URLhaus Database

You are currently viewing the URLhaus database entry for http://niislelaudit.mn/j/HcziObohJbS4ftdle8W6t8o3ioQuPs1S/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	944840
URL:	http://niislelaudit.mn/j/HcziObohJbS4ftdle8W6t8o3ioQuPs1S/
URL Status:	Offline
Host:	niislelaudit.mn
Date added:	2020-12-29 19:55:06 UTC
Last online:	2020-12-31 03:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2020-12-29 20:10:05 UTC to oyunbold{at}datacenter[dot]gov[dot]mn)
Takedown time:	1 day, 7 hours, 27 minutes (down since 2020-12-31 03:37:08 UTC)
Tags:	doc emotet epoch2 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2020-12-30	BIMKZ931OAF2AH52.doc	doc	e561d015ba417615f931d69404149b840e6f30d937c6d1e8765462d08c33384e	30.65%	Heodo
2020-12-30	B95I04Z4LP78Q0H.doc	doc	a2bee4290712595f0afb87e5a247cafe694d279fb7350e43bc163630e926aaa4	27.42%	Heodo
2020-12-30	711XUEAG2T4I.doc	doc	315dce173e7c32092cf4b83b7d27b520156225dc90d11322b56244ac2b61810e	41.27%	Heodo
2020-12-30	GTY60DJJNGI6E.doc	doc	75e6fc7e5c98a20bc64f7944d2bead6901f575fe20135e9aafe210ee2e1e2c49	42.86%	Heodo
2020-12-30	D5VX846L1.doc	doc	12648728174c80a68b9992c8759df7e021f27fef6bbee5bed8af71b18a7fadd5	41.27%	Heodo
2020-12-30	K6V1484ZXCXMB7X2.doc	doc	712989be681e3a6e8cd47b84ce5feb957d2cfb47367d96bbc7dcd6551bef1f51	38.71%	Heodo
2020-12-30	QL3W6JH2J4.doc	doc	62ab4ab746aa32f2fc56a4441eb18d109e5174400f6eec250495e2b513ac63c9	39.34%	Heodo
2020-12-30	0HNV7PWB4.doc	doc	cd86c55218a19d3c739795e4da8c0c8b34a731b1d89fcc0685a5ceed2f3f8fee	38.10%	Heodo
2020-12-30	NM00IUXS9NSJGM2.doc	doc	24b9b439815155d6b338c75f2ae2d92deb41c580a893dac9153f5042abc8b702	32.79%	Heodo
2020-12-30	T0YWYV858.doc	doc	ece0d267bc9cfa2b32d2d93569757b8895f379ef0b752fdafdb457da534a0de9	31.75%	Heodo
2020-12-30	BFQDB1AQ.doc	doc	fa91406d32a92c06644f1089b3184110a7e7238b70dbbb86098e77f7ce82ff5e	31.75%	Heodo
2020-12-30	FZG8ZGRSTA9C58.doc	doc	d700110437e868378fd668cf27a7df7611da72d285f7b9d7edfd2d08475a47b5	30.65%	Heodo
2020-12-30	HY63C6WZ6.doc	doc	8c39bdef7f9491fc985afb40906aa1f0d4427bb9cb2299ebacd5511b442e9982	30.16%	Heodo
2020-12-30	9W8V5C.doc	doc	e1068c52aa236bb0111f08ab3140850d7fbe24bf3e5f32697f64701390f5d516	29.03%	Heodo
2020-12-30	EKKA2E.doc	doc	d89c0125f6b6987e2fe9e70c5748a551eeb0e2b03ad8b06fae80c42153d912ba	32.26%	Heodo
2020-12-30	AHTPNH0B4R4.doc	doc	5f6b7c56f5a98721b71d91dcd9a177298006b37c11ca8dc6b0bacae198e17fee	31.75%	Heodo
2020-12-30	MAVCIK0N3WQ.doc	doc	6dca5a2a6230eff6ce29c5dfebd77bb4eb68e4c6d774f8b9e2bc95c013cbded3	34.92%	Heodo
2020-12-30	GI519S316N.doc	doc	2a21ff7a18b4f0acbed3e8bb4f2b3bd74388c458e0953be7c9a21c9986dd72d4	32.26%	Heodo
2020-12-30	0PJJ3CMZEVIZ4.doc	doc	bc7f4cd13c74dc42e2862078e4c814def5484f8cba7f2b61834770e2f0f0684c	30.00%	Heodo
2020-12-30	WSOUIM.doc	doc	d34dfac031661724abb4626c78172927bd98aec10118ac0117285d1ee6be8cc8	28.57%	Heodo
2020-12-30	ZY04630IPU9.doc	doc	2e986e4cb07980f9225eb5e25529d2dbf45a90c5b57b74653efefe53ce972db9	28.57%	Heodo
2020-12-30	IPPPGLMTC5SN.doc	doc	84e47bd673a96f1f41735c34d4bbdf415b8f2c39e7a833fe5cac69d38b979f5f	28.57%	Heodo
2020-12-30	Y0TW1I0S.doc	doc	13f1c66896a1c40f53f90c4132994a55c9363a7044989a67b6ad42a8965f69ea	28.57%	Heodo
2020-12-30	NL2QQV.doc	doc	62e5f85a3afbef81f4dd4d8281a0fe697d0dfdb6e714ade5175a0f2b68d40083	29.31%	Heodo
2020-12-30	I4C12LLMMUGD4H9.doc	doc	92420e97420410a69bf5380467fdecf56f39a624e108916cf3797db026d122fd	29.03%	Heodo
2020-12-30	7DIZKZY4KH37PYCG.doc	doc	ec3994399031e9c03729b9c51069c839dcfefc07707959021f85d8250286ff43	29.03%	Heodo
2020-12-30	PCSK2FMRR7.doc	doc	ad471901c1ed7f1674111218352a68322ba2b1d0a4c7c0f5757dc0bdc2e4bc56	28.57%	Heodo
2020-12-30	ZK92RJ0PFVLWE1Z5.doc	doc	40862d0b1aafeb508f97893ee74e2b324ec7e1eb96bc924b3248b9174e43c1af	28.57%	Heodo
2020-12-30	LX7IU6CMQDGGO.doc	doc	7a8d6629bfca211542bdee56f999f7cfd7589907c51c4ee05023e62716c8166f	29.03%	Heodo
2020-12-30	4XSSUK4O3UO5POB5.doc	doc	74bf5ffc4f0fbbcfa4decbf40f781dcd4dbe1a409c1fdb581d1f92e368f251fb	29.03%	Heodo
2020-12-30	RFMOYJ.doc	doc	f986e45721d272af5712ecebae797be7ecd2410bc63161d05c9e899f6e107af4	30.00%	Heodo
2020-12-30	X95EUURH7QXG78.doc	doc	26eaeed81c06cdcb31127bb193787c4fac6e77fda2c26b984b00ea10f153450b	28.57%	Heodo
2020-12-30	ALYOR69WY74Y60S.doc	doc	3c5a0e1906eb2a02dc597a235c6ba9b3faccc526ef1aa3b2f34f462257ff7261	30.00%	Heodo
2020-12-30	FI42UDSF6.doc	doc	7f975c35b98c82e158e6689e3a8d6c5da6a640ba0f279256f3c01927e7476fbb	n/a	Heodo
2020-12-30	2HLB6314M.doc	doc	d51c4a95eb3b358e31b75d0f3e4fbd9f4ac62785f48019f6552ef3fd40f75a6d	n/a	Heodo
2020-12-30	BBKDMRUR8ST8WZ.doc	doc	a7db4e6fba4660583590e4869f493775027f534150a3e900666e591eec4649dc	27.42%	Heodo
2020-12-30	G4W8QT2LSVE4DW7.doc	doc	8bb7c4fe3223b8d923a4d634817f253204b25961ba6a1b663d67c41d9f58a550	n/a	Heodo
2020-12-30	M7HPVOT.doc	doc	6cac8ca3a3bdd0f3b37b7c5b108d5b18c35bff691923bb1d02edae43ee3df6e5	23.81%	Heodo
2020-12-30	GQUFPN402AAT5V62.doc	doc	ad0151c5113107d864f25a6d5c6f33cdb5c38af7c392a43c83b84e9b2753d0de	24.19%	Heodo
2020-12-30	55L7FTKQ8R5MUPH.doc	doc	81c53ed228ffde29d71ceab29c0cad80bee160c21b5160091f0d85ef6fe9fa76	24.19%	Heodo
2020-12-30	QLSFMQN7JW6.doc	doc	2070255299f9038c17285167aa260f27b016a672a64452ec46bc5c371f1cd71f	n/a	Heodo
2020-12-30	9BCOW7VBSHGER.doc	doc	f075b561422f41b4412421cd0aa5bbcb988f960c4c632de46179b64e8467601c	n/a	Heodo
2020-12-30	E21FCNWLQRCB9.doc	doc	ee3c654155c2ad1cdedb1baa923add0335475dbd69432b7c9ce71e34d2f3c15b	n/a	Heodo
2020-12-30	CZKRS8DSTSVNRO5E.doc	doc	2ed291cc9976df382951483bb2c77fe908b724d01b6360d1e61ee698f052ab11	n/a	Heodo
2020-12-30	MJCBN9ZB11M29.doc	doc	8ccaf45b8c50a7ae2a58de3d8634a80db84f06872e358c3a80f9900662f27f86	50.79%	Heodo
2020-12-30	ES0BO1WWLWW89I.doc	doc	fa5aa91755a36f8142bfa74818a3aa61264edc65cf4aa9fb8d4bec28f6faadb0	n/a	Heodo
2020-12-30	4IR35WWWX.doc	doc	161c83286b69307edded6f1105481cfdc65bc36aab3773a365af1972dfabc3ff	52.38%	Heodo
2020-12-30	FYTYCRE.doc	doc	8a55450704d7b16e71b269f44d8e64ac29fdac23b0f65951a4a4e7d0654a4499	52.38%	Heodo
2020-12-30	YQR78NHBU4L9.doc	doc	9303a7d168278ca01af0fbb241d183dd20e13b55234bfb1d1df24d76d07af950	52.38%	Heodo
2020-12-30	IZYO9KNAIMXJX5.doc	doc	b40baf85b9fb3f4fba22b7357bfb8eb639d08c6175af9bab68528061b66eb404	n/a	Heodo
2020-12-30	DP6MQ19Q4.doc	doc	fc88d7102891698ce09ee38c1af90b8e225c496491ddaee1b739a12f1a2eaf33	n/a	Heodo
2020-12-30	NU24MZDUO8ZPVHW.doc	doc	41e784f18168ae902f8bd265907c8e6e15b3cffde32a299bff675ee4b6902a03	n/a	Heodo
2020-12-30	BLECG6P.doc	doc	59dd64819d5e4347530f69b1a854607289d93c950a746580535cc79d8ee373c7	50.79%	Heodo
2020-12-30	RNP5RORY.doc	doc	94b586e5a285387c08041e2a39bc999a222670b33b5e3793cf3136cc9ca4add6	47.46%	Heodo
2020-12-30	TJKC6XLYEN4.doc	doc	c18cbfc2d84a1436acef501a8e605966ab35af260f8a6c86f24e5b459c87bc19	47.62%	Heodo
2020-12-30	IO716SY512S9BK5.doc	doc	fe615d9510f8a8a4f2392eb1dbaf75fee4054136fc2da4a69d52c6e1b8c696c9	n/a	Heodo
2020-12-30	CA7PKGQTUWDS0I0.doc	doc	84ff4b1cc97853c325a80d9ea06156582a5b00d8a2dbf43e776796904b5ba7cb	47.62%	Heodo
2020-12-30	O6Y5A17QC.doc	doc	16a0fc95c6217d4542b0a02200d26987e08d41c709ba9c36b9830993b2b4c6c4	n/a	Heodo
2020-12-30	B5Y04L5TRMW.doc	doc	9f343da9a2ef57f1ea4109e7e45944ada3a23457de02511ef088806da7686d4a	n/a	Heodo
2020-12-30	7PGF8RK4KW0ZIG7.doc	doc	ee94018b625d16f7aa8fd8542511da49e0e15f19cf1ed9e231b85fc64985aace	47.62%	Heodo
2020-12-30	5CQ3WNW0CRVZ1K.doc	doc	b0286fc6b2b0354bf5bb297ad8f8f81577bb23a3568133181a5daa3eb75954c4	47.62%	Heodo
2020-12-30	X89RWEKMMZ.doc	doc	dbd973f39130f458c16efc43bd6876fed237a2499fc0f270e453947730486f72	45.90%	Heodo
2020-12-30	S9GSPQ0.doc	doc	a59638db98772da1dc6e7a99d209a4373ec89b7fdc7bc87c200eeb5f793a73d8	n/a	Heodo
2020-12-30	TK7ATJB.doc	doc	968063350b11ebbfd467a30c92b38980fa20b0e4f588f89daa9687981e01f8c3	47.62%	Heodo
2020-12-30	8BK6GKDKCBE.doc	doc	ddfe5d80323178ceb4c5120878ac5448907826e95c3b76bd9c2306e16af00092	n/a	Heodo
2020-12-30	0UWA4WG5NN.doc	doc	1af286a5a937026e62b7a7b6b972f03109862f815f785d9d9d3ba20346da0eee	47.62%	Heodo
2020-12-30	OR2W7NAK.doc	doc	a353494dd669a02ee28c0495169608f2ccd8a7d5e42a10547f7026ec218d4814	n/a	Heodo
2020-12-30	QE4DWF78A3JLHD.doc	doc	33483667c69c712c22eb8cd4c4d68c7405a8fd2ebb78aff4bdf518b997d17d4c	n/a	Heodo
2020-12-29	5FM99D2.doc	doc	d9790597cff0277c202cb25c47d5338d113df8912fe45a44d04f2d146901ca9e	47.62%	Heodo
2020-12-29	A5USB942DSA.doc	doc	3a005656eb3cb664023108b84291b3de03e68da06530c0c12118195a2a443e6e	47.62%	Heodo
2020-12-29	0BC66QEL.doc	doc	2527707f508b47e4031c1bf43ad94b728ab6a4847c208dd3f7e592ed49d36f6e	47.62%	Heodo
2020-12-29	JEAOL4M90CKE.doc	doc	66a2b350efaf60cc7b59b9de600b6a8183d3a8393688914c52ab4bf9d1e84ac9	47.62%	Heodo
2020-12-29	DMYUTKV4.doc	doc	0eadb33ff312f9a52da6f3c043f2e183147ab94efbbfdc06bf2951c12d03aa5b	47.62%	Heodo
2020-12-29	9EQVHWVNNC2R986.doc	doc	cf47feaaa13dd8578065c7ff33e3b1f716e4b71f679b8fe7d10fd33cf1ca8b70	48.39%	Heodo
2020-12-29	CGI81LFCUWFGD.doc	doc	0e6bf2536adbd39d77a2239b62625e722197073713172655477b6aaa9cd3cbd5	48.39%	Heodo
2020-12-29	WGFTK37EBZ2KR.doc	doc	d6480e873d81be6637d3ba474138b40d9773c0d9294fc530019ed6f3d1fcb1d5	47.62%	Heodo
2020-12-29	ZMD2GCX9XCZ.doc	doc	59aad32717a18d6e1b19cc6e0d4db78f962799b91b0a7773875964f47ef0fd6e	46.77%	Heodo
2020-12-29	DB3YV4QN9CMI4I.doc	doc	b74063353bf2fccaa3e2072c2e02dec2c760ab480f73a069277bc389ecd4c929	46.77%	Heodo
2020-12-29	7CEPPWNEZ.doc	doc	ff454b11b8fd666d7d8eceaa253fb0756ef6d2a72b572799879d83a8d285ade8	47.62%	Heodo
2020-12-29	KID4WMNFO.doc	doc	c646ad33be355d18204f947f227e88997569facb081f5a09a9f0b82c5127dafc	47.62%	Heodo
2020-12-29	KUD1I2X.doc	doc	59d3ff3d4c70d115ce2c6d6ee0b71174c04ffc9a3f483fe2590b91d2eaca4518	47.62%	Heodo
2020-12-29	2BTBTQ641N.doc	doc	eb762ceff6eec6519ea345df6e5eff8b01a57f121c2a12ae7c3b8a379df36691	46.77%	Heodo