URLhaus Database

You are currently viewing the URLhaus database entry for http://efq.net.cn/wp-content/Overview/7LvCzGT3QcMNSq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:698006
URL: http://efq.net.cn/wp-content/Overview/7LvCzGT3QcMNSq/
URL Status:Offline
Host: efq.net.cn
Date added:2020-10-15 14:46:45 UTC
Last online:2020-10-19 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-15 14:48:06 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:4 days, 3 hours, 25 minutes Bad (down since 2020-10-19 18:13:32 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-17mes-20201017.docdoc 294c6f87d8514072c30988bd55dd643c5c018b9f9ae05b9db1a97d034b31e092n/aHeodo
2020-10-178047Q_20201017.docdoc cbabf68dbf69bbc9e13cf1c4decc549416db53379348b45da4b5fedff65152afn/aHeodo
2020-10-17Doc-2020_10_17-HVG39643.docdoc c147f6f4d8e08ce92756aea055fb18dc3398e77ce2ba5a71bfa3d6eb5f3de750Virustotal results 53.23%Heodo
2020-10-17List 2020_10_17 947573.docdoc adbad3c068d4497ae8a6a18056cfc39fb152c2085f694dcace8e772cc1867f22n/aHeodo
2020-10-17inf_2020_10_17_POH933500.docdoc 90e7a0a9f215c30d103034801a89e4b61554c48bff10a98df0d09257cfc716cen/aHeodo
2020-10-17Doc-PZ337.docdoc 4885a6fe3e6e3cf17f4b9c157b848115b2b51fc4b8e3e478650c6d8401062476Virustotal results 51.61%Heodo
2020-10-17File-20201017.docdoc 203a54f8692f6554ad685a3d9e94ec1f3482366c3c455312540f744cbda4f479Virustotal results 53.23%Heodo
2020-10-17arc CJF9479.docdoc 78f2969b92269cd9a3e1cc7003b0949f47421d551c323dbeafa94ad0a836bf34n/aHeodo
2020-10-17List_20201017.docdoc 674b59aa10f963845214c91833225375d26e69ccece07609e8a5425a8d952346n/aHeodo
2020-10-17Dat 7342.docdoc 49bfab81e7c83836e13d24a1c3e607ce00aa745e850f110ef848cf96ab0b5b30n/aHeodo
2020-10-17LIST CH58623.docdoc 73a83fd3188295433015762cab772d1fc554aad7da08da7e0373ba66a0a9ba38n/aHeodo
2020-10-17Attachment_QB25712.docdoc 65fe5c36c465cfa1cc58f54aca29a2da9e56f3fa0b499ff8ae0b654338db114bn/aHeodo
2020-10-17MAQ16497_OF480.docdoc a9d9b8357ff803bd36d7bd0c12c770487fe774ccd22e81318606bad0f6ddaf90Virustotal results 52.46%Heodo
2020-10-16Attachments_20201017_D374.docdoc e6c583d968049b133209f01abf2a46bfb3fdb4abd68b5f0ef3e74881c438d1c5Virustotal results 52.46%Heodo
2020-10-16Untitled 8344.docdoc 38a7276166183fb51e2c60c91165d139295de90105097cb4e24b077d3fa5d56fVirustotal results 51.61%Heodo
2020-10-16rep_QBI3215.docdoc 691b2fc6acbee6cf5fb93b6afad38eb2f61c4a211cb17cb3c617c2bdebd48f61Virustotal results 49.06%Heodo
2020-10-16Untitled_20201017_8489.docdoc 164394c49305b99720cbc80504c003fa10b45232decac5c6e7ec20bf1827374eVirustotal results 51.61%Heodo
2020-10-16doc-2020_10_17-K5946.docdoc ea0d3c6f16a0b6c751479d44c06e9fc4ee4f7e47803b008c8ac0ea1ae93f5171Virustotal results 52.46%Heodo
2020-10-16Mes_2020_10_17_DNV07978.docdoc ee2a584f20b8fae9caa25baa3476b1dae0aac0d511a2a2584dde95eeb42c4d06Virustotal results 52.46%Heodo
2020-10-16Arc 242.docdoc 7440c2b0a8f5a75b09af167e9259a5fb5f7f449e9c496ccfad8f5675abcca4acVirustotal results 50.82%Heodo
2020-10-16mes-2020_10_16-A5284.docdoc 38a11481f8db3eb3a204bc7199da74cf95b722b0b5ff283001ff594b5bde8dfdVirustotal results 52.46%Heodo
2020-10-16list 2020_10_16.docdoc 6db73d3f7fc4ac1265b81af31cd04fb1ef63de503ea603a20b93daa896e18c11n/aHeodo
2020-10-16arc JZG129608.docdoc 0f3f04ac85e78d80efbda9617f67a8790049ba50df890fc992c9b0ea0688cb96Virustotal results 50.82%Heodo
2020-10-16UNTITLED_WP6062.docdoc de085b2aa71406dd284396b50a4931dc24c0648c58b6b5f8dc22b9d7b2d491d7n/aHeodo
2020-10-16Untitled_20201016_B8638.docdoc 87955bd537228add4702cc4c61db1af1de1ecef23a67ab74fa37955d95b4e4f6n/aHeodo
2020-10-16FILE 2020_10_16 6372.docdoc 0b39de8a1d12106ac3b6445b1837e1997793d2942550058963532f19297f3843Virustotal results 48.33%Heodo
2020-10-16INF-2020_10_16-9023260.docdoc f57355bd1efba81163d91947723bf0beb7e259ecb320963ccec0c38d46cbbbedn/aHeodo
2020-10-16Attachments-2020_10_16-934.docdoc b443088167d74ff3bc8ef184ca3771959b274954d6adb5263830985dbad709a4Virustotal results 48.39%Heodo
2020-10-16rep-2020_10_16-32799.docdoc 99afed8fd21f68965ded2cd4051511265ad6e953154eb5c8cca034a58bcfef0bVirustotal results 48.21%Heodo
2020-10-16Untitled_20201016_J2387.docdoc 411727e51c4712ff788de42e2407b0dc89a76b7a9ba1c5dfc3095bd82e957841n/aHeodo
2020-10-16List-2020_10_16-8001.docdoc 1393a509d3636597224811966d26db77105cf9e68c236f014ff603742fe1c610n/aHeodo
2020-10-16Rep-406984.docdoc b458f12a6949fee524edefc720811a94bcdae2ba4403be20f0b1df513f4c7ac9Virustotal results 45.90%Heodo
2020-10-16file 2020_10_16.docdoc 5f2eb46eed34d525d905966e80d1a6ec61d52eaeccf1e48b56ceec4a9b1403ebn/aHeodo
2020-10-16REP MBT24068.docdoc 010b1776c5506fbcc66ea87261f8d553b95f5cae9b6384a070015153b1cf6064Virustotal results 45.90%Heodo
2020-10-16LIST_20201016_BN416.docdoc b4e65fdac1b164a9b277b361fa7e64eed85695dcff02a782023e6f0b3e7afcd6Virustotal results 43.55%Heodo
2020-10-16LIST_2020_10_16_R6721.docdoc 9b0c5aec5692230b59ded74e1304bea6fb610f538e1ab081a0543a680dd86c23n/aHeodo
2020-10-16dat 20201016 H606644.docdoc d287bff81c1feb3a430765d65da182c2e0e6bccf813e9fd933c4ccdbc4151645n/aHeodo
2020-10-1649884409_20201016_055901.docdoc fd2e7ec691bc46f3e457732fec4f096dadc2d01c09ea3fee29bdd327fd1e322fVirustotal results 39.34%Heodo
2020-10-16Mes 20201016 8228571.docdoc 3211117a1dedf1e07fc2e66d19ba3a14d7194456beaf2de4a68331c36a69b72bn/aHeodo
2020-10-16Attachments 354482.docdoc 90cffd0102006f186e9809a5f916e759b79036ff866051b357fc06d35572f5edn/aHeodo
2020-10-16file_2020_10_16_541.docdoc 5127455c1a4d48c0e2da6bc1af0b9ca63f12e15b4135767c1486cae2a8e44ff6n/aHeodo
2020-10-16DAT_20201016_ECB329086.docdoc 29ea9e06f25c00c301899c1c4810c4267e37215d6e7a8779cf2b39c53dfff580n/aHeodo
2020-10-16INF 2020_10_16 3915621.docdoc 61cec25d2216c4e765af0a48b89874eda71f82d2e2203b656ca8d697952fdce0n/aHeodo
2020-10-16UNTITLED_2020_10_16_XPJ1105.docdoc 3d6b5a893401c3a90a478d03d2c8a2d3e7e294723cd52bce915742b6f0d6188bn/aHeodo
2020-10-16File F711.docdoc b94b648b652abff57d8cabcb2221a3a5d9f6415b3e93d79c587d43b3118ebf76n/aHeodo
2020-10-16Attachment-2020_10_16.docdoc c609c073a27725317f5ce95c17ca9a5cf5ffbf493c092fe49ca92a3f3f9e2694n/aHeodo
2020-10-16058697_V23749.docdoc 451edf5ac24f8ffa0c4421fef0c7d9544bcbd31cdbd072af9f1d14dc65f28185n/aHeodo
2020-10-16doc 2020_10_16 101.docdoc 2f2fc910ebf28cc8b687140edaf78de565a50a73f22bf2d0da6b4e8dcfa5c5e8Virustotal results 32.26%Heodo
2020-10-16LIST-2020_10_16-L670954.docdoc 59bc6c4c9aefc45191fcdc25edf0f1e99d98dacbd979ca2b917563ebb376b0f7n/aHeodo
2020-10-16rep 979.docdoc 950a860cc010f8e402b3f3cc3aa827a37dac110703b9353d744f0dcc4dac1ee7n/aHeodo
2020-10-16MES-2020_10_16-0351915.docdoc 23321ef2552ae21809b21f51b4380c31d17917222fe373a59d73500eedd99fdfn/aHeodo
2020-10-16Inf_20201016_6730.docdoc 953e1db493bd64b85be6166ddc1fcd8c35fc618189477b578cd123fcfc86611en/aHeodo
2020-10-16Attachment_2020_10_16_W629.docdoc a6091d359b405ea83e58000e282b0bd40824c64d36b4546077d786ff19124be1n/aHeodo
2020-10-16FILE_2020_10_16_G776969.docdoc a47762c209b57d46904972127a1289ee6b304fad012783b113472df47b76d81fn/aHeodo
2020-10-16FILE EAD824081.docdoc f9d5124fa2f49422eaacc95990935571a667118bbdebac076de0f178e54e9ce3n/aHeodo
2020-10-16Attachment_2020_10_16_TT693970.docdoc 5122b41d64f8d986ea881b2cfe34337e9998ba36ae9b854c680c0fdedd28968dn/aHeodo
2020-10-16dat_2020_10_16_289.docdoc c85e897e957fa44b137c35917ea9886343ba4b8d4fbc13668515d382ed874555Virustotal results 46.77%Heodo
2020-10-16D264_2020_10_16_JHV371109.docdoc a575516d48e96ddfbaa7108fdf2f06fe978074c0a71ff7162c8631b757b8cdc1Virustotal results 45.90%Heodo
2020-10-16Doc 2020_10_16 XX986934.docdoc c29e0628b36f838a071e5cf4bdca821647bdd53dab36d762eb02a680f0bf5d03Virustotal results 41.94%Heodo
2020-10-162523227.docdoc 41ad31125a6e154486cdaf02fb3a0e8f7c7ae67f8828e9502b4d25f731cb6386Virustotal results 46.77%Heodo
2020-10-16Dat-20201016-3489015.docdoc eecadd7f746afdb1f94c964c104b0bb340a550b78887329ed6a982be9d4455f2Virustotal results 46.77%Heodo
2020-10-16LIST_LZZ504.docdoc 8ca596c47a7c3f64989bdd6cd89f70123d1edd290b90213073d63af492531845Virustotal results 45.16%Heodo
2020-10-16Untitled 20201016 ID789.docdoc 0fc7c5948e396de87107663a180678d0eb591acf3e897fc39502c371fe9e17aaVirustotal results 40.00%Heodo
2020-10-16mes.docdoc 38a5fb11e6266a457f515df1b8c3ba51c2dfafb32164cec12057a63a473daad6Virustotal results 41.94%Heodo
2020-10-15rep X20337.docdoc b060160af00ceb90812eb219ac8e72258f487365866f64374c5786171cd6c947n/aHeodo
2020-10-15Doc.docdoc 9ad0875a2102f3ee12801e8cbaa933ceb7837cb914ec2102841a5e40a0eaf5d2Virustotal results 38.71%Heodo
2020-10-15ARC 20201016 H876153.docdoc d1b6dd32cf8a5aff83fcbfdcae6e3ef17d7fdee013c76b2bbff8d6afadad569en/aHeodo
2020-10-15inf 2020_10_16 521314.docdoc 47ce9bcd74cf07f1e9312e71da59c363eb8c6b91f592da4c37aada97a38318bfVirustotal results 38.71% Heodo
2020-10-15List-RE8216.docdoc f036538a7046a022aa55157c100643a3fec981117af3692a2644e1a272be126bVirustotal results 38.71% Heodo
2020-10-15ARC 20201016 YUK00025.docdoc b6a29fa485514c193ba2a233797415547a50dccb1b774ac2c80ea3809d4dc7aeVirustotal results 39.34%Heodo
2020-10-15FILE 2020_10_16.docdoc 8103d04629a03039728f51f15d3b206bec5bb301efdcf69dadecbcee0c613b74Virustotal results 39.34% Heodo
2020-10-15Mes_2020_10_16_YON074437.docdoc bb0d9d8cf3e5d3fb3e4652b1bdf66f7e687ebb79f7a388a116abbaf16a4653f0Virustotal results 38.71%Heodo
2020-10-15rep 2020_10_15 LO93470.docdoc 087d4ce4b2eda3a5b3163a35e16fd76ec394796385ba25d0fe279bf11b725571n/a Heodo
2020-10-15file 20201015 BYA2551.docdoc be2d72ee1a4da699026d47683395cd063bc94662a384bc7352e9596f63f6c843Virustotal results 37.10%Heodo
2020-10-15DAT 20201015.docdoc 9d63e85fccb951dc5848217cf3dac5996b6d3a303ac7b404916c3aeb62436d55n/a Heodo
2020-10-15Attachments-20201015-78596.docdoc 4592fc6669f3ce4767529ddbba3492a11a28bf8bab3e2e11f6fa03d5c0893773Virustotal results 37.70% Heodo
2020-10-15Inf.docdoc 23c0bd17639633e42565f9f04b0cc21cbbcad29cd6f92af5057e2062046b84een/aHeodo
2020-10-15Inf 20201015 8802.docdoc 8d837044cfe6ddefd6d312ef7c950fe91d0b6553415e1eff5bef008f400c9163Virustotal results 36.07%Heodo
2020-10-15Doc-FFJ595165.docdoc 8117ad79ae0a1cb9fdaaaabe9c70f2b3c050a8d3577d9bc37fd2b44efc1188d2n/aHeodo
2020-10-15Untitled-858757.docdoc 07b4cae0f6e23cbd90f7dd0e391b679add389e9c703aca59d37098d20c5f11f0Virustotal results 33.33%Heodo
2020-10-15rep_20201015_06033.docdoc 23ce738eacac99818f15c8b453a6de4406f1512b0dbcc1acc3563e02a4eebfcfn/aHeodo
2020-10-15dat 20201015 AMZ0036.docdoc 15f21498e046ce0577fa5fc0922e7c4953c8df70e99a1c3929c3c1584fea4938Virustotal results 33.87%Heodo
2020-10-15DAT WVH68386.docdoc 0f01e6ff5e272a9779e8d5a25386a404086eac44b113e126c97015f86c261363n/aHeodo
2020-10-15Rep 20201015.docdoc e8478be27f5ecc0d14908627ddd31be415ae967bf63ba72acd58bb77da27a3beVirustotal results 35.00% Heodo
2020-10-15UNTITLED-2020_10_15-TWA404.docdoc 445aa00de9569c6c0b8cd07b67ae1c92ea0197c63e22086c6bf17c1bb6f0807aVirustotal results 32.26%Heodo
2020-10-155743J_468449.docdoc b8a36c0d639f18dcede90970eca0e7f71043d1300ffb820340a118a84770c83cn/aHeodo
2020-10-15list-WBC96528.docdoc 062092ca21535a49a1a81954bdafd650fc8ac78c143dd6bb6e6a3ea95eecec66n/aHeodo