URLhaus Database

You are currently viewing the URLhaus database entry for http://mewb.org/wp-content/EldiU34Mwx1U4Eqp8BmLWbf6qSzL9/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1850627
URL:	http://mewb.org/wp-content/EldiU34Mwx1U4Eqp8BmLWbf6qSzL9/
URL Status:	Offline
Host:	mewb.org
Date added:	2021-12-04 04:10:10 UTC
Last online:	2021-12-05 21:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	waga_tw
Abuse complaint sent (?):	Yes (2021-12-04 04:11:59 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	1 day, 17 hours, 28 minutes (down since 2021-12-05 21:40:50 UTC)
Tags:	doc emotet epoch4 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-05	PSBOBLX14W2.xlsm	xlsm	33dc0546d60f496508e95293772364bf7e913d52ec3d606b326adff6cbfe7fd7	35.59%	Heodo
2021-12-05	5O0XE088NH6H4.xlsm	xlsm	2817f73ca4e9ffeba86f2ba0aec66e164f1b2a836ed98aac854c150cefb9f1de	n/a	Heodo
2021-12-05	6GTN9YHERL876E1.xlsm	xlsm	17b2b094465ed6a13d97e9ba8fe7c2ce9b16234305ae829c0f608496f412f9e0	n/a	Heodo
2021-12-05	RIS1Z35F6TQ6.xlsm	xlsm	07de6d5b2af9a9d490d36eee97cbf89fd307ebb8943653ef6815272984a7186b	29.03%	Heodo
2021-12-05	9CPREHFZD.xlsm	xlsm	594112891ed73d0cd5dccf97e0f25c246e06a0ccb42ed3019c2a071546eda237	30.65%	Heodo
2021-12-05	1VGP8SC.xlsm	xlsm	95154409e84cdf7b93cd631e42a7a0e987ca93e7194f406da6f824a5e1c041af	n/a	Heodo
2021-12-05	64V2NVOT11DAO7QK.xlsm	xlsm	c55496aa3102b469a63433fff09292a6d66a8baa95586a85a9e34d5f0bb95832	n/a	Heodo
2021-12-05	449PHE25Z5AP.xlsm	xlsm	47b48be726e216626dd7eb27bc629218d6d7de060f525f3880b843c3ece3a4c2	n/a	Heodo
2021-12-05	ZZ2HURRZOIN.xlsm	xlsm	6078081a6351aa6794c56325adf8791e0f3e473513408fbb27c187d458ea576d	n/a	Heodo
2021-12-04	JDCOARX8YTVB.xlsm	xlsm	cdc7dc5fc3f073ac3eb42eb97fdd4e4404bda1f56fc49d7b06ec3587a3439489	n/a	Heodo
2021-12-04	F3T70DE2U14WSKR6.xlsm	xlsm	302ef213ab61b467abd082b4fc2aaab74092e468f3844ecb7804b8be88e01f75	n/a	Heodo
2021-12-04	6Y6MCJPMHHXM6.xlsm	xlsm	3ff7f98d0a7d75765a01942ae1d5074dbddfeb2fd525902bf536c263d1bd6fe8	n/a	Heodo
2021-12-04	X20UT315.xlsm	xlsm	a15f2aa1b48441d49527d074755aca2926254119a20ba129ac1c5717dc67d846	n/a	Heodo
2021-12-04	MY031S683QYGP0.xlsm	xlsm	28f2433f1444eb6e9f61d9dbad0f192dde883be209b175a4fc185bd13a2d1163	n/a	Heodo
2021-12-04	Q7HJO52SEH.xlsm	xlsm	ac4625994264b4101e5196c791a447aeb5fca9f346573a810d83b0a96be22e9d	n/a	Heodo
2021-12-04	R1WP7FAHFM9B4DY0.xlsm	xlsm	c538307a14f55d21ff46077411598baa5c27a6e7c442b690b436687d56fa4cd5	n/a	Heodo
2021-12-04	49W81TBGF.xlsm	xlsm	e3e7fb31fd489506b7917f61b5b63995d4649948e78338ebaadc759292f267d4	n/a	Heodo
2021-12-04	OFAO242PDJI8J3L.xlsm	xlsm	a0145ae81bb655ae1beddb852af9f1a05752ee368e0c34fc06a9ee2e73cb1143	n/a	Heodo
2021-12-04	ZXCDV2SM74PL655N.xlsm	xlsm	8e9b3461284ffa9116c66fa81d331b37bcf1f54a82d461238476197f7fa57d2b	n/a	Heodo
2021-12-04	0A798ZCFA.xlsm	xlsm	3c785175e1471f4af4e5d4bd4312c7faf4032aa29bb7eb7875d17a5cf5d608d0	n/a	Heodo
2021-12-04	2HR70NS.xlsm	xlsm	8e2397ede6440e3b1f11c7875f7925e339150970a90c3a8b254aa792057891db	n/a	Heodo
2021-12-04	SSS5WB61T.xlsm	xlsm	c8ba0a2f5ee17b56f19fa64fff0eb2387fb8469115d5e28bd015c721fc82956d	n/a	Heodo
2021-12-04	7UL3CH18A4JN3AAF.xlsm	xlsm	018d7e41ac4c9f6a79553ba7d10226ff53c8593411d4d1fddcc217a778dff767	n/a	Heodo
2021-12-04	2Y49RXKNN6RNLR6Z.xlsm	xlsm	1012dc57bbe74054df2a44caf4460728caf955e7c0fe45ee113bc5193c84f1e5	n/a	Heodo
2021-12-04	LWSW21BX.xlsm	xlsm	94f5b2a459e0bacf75ed26a6c1395d75a1536d5ae50bb989f860d8822c314ba9	n/a	Heodo
2021-12-04	FH3OX4MHLA.xlsm	xlsm	cc20a421ab15b0345dc3f6048fe791e6023aef3f7c9b0481621cafef5ba4c7a9	n/a	Heodo
2021-12-04	YG5CK2T19.xlsm	xlsm	be00eab0d3b4e7371a82c8dc8bd31c7c77453fa5098781d98dae96fa19786545	n/a	Heodo
2021-12-04	G4LPU1Y.xlsm	xlsm	caff998cb1c01034f139c2b57f6e69c7b0c8338d2b25d2722a85ec807e20b248	24.19%	Heodo
2021-12-04	HW0QEJT7F3F.xlsm	xlsm	a7bac70acfedfb6afe0885e35afde40b08ef1acd404bffc1c9b5707db5ac81f3	n/a	Heodo
2021-12-04	V0MH8M6R.xlsm	xlsm	878ad9d05e6601d7ff9061d178312f0a55cca2c77b4be8f13f0a726ae6f65b5a	27.87%	Heodo
2021-12-04	CLGL2MMOFAI.xlsm	xlsm	78a06d28cbe2346fa7edca1cd19de10a1814666e4ee4cb5e68015738ac551764	n/a	Heodo
2021-12-04	ILAMX2J0.xlsm	xlsm	a11dbd7ee7d36123a95accaca9cde71a50cf5739e39b68f792d49a91218295b5	25.81%	Heodo
2021-12-04	J4K16S8JHO6ODNG.xlsm	xlsm	a870a495bd65f773f81f61dfd6ee952e405f995bc8645011b846c861ae5dbdc4	n/a	Heodo
2021-12-04	RW4R8XTK72F99.xlsm	xlsm	fd42b37fba9558e0017ad0591a7828d6ca247eda50d525616e0b0cf6379766d8	n/a	Heodo
2021-12-04	AC8WAEQP.xlsm	xlsm	5f308017fbe47c16f7e1a92d625feef2925136b8299d949560d4c70f7a15bb2a	n/a	Heodo
2021-12-04	LFOJZLU62.xlsm	xlsm	8278a178f270ce4784bd12ac08853a5468944c4a0834fb70ea0ed5ff4a6aeff2	n/a	Heodo
2021-12-04	C9F20OF19.xlsm	xlsm	51ade39bcde138bbf62c3ac3628beab24ee98cf99a240c4f4681d182fcd7503c	n/a	Heodo
2021-12-04	I58OH7W3VYAF.xlsm	xlsm	cf3b0d8b0a9153046d00599fd5f6a14af017d2b22f5d4c8d795b655427e05832	n/a	Heodo
2021-12-04	3PR3GGWBOWEBM.xlsm	xlsm	97bfa2af83b7ebc508962abc9791a672fd6b622e678d10eaf453a9748ca4ce4b	n/a	Heodo
2021-12-04	9TFIPLO.xlsm	xlsm	0606169c1bdd861cdaa490118c080324a428d35c739631654e2602fb7b3d0b7b	n/a	Heodo
2021-12-04	2M0AOWK4NVX6.xlsm	xlsm	9375aa8f89ae69e8fd679c6d267da7177ddb6ce2c43c00ccd2a0b059937b5b99	n/a	Heodo
2021-12-04	9II596U7E5U6B.xlsm	xlsm	8f210404a6cd830bec97832401b9049186183ddace345fabaf8310a07904ec7a	n/a	Heodo
2021-12-04	9I17WLKVA5.xlsm	xlsm	30ef7c592bef90557962947a362a1942ccfb2a7f38794ca31607761924c91370	n/a	Heodo
2021-12-04	13W5O7HAFCU5.xlsm	xlsm	4e954f2f70144153b842eb7cc68ec16e61d9a047c87c0580803a859a074440f2	n/a	Heodo
2021-12-04	FPDF6Q231ATR.xlsm	xlsm	fd4c49dd27aaf6e11bbed98501736a932dc607590ed3fb64bf61dcf8835fecda	n/a	Heodo
2021-12-04	ID1WA06V2VCIAEW.xlsm	xlsm	a9e904283e1c3280a9c94df7de9526d45406f043bab61cfa89955ab26c9002e7	n/a	Heodo
2021-12-04	G3D86EOR.xlsm	xlsm	3cd93317223cb8cd42f15eaa618699c2e78275e4cc412c59a5e7a81c0e197efb	24.19%	Heodo
2021-12-04	AERJZ8ODQT07P6D.xlsm	xlsm	62ce43159e81a60d0ba4a8a6259af0f17902642f571ff56bd784ecff764fde2a	n/a	Heodo
2021-12-04	EEEFEW5H7.xlsm	xlsm	39575879cef671f75b0dff64ff1b7637153006aec9b5d8b474d8156ec7136cec	31.67%	Heodo
2021-12-04	DV391OCD4J3.xlsm	xlsm	4e943ee7af3c06175253a3934c990cb4c114b6261d4281c769bc0752aaa4b147	n/a	Heodo
2021-12-04	HNN207KIW0.xlsm	xlsm	f90d6b0b862fa8334b65422918d948395f60bac5a9eb99e78ee4e85ee596c68b	25.81%	Heodo
2021-12-04	8MBJ50H3P8NT868.xlsm	xlsm	30ce7ceeb177a302b3694f2d8a4180d8d00f0004d1f62f4b3da6f288c496cd36	25.81%	Heodo
2021-12-04	5AZIXWHLG77FDLCL.xlsm	xlsm	47eb73febde8eca0b2a5efe4ae2bfdb60d84b151cbfe2cbbc03af74e801e67bd	24.19%	Heodo
2021-12-04	92Z0PIWNG2QSIG.xlsm	xlsm	e5efab8162cc62849f574393540dbcb93581a620621d2a8ec85600ccd0658004	n/a	Heodo
2021-12-04	NWJSGX2.xlsm	xlsm	610ea093a34f13cf68a04c5d31bb7eaa0b304ff0b0bb5a3aed873c6fdc39182b	n/a	Heodo
2021-12-04	S7L0X95OSMHSJJG.xlsm	xlsm	aa3f656708a387d13c35e29960b7b51da55cf569c06970604be13ff3749f6682	n/a	Heodo
2021-12-04	7FFVIYOCRTQTWD.xlsm	xlsm	fc5a8a70db42e217d97c51399bf0c0091118097860ba599a5b6f2aa22978e52e	26.67%	Heodo
2021-12-04	3FLHA16HBD8IF.xlsm	xlsm	e6a05dbc614aa16b8f8a09de2414a8179485d09914672393e74ca1af21229243	27.42%	Heodo
2021-12-04	ENPLFLT81HH92AHY.xlsm	xlsm	578ece55282eb8f61aa9d634c5aa7fee1c72d820c7d5fb097421a2e4c2d571bf	26.23%	Heodo
2021-12-04	K3O46VI983.xlsm	xlsm	9dc8af2d8c4b3ac3236bf6854526079d258f981fd720152a6a71de7158aca5f9	n/a	Heodo
2021-12-04	T59GBIBUTM.xlsm	xlsm	14a0b86454758defcabc6c6422ecfd500acb82a4b41894a543ada0b82562ecfe	n/a	Heodo
2021-12-04	SUDK7ULSVW75.xlsm	xlsm	6f3d916042f12df984ddfa7652fc98e1238959c72b6f1c128834a39cbc2920d4	n/a	Heodo
2021-12-04	88MKHPU1U.xlsm	xlsm	73be6049fbcca280469b245631b4095369d7513ffb2e15ea6327fd8f685bc3e6	n/a
2021-12-04	YHD9E38MX8.xlsm	xlsm	58d24310e03ca087b71f52861b4e8bd89790b2b0d8ec2722176dfeccba7d8f4b	n/a	Heodo
2021-12-04	FC5EVRG.xlsm	xlsm	73bc79dc01e3733c7a9214932ad508926f25731200ddac23fc278525afa4b471	n/a	Heodo
2021-12-04	35HKH91CX89.xlsm	xlsm	9db7c7e66ca40cd906169bc4391110c188925dd9a50800ffe95e707258d855f1	n/a	Heodo
2021-12-04	WCHOIQ3F2R.xlsm	xlsm	ffb196995d67c74a4d6ecb56271fb5aa6b627d93f2947c379038a631bb3e9288	n/a	Heodo
2021-12-04	9F30VYL2WEJMC2I7.xlsm	xlsm	ee4365337fbc7dff140f457e8ce2d9c1674f2cf6e67b75d8447437f02389f032	n/a	Heodo
2021-12-04	4LN8M449DLW4H.xlsm	xlsm	7a4028719774f60a26304135c146be2c0aa097887e5e894634aeba41a911f693	n/a	Heodo
2021-12-04	OYNH1CVGZ9HM2DF.xlsm	xlsm	27398a3f2736fae1f040f051ab7ea4b36bf4a0949565531d64370f70558f1eda	n/a	Heodo
2021-12-04	NNZUVA2QW82CX.xlsm	xlsm	8dfe05903d073e9237dfceea122e793ee6eb6e85b4ebae492078e45a25b96207	22.41%	Heodo
2021-12-04	OU96XA0XWMJ.xlsm	xlsm	50f44fa814a6c7b09ed4b7737d4d96d3795ed5c53d6f0769d2bbb8aa9c910210	n/a	Heodo
2021-12-04	UBSBDXTN8PK516H.xlsm	xlsm	df548ffbe364bfcab388240bb79b0e022793e69993359ad2814bf4dcdd8e8c43	n/a	Heodo
2021-12-04	AO2S67FK5SV.xlsm	xlsm	62524a532f2372ab3f4b10a20fd98f9737fb8825f1c88baffe7ddcd1164c29de	n/a	Heodo
2021-12-04	CP8NJSJIW8VE.xlsm	xlsm	d6f9c9727dd0438fd15ffe3b61f7fea64b2799dcf291b82cb91c4e615b876f77	n/a	Heodo
2021-12-04	49O7T3ZHYA.xlsm	xlsm	2ab7370ab8ac365b48a0837fbc88b83a37ff1da98d2af5f295fd578f5a6d0acb	n/a	Heodo
2021-12-04	6WVKT4WFKUD1I2X.xlsm	xlsm	6d24abd45e6e56639459f0f81751333341057bd1b0c111baeb506b3a7a6a3504	22.95%	Heodo
2021-12-04	6XTS7RNHG.xlsm	xlsm	214e5a751957c1249a783a595cbf2c843f8ce1b0d19e4dd3e4cc71f1c364f765	n/a	Heodo
2021-12-04	HBI83BYPRPL9.xlsm	xlsm	02b22c30e1d82022b865ad2774c483ff395d3f0a7f21032babdbd073c8a5650f	20.69%	Heodo
2021-12-04	UIDGKW664L.xlsm	xlsm	82625bb927f2a9f0bc7f7765ffd867116e0a1950f2582ecdf24c8833fb7747dc	21.67%	Heodo
2021-12-04	TI8M0NI94461.xlsm	xlsm	aa57a381a01187264ddb62cf376a38826812caf6fe7d568319a6b9775d245bf3	n/a	Heodo
2021-12-04	88FBLAFFC5A.xlsm	xlsm	1daa8dd90dce88a681b2f1c0c90f91872345beda7e72d6097ebe7fad40b1350f	n/a	Heodo
2021-12-04	FVIMK8CC.xlsm	xlsm	314e3d1e7346c183ea8fc1d5e99dac95786c5e7fc9bf415af7ac35882715ca69	n/a	Heodo
2021-12-04	T3N63J6EDU.xlsm	xlsm	9cfe07eec025fccecf7dd8d2ea076b95f82f9a467f37ccc43fc6194358e67204	n/a	Heodo
2021-12-04	7QMD8KXZV1CG.xlsm	xlsm	740f5e3e8ad11ae196e532d4dbd91f8d930277a65575741999ddb353ceed191e	21.67%	Heodo
2021-12-04	G8R6TSKSS4.xlsm	xlsm	4392f053539c61c480e7128d85af7c7a04683066bbc965ba5f5c0038df7db369	n/a	Heodo
2021-12-04	W715NNS8KZB5PTI.xlsm	xlsm	42d0546265b3b06b9fc877c0f1b96ce12ad6fa739ed4e7c2bd3440ef432f475e	n/a	Heodo
2021-12-04	08WOQ27LB2QVNL.xlsm	xlsm	3df3407f4be66b2e6a46a434459f81cd519f680370c74b1b4493fd3db002a15a	n/a	Heodo
2021-12-04	UV7C8M8YGG0W8N67.xlsm	xlsm	b2a8d4a3caa47235e7f56d2741305a9c090db3fcfea7482f682aad8c874977b6	n/a	Heodo
2021-12-04	9R845MMHL5B0DZ.xlsm	xlsm	ebe3424670b3c82054330f3f7dae2173634c70d1ebc14f336b2cf852a8244f47	n/a	Heodo
2021-12-04	ZOMGM4IIREZ4C75B.xlsm	xlsm	f0170f7da3d53c6557a9e3ec9d95293c41f32d4ce011f80b3d3b51f54fcda479	19.67%	Heodo
2021-12-04	ZJJ2LLG.xlsm	xlsm	40c783f354619be528e40820a0a7f98888ce228aaf88551732c6a2b66e60bf7d	23.73%	Heodo
2021-12-04	S5A5239.xlsm	xlsm	509832b9ef82cc72cbf8f094bd41e9428394766058ccae5e4937d41598318cdd	n/a	Heodo