URLhaus Database

You are currently viewing the URLhaus database entry for https://egfco.cn/bak/docs/bsu1ffGb3ZABJdjwCpFU/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	596372
URL:	https://egfco.cn/bak/docs/bsu1ffGb3ZABJdjwCpFU/
URL Status:	Offline
Host:	egfco.cn
Date added:	2020-09-22 12:18:13 UTC
Last online:	2020-09-28 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-09-22 12:20:05 UTC to abuse{at}hostease[dot]com)
Takedown time:	5 days, 18 hours, 0 minutes (down since 2020-09-28 06:21:00 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-09-24	3517 20200924 7939892.doc	doc	4498f1490461e97e457f5346e061a24752f6fd4913fd5a7193e4cd450379f8c1	29.03%	Heodo
2020-09-24	Mes_20200924_07914.doc	doc	adb4e66249d841c987f80f9d50cc6812bf7886019be050ddc644ca97c0116aba	31.15%	Heodo
2020-09-24	834391 2020_09_24 HRE1582.doc	doc	dde1cbf68e2be2ddb3e779040dfaacdd8d49ec16074c81dbd96c5475a7e20f16	30.65%	Heodo
2020-09-24	arc_20200924_677021.doc	doc	9554237d9a237ce9702ff8502da80e347df17141104c58b4ea721a482875c7eb	n/a	Heodo
2020-09-24	MES 97572.doc	doc	10c276571c36df4cfe95f75f6a76d198dc5637d7669169289f2d8e06ede86a0e	29.03%	Heodo
2020-09-24	inf 2020_09_24 325575.doc	doc	be3c79e9b5fd61ac148d1f5687acadb548a968dc7c12a7ae63a0c9bb31355945	22.58%	Heodo
2020-09-24	MES_2020_09_24_075426.doc	doc	2260bf9deea2a1cf3e0a170499ada3e4f17b98bfd03bd0279693a9bd80a84a24	n/a	Heodo
2020-09-24	List-PEA4155.doc	doc	f34af594fd62ecec200ed5f940b536482a124fcddaad15776b699c6a61869b4e	19.35%	Heodo
2020-09-24	List.doc	doc	9dd38b38e8e4c05419fe21d2979f10e73b638f3daebe5155502078b0c55c8e79	20.97%	Heodo
2020-09-24	doc-OVK31215.doc	doc	95e31a3e395df581e9ebb7234ab5fea6d36b6a03dc9d51e6b14fc59d23a6d4c7	19.35%	Heodo
2020-09-24	258368.doc	doc	d82d5b660d95337c8161aa70584a8f8d8ac9134a4566571a7514b8912fe15766	19.35%	Heodo
2020-09-24	list_20200924_449.doc	doc	528d22e4147caf0834320353578b1d3fb47fe97bd180e7d2bf9f764980d14bac	n/a	Heodo
2020-09-24	Inf-2020_09_24.doc	doc	23db49d5886e034ad5ab63515e5c5c6b6374d5bad5c9b68cfb3d84f39451a301	41.94%	Heodo
2020-09-24	Dat 2020_09_24 80075.doc	doc	4d3529cb9c98cae2816c1b943de1d50f2acb43769d288fffa8b7e28324faa8d8	n/a	Heodo
2020-09-24	list_20200924_82262.doc	doc	4646dd3e53714af28ecc8c4bd54029a5cb00ec4ea6eead753353eeb8e574ff63	39.34%	Heodo
2020-09-24	Attachment_2020_09_24.doc	doc	e7f6321d905f4db566091d8d4520f4d128bf66917cc86d794f1d435352ed2899	37.10%	Heodo
2020-09-24	LIST_20200924_0459451.doc	doc	884432de11d0670a7d8007ef1fe5d877b72e7ebbe678ac2cac3bc08708a723aa	35.48%	Heodo
2020-09-24	263NL_20200924_VEM124.doc	doc	a8c29fd851cb952d316acc958e0666ef6c6d2ce6e1d8404dc1aa1ab06c95b79c	n/a	Heodo
2020-09-24	290QYU.doc	doc	0d16dbc897960b7bcf3efddbcff01a0178862dc16208725dfba45d5ebaa109c8	n/a	Heodo
2020-09-24	Arc_119.doc	doc	48523dc1483cef07ef0bca44fe8f6629de0a7ab7e89899640b66568d4816c54a	33.87%	Heodo
2020-09-24	REP-20200924-I8343.doc	doc	cb764536b329d21fa9638d8e1609ad4382e4e4ba44756045a7196c051cd12c78	32.26%	Heodo
2020-09-24	Rep_41875.doc	doc	0bf5cdd3f37f117e4ae69a13ceeb2d812055e6bb5b5119bf9adbf69d4218d63c	n/a	Heodo
2020-09-24	rep_NW558.doc	doc	d459ae5f366703f6a9c1ad00f597a966ab17bbe733d0eb970e94a9e1ed912dc7	32.79%	Heodo
2020-09-24	REP 2020_09_24 EK132.doc	doc	fb0558dca547b0e5446371eb2b2bc4204d97d088d68cbe23d0634c4c6ae55222	30.65%	Heodo
2020-09-24	G8341 2020_09_24.doc	doc	234d3ad4abc48e15ee2c813f7202154e54609b7380d8d7f803801c1759ed2042	27.87%	Heodo
2020-09-24	inf 20200924 140.doc	doc	94e4fe6c73db0e80100417fe60ab8d9b1fe7fc9ece7a2923861e1e1d42717d4d	27.42%	Heodo
2020-09-24	ARC 20200924 WRX1988.doc	doc	204bc7ba8ccc1a68101bcaa5a6e0c77ec50b92bab7ffe72f1a42baaf8615775f	27.87%	Heodo
2020-09-24	Mes-2020_09_24-757477.doc	doc	a94c2c5af432da438e746e9cf551dd6b3c7645af7a509a8bd8a7b4cdfc76ad96	30.00%	Heodo
2020-09-24	dat E73369.doc	doc	f7561790eb64bec3a2d4c3bef288b826285ba9af1ddb3d05c1308778884a4052	28.33%	Heodo
2020-09-23	arc 20200924.doc	doc	a8f0618803466ed187aec2039b42491adb06253fdb89c826203fcd757992967e	27.42%	Heodo
2020-09-23	Attachment_7253.doc	doc	5840a444fe973bc3d41c8334eb9da05bef991ee9bb7863e19181c3c11dde0bcb	29.03%	Heodo
2020-09-23	inf-04991.doc	doc	d5925a52ac9cd59de6d9a5006d99886c79175fa1b26006effce8f26ca1a6385b	n/a	Heodo
2020-09-23	Attachments-U0019.doc	doc	1ffeb45aff1c0f5aa29bae90eae313b09ddbf7345bd6be0e2d8c1daee921b873	29.03%	Heodo
2020-09-23	DAT 20200924 0385145.doc	doc	7c2e5a786cd93193cbf4304bf8e31d4a43d82372020df0af6cccf42807c7271e	n/a	Heodo
2020-09-23	Attachment_NGC925.doc	doc	2836f5d7dbe388c3e1d61e9a4a75b98c7477003ec2d1dd7504e7ad4af7501cf4	n/a	Heodo
2020-09-23	mes-KVT020.doc	doc	2f4d462d1ebf2efd17320d7e0a5595ab8b55f8d8fd9e9e94d5e8721cd88c2ef9	28.81%	Heodo
2020-09-23	Doc-2020_09_24-IK89647.doc	doc	f070d3b141fc03a3ef28c6702efe30ea30b00c74265ae2b544fb2b49934a5c67	26.23%	Heodo
2020-09-23	list-20200923-Q48084.doc	doc	fb46ceefd5820015eb459cabc3bcfab6fedb69328039ddaf5c89d4e86c0864dc	n/a	Heodo
2020-09-23	Attachment_2020_09_23.doc	doc	ae294bcec07b64f5a898b1af064a971832888045d642c39177b7cab238a3e269	n/a	Heodo
2020-09-23	MES 20200923 692198.doc	doc	a81f839c9b943ac198646832f586bbaf1932d0ae539d57cec29deee5f71a4bfe	n/a	Heodo
2020-09-23	doc-20200923-1654915.doc	doc	564cf15d75ab866d106285b7075ff84a4b2a056802d26af1bbddcfbc2e2aa176	n/a	Heodo
2020-09-23	mes-2020_09_23-624021.doc	doc	4bba9a7e75c30f59092690a7c7aee69fa75e0bac9834ab0ed5cc09a6c17b0800	24.19%	Heodo
2020-09-23	file_20200923_617617.doc	doc	d76beb9930507246b89717374cfb17708c1620872fa103ad612809908b455615	n/a	Heodo
2020-09-23	83995-2020_09_23-0396759.doc	doc	8cd2d5c58eba4f8ce1eb5d98da9bde8aa551ca76a05daa12477a9d860bcba81f	n/a	Heodo
2020-09-23	doc 2020_09_23 XE8269.doc	doc	b13cbded7c8b0bc913d2efbd78176893ecb4816dfbd0d1715cd36792c819dba2	n/a	Heodo
2020-09-23	doc 20200923 J943.doc	doc	0bcd0488b2252b2e84d4cea848215f0d67849215c10ab40efca305d9189e24c3	n/a	Heodo
2020-09-23	List X02626.doc	doc	092411219381bb8b35bcd7ea775398ec1351f0d52972ca88a8c6bc0c521f0cc9	24.19%	Heodo
2020-09-23	Attachment-2148200.doc	doc	da3465101436558fc848ee5e045a55ff946b886bd836ae7864dcdc9d84112d51	19.35%	Heodo
2020-09-23	Inf_RQM3374.doc	doc	c82204f05d965920dabed03f975483321d08789ad161eb2e541395bafc8b9eba	20.97%	Heodo
2020-09-23	file 7716.doc	doc	88be6b0505daf1f570b1ad8ea62dc95aaac290d50a87c8dbe4b155799418e395	17.74%	Heodo
2020-09-23	FILE-2020_09_23-4422.doc	doc	5c71823fdb58d87974e42984373f86844a885139266a5998286d3a8af69a85a7	n/a	Heodo
2020-09-23	INF_2020_09_23_HOL167.doc	doc	c53d8edf475ff674233e2780b4393eeca0983f983463ca9a6dc2167e67b39526	16.13%	Heodo
2020-09-23	9998.doc	doc	1c6f1adf025aa22bfccdd948291b2582cf41b886a4fe6a066ba1329cb1e58d55	17.74%	Heodo
2020-09-23	Doc_2020_09_23_118.doc	doc	8a59fa8e5010b8d79a844d22993a195a655504c3bf78a27a44c0ee58a4e57710	16.67%	Heodo
2020-09-23	784-20200923.doc	doc	e39f691edc4ff1e1fe413e85f4ac03ceace139451e760efb67e195bdd940da7f	n/a	Heodo
2020-09-23	MES_831277.doc	doc	3c4fc657dea3aa035d3254dea984b5f8bce46775164377937b11f796454e7968	n/a	Heodo
2020-09-23	List-20200923-Y384.doc	doc	6219193ab505f1f7e8eda5ef6b8129802f45fd8ef3e680ca6e35db1fc1d397d4	n/a	Heodo
2020-09-23	UNTITLED.doc	doc	f3bff2146ab25f4f0f412c2fd7838a651680ce694b4cbcc5b0137dc5a16bfe8d	30.65%	Heodo
2020-09-23	Attachment-2020_09_23-IF392912.doc	doc	c387fb63a97e74c2e0055b44e6f8ff9c6dec7f0b30ef360ee11d48beb2315482	n/a	Heodo
2020-09-23	ARC_043.doc	doc	2cf51f03103e236d2a42df898a2ae579d3ef195bae73212387c9f6c9b2830888	26.23%	Heodo
2020-09-23	dat 2020_09_23 0668628.doc	doc	cbcf169ef81ebb6ff607f88b8a05590d501c70fe69aac3bf69db17c15587ad87	n/a	Heodo
2020-09-23	inf FP1806.doc	doc	6b42993cb21eb3f22f2e4889091a1cf1af9d529e81cfd1e6dec734f349f86703	n/a	Heodo
2020-09-23	FILE-2020_09_23-559852.doc	doc	b3d65a2c55563656ddd7488aca206a0a27fb5feb52e52830aec1988e96ade840	25.81%	Heodo
2020-09-23	doc 2020_09_23 UAV034632.doc	doc	895fd53e9a64e8dd91b3a91c139ab4610aabb5787caf022fc1f11153b1d05cb0	25.81%	Heodo
2020-09-23	DAT-20200923-071886.doc	doc	0bc362dcfac5c9f3f2dc2ac10b1a40703d5ed6dcab12eacaa2712fb3bf13b16b	26.23%	Heodo
2020-09-23	file-T0359.doc	doc	ae33aed667d8528466525b8af553788b5eb989c106e74c17d89be4c21ee174a5	25.81%	Heodo
2020-09-23	Inf_20200923_QX084185.doc	doc	2ab17f6163c325943c87411fe2e3a03f6b8f8099ad6c4b668bf0e9607613bc2c	23.33%	Heodo
2020-09-23	rep-2020_09_23-78708.doc	doc	30b84466aa52649c8f6d61b4a9fc3dbc81571bcf5b5292337ea0fd6b82a7ba81	n/a	Heodo
2020-09-23	Attachment-20200923.doc	doc	9779f5ab7945d472c6984721ad10fbf0297623ee1c25eeb109c33c6c8587d594	29.03%	Heodo
2020-09-23	FILE_2020_09_23_XQL032958.doc	doc	bf62cdbe7b5e4207ff3acb0aba88b0180f584c4a1a7d3eb14dc3d66c27fdbe21	n/a	Heodo
2020-09-23	03005_2020_09_23_38816.doc	doc	81b4ff2f6c57e5858dfad271d4f4f0492f41cc41882f8f2c950b146dbfda51d1	29.03%	Heodo
2020-09-23	mes_20200923_4434967.doc	doc	d077391f811e9aa25621f5140c96860cdda3b56bceaf5245e4d4cbc6a961e6ef	30.00%	Heodo
2020-09-23	Q677-20200923-2975.doc	doc	7295aebd2a618cef25261555136c8dbef5344ceabfd9b5088a41276c05b48cb3	29.03%	Heodo
2020-09-23	Dat_20200923_3739.doc	doc	2476d30165bd880c46ae9c11a0a7dd1c90560cc39805f1255fe7c888fffb5f72	n/a	Heodo
2020-09-23	arc-2020_09_23-4664776.doc	doc	f45a45fe0b9b279c6941ec5956a271d1e7bf706c54b2a744f1606237721ccbc8	30.00%	Heodo
2020-09-23	UNTITLED 20200923 J3983.doc	doc	9e4c0d210568ac46fbe5e7a4bd8218589c9388f06859b43fd62a53e9c0a949a5	n/a	Heodo
2020-09-23	file_2020_09_23_7561.doc	doc	a1b5ef92ceaa6be33f3950c95ae60066fd936f9757ed3213b26f31ad04659cf4	n/a	Heodo
2020-09-23	file-CZI900642.doc	doc	b94733cd6b4927c464f2e077dc1f63a740f0982d413efb3b80fdefc3abaa8dfc	30.00%	Heodo
2020-09-23	UNTITLED 2020_09_23 045.doc	doc	ffeeb0722e07550459e556ff30cc8718de924313f5eb93821a1ed9dec87e5df7	n/a	Heodo
2020-09-23	LIST_2020_09_23_4919.doc	doc	bc8d7a492cc45195a67d8500390b631b8106bfba0c324869264f3a255fb0ccb4	29.51%	Heodo
2020-09-23	file_20200923_091.doc	doc	e19129943efa60ddb3f0aa12601072b70ef28b8fdf1bc1b8f76fcf5f595070ac	29.03%	Heodo
2020-09-23	List_20200923_R1849.doc	doc	352b0eaafd07102686fb7e59059288bd6f527e4190c6700cc5dd1e6f267bda16	29.51%	Heodo
2020-09-23	Attachments_9051471.doc	doc	9c67d232abc4ea64aac36180f8259c7a5a52ae4ccf35ac7d5b9e6f350f5ee00b	29.03%	Heodo
2020-09-23	Attachment_2020_09_23_BJJ4923.doc	doc	b9acb7d689f3f8a078c45f040c5a975fbdcc8be5eb88ee1ef98579350e3d99fa	27.42%	Heodo
2020-09-23	FILE-959440.doc	doc	10d3e60a51916bad4c37aa815179934f7d5ea093ec50eeb9c58b6f53fdf6f955	27.42%	Heodo
2020-09-23	ARC 624120.doc	doc	b6f00133a52da6464eed7e2893e970887b80718514a3fadab1f4653ce636aec2	n/a	Heodo
2020-09-23	Attachment-20200923-EH035930.doc	doc	f2e74e9f4eff803c24130a1d601bf039e1c14eb872c3aa0f026982512146ffc2	n/a	Heodo
2020-09-23	MES_2020_09_23_27419.doc	doc	e98190a409ec70f224b71425bddf57cb8ed96eabd6e92497579714952e93fe4a	n/a	Heodo
2020-09-23	Inf 2020_09_23.doc	doc	e654ead5a64c1a9508e1824c6e391f25e0dedee6db74de85549d1c8527a359f2	27.87%	Heodo
2020-09-22	File_7010.doc	doc	41324ce5731ef12252c333f6b777f49fc8d45e9a7ab785823e48e08c8c6c330c	n/a	Heodo
2020-09-22	Arc_6439661.doc	doc	ba5d071fc037701ffb594141c4fbf04433bf37144605d40e1173666d657dabf4	27.87%	Heodo
2020-09-22	rep_20200923_BF764.doc	doc	a4be8227b93822ebc5ee886e18ff44b120a5a3349f1cb2698504ae2ce0004530	31.75%	Heodo
2020-09-22	List_20200923_4448800.doc	doc	bededf08f741d3f8545c82c53f67afaf26f70b3c45ebda54ade8f636d0a9ea3f	n/a	Heodo
2020-09-22	rep-20200923-GM886.doc	doc	4ac3cd1d15cf6dae4a45f6b6bd244e27cafccc89d0cdad0d2766a17a34aeeae2	n/a	Heodo
2020-09-22	DAT_V19391.doc	doc	1d6604773dcc06efdd5664f01c0a515be47465bf1638f5b9dbed05debcca83b5	29.51%	Heodo
2020-09-22	Attachments-20200923-CDV8750.doc	doc	df43c0c9f2b9b29df1176b2c57cd9e0189322520d52fd6a4120ae33ed249c375	n/a	Heodo
2020-09-22	41540R_20200922_568.doc	doc	ae029c0ef31d69b926ed13750191e93325947a8d644ae5369e4e7570cc877bf3	29.03%	Heodo
2020-09-22	DAT 2020_09_22 V882.doc	doc	b65531ece6eaa37f17e7288f476839b5b62cf10e5c4a0c9ad70b236b463820dd	29.51%	Heodo
2020-09-22	REP_RZ97530.doc	doc	4377653e64b9f040f90e39cc4235237c40787ef0dfdfcdb7f5fd714ec3ddaf3e	29.03%	Heodo
2020-09-22	LIST_20200922_Q315.doc	doc	5118e3bd72677f8cda269a8e2c50571beffb5dc3f7dbfb1b05cd1e44a904a214	29.03%	Heodo
2020-09-22	File-20200922-VWZ642.doc	doc	68489ce36e7548641be6668b08d265ead175025a1650199eb050bee7e4e8566e	29.03%	Heodo
2020-09-22	Inf-20200922.doc	doc	5231a24a90603fcebbe4e812fb2ac981a788534259a9f3bf6343cef44d447720	29.03%	Heodo
2020-09-22	MES_20200922_N139.doc	doc	877325fa959dd70b6e6279c0000e5b2e40a206b88c550c288b961db9740c681f	29.03%	Heodo
2020-09-22	Attachments-2020_09_22-150.doc	doc	9feac62adca8879c6fb77e71311d55feb8409cc5a2a0929f48934970c404f3dc	n/a	Heodo
2020-09-22	doc-2020_09_22-Y65845.doc	doc	3d3e7a36ee6daa96f0746464ac4059212f6edf7c2d5e73e9b3ad85667293ea4f	46.77%	Heodo
2020-09-22	Untitled-20200922-Q166.doc	doc	f9db2998d811b8c5fc0a11e513e628001fc463d8e4c9a44068939c3668f072b6	n/a	Heodo
2020-09-22	884_036932.doc	doc	ef13496f7022fd77f5c840b34d5fc577bf4c2dcef2a56b1e0b71fa0387d6e8b9	n/a	Heodo
2020-09-22	Dat.doc	doc	22fdfef2b8d18e740fa0592dcb292ffa8b7d35b3d251ca03947d15cb3608d22a	n/a	Heodo
2020-09-22	INF 20200922 KOL88724.doc	doc	c4699bc83e2c480aa53af341f4b67b5dfb27cb5d28fb09a7619b55689b686ae3	45.90%	Heodo
2020-09-22	Doc-5053730.doc	doc	15587e3981acde8cea14506a7eec74bb7254104c7b3020773de4fe4b17cb9cc3	45.16%	Heodo
2020-09-22	Arc.doc	doc	1a1117fee8d79bc4f17cd8256e6f5a71a970665243bac9ee7b6a475271cfb524	n/a	Heodo
2020-09-22	DAT_96415.doc	doc	c837bc71c0f1b7a1f098d0716042070f584f8437ee0c76ef49a42b159218b4ee	n/a	Heodo
2020-09-22	Doc-2020_09_22-WGT02859.doc	doc	863c4548ed10a6412c7114ed7032ad3c3520c6546336adf8e93f9cd595ad97fe	n/a	Heodo
2020-09-22	dat_20200922_8007.doc	doc	d1669a159c514a2b9e3bc0952731176423be7db44d8b6be6118fd0100c2d317a	n/a	Heodo
2020-09-22	REP_20200922.doc	doc	1af6f1965d4e602979e445d1fd72691e2fc2abc5c9bf5fd7ed175c7fcb76dd87	37.70%	Heodo
2020-09-22	079H_2020_09_22_75346.doc	doc	650b390c56eed72a6309b925bb07185de472eb81ef4bb982bcfa8aae5a2b93db	n/a	Heodo
2020-09-22	FILE-YJ5453.doc	doc	ec0011702614cd33aa57769c23abfa9106382cc9b99ec9a1f9bb57204cd157d9	32.20%	Heodo
2020-09-22	Attachment_2020_09_22_MU220.doc	doc	5599e7ebf3dc1f2899eb3e9470f8a472d87feaabdcbd8d5db07c34cf1c6ceba5	29.51%	Heodo
2020-09-22	28888760_2020_09_22_1203110.doc	doc	489bbe864f2dba7ae86007bcab77810f95f7b4b4dddfd6b2df4413ee096eb645	29.03%	Heodo