URLhaus Database

You are currently viewing the URLhaus database entry for https://zhidong.store/wp-content/VHk2DNyWU5b06vxEy0VdyTEejLlBx68CdJ/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:759992
URL: https://zhidong.store/wp-content/VHk2DNyWU5b06vxEy0VdyTEejLlBx68CdJ/
URL Status:Offline
Host: zhidong.store
Date added:2020-10-28 08:08:06 UTC
Last online:2020-10-31 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 08:10:04 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:2 days, 19 hours, 31 minutes Poor (down since 2020-10-31 03:41:31 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-30Untitled_ETW_100120_LVG_103020.docdoc f4983c5881da987bb4dcca9069e0134657dbd559cf50165c0f35c3f1c4595948Virustotal results 40.62%Heodo
2020-10-29UNTITLED_01873527.docdoc e134359bfa4a04bffabf20a6522d2a4c8d807619578853ba0387aa395b6495c9Virustotal results 26.23%Heodo
2020-10-29Mes_12147264.docdoc ac100d3e7a4985580d980cb7dc26527d01d4166b7bc89405dd21918ae03f7faeVirustotal results 21.88%Heodo
2020-10-29inf_64998848486.docdoc 9dc022a6d94a428fb2f095b0ecb4572e6b60e7b59a3ba584a8c4a04cddbf3251Virustotal results 20.31%Heodo
2020-10-29FILE_05215513.docdoc 8e33cf2204f19a828e1018b6ab9c762d52deb1ecd43a920491561fefd654086fVirustotal results 20.31%Heodo
2020-10-29UNTITLED_QMP_100120_VJU_102920.docdoc cd49f6f6b2b1cbf28331a1eff67e7179731f34a790a1bb69c89b65ffcfc38e01Virustotal results 20.31%Heodo
2020-10-29DAT_PZZ_100120_FNR_102920.docdoc 1ea025a1cd83c476f9edbb66bc98ca4af04a27f5b5d3d9eebcceb71386f0a2c9Virustotal results 20.31%Heodo
2020-10-29doc_KAB_100120_JHL_102920.docdoc a372ab149bf1539aadb69ea0484133adaea91b0c000a9bfdafa445dc23230d3dVirustotal results 20.31%Heodo
2020-10-29dat_QX9995279736MX.docdoc 371a442d56b47bd24ec601a710beb116a75f09be269d0a2e18b29d6fe0927bc1Virustotal results 20.63%Heodo
2020-10-29rep_DNG_100120_QGR_102920.docdoc 585ab6cc0502c04dedbca9318f5d7d278050dcfbeb477a09e8fee5b66916e38fVirustotal results 42.86%Heodo
2020-10-29doc_44681669.docdoc 38df7a8d7d8ddeec4905b01777148222f208d5030b7a44665b5fdafb5bd9ff19Virustotal results 40.32%Heodo
2020-10-29DOC_3HUCWDLEYFR5.docdoc 72e4ad0a1b83a8af4bffff0b32b6f8b9fe9680a323457b9ae5b866c9cf789ca1n/aHeodo
2020-10-29Rep_PO_10292020EX.docdoc 48f5efeee13fcdbe837223ddd4c1de97dd87be397e6f99bb95ebfd19af5aaf86n/aHeodo
2020-10-29DAT_PO_10292020EX.docdoc 6e9c088cbe83fb2b0f6c959df9f72eb6faa3316c7eaf8e1690f590a91e56974fVirustotal results 40.68%Heodo
2020-10-29dat_NCH_100120_QMC_102920.docdoc 761d87bcf6f5369f3cf451125ea7a56b683a729b1a4caf4a329bfcf95591d189n/aHeodo
2020-10-29W_35957867.docdoc 7161db36ab8dfa34e4ae1aefa3d4fd7923a2a89118835e1e8bc905216bbf70e8Virustotal results 38.10%Heodo
2020-10-29Inf_MP0132142997WM.docdoc e3a96d2e3adca1fc3dfea0ac14af9b1d4cec3a20d9d7c6874edf1c6fec60d90bVirustotal results 38.10%Heodo
2020-10-29Dat_9Z0I4N859LW9L.docdoc ae137af1fbae2ee2d0faeba97b97b4b52536f2b6d962c08608fc792f211d3405Virustotal results 38.10%Heodo
2020-10-29X_PO_10292020EX.docdoc 393cb1523cfa3f9dc1d2a45e467810be8447ea0f58435edf5bfd1e0938e293e0Virustotal results 38.10%Heodo
2020-10-29ARC_89742486692.docdoc 2ce6ab8ee89411f1463ed6831f078e930f121aaa93880728734efa7d25503623n/aHeodo
2020-10-29list_44934831.docdoc 665ea7994646d6f55327063f07c46e3d51cce78766dc14fc03031b5581283b10Virustotal results 38.10%Heodo
2020-10-2999082993.docdoc 9f2ed62dea3b679b6dfecbb79905a34ef056e81af2e92c4249fe4521711b047fn/aHeodo
2020-10-29Rep_70286408.docdoc 17d6d17702d158eda616b2096600e47fe0808914ae353ec5009763a5de5fffe7n/aHeodo
2020-10-28FILE_UFX_100120_ZWJ_102920.docdoc 2a7fa7333c9651955476107db7c4fabaa333b34c5c6938bfad143ae443d94dd7Virustotal results 25.81%Heodo
2020-10-28File_IH4616790039FC.docdoc 558f9ea460d8f9e9babcc477c01c40ba377d80607e6dec6640f78b0f12794bd1n/aHeodo
2020-10-28mes_PO_10292020EX.docdoc 6e663577a7ba709bc7fb008addc85b8177361cb8fe92f3c79ab88bcecd10783an/aHeodo
2020-10-28rep_GQ1609155224GD.docdoc fc6ba0089f3355775a62f986bcdebe3bf7d58d1934d524e952f9279bb82cce68n/aHeodo
2020-10-28R_BV6742051118KI.docdoc c79ff6d2cb77b1d4e7bc6bea1ea1b05d78d536e72254e93dbaeb1122ff214d8en/aHeodo
2020-10-28MES_HGZ_100120_DIZ_102820.docdoc 7384af9684329dd3916fa070ae356428bfb6f43d3ca6aa725f92d696dea83f41n/aHeodo
2020-10-28REP_JX6729325118FU.docdoc 9faf7ecca19101cc477bc73594fa79ead2d3224625802b67251f80a757242ae7Virustotal results 19.05%Heodo
2020-10-288015145237585940415204309.docdoc 5da940231b1ebc70e4c974d89da825e72365c081f4b224b0308a7298de66a788n/aHeodo
2020-10-28UNTITLED_QR1855206124RG.docdoc 290d99668c637b392210c43c77b9672357db0df908a2cee8c6c84399c0f3dc55Virustotal results 19.05%Heodo
2020-10-28LIST_OFQ90I0IL57AO.docdoc ac9272ebdc022c3e93ef6dff217e30a0434094ccb3b6c5ab79cc97a94cf1825dVirustotal results 17.46%Heodo
2020-10-28FILE_70875343170565393374.docdoc 78e751cac2d36740d34f5137f239e1966d34a62e63cb14bf6d6fb1ad7fe5deecVirustotal results 15.87%Heodo
2020-10-28ARC_W2WDM1965WU.docdoc e4d94aba5a47bbeecaa7eca44fdfd7d46fc85a1d2c46c55c704d159f3f378670n/aHeodo
2020-10-28Dat_Z7AE2DZ2I3WMV.docdoc 6c0cb9fa14216686237503039df79f6ee1a2766d5878c2e3ab77c9ace4204c11n/aHeodo
2020-10-28ARC_PO_10282020EX.docdoc 028f51dbdfd44aa2c12928be40c8b34c1178a7b36c3aa2556596393a09409083n/aHeodo
2020-10-28JOS9YNAPQDD4HOBS.docdoc a3f1465cf2e8a92e8d9f932ab8d561cd6a02e5f832b42bfa856a5cac7fb96566n/aHeodo
2020-10-28PO_10282020EX.docdoc aa825d666a2394dad05c014830cd132ecdbabfe1dcfd7e7eba18ed43bda6de33n/aHeodo
2020-10-28INF_76133584134477343.docdoc 7eeb30a34016ac7c6d48178f44b12c48df17acb131f0a96847d1cd67c464ce30Virustotal results 25.81%Heodo
2020-10-28Rep_RW3W16H6CS.docdoc 6c318a9098138d3197e96b6f8b19f0e341154549e78ea5e0671f54f96328d340n/aHeodo
2020-10-28Arc_17396833.docdoc 7d1c30660aa059eeca56d1c898483074e1bcaf59f922458e37e7155380a5d9b3n/aHeodo
2020-10-28mes_CQTF9LHVOT69X0O1.docdoc 3731935385f3f9940df18e1fe2a5efb5ff5dc256f1a9fd33882b58ba8b50589dVirustotal results 20.97%Heodo
2020-10-28FILE_HUE_100120_GXZ_102820.docdoc 245da199877ac955b9c2640666afb19d13d640da90766a000f6fc8b2c909582eVirustotal results 19.35%Heodo
2020-10-28arc_WKF_100120_ZLX_102820.docdoc e3f985d78f34ecba84d0385e8f3eb538aef89ae24be739e98166ce3c3422b236n/aHeodo
2020-10-28Inf_M7PGXKEMO48B94Y.docdoc ae264639594117f77da175c96741827cc7ecee91be8eeb65c10f207c26a2e800Virustotal results 17.46%Heodo
2020-10-28LIST_TEE6WMXA5TO.docdoc 6059ce335049c1b4200290f042fabd903bf0081c4677138bf256636f82e81c9cn/aHeodo
2020-10-28I_16826393182100.docdoc 9148521d1b0af5640383d1905b6cae8657ee59b51e04dc0d18624a10234ad20cn/aHeodo
2020-10-28BR9621236385BF.docdoc a35f0fa4b2082b66755f87c30fdb12e922d177ae2a22ea0289e2e292042817edVirustotal results 17.74%Heodo
2020-10-28mes_33791409.docdoc 7c5cba3f361edbd305005728464aa36e44d98db05cc52860a979780b6036fac6n/aHeodo
2020-10-28Dat_MCXOYPFJM.docdoc e225005a6da2c501109a5d73599e7697179f449c42e91f675b4fcb81e49bda29n/aHeodo
2020-10-28dat_72490551958594.docdoc d1e48d98d3d928c9e037cd42ffa40c55a3dd2821793b189555e6227789239a26n/aHeodo
2020-10-28Rep_WHH_100120_QCL_102820.docdoc 586ff0aded5422c4339495e0480f86f8454c8a813252983954522edc060f6e0en/aHeodo
2020-10-28Attachments_IHM_100120_HIN_102820.docdoc 6a3681628d5e90051c68dd3bf6855abcdff9d8b6e25447bad58745cc5406d4e2n/aHeodo
2020-10-28Arc_WB5185451927RV.docdoc c88a8bfd26b88fe11810b85a6ced566f6ecd9c06b535f98d8c7451c66c1716d2Virustotal results 28.57%Heodo
2020-10-28file_SW4847229671LK.docdoc 2ed9663048bfe1c969ee302588f17bbee321277d16204ebc6fcc3a626d03addbn/aHeodo
2020-10-28FGK_100120_BZF_102820.docdoc 3b2703a8136146bb26f76cf8aeb05e347c77170c548c652fdc716a1df532a920n/aHeodo
2020-10-28Dat_DQVEMYO08KCSYCFZ.docdoc 3c7adc03d47d4071a05f6829238a5d5e5e21389ae17cf278b8f88824cae02d83n/aHeodo
2020-10-28dat_PO_10282020EX.docdoc 7803eaecf62220ef80be8d61979f75486f28f13aa80efdea082cc27aa40e63e1n/aHeodo
2020-10-28DAT_YCC_100120_HNE_102820.docdoc 783e3178de387969ad58cadd83de2b88c6cffa406063d2f66e5ee8b67db11b4aVirustotal results 32.08%Heodo
2020-10-28dat_63595197.docdoc 7b343ed21ad3bb90d645e681807a420dfe3d74c032752a75cdaa9aa8cd934663n/aHeodo
2020-10-28Doc_PO_10282020EX.docdoc 06472f9f7853e0506b85ea1db0bb693aacedee79ad413c1ca0839a322f834df8n/aHeodo
2020-10-28FILE_YMT_100120_ICW_102820.docdoc 969f5e0df23f888aebe6c8cd981961e3bb23f514d3d55148d8c56d0309a7532dn/aHeodo