URLhaus Database

You are currently viewing the URLhaus database entry for https://ngoctugroup.com/wp-admin/y3zQQDx9FaYb4xx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:948957
URL: https://ngoctugroup.com/wp-admin/y3zQQDx9FaYb4xx/
URL Status:Offline
Host: ngoctugroup.com
Date added:2021-01-04 18:23:07 UTC
Last online:2021-01-05 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-01-04 18:24:04 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:7 hours, 41 minutes Good (down since 2021-01-05 02:05:50 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-01-057VFNIPDVLKV.docdoc 38d17dfd9fc5d7eb04a6ed019750022081fd13b253d0eb08d92fd9109815ec52Virustotal results 31.75%Heodo
2021-01-059JIADFL819XQZ.docdoc 8488d087b6010876c2aef93e85bcd715e0698b8c09e7c58e31a655b3c4860f4fVirustotal results 30.65%Heodo
2021-01-05OZCOZ2.docdoc 401e09065cc4fe70319e8924de8ab2ace957de8a65a2a1ac15330fdfe2f9c092Virustotal results 31.67%Heodo
2021-01-0571I3MQ.docdoc f1ff8d81d84d73a186c72546b5efdc3abd4f4a91243d0f2bb537cc1418d8bdaen/aHeodo
2021-01-05FSM3S74V.docdoc 773a15b11264f83c09890cedbb7aedc943a30430f5b355d38e5625f2ebd3fb8fVirustotal results 30.51%Heodo
2021-01-05DA2SSC8902.docdoc 269b7e9055041b22adcfd3f3d1d0a4711292eb08c8674a535071c2ccf27a31fdVirustotal results 31.75%Heodo
2021-01-05KR81ZBB877P.docdoc 78e661214ba706c2776e03b8bd53e16ae8c2423a80ad63f16ad5f2436817f5b4n/aHeodo
2021-01-05X86K19K168.docdoc 63162fe833789ed99b85cf9524ce3254d7f676c2a187f7e2c2ecd23ad59ac5c0Virustotal results 33.87%Heodo
2021-01-05FU41BUG5QI78.docdoc dd827cfba8fdccb5a71c530cd9d1711b0d01c1fa3933347d729ca9fb3d4bd98fVirustotal results 31.75%Heodo
2021-01-05VLU5YRN1U1.docdoc 3a7192ae0a86e22de203cd0bd9c3b2ddae45e918207d4ad84f4cfe6b1d975c95Virustotal results 31.75%Heodo
2021-01-04NQJWWALJ84.docdoc bf2f59ecb85a6029a908bdf90f5dae875e68196bf1987cf72959bd568355c702Virustotal results 31.75%Heodo
2021-01-041BYRVFC.docdoc 9e43571bf7a712feb6f6f6f2dbbef7876ee0a5895f2219bb76775b6809d98f09Virustotal results 31.75%Heodo
2021-01-042ISMTP7BV.docdoc c468614a769e571b1c2ca14280030b4c2ba662c84c293f1c8eba3013acedb1dcn/aHeodo
2021-01-04V0Z5DN8.docdoc 0daffdebae76adc451e7450a0655b6cdb1755cf372b24c67e462531a3a535469Virustotal results 30.65%Heodo
2021-01-04C2LUBGA.docdoc 5f524f83210cb14f613d46f3f38da1d4986603056494361ac8ae9386e92a678eVirustotal results 31.75%Heodo
2021-01-04LU766DRWEC.docdoc a5510a203c4d4cc423b2e4a321e9e2fd2a9b9afa62195780841d60cda74614afVirustotal results 31.75%Heodo
2021-01-04ZM613T7Z2QY.docdoc 70364c0d02f4a1d61a76caf33b3c7b6349e382fc465685ce6ff04f6b1f422b1eVirustotal results 32.26%Heodo
2021-01-04Q9SHSSKVFWRM.docdoc f5e030f99b3221f7b2d8b52bce2b0b913b2d183c3f7bd5016bd17ddbfe0be793Virustotal results 31.75%Heodo
2021-01-04YT75YX108.docdoc 335244fcbcc6009ad28d75a6dfe0349e05900474914247fa1170d8aa92d7e988Virustotal results 31.75%Heodo
2021-01-048DRVXUW.docdoc 17c93d81b95f2b725804776e87495cb9c024cd0c25c389dbb1931bfe5b335824Virustotal results 33.33%Heodo
2021-01-04ZRVA7KKVUOY4G5X.docdoc 3d566983c8d1eebeb69ceafa423e493e04f3ca7fa686084e2c2e064a363a9d07n/aHeodo
2021-01-0475OA7KA61.docdoc 59d432f6a9a6ae545627150d20e18ee5b8184da41df3aba0397cb1868cc3b618n/aHeodo
2021-01-04S6IMIWU.docdoc 3d21a5365d2e1f9d0e3d3e86dda15dc5ad052808764acba64fd1bdeb9ec0fcf7Virustotal results 31.75%Heodo
2021-01-04CFF3MS9FH98SHALZ.docdoc 5b5a5d832bc2ab16da7304396039c9b4d15d3fabb3bb41386578505f0124b0c4Virustotal results 31.75%Heodo
2021-01-04J56KP3AH.docdoc a4ee94729b7d72887bd48e1d2c06d88cdc624f878fd079085fa6713200e712d0n/aHeodo
2021-01-043JVR0R8UEB3P4ZKN.docdoc e97db26e13f169b40f74fe23eaa0e04516b0558c91091d6378e38a80ccbea210n/aHeodo
2021-01-048ZB4JYS.docdoc bfb1730113cb5053d74406fb4fef94281848b94a36f77692bfa06724fb26712fVirustotal results 32.79%Heodo
2021-01-04Z8IVQHQ9EVF.docdoc dd6c7639d37dd74a6c38509064836fb8ad9d39f8f7dade457d5bc5557bcf64dan/aHeodo
2021-01-04Q52ELO29.docdoc dc7402e4f4e6065329fea3c892ee177a617798028d65439d253b4a64674a6d6eVirustotal results 32.26%Heodo
2021-01-04RIO79PKXPDGSL.docdoc f8f286a03f9077ad8f3a28d55f3a36839714d8939a2d5ec9b6d1fa0b6f15a2d6n/aHeodo
2021-01-04TPTP6A50WLJY.docdoc eaa2a7a6ead0fb817d96de5539291d86caf887cbba94836c246755105a7a1429n/aHeodo
2021-01-04JRHV3A516L8W6DHI.docdoc fea083de9b31b49497005d6f38cc508f73e1853f6563eb2775257b8a48b9ff42n/aHeodo
2021-01-04Y1QEE0EUW60KNQM0.docdoc 3e6c95986909168bbadeb54008cc614db9543ae1565814c8aae4682d690e4cfcn/aHeodo
2021-01-04PLS9I414.docdoc ac2433d19823522a5239c92113bcd6b6e9bd92a56465ec572b75490cdbe14ea1Virustotal results 31.75%Heodo
2021-01-04H8IYUE.docdoc 6dbcc0255f24c2876b32acaea6ac383eb2995ef52d51806db60df781d4b15e54Virustotal results 31.75%Heodo
2021-01-044B799QHORXTDWJTN.docdoc 7a51e8dcde57b5c660458c92066f4c69487cc97443671507243168528155c9e5n/aHeodo
2021-01-04TRNK9ZQ86OGUN4.docdoc 9c2c5917f69605a3c17204d2d1aa7c95b2e6cbd92840c85e52c6dce965b9ba98Virustotal results 31.75%Heodo
2021-01-04SD0K41IHRUTYB.docdoc 0b982bbe3bf779563600280ede9a0f1909aac792b4c3f1e792d504ae47f78531Virustotal results 31.75%Heodo