URLhaus Database

You are currently viewing the URLhaus database entry for https://zonozono.net/egzjsu/872172750/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1968502
URL: https://zonozono.net/egzjsu/872172750/?i=1
URL Status:Offline
Host: zonozono.net
Date added:2022-01-11 21:13:09 UTC
Last online:2022-01-12 05:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 21:14:07 UTC to abuse{at}gmo[dot]jp)
Takedown time:8 hours, 16 minutes Good (down since 2022-01-12 05:30:38 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12AH36.xlsmxlsm 532169af0239d3f90afefe58a433bda8070dd51a49fe6bf22ab3a8e365c5d58bn/a Heodo
2022-01-12POG-6100.xlsmxlsm c3fa8b9cc4ef363ee4e4c3a85b6c193d7c5fbe880eeb049cf36feba33777ade3n/a Heodo
2022-01-12RX_4156914.xlsmxlsm f0b23646f26a31d99e6155652f24a0a4bf5706510d4cba8a7580b39fef731ceeVirustotal results 12.70% Heodo
2022-01-12KXSYF-614556.xlsmxlsm f3d1334b346c1bab22c541a6fb05cb2f0bcbfe8ba5a055d111b1c05505d5baffn/a Heodo
2022-01-12ojvot_61308.xlsmxlsm 599ee297e7f0005588a3ec6437b689e5c4d2c07be1d974d3b0011f4cd1b5cc15n/a Heodo
2022-01-1205279HZUROD-1047370.xlsmxlsm c42c6b271090675b57d6970aa659e468606dac00d39875f1dd85f57a9f203654n/a Heodo
2022-01-12QA_62.xlsmxlsm dd8a4718b16ebd639c4622884cc34f8f052f1655e71421c5bdc10898ffcd9c83Virustotal results 9.68%Heodo
2022-01-1224572_875.xlsmxlsm 18bb9fc6b0ed30350713c8e1f45feb512e0120b4fd7c052c74811b300fd597cfn/a Heodo
2022-01-128312223-891.xlsmxlsm 663ca3b8545e4e02572b5d348a1f77c7ef30d1810e8adbe25dd699b2cfb1792fn/a Heodo
2022-01-12XCYGS-69645660.xlsmxlsm b34e6de4f7fc9427651923dbdfab0c34ff83e99f9d44a4bfea838e1b4e59907fn/a Heodo
2022-01-12RC73927439.xlsmxlsm 978af74bf15d2a91d89790b36c10deb099346510e755e8915883f43401b3fe10n/a Heodo
2022-01-12PAXU-72726387.xlsmxlsm d193efb518a026a5507a4bb6bc168c2f7922c39ce1bb8fd5553512152cc2b88dn/a Heodo
2022-01-11A_519.xlsmxlsm d3e6a6a97ad6e4f79e73386e88cddd5b958d0f8745c551837dd366b929671704n/a Heodo
2022-01-11R57006787.xlsmxlsm 427080f3d4da3ec0746fc297c0a922b5212a53ae04504f5efd17ff4f9208c662Virustotal results 9.84% Heodo
2022-01-11162_274122.xlsmxlsm 6ec9e504112744f9f07ce60fb9315cdcd427d27a16c248fbe9746477bfc851afn/a Heodo
2022-01-11JAV-6.xlsmxlsm aa920a2c74b8982c5dd77f97f0dd2d6c7fd69f047983447d6ae43cdf1573b07dVirustotal results 9.84% Heodo
2022-01-11849_44992410.xlsmxlsm b8662d7aff6b2489b65fd6ddc022a5a87c6adb0e1ed1f0286ccd80c0bc11471fVirustotal results 9.68% Heodo
2022-01-1189865585_23412666.xlsmxlsm 8ad61be673c186c9cdfb6c6c8d750fbcf80f920d4905742c0ed9d67833026ed7n/a Heodo
2022-01-110215525_3015.xlsmxlsm 1fb26076eddbafe302c58865710a2c4ccce753f2019b0821c786fe3feb758b25n/a Heodo
2022-01-11873758_36199758.xlsmxlsm 9c950eae8d1a85bbe22f50c1af49c29fb147e24c0b3ef2a16c04ff1894dded14n/a Heodo