URLhaus Database

You are currently viewing the URLhaus database entry for http://www.bnnjhbhhuj.com/wp-admin/glL9fJgyLtmk/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	764448
URL:	http://www.bnnjhbhhuj.com/wp-admin/glL9fJgyLtmk/
URL Status:	Offline
Host:	www.bnnjhbhhuj.com
Date added:	2020-10-29 09:07:11 UTC
Last online:	2020-10-30 03:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-10-29 09:08:19 UTC to ipas{at}cnnic[dot]cn)
Takedown time:	18 hours, 4 minutes (down since 2020-10-30 03:12:48 UTC)
Tags:	doc emotet epoch1 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-10-30	Arc_2020_10_30_769.doc	doc	17ad42be381daee731d661bbb69e4ee30d40efec56d85b18aedc6655b0e86159	28.12%	Heodo
2020-10-30	arc_2020_10_30_0469.doc	doc	fba41fdd9a1e8b12844d2ed37a39199dbbc262040af00488032ca8dd37d99af8	n/a	Heodo
2020-10-30	56548-2020_10_30.doc	doc	b545e214876c467f0c8bfb4a8d398fb5d3703cc0926d54c97f16becd283fa548	n/a	Heodo
2020-10-30	Rep_20201030.doc	doc	eb5e7b9d8554e92b57e2560655716ddcb3e4a10c2769af68df19681e80692bc6	n/a	Heodo
2020-10-30	505QB 2020_10_30 86668.doc	doc	0959eb24414ed4905b9b3ae4892e1489673cb1dcfda78853f7cd12bb8506984e	n/a	Heodo
2020-10-30	ARC 811.doc	doc	34ebdddd214c6abbd22fc74af04fdf1d1af2b6ad1563f85e1d2c63ddd5f4be05	29.03%
2020-10-29	Inf_2020_10_30_M932.doc	doc	39aac454150ec504ceb483a99e30bdcb29a3725664a6ef2e1a02c37f57569e91	n/a	Heodo
2020-10-29	H296-K5043.doc	doc	f0560fe5e04420d7665dc216a6e034ed86b3f265475b2dacbec5257b95cf59a2	n/a	Heodo
2020-10-29	3190660-20201030.doc	doc	04994a1c8ed2e114ae0ae3ace2037a957983121aa110568738e22db0f364bd03	n/a	Heodo
2020-10-29	arc_K8684.doc	doc	1c802678220f65ea3b50e82874a9888689aec3c069499e2941f3bfc7d001c726	27.87%	Heodo
2020-10-29	INF A52835.doc	doc	7b19aba09ade5a1a352093300d08d794bfff64bd05e26c013716aff4f94986b3	n/a	Heodo
2020-10-29	535 20201030.doc	doc	f7859c423dab46818b45b25833fd584c16ed8e13e40c154fbf31c4266f11566c	n/a	Heodo
2020-10-29	dat 20201030 26482.doc	doc	21ecf97e45b783a3190a5c6d8f636bade422be9afc2b033ace740c9d73ecc802	n/a	Heodo
2020-10-29	MES_20201030_Z08227.doc	doc	2be3530ff6d9e0f4b458a86e11feb81aa3d930a3708a0018a6b7205d08046aa6	n/a	Heodo
2020-10-29	Mes-2020_10_29-G9935.doc	doc	57ca70312f48ec1eebb7aed03d8d09be5ecf574828adfd77449ce63840fb6e9c	n/a
2020-10-29	Dat 20201029 915.doc	doc	71118241cefbb12d8ed23ed111176158875709ca3064e880a12a6dde1368af05	n/a	Heodo
2020-10-29	inf ZZZ8458.doc	doc	73940cdfc897c46fc59799c1d435f540a9283b197679e47435a37b0f52bbe782	n/a	Heodo
2020-10-29	301-20201029-7272.doc	doc	f452ebbb6a749f0cd58dd03de749ef6a2158119219902efa67d5f025461e96f3	n/a	Heodo
2020-10-29	52947364 2020_10_29.doc	doc	46d9e560db1a1d687d58d92ded82cd4ddc77a154a7c66bcc99d628f7386c97ae	28.12%	Heodo
2020-10-29	MES-20201029-TL116.doc	doc	2c6e4a74fc1b23c3c05b2e5717d495853be7408768a603493d3f7e104a3bc9c9	26.98%
2020-10-29	Untitled-20201029-6701.doc	doc	3957af6bab72b10a46bb4661d6f6bef94195cfe1de6e298fa6305bf37021250c	n/a	Heodo
2020-10-29	list 2020_10_29 859372.doc	doc	db4adbabd6f727da5581e4a10dc40afc618d3a078cf821fbcfffe33f3ca374a0	23.44%
2020-10-29	arc_2020_10_29_65509.doc	doc	f72dc65ff43a2bcd71bdb4e6f7241cb06691ed24bf9630379b104f9d414b8793	26.56%	Heodo
2020-10-29	DAT 2020_10_29 PRW3664.doc	doc	f05eab6d981a4919d9782a275bbbe85a79c904a3cad417cfe7137d20c30aee63	n/a	Heodo
2020-10-29	7997-20201029-DFM885999.doc	doc	476d235b6bf1eb37706541f02d4f91a47a62804e13a658dc0b98711e627cdb19	22.22%	Heodo
2020-10-29	doc.doc	doc	33cb7f958bec519b7913f6c21d9c4c00ec1968a9f4de14cfff0ec251f9c5e8a8	22.22%	Heodo
2020-10-29	Inf_2020_10_29_22689.doc	doc	c5fb6da467aa03871b3d49d8bc5808b6b8e051dca7bd1aa57b58324d9b9a97ae	21.88%	Heodo
2020-10-29	arc 2020_10_29.doc	doc	7b34d2cab76c7751570f264cd306892fb006fd5e274c8dbe36687bafc63dfba8	20.63%	Heodo
2020-10-29	FILE-2020_10_29-WYO468.doc	doc	5597d783bf7dc649677795638f8bbd5f97676ce49e443df3ee1fd032008f5609	n/a	Heodo
2020-10-29	9501900.doc	doc	9b07284911933292adaa09d5563e521c45cb793bb101bda59ff70675ba205632	n/a	Heodo
2020-10-29	UNTITLED-20201029.doc	doc	ef4c809d5fff1ade631c5c6458f00c553ce632200146b30843dce3b001958e6d	26.23%	Heodo
2020-10-29	UNTITLED.doc	doc	691fdeef1abdf9ff8b887a8525d4c15c82e16eacae4e41fc10cf14300ca23148	n/a	Heodo
2020-10-29	Attachment-U7018.doc	doc	2a117f803129615a11fb51b03aa78464658c82e754b6140a4a01b2ef3bc13a69	n/a	Heodo
2020-10-29	Attachments-20201029-793.doc	doc	3400d3365c00f74da9c7e268a7467a4fb6df77e14095a274358b6646f084d1bf	n/a	Heodo
2020-10-29	mes-2020_10_29-5233611.doc	doc	c639ec18eb060e72b5377a99575d50eaf280703d4d8027c1e133c13aeb663507	25.40%	Heodo
2020-10-29	0650613_U479430.doc	doc	09b8d65b64218ad504489c3b2bc0e3cd74300774ddc3e908c0628f95234fc3be	n/a	Heodo
2020-10-29	inf_20201029_55647.doc	doc	20557abb7e18f9b4d279a25980e9858441be3f6198b35eca3d9f537a706a9760	18.75%	Heodo
2020-10-29	dat-2020_10_29-ONC2364.doc	doc	57a2e7cd4e20b8e390c688410f9110250333c78391bd3009e9b0336cff41edad	18.75%	Heodo
2020-10-29	Inf_2020_10_29.doc	doc	375ecb4ff7163aa373b7a77d0a05b1a658a95b2f3455394d91a0c798b1fc63a8	18.75%	Heodo
2020-10-29	File_20201029_FDF354968.doc	doc	01ba58403e5e92440779e53390420eb7a6402a07bb531cb2b731401e06b617aa	n/a	Heodo
2020-10-29	rep 20201029 918976.doc	doc	5fbeebaabbba9adbd457f770050570e8282b9a94006a2d2368d4e8d5a0b4425c	17.19%	Heodo
2020-10-29	rep 2020_10_29 30956.doc	doc	96d4154d84eb54805cfe88cbd53d111df4b131022eee8e5886a6bb2aa5fb5bdc	n/a	Heodo
2020-10-29	Attachment-2020_10_29.doc	doc	ed0680122897e2b9b3bb061cebc25727e95ed976965ee9fcd6aceb21ac85ad08	n/a	Heodo
2020-10-29	311-20201029-XAM5075.doc	doc	dfaa310d7bc496dfbf4e407c13620aee429e24721f9c6c41ee196236b1e6c2a4	15.87%	Heodo
2020-10-29	UNTITLED-2020_10_29-653.doc	doc	a0d8f88e55cc54083128e7f43494f76871f9f0483a97f1e68887bf224622d62c	n/a	Heodo