URLhaus Database

You are currently viewing the URLhaus database entry for http://baldcover.com/dnmbjkt/QTkxQZ2Gnn0HHvRVH3TmpyS8/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1850302
URL:	http://baldcover.com/dnmbjkt/QTkxQZ2Gnn0HHvRVH3TmpyS8/
URL Status:	Offline
Host:	baldcover.com
Date added:	2021-12-04 01:40:14 UTC
Last online:	2021-12-29 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2021-12-24 11:40:00 UTC to abuse{at}godaddy[dot]com)
Takedown time:	25 days, 19 hours, 54 minutes (down since 2021-12-29 21:36:09 UTC)
Tags:	doc emotet epoch4 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-05	A94N7LWFJ.xlsm	xlsm	33dc0546d60f496508e95293772364bf7e913d52ec3d606b326adff6cbfe7fd7	35.59%	Heodo
2021-12-05	Y4L4QIK00FIYI.xlsm	xlsm	2817f73ca4e9ffeba86f2ba0aec66e164f1b2a836ed98aac854c150cefb9f1de	n/a	Heodo
2021-12-05	2FFQ6DIZH1.xlsm	xlsm	ac8b40bf614a894630ec44b7e7a6a9c6fc3143f78c65b82a9a0ad883c23c0797	n/a	Heodo
2021-12-05	CDO1YXDJ6.xlsm	xlsm	4638a2b64d4aee45443128e796c88a6be1f202c1df5f1a41ef13e1ff56cb94ff	n/a	Heodo
2021-12-05	LR37TCH4UJ1A.xlsm	xlsm	07de6d5b2af9a9d490d36eee97cbf89fd307ebb8943653ef6815272984a7186b	n/a	Heodo
2021-12-05	AMCMGWUYE.xlsm	xlsm	594112891ed73d0cd5dccf97e0f25c246e06a0ccb42ed3019c2a071546eda237	n/a	Heodo
2021-12-05	KJC3YICGF4S.xlsm	xlsm	75f1c85630847c007dd710ad63d6b51556e9ce459c8925f946bfe05ff4b4a416	27.42%	Heodo
2021-12-05	1KDC5VUC.xlsm	xlsm	0e10573ca5f5718b8b5e0fc2a700a980d7baf014953202c45efb3e8208832960	30.65%	Heodo
2021-12-05	PT29LTTC3J3RWBQ.xlsm	xlsm	90602bc87d0bba8044f3c08a8f6472fa249e9e65422ab8e310cba8f26051a9d0	n/a	Heodo
2021-12-05	OO0BXB1FE7GE2RL.xlsm	xlsm	5790ff223fdb398b262e593d6a3918fe0b6dd6823486ec80fb48a29ad4f1c7b1	n/a	Heodo
2021-12-05	FEXIN0NQRW.xlsm	xlsm	6078081a6351aa6794c56325adf8791e0f3e473513408fbb27c187d458ea576d	n/a	Heodo
2021-12-04	YD91FVAEAPS35RR2.xlsm	xlsm	cdc7dc5fc3f073ac3eb42eb97fdd4e4404bda1f56fc49d7b06ec3587a3439489	n/a	Heodo
2021-12-04	90ULR9GAIGN7MF9.xlsm	xlsm	3ff7f98d0a7d75765a01942ae1d5074dbddfeb2fd525902bf536c263d1bd6fe8	n/a	Heodo
2021-12-04	80Y2NQM.xlsm	xlsm	a15f2aa1b48441d49527d074755aca2926254119a20ba129ac1c5717dc67d846	n/a	Heodo
2021-12-04	15ILT0K.xlsm	xlsm	ac4625994264b4101e5196c791a447aeb5fca9f346573a810d83b0a96be22e9d	n/a	Heodo
2021-12-04	VV6S6D4Y2HZ8KE.xlsm	xlsm	4dbc17c01d8fdde4ee821afbc0a87d95adb99ab42ecbf8088e8e2b463c78eee1	n/a	Heodo
2021-12-04	VQF8VQN.xlsm	xlsm	d3941c671121ca34115cab311a2a265f8e143dad9209d6ed2495271f7d44ebfc	n/a	Heodo
2021-12-04	MFZ818QBBLMRMQO.xlsm	xlsm	3cfccc9e85c75f45ce1e980741618f0dba65c850f6d1425ba8f851d9d31fc9d1	n/a	Heodo
2021-12-04	3AZSGOF.xlsm	xlsm	317bd44b3905ce97c648c728f06c8d8b57bd265c39bc97a5ca61aecc12952b92	n/a	Heodo
2021-12-04	AKEYMCUS0VA2XNV.xlsm	xlsm	a7d03f17183bb638685c605beab0ede01a7acd0d14654689b90ff598480f2420	n/a	Heodo
2021-12-04	VOTKCYI7SYCRVQB.xlsm	xlsm	9f41d98af7de4e61b163c5307b1ae05bb42d5a0ba8ca82ecb6c251ac7bcede02	n/a	Heodo
2021-12-04	P2OK745SM34.xlsm	xlsm	0054db6e92637baba37080e0ccfd1893bd42bacd3afbe2a606a89a95cc6b06d3	n/a	Heodo
2021-12-04	A93KBJUD1B3ZR.xlsm	xlsm	6f7305b8bb4dcc7bc16c2ddb743d507a26f81a41e090fc5e4e365a70a27412c4	n/a	Heodo
2021-12-04	T5E5N43G.xlsm	xlsm	3f0809e7f328e5c63cf5261a262da71ae1fbaf3d282bd3290e7a7df12589806e	n/a	Heodo
2021-12-04	6QEARUYX9.xlsm	xlsm	caff998cb1c01034f139c2b57f6e69c7b0c8338d2b25d2722a85ec807e20b248	n/a	Heodo
2021-12-04	RR5ZMFUBB2B5J.xlsm	xlsm	493946cbdd63564ec16595af96ccad696123c5cd08d23dc5da3721b28feafd3e	n/a	Heodo
2021-12-04	3NUUALQ582CD6Z6.xlsm	xlsm	c6adfdbdf2da03f15ee5418ab51eaf3ad735adcd04bb6b214c14de07d5a9820a	n/a	Heodo
2021-12-04	ZAZ8DOQ8QZ0A.xlsm	xlsm	13b03f9e729128abaff6da9f539fcbd19eea45e20b8781f69e88f5fc8de032e9	n/a	Heodo
2021-12-04	1BYAN6O.xlsm	xlsm	57e7b9e9e0649b39613558375db1ea28c08319461d2ec830a4f2797101a34dcd	n/a	Heodo
2021-12-04	TE4PIB3422V.xlsm	xlsm	a870a495bd65f773f81f61dfd6ee952e405f995bc8645011b846c861ae5dbdc4	n/a	Heodo
2021-12-04	UCV0ZKCVO3ZN.xlsm	xlsm	c614f84a7c138f8397fe7d0baaf5f92c2f5c2523389a61081072cff58f3a8268	25.81%	Heodo
2021-12-04	F1PYKCG.xlsm	xlsm	895365d8f2f0eee692692753208b89ffeec4ddc9e7397030de942a72cc35ab33	n/a	Heodo
2021-12-04	UBD0DE5VLK9DM7K.xlsm	xlsm	1182685d4a0c9713ed4135c1f5064d2cd63a7b02f42b822c9ad6208a198be3e9	n/a	Heodo
2021-12-04	PU25K39UTVFV.xlsm	xlsm	87d78c1d60a6a2812765174a26b7adb56373727fc57804f3a6ea711c3231e37a	n/a	Heodo
2021-12-04	YLHZ2XL.xlsm	xlsm	f2f3696c4d3cf53f64e97bf3642a0b7503d79adf6294a3c38fbf64026fd3b38c	n/a	Heodo
2021-12-04	R2BGJM7V29YRW.xlsm	xlsm	8c7528c317ca1109f224f1022a3f0fa4be93150ec3545083128b7e513a60ff5e	n/a	Heodo
2021-12-04	G9NF44WFFE.xlsm	xlsm	1e1dea65751a79a33ca3f65a199a4b11f4b538c4580900e134a9c7acd69b7303	n/a	Heodo
2021-12-04	SCR30LB.xlsm	xlsm	4c433b048bd8c8f7caa63296d294bce674eafc917d54cf58e7901f00d39506e7	n/a	Heodo
2021-12-04	GZDEZG3ONK64R.xlsm	xlsm	d10dba0af070659ca392e642920ba6feb965fedaae8c725330fe1a41ae1e322c	n/a	Heodo
2021-12-04	UT2G56P.xlsm	xlsm	4e954f2f70144153b842eb7cc68ec16e61d9a047c87c0580803a859a074440f2	n/a	Heodo
2021-12-04	PVXC67GFFD.xlsm	xlsm	2d3fc2a151c8cf3230ebbf202fcc5210e14bebd19b918cc44012ac4c5c9c1ec7	26.67%	Heodo
2021-12-04	C5UF36IM70.xlsm	xlsm	a9e904283e1c3280a9c94df7de9526d45406f043bab61cfa89955ab26c9002e7	n/a	Heodo
2021-12-04	6O69GVC.xlsm	xlsm	4655b38eabeb0cf3dbfb6f333381ec452cbd5f8d8b6fc1309a5facfcec60e458	n/a	Heodo
2021-12-04	NTNE1WQ1.xlsm	xlsm	28b509258cbc301a32a2d7623a9e3452cecd5b0446d8c3f8ee500f386b2d0b0e	n/a	Heodo
2021-12-04	J606ABOVW4HW.xlsm	xlsm	7721894d16adce74c0a91e31b1b9e69ecf41814f0b1afebeb467ac4a85daf944	n/a	Heodo
2021-12-04	7CD3P4DQ2X405.xlsm	xlsm	4e943ee7af3c06175253a3934c990cb4c114b6261d4281c769bc0752aaa4b147	n/a	Heodo
2021-12-04	OI6TN22DXX0IUBA.xlsm	xlsm	82061e00cb53fe0d58de32b50bc96150b22064831bdab66970920472b67484d6	n/a	Heodo
2021-12-04	5H1BHQ1JGTAJ.xlsm	xlsm	47eb73febde8eca0b2a5efe4ae2bfdb60d84b151cbfe2cbbc03af74e801e67bd	27.42%	Heodo
2021-12-04	PDBSXF84AP5HLK.xlsm	xlsm	a05c04277af9999d6698de7919eba54f32210fc0e6110d31e7ed63b5ca2b61e6	n/a	Heodo
2021-12-04	C6M13W8MWM1RBC.xlsm	xlsm	610ea093a34f13cf68a04c5d31bb7eaa0b304ff0b0bb5a3aed873c6fdc39182b	n/a	Heodo
2021-12-04	UMNEQORV3L.xlsm	xlsm	cc9518fa937adc3da149fc6257f6021f7e06510846d00c59a8fbf77901cf4a65	n/a	Heodo
2021-12-04	CIBSEC9H.xlsm	xlsm	aa3f656708a387d13c35e29960b7b51da55cf569c06970604be13ff3749f6682	n/a	Heodo
2021-12-04	2QD9KO1I6QM.xlsm	xlsm	79ab0dea6d58cec5ab1625e47eb26381478fe0401fda1a8cc3ac8323849d6aab	25.81%	Heodo
2021-12-04	RR0YNY8YB11JCR.xlsm	xlsm	578ece55282eb8f61aa9d634c5aa7fee1c72d820c7d5fb097421a2e4c2d571bf	26.23%	Heodo
2021-12-04	ZMQ3LOCJ14VQ.xlsm	xlsm	b9430960d9255fc29e165bdfc78a03d4962a8c0a05407dce10adb30c3b22f58f	n/a	Heodo
2021-12-04	9FS7YPXTYPB2.xlsm	xlsm	84c99cccdcf273dc5ede31d6dff55ae16a0af5c15f96f56b18fa1ebc57b61209	27.12%	Heodo
2021-12-04	BW4GWPG.xlsm	xlsm	33b2ef335cf97c8dd1ccd6344b4064b639406e3e390ad2b6e7bbcfae9df6a377	n/a	Heodo
2021-12-04	RZLWFL9MH1K24.xlsm	xlsm	a428f81a832ce012d7950fbab55a8a105eb9c4e567b143be09766bd01e7e44d2	n/a	Heodo
2021-12-04	OKVDOADMGXLZM22.xlsm	xlsm	9af441534520677a8bc2771c3bb9ff921f3ec2ce47e33f0139c7fcd51e4bc98d	n/a	Heodo
2021-12-04	1AU1N1UH6V17F.xlsm	xlsm	608f6602e4c7c04e2e4081b91e0622ae9165977e2dc110af9eb6de3ab8623a49	n/a	Heodo
2021-12-04	XF3JOCGSJFO6X.xlsm	xlsm	a7876de7188abe53ac9ce7d573b5093780087f89bcc135f811f288db65762b1c	n/a	Heodo
2021-12-04	BULI6B16X.xlsm	xlsm	ffb196995d67c74a4d6ecb56271fb5aa6b627d93f2947c379038a631bb3e9288	n/a	Heodo
2021-12-04	OWXGCOA9P0DK4V.xlsm	xlsm	0d9f8d5ca02d17df098cca4868091fe532e3080194f1820e76c19d99c935d616	22.03%	Heodo
2021-12-04	WI1QD2LE5NK.xlsm	xlsm	7a4028719774f60a26304135c146be2c0aa097887e5e894634aeba41a911f693	n/a	Heodo
2021-12-04	TJYROIL2A.xlsm	xlsm	c1464a90a58f17c06f2ccd02243da8d6457dd01d5cc39136b34ea33eb458a64b	n/a	Heodo
2021-12-04	YW6ZQLN63.xlsm	xlsm	5a85afa15ecad04923539508d102d845ebab5ed3342ef96dbff301f4b312a113	n/a	Heodo
2021-12-04	8MTAL0NDHUT.xlsm	xlsm	dfa8c65cd40039394538dda9d3f7bc71701cc7507b5dd1f7f8053a5fddd540ed	24.14%	Heodo
2021-12-04	WP9D9KQGT86XVR1.xlsm	xlsm	7ff5d1d7db27ec611d2c20d2e49cda085a7e5befbabad0b7fa1735f863e9343e	22.95%
2021-12-04	C6FN6G4LX195P7A.xlsm	xlsm	d6f9c9727dd0438fd15ffe3b61f7fea64b2799dcf291b82cb91c4e615b876f77	n/a	Heodo
2021-12-04	OWHDG7A76G.xlsm	xlsm	65a55060750632754a1eefff566ba39740151576e8560d0a1b55c2a939251b51	n/a	Heodo
2021-12-04	Y8TH53AIO0.xlsm	xlsm	cad18f70b06e011a34b4ac694d6385fb3410f8de724da4b5edfac53791641d79	n/a	Heodo
2021-12-04	84FCMNKJLPMJYUB.xlsm	xlsm	987b04cc3050bb943484673f1e1942730b40988a72fe36500ee383008177c6d1	22.95%	Heodo
2021-12-04	MENCO3L0DDB.xlsm	xlsm	02b22c30e1d82022b865ad2774c483ff395d3f0a7f21032babdbd073c8a5650f	n/a	Heodo
2021-12-04	G255OPYW.xlsm	xlsm	db74c9cba78c8fc29bf8e7e480c608fc01cd978334ef0a6d2886252db0493c94	n/a	Heodo
2021-12-04	ZBGLE1V0J0CHS.xlsm	xlsm	82625bb927f2a9f0bc7f7765ffd867116e0a1950f2582ecdf24c8833fb7747dc	21.67%	Heodo
2021-12-04	0CATUHVD0KD0EQWK.xlsm	xlsm	aa57a381a01187264ddb62cf376a38826812caf6fe7d568319a6b9775d245bf3	n/a	Heodo
2021-12-04	XJSJMPRR1.xlsm	xlsm	4fa28e1d22d28b1cd95e382fdbdcccedd5491789252b3631440eab0fe9567cad	n/a	Heodo
2021-12-04	IR5CTOLWDITC.xlsm	xlsm	3789930728f3ee42e973b242ef2d048b14ec2e73df9e6d653f48fe4414a7181b	n/a	Heodo
2021-12-04	N0DCEGQPHJ2QKL6.xlsm	xlsm	9cfe07eec025fccecf7dd8d2ea076b95f82f9a467f37ccc43fc6194358e67204	n/a	Heodo
2021-12-04	MUIB3KK3.xlsm	xlsm	7eb5f1e0c302ea29c26d70bb868f373eaff06b7b82922a391a68b6e748437cca	n/a	Heodo
2021-12-04	RUCDB6AE9.xlsm	xlsm	fedb63cc8f611d2b9254c5d0366337bdfbeb858225468097c4e52539c5fea3bf	n/a	Heodo
2021-12-04	P9VMA8824.xlsm	xlsm	ed6576577aed9e1fa7f17c290d5e4e62940e610bcd35080c821213c168a0e48e	n/a	Heodo
2021-12-04	P9SJOG6M.xlsm	xlsm	1ff053a1ffc6a01351f04e7ec401be6a9d607c33c5e58dd3b532f6cf580ee3d7	n/a	Heodo
2021-12-04	XG5CPFT8ROZU4NDH.xlsm	xlsm	8a75f385c79700d75feab9f05d5e4b651a0c88d9c3cb215df88bfb6fc9dd7b57	22.95%	Heodo
2021-12-04	KM654U3GJVS.xlsm	xlsm	699d82615cd51c99ec44aeebb405621404236786167b8a567241220369b007d1	18.33%	Heodo
2021-12-04	99I7YD54N.xlsm	xlsm	4cd06ae56d216f369c0fc1956d794e869e403b789872ac8ddee9cac00e9a653b	n/a	Heodo
2021-12-04	I167VX5KNKMKY.xlsm	xlsm	3912164b44f081e1c54f2349f188eb8fc73b2ff594943b0c31f03d52f82525b3	n/a	Heodo
2021-12-04	YVWUP5DCF31ZEHV.xlsm	xlsm	1d82c0876d48a1d3b8b7d0cf658042b8c7bc4e0e609eb880e495f7024c3ab334	n/a	Heodo
2021-12-04	Z7D1I8249P3JN4YG.xlsm	xlsm	3deca071fef4995683e7971915e8db86dee177c3332743c0b110abefdc49e909	23.73%	Heodo
2021-12-04	0FBDUXT4CEKRYO.xlsm	xlsm	aadc859ad87c5f31121568585d28b8d34dd2c70301f30505eb8932cdee5e0683	n/a	Heodo
2021-12-04	8RKRPOMXESG.xlsm	xlsm	8d1341df99965e796a6ce6f0370620ebee7242b22673a90cfd1d2f448a3eb0eb	19.67%	Heodo
2021-12-04	LNJZ8ZX0.xlsm	xlsm	8b08bf7da4a73025aee9c99db76916d769a04a272294f1efe13ba861dc491c9a	18.97%	Heodo
2021-12-04	02HSNSW4ZEQ.xlsm	xlsm	8288302c9829474d464a1f56b9f8a3429d355be1eff6934d1e24682a68273a8d	n/a	Heodo
2021-12-04	UMV8JSA3YVTE.xlsm	xlsm	e417a024c442d56379740bbd0930cc34fbf75595e9a64e3a083715622a58023a	n/a	Heodo
2021-12-04	25TVTUL1WIKC7K.xlsm	xlsm	3b834f10f7fb3ca163b0e1f70afb10f55f7686fc04857f14b86811a8596f7a77	n/a	Heodo
2021-12-04	PQ5OOUTEVL922W3.xlsm	xlsm	e987dd0c919baf341f27765abc97513970b0b9ef9ca99689ad349616b57193a1	20.00%	Heodo
2021-12-04	732F0J8YEFW.xlsm	xlsm	a1927889efbdfa46b1b83e7b6d03b433828ef25b65936b9d23744bb459ee631b	n/a	Heodo