URLhaus Database

You are currently viewing the URLhaus database entry for https://sheen-vietnam.vn/wp-content/AqgYz1KZWZAGwdyg0dacK1B8gsFkvIwiRJwetNU/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:769859
URL: https://sheen-vietnam.vn/wp-content/AqgYz1KZWZAGwdyg0dacK1B8gsFkvIwiRJwetNU/
URL Status:Offline
Host: sheen-vietnam.vn
Date added:2020-10-30 15:20:06 UTC
Last online:2020-11-18 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-10-30 15:22:02 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:19 days, 3 hours, 7 minutes Bad (down since 2020-11-18 18:29:29 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-10-31Rep_BV4SG7Z75W5U.docdoc 858159295a83a85ce85a8e18a4398873eb02dfa32012325f963ab2de57c8c0aaVirustotal results 56.25%Heodo
2020-10-31FILE_HAIYUWPK84JM2SK8.docdoc 4ea3b44401112b07c8579bc245bb22ee9c40c153200538038bb8bc8d53f6b632n/aHeodo
2020-10-31list_PO_10312020EX.docdoc 369deae0aea3bfa6e8367f494d149dffe4c9a5f821bd8270c06016f0e6923227Virustotal results 52.38%Heodo
2020-10-31DAT_99525732.docdoc 2d3d4e0033829c37a82f24c6499a0786dc993903374e611aa94c4973a4066dfeVirustotal results 53.12%Heodo
2020-10-31Dat_48551691191072504571420.docdoc 7419637ce4e2a7bf1c8503dd9f1878136c8bc0e38e88521f6500c7c717524be4Virustotal results 51.56%Heodo
2020-10-31Doc_PO_10312020EX.docdoc 03b477c67a30f1cc63aa897f954709c42c74cc2907d8639805398a4615cad1b6Virustotal results 52.38%Heodo
2020-10-31DAT_31790280848420034220739.docdoc b48b7231ac7d5bc0a2ba5883e7a634a557c606b06b97bf45b2842523959c4a37Virustotal results 53.12%Heodo
2020-10-31mes_3879744358840.docdoc c586bc35250934f22523a7bee6291bb320a8c31a1c2cda2689c51a9a65796524Virustotal results 52.38%Heodo
2020-10-31INF_65088215109227264701387.docdoc b104e5360f8f17268449e97ba36749b921cf7cdd797fdb8a28ffe20d8d9c59e4Virustotal results 54.69%Heodo
2020-10-31ULI_100120_KOC_103120.docdoc a77843eba99adffde7cc22482865a6e64cd0217a4779ec035d11d060982996e7Virustotal results 53.12%Heodo
2020-10-31file_PO_10312020EX.docdoc d0173484a8073ed5336acc965770f3875b704785bf08f59a929f20c65512e1fbVirustotal results 54.69%Heodo
2020-10-31OHQ_100120_UJK_103120.docdoc a914d86d2a97040bb1c91827828f9ec8e72e18d73ca90d884b5d385e4c9793f5Virustotal results 53.97%Heodo
2020-10-31Arc_363239633971352831028995.docdoc 9210f9032280641d080e5abde6a49a3032839cec91f757f2469a4eeeb4080afcVirustotal results 54.69%Heodo
2020-10-31FILE_ZZLS7O42J0W.docdoc d1d8c0384f3780dd6287efc3e864f9fe60b6efe14f613f0cc2ec0efb0aa97dd6Virustotal results 28.12%Heodo
2020-10-30Inf_DNY_100120_UUW_103120.docdoc 9918cf9fc52a9d19fe483b17d847fc7fa23d4fe150c5df91abb94e61e932cf1cVirustotal results 53.12%Heodo
2020-10-30Dat_55087991.docdoc 07b3f8c72f07dca70496f6c792df7c12b6b782090056851ccfa67620fe7a27bbVirustotal results 56.67%Heodo
2020-10-30mes_6NOUSF46ZUO.docdoc 6a8e52f8792ecae215c55e1f73b2895cc0b304ee39db3908356b71ac38722b0cVirustotal results 55.56%Heodo
2020-10-30Dat_JZC4LKPW7T.docdoc 49931e499615a1dc36cda98151d3c406413f1c47504b38f2bb658631313c273fVirustotal results 54.69%Heodo
2020-10-30list_PO_10312020EX.docdoc b79376701bfc97b082e9d8d61f6886b399692a2b154c6095559ab1da86e4c518Virustotal results 53.12%Heodo
2020-10-30FILE_FEN_100120_LLP_103120.docdoc 5041a2eae4b04f23df9804031b3a30e815e0c2310bf42d82176cb89618617933Virustotal results 55.56%Heodo
2020-10-30REP_3647614869887.docdoc 20a348277c58a86bab1a218fd2dc97ea61811eeca81bbab000bf5f0afa562b36Virustotal results 51.61%Heodo
2020-10-30Inf_ZN3625598246JS.docdoc d577446435b94d0af2a829f1160b594e95c8051f6b069400ff61fa38d151ba54Virustotal results 51.56%Heodo
2020-10-30MES_DV6939293298UY.docdoc 8ead4e972ba536f428fbee5bb8f687ff6a1efdae4456aafb1bbb176b37672180Virustotal results 23.81%Heodo
2020-10-30DOC_SW3130121336UK.docdoc 0df4e83145becd16b2074bb93563596b613e43856bbd653b98a316f5d92ab817Virustotal results 23.44%Heodo
2020-10-30doc_PO_10302020EX.docdoc 75ca20340c21dbd94ba3ec4c8eeb14f3a78e68a955701cbdc754c29163674a3aVirustotal results 33.87%Heodo
2020-10-30DAT_MAZ_100120_WJW_103020.docdoc 6263b8ea9431ac48bf402098737c84a9cf49c01488319875132ef15ef7d5c6e7Virustotal results 34.38%Heodo
2020-10-30IO1EAXLBR1098OK.docdoc 6270902fc810af901f9685bb0b3251f8cf96445514e9bd288b51d51156701665Virustotal results 25.40%Heodo
2020-10-309278467119696528229.docdoc 5fc665986d6e0e5763554e4d9f9db9ccc61b2c20fc408e955d286a458f622f48Virustotal results 47.62%Heodo
2020-10-30UNTITLED_26124121.docdoc 1b230d33228fd383eaf4cc6faa376c0173fb8ff8d70c42dc9ab1ee5eacb411den/aHeodo
2020-10-30ARC_378815282044058452831676.docdoc e2b96a7780f1274b8e106466239f4c6b39c17c0b6dbf75223abe4849c04324afVirustotal results 44.44%Heodo
2020-10-30Dat_13439159.docdoc cd7af62b6cdbf35cdd60b11e87084e9e0c08ae9a790abe502c3a9d5a62c4e8d7n/aHeodo
2020-10-30inf_PO_10302020EX.docdoc 4e1fa1070d35befd506b61e5fcd7757c603c2289e9c09d657c6378bdfa6b8583n/aHeodo
2020-10-30FILE_OA3842769277SS.docdoc 37883d07ad4425576b685b357ea0364ec4d057b544b6e9442472263023f3c36fn/aHeodo
2020-10-30Rep_SE2171197091HU.docdoc 4eea09772ca2174c6dee225349ae15f55b9e8a91ac3aed6f961a4815ea86f462n/aHeodo
2020-10-303318501288.docdoc be0b7b1655cf76359f685b7367592ccbacace133e9a4b1180b5dd7c364d6be29n/aHeodo
2020-10-30TO_09197288.docdoc ee781329e536d1270bc3e7ad2496b545535f3ceba3db2743fa213b6405d011a7Virustotal results 42.19%Heodo
2020-10-30arc_018407300708100491.docdoc 26ea21f32fbf8f9f6159707d8251c281efcd51b2a44120dd051b65c1c3307a41Virustotal results 42.86%Heodo