URLhaus Database

You are currently viewing the URLhaus database entry for https://hz1.xhjmmm.com/fz/8932592246366/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1968987
URL: https://hz1.xhjmmm.com/fz/8932592246366/?i=1
URL Status:Offline
Host: hz1.xhjmmm.com
Date added:2022-01-12 00:06:06 UTC
Last online:2022-02-10 08:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-12 00:07:27 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:29 days, 7 hours, 53 minutes Bad (down since 2022-02-10 08:01:20 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-13NDBL-86131751.xlsmxlsm ea5980e993f66791118fa470edea8ba26b09d5092a3eedb3ecba5fe80c3b5edcVirustotal results 18.03% Heodo
2022-01-12ALBTJ_908.xlsmxlsm c8f174f8e202cb23a98911afbf573602a1f9f71cc66936f455427db466a40e87n/a Heodo
2022-01-12ctn_642443286.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaaVirustotal results 8.47% Heodo
2022-01-12U_64694.xlsmxlsm 2b7d52fdf5cf60cf008016216c752a2fc6d74308772073a7157f9cd29cfd0d1eVirustotal results 14.52% 
2022-01-12bt-801.xlsmxlsm 9f0a7342511328df49b73e718bb20dd3db1437cb3d115548f9d6a0cfda3af0d3Virustotal results 19.67% Heodo
2022-01-1277776085077.xlsmxlsm 586f3fcc8654a5be1b03a87a7ed56d234e5edc6a98977d78163fb83a8ef299cdVirustotal results 20.34% Heodo
2022-01-12jdwwhol9.xlsmxlsm b5c62ad7558b94764b9c63b8fa7ca92cf2da74886407ea089a676ba70ff6c30fn/a Heodo
2022-01-12W_12700.xlsmxlsm af2883e71c1c33d15944d4bdd9bfe7f027a2f50299f203642ecdc906cedf3b2en/aHeodo
2022-01-12WPKC_518673.xlsmxlsm 75b296e325817101ebe6f4396a81d1774df42db712a71e1e619730163afa1907Virustotal results 8.06% Heodo
2022-01-12RVX15442.xlsmxlsm 8f99cab09eb9674d602d903701978b39bbe6bf9eb123a358837b44e4076a5e86Virustotal results 17.46% Heodo
2022-01-12vzncpdg_28060.xlsmxlsm 7b4efd070c35df0f74d87cecaf1a4c39f792e206ac1a830ab6b2a8eb2cddff42n/a 
2022-01-12t-48139.xlsmxlsm 9b6c2d3a2e0010b47a9e3f6a391bb288234c1edad441716ec99b1188a5ae2915n/a Heodo
2022-01-125503083733.xlsmxlsm e7b03810c084cc91f8463fb84d4b8979db88914b82a7808716e013f7b6b03eb6n/a Heodo
2022-01-12GPA_8633123.xlsmxlsm a1d6ccc8d4baeb930c4466081955434ffc07b1ad4105058d4b3cafefe0d50098n/a 
2022-01-12Bb2435.xlsmxlsm f4d388e756c6671857985c8b0a17656c92e1f22da75e28cce94a65f17daf8266Virustotal results 17.46% Heodo
2022-01-1294748846_0.xlsmxlsm d396dc8d4f96a0295c0f5db969ab4116c03ab365e2c28400807c613656e87cd3n/a Heodo
2022-01-1226373KWUPDVNRQ-51585618.xlsmxlsm e39304e5761525a2038957233d6586c769837ac3c5a02b742e2fba6fb84b061bn/aHeodo
2022-01-12eitdeu7766726.xlsmxlsm ac1a9c4299618d4a3024d88f644e7ff3813627c6b91a5be1b6ea64c037ec7c99Virustotal results 17.46%Heodo
2022-01-12SKK-83310.xlsmxlsm 6511bf0cd0a150e9e4530b6b27ec3c9227b0e6ff38eafd6f6045f71ded06bc03n/aHeodo
2022-01-1285_6475312.xlsmxlsm 5af2a325f143af92ffc1ad4c45442f8ebcce5937fcb00a77ff3b51c1effdebbdVirustotal results 17.74% Heodo
2022-01-12929598-462104.xlsmxlsm 27d6855c830f8df3fde9a9f56e1cf9c88ad097a4cb45b4983f63e70a7c0517d0n/aHeodo
2022-01-12d_002361.xlsmxlsm aa0e7e06ef6a8326e0d55630872406ec5a56ab4677760157c5b8cf9c7bc49623n/aHeodo
2022-01-12TCnZE_2.xlsmxlsm ce390c83df0a362de9c0a4704f3a7a22d52e5e536a46f3d64618812f24e7ad27n/a Heodo
2022-01-122342_05841857.xlsmxlsm affa54b3db10f641a6ae745e9cb62df1bb81224d94bbfa93489357f1572d62fdn/a 
2022-01-128819907642610.xlsmxlsm 2051d6466a893843330b994b1f7584192cc51ba381b1ccd71b4bdcf79d69a0f4Virustotal results 18.33%Heodo
2022-01-12IRTN_7238277.xlsmxlsm c5b975c17c0bb735289b89373ddf4a74f1c092098730f47ee94905c37d05df03Virustotal results 17.46%Heodo
2022-01-12LEFC-11910.xlsmxlsm 0bafd60ddca971a6e30bc4b88c757eb075c063b03d728b237331e60e83e33f63Virustotal results 18.03%Heodo
2022-01-1245104_3.xlsmxlsm ecda95e13eaad051279976a5ff4bf109941d61714b646abed4582c7754b4b961n/aHeodo
2022-01-126701801_68.xlsmxlsm 5b8c11198dceda8da8407fe0e68a5a0053b213f03e157317f0e9961f818fb5e7n/a Heodo
2022-01-12352-63381001.xlsmxlsm 5ecda7dff2d530c8ae471e0f5f0e8716d6930dfce93f4e7c7ac8f6249250d6fan/aHeodo
2022-01-12G37821.xlsmxlsm 9e910d12471987837a058b121eaf6b83b73675a82eafc3f6ac1710da61dcf16fVirustotal results 16.39% Heodo
2022-01-12SKA_60991261.xlsmxlsm c9c2bdbfd9418db13bdf5b96a5d8003f7b924235629db4766ad743a09f30163bn/aHeodo
2022-01-12oyns_4.xlsmxlsm 09e0a532c503c252f36af5077f4ce5dec6a8113c032b2afd7b3759c65db15139Virustotal results 15.87% 
2022-01-1232261900780643.xlsmxlsm 99704dcf815cd49262652add049aa8b90b0549e6c769adce9de208f71bf5d7cdn/a Heodo
2022-01-1265932977.xlsmxlsm 53d745257e1430ace340b142aa29bd85ff198cdcacb5b0375d4978bb1cfe9a5eVirustotal results 10.00% 
2022-01-12718_367.xlsmxlsm fd138fc1c11cb3a0c9243e3fda5087708700823b6a770584510cbef7ba1ae88dVirustotal results 14.52% 
2022-01-12kQyj_2456.xlsmxlsm 17f03ce4ff3120ccad3cb69b71f73257b385061b7fde11370a98257caa36b273n/a Heodo
2022-01-123035XVF-1.xlsmxlsm 3e7066da17af7c130e2a5ca11a470f3061cda5bf089c34ed3831dd8cec6bee96n/a Heodo
2022-01-1226249ZYVR_22972537.xlsmxlsm 2290d005f9baba04f5ee48f1545bb6cbc2db9d5bada9763698233eb8a95c033bn/a 
2022-01-1226287524.xlsmxlsm 009fcd5e4bdcdcbc640380482ae293b7becc5dc522eab10e0bc3ccb143ff2331n/aHeodo
2022-01-1218372_65979210.xlsmxlsm f3c5183187bec6e03d69db279fdacf6ef6da9f243b263c82fff3a206ae4879a3n/a Heodo
2022-01-12836524_7892873.xlsmxlsm 3ef2b8a6070172d50448713db5b705ec1884d4b5e67e984d8a84d1a1329ebaebVirustotal results 14.29% Heodo
2022-01-12DLMO-0892705.xlsmxlsm 7d1dc178571039c34f2a0d908107ce3b24f74fe93ca9843928d81ee09ae213ebn/a Heodo
2022-01-12861997-525938.xlsmxlsm 7a51acd202737a1d65c2e42f2924cb9a20e996383b579a3dc49148e4d62600e3n/a Heodo
2022-01-12085OQPNCZRVGA-8092.xlsmxlsm ca3b70bb575b63fa0d338b50c754cc20f08794e00eba276722d96e3d00b5a2c1Virustotal results 14.29% Heodo
2022-01-1236112_1178.xlsmxlsm cb1f89046f7898f583d7ce5bf765b81582f9cf646847397863824fe4267a8badVirustotal results 14.52% Heodo
2022-01-12728598_345939233.xlsmxlsm dd4bb165098876eece296f603bcaad2abaf3a306255559022fbe195553139c96n/a Heodo
2022-01-12LJ_90796.xlsmxlsm 7ee5d7c6d793d39fefbad3dd41511f94fe3b893e6c4080916fe6a00d6b41e3f5n/aHeodo
2022-01-12KY-428.xlsmxlsm 001ac1d881c5184db609260ba9220966f1eed9f1a5a6ed4ad6069d5ba3e1f89bn/a Heodo
2022-01-128631-3179065.xlsmxlsm 05daa5349e0afa84450e69eef171b0f11f8519cb8fc250df809c0038fc3c52b2Virustotal results 8.20%Heodo
2022-01-12E400.xlsmxlsm e7a066bcfe1ffc32a27f3d04eb1c0b2f77d8b285aef46ea9916dcf2836d079d5n/a Heodo
2022-01-122025799762.xlsmxlsm 6cb3272ca6160c0e01f7084ecda308e0d4599b5107c80b3cdbf497268a05b540Virustotal results 12.70% Heodo
2022-01-1238-921965.xlsmxlsm 0ac0e45bf6bddf2f149dc232e277e24170f4ae358af7a92e02ebe95eab27361dn/a Heodo
2022-01-12CUD_44377.xlsmxlsm 94fc2ad122ed454bc9372a45f62f10e8f65f77f51f5acc8f871f72454aa449fdVirustotal results 10.00% Heodo
2022-01-1213596101_06.xlsmxlsm e087892cbee4b113dea70123c9646198f3e1d0ca64f43e6d12861ace1b5c1429Virustotal results 13.11% Heodo
2022-01-12sdK_14207.xlsmxlsm f3d1334b346c1bab22c541a6fb05cb2f0bcbfe8ba5a055d111b1c05505d5baffn/a Heodo
2022-01-1215928534_7.xlsmxlsm 599ee297e7f0005588a3ec6437b689e5c4d2c07be1d974d3b0011f4cd1b5cc15n/a Heodo
2022-01-1264813_0.xlsmxlsm 55a7a0ca3ef2db732c121d6006f048e100d0f94d136c94316d0e378fb8569a6en/a Heodo
2022-01-12JLKD_98823937.xlsmxlsm d22b1ed4ea99f7ad304a62fa6fa6755831c212f00508bd84b500904f99a1f766Virustotal results 10.17% Heodo
2022-01-129656356040.xlsmxlsm eadb80966605b87f9a5633aeef55213108e6a1309ef209ad23c7e63759452c66n/a Heodo
2022-01-125857839363871467.xlsmxlsm 663ca3b8545e4e02572b5d348a1f77c7ef30d1810e8adbe25dd699b2cfb1792fn/a Heodo
2022-01-12z9.xlsmxlsm b34e6de4f7fc9427651923dbdfab0c34ff83e99f9d44a4bfea838e1b4e59907fn/a Heodo
2022-01-1287033NHPZH87.xlsmxlsm 90c68041ea2e1e9b44724b9e68a58b8490996a52a5c2eda58d2eef0247b37283n/aHeodo
2022-01-12VBE_90517671.xlsmxlsm 947dc8d6c337a63466168a9efb2e42e692fad8da89af9c4c295fcd174a89c979n/aHeodo