URLhaus Database

You are currently viewing the URLhaus database entry for http://datijingsai.aitutor.cn/framework/eTrac/DXx8Un5UoPQwHcPReE2o/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:717448
URL: http://datijingsai.aitutor.cn/framework/eTrac/DXx8Un5UoPQwHcPReE2o/
URL Status:Offline
Host: datijingsai.aitutor.cn
Date added:2020-10-19 11:42:09 UTC
Last online:2020-10-19 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-19 11:44:02 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:6 hours, 24 minutes Good (down since 2020-10-19 18:08:18 UTC)
Tags:doc emotet link epoch1 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-19rep_20201019_QZ74877.docdoc 0ffcccb1c460d3df51af4cfb227d51a634850c77cdabae32e69c63e7e700c298Virustotal results 37.10%Heodo
2020-10-1922910_FER254.docdoc 23336befc49738026a6624eb166f78e46aa7406a71d5456f1c2baad0b6a886b7n/aHeodo
2020-10-19MES.docdoc 4846b137d8cc5dae6ed7e1b3477444bca0adc09c3c8c235c17116f513c44bf63n/aHeodo
2020-10-19Arc_20201019_TO3015.docdoc 2e635c36fd2df11f722f382050313dc4a5a445f9edee97a2066ee2a0291bf860n/aHeodo
2020-10-19File_20201019_359.docdoc ab4999a6bdcd2a735d994d4243ac6dad6bb52a5224243bc771cd0156d69bf71cn/aHeodo
2020-10-19Mes_2020_10_19_EOB105342.docdoc 7981dfcd74900eec21f482e38167aea8752d9b249891ddcdc602aa7d5ec08a2en/aHeodo
2020-10-19list-27378.docdoc db6970451a78f49bcff25255c4db3dfd1e8ed3a5a9b7962ce5c4256c888dea2cn/aHeodo
2020-10-19rep_20201019_LHK8888.docdoc 725e66047be2a54ea02b16d3531f3e755345b2de161135f6ddc0e8545dcd7f96n/aHeodo
2020-10-19UNTITLED-20201019-3164.docdoc d75119e895cc84de39a3e027d94684b52a3cc73f74cd7b23a2c2a913a93a13a6Virustotal results 29.51%Heodo
2020-10-19Arc-20201019-2884.docdoc 682227888771088eeee2993f6f734a5926de42f3084da166dbf35118fd3dfd36n/aHeodo
2020-10-19Attachment_2020_10_19_AX759.docdoc 6a1c178a30f040e280b211b75d7a6bd7979bdea40c4e74f1c8e32d72775ed2e7n/aHeodo
2020-10-19LIST-2020_10_19-675717.docdoc 11990afe7fc440e444fdc61ee3e230ad5773c1941f3eef60cbc399a6362e3782n/aHeodo
2020-10-19FILE 2020_10_19 124147.docdoc 63d25f0ded8f5f5f6c9d8d7f196e0453ca88e44192bf63fbbacd127a76d285ean/aHeodo
2020-10-19Mes 2020_10_19 VP63408.docdoc 1b7aaa003868787023641efe46717c956ba3b56fec893662ba0d5b99092ded0an/aHeodo
2020-10-19INF 2020_10_19.docdoc 1b3960b5aefb5b0d79a4c600a84e1c05a0e6c18e26eb79c3696db1bfc35a23adn/aHeodo
2020-10-1937968 2020_10_19 LDD09852.docdoc 1c64681ad654aa1b8de3bd6f0353a5e4d9eba3888a30cf01648f1fc5602f838cn/aHeodo
2020-10-19REP-2020_10_19-51951.docdoc 0185245773f63d1e1746144ed411e2fcfaa55970895f266d2d116f9405296d7dn/aHeodo
2020-10-19List_20201019_VW53425.docdoc 0b313ee83e1ee84fdd033f9fab31cebf4cc2a00b4679f12db3fb262a1e68ce85n/aHeodo