URLhaus Database

You are currently viewing the URLhaus database entry for http://onafrica.tech/xh4z1v5/oup-6/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1968665
URL: http://onafrica.tech/xh4z1v5/oup-6/?i=1
URL Status:Offline
Host: onafrica.tech
Date added:2022-01-11 22:15:07 UTC
Last online:2022-01-16 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 22:16:19 UTC to abuse{at}a2hosting[dot]com)
Takedown time:4 days, 2 hours, 11 minutes Bad (down since 2022-01-16 00:28:07 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12KT_0160873.xlsmxlsm 9c821587005ae39ceede34bb78262af8b30a3383c193c545f7d1fbcd4a6fccbaVirustotal results 8.06% Heodo
2022-01-12876206_22233335.xlsmxlsm b5c62ad7558b94764b9c63b8fa7ca92cf2da74886407ea089a676ba70ff6c30fn/a Heodo
2022-01-12458AHLVLK16934833.xlsmxlsm af2883e71c1c33d15944d4bdd9bfe7f027a2f50299f203642ecdc906cedf3b2eVirustotal results 14.75%Heodo
2022-01-12RO_0526.xlsmxlsm 43456f22a22af4bc49f0c52a891b5993721cd8595dc6f051a1a5ceff1f107621n/a Heodo
2022-01-1201643-5390.xlsmxlsm d46253bb266476f81af4c47a2ff0ae04f13ce9834bc2a63a810f79d2c5773f63n/a 
2022-01-12vbcl_92.xlsmxlsm 7b4efd070c35df0f74d87cecaf1a4c39f792e206ac1a830ab6b2a8eb2cddff42n/a 
2022-01-12FLN-66214996.xlsmxlsm 8bb091f18d04a9755e558790e1de67915d26c147739e9257d312824176872febn/a Heodo
2022-01-12cjsxnk77554815.xlsmxlsm e51255b61860adae1096b1521ad1fcaaa48b92d4c992c8fb3c449339af2d01dfVirustotal results 17.46% Heodo
2022-01-12sud_2269.xlsmxlsm a1d6ccc8d4baeb930c4466081955434ffc07b1ad4105058d4b3cafefe0d50098n/a 
2022-01-12245484EHDIGKVI-46767.xlsmxlsm f4d388e756c6671857985c8b0a17656c92e1f22da75e28cce94a65f17daf8266Virustotal results 17.46% Heodo
2022-01-12Azp_47.xlsmxlsm d396dc8d4f96a0295c0f5db969ab4116c03ab365e2c28400807c613656e87cd3Virustotal results 17.46% Heodo
2022-01-12459513002_092144661.xlsmxlsm d71345f2aba73f7209585626467e21128fb342e43c8a64c475e1c9d8a052527fVirustotal results 17.46% 
2022-01-126418_174180178.xlsmxlsm ac1a9c4299618d4a3024d88f644e7ff3813627c6b91a5be1b6ea64c037ec7c99Virustotal results 17.46%Heodo
2022-01-12FR_27214.xlsmxlsm d0976d7cff6c14e5e16cde79aaa1d61b3ac4d1bbdb2fa04543064548bb9a4016n/aHeodo
2022-01-12MO14.xlsmxlsm 5af2a325f143af92ffc1ad4c45442f8ebcce5937fcb00a77ff3b51c1effdebbdVirustotal results 17.74% Heodo
2022-01-12BlLT_0.xlsmxlsm 27d6855c830f8df3fde9a9f56e1cf9c88ad097a4cb45b4983f63e70a7c0517d0Virustotal results 13.79%Heodo
2022-01-12227907_06295.xlsmxlsm aa0e7e06ef6a8326e0d55630872406ec5a56ab4677760157c5b8cf9c7bc49623n/aHeodo
2022-01-12Exlxv_665.xlsmxlsm ce390c83df0a362de9c0a4704f3a7a22d52e5e536a46f3d64618812f24e7ad27n/a Heodo
2022-01-12501864126236.xlsmxlsm affa54b3db10f641a6ae745e9cb62df1bb81224d94bbfa93489357f1572d62fdn/a 
2022-01-1224517-496.xlsmxlsm ff0dd0d6c82eabd6f0c69da4f366755d7e300e845e1eb68342107fa69d83b53en/aHeodo
2022-01-12FE2272195.xlsmxlsm 1ac9eded30edbaf2faea6046d10ae01b4198654689f23a87627ad11d3c73e274Virustotal results 17.46%Heodo
2022-01-1240877337_81060864.xlsmxlsm ba7c1dc54af2f71c4737c1122c4092af41db3769d6f6883cfcc27636f9f133b0n/aHeodo
2022-01-12I8176.xlsmxlsm b73be43b52094fb92e8b8d58def03cd5521d7e3421833ec6d60249a14f7883a3n/a Heodo
2022-01-1293787530_1765439.xlsmxlsm 53812bd0525b37568f64e10ba86d759bf65fa1e511dd43b4c7e8d458229d305dn/a Heodo
2022-01-128869YUCXZDQHEW-52119303.xlsmxlsm 7dcd68024365fd30579b4707f0a9ad5f12f539cda108142174ea46efcf32f7f9Virustotal results 14.04% Heodo
2022-01-1220_335933.xlsmxlsm 9e910d12471987837a058b121eaf6b83b73675a82eafc3f6ac1710da61dcf16fVirustotal results 16.39% Heodo
2022-01-125311756-737.xlsmxlsm ebf0416d8b34739524e8a84a181d1e84a90fc816a2b160bea88336383e5c71e9Virustotal results 15.87%Heodo
2022-01-12261510793_4188.xlsmxlsm 92713b457c90861b16201ffa88fe2c16b77c58265d9a4c249d683fe899fe4af1n/aHeodo
2022-01-12964_5720.xlsmxlsm 99704dcf815cd49262652add049aa8b90b0549e6c769adce9de208f71bf5d7cdn/a Heodo
2022-01-12azltpi_587891.xlsmxlsm 2eabc11ba3c54f106383d98026c60f909cf6393af67fac13a59796b91390bebdVirustotal results 14.29%Heodo
2022-01-1229IWCHPRIAT_89.xlsmxlsm d2bcf2bda4b017286f8f68c4a613bc34f230670d136e5140fce43194dda7c86en/a Heodo
2022-01-12TC-030.xlsmxlsm 3e7066da17af7c130e2a5ca11a470f3061cda5bf089c34ed3831dd8cec6bee96n/a Heodo
2022-01-12611_4726.xlsmxlsm 2290d005f9baba04f5ee48f1545bb6cbc2db9d5bada9763698233eb8a95c033bn/a 
2022-01-12582037_1321.xlsmxlsm 009fcd5e4bdcdcbc640380482ae293b7becc5dc522eab10e0bc3ccb143ff2331n/aHeodo
2022-01-1252288_866.xlsmxlsm f3c5183187bec6e03d69db279fdacf6ef6da9f243b263c82fff3a206ae4879a3n/a Heodo
2022-01-1230242259-9219758.xlsmxlsm 3ef2b8a6070172d50448713db5b705ec1884d4b5e67e984d8a84d1a1329ebaebVirustotal results 14.29% Heodo
2022-01-12DLLJY_2264.xlsmxlsm d2b2e45f8404ab43fb5167938f1772e600534364d4a6206404e59e13c4425c44n/a Heodo
2022-01-12373431880328.xlsmxlsm 7a51acd202737a1d65c2e42f2924cb9a20e996383b579a3dc49148e4d62600e3n/a Heodo
2022-01-1257963_12401.xlsmxlsm ca3b70bb575b63fa0d338b50c754cc20f08794e00eba276722d96e3d00b5a2c1Virustotal results 14.29% Heodo
2022-01-12LE_559634.xlsmxlsm b08722cba6eca08166fb77ae936fb350b4265fd666a8cb8af13aa886f0344409n/a Heodo
2022-01-12UO_9550.xlsmxlsm b2fef7d6f0eacaba6aef7309a7d25c631e3b48d950a01ce5968b7964cf354679n/a Heodo
2022-01-12512_964902331.xlsmxlsm 7ee5d7c6d793d39fefbad3dd41511f94fe3b893e6c4080916fe6a00d6b41e3f5n/aHeodo
2022-01-12469405799_18121.xlsmxlsm 001ac1d881c5184db609260ba9220966f1eed9f1a5a6ed4ad6069d5ba3e1f89bn/a Heodo
2022-01-12734_50012219.xlsmxlsm 05daa5349e0afa84450e69eef171b0f11f8519cb8fc250df809c0038fc3c52b2Virustotal results 8.20%Heodo
2022-01-12431151419_37.xlsmxlsm 775e8ead32426df8843052b194bb6347952c58b1e93c88fcd4b5332c9cb72a41Virustotal results 15.00% Heodo
2022-01-12571685_196012.xlsmxlsm 6cb3272ca6160c0e01f7084ecda308e0d4599b5107c80b3cdbf497268a05b540n/a Heodo
2022-01-1262438-54356.xlsmxlsm 0ac0e45bf6bddf2f149dc232e277e24170f4ae358af7a92e02ebe95eab27361dn/a Heodo
2022-01-120274917_089.xlsmxlsm c3fa8b9cc4ef363ee4e4c3a85b6c193d7c5fbe880eeb049cf36feba33777ade3Virustotal results 12.90% Heodo
2022-01-12621032.xlsmxlsm e087892cbee4b113dea70123c9646198f3e1d0ca64f43e6d12861ace1b5c1429n/a Heodo
2022-01-12yynizf_98183.xlsmxlsm f3d1334b346c1bab22c541a6fb05cb2f0bcbfe8ba5a055d111b1c05505d5baffn/a Heodo
2022-01-124205989756.xlsmxlsm 768ffbfc5a50f759614ed049fcd10faade3d8c3a8a759f55dfeeae08265133c2n/a Heodo
2022-01-124366864942.xlsmxlsm c42c6b271090675b57d6970aa659e468606dac00d39875f1dd85f57a9f203654n/a Heodo
2022-01-12890004_97562.xlsmxlsm d22b1ed4ea99f7ad304a62fa6fa6755831c212f00508bd84b500904f99a1f766Virustotal results 10.17% Heodo
2022-01-12D6276331.xlsmxlsm 18bb9fc6b0ed30350713c8e1f45feb512e0120b4fd7c052c74811b300fd597cfVirustotal results 9.68% Heodo
2022-01-12III_27.xlsmxlsm b94a04d3a5f75fb0370e59e96488c49848647fd60e1b9ef2a9e898ff5b53f6can/aHeodo
2022-01-12502071684_05809.xlsmxlsm c95bf0dd160b7a12ab600aee9220e652b1b1cc3b006f264c324a0c0a9d5aa257n/a Heodo
2022-01-12jyNEIv356321.xlsmxlsm 90c68041ea2e1e9b44724b9e68a58b8490996a52a5c2eda58d2eef0247b37283n/aHeodo
2022-01-12C_15.xlsmxlsm 947dc8d6c337a63466168a9efb2e42e692fad8da89af9c4c295fcd174a89c979n/aHeodo
2022-01-1172317484_61886102.xlsmxlsm d3e6a6a97ad6e4f79e73386e88cddd5b958d0f8745c551837dd366b929671704Virustotal results 10.17% Heodo
2022-01-11cqAWWY_67674364.xlsmxlsm 6ec9e504112744f9f07ce60fb9315cdcd427d27a16c248fbe9746477bfc851afVirustotal results 9.68% Heodo
2022-01-112848-71078.xlsmxlsm d232986e906c448669c346c5edefc1d51b9224b6d53afd360e4768f9861eafadVirustotal results 9.68% Heodo
2022-01-11YDDTJ_7639165.xlsmxlsm dd14be16e01e5fe53b7cf8199af830a979dbbbc33593606f3b25d7ea3b32697cn/a Heodo
2022-01-11ncxexwx-6373924.xlsmxlsm 3cd6a8fae7995a3cee2857ba9a5336370256d1094b4324666ac8c05b6d73ee29n/a Heodo