URLhaus Database

You are currently viewing the URLhaus database entry for https://servidor.indommus.com/escritorio/xlnhedo_3/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1969435
URL: https://servidor.indommus.com/escritorio/xlnhedo_3/?i=1
URL Status:Offline
Host: servidor.indommus.com
Date added:2022-01-12 02:53:10 UTC
Last online:2022-01-13 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-12 02:55:13 UTC to abuse{at}linode[dot]com)
Takedown time:1 day, 0 hours, 7 minutes Poor (down since 2022-01-13 03:03:04 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1394308690-4840741.xlsmxlsm bdba8de0c76cdcb58edc0f3d1f6b6f7550c2d8e471440b6838923b5341d61131n/a Heodo
2022-01-1390477-1714.xlsmxlsm ad80a159607095ce60f84198a537f9ed0bc3b5205b2a84a49c8173d53d942e60n/a Heodo
2022-01-13HRE-94192.xlsmxlsm 1d9de75895fb5076dfa112538287f13f40512cff9fdea541f4481c5e0d64137bn/a Heodo
2022-01-1353970623_94.xlsmxlsm 10235177dc353959f95d3903bc6054005bdc7d4ab9567cd6a28735324f92c7d9n/a Heodo
2022-01-1363877543FIDI-39.xlsmxlsm ed02cf2428790fc05964cbe66c268a67503551249437381125a51401de15e753Virustotal results 14.52%Heodo
2022-01-13533_58.xlsmxlsm 92b334ce2e0f803a6dd894b447d563c751138571b0cfcfac7b5d7ee3dcaecedaVirustotal results 20.00% Heodo
2022-01-13S-516013.xlsmxlsm 00714061c46c2698b29d0f88c92096cc433a3b26acac70825717dde40e0ff407n/a Heodo
2022-01-13kSGLBK3.xlsmxlsm fdfd932d1468e1c045f96cc60c7c061f31d3972e8e12692d8c3d575b2a0f74aan/a Heodo
2022-01-13vtlia-2382.xlsmxlsm 64ffbe17c653d164d008d606261851b8c54aeb3fea3566561a5369948e058ee9n/a Heodo
2022-01-12707EBZK_366396479.xlsmxlsm 20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6n/aHeodo
2022-01-1215190863EGNWPX_2632593.xlsmxlsm 2b71426be7bdcfb80b6039f8ca98dc621e32b68b6def7f2722509389bbe22e4dn/a Heodo
2022-01-12intusb_1.xlsmxlsm eea80493279cc054f92f5cc89d4756e80ffe973cd9ea79106bae3ba00f0850fan/a Heodo
2022-01-12PUA553887.xlsmxlsm 9f0a7342511328df49b73e718bb20dd3db1437cb3d115548f9d6a0cfda3af0d3Virustotal results 19.67% Heodo
2022-01-129001615XPCHLQH_230931.xlsmxlsm 586f3fcc8654a5be1b03a87a7ed56d234e5edc6a98977d78163fb83a8ef299cdVirustotal results 20.34% Heodo
2022-01-12Kkxe0090.xlsmxlsm 4dc2f22181beb5116c902aa2749a512b84988a39d68d896bbfd32ec7014bdbb3Virustotal results 17.74% Heodo
2022-01-12eKuf560.xlsmxlsm af2883e71c1c33d15944d4bdd9bfe7f027a2f50299f203642ecdc906cedf3b2en/aHeodo
2022-01-12730610705762.xlsmxlsm 9dee7ff2bd3004489efc095782412235b35f95c28c23696b3a4512b8780ffbean/a Heodo
2022-01-1250152474070.xlsmxlsm d46253bb266476f81af4c47a2ff0ae04f13ce9834bc2a63a810f79d2c5773f63n/a 
2022-01-1273482-009.xlsmxlsm ce3a9a1bb876ea9fff89585c65bf9dddfac55d27dfffac6a762087ba73c0412eVirustotal results 17.46% Heodo
2022-01-123980703440662.xlsmxlsm 8bb091f18d04a9755e558790e1de67915d26c147739e9257d312824176872febn/a Heodo
2022-01-1223731XSCBOI_33919.xlsmxlsm f92091f4bf9b99100b516a015bbcee3bb1107b3f1084307aefb368863e3ef9cdn/a 
2022-01-12E_236.xlsmxlsm 30890f213f71b2008ae8b074bb35412d67375613a462a88aa7e4593151188e3bn/a Heodo
2022-01-127093_47558201.xlsmxlsm f4d388e756c6671857985c8b0a17656c92e1f22da75e28cce94a65f17daf8266Virustotal results 17.46% Heodo
2022-01-120672.xlsmxlsm 7a42c12bcce014e382336c9ed46aa93e6f6c6573b7fec7e5d3ef6dedf721383aVirustotal results 17.46%Heodo
2022-01-125415205_12.xlsmxlsm d71345f2aba73f7209585626467e21128fb342e43c8a64c475e1c9d8a052527fn/a 
2022-01-126085271.xlsmxlsm 306c0ade7aec03b53887263f4de92b9b0c8ab0a469f9b195b0cc172121258e86n/a Heodo
2022-01-12RX_9660.xlsmxlsm 513bc7378d724e7a7c4cfb48291919fdfa001bb5e07b6cf06fc33c19055e057an/a Heodo
2022-01-12X09.xlsmxlsm bc346c8af9a4c313ecdce8c2ce4027bb2f3fff1889df84c0f2dd80f38f8be94bn/a Heodo
2022-01-12TUNQ_2794.xlsmxlsm 2c71fdccb709286a4219e65bf28773286fc24e3bfe37870e59d2c7dd310b0a84n/aHeodo
2022-01-12306097096_9509835.xlsmxlsm aa0e7e06ef6a8326e0d55630872406ec5a56ab4677760157c5b8cf9c7bc49623n/aHeodo
2022-01-121334_3135.xlsmxlsm ce390c83df0a362de9c0a4704f3a7a22d52e5e536a46f3d64618812f24e7ad27n/a Heodo
2022-01-1288456814357.xlsmxlsm affa54b3db10f641a6ae745e9cb62df1bb81224d94bbfa93489357f1572d62fdn/a 
2022-01-12NP91916035.xlsmxlsm 2051d6466a893843330b994b1f7584192cc51ba381b1ccd71b4bdcf79d69a0f4Virustotal results 18.33%Heodo
2022-01-12Nvj892.xlsmxlsm c5b975c17c0bb735289b89373ddf4a74f1c092098730f47ee94905c37d05df03Virustotal results 17.46%Heodo
2022-01-1248193_07.xlsmxlsm 0bafd60ddca971a6e30bc4b88c757eb075c063b03d728b237331e60e83e33f63Virustotal results 18.03%Heodo
2022-01-12hsqo_93676955.xlsmxlsm 8872f32f4d3040e9544fd6eebc8af2d86387b5008a960e8a1392ce3039a379b8n/aHeodo
2022-01-12B_2506.xlsmxlsm 5b8c11198dceda8da8407fe0e68a5a0053b213f03e157317f0e9961f818fb5e7n/a Heodo
2022-01-12KZfrQn-43561412.xlsmxlsm ea3e85162646a07f1e9328a85f012d22517bf42b58e0eb11987d8fc701357292n/a 
2022-01-12649254_618.xlsmxlsm f54ff4934b65899480f141bfe79a38e43a4b13d642f0c95369f1a3296ba83998n/a Heodo
2022-01-12DWGZK_7444793.xlsmxlsm fcc222b5d2f8836f514b2a7497b7ca56f5b496e08a511e31b0ebd89a97c4edd8n/a 
2022-01-129795_52283.xlsmxlsm 1ceb6ae7bb554145cab1b5890a3f695d20a8d9184c9d5bfd2b7c0dd04d33c03bn/a Heodo
2022-01-12VVKM33371804.xlsmxlsm dfaa9720cb4f937590ea74a1050a9e577415c0160135fbb5718f48f518be6758Virustotal results 9.68% Heodo
2022-01-12GnbSly165439.xlsmxlsm 53d745257e1430ace340b142aa29bd85ff198cdcacb5b0375d4978bb1cfe9a5eVirustotal results 10.00% 
2022-01-129363295986313.xlsmxlsm fd138fc1c11cb3a0c9243e3fda5087708700823b6a770584510cbef7ba1ae88dn/a 
2022-01-12D_17049001.xlsmxlsm ff196870dffbfb68e5fb4ec42c7d57297a1ec288f1b004d7d08dded3ccd1d1b4n/a Heodo
2022-01-12YXKZW9678332.xlsmxlsm 0931df1c8f6f64bb1eed834909d091c56fae86bdef99bc2f0ceb31098b86cf17n/a 
2022-01-12waBLuK-78.xlsmxlsm 2290d005f9baba04f5ee48f1545bb6cbc2db9d5bada9763698233eb8a95c033bn/a 
2022-01-124171_19279.xlsmxlsm 0ce7f819733d08362b743df1f8a94ed0d3abd4469a31fc411ea7e26d3119b02en/a Heodo
2022-01-12090632597.xlsmxlsm 6828ea8aa944ba958a4863701d41c46fbac044a3916242dc9495151fbd977612n/aHeodo
2022-01-1293638399759.xlsmxlsm de017049eca352dd5d9af6c3d715c5f84b0093ff26a1c6d273166e77cd7ab317n/a Heodo
2022-01-12721-404.xlsmxlsm 7d1dc178571039c34f2a0d908107ce3b24f74fe93ca9843928d81ee09ae213ebn/a Heodo
2022-01-128062_3898935.xlsmxlsm 09397d06bd0a367611c90df46568a7a21af0db290fc3ae6235e9c88d66a55ff1Virustotal results 14.29% Heodo
2022-01-12113_3391266.xlsmxlsm 6913af2de9271a92bd9c7c9afe4923a08f237459d7e1e03d171e96fa291e39eeVirustotal results 9.68% Heodo
2022-01-12UDZ_54809856.xlsmxlsm 1432dfaf66fc92262751cc8a85c31df66552687538effa62d8df537136495e1cn/a Heodo
2022-01-12HD_03680.xlsmxlsm f6eb92eefd23279c500288c9ad0001b53d55cb734bc2406315af250547aeeacdn/a Heodo
2022-01-12DJ_18652.xlsmxlsm 43b1fd1045c3f14e9e12685a2fd7074bd2a0d7cf9e47d23af2e2ff8dca2a2f5cn/aHeodo
2022-01-12240881_295.xlsmxlsm 4b2ced5ad04b4256bef5bee0fb95867913b271eabac843923fc16220f924b332Virustotal results 14.29% Heodo
2022-01-12P_512.xlsmxlsm db88756a23fe6c0998ddbf1864efe7e4a28073dca342fa7712775388ac757529Virustotal results 14.29% Heodo
2022-01-1252585864_35.xlsmxlsm 7bd438038cf3ae20c965eda9ebaa1805f9347adef486223ff8d6815a0ec40cddn/a Heodo
2022-01-12825553977_6127990.xlsmxlsm 4bdfc4d2f6481a25fe90516f5ec9235465fb26cb61e9099697c9c99002c9fd3cn/a Heodo
2022-01-12p_045997.xlsmxlsm 1703b3ed61314b55df26556fb39593560397c5da3dd952dba8f721744e14e1afn/a Heodo
2022-01-12TL-003962.xlsmxlsm 95761ae4efbb60ee498b7d56d6c84e48753a21ab59a655f5439b47167baf6ea2Virustotal results 10.17%Heodo
2022-01-126956_7942614.xlsmxlsm 8232bffcdf155d94e02d6bf3de90b25764ddf81e8d0071b283d866debed7e5a3Virustotal results 12.70% Heodo
2022-01-12480WSCA_48169.xlsmxlsm 2ce3ba9fbc27e73ef6a4849627ffb8260515c3fa1ad7f974750da2d43f3a1d82n/a Heodo
2022-01-124108RMUGCP_179471.xlsmxlsm 2d954283067945efe19a87dfbb59f88f2bb4eb034fe285fce5448bf092faa730Virustotal results 12.70% Heodo
2022-01-12WWRQY_609.xlsmxlsm 79d5dd947b7300d32ff8facaa4720be444a2f7af9062654df5693bb426c9f3abVirustotal results 9.84% Heodo