URLhaus Database

You are currently viewing the URLhaus database entry for http://g2amarketing.com/wp-admin/I_39793/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1969143
URL: http://g2amarketing.com/wp-admin/I_39793/?i=1
URL Status:Offline
Host: g2amarketing.com
Date added:2022-01-12 01:03:04 UTC
Last online:2022-01-14 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-12 01:04:10 UTC to abuse{at}contabo[dot]de)
Takedown time:2 days, 9 hours, 9 minutes Poor (down since 2022-01-14 10:13:59 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1331369_8444912.xlsmxlsm 92b334ce2e0f803a6dd894b447d563c751138571b0cfcfac7b5d7ee3dcaecedaVirustotal results 20.00% Heodo
2022-01-13325200996917.xlsmxlsm fc75ce1e34326c780ab8f2a99b160f4f875075fe69efa6e755b6b213077d1aa6n/aHeodo
2022-01-133428213_65.xlsmxlsm e19c4cdeb5c2e9417e8976342dcf2494d337be7e4f6be1f465e9eacf998a6d5dn/aHeodo
2022-01-12F_29.xlsmxlsm 38e984900acb5a6830c8ea2b34c0b1b85c45b32848da185c5bd3e2546ade2311Virustotal results 8.06% Heodo
2022-01-1208505858-664270679.xlsmxlsm 20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6Virustotal results 20.00%Heodo
2022-01-124035938_977336739.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaaVirustotal results 8.47% Heodo
2022-01-12687_6924528.xlsmxlsm 24355720d9e3b12c0bd49ad9b2ade504263a3bc06d95103a3c086a316dc2ecbcn/a Heodo
2022-01-12888745922_80252.xlsmxlsm 44f513de7c81d64e9cabb5947eec931b496e087645596cf2f7b781188d5c139eVirustotal results 8.33% Heodo
2022-01-12xEIw5.xlsmxlsm 586f3fcc8654a5be1b03a87a7ed56d234e5edc6a98977d78163fb83a8ef299cdVirustotal results 20.34% Heodo
2022-01-127251027JWIGZQAP9.xlsmxlsm b5c62ad7558b94764b9c63b8fa7ca92cf2da74886407ea089a676ba70ff6c30fVirustotal results 16.13% Heodo
2022-01-12657AXLFQC-81653.xlsmxlsm 33a1ebf304cd7ad73ed93ceddaf39faca80625dfa1da2ea8ced042479157e15dn/a 
2022-01-12pxiP_522.xlsmxlsm 9dee7ff2bd3004489efc095782412235b35f95c28c23696b3a4512b8780ffbean/a Heodo
2022-01-1256-8653041.xlsmxlsm d46253bb266476f81af4c47a2ff0ae04f13ce9834bc2a63a810f79d2c5773f63Virustotal results 17.46% 
2022-01-12AQXN-114693.xlsmxlsm d7c5e393c24cfa74fecf95028ea14cd7289d5d7ddcc7720219c609424954e37aVirustotal results 17.46% Heodo
2022-01-12NT_96581894.xlsmxlsm a97e6687df80aa71cf6f4453f1c59e67544177a5ccfec939c00e863a9487be54n/a 
2022-01-12K-71.xlsmxlsm bd2352395cde676c9869f03b4752f5aea4a08805a0337c0f8aa5c33022c9e490n/a Heodo
2022-01-12ydiTB0.xlsmxlsm 30890f213f71b2008ae8b074bb35412d67375613a462a88aa7e4593151188e3bn/a Heodo
2022-01-121143044236536.xlsmxlsm 57dd75934f8e97adf3ea865291bb9766cae096c65aa55bcf8df2ff2325779fa1Virustotal results 14.75% Heodo
2022-01-123870_090.xlsmxlsm 7a42c12bcce014e382336c9ed46aa93e6f6c6573b7fec7e5d3ef6dedf721383aVirustotal results 17.46%Heodo
2022-01-12cwkllwo266.xlsmxlsm 751860b0793aa0128ca038bf61fd55eef8d6c91e9c6fd876ec3492ba27f03e8eVirustotal results 16.13% Heodo
2022-01-1255351043538068957.xlsmxlsm ec7e9f374064916c2f383b32a38c7256c25ca569de1bfb91234c074d0ef8c1e1n/a Heodo
2022-01-129984-4395.xlsmxlsm e50661ba08aa07cfba84e441bd7fc43ecb4f94e1a3469605981285745c07b857Virustotal results 17.46%Heodo
2022-01-12204058_5086714.xlsmxlsm 8e8348093645d1a6a11195a85467887d6f06ad0e5b1f5971fe2edd002912e775n/a Heodo
2022-01-120574142_16608361.xlsmxlsm 2c71fdccb709286a4219e65bf28773286fc24e3bfe37870e59d2c7dd310b0a84n/aHeodo
2022-01-12NKIA-602.xlsmxlsm ce390c83df0a362de9c0a4704f3a7a22d52e5e536a46f3d64618812f24e7ad27n/a Heodo
2022-01-12bodyrfl-1207192.xlsmxlsm affa54b3db10f641a6ae745e9cb62df1bb81224d94bbfa93489357f1572d62fdn/a 
2022-01-1245907-58.xlsmxlsm ff0dd0d6c82eabd6f0c69da4f366755d7e300e845e1eb68342107fa69d83b53en/aHeodo
2022-01-1269832355MQNFIHSSX_703261.xlsmxlsm 1ac9eded30edbaf2faea6046d10ae01b4198654689f23a87627ad11d3c73e274Virustotal results 17.46%Heodo
2022-01-12907_8352814.xlsmxlsm ba7c1dc54af2f71c4737c1122c4092af41db3769d6f6883cfcc27636f9f133b0n/aHeodo
2022-01-123888IMNZOTD_41873.xlsmxlsm 9bbfda85a16beeb3a6503af69b10eae50d4237439103733d78aa8e67fba12686n/a 
2022-01-1274195275.xlsmxlsm ea3e85162646a07f1e9328a85f012d22517bf42b58e0eb11987d8fc701357292n/a 
2022-01-121253_670778.xlsmxlsm 6de523cf03d5a8cb34cc06b2f41ccd57f611201fcf36696d9f9c601bae54cd40Virustotal results 15.87% Heodo
2022-01-121959016WRQODAXTF_28.xlsmxlsm 24500afc55a2aeda51f02a46650d3ab1b4819cd32182f7cd39048098aee011den/a 
2022-01-12wdcf742.xlsmxlsm 1ceb6ae7bb554145cab1b5890a3f695d20a8d9184c9d5bfd2b7c0dd04d33c03bn/a Heodo
2022-01-122760JWGA29978880.xlsmxlsm dfaa9720cb4f937590ea74a1050a9e577415c0160135fbb5718f48f518be6758Virustotal results 9.68% Heodo
2022-01-1282484627_21536003.xlsmxlsm 8679aa6bfcd5e3177948929f4722ebf6ba365309370d3bd101aef94395d428e4n/a Heodo
2022-01-12357401_1816.xlsmxlsm a171fe47aad91856984e779b31770f3e33598e208b8b3a63a510159937d43766n/a Heodo
2022-01-12N_7778.xlsmxlsm ff196870dffbfb68e5fb4ec42c7d57297a1ec288f1b004d7d08dded3ccd1d1b4Virustotal results 14.29% Heodo
2022-01-12WBI-97.xlsmxlsm 0931df1c8f6f64bb1eed834909d091c56fae86bdef99bc2f0ceb31098b86cf17n/a 
2022-01-12HGGZV591967.xlsmxlsm 79f3b373fa9006ca74b6f4bd4eb82a98eed7e7377038b7a4dd821a937d01f38en/a Heodo
2022-01-128124-209415.xlsmxlsm 73f5720060fdda952a06d091e8fcfdb5ce66b633769feed355fc3727c83c334en/a Heodo
2022-01-12LDJZ_9249623.xlsmxlsm be10453a52896b015918544aaf0516c3958756437aebedaa86a451be03c4eaebn/a Heodo
2022-01-1253397283-43339306.xlsmxlsm ac34cdae42f3aac1426e7eee9970c29c68c3cec73da85cf6dcf61fbb48cdfc24n/a Heodo
2022-01-12z-129.xlsmxlsm 50f5a67e3e4adb54941c9094c9f9ec98aeea6c506f89efcaab79405a11d7e5b9Virustotal results 14.29% Heodo
2022-01-12zKsUD_730309.xlsmxlsm b08722cba6eca08166fb77ae936fb350b4265fd666a8cb8af13aa886f0344409n/a Heodo
2022-01-1202UNEGSQI_03222703.xlsmxlsm b2fef7d6f0eacaba6aef7309a7d25c631e3b48d950a01ce5968b7964cf354679n/a Heodo
2022-01-12W_7485.xlsmxlsm 7ee5d7c6d793d39fefbad3dd41511f94fe3b893e6c4080916fe6a00d6b41e3f5n/aHeodo
2022-01-12143743_05628466.xlsmxlsm ae07a783e2db5694e8dc897f18d6303fb09914626708dec41aec7a4f43d1f74bn/a Heodo
2022-01-1292551EVQXI_15.xlsmxlsm 31f54e459b699cc0a4f9c9cf15481019ede90771c2921cd1424361acd40044e3Virustotal results 14.29% Heodo
2022-01-1273079353_6492752.xlsmxlsm 0ac0e45bf6bddf2f149dc232e277e24170f4ae358af7a92e02ebe95eab27361dn/a Heodo
2022-01-122252505527014.xlsmxlsm d82d4d05f3444d623fc0e7dbb2118559a11c6e421807cc6fbb411ceebfca2f0cVirustotal results 12.70% Heodo
2022-01-12PGZO_021679.xlsmxlsm 263dc5247e15db142100c5f3868fbb16eb2d25b2ce86ebaf407be909a39e6406n/a Heodo
2022-01-1220841983_116956.xlsmxlsm 41821381e38770d4b4eb06654fec731e89e45185dec97fac4dbef59560bb3fa9n/aHeodo
2022-01-1215376-9.xlsmxlsm 768ffbfc5a50f759614ed049fcd10faade3d8c3a8a759f55dfeeae08265133c2n/a Heodo
2022-01-1263920437_48916.xlsmxlsm f0cff93d93518d0fd32049d8a197ab064d56fe1d4d0709b408ae50f3e21c480cVirustotal results 9.68% Heodo
2022-01-123226FVMT_80990023.xlsmxlsm 4ad49903ce2436cf77cb3fb133762d3a3d38e8161b3a4c0a0aee2f789f2602f9n/a Heodo
2022-01-12444918349-0461815.xlsmxlsm 44d79235ec8738db343df92f6a801dc64852ff895bf05641db88f494912b5bf6Virustotal results 9.68%Heodo
2022-01-126279-9950.xlsmxlsm 5d4b48b112c2fdbb1721bb019e394342f2f4de602fe11bb68f354972021dc86cVirustotal results 9.68%Heodo
2022-01-12br_0117.xlsmxlsm f28bbe346a1043a08f1cdc244ca35bb345e7a7dd491c22e9197cfc449e5a59b4Virustotal results 9.68% Heodo