URLhaus Database

You are currently viewing the URLhaus database entry for http://gzesa.net/wp-includes/ID3/vkqUQknP1Efohc/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1850319
URL:	http://gzesa.net/wp-includes/ID3/vkqUQknP1Efohc/
URL Status:	Offline
Host:	gzesa.net
Date added:	2021-12-04 01:50:07 UTC
Last online:	2021-12-24 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2021-12-24 06:02:52 UTC to abuse{at}tencent[dot]com,abuse{at}qq[dot]com,jsquare{at}tencent[dot]com,dreamsruan{at}tencent[dot]com)
Takedown time:	3 months, 11 days, 5 hours, 23 minutes (down since 2022-03-15 07:16:09 UTC)
Tags:	doc emotet epoch4 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-05	O7G5WOV5Q6WPU.xlsm	xlsm	33dc0546d60f496508e95293772364bf7e913d52ec3d606b326adff6cbfe7fd7	35.59%	Heodo
2021-12-05	4UK88S20GAW6PRA4.xlsm	xlsm	1a84ca3811bae8edf1c212f12ef262f19c6a6fecdc674d60d94ee96ad2db74b0	n/a	Heodo
2021-12-05	RLXO8SV1A.xlsm	xlsm	c46e755e6a8e6956f52788e7ae163030608a852dc8769fe772dfb77b7bafc5d9	n/a	Heodo
2021-12-05	V784EB8MRR5BQJ9S.xlsm	xlsm	07de6d5b2af9a9d490d36eee97cbf89fd307ebb8943653ef6815272984a7186b	n/a	Heodo
2021-12-05	W652CYY.xlsm	xlsm	594112891ed73d0cd5dccf97e0f25c246e06a0ccb42ed3019c2a071546eda237	30.65%	Heodo
2021-12-05	RN4MM5YPRUT47G.xlsm	xlsm	95154409e84cdf7b93cd631e42a7a0e987ca93e7194f406da6f824a5e1c041af	n/a	Heodo
2021-12-05	LX5KSCGY.xlsm	xlsm	0e10573ca5f5718b8b5e0fc2a700a980d7baf014953202c45efb3e8208832960	n/a	Heodo
2021-12-05	MN0JDPDJHO2317.xlsm	xlsm	90602bc87d0bba8044f3c08a8f6472fa249e9e65422ab8e310cba8f26051a9d0	n/a	Heodo
2021-12-05	WV5I5CYKD5W.xlsm	xlsm	5790ff223fdb398b262e593d6a3918fe0b6dd6823486ec80fb48a29ad4f1c7b1	n/a	Heodo
2021-12-05	7Q4EU9AR1QGIN55B.xlsm	xlsm	e43baa4aef916607766e50809b858e69d023946f37d10a97c8ec782e6d208fac	27.42%	Heodo
2021-12-04	HSMSM7LE.xlsm	xlsm	cdc7dc5fc3f073ac3eb42eb97fdd4e4404bda1f56fc49d7b06ec3587a3439489	n/a	Heodo
2021-12-04	O52X2YTKVXZM7D.xlsm	xlsm	f17ebf96205922aafd090ee23b20868527eaad9b14a0f526d676105e2fef537a	n/a	Heodo
2021-12-04	43H7M3A.xlsm	xlsm	a15f2aa1b48441d49527d074755aca2926254119a20ba129ac1c5717dc67d846	n/a	Heodo
2021-12-04	AQLBHTJQKBC57BJ.xlsm	xlsm	b30a3a75e9ad8b76d5f45439ec8c2837034d31564baecc71b76a2b1c57078066	n/a	Heodo
2021-12-04	5BZ5YHUN5VK5O.xlsm	xlsm	ac4625994264b4101e5196c791a447aeb5fca9f346573a810d83b0a96be22e9d	n/a	Heodo
2021-12-04	DGEJR5W.xlsm	xlsm	c538307a14f55d21ff46077411598baa5c27a6e7c442b690b436687d56fa4cd5	n/a	Heodo
2021-12-04	HM6WLKOM7FHB.xlsm	xlsm	d3941c671121ca34115cab311a2a265f8e143dad9209d6ed2495271f7d44ebfc	27.12%	Heodo
2021-12-04	ZXA5R12KUD3.xlsm	xlsm	41814ffebd396b740dca06e8e91c36a2119829be2bb97bf9afade3432aaec7b2	n/a	Heodo
2021-12-04	2Y4O1G052NCIX92.xlsm	xlsm	3426dffd386c5ce5a28bd888e073a7b1bf9fefe0e702357089aece4840fa9449	29.03%	Heodo
2021-12-04	YTM9LIH4QT4JN.xlsm	xlsm	a2188e329da2699db6ace92829b385063eea0c8ac5f90ca5535a5a0eb74b956f	n/a	Heodo
2021-12-04	46VJ1DBEHUADLK8.xlsm	xlsm	52c5eb425b749b970ca3a8ed72ad859791dd1ef48d02128682d3a7d94728bf20	n/a	Heodo
2021-12-04	IH8W3NVCCA.xlsm	xlsm	a7d03f17183bb638685c605beab0ede01a7acd0d14654689b90ff598480f2420	n/a	Heodo
2021-12-04	00PUNSEUW.xlsm	xlsm	459f9e401d040a233f805db5ae53f477b23e8a2e1875bd43294baadb72837e49	n/a	Heodo
2021-12-04	AXOLNO0KKM.xlsm	xlsm	1012dc57bbe74054df2a44caf4460728caf955e7c0fe45ee113bc5193c84f1e5	n/a	Heodo
2021-12-04	86VH7VJ.xlsm	xlsm	94f5b2a459e0bacf75ed26a6c1395d75a1536d5ae50bb989f860d8822c314ba9	n/a	Heodo
2021-12-04	EAYUGMXX2APA4R.xlsm	xlsm	cc20a421ab15b0345dc3f6048fe791e6023aef3f7c9b0481621cafef5ba4c7a9	n/a	Heodo
2021-12-04	PRNTE7BF.xlsm	xlsm	3465954f518dead663b5a353c55a6baead67ff5a7d16010ec23ad80b5e1b79b5	n/a	Heodo
2021-12-04	J35LM6584769ZR.xlsm	xlsm	caff998cb1c01034f139c2b57f6e69c7b0c8338d2b25d2722a85ec807e20b248	24.19%	Heodo
2021-12-04	BGAFTY6LV.xlsm	xlsm	0c8aab06e4566372ae22379a532b615321d08af711d825d4bef4447a17e3c9ba	n/a	Heodo
2021-12-04	YTW84C21XAFJ4.xlsm	xlsm	878ad9d05e6601d7ff9061d178312f0a55cca2c77b4be8f13f0a726ae6f65b5a	n/a	Heodo
2021-12-04	204Z5DH.xlsm	xlsm	eda42816182306a1cf78a7c3f3f0dd5cf01814e245e9cde27a2f8a6ec3445448	n/a	Heodo
2021-12-04	CP0MZ19F.xlsm	xlsm	a11dbd7ee7d36123a95accaca9cde71a50cf5739e39b68f792d49a91218295b5	n/a	Heodo
2021-12-04	1EYBTUNV549.xlsm	xlsm	a870a495bd65f773f81f61dfd6ee952e405f995bc8645011b846c861ae5dbdc4	n/a	Heodo
2021-12-04	GR70S5ET.xlsm	xlsm	f623d3abffc341c87700595fbea396420f28ff0ca78607fbedb7ce6ae73e0144	n/a	Heodo
2021-12-04	6CAT1874V1.xlsm	xlsm	895365d8f2f0eee692692753208b89ffeec4ddc9e7397030de942a72cc35ab33	n/a	Heodo
2021-12-04	JW8E1NKY.xlsm	xlsm	337cb6b90ae12fc3facf122a44887bcabee2d52d91c5557684a148a0932bf846	27.42%	Heodo
2021-12-04	6O0CNW55OI7.xlsm	xlsm	d9490903cdd34f0dc70fe2586128c7c325b2fc4a5c494e75f10535dadf5e3772	n/a	Heodo
2021-12-04	SBIBWZNQWA.xlsm	xlsm	f2f3696c4d3cf53f64e97bf3642a0b7503d79adf6294a3c38fbf64026fd3b38c	n/a	Heodo
2021-12-04	AARNQOHQ9R.xlsm	xlsm	4d97080c59d554255f5f5ef49ce08d7648fb484c72b27ce22c4fc89291d5e393	n/a	Heodo
2021-12-04	EDR5I1UK.xlsm	xlsm	d731e4ab9b881045dad7d1094a8fd0526f815a2220e33fc403ebec404d6d81e7	26.23%	Heodo
2021-12-04	55DFD11DJR5POX.xlsm	xlsm	1e1dea65751a79a33ca3f65a199a4b11f4b538c4580900e134a9c7acd69b7303	n/a	Heodo
2021-12-04	JIXM0QDK.xlsm	xlsm	8f210404a6cd830bec97832401b9049186183ddace345fabaf8310a07904ec7a	n/a	Heodo
2021-12-04	ARSX5M9M4.xlsm	xlsm	d10dba0af070659ca392e642920ba6feb965fedaae8c725330fe1a41ae1e322c	n/a	Heodo
2021-12-04	QS4YDAK5AJJ0U7.xlsm	xlsm	4e954f2f70144153b842eb7cc68ec16e61d9a047c87c0580803a859a074440f2	n/a	Heodo
2021-12-04	21WKUFEZ3.xlsm	xlsm	a9e904283e1c3280a9c94df7de9526d45406f043bab61cfa89955ab26c9002e7	29.51%	Heodo
2021-12-04	ZKBHYXQQ.xlsm	xlsm	4655b38eabeb0cf3dbfb6f333381ec452cbd5f8d8b6fc1309a5facfcec60e458	n/a	Heodo
2021-12-04	3UOVWIX52.xlsm	xlsm	3053cb71462e267e451e0b87a6001516c3a6306a6abf373047d97d3cacdb2259	n/a	Heodo
2021-12-04	5CGSIKUF.xlsm	xlsm	7721894d16adce74c0a91e31b1b9e69ecf41814f0b1afebeb467ac4a85daf944	30.65%	Heodo
2021-12-04	XKZVSTQQX.xlsm	xlsm	1a42644608f98d5d74478e0021460a016a3a0162071d6c6a15bcb3cea0bcda85	27.12%	Heodo
2021-12-04	WSWRH1K.xlsm	xlsm	f90d6b0b862fa8334b65422918d948395f60bac5a9eb99e78ee4e85ee596c68b	25.81%	Heodo
2021-12-04	HCY3729IKBAKP.xlsm	xlsm	30ce7ceeb177a302b3694f2d8a4180d8d00f0004d1f62f4b3da6f288c496cd36	25.81%	Heodo
2021-12-04	DR01Z5TOSKR.xlsm	xlsm	0b326199fcfff5c386678dacc4a527c7c84b80727886d983225152ae395b9d53	n/a	Heodo
2021-12-04	NP2ZFZ1G.xlsm	xlsm	e5efab8162cc62849f574393540dbcb93581a620621d2a8ec85600ccd0658004	n/a	Heodo
2021-12-04	AI61SVHW53A2ZK33.xlsm	xlsm	610ea093a34f13cf68a04c5d31bb7eaa0b304ff0b0bb5a3aed873c6fdc39182b	27.12%	Heodo
2021-12-04	G9UEBBXJ.xlsm	xlsm	b3621a46497e5f08466c681db94aa177a33c2dc246a197a72865e041f5d23fb7	n/a	Heodo
2021-12-04	49LW2MJLTI.xlsm	xlsm	2e16f73fa92313ca662571bebd97fcfe0139374a3453af41c0a1128c1760e13e	n/a	Heodo
2021-12-04	1EHESWOP3S1IU7OO.xlsm	xlsm	47ede0bcbabcae68f03aa0c0679c5411ff74b474dbbded5a3f3745a21fc7aad4	25.81%	Heodo
2021-12-04	CC9746SL07MY.xlsm	xlsm	206e4f4e59139d6538d22580dd7a69d91f8fca6fb40051cde417dcef4b2dc292	27.87%	Heodo
2021-12-04	ZGYIXJMC3.xlsm	xlsm	320195527c03da3aab763734fc72fd4730d8481933f03bbba45d350775e74f64	n/a	Heodo
2021-12-04	9VV78PC.xlsm	xlsm	33b2ef335cf97c8dd1ccd6344b4064b639406e3e390ad2b6e7bbcfae9df6a377	n/a	Heodo
2021-12-04	FIK9BV833U8VRRU.xlsm	xlsm	a428f81a832ce012d7950fbab55a8a105eb9c4e567b143be09766bd01e7e44d2	n/a	Heodo
2021-12-04	CNZKA9DF.xlsm	xlsm	607f7405f5b90bab707fa9a28a738c736bc0f526b4eb1a1a442a017fce81cc8c	n/a	Heodo
2021-12-04	KXLEDQ2DPQ8I.xlsm	xlsm	9af441534520677a8bc2771c3bb9ff921f3ec2ce47e33f0139c7fcd51e4bc98d	n/a	Heodo
2021-12-04	4RAYIIYYV8G.xlsm	xlsm	45aa726b2ca6a38d0419f3d4995b9d49511378a95a1be683595faa492bf75ded	n/a	Heodo
2021-12-04	YCOXSBM2LV.xlsm	xlsm	105b85239b53170fd9b3f6acc444344a468a319cb90c5c9293ce59f00076c4a3	n/a	Heodo
2021-12-04	N404L8UM2YJB.xlsm	xlsm	59a49f5a64f4866ddbfeea01aa053e48087cae1dd27944a8b7da6335879f5d96	n/a	Heodo
2021-12-04	300ULMWOX7I7T.xlsm	xlsm	0d9f8d5ca02d17df098cca4868091fe532e3080194f1820e76c19d99c935d616	n/a	Heodo
2021-12-04	H5G1P8EMYMDQ2V1.xlsm	xlsm	7a4028719774f60a26304135c146be2c0aa097887e5e894634aeba41a911f693	21.67%	Heodo
2021-12-04	CGR9GU04EXK.xlsm	xlsm	c1464a90a58f17c06f2ccd02243da8d6457dd01d5cc39136b34ea33eb458a64b	n/a	Heodo
2021-12-04	CQ7M8Z3NM37.xlsm	xlsm	9482e25f0e15d370493d1b0dbccef274bb8eef769bd89460559c7e58a7be2991	n/a	Heodo
2021-12-04	RTR0M1UQL10.xlsm	xlsm	5a85afa15ecad04923539508d102d845ebab5ed3342ef96dbff301f4b312a113	n/a	Heodo
2021-12-04	B8TD2GR0QDCWWLFF.xlsm	xlsm	df548ffbe364bfcab388240bb79b0e022793e69993359ad2814bf4dcdd8e8c43	n/a	Heodo
2021-12-04	Z7AEAO5V.xlsm	xlsm	62524a532f2372ab3f4b10a20fd98f9737fb8825f1c88baffe7ddcd1164c29de	n/a	Heodo
2021-12-04	9WAWQCRIC.xlsm	xlsm	17d727d3125d7af2cba3c4d82143be90f7b141c36c01c92ad5abce88a2aca016	19.67%	Heodo
2021-12-04	38MHN6BYT65RP.xlsm	xlsm	60860cd0fd7646b5b329a2e2c46a18cfdab50163f7b13a81a9c1e99c1678ae3a	n/a	Heodo
2021-12-04	W6KIV9BYXXLSYR6.xlsm	xlsm	214e5a751957c1249a783a595cbf2c843f8ce1b0d19e4dd3e4cc71f1c364f765	n/a	Heodo
2021-12-04	SYAMD5Y0.xlsm	xlsm	987b04cc3050bb943484673f1e1942730b40988a72fe36500ee383008177c6d1	22.95%	Heodo
2021-12-04	TA6Z1AFR76.xlsm	xlsm	7266eebb30eaccc6220328cbee7e643b0b0cc3f026e7a58e7cf6db771c305efe	n/a	Heodo
2021-12-04	YLEBU3GY9KP.xlsm	xlsm	3cd034945552b0db20496f64fe019b6100c496de25e609d070c799243a373837	21.67%	Heodo
2021-12-04	Z0Z7TQY.xlsm	xlsm	82625bb927f2a9f0bc7f7765ffd867116e0a1950f2582ecdf24c8833fb7747dc	21.67%	Heodo
2021-12-04	20VN54LWN.xlsm	xlsm	aa57a381a01187264ddb62cf376a38826812caf6fe7d568319a6b9775d245bf3	n/a	Heodo
2021-12-04	GUBJ8FY.xlsm	xlsm	a121651d1e49e1fd488fad17113705077ca0bd13220cb35ab800bd08d656f51b	n/a	Heodo
2021-12-04	7FW2D9LICG9G.xlsm	xlsm	b3722ff7415deda2c67a36c4a5f41085fd8be815aa6ae38efaf564ea5e85d3f5	n/a	Heodo
2021-12-04	MSFK6Z5WEFE.xlsm	xlsm	792da2db0a368dcafacdb9c6789bba643e29f4730383572e66acf3cb6844fe8d	n/a	Heodo
2021-12-04	1TQV2YRB.xlsm	xlsm	172c90bf3c285924858c610e678f071288d66f2d5a8e12e4750e3e8b98aba260	n/a	Heodo
2021-12-04	7J7WOG63C0O58.xlsm	xlsm	42d0546265b3b06b9fc877c0f1b96ce12ad6fa739ed4e7c2bd3440ef432f475e	n/a	Heodo
2021-12-04	ETQQS8PM.xlsm	xlsm	fedb63cc8f611d2b9254c5d0366337bdfbeb858225468097c4e52539c5fea3bf	16.95%	Heodo
2021-12-04	5WU5EC24M1RH.xlsm	xlsm	ed6576577aed9e1fa7f17c290d5e4e62940e610bcd35080c821213c168a0e48e	n/a	Heodo
2021-12-04	HD2TF5RF6X71WG.xlsm	xlsm	172af5646f781093249052708a1971c35b4f78a66bdaeaa459aa3470a7301597	22.95%	Heodo
2021-12-04	BX1UIEAZZRZ.xlsm	xlsm	9e4011d4239e49cf4815b6c9e9e00dff0ae353ba4c2eb30a9e6a31ba4c2a1f68	18.33%	Heodo
2021-12-04	GIOQLMJKVQFHXB.xlsm	xlsm	1087bcfdbc7ff0b14a84ca0806fb3f64a6dd54125ca96b690c9fda04948b43e0	21.31%	Heodo
2021-12-04	SKUBSVZH.xlsm	xlsm	4cd06ae56d216f369c0fc1956d794e869e403b789872ac8ddee9cac00e9a653b	n/a	Heodo
2021-12-04	RNPPE7E.xlsm	xlsm	3912164b44f081e1c54f2349f188eb8fc73b2ff594943b0c31f03d52f82525b3	n/a	Heodo
2021-12-04	X88JBBZ9M7L.xlsm	xlsm	a778d86f9ea4be3e04e9c9b2653a0c273c229d3ebd1b98e2024b3eb15700f83f	18.33%	Heodo
2021-12-04	9NO9CSXME5VD9.xlsm	xlsm	aadc859ad87c5f31121568585d28b8d34dd2c70301f30505eb8932cdee5e0683	16.67%	Heodo
2021-12-04	248O9D354UQTMNUW.xlsm	xlsm	aa6ab408990b7923655e0f63198f3779e70179a46a0599f8a16fcb027243486d	n/a	Heodo
2021-12-04	TUCBA5DG.xlsm	xlsm	3a7b80be417d47a53348d0054cd67391c87750b5e035896df8907159a79a948c	n/a	Heodo
2021-12-04	X76RXRW75ID.xlsm	xlsm	c1995dd97db5ca4395cdbf14aa93504d03ec29f769188c898da38b42d7b80366	n/a	Heodo
2021-12-04	XRMTQK6Z03HW.xlsm	xlsm	7200a15a0affbcfad1470e03b9a6f41914d6bf1144a3dee8179c77b04f2ab8bc	20.00%	Heodo
2021-12-04	E6J0JV0.xlsm	xlsm	47214d730fc78944962110a9cf98ca4d22326e7319f7a341d5a3194a961b0109	n/a	Heodo
2021-12-04	B09LO2P0W4BRJ9.xlsm	xlsm	69bbe88bc070f78ab4581f40285cee55a059da39d8d164b992ab9a95665dddf8	n/a	Heodo
2021-12-04	PUXSKW271UYS.xlsm	xlsm	dcf245593c7020c9b0f17ecad5df852b6b24ce05ca72e6a0a7081ef3c4491c56	n/a	Heodo