URLhaus Database

You are currently viewing the URLhaus database entry for https://job-ninja.net/wp-admin/lm/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:623619
URL: https://job-ninja.net/wp-admin/lm/
URL Status:Offline
Host: job-ninja.net
Date added:2020-09-29 15:09:23 UTC
Last online:2020-09-29 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-29 15:10:25 UTC to abuse{at}sakura[dot]ad[dot]jp)
Takedown time:8 hours, 18 minutes Good (down since 2020-09-29 23:28:28 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-09-298BPK8LSWOR64W.docdoc f3156f2dd9bbd4c0f1164e92165433c3f689d7777297b5149c47299dfbb1d840Virustotal results 27.42%Heodo
2020-09-29INV_MW0568336896JC.docdoc 91d4d101c3e8a665106bb48847dbee3791e2a9a04c0adb2f363ae7767e463337n/a Heodo
2020-09-29U_PO_09302020EX.docdoc 16b031e38044afa7252dbfb56c762b3723de1cb4b3535a8c76bd5d4f10a2819bn/aHeodo
2020-09-29UN7369766948IJ.docdoc ec406f315de493ed38f3fc8e7bdd65664965b74a7215c69123b3e1c08ec28fc8n/aHeodo
2020-09-29REP_6405610276785867341.docdoc 33c16dca57826043e0e0e906d157fcde3b15178d62747fe0ee0f10f1589d9498Virustotal results 32.26%Heodo
2020-09-29DOC_47926135.docdoc dc1dc0d9f3e322497b2ddb2d945203e60988d77b574c286dec470e7cf3c90c8cVirustotal results 32.79%Heodo
2020-09-29FTE_090120_IML_093020.docdoc 0242549ebc92f3e40e21ec852316e2a5e84ac870bf1a1a571ba2dee66ecb2128n/aHeodo
2020-09-29INV_8499581016.docdoc 610f9f088ca6f20a7baa29fceb9bbea541e2e1820131ae7015e9cf236baf1ef8n/aHeodo
2020-09-29HL5587554536LI.docdoc 947195582063f90ccdfbfdd69b565f4f7e819de4f85cc8ebd34575d514f86b71Virustotal results 32.26%Heodo
2020-09-29K_65992669282206379220.docdoc a1253f0c82192b38181f843a781405d76f3c2c50d1bf6e2c90957bca35a2495bn/aHeodo
2020-09-29FI8809560308BM.docdoc 3af89f74e936ede592ba2d72b80b1be501c5657e80c247863516cc4d28eb0189Virustotal results 32.26%Heodo
2020-09-29C_03182418782063449589.docdoc 28d8b1debd531ebe8e665f3c39a2ac24368f0bec5bdad18264416f150ac1b256n/aHeodo
2020-09-29INV_1H6OW4Y2R.docdoc bbc7fbcbe9a84c0271f2831e76f7f01c0ceed58176f6f387bf129dd76c6edcd3n/aHeodo
2020-09-29KR_75440077.docdoc c1446a72e2576d95b24898e5014d628598195a914aaa2a04374e7f70bc758675n/aHeodo
2020-09-29BOOAXW8XL60E8X.docdoc a06ad91cbd8e1a2748921479a01b93cba5910718c0975e9cc5fd8a71bb5e823bVirustotal results 31.15%Heodo
2020-09-29INV_AKSFMI02.docdoc 5ef294f07935f058d75cb1588cb92c95325d7f2d888d38db85d1083041ea4fffn/aHeodo
2020-09-29REP_635243635691.docdoc c69c21e4a5c5a3aab97f8686c02ea866d7334da7c2d7d5509ad1b4ebc56ec006n/aHeodo
2020-09-29BAL_SO0932723097MA.docdoc f3d6ed2b7916c28d5f38990d6120edd5e03b50591d07859194b43ce144654f84Virustotal results 31.15%Heodo
2020-09-29HN8771351649PE.docdoc 844dc7bc8eab502d43f5eb0a7501fc0b97ed3192fe06e4e2f33d69dd28fb63f5Virustotal results 33.87%Heodo
2020-09-299961679973025101675703.docdoc 21683182de4fec04da4b2d708665e90ce6eb04cb988221063c51baf436784a0an/aHeodo
2020-09-29JYZ_090120_MCV_092920.docdoc 5577b05132ddcf2fef9772af4f137196e88f80ad743454f18de1a1f8d90f336dn/aHeodo
2020-09-29UE2872313301EH.docdoc 15513b191f34ecc5434e13d6ff1294840e3ca161628edc0caa89e89f6988f357Virustotal results 33.87%Heodo
2020-09-29INV_MN3168492337RO.docdoc cc633359c9ead5109a405c7198a5d2459585c688f6e42c72ed529e48012ecfc1Virustotal results 33.87%Heodo
2020-09-29P_93D6OO1C0V2S.docdoc f973136adc63c4e41033c24a450790d40f8fa1a4e235c23d9c3a61e42b439be7n/aHeodo