URLhaus Database

You are currently viewing the URLhaus database entry for http://azuzarweb.com/wp-includes/lm/h0zhwi/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:697919
URL: http://azuzarweb.com/wp-includes/lm/h0zhwi/
URL Status:Offline
Host: azuzarweb.com
Date added:2020-10-15 13:50:07 UTC
Last online:2020-10-16 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-15 13:52:14 UTC to eig-abuse{at}endurance[dot]com)
Takedown time:19 hours, 8 minutes Good (down since 2020-10-16 09:01:08 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-16REP_EVL_100120_QZN_101620.docdoc b3900bcd297271f2e9a902ee2c398ddb51468949bd90a5cbfb6f0531360cc22cVirustotal results 32.26%Heodo
2020-10-16REP_PO_10162020EX.docdoc 9e16a1c487318559bca602d0c341d760109650549d600ab32ea6c5b07b9c838dVirustotal results 30.51%Heodo
2020-10-16VR5873978593BW.docdoc a74b230d5a83dd721b98493e0a752cd0f9d6739bc4ff6f0046b798fa98513fbaVirustotal results 32.26%Heodo
2020-10-16BAL_PO_10162020EX.docdoc 5e68650f2243c0318d2a6e551b02d3294164edaa15b2fa7700e05337dd9eb4d3n/aHeodo
2020-10-16R3RGOPI3.docdoc 794cd8d6c12b283f0a19f40472aa0817f0b038ddce585fd66b0985d440e59616Virustotal results 50.00%Heodo
2020-10-16PO_10162020EX.docdoc d22ae8bce1c58f49acf052afd9fc15bcb9f31f7849b5cc3812ac610c97b3d984n/aHeodo
2020-10-16REP_BH8HYSSSG5LJMQ8.docdoc 147b9616588be0def766828cbdc415348543d772fbf13e9a7fbe0b37b0ebf3fdVirustotal results 50.00%Heodo
2020-10-16FILE_6OO779E1I6.docdoc 095fe16690d338ae33d6608dbe94adf60f398907737417666034e7a5b64eded8Virustotal results 50.00%Heodo
2020-10-16FILE_12532982586.docdoc e7c9e9fc1b9ce622bde709c5498c23114ea5f1716b9c3acf0091fd7a01960777n/aHeodo
2020-10-16INV_JREUVUYK3213HE.docdoc e50a486c4f791974fd105266ca6b3a7105238ef18dc5e96fb44a1d1e6d2bbc6bVirustotal results 50.00%Heodo
2020-10-16BAL_12107786.docdoc 7e1333c6529018473221519532ee51d04523ad9354f66d62ea599d4bcb9b4a8an/aHeodo
2020-10-1652661942.docdoc 195a50cab4bfb5ffc40475b4cfa57218d820afafb3a5f4398fa2cb446a290e1fVirustotal results 49.18%Heodo
2020-10-16DOC_PO_10162020EX.docdoc 874551f55294cc8838b596c8ffd8d4600ade4c1e932ea618012210a3ac7137c2Virustotal results 48.39%Heodo
2020-10-16DNVE_ZXR2LC7CGR9O.docdoc 677cb2fc5d7a4e66220d66445d3a7fa7129fefcfad236744a558140e65d7264cVirustotal results 48.33%Heodo
2020-10-16RFV_WS2186531426ZS.docdoc 63409e6742b521d02cfb6f833ee7484c6db70237e48675a06c28cc7c9920bfe5Virustotal results 50.00%Heodo
2020-10-16REP_PO_10162020EX.docdoc 4175a2dd2295146108a2fb6d370f0d24239715d3709a82c0c6ec420a962efe90Virustotal results 48.39%Heodo
2020-10-15INV_PO_10162020EX.docdoc 70652370e67cef224785a44a3bb57d19f00a8b000714cf7117ed9dec27b3c920Virustotal results 50.00%Heodo
2020-10-1534431306616773391614738.docdoc f3aecd021c57be4a051eb58488f96cd6183ea34153cf79876db7f699d5ce1032Virustotal results 48.21%Heodo
2020-10-158099404089493877.docdoc dd30e8495694397703816d63ba5a77f3eac6a41216b2d2d536d627d85f015c87Virustotal results 48.39%Heodo
2020-10-15BAL_51913595.docdoc 98d7c4d63fcd23e0417a08c9645e5bb0729a1fe136941495b001db7126726608Virustotal results 46.77%Heodo
2020-10-15DOC_87182392.docdoc 197ff18c407c279e436240984c946009e24dc90b17cb986b9bf9554278a8a699Virustotal results 46.67%Heodo
2020-10-15PO_10162020EX.docdoc 9e6ccb86ca25351f22a9960687787487cd93476f21e943368886f63c03167222Virustotal results 47.54%Heodo
2020-10-151944045481.docdoc 2ea42eea9abe81ee4415154eabd2fc00bb951b3a234e1b3ef9e824d77ee97732Virustotal results 46.77%Heodo
2020-10-15FILE_Q52F8WNNU6N.docdoc 29d8f14d9aad7f7303bfffcff57109e4a24983050638c356af826bf4febc04a2Virustotal results 46.77%Heodo
2020-10-15H_33668180.docdoc a0af2c0d46bfa10fc4589560d7055a18babee6615726fb2893b817e111f9ecbfVirustotal results 46.77%Heodo
2020-10-15REP_PO_10152020EX.docdoc 28a6bdd824538dcbdc61dc5ffe9d61ccf016e4a4bb027becec2d522503ec8b0aVirustotal results 47.54%Heodo
2020-10-15BAL_AD1128107645SQ.docdoc 200fd063fbce58987452058b68b6f0d32d9fd51afddd74f6ed466124627fc51bVirustotal results 46.77%Heodo
2020-10-15UE6154310237BE.docdoc dc7ade8fcae56fa5c268c86c9602ade9af26324733a73c86e60274a9f5b8e864n/aHeodo
2020-10-15320776173608195.docdoc 3a655449935db1d07871d79739c4fe01d8792844b72e4bc0c3f2c936b6d5ee1fVirustotal results 43.55%Heodo
2020-10-15PO_10152020EX.docdoc 39c25de18abaccdff5bdbe5fb490b60e00e8b38d1c30556115d11f468d4b6a76Virustotal results 45.16%Heodo
2020-10-155MSACMY52.docdoc 004b9a020076d8317b6e57259eff30a147253aafc450379efc2c62a61fcd42efVirustotal results 43.55%Heodo
2020-10-1540026435.docdoc 6f0ceb3c0b3cd6f963d2f3fd18d56b6b2efc81264aae48892a3da6f028e9de66Virustotal results 41.94%Heodo
2020-10-15D_2ROZF2U49OA0.docdoc a601d4de12b342342f6598cd8381b96e29a65844b37244bdff0603a42601f9a5n/aHeodo
2020-10-15PO_10152020EX.docdoc 3f6955a4c8030234f81c5371a9fe055356a777586aec5021a269eb74083d6ce6Virustotal results 40.98%Heodo
2020-10-15BAL_88152109.docdoc 5054c0740abc74c3d953105c380fd564a4a6ed4ee869aea2d48102b7f9feb1a1Virustotal results 42.62%Heodo
2020-10-15OY_OB2335440781EZ.docdoc 5cda834a168a9d33dd26026046b86bc3a1ec7773fe458eca9a2312c71348d95an/aHeodo
2020-10-1591BV4CV45E5VNZ.docdoc 4ca916c008b39d7fb20cc3e639ed697d7a55e9aff96c574d84ef918f7488cd03Virustotal results 39.34%Heodo
2020-10-15REP_PO_10152020EX.docdoc 08851f66b1ce9b451ab8c733fac74cc0211779a930b66f34242e2cbd6350db9en/a Heodo
2020-10-159401374457302.docdoc 38f4cc43acdb9ec74f28bf5a02a18266130f7602f32086f8ed0843119307fb97n/aHeodo
2020-10-15BAL_MN4443211433DB.docdoc 3af23db230b41473efc4a9e11313c77015bf9f75aaf0e161a94302a653a61fb9n/aHeodo
2020-10-158661289335772430.docdoc 361fb5f143468200213bea5b095c5524ce0bf1d54d56d49604f8328fa918e169Virustotal results 39.34%Heodo
2020-10-1502493147.docdoc 126e0cb8e06d086d1cb6cd52b90ecd444ee192b4be22ab082735f5c3e8b37228n/aHeodo