content/INC/LnXGjDiFb3uNJJrBYX2/
URL Status:Offline
Host: songtian.ltd
Date added:2020-09-21 12:28:12 UTC
Last online:2020-09-22 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 12:30:38 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com)
Takedown time:15 hours, 44 minutes Good (down since 2020-09-22 04:14:51 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-22inf_2020_09_22_OTA2935.docdoc b1b89eb23fc161742f78b19b454b7d0a3b657572a55212755323ccb39886d9e3n/aHeodo
2020-09-221785789 2020_09_22 KAA5091.docdoc 050f8c672a68de19be1fc1f6137e6a572d8abc551e67d2477a567dd5f94d4e5aVirustotal results 33.33%Heodo
2020-09-22INF 20200922 041.docdoc 685fbcffb0a52753c740e16c5102e95d81537f0dc8f375d677b2aeb0f05eede1n/aHeodo
2020-09-22FILE-20200922-XMX978754.docdoc 264bebcec7d291b85da0a2b0a2bc5fa300b07c9612b461f7ad9f2d55dd4389b0Virustotal results 31.67%Heodo
2020-09-22UNTITLED_2020_09_22_L4547.docdoc 34ac58d19f9561fbc90d00ebe4890258f9cf30d98f4fea91a7f13113e2a30787n/aHeodo
2020-09-22Untitled 2020_09_22 1106.docdoc 3d79182bae912b50a6834604a96ac90b10ca5e1ce72ea2355fc0e9e3b38995feVirustotal results 31.67%Heodo
2020-09-22dat-2020_09_22.docdoc 6b4419d45974ab12fe3b7374e5821a249e8b7b426bb15389e6f70897ae85f630n/aHeodo
2020-09-22Arc 448.docdoc 061d0e30973bd296c440a37565de8038d2952e85e0800e599c4049fec446fd8dVirustotal results 32.20%Heodo
2020-09-22File 20200922 MDP6097.docdoc 08eddac7838ced651892ee94e145a639d010807c45f3bd00e9752dbc1590add9Virustotal results 32.76%Heodo
2020-09-22mes 2020_09_22 Y61090.docdoc 8a2890bb71a8c5efcd1478ee7b30ed6d9c942d68f9a2b98bcbce5ebeef693071Virustotal results 31.67%Heodo
2020-09-22inf-20200922-RP04366.docdoc ceeeb96a381895e4e8e1b6d7a37870865d0d21d8202c86996ceea054fdc6ad4fn/aHeodo
2020-09-22Dat.docdoc cbf5b0482bc2cdc04d1f4ffa6c39d4517ef6793289339305a64f7820553bdeacVirustotal results 31.15%Heodo
2020-09-21Inf 20200922 TIJ27027.docdoc ab528db4cb099ac282d5ed43ee1bb14b101e77e15329937001f25bbf2d460814Virustotal results 30.00% Heodo
2020-09-21mes-2020_09_22-8017427.docdoc 47fc0c61caa3805d7cb0fcc8a8466dbf5cd3f4df9456bfea6583b9ac2d83c0aeVirustotal results 30.00%Heodo
2020-09-21arc_20200922.docdoc f2936defc5fc2976c78eb875870a7e003a079975fdeae34fbc2a652f0b488ba5n/aHeodo
2020-09-21Mes_2020_09_22.docdoc 49a768f22fd648f24523668ac5359d7496d4ec78072f12f3e65138eb3e54f94cVirustotal results 31.15%Heodo
2020-09-21LIST_20200922_KVC25493.docdoc bf80453caa419886805eb2bdfb4009b0c4689c792d253c215714a0b6f3c93155n/a Heodo
2020-09-21NY0863_2020_09_22_JZR7229.docdoc ebc9dc204d6d52aa17a6209c072481880ef297e8853bc129a18d391446f8eb3dVirustotal results 31.15%Heodo
2020-09-21Attachments-2020_09_22-821051.docdoc d15ee7beccb032c7bb054749f3921d769bfed37f38a5a877ff005aff025fe4b9n/a Heodo
2020-09-21Untitled-2020_09_22-ELP420.docdoc c1fbade9d5f7c2b5705288400f77ce167e2f71ae4bda087c52e2983d2dffbdf2n/aHeodo
2020-09-21list_2020_09_21.docdoc 9c45d673d87c9821c5a3f9801e5c0db6a1b24d57541186e603a80580f63e4276Virustotal results 26.67% Heodo
2020-09-21List_20200921_063.docdoc 6711ae72fcd8ff1f6b41ec56314e0c2133eaa5ece766e6693b8ca88670c8454fn/a Heodo
2020-09-21file 2020_09_21 8780886.docdoc cc422106d6dd2c41a70e946a117c310587b1beb090c9366c0122801bdbf0ab0an/aHeodo
2020-09-21inf-TZ472.docdoc 306d1ce13f997f20616bd30e5b182990f8a7d6dea71f6b3df38bc80f7d8b4c73n/a Heodo
2020-09-21129EQE 658228.docdoc e64bcab1a1f2160f9a78d618a0bea25b228470c38a589b537149a8abbc4401f7Virustotal results 27.87% Heodo
2020-09-21mes VMH064.docdoc 35cde8868a2076e10e0dfddb3ec487a74ca52b6643cef4d514deb69d11e9edd5n/aHeodo
2020-09-21FILE_20200921_6544843.docdoc 5af3bb808915a87c9e3b47110e4e4d712ee7fb6a463edfcfe48d0962917425a2Virustotal results 27.12% Heodo
2020-09-21Attachment_UYC045437.docdoc 436ac89a546b507039fc09df81c3e57eb3fdc5de7781422bc6ffa441a6f3a504n/a Heodo
2020-09-21file_ROB0507.docdoc 61eb0d422b0465e3df0a4d5167d820688c9b0435aa4d28b8a09cf216487399afn/a Heodo
2020-09-21List 20200921 600.docdoc 06ff769ddd838638dd933879a8a930aeacbcae74bf6df79aa7c9899d90222eaan/aHeodo
2020-09-21558QXI-20200921-MS378823.docdoc 9c52aa87b478480188f49240e7286d869dc06ab37388e6821f088b5eab8bdaf7n/aHeodo
2020-09-21Doc-20200921-CN700413.docdoc 400ce9c0043e68540e0e6d31efc1165cd0e4d696ccefb033d77e6f9fe45e0f5dn/aHeodo
2020-09-21Untitled L6324.docdoc 66cb8b7e3c4085898b6efb2c9b2d39cb3bd28f6fab85e83e70b4e9a3f441a22fVirustotal results 28.33%Heodo
2020-09-21mes-2020_09_21-Q966425.docdoc 80a8b5600bf204df850aadf7d4e7833263ef3c4771208d62fcb53e662007b5d3n/aHeodo
2020-09-21Attachments 20200921 0767.docdoc 8444b33aede1c4250ebffcce3e2abc7f96072003c7a5981b85a10bad9536ecaeVirustotal results 23.73%Heodo
2020-09-21doc_20200921_2984445.docdoc 4b6f866b4d3e232b0bcb99a08d5ec72e495a8a4eba816436ac390f80fb01288eVirustotal results 25.00% Heodo
2020-09-21INF 20200921 7534343.docdoc d6b49fd8cd1ae8ef8187df86ab91bb6b2b0c19b4025834915102eb597a04e0c8n/aHeodo
2020-09-21file_20200921_2159.docdoc 5bbc50e7511d96f3499f30c3000fa522641f4988ac06bab6016fe595a5f31ef7Virustotal results 25.86%Heodo
2020-09-21file ZH910156.docdoc 77c88c85cace420b9b8fe01b1306ee27674e3ec8a457d99302c980ef2e271a3dn/aHeodo
2020-09-21MES_2020_09_21.docdoc be9ecab012cc1458f1122eb7bea407629129263e22b0606c4c68046b82f55eden/aHeodo
2020-09-21REP-2020_09_21-0243689.docdoc 0f3dcf665c7ea9ad31fbcaa324e8f714b5611ca2d55c539279fe724acbf61cfdVirustotal results 23.73%Heodo
2020-09-21doc FA312865.docdoc 2b2348aa673f017c233082d9588e34d488754ac4e2aa9b3209d2079d29c7ccean/a Heodo
2020-09-21doc-2020_09_21-4392.docdoc 603a954c14863f0d507744dc12a79e66e12df3a802cfb33e3cf52e5d4965c68bn/aHeodo
2020-09-21Inf_20200921_842532.docdoc 3a05776c14b74dde1308f9a7a7098c4c6fbc065004db3227330937bc0a1eeaa1n/aHeodo