URLhaus Database

You are currently viewing the URLhaus database entry for http://bh49.webdungsan.com/wp-admin/VDP2218Y7UBWF/ddsvoSGcC0pYiT42xC8/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:629077
URL: http://bh49.webdungsan.com/wp-admin/VDP2218Y7UBWF/ddsvoSGcC0pYiT42xC8/
URL Status:Offline
Host: bh49.webdungsan.com
Date added:2020-09-30 11:29:05 UTC
Last online:2020-10-02 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-09-30 11:30:06 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:1 day, 14 hours, 31 minutes Poor (down since 2020-10-02 02:02:00 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-01Dat 2020_10_01 3522.docdoc 46a59f3fe0efcffcdfcd2c366c3cda5205ab4f7c79e6c11c1bac4ea7247906d5Virustotal results 36.07%Heodo
2020-10-01FILE-20201001.docdoc f4aeb1fb3ee7a1e47154bd3b5b2209626b73ca9812072ce7597fd191cc384e93n/aHeodo
2020-10-01Attachment-2020_10_01-O945.docdoc bca937c5b07cf43a6469fae63640f655c5bbdacff9c671b53965974a5203c262Virustotal results 37.10%Heodo
2020-10-01Rep 56937.docdoc bde7001edeb6f299d49c1bd80bfa2368ed58033c8a6f3da6fc35e3b77b6fb79dn/aHeodo
2020-10-019266_20201001_7673.docdoc b3776f674d9ce6db3d98ad056a43c66c185a8109320db88ec042c4224ff2d5ffVirustotal results 36.07%Heodo
2020-10-01DAT 17747.docdoc c37536624e100c6928618bde49c7c002a4795fe400199b57806f7e5a6bfb1c4en/aHeodo
2020-10-01Mes-YJ51828.docdoc 2ce45b11fa32eb63d439d9a9faeda5a4bbf6739316516a3d5d9e3a3d9e44f0d7n/aHeodo
2020-10-01Doc-20201001-CP02160.docdoc 2316491908b1b0175a9782d21fef85f16d29b5dd05d72c00c8dc943ee110afb4Virustotal results 35.48%Heodo
2020-10-01Inf_2020_10_01_I7486.docdoc ccf93c2ab74f6f2f92abeba4a4ee4d1c5cf50928906b1793fd008b8284409e51Virustotal results 36.07%Heodo
2020-10-01mes-HGQ662.docdoc bae61d952a3f4eced141514b551812240ae6ef483a185a834760c8421992f1e3Virustotal results 33.33%Heodo
2020-10-01inf 20201001 LQ259302.docdoc bc473e3c095e5c8fc312b29ee596cfb5c7f89bd4795e09377e0a3258761b3c25n/aHeodo
2020-10-01Attachment 20201001 967120.docdoc 87441c831ad7808d1f9a4fc6533c65071a13b9ef979ab68ffd24565426558597Virustotal results 28.81%Heodo
2020-10-01doc.docdoc 1127939b95fc439579b8513866e2a50ebeb5657a717a1d6425d49782213b55aeVirustotal results 29.03%Heodo
2020-10-01LIST-ML374625.docdoc d0b0c89fd70b604e0abda15a2af6e8d0fcef712db05d5b15705862e2dc1120f2Virustotal results 26.23%Heodo
2020-10-01mes_20201001_75302.docdoc 1065e6daa80b86a72a1d83d506754e2095355742ba0162e798a32fe05d39c265n/aHeodo
2020-10-01599RNP-2020_10_01-20725.docdoc 1a4225aa9c57fb8c97a5859dc3d004a323c5a31ad17def4ea965f4ed6fb8dd88Virustotal results 26.67%Heodo
2020-09-30Rep-1909805.docdoc f7454110fc14b94a8de1a15f118873db33d5dff0040b860e7a74775a986c8196n/aHeodo
2020-09-30Attachments-20201001.docdoc 83528dd86f27eafffd6b8b9bc31bcd40ce046ae2f1eadc585ccc3125af320625Virustotal results 27.87%Heodo
2020-09-30file EL54436.docdoc 22fe0364950c229cd81ec4900c5082c63179d87b3475e0ba2533f7d02d0a9658Virustotal results 27.42%Heodo
2020-09-30UNTITLED 20201001 DS315535.docdoc 24a4f7d8cf601311928b7d9c78fd6067e4b6e6a47c641fbdc86703b0dd3f1ee7Virustotal results 27.42%Heodo
2020-09-303276-2020_10_01-D19374.docdoc 59218dd633aa6e55d901c1a8227ace241e21d80c34af6fbd4dd99400832ef122n/aHeodo
2020-09-30file_20201001_18138.docdoc 58cada3d143a20c1a566b797ab0871b4c7a6c143c0d51d22eeac95e24589054bVirustotal results 25.81%Heodo
2020-09-3038289-20201001.docdoc ace7c44fed1f38871ec370fc6b6c083e3834294d3f6430ffafce94847c4ac514Virustotal results 24.59%Heodo
2020-09-30Rep-20200930-PU035801.docdoc 9cee1e4dc71831888865312ede140d40ea8091824bf6af5428fb7ecdce64ac4dVirustotal results 24.19%Heodo
2020-09-30INF-2020_09_30-AIE549598.docdoc e92f158f2faa36f1af7c6995a3e4433ef891eb4dcfa6a15c6ad994527c01d680Virustotal results 24.19%Heodo
2020-09-30mes_2020_09_30_WL102275.docdoc 9bd5e78a295d861307808771659e53c1312461fb22f61de2b49e870ff1d7ce81Virustotal results 24.19%Heodo
2020-09-30Attachment 2020_09_30 X501.docdoc 02198f1315ee82122a2ea1c3eca55fbe9a061bf7d75e9db6c7b0e49bbd7108fdn/aHeodo
2020-09-30Dat 20200930 U7854.docdoc b04512682b99769e9f703d6e0d527806605144a0c723b530c2467182ad6cd807Virustotal results 24.19%Heodo
2020-09-30Inf-2020_09_30-XZU23768.docdoc b5b866b081ab5635245d905b5930119b2c6073f82ace246a7e96f888e383f5ben/aHeodo
2020-09-30File_20200930_231.docdoc 869d5b2082b0c1a89c5d21da9e33c8303d9b8dfc7d0eee88d7ef36e9cfbce3cdVirustotal results 24.59%Heodo
2020-09-30rep_20200930_6750567.docdoc 7b88d7d16e92fe2b43237503e65687bab67b65fb283976f5bbaf6118da398422n/aHeodo
2020-09-30dat-20200930-20358.docdoc 59dc761e6cc40f26f13153151345a32d29f02d5c200698531f5b0b62a133cf4aVirustotal results 24.19%Heodo
2020-09-30inf_21922.docdoc 78c3d9c43524e6cad2289a2edef0f563b37f586414c83c73c0e57050d79f6f58n/aHeodo
2020-09-30Arc 20200930 787268.docdoc 531099fb2b364e3b25a4860725ed07bca198e56c1a53c47a7d2655cea71f9122Virustotal results 22.58%Heodo
2020-09-30list 050.docdoc 630fcaa83e8ddecae338656e228ee0cc446a52ab96dc4b0ac86090ac7da136c5Virustotal results 22.58%Heodo
2020-09-30Attachments BH621625.docdoc c69355e7d2f37fb8a04b2808e24c6abe076f296b1063e2fa5eadb435d4105da3Virustotal results 22.58%Heodo
2020-09-30MES 2020_09_30 8412352.docdoc 9bb6af66db7bc220db800f2603c9b7be39fc865d85a75d9ddfb7a2ac031b0d19Virustotal results 22.58%Heodo
2020-09-30arc_2709643.docdoc 7f8d213072a938b3dec61b257ef1f7e16e73b1404964364f3c2bd1f7fb24a8f9n/aHeodo
2020-09-30doc 49422.docdoc bba8eee6c7052816d44796927ca6001f69f76e479ac041cf0331e13e167d0b99n/aHeodo
2020-09-30list_20200930_E5111.docdoc ccd09c9d5a3e23cf11d4573a5ce8d84c634f8cdcf7188378a94ab61d27544009n/aHeodo
2020-09-30rep_2020_09_30_462653.docdoc ce437cd41adb6661b0e4389bcb5f69ac300b5e9c7fafe156dec9f8df767b625bn/aHeodo
2020-09-30Inf_KXM670726.docdoc f6ed8a2b25a6f8f693aa0aa17e1a77c02888113452cbbb4efae319131fd375ffn/aHeodo
2020-09-30file-20200930.docdoc c4d36a8bed7042aa9abc38d0883bc4e7916b275ffb51147b6ca9572e5fb496f4Virustotal results 22.95%Heodo
2020-09-30Arc-2020_09_30-ZCU7114.docdoc 705815086d9b5ffb5a5ae923afbed8b2ca6166551fa3374e71e5feddb6430b66n/aHeodo
2020-09-30Rep-20200930.docdoc be1d469e7f434641202ffde45e666cd4b1d255814f8cbf344a3aff1e78e86768n/aHeodo
2020-09-30rep_J018101.docdoc ce1d7fe9a715dbd5b408b17ff12010a67d3d1d002a9484370931304e35254f12Virustotal results 22.95%Heodo