URLhaus Database

You are currently viewing the URLhaus database entry for https://zhengtiankai.com/wp-content/public/gblpdj3y0y3a/y6iai/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:694817
URL: https://zhengtiankai.com/wp-content/public/gblpdj3y0y3a/y6iai/
URL Status:Offline
Host: zhengtiankai.com
Date added:2020-10-14 23:06:10 UTC
Last online:2020-10-19 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-14 23:08:37 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:4 days, 3 hours, 12 minutes Bad (down since 2020-10-19 02:21:00 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-16IXUNCU7H2O.docdoc a037e72508e704f78e45277eed02a1c1a311f6a41b63808f53f991af12e5c685Virustotal results 50.00%Heodo
2020-10-16R_ARC_100120_FVX_101720.docdoc b5bfb66f6635a3c1197ff846a3c54681e117da7e608d1447f0c34861f88ef070Virustotal results 50.00%Heodo
2020-10-1641194999.docdoc 81142095ca7067d93c133d0df243493b2a602818aa45374296436668bfa14b59n/aHeodo
2020-10-16BAL_MK0569429386JI.docdoc 8b5585bc3f128dd3a3ef10f180c3a5cd06e2f68e9894551fe177b09b5b1ee0c6n/aHeodo
2020-10-16C_YG5P7O1AMF534BA.docdoc ba25bd51dddd6e6b5f359d2e79ac6cafab5ec98ac623f412764253be9e449833Virustotal results 50.00%Heodo
2020-10-16INV_133517424704569.docdoc 12dd700209b14c8070f18c7d204bf4cd9232b3a98ddee71e9618c28ca67f6520Virustotal results 49.18%Heodo
2020-10-16REP_LAG_100120_IHN_101620.docdoc 638ad04b135c3d25ab4940edbd53701ba6bbe07b16b789410b5c1d06dc9aeb9eVirustotal results 49.18%Heodo
2020-10-16O_CT2016396236LX.docdoc fe64e60c58eedce9a19e9f18a2c5d220d3d38b0aeb719cfbf027218a13121621n/aHeodo
2020-10-16DOC_42798979.docdoc a9aceace56c828f6185a5d3c739ae2a2e43d825c4b884faf02f5acf460a6be5fVirustotal results 41.94%Heodo
2020-10-16TGN34W2OZC.docdoc b8031f04cccc6be26a29ea7f8ce5296fcad48e7a2aa335b460b4c62015004cbeVirustotal results 40.32%Heodo
2020-10-165363515062759.docdoc ccaca18fab3cf85f49be61cdac5f891f12961393dcfe120af01e6a75b3768b71Virustotal results 45.90%Heodo
2020-10-16DOC_935200697.docdoc 9dba6b5b2f3ec1bc81700f99625ff701521fda4b963095cb22a4137639189dffVirustotal results 46.77%Heodo
2020-10-16E3LKJKG.docdoc 6312f90ec6b5552f4405eed96edb974c807da0ceb9ee39eebdf680a2fb6c3095n/aHeodo
2020-10-16BAL_0AZ935HX1HQ31.docdoc 7dc98dbcc601ceca44a529dc8b1f2aae3ad1479e17974321024e0c584914bf42Virustotal results 39.34%Heodo
2020-10-16PO_10162020EX.docdoc e33080e4baec5f692b6a9902fbf0661cef6fd33fdc1ace3cd95e64fe9c70118eVirustotal results 45.16%Heodo
2020-10-1671759221.docdoc 4d92f4549c627c844dc6c2212d8028b73f0c3d07b19296f0a297ed9577b979aaVirustotal results 44.26%Heodo
2020-10-16KBZ_100120_EIJ_101620.docdoc c7db25cfd29e119cdaeb8f214282a5e9ac3ed037f953d598deab8d916838a63eVirustotal results 43.55%Heodo
2020-10-16FILE_QHZIAUN32U.docdoc 603619e4d81dda77197d6ff40406a6f101a494901653c22f181ecb7be55111d6Virustotal results 42.62%Heodo
2020-10-1675378079.docdoc 5f94a90f54d5c04a4ba33f0d4884392c5411775d63d2293793f9e0d348bfc88dVirustotal results 41.67%Heodo
2020-10-16F_NW9635557579JQ.docdoc 416c28eeaa4f2ecdcea4ff0f31cb81a99f7a9f6ff65c9e96afec641dd8a84a12Virustotal results 38.71%Heodo
2020-10-16INV_XGY_100120_HWS_101620.docdoc dc0d0beb0ff575d2b6244bad0266f584bbf8f4846051b62d2a6ba0f341c533d9Virustotal results 37.10%Heodo
2020-10-16PO_10162020EX.docdoc ebd9a7a7b9549c9d6181a8972c532d559d5495d9a7decad112cb1d13c8a6e664Virustotal results 36.67%Heodo
2020-10-16INV_MX1975858891AD.docdoc cd26ab187d5f4f2fb4fcb48799e6fa9d43fbe49c83a2e0b719ca6547134ad108Virustotal results 31.15%Heodo
2020-10-16Y_MRB_100120_QKD_101620.docdoc 331449b7cf090472612be3eaaf098869cd351983a12f809e5b6dc3860d35c556Virustotal results 30.65%Heodo
2020-10-16892993255920.docdoc e408b0134e1a5e332b63c410eb81562e3ad9d7245d698a806e3b90793330a1abVirustotal results 30.00%Heodo
2020-10-1627975555.docdoc b3900bcd297271f2e9a902ee2c398ddb51468949bd90a5cbfb6f0531360cc22cVirustotal results 32.26%Heodo
2020-10-16DOC_40634862.docdoc 8e9462c9a3766b0a41a21d609caf5c36fd65d502b5e17bde7bb2a99628d16bd6Virustotal results 32.26%Heodo
2020-10-16INV_DDO3SQ2LW.docdoc 18b87dafb2baba028eb4b73c0fa26e56c77d007dfaeaa33de5a7b45a5842a989Virustotal results 32.26%Heodo
2020-10-16DOC_PO_10162020EX.docdoc 10cd41b88f5afb933304d8648ee8e133212ec41362f0e91940c3737fe13d35acVirustotal results 33.33%Heodo
2020-10-16I_IU1076119089XB.docdoc e6896dad4ee0bc73a3114762b88c9d93732c631e64c537334ac38f7c7c421141Virustotal results 32.79%Heodo
2020-10-16DOC_13181825455.docdoc 59353c49c62f983f096262d073e811f1b5b3f843352fc3cc78ff2a20e7aee458Virustotal results 49.09%Heodo
2020-10-16REP_SQ4053930616BI.docdoc 92d36d8404107035e4524734547170d1517c9ffff23480556c718f4c7c89d3d1Virustotal results 50.00%Heodo
2020-10-16REP_02996222.docdoc 83f30b3a4a10e5a1a7c91c9ca69d9bc4551924e63d41ca17faf0be34297659daVirustotal results 50.00%Heodo
2020-10-16RND_PO_10162020EX.docdoc 095fe16690d338ae33d6608dbe94adf60f398907737417666034e7a5b64eded8Virustotal results 50.00%Heodo
2020-10-16EA82OAYHDNL.docdoc 841460ec1cd34748b08eddabd123e6f367a7e01ea4768d7d8caaa8a8d765c8cfn/aHeodo
2020-10-16INV_2VM368B4X.docdoc 7e1333c6529018473221519532ee51d04523ad9354f66d62ea599d4bcb9b4a8an/aHeodo
2020-10-16REP_99896249857858871936589.docdoc 6bd70c37738737b137dddf5e137cff39eb5baeca80217787c95d5ce885c5854aVirustotal results 47.54%Heodo
2020-10-16G_JNOLSGZKHZ.docdoc d9dee0ffa4b0f9f8ae5c312de758420aef5fa12d4489a8c5f3e5ee627ea966daVirustotal results 51.67%Heodo
2020-10-16HN6497079763XT.docdoc 197ff18c407c279e436240984c946009e24dc90b17cb986b9bf9554278a8a699Virustotal results 46.67%Heodo
2020-10-1647727351.docdoc 29d8f14d9aad7f7303bfffcff57109e4a24983050638c356af826bf4febc04a2Virustotal results 52.46%Heodo
2020-10-16DOC_CWV_100120_GBV_101620.docdoc a0af2c0d46bfa10fc4589560d7055a18babee6615726fb2893b817e111f9ecbfVirustotal results 46.77%Heodo
2020-10-16REP_PO_10162020EX.docdoc 677cb2fc5d7a4e66220d66445d3a7fa7129fefcfad236744a558140e65d7264cVirustotal results 48.33%Heodo
2020-10-16REP_PO_10162020EX.docdoc 4175a2dd2295146108a2fb6d370f0d24239715d3709a82c0c6ec420a962efe90Virustotal results 48.39%Heodo
2020-10-15BAL_354371840034.docdoc 928793e8f0d35a4a78f1935358fffc9f25ccf0b8f0d4cf8ad4a9e7a1508f22b2Virustotal results 50.00%Heodo
2020-10-15BAL_ZZ6859338067HW.docdoc f3aecd021c57be4a051eb58488f96cd6183ea34153cf79876db7f699d5ce1032Virustotal results 48.21%Heodo
2020-10-15JM7482788915BR.docdoc 18a1cbac953dff9b006371606aa8ba5ebd1794c14f128e5f46d46629e60383c9Virustotal results 50.00%Heodo
2020-10-15PO_10162020EX.docdoc dba29a78e7fca48b133d315c553587d7ba8ed5185ea92e7630d507c84e74ea41Virustotal results 46.77%Heodo
2020-10-15FILE_EJ2261196777OO.docdoc 2955467d39aee8efaa08f284298b86e105ff6b8855c674bb41e38ca21d2c6bfeVirustotal results 46.77%Heodo
2020-10-15REP_SLP_100120_DCB_101620.docdoc 766e921c13edd4367d95fd44b3070b9d4bbee1886ba2e298fc91f030e5e034acVirustotal results 47.54%Heodo
2020-10-15E_PO_10162020EX.docdoc c9570917c32ecb1c6b6e8ffa9a486d3aebc0d0dca67ae6021b1c5a39f22e69baVirustotal results 46.77%Heodo
2020-10-15AU_30811397.docdoc 2fc8f20d9cf100c7de1244d5ccb17f14230e534ff24921e0cb537ebce7668908Virustotal results 48.33%Heodo
2020-10-15EE_46610673.docdoc 1d9754d306c2afe8fd501b6a7449ce2b31988935a52af20866fe321c5a5b0645Virustotal results 47.54%Heodo
2020-10-15BAL_JT6904347812UZ.docdoc 63409e6742b521d02cfb6f833ee7484c6db70237e48675a06c28cc7c9920bfe5Virustotal results 48.33%Heodo
2020-10-15BAL_90646209.docdoc dc7ade8fcae56fa5c268c86c9602ade9af26324733a73c86e60274a9f5b8e864Virustotal results 46.77%Heodo
2020-10-15BAL_PO_10152020EX.docdoc 2889aa2818bb6b697ece0258b29a039f5f46f85444792ecad4d3667806bb5610Virustotal results 46.15%Heodo
2020-10-15REP_EY0215081916XR.docdoc 590e91cfd2bc7164b8528b3e845e9d45e8328e9148b90c0836936e9d870ca895Virustotal results 43.55%Heodo
2020-10-15BAL_06958243.docdoc 004b9a020076d8317b6e57259eff30a147253aafc450379efc2c62a61fcd42efVirustotal results 43.55%Heodo
2020-10-15DOC_HHO_100120_IMX_101520.docdoc 75d886d075adebfd7c1f94df3158666fc565f14797f59d50cd7a2026d0e8c3a3Virustotal results 41.94%Heodo
2020-10-1586521568.docdoc 81fcbb632ef9fc5a4bbcbd81603127c1a0238b784579f62735dad19fda06ab77Virustotal results 41.94%Heodo
2020-10-1523253157.docdoc 8e85bdc8bfcc70eea561513c94cabb062b60b8270a0427d01f6db78ee4532b5aVirustotal results 41.94%Heodo
2020-10-15748723302608.docdoc 5054c0740abc74c3d953105c380fd564a4a6ed4ee869aea2d48102b7f9feb1a1Virustotal results 41.94%Heodo
2020-10-15DOC_18219154.docdoc dbd52eeae1181eeddab6c7e1fc6a63564fdf6c6ab43a2ce880a8f1af89531022n/aHeodo
2020-10-15U_WD4927919574HM.docdoc 4ca916c008b39d7fb20cc3e639ed697d7a55e9aff96c574d84ef918f7488cd03Virustotal results 40.32%Heodo
2020-10-1580161986.docdoc 08851f66b1ce9b451ab8c733fac74cc0211779a930b66f34242e2cbd6350db9en/a Heodo
2020-10-15FILE_67265594.docdoc 108c2c7c6598b9ff017de74522cabbaee096e3a62cc018573c6ce7c759a7dceaVirustotal results 40.32%Heodo
2020-10-15REP_78197367.docdoc d86352496d079f14dc91a06448f118b5035b992f0edc956a2d8a58b92a0f7417Virustotal results 40.32%Heodo
2020-10-15B_96071291.docdoc 44ee7d7e1ae4f8f1c2fa934e570db9d654c85b5534d842e0c2f0f509bd890eb3Virustotal results 40.32%Heodo
2020-10-15H_8540818847908647372946661.docdoc 150a907ef1ed91483bb2a8f713e223b4f30c5e5fbe1850280053b1ad4a8a05a4Virustotal results 38.71% Heodo
2020-10-15FILE_TOA_100120_UYO_101520.docdoc efe93d6ad36d611d66a955331e5f6443444d48cb2b68aebf2e9dca645f35140dVirustotal results 38.71%Heodo
2020-10-15DOC_91883071.docdoc 7f6fff34fe75172d6dc3e65d6d4d1dde5e78cd2a46c003fadcaa92a2ba511a5fn/aHeodo
2020-10-15INV_95173751201265.docdoc 41256efd7894629afb3dc541f59a761925108b7b28b51cdd6e62270fb238d671Virustotal results 39.34%Heodo
2020-10-15DOC_HCV_100120_TET_101520.docdoc 8a18bd4ad8eba8310bcd422c1ba2612b6ad2adbcbdf5fb76408f85fbf496b5ben/aHeodo
2020-10-15PO_10152020EX.docdoc d30ec2dde96e92164e6be1b42ad79b2b25464da4be6140e0965cb115a5d9e8ddVirustotal results 32.26%Heodo
2020-10-15DOC_3653375858702099485678.docdoc a6af3659e4963433d13e172e008c461d2b7c51e23095ab79381d98819d153e6an/aHeodo
2020-10-15BAL_6DRC03SRO.docdoc 5d3017d4878e28f04f39fe176de060a002b3f4752644eeb98f04ee2593d259dbn/aHeodo
2020-10-15INV_QVV_100120_CRF_101520.docdoc a8a34a6c37f7c220879f3022dee62f83c2f21e3285d534f65111131d363ac379n/aHeodo
2020-10-15N_295897869406298517404.docdoc ddabc8380b111a6ab0351fdf1e43024580cf19bf58f90bb43c51755ca4058ca1Virustotal results 32.79%Heodo
2020-10-15FILE_LFK_100120_FDL_101520.docdoc 6dd48bb5636ef582e56dda06c2c3bf04defa7e64b1369dec7de673098b94efa4Virustotal results 32.26%Heodo
2020-10-15VR2638343600IC.docdoc 0ff9d4c3cfd5a15918d7ed0e685e6b35da8c3c4fb272761910e8f3599bfb3647n/aHeodo
2020-10-15HJG_100120_OND_101520.docdoc 8877bd46df4f972056ba63398a055c5fe92b53cf944fec3f5b7f58904c39ceffVirustotal results 30.65%Heodo
2020-10-15FILE_1389499230527.docdoc 48caa70a3b31ff976df78f2b4525b27307a53e88d1ce4f1846dd5801dd2c9b76n/aHeodo
2020-10-15LXNF_26527881.docdoc b36b1ab739c6689f92c3da6e9a8c93a009756069b982b64e74e4075e98badc70n/aHeodo
2020-10-15FILE_10621551769.docdoc 6c5881955c63a7667fcdcbb9578f630c4ee7941cf731018c2bde6c0375cd265dVirustotal results 29.51%Heodo
2020-10-15FILE_PO_10152020EX.docdoc eb0efcd4366f3c4e3f529ff2b1e108a1fcb1e3ef0e7485cef709d9351d64b55fn/aHeodo
2020-10-15X_6K4ARI68YHG74.docdoc 5fefd7066e7cb6344aa6f4ceb150de371e98cc1de2af7bfa2fa46cb4949ff0aeVirustotal results 31.15%Heodo
2020-10-1556272086.docdoc 826df3430c822b2aa33180efdc56c45a6a2e76c53620a4956652785a354fe744n/aHeodo
2020-10-15P_86163879.docdoc 9c3dffbaa146c61c106f2b76127fe024ec9193641c046de19b1d144335206b7eVirustotal results 35.48%Heodo
2020-10-15INV_XTA_100120_YWH_101520.docdoc fc4e851464b275cb4206af8ce176350c7e12b7b1334a795cf27e48bb6cd9df06Virustotal results 32.79%Heodo
2020-10-15FILE_PO_10152020EX.docdoc 25aa35b354712a75a1fa86936a9f4195ea8e3c08a6e6f2c3b9820cb4dd28209dVirustotal results 37.10%Heodo
2020-10-15DMUQ_73780779.docdoc 100b400505d67803dd47e7093247e44637dade8df24255e8fd14b80a78f77533n/aHeodo
2020-10-15YGZ1KPEVYR37BC.docdoc 9954017c3108e9f6fd524436830144dcc04c49f339486dba48e2d3dd3dfbd0a7n/aHeodo
2020-10-15REP_AS8645593980DR.docdoc 2d22c090ca32c456c3d88c382392a124bf484fb67ef5737c1e9c6ed81b87e4fdVirustotal results 29.03%Heodo
2020-10-15BAL_PO_10152020EX.docdoc 8f3c3e1754f55a7a12976a177f7c9f34b9bbcc33b440d59073feed741fce870eVirustotal results 30.65%Heodo
2020-10-15INV_39827732.docdoc 1c801dab1da2fe35b4c87872baf097cb7b5500b886bc75cc29cd8aad2e83d2d4Virustotal results 35.48%Heodo
2020-10-15ESRHG9FH72R34IRK.docdoc 5b4c47d73226347391f06e552ff9caa035e74cdcd652ac424c4364ab6fcca280Virustotal results 35.48%Heodo
2020-10-14REP_IKS_100120_UIP_101520.docdoc efcdcddeb3af5c4adfe778f16974560901ff95704d36d10c3c7969b43e1e5e10Virustotal results 30.65%Heodo
2020-10-14H_CW8367564800VB.docdoc 285bac1c67ccd0ea184f852a4f063955511ea533a444fd1115733221099bb823n/aHeodo
2020-10-14INV_IAU_100120_GRH_101520.docdoc 766cbde7ddad3ff7d55d13146e76bdfdd1699d56ad5886d619dc2e74f2889d1dVirustotal results 29.03%Heodo