URLhaus Database

You are currently viewing the URLhaus database entry for http://www.zhonglx.top/wp-content/Reporting/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:609833
URL: http://www.zhonglx.top/wp-content/Reporting/
URL Status:Offline
Host: www.zhonglx.top
Date added:2020-09-24 11:10:36 UTC
Last online:2020-09-25 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-24 11:12:19 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com)
Takedown time:15 hours, 50 minutes Good (down since 2020-09-25 03:02:42 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-2581KZDHYCMY6AB.docdoc 8a73bdca97395b9f659104c200734008fe685faff6734fc31ce0cd575090f1b2Virustotal results 35.48%Heodo
2020-09-25FILE_PO_09252020EX.docdoc 16caa36f21f51e55b03a66ef15c29a8f7054a5fad88ff372ca0bba06dc40a971Virustotal results 36.07% Heodo
2020-09-25Z_08223815.docdoc 5527db4d50b16756417124cf891df4ce3d61c561eb2782f339973dc75c73390bVirustotal results 29.03% Heodo
2020-09-25BAL_PO_09252020EX.docdoc fe3018c09ebbc1ba8e04839eafcb353384ffb23b0be6729808a820abc068b280n/aHeodo
2020-09-25KGI_090120_TVI_092520.docdoc eefd694ad7a3c1d10441452c651459410143b5ce0d56e19d39c16c1114105d09n/a Heodo
2020-09-24Z1GR3SV0UV3.docdoc 89825271f1b18375f523320908826b553e9da21bce402e9844bd3d55446fb509n/aHeodo
2020-09-24WNU_81759594.docdoc 7732eb513243e6e3a764a526f3e87061885357e7adc6901e3ff647b039b4bda0Virustotal results 30.65%Heodo
2020-09-24FILE_PO_09252020EX.docdoc cdd71002bc856432c4601d28ab82f21a59cc5dfd779119a556b6e353a3a9f5efn/aHeodo
2020-09-24N_PQ5808090661BD.docdoc 029de7c595a68b46233e28bbff65f065f8baf48178b6998928ebadafb8d3368cn/aHeodo
2020-09-24INV_PO_09252020EX.docdoc b77cd70861b08e97e103e926c367d38fb18c9588b70cce776fab3c7b9888c31cn/aHeodo
2020-09-24UXR_3204581598364439915015.docdoc 7e1935fab86166df5d6770468bf12c57a50720c0b7ba90e21accf2ca8493ce15n/aHeodo
2020-09-24REP_I5KGCDS5D4M.docdoc 3f84ac47fd385bddae0dd0a222cbc04e5dcc35aecd25d8d02f94f719237af3acVirustotal results 29.03%Heodo
2020-09-24PD0954130073SQ.docdoc ff6440d9c01fb2fc8526c683c418271051ec21b1b730972f02ab6442bb0f83afVirustotal results 29.03%Heodo
2020-09-24INV_EV024XMQ4Q7BI1Z.docdoc d25aed1074e6086a1e8ee4fb6885c8accddd96469d110e343f36d2e13aaebee2Virustotal results 29.03%Heodo
2020-09-24DOC_DM3702069827BF.docdoc 02ef96f4a3c715053acf327bd61196658034d30887f0bb1a9769e4bfedfe0a41Virustotal results 29.03%Heodo
2020-09-24ER1821857948QX.docdoc e8920178a654a05f4d58c417ab5df624d778f70deb69ef450e79c6511c72e55bVirustotal results 21.31%Heodo
2020-09-24Q_XQW6Q2QMA2BGSO.docdoc 68d56a79c843b1b6a5d9937b5f98c3ecd25a60ebbffb348a9e08cde6dd1a98fdn/aHeodo
2020-09-242T3GHI3.docdoc 85c3fbc17a0daacdb938f7ea4b8dfa14ae9a099d59de1e9fef807b569c999acbVirustotal results 19.35%Heodo
2020-09-24BAL_FLZ_090120_RFU_092420.docdoc 85264b8b2a7f29ff8c64c3de97d3e17a58c4aa09c6a67460d5be96117461224bn/aHeodo
2020-09-24INV_08213331859452401.docdoc 0043af7d182b9d6145aa3d75f6ced14fbddfab10b615e6997bd426d3a23da6a7n/aHeodo
2020-09-24FILE_AK9601133364JK.docdoc f6f1cf12aa5337999c20c4cfd641254575e981ad7c463944cfe676ec92a23165n/aHeodo
2020-09-24REP_CY9896376871OL.docdoc 2a383eeb24d148e1343c8ac61522fdc8b79c8fe8c0f5f1079009ca43cfed93bfn/aHeodo
2020-09-24BAL_BWZ_090120_PER_092420.docdoc 32bbcef052b442f62a2fbb0c5dad498dcb779148f31f2e51d4f7a38245024f8en/aHeodo
2020-09-24REP_61122761.docdoc 8845dd7a737d5dc44971ca503bd120028edc33db789f8155a39c0651c11caf72n/aHeodo
2020-09-24IF_PO_09242020EX.docdoc 37b5d86751a2c999901df382ddadc7aa72d891a4e24ef527e02266ffab2efa41n/aHeodo
2020-09-24ZTV_ZH3142829306TD.docdoc 460d4f1fa3c90d50ae0a56c6c4c26bfcd3d3d22829baef98b7ea3e9b451974feVirustotal results 33.87%Heodo
2020-09-24FILE_56837332.docdoc cb1631d0c39aa43d0b8891aaca96d162c853b06f92e395beb682d5c520bc0d90Virustotal results 27.87%Heodo
2020-09-24PO_09242020EX.docdoc bf6caeac64ebd3eca96f936635d26ea90e62f1093b72146a98a20623a13688cbVirustotal results 27.87%Heodo
2020-09-247144328042.docdoc 418535f82699ce0df10d39ac2798fcce30da6070fb7b9b0f28562d1146f49e69n/aHeodo
2020-09-24INV_PO_09242020EX.docdoc 62b4929ff251b1ad4f361fa4d8f8980b722d4219e9e7a8c9aea193558deb8c2bn/aHeodo
2020-09-24XL2434285072VO.docdoc 0b102ec43b4bf3d7459491664e5c2f731286d92134e87e00967a144e59c28ad0n/aHeodo
2020-09-24FILE_PC45BEX.docdoc 3b6754841cd0be21c785048d546fed0ac9485c8d67dd12c0a9d69a31184786b3Virustotal results 27.42%Heodo