URLhaus Database

You are currently viewing the URLhaus database entry for http://ztbrw.cn/staticm/LLC/zbu4i4634573593200t9i8ykooq0az/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:600363
URL: http://ztbrw.cn/staticm/LLC/zbu4i4634573593200t9i8ykooq0az/
URL Status:Offline
Host: ztbrw.cn
Date added:2020-09-22 21:16:17 UTC
Last online:2020-09-26 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-22 21:18:04 UTC to abuse{at}cogentco[dot]com)
Takedown time:3 days, 4 hours, 56 minutes Bad (down since 2020-09-26 02:15:03 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-24BAL_CQI_090120_WUR_092420.docdoc b638a54fb8b1ae9d64723adeea13dfada5ef1ad4d4c606ed9a34370f4d216d09Virustotal results 30.65%Heodo
2020-09-24BAL_PO_09242020EX.docdoc a72430246d4ff63a287ccdb3d3eb1eea24af39ec67b6452658454f115f5a146cVirustotal results 29.03%Heodo
2020-09-24BAL_OIW_090120_LDC_092420.docdoc 7ef0c540f3c535a1789981bcbe5e3dd3ba3809e8d6ef1a9745f00ccd018db031Virustotal results 29.03%Heodo
2020-09-24DOC_69256382.docdoc e065d7a8263671a9d5afd66e671dd1d8cb12ccadcde39686f63b37c411d977ddVirustotal results 30.00%Heodo
2020-09-24DOC_XJ4439600572FZ.docdoc 520c035bd0bd60fac0008ee46cd8e3eab4dbdc31d8270d9559efb1e7b5016c7cVirustotal results 29.03%Heodo
2020-09-24WP9369094965MZ.docdoc 00fbe37855be5d55bc265f0e5e3f284ede6342549349e4b33cf2511347b3fc13Virustotal results 29.03%Heodo
2020-09-2499800273.docdoc 8ffd33471d8e180b9ff498aaa84ef11bf50e846252c62e42e416fe68c1698d06Virustotal results 25.81%Heodo
2020-09-24BAL_JXU_090120_COZ_092420.docdoc 2a383eeb24d148e1343c8ac61522fdc8b79c8fe8c0f5f1079009ca43cfed93bfVirustotal results 22.95%Heodo
2020-09-24GQ_AXI_090120_UCB_092420.docdoc 29f8908fad78f532f3e53d23cd10d6289376b52c559e2398ab3a2ceb671ba1cbVirustotal results 24.19%Heodo
2020-09-2476886047.docdoc fe9b0b3adac87d1fe5b13863ff7ab54660757a7bc0b4996cfe241ff357c57b3dn/aHeodo
2020-09-24OL7AO2ISRT6FQS.docdoc 8845dd7a737d5dc44971ca503bd120028edc33db789f8155a39c0651c11caf72n/aHeodo
2020-09-24DOC_RM3383420181SX.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 33.87%Heodo
2020-09-24FILE_PO_09242020EX.docdoc 2e3f0cba76c76de6beb1d7782576c1913d7a5ec9e471a36bac04827d26b0185dVirustotal results 31.15%Heodo
2020-09-24DOC_AY8121055564RX.docdoc 7ff2463a4724eb9175138fd7ab47c19aa6fdfb7b5ccf1038ecf9a238be0683f0Virustotal results 18.33%Heodo
2020-09-24DOC_YZ9081174958ZA.docdoc 6e5bcd9db826f2b855f63e8a591e02ebb0bbd141387d2922e3e251fc8ddbcbb8Virustotal results 19.67%Heodo
2020-09-24INV_93340327.docdoc 994c514f41d20931aa98bc87ccd2de05af9f8245435c55b0f29f7d2062c9b5f5Virustotal results 22.95%Heodo
2020-09-24PO_09242020EX.docdoc eb7751cd57d85eef7c674547d3a40c0eb9758d9b893fca13e639ac5fbf0fd39fVirustotal results 20.97%Heodo
2020-09-24PO_09242020EX.docdoc bc8c5bed53bd39445e8df6c75cbd7aefc5aeb6fc2e735692ff898d28c43e61d1Virustotal results 41.94%Heodo
2020-09-24D_1896244334110980860510.docdoc d522d2f16aa3e16dc127e4340ff8bfd23ab4de894995c8dbb75b31bd4b4d73cbVirustotal results 42.62%Heodo
2020-09-24NJQX_PO_09242020EX.docdoc d0ef85eed2f1afb6cfdbb09ccad7eb677bb731e080ebd4975734a2e996f08581Virustotal results 38.71%Heodo
2020-09-24BAL_12280189.docdoc 19cb69cbc19879e5cae4e56b1d702cfcd04c72ebf8a9c795592d509a91e5a2eaVirustotal results 35.48%Heodo
2020-09-24WZ_616145169942034202.docdoc b86aa2863a808be4474b2ee7285bb8642b67c9706f68b81925ae69c824defd8eVirustotal results 37.10%Heodo
2020-09-24REP_PO_09242020EX.docdoc c157afe5eb9208b3fe20c864292c3f7a3c1eb02486f1a6b31fd8ef0349a9f3faVirustotal results 37.93%Heodo
2020-09-24INV_SGY_090120_MCB_092420.docdoc 9d3a4dbf3d2bb53bc85aa8598f2eb220e74dd85928693e3fd6bca9c88e0571c2Virustotal results 36.67%Heodo
2020-09-24DOC_TU8355812094XL.docdoc 505eba500eb177462772c3c20029c6a8da6ebae013e23593e8647b31eca13dedVirustotal results 37.70%Heodo
2020-09-24REP_PO_09242020EX.docdoc 79a7d433152a96d54a0687fd65dae6aab97a6af26dd206692bf88636977729a1Virustotal results 34.92%Heodo
2020-09-24DOC_4413103572.docdoc fba080b64f42891f1ddec30a5a83c9881e8b8dc2e577226eb1575654caddc56fn/aHeodo
2020-09-24E_6643200743065072578.docdoc a5be49695d9d336e787b37a7a4955307a263c426f7cae3cecdd69d2bfe026585Virustotal results 32.26%Heodo
2020-09-24NTK7EJDDNQV.docdoc eb45dca6aca88223d8145576132a86f7f21770508a20b6335021ea03cc040d8cn/aHeodo
2020-09-24PO_09242020EX.docdoc 098e0c52d47feef3ad6ad20535919541c76799f4bddd67233049509a0ae8656dVirustotal results 30.65%Heodo
2020-09-24OS6800542749RK.docdoc 6e7ae3df631cfa3174a4e9e061f71a3453806fe930adca05896343d9e6f07ea4n/aHeodo
2020-09-24INV_85056966.docdoc a6bdea3758ccb519e3736628a467290a74b47562f8a489e89346642276c9f177n/aHeodo
2020-09-24BAL_PO_09242020EX.docdoc 3caf40ca5ad83988dcc46183de98c772464dd0447db89cb8ad5cbae02587039fVirustotal results 30.00%Heodo
2020-09-24M_CEG_090120_PFU_092420.docdoc b1bc22abca15845684f53bec0ca8fe04943d104d77b2028d65bd63855077731bn/aHeodo
2020-09-23REP_AK1140496199BE.docdoc 16d16ae909ca22dc9c0dbac471cd299964065913894d10f00e91a967f2eac359Virustotal results 29.03%Heodo
2020-09-23Y_89595685.docdoc 7340c303b5ff42ef74e8996ab95aa2b6b742e4efcc852b96349ea6085e592f37Virustotal results 29.03%Heodo
2020-09-23LI9838901872PQ.docdoc 928e299ed0670b544432d1c87854ef00421ee91e55581b623158ef13adabf501Virustotal results 27.42%Heodo
2020-09-23FILE_34871928.docdoc 76435bca763f869f80daabd795435e20bd52e2cff25a5594ccc20c8be946a2e8Virustotal results 37.10%Heodo
2020-09-23REP_JKO0N9TFN5R.docdoc f62ef7f415a25bbe326cecb39a15134327c963de9253795427a71974f8845b6fVirustotal results 37.10%Heodo
2020-09-23BAL_BN0657323802JT.docdoc fca5ada50488546f6264160c97160e6050ad9a03349fbe82a687f31a1757dc43Virustotal results 37.10%Heodo
2020-09-23REP_KPK_090120_YIO_092420.docdoc 1564b58731e911bff6e6da3fd6f973730406a155c372f7da226cf5c2e53f295bVirustotal results 36.67%Heodo
2020-09-23ZO9242381315OF.docdoc 8baf1240f6b87a1faeefc1474c846750b7bcf2feb0aaeeef6ccc53420596b41en/aHeodo
2020-09-23FILE_NZ5580264244GX.docdoc 887fa6a834121789518a2119d59559b212de2d235e454fd67d1e000e8ee7df1dVirustotal results 32.79%Heodo
2020-09-23FILE_WJM_090120_KZS_092320.docdoc 290acb8283dcc203c5d57c8e536774a4abe065f3492eeae71724059fe17f789eVirustotal results 35.48%Heodo
2020-09-23EHZ_090120_OZJ_092320.docdoc 3d0062b20db4e52a4f9612964699a06f8920aa931e2126424d8190273b7eb948Virustotal results 35.48%Heodo
2020-09-23JS1189994875YS.docdoc b9b92fd2db926541ffe87cdb4d652394ddd2b33559d51db96c862ffe2e6c2e1dVirustotal results 33.87%Heodo
2020-09-23XZ9188648757WG.docdoc 6bb96965fcd7c4acb3b22a1c3f1459a042c13a92860c474997aadfb217a905bcn/aHeodo
2020-09-23INV_LF8235286781MJ.docdoc 26614fe04700998a42fbb7c3d84cbce63bd4a32aa9de3efe130ee1366827c094n/aHeodo
2020-09-23NE5581850254QG.docdoc a567b1f7ae24385824ce63be1fc4d94384b27306bca69e3dbc4755527550fcb1Virustotal results 38.33%Heodo
2020-09-23FILE_57980055.docdoc 87147834cbde11b3f37c516844cf8d9ba78e603010280ee9eef5e29c92b10425Virustotal results 37.10%Heodo
2020-09-23DOC_2383259974.docdoc e59549b96cdcadc16e777d0a62eb4b96353dd65ff6714e68f61e75ce526e7178Virustotal results 32.26%Heodo
2020-09-23DOC_HVJ_090120_FJE_092320.docdoc f97b08dd6d80bfd7e29abef0823103070c8629716d0497a6a20fc77398e115eaVirustotal results 35.00%Heodo
2020-09-23INV_PO_09232020EX.docdoc a115966eb8c424bdd009722a91a269d04b1f2f646c0f048ee8d08a2d1e3746a7n/aHeodo
2020-09-23DOC_PO_09232020EX.docdoc 33624b9d31b189eda28dd4ac76bea17844e79f229e8aff90f0a7f0e56ef90860Virustotal results 33.87%Heodo
2020-09-2395320117.docdoc 4b3610dcd68cafba15d271e09c1199364c572ed710c35e9593da52cfef460b51Virustotal results 22.03%Heodo
2020-09-2391414292759087603235911.docdoc 8f58229ee88c03984d543e38f3a6c941ade770afd39c50199efb29993357db30Virustotal results 33.87%Heodo
2020-09-23PO_09232020EX.docdoc f670b15373579f87448e50df923861b91cc62422a7616168d42348cb2665d396Virustotal results 33.87%Heodo
2020-09-23MABL_WJL_090120_INP_092320.docdoc 69007e954807d4f901eea9a2bca96a833d6c05deb30aa76ee89c52c5bf011d45n/aHeodo
2020-09-23AY4438345809UZ.docdoc 2f7b7100e114e06774042f43b0c2b7d76944b5bcdc0fd25a51f8f6d181077ff7Virustotal results 31.15%Heodo
2020-09-23INV_65147950.docdoc f652b7523c7ad02479f3dddd2dc9ba0382cc5c9c228ef8d2be73fb97e8a2c23bVirustotal results 23.33%Heodo
2020-09-23WG_PUL_090120_UOX_092320.docdoc 0d15d81842c24d36b2e24fc1f2d8eeca0cb46f6afaa26190d26a0fce7480a855Virustotal results 23.33%Heodo
2020-09-2343386587.docdoc a877dd61b25805e938555868388a8543768fb01e9c45ae6072c261f61264d466Virustotal results 34.43%Heodo
2020-09-23PB4937254882FS.docdoc 21c40bfbb721e32e33612b797ea16cf7927dd9df4d355a8ad1509ef924b30428Virustotal results 35.48%Heodo
2020-09-23FILE_794079056.docdoc 50c9d530111fe31904255db5abdbabd939542a19af71c656dcdfd44c9fe2b4b0Virustotal results 36.07%Heodo
2020-09-23BAL_39175742360.docdoc 80345dcdae23c5209ca98dc5266bfd4e989d51223a302e41c5193bde6c6544f9n/aHeodo
2020-09-23CF5953290722CZ.docdoc f5b67fe09ab73847439a9717d70cce333257546046c604d4d3299ff681fa34d6n/aHeodo
2020-09-23FILE_70308082.docdoc 90bb75f0c88bcf2a5196f73f5bfa35fe230b05ebd75d6b6f61a1440c763aebb7n/aHeodo
2020-09-23FILE_6051644452931196812.docdoc f732dff0368dd8ff983021f4786d2c04ecb2f9196327138f25d6ca5272c9b556n/aHeodo
2020-09-23BAL_51314520.docdoc 1ce7da03432f012ef79797a1eebcc19389de8f1ad5f493fe02e71ac4d324464dn/aHeodo
2020-09-23INV_MR1365074669RI.docdoc c118e4b8dce9cf6e593a4ce06e9352d91200eefd7d939af1e1fb8891671620fcVirustotal results 35.48%Heodo
2020-09-23H_33657481.docdoc e701a67030bc767a30c999f4bc07249218be0f846de4294b4ca96b3a64ea169dVirustotal results 37.10%Heodo
2020-09-23REP_86311562.docdoc 6d73594fd12ced84821a81b0917e31c3e1f2881c0cb5168fbab81aab82e12eebVirustotal results 30.65%Heodo
2020-09-234956999081701973645.docdoc f06641ee9e6b743cb2edbd1898982be6d7ea50c042b93330a7bb869df86fb945Virustotal results 38.71%Heodo
2020-09-23BAL_T8SZQC1QDBJQHGL4.docdoc b3a84427b070daa7ceb7b51063673a3718f2ef81766fd7523b494f4a29052ab6Virustotal results 34.43%Heodo
2020-09-23ZGX_138406289225719489009.docdoc c4ed4d279282ab289d7a00ba9d05f1f31af4a3dafbe02ae91aba6585d55506ceVirustotal results 31.15%Heodo
2020-09-23BAL_WVW5RWLM7N.docdoc 7fc71d784c714360d684b4c25382fe807f04a3cbd861352f3c19fa0fd789e59dVirustotal results 32.26%Heodo
2020-09-23REP_PO_09232020EX.docdoc e757a53e573f1584dd56ed851acc303473be8922e8f879bd1dd8f9b8dbec4eadVirustotal results 31.15%Heodo
2020-09-23PO_09232020EX.docdoc f81dc1dd571c29424756de4b14efa593fdea619f32694846535c4820c9acf375Virustotal results 37.10%Heodo
2020-09-23DOC_40929609.docdoc 10fe3df8f6540696c8eaf649bc752e30d5533b0203869ec0839cf045227620baVirustotal results 32.79%Heodo
2020-09-23DOC_87228133.docdoc 8545f8aee7ed198b20effca9952996d49c5b91811a6dc47bdda10aa92e633938Virustotal results 28.33%Heodo
2020-09-23VO9002734810HT.docdoc b9230204a6b5bb648c78437d34a9350a40aa179243813ecef19402cd1f319b96Virustotal results 27.42%Heodo
2020-09-2308774497.docdoc a306f78cac809e60ccf84e607470e4c43f0de4efe4dcd2f0e470786a5f672a35Virustotal results 29.03%Heodo
2020-09-23PO_09232020EX.docdoc f94576c2ff082f8f5ac03f20eeb1be3c83b209f14f3c70834719faa2398405caVirustotal results 29.03%Heodo
2020-09-22BAL_PO_09232020EX.docdoc 526a3a875236eb66c2fa9894594c30025d794c8ecbe0dde1fd873dedfab79497Virustotal results 26.23%Heodo
2020-09-22FILE_LUARHR8.docdoc 8b086b781acec12715982f30c39eb5d20950325e39a5d84b33a6df96d9edcf8cVirustotal results 31.15%Heodo
2020-09-22REP_FST_090120_TNJ_092320.docdoc cc43bfd0ea39a3afc6283e4734d480bf62fbbb227016a5cb42d288a8f5f3c956Virustotal results 27.42%Heodo
2020-09-22UT7479167578SW.docdoc 93fb00cace65d90b02ab79f949887b3eaa5b0a0bca1e4a9d7c20576f8ad18deen/aHeodo
2020-09-22INV_F4UBBVS4Y22.docdoc 29b732cb0e36fa5a789f66f7d4cb5ff8905ce6ac1b8e18e29d056b439e177cc3n/aHeodo
2020-09-22YO_PO_09232020EX.docdoc 096e7d0d8016a7efe13a6bcfe45e2b78d115eb681a6f855b639a9ca3c8db22c4Virustotal results 30.65%Heodo
2020-09-22FILE_KU6445756987JZ.docdoc 53dde3ba3a9c47b693f01a8904d5d1c223cb25c08f0488ff97b08e05dbbc7be6n/aHeodo
2020-09-22C_2040677645224.docdoc 814f137cae855a704657faabeeebe984d9e9677440e260fdba8d193f3f24005bn/aHeodo