URLhaus Database

You are currently viewing the URLhaus database entry for http://drziq.com/nynfp18/fJxmu62pCBk1WDYGOU89kONsgbHbDUeNSDXP/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:938751
URL: http://drziq.com/nynfp18/fJxmu62pCBk1WDYGOU89kONsgbHbDUeNSDXP/
URL Status:Offline
Host: drziq.com
Date added:2020-12-22 16:28:04 UTC
Last online:2020-12-22 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2020-12-22 16:30:29 UTC to abuse{at}inmotionhosting[dot]com)
Takedown time:5 hours, 25 minutes Good (down since 2020-12-22 21:56:14 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2020-12-224N1AK1HK9EXQRQ.docdoc fb2dc7dac3bf88b2407c132ee3640a68b2eec868b255245d07b6b88306065203Virustotal results 19.35%Heodo
2020-12-22LP5KU521.docdoc 0afaf6e440bc0e03442ed8eb75f681526dd7f4c0fe9ac2f21b5e77401ea41960n/aHeodo
2020-12-22DYHZHTI16PKJ90.docdoc ac4a11a17747f0db974bbb343bdf32d636c82bc667c3223c23567faab4377eccVirustotal results 22.58%Heodo
2020-12-22ZGRQN9V620M.docdoc 0e0a8e32415a80ba95b8af747d13f3b6312498145d1677df7641ba3c9cf8e9b6n/aHeodo
2020-12-22TDWG4TOZWL9DYI.docdoc 672fd53363516e84ed426b99e3465bc33a40e08ecad177bad2c69349b92c7828Virustotal results 20.63%Heodo
2020-12-22BCDNXI1VL6YTW.docdoc ffce79e8ecfa61f2f82aa9b40d611c100e6cd68cde6fc34b012ebbd21750908dVirustotal results 19.05%Heodo
2020-12-228U2J082.docdoc 012f7f15e9d4bed2d2d8ac3019cc2197b728f54a3650cd0a5d8463e6a2d95525Virustotal results 20.63%Heodo
2020-12-22M1VKWA.docdoc 755b0648467884ea407cb2be70ee59bdff597edec6e149816e553134e25aaf54n/aHeodo
2020-12-224DZWOFD.docdoc 73132ef9149825650cd15e4cc30adc5672a95f12f241a676c2887d1af9d205ecVirustotal results 20.97%Heodo
2020-12-2251K2TIQ5I6B.docdoc fe3fc65fb1e96044ac8d1bc675d4abb6956734dc2e446aa2d073c2808365f6a6Virustotal results 19.05%Heodo
2020-12-22M01JKY55.docdoc c56452bc0ff9abfcda3df47210eba4e178e55a49d0673f42c9d192ce0234ca64n/aHeodo
2020-12-22RDHIHATM3OPIX.docdoc 8d0a380012f874d975499d45632b01438dc0e7a4d6bdf4791c400e375b02acb4Virustotal results 19.67%Heodo
2020-12-22IUIWCWKRCSI.docdoc fabd2798310f1b90dc1321bffbfa1ee8c41695839459d40fd6e32618d3df7ccbVirustotal results 45.16%Heodo
2020-12-22EDVEYOIAW.docdoc 7bf5d728fcd19d3df1127a4d8648cd870c5d123ce9ea4b10eca54cbcd18e10afn/aHeodo
2020-12-22Z26MGL6M88.docdoc cf6c363eb34d0c34ebdf5b4e79c44e7bbf6a2831b189f929102e3da045fd0b26n/aHeodo
2020-12-22M3Y876X0SXRHOKD.docdoc e5b0d3a8fd2f8c0876aba637820cea0b01866dde8e089454066e1f6ece8e7669Virustotal results 42.86%Heodo
2020-12-227WE9T92CVMUWF.docdoc 40a6e4fc5788a8fe8d3ae1e732c5f4ac0ac13a1bff111aa979d857b4a82ddfaeVirustotal results 43.55%Heodo
2020-12-22OT3QPY2TUQF.docdoc 46d74826799bc3bea6197713c8b199ed1faed920028c4d3acc7cbcc186276b6fVirustotal results 42.86%Heodo