URLhaus Database

You are currently viewing the URLhaus database entry for https://denslegal.mn/wp-admin/aInIWs4EYtSFHj2dmVr2bwnunJJfKUdIwT7XnlkaBUbDn8H3jys6wIk/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:760309
URL: https://denslegal.mn/wp-admin/aInIWs4EYtSFHj2dmVr2bwnunJJfKUdIwT7XnlkaBUbDn8H3jys6wIk/
URL Status:Offline
Host: denslegal.mn
Date added:2020-10-28 10:02:09 UTC
Last online:2020-11-02 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-28 10:04:05 UTC to admin{at}itools[dot]mn)
Takedown time:4 days, 15 hours, 40 minutes Bad (down since 2020-11-02 01:44:18 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-30PO_10302020EX.docdoc 5e23c65a02e9c39918c300cb0da11f39930067a62c86e780cf303e4ba995eb8dVirustotal results 22.22%Heodo
2020-10-30DOC_PO_10302020EX.docdoc 6263b8ea9431ac48bf402098737c84a9cf49c01488319875132ef15ef7d5c6e7n/aHeodo
2020-10-30Dat_PO_10302020EX.docdoc f4983c5881da987bb4dcca9069e0134657dbd559cf50165c0f35c3f1c4595948Virustotal results 40.62%Heodo
2020-10-30INF_PO_10302020EX.docdoc 9ae7942321b9360d2c19a2199e6f2e21a3436b97787133280c3d267a00bd6b6fn/aHeodo
2020-10-30Attachments_3751856282103761006.docdoc d35ce7ecbf781e43242b0ddf34fc92d905f15b6279385f62ce2b3a7f3a700c74Virustotal results 31.25%Heodo
2020-10-30Untitled_QP4909812384ZF.docdoc 3619ca27723e87006b7061bd608e1e02d5087392ec513cfe82ecec069074fbd7Virustotal results 41.27%Heodo
2020-10-30PO_10302020EX.docdoc 2a2cd3fa6ea3c1207553da6896b030a743a3893ec1b95b494ba27d6423f8857dn/aHeodo
2020-10-30Attachment_QZC_100120_XUY_103020.docdoc a9e9b3f8a28330089d36e3ace6c5aa5ce2a38204767293a05e9c407ad2c4da4en/aHeodo
2020-10-30UNTITLED_EAU_100120_DDV_103020.docdoc 7bfa1640c072951be3fb17704054b151541525eaa8a22606d94fc2d037a6a663n/aHeodo
2020-10-30Doc_QVBMM1RF5K.docdoc aa221230a7342817478b117f2ed838ceb8290bb367bea08770c362b14c2fdcbbVirustotal results 39.68%Heodo
2020-10-30File_87864525.docdoc d77f9d8ce192df999a4c7c9564c086962623dc1a6e020f14bf19f264f59d316fVirustotal results 37.50%Heodo
2020-10-30MES_71576171.docdoc fa59cf4c1af3d49c804914946132b59157e3d2f1eaf2d2d11a2ac0d5f2f3f2a9Virustotal results 39.06%Heodo
2020-10-30dat_CKH_100120_BDS_103020.docdoc b8e37cb47da5ecf96e85afba207c615504c6e0d63335b4d2b9304fda9543eeafVirustotal results 34.92%Heodo
2020-10-3010308772.docdoc b2f80aa2efc9abdf137f78f830f2366b29e5bba74409138f8db1ed6163e25819Virustotal results 35.94%Heodo
2020-10-30dat_786777473151224546.docdoc fc80fc159e39cdd815b9470202534387227e2a22a7ecb333efc5628c4a0f76f2Virustotal results 34.38%Heodo
2020-10-30Inf_8823410527305665782.docdoc b03fc3f4764fbae8a92c677b03cc79e416905f290bcd7c6a5659410315245c90Virustotal results 31.25%Heodo
2020-10-30Mes_BOQ_100120_OIT_103020.docdoc b33622a59cee3ca443a74701f86f58ee524e9901c05d359270575f52d7d37380Virustotal results 31.25%Heodo
2020-10-30rep_71993814.docdoc 87582434c0b62f10bd24d5f8fe2636dcef3e0046373b8e05dadb27942be901f0Virustotal results 31.25%Heodo
2020-10-30arc_PO_10302020EX.docdoc 38ca20f2aeb5bde0d23de8c284f5f9b6eefadf3e2bfe1d44526548f434478f2eVirustotal results 29.69%Heodo
2020-10-30PO_10302020EX.docdoc 9cdf4102c45c7f549ee4e0290a07d4f7783c6371b1a8fe35a6f1f04d56cd6857Virustotal results 28.12%Heodo
2020-10-29File_PO_10302020EX.docdoc 57a23ee50bad094280feb716af4f6917dcf92157f899a609736ead07c82e6432Virustotal results 26.56%Heodo
2020-10-29Untitled_GA6845429269JB.docdoc 5de82db9541a97ffb820c52c562ee2c3b84430e1cffb0c8a98f70908d2a78c9dVirustotal results 26.56%Heodo
2020-10-29arc_8F8SPFXPISGB23U1.docdoc b716fa67c934451161c1be78e1587b3c68a53b5e219dc5452e9ea883d32a274cn/aHeodo
2020-10-29file_37682840.docdoc aa9631cdb98dbe55b81b029660a0589039561664b34f249207dc0d83e273a030Virustotal results 26.56%Heodo
2020-10-29ARC_PO_10302020EX.docdoc c685520233b6d670ab20445051b6688bac6affb5c8b99a71213937d99ac9e380Virustotal results 25.40%Heodo
2020-10-29file_PO_10302020EX.docdoc 785ca4b8a3e573d7bb977a2f180d8c717b9867bbf38583aa08b4a96fa4803c8dVirustotal results 26.56%Heodo
2020-10-29Rep_TZ5002722661NZ.docdoc 00f960f2c4dc8abaf471b3c55c877aad66b636338bd2d67a565393058b78c125Virustotal results 34.92%Heodo
2020-10-29OIX_100120_TDR_102920.docdoc 13346ca40c9af892bbe6242932212dc0320fcb73469450be993fe2b55f9126fcVirustotal results 33.33%Heodo
2020-10-29Inf_PO_10292020EX.docdoc c864f510cfcaca5ca5acb2a8ef66706e173195d47f0bc0956f1757e9f74325d1Virustotal results 32.26%Heodo
2020-10-29INF_XK6125094135NX.docdoc 4c38ead6f597c1bccaf5148980c46599eedc2615ee7f3378247b8333718a0afdVirustotal results 31.67%Heodo
2020-10-29P_PO_10292020EX.docdoc 51657b8a72e7e81349ee2744529184125522759769f93b02aebc3a2d33fddc2bVirustotal results 27.87%Heodo
2020-10-29E_27751437.docdoc 060a5c65a7cc6ecfa1290f84d608e94a147a447e1dd75ceedd3490ab079b6e74Virustotal results 31.25%Heodo
2020-10-29File_24440897.docdoc 16d27526d0453d93110c60d19d8a4680f2ae783858a4ec2093a235fcb819556dVirustotal results 33.33% Heodo
2020-10-29arc_IMY_100120_CQS_102920.docdoc 2ded110822e0153fbd8d8c157f8f6ca47440730ee4fa093e193eb720789b83a6n/aHeodo
2020-10-29mes_887081894984.docdoc af09d9b10580277dc290b458dfb6b85501ce39d6e430f87ee3fd349c3f672860Virustotal results 31.25%Heodo
2020-10-29doc_36486540.docdoc 1cfbaf38e833a8dcab12a6f7a0c42e5b5033bc4f188f022607c0e3853f92a6eeVirustotal results 31.75%Heodo
2020-10-29Attachment_ZNA_100120_PBS_102920.docdoc 44fd0e531f131ec3393dcbb90c1ac8baee6d5c4438afa02d458e67436af9a1b9Virustotal results 28.12%Heodo
2020-10-29rep_RRHAE9PT62G1EAR.docdoc 97c76ac78999951c70f47dc20b137d6a5f843fbd9597f8a62e977d4b463e2c79Virustotal results 26.56%Heodo
2020-10-29Doc_EA9367119675AJ.docdoc bcc7aff4bedea7ed486112d49796a83b2454c034e2aaf534028b904e76c816cfVirustotal results 26.56%Heodo
2020-10-29H_80530676.docdoc f1360579a25ea174943b561c1e8e174e0145373505152d928c6e1dbeaeae60ddn/aHeodo
2020-10-29rep_8KBA8OV.docdoc 75df04fe2bbfe95af6c2ff3ad6beb372645597b0350f6cc16f995a09e27da829Virustotal results 26.98%Heodo
2020-10-29DAT_2128298732881482568.docdoc 5edf42ab917e99566d6904b93308695efb66e834390a35fcdc05d184cbca6ef8Virustotal results 28.12%Heodo
2020-10-29inf_67401138.docdoc 5ed767510e9b2630ac3c6ea38470821c0c85acaf712cb5f45eddd5f6e0fcdc17Virustotal results 28.57%Heodo
2020-10-29INF_57894021.docdoc 9e8de88a3e7aabf6248a4a17e376f37501cb0437cf9127abda8283191eee760aVirustotal results 25.00%Heodo
2020-10-29List_9950137062815243.docdoc 5db58ed4308eeb76f9c66c885d4f1b53530d6c42eac9d755e67bf41989094087Virustotal results 27.87% Heodo
2020-10-29Attachments_PO_10292020EX.docdoc b97ef63f4cdcb7c82862e52763408c1c6e70b9e4282e940d30c71dee4630e8d3n/aHeodo
2020-10-29Attachments_PO_10292020EX.docdoc 02ded378bb9171cb19579495299062441281f67002a8f88beaee43c2dbdd94b4Virustotal results 24.19%Heodo
2020-10-29Doc_1XHEYX20FR6RGMKO.docdoc 1909a3514994e354da8e5abdfbb3b73173a1a6782a739ebdbfbacf098abf0fb2Virustotal results 20.97%Heodo
2020-10-29List_ALY_100120_GMJ_102920.docdoc 12c570f649005ea1ae77c36167843e3e87252075b68b652c5f05b0d8e54b2ad0Virustotal results 20.31%Heodo
2020-10-29file_698954424802015020.docdoc 8e33cf2204f19a828e1018b6ab9c762d52deb1ecd43a920491561fefd654086fVirustotal results 20.31%Heodo
2020-10-29Rep_VV3599568674TZ.docdoc df879036bfd4136c1f14cabcb7bc54e077f8b9e09a67404bc366777cf3d38d43n/aHeodo
2020-10-29mes_PO_10292020EX.docdoc 1ea025a1cd83c476f9edbb66bc98ca4af04a27f5b5d3d9eebcceb71386f0a2c9Virustotal results 20.97%Heodo
2020-10-29inf_WUC_100120_JYP_102920.docdoc c3c4c3d1a892c0244bc5d4911ad7533990556a3ed4a4561eaaf58379a82b3295n/aHeodo
2020-10-29doc_4T94RA9ZEH1UE.docdoc 371a442d56b47bd24ec601a710beb116a75f09be269d0a2e18b29d6fe0927bc1Virustotal results 20.00%Heodo
2020-10-29Mes_86175490.docdoc 5caf4fac63b4007116c090e6db0db81ad250d822e1fc251885c10d80d24b861eVirustotal results 21.31%Heodo
2020-10-29INF_V1A4EGBX1VA21K8.docdoc ffa31d45d93161ab298442d4f9d83cf8b0bcead9e50e92a048b6b0900415b59cVirustotal results 41.27%Heodo
2020-10-29UNTITLED_GZX_100120_QBR_102920.docdoc a94691d74d543c82cfb7a293d0de416bec72dbaa2a2776d2ffa9b176b28cc12an/aHeodo
2020-10-29INF_YHI_100120_TZZ_102920.docdoc c914f79bcecd36e66a0afaafa94fea889077dc0eeba31cb470833af137c79564n/aHeodo
2020-10-29ARC_LK4507297931CY.docdoc 63df7914667bd2adc0b6e4b2db5b67f07a6154956568765321641b6dc1469cf5n/aHeodo
2020-10-29Attachments_PO_10292020EX.docdoc 8d2d6adef59a01ef18694e5a3d506ce951137f27e28405c64bb16fbb915266d2n/aHeodo
2020-10-29Untitled_JFL_100120_GTD_102920.docdoc 4a64cdcef15cb3314d81486a5c6c1fc590e6579da756365b73c08c8adae77b95Virustotal results 38.71%Heodo
2020-10-29Arc_9SHWIIYCENXQ.docdoc 4bfdf04e63422e1f2b89b19ccdd74439826ca27342cac0f98e259109043cb251n/aHeodo
2020-10-29PO_10292020EX.docdoc 391bfc40b692a1742119596041c13976318ba374a5f74e5e441a2df28ad57fb8Virustotal results 38.10%Heodo
2020-10-29List_CZU_100120_VWG_102920.docdoc 40e1e0d4ba67280ae17c0050feb66bf13f27e271efd4fc91413f8553dcf12a09n/aHeodo
2020-10-29Attachment_TL4591260642VK.docdoc 7a6c44adda3ae4a87e18e7b6224fe08a361d32f37ad5a302faed9e8f83b8dd14Virustotal results 38.10%Heodo
2020-10-29file_SV3586883942VQ.docdoc b97d2b5410d55c774746d336facb4fac9b81552a5f84073496d20901af3c5f71n/aHeodo
2020-10-29LIST_57348807676728545266953.docdoc 16593eef39e8c04fdbb6390954522fcbb430e3d131921c0b5f4e9477ebd794f9n/aHeodo
2020-10-29list_PCV_100120_FNW_102920.docdoc 17d6d17702d158eda616b2096600e47fe0808914ae353ec5009763a5de5fffe7n/aHeodo
2020-10-29FILE_RF4111973420NG.docdoc 56b4b239b93d5528e7f80a5bddef47bcbe22a9318d3abf88be53dbb4aedd66ceVirustotal results 35.48%Heodo
2020-10-28MES_DQR52LJO.docdoc ad10b386d964b6056e529c2bdb70ccb19ba21b3b0a59ac606113fedc49626b81Virustotal results 22.58%Heodo
2020-10-28DOC_MF4OZLJI.docdoc 7384af9684329dd3916fa070ae356428bfb6f43d3ca6aa725f92d696dea83f41Virustotal results 20.00%Heodo
2020-10-28List_0888716313563.docdoc eae43aeb02650178d0fd02ed1c824f36d89c2a2950399621c4a7c29ecb8d7e73Virustotal results 19.05%Heodo
2020-10-28Doc_FB5345836752ID.docdoc 03cee0e4bd76ec300e6e09d41fb6cfc6e24346ed58c3aec95bc6a8dae7838a69n/aHeodo
2020-10-28arc_PO_10282020EX.docdoc 3fe50d0556d64f8a7214fa4e311bb0075f31b6bb0ea009d852c70bbe51a1782aVirustotal results 17.46%Heodo
2020-10-28dat_172125396497845.docdoc ac9272ebdc022c3e93ef6dff217e30a0434094ccb3b6c5ab79cc97a94cf1825dVirustotal results 17.46%Heodo
2020-10-28doc_9NXZYUTIP34Y6.docdoc 72bb45f25da9afa46d5e326089675c0a79d3ffe30eade356cd8114e74b2e58e9n/aHeodo
2020-10-28Rep_SD48ENQQQ.docdoc 783f27e26d14d3995898c2e135fa9944d4015481789286efd92026c7ef2ffdbfn/aHeodo
2020-10-28Rep_PO_10282020EX.docdoc 21509e892c4ef6e47bd2fe0d2290b20e48e4680f2f3537f12a061cd5912b1cacn/aHeodo
2020-10-28REP_NOU_100120_RLO_102820.docdoc 972396084dfd074cef1c597e9766918fc0d394d11b8762d20395a86ad5b5883an/aHeodo
2020-10-284426986247534119270.docdoc aa825d666a2394dad05c014830cd132ecdbabfe1dcfd7e7eba18ed43bda6de33Virustotal results 17.46%Heodo
2020-10-28File_SLO_100120_YVF_102820.docdoc fda83ece49e1914433f256654dde13a87be6f4a6b03bde2e2060c2ee1cdb815dVirustotal results 25.40%Heodo
2020-10-28DOC_KCW2O8E90.docdoc 302684a1df1b3b6bcf6995798581972d23b71888983b326ff3eed9bbcaf1c56bn/aHeodo
2020-10-28inf_PO_10282020EX.docdoc abb10d6a4ffa25a8f41ba0adf71c4afb7cb81cc2f6e0f603ca29da9ba9dbcc95n/aHeodo
2020-10-28ARC_WI7314713757BF.docdoc dac1189124e8ab688ce2381053958114e981ce05558b088fdb5ee651e107ecf3n/aHeodo
2020-10-28File_XUA_100120_MLY_102820.docdoc 92a3589e1b3fd70341f8bf112b36413666415cdd61c4c49564ec228ef12fb723n/aHeodo
2020-10-28arc_GNMC84W0XF1Y902L.docdoc 558c61e9709e06aa045d7ba7933b35b9fb9c125734e3c4e8955a573a31cba52en/aHeodo
2020-10-28Rep_PO_10282020EX.docdoc acec2b7cea57b2f5faa43b49be25b8f40c05ac23ef99e308463d9c8a13d1221bn/aHeodo
2020-10-28Mes_MG6650513355YK.docdoc 101ebcc462da774f817a7420d2f849189c1e6093c14619e3c4497d748e655110n/aHeodo
2020-10-28Rep_PO_10282020EX.docdoc 0843e95e73e1d9c719d84439a7243f080d431179cc900f1d3744cadcb2d19d38n/aHeodo
2020-10-28Rep_KV6501933143ZR.docdoc a35f0fa4b2082b66755f87c30fdb12e922d177ae2a22ea0289e2e292042817edn/aHeodo
2020-10-28Mes_ABU_100120_BVC_102820.docdoc 1133a03122cec0b03c3cf2b52c1b1737d103ec16050bc4deeb5914bd339a4900n/aHeodo
2020-10-28DOC_NV5956053754AI.docdoc 0baa66a446892d388453495c26ee71f8be5dadb844ad77c000f2c4de90976b7cn/aHeodo
2020-10-28MES_VXR_100120_ZQP_102820.docdoc 24778ec64b8c22f871acc6e863f37a6de831beb3d45a97be0b3e99ff9e17ac20n/aHeodo
2020-10-28dat_HT5051004119NV.docdoc cb10354a6aff051fe7ae1c2cfb38b40e5ed1c8fd1a4c4b1a35724efed4885995n/aHeodo
2020-10-28ARC_DMUCE9M6YI.docdoc f557390768f97bbb354c11917ec9e1ae3447832fbc09b34625656d8cb3db0931n/aHeodo
2020-10-28INF_LQI_100120_WNV_102820.docdoc ada1b895d8a1af1461e0b32f2366bef386fa6b6d3235cf99f9838896ba16d2b5Virustotal results 29.51%Heodo
2020-10-28MES_0Q07IDEFELTT07Q5.docdoc b2fd50c9b74180bf57162267feec075ce16b9d37ead25cca5f97840e44e61a1en/aHeodo
2020-10-28ARC_99658933.docdoc b749fa9443216bb372f3a786fe6f921aaf83800f69c46eec065ad8b2bfb0ad89n/aHeodo