URLhaus Database

You are currently viewing the URLhaus database entry for http://aizhanseo.com/wp-includes/OCT/NOOG1JsMU0g/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:587313
URL: http://aizhanseo.com/wp-includes/OCT/NOOG1JsMU0g/
URL Status:Offline
Host: aizhanseo.com
Date added:2020-09-21 15:59:11 UTC
Last online:2020-09-22 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-21 16:00:04 UTC to praisewang{at}outlook[dot]com)
Takedown time:15 hours, 22 minutes Good (down since 2020-09-22 07:22:09 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-22rep-20200922-127.docdoc f46d933cc794ec8f95dd03ddc687ee164ba570053e0d0813e8d79c4d09ab368dVirustotal results 50.82%Heodo
2020-09-22Mes 20200922 LUQ7190.docdoc c1c64fe054f9be96a2d05c6e7957db0b63d92542154af8a46ac60bb7d5d5d622n/aHeodo
2020-09-22Dat_XPT70110.docdoc 3a4fbf0f22071cd991a4eb2507569ee2d1e7d3042ad2b693f2f818c8e895f543n/aHeodo
2020-09-22REP-NU4997.docdoc ca8bc966291f9d6ab8a2c9497a5db3e867a7d530e117bc6db2d60c39fda5b66fVirustotal results 43.33%Heodo
2020-09-22List 2020_09_22 15144.docdoc bba3849ec67263bb32327cd4462beff2e001ff9db4a576d683df43961006394fVirustotal results 44.07%Heodo
2020-09-22Mes_20200922_A0806.docdoc cf1ab745ab6a4dc857eb8232bcbcfe7675540dbc45e29114985c290ff415b8den/aHeodo
2020-09-22Rep-2020_09_22-4167719.docdoc b3bc13c79571b2cf77ab2ad7a593e512bbaf1bf61f0ac3eacb10e78e840cb9fcVirustotal results 40.98%Heodo
2020-09-22doc 2020_09_22 R5927.docdoc b3838280203a43fd02a295edbba1ec0ebe08ac22efe3e8e5baed626f3ebe698fn/aHeodo
2020-09-22Attachment_U461.docdoc 89897d1c075f86847a7234b13cb4acc27b16a32f115215baef6c5d41b0f4d67dVirustotal results 32.79%Heodo
2020-09-22rep_KO91338.docdoc 021d815c7a498172ad0e8254073b4d9c3f83bc2f400602d64b02613e62b9fb9an/aHeodo
2020-09-22file-20200922-81146.docdoc 8e31bc6780cc77125d2c78fc762ac2cdf7640be4edf71770f144fd26adc4721an/aHeodo
2020-09-22file_20200922_UEZ684.docdoc 264bebcec7d291b85da0a2b0a2bc5fa300b07c9612b461f7ad9f2d55dd4389b0Virustotal results 31.67%Heodo
2020-09-22MES 20200922 DKU1474.docdoc 1692576fa20b26d4b08f7ddf02890b29ee1afd8c20ae52aeb87abfbe023c7209Virustotal results 32.79%Heodo
2020-09-2242102BNA-372.docdoc 6b4419d45974ab12fe3b7374e5821a249e8b7b426bb15389e6f70897ae85f630n/aHeodo
2020-09-22inf-2020_09_22.docdoc cbc24d09773cf56460c3a9cda7b497317ec61632c48aaf8615d94fe4a58ac642Virustotal results 32.20%Heodo
2020-09-22Untitled IQ7023.docdoc 08eddac7838ced651892ee94e145a639d010807c45f3bd00e9752dbc1590add9n/aHeodo
2020-09-22Attachment 20200922.docdoc a817507562022f31451f066e1fa331d53cf580488007476987751c5c9b0113ceVirustotal results 32.79%Heodo
2020-09-227952360-20200922-AYQ4418.docdoc ceeeb96a381895e4e8e1b6d7a37870865d0d21d8202c86996ceea054fdc6ad4fVirustotal results 31.67%Heodo
2020-09-22Inf_2020_09_22_523241.docdoc 071213621eabf1fc4875132e9bade6ab8f1b8311427be3fc1fa626449a7db799n/aHeodo
2020-09-21Mes_14512.docdoc dd5ce5ffcf0c62e6fce916b040418dc3bcb7a74ea6b11c3f31123106f04ad6c5n/aHeodo
2020-09-21LIST.docdoc 9d856a82f0899be05fb4c7d81837230640ebef104a02ed0e95bf00f88409ad73Virustotal results 30.00%Heodo
2020-09-21rep.docdoc 49a768f22fd648f24523668ac5359d7496d4ec78072f12f3e65138eb3e54f94cVirustotal results 31.15%Heodo
2020-09-21arc 20200922 6147.docdoc 408b12e331000ac29de83635501b2c1ad800d8465e28a0a8054f10c4fdcb091cn/aHeodo
2020-09-21DAT 2020_09_22 KK1820.docdoc 0ff979ea9674b24eaaf44e80354ff0126f6a59acc790907ccb1fc48c8e1384b8n/aHeodo
2020-09-21REP.docdoc f0e77efe2ed5bb775bfcefae4448ed8dfc00f824d1e9a9b5f6ea63624ee6a360n/aHeodo
2020-09-21FILE 963.docdoc 92d22198aa452330399eda2a7656453994b1ee2bd263e850b39429aaa34dd9d5n/a Heodo
2020-09-21Doc_2020_09_22_N253852.docdoc bf472ca39b5a4407fe40c2130b3bb1495772cfe47feb4c79046e811be37e8d95Virustotal results 31.15%Heodo
2020-09-21arc_U108656.docdoc 4e8b907a2a9db801e5ac5e63be51c941944aa0432de155955a9b8f7741387890n/a Heodo
2020-09-21mes_X1996.docdoc cc422106d6dd2c41a70e946a117c310587b1beb090c9366c0122801bdbf0ab0an/aHeodo
2020-09-21Dat-20200921-1117857.docdoc 98d06fc771715c436b8ecc3bf03aa2b900ed0bdc897aa050d293666191dd1a78n/aHeodo
2020-09-21098900-20200921-O025.docdoc 8c3a4338d7f182b5a61fca23d6848bdf9a3bb775d6c5c938b82cfb845aec45a3Virustotal results 27.87%Heodo
2020-09-21File UGK122183.docdoc fccf528f0152705715608cfaccb8952b64971c5f5c8a3479f035b979b8e51631n/aHeodo
2020-09-21Rep 190371.docdoc f85e575ddd651c3d60580fc1e2a4c74eb93f0097b1141daaab16fcc6ec843279n/aHeodo
2020-09-2144165432_20200921_7904544.docdoc 716299f97023ee3e7f0a20ad1843ee7284684da8a503b9031fdaf0aac7e81671n/aHeodo
2020-09-21LIST 20200921 G128.docdoc d8e606128ea6abf4af62e98e8f0de8e37080dc6aec867ab0a5d2d4a8ad68ebb5Virustotal results 26.67% Heodo
2020-09-21inf_20200921_L4763.docdoc d09bf180c62ff076b690cc1ba7f1848bbcd7aca274fd1350df751593c3d06cfen/aHeodo
2020-09-21arc-9771.docdoc 1c1d6a7d2690d01c33afbde392a68bb12a53fd56aeaef85282b81661b0b06ed8n/aHeodo
2020-09-21Inf-QSS072886.docdoc eec5de4b7b0f1cc511f1bd917e05c187785ea211748aba8d6dc3ca62007dc905Virustotal results 27.12%Heodo
2020-09-21Attachments 5841492.docdoc 871e9f95f83bdec95cd1146efadfca928251886fbcba5671e65906f40d73842fn/a Heodo
2020-09-21dat-2020_09_21-ZFE56258.docdoc 8444b33aede1c4250ebffcce3e2abc7f96072003c7a5981b85a10bad9536ecaeVirustotal results 23.73%Heodo