URLhaus Database

You are currently viewing the URLhaus database entry for https://onebet.co.ug/wp-content/518LDXLN_60/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1969873
URL: https://onebet.co.ug/wp-content/518LDXLN_60/?i=1
URL Status:Offline
Host: onebet.co.ug
Date added:2022-01-12 06:31:04 UTC
Last online:2022-08-11 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-12 06:35:13 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:7 months, 0 days, 21 hours, 17 minutes Bad (down since 2022-08-11 03:53:10 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-13TTVRV-1979.xlsmxlsm 20d7c4f7e882c414b403403773c244fa421744c48bb9e52a2f9236825be9a76fVirustotal results 11.11% Heodo
2022-01-13PZKHG25425.xlsmxlsm b21c8209187fabc29beb0082c15b206ca7431f5c87847ec024fbae1a21610754n/a Heodo
2022-01-1368776013270722.xlsmxlsm c427140caf4de026c76d57b6919da908e661af50d4d9eee6cfad4efeb43e8474n/a Heodo
2022-01-13149326-3216953.xlsmxlsm b9948cc15aa42c45912625e30cf2848246b8f2f422c1299da11a3e571d04eb15n/a Heodo
2022-01-13H_328635.xlsmxlsm 3deb21067a76a4b1b267171930dedae955ee721808204088af17f2d7078f40d9n/a Heodo
2022-01-135647670_040196910.xlsmxlsm cffc89330574a0b7d5096c64bff0483e4dbc38d09be06dd3fd4cafca0a4e99edVirustotal results 23.33% Heodo
2022-01-135151908716.xlsmxlsm 64825f1053e2b84f1722fa107fb145a1d75eae2332ad47973a102f015a7a9d33Virustotal results 11.29%Heodo
2022-01-13662585664_1386.xlsmxlsm d9d0e65da97a353a9cc189af41082ae0bf1dff0acb39bb620a34ddb0c642ac79n/aHeodo
2022-01-135755-61288.xlsmxlsm 5e9b0c9265b7d3fc1ff598bf2c6da327b90d200944fc0462f1079231b5403185n/a Heodo
2022-01-133020194-814.xlsmxlsm bdba8de0c76cdcb58edc0f3d1f6b6f7550c2d8e471440b6838923b5341d61131n/a Heodo
2022-01-134433373180.xlsmxlsm 7d631c017cb37c772f9ec3a267d89dc26eb44eaf38e4fc579d90bf739878c8f2n/a Heodo
2022-01-136705923370296.xlsmxlsm 77b929dfce041b862e6fe6daa586b69aea089e256179169a1d68bd55b6925ec7n/a Heodo
2022-01-13HGG-12061.xlsmxlsm 56024c0d7c62463d3f34deb9d683dd9430b3486aecff8119188916e9b7800ab9Virustotal results 8.06% Heodo
2022-01-13NUS_84746.xlsmxlsm 4d6bc8f7df3ef7c6c77fd6ed3aa6049ebf8de53e8cc28bd075c2a64df63687acn/aHeodo
2022-01-13PJDG_6.xlsmxlsm 07efdf65fbb6c43bdc3ac46453701f3d1bb0f284bad5865fb4f4cf54c127708eVirustotal results 20.69% Heodo
2022-01-13143806-81247764.xlsmxlsm 47171e7e88ede748460af600d64eaf005c1f606df64bca51bcabb9e3a4e872d9Virustotal results 20.00% Heodo
2022-01-13CW-904.xlsmxlsm e19c4cdeb5c2e9417e8976342dcf2494d337be7e4f6be1f465e9eacf998a6d5dn/aHeodo
2022-01-13824337591902.xlsmxlsm 1463c17a7f06236bf5e8cf4ce7964cc17b2eabaedf00822387824b45f83021b5n/aHeodo
2022-01-12WK2121098.xlsmxlsm 2ece719378f63a328fbf4fcb4a059dea6cbb9a7d2be5481ec168f1e681fc7c56Virustotal results 8.06% Heodo
2022-01-12YEYZR-010.xlsmxlsm 60610dee4927e907b5a6a4ac49f8c921fa8af7005b2e8deb2b26ffcc1cac6322Virustotal results 16.67%Heodo
2022-01-1225789FMYDF435552152.xlsmxlsm 2b7d52fdf5cf60cf008016216c752a2fc6d74308772073a7157f9cd29cfd0d1eVirustotal results 14.52% 
2022-01-12920795_66964.xlsmxlsm 9f0a7342511328df49b73e718bb20dd3db1437cb3d115548f9d6a0cfda3af0d3Virustotal results 19.67% Heodo
2022-01-127889CSOWOF_237001.xlsmxlsm 135ace077486200deffc6797336cc464b62f91268eef6e6cee687a8c6d792053Virustotal results 8.06% Heodo
2022-01-1287392_6427856.xlsmxlsm 292826fa66737d718d0d23f5842dc88e05c8ba5ade7e51212dded85137631b31n/a Heodo
2022-01-12XI58595.xlsmxlsm 33c82b63397536a8a585f5d1987fe791d2f3c7f7a59c28e18d261d95cf574da5n/a Heodo
2022-01-12260741.xlsmxlsm 94e647e716236a47da9833f6f96af2d79266610de675e984b8d1fa92c6b66d12n/a Heodo
2022-01-12Gvq_449168.xlsmxlsm 8f99cab09eb9674d602d903701978b39bbe6bf9eb123a358837b44e4076a5e86Virustotal results 17.46% Heodo
2022-01-12A82478412.xlsmxlsm 1bda0395914226e0e8595d97bf7970dbd6f029b30d8abf2d887cec6ed7084cf8Virustotal results 18.03% Heodo
2022-01-12POD_99505485.xlsmxlsm 9b6c2d3a2e0010b47a9e3f6a391bb288234c1edad441716ec99b1188a5ae2915n/a Heodo
2022-01-121433251.xlsmxlsm e51255b61860adae1096b1521ad1fcaaa48b92d4c992c8fb3c449339af2d01dfn/a Heodo
2022-01-12696380807_8181923.xlsmxlsm a1d6ccc8d4baeb930c4466081955434ffc07b1ad4105058d4b3cafefe0d50098Virustotal results 17.46% 
2022-01-12641106156_21961.xlsmxlsm d2081a087e12bbda13228bf6473570e76d0776157f719f7814f825018db9ea7cn/a Heodo
2022-01-1204222727-37674719.xlsmxlsm d396dc8d4f96a0295c0f5db969ab4116c03ab365e2c28400807c613656e87cd3Virustotal results 18.03% Heodo
2022-01-12OY_17.xlsmxlsm e39304e5761525a2038957233d6586c769837ac3c5a02b742e2fba6fb84b061bn/aHeodo
2022-01-12365190847170121249.xlsmxlsm ac1a9c4299618d4a3024d88f644e7ff3813627c6b91a5be1b6ea64c037ec7c99Virustotal results 17.46%Heodo
2022-01-1240564801_37.xlsmxlsm d0976d7cff6c14e5e16cde79aaa1d61b3ac4d1bbdb2fa04543064548bb9a4016n/aHeodo
2022-01-12208610_51729.xlsmxlsm bc346c8af9a4c313ecdce8c2ce4027bb2f3fff1889df84c0f2dd80f38f8be94bn/a Heodo
2022-01-1242064_21437987.xlsmxlsm 27d6855c830f8df3fde9a9f56e1cf9c88ad097a4cb45b4983f63e70a7c0517d0Virustotal results 13.79%Heodo
2022-01-1269355_60239641.xlsmxlsm aa0e7e06ef6a8326e0d55630872406ec5a56ab4677760157c5b8cf9c7bc49623n/aHeodo
2022-01-1267334596_3.xlsmxlsm ce390c83df0a362de9c0a4704f3a7a22d52e5e536a46f3d64618812f24e7ad27n/a Heodo
2022-01-1258064-61.xlsmxlsm 79daeb5bf882947dee2541dcc653db008700b0f5b528335398d1ee9d934e3e7aVirustotal results 17.46% Heodo
2022-01-12qVA-40394.xlsmxlsm 2051d6466a893843330b994b1f7584192cc51ba381b1ccd71b4bdcf79d69a0f4Virustotal results 18.33%Heodo
2022-01-12205519-08284824.xlsmxlsm 367f7d4194c28142b7c89380146a570ff8af5377d25eb6b38c683c298be08ad3n/a Heodo
2022-01-12HJ-782.xlsmxlsm 1ac9eded30edbaf2faea6046d10ae01b4198654689f23a87627ad11d3c73e274Virustotal results 17.46%Heodo
2022-01-12ZGyv541380.xlsmxlsm 37716efca84be104afed69676c133a7710e46c5242ba0f4b97e008b8c46da7d0n/aHeodo
2022-01-12JL_0.xlsmxlsm d849653d17e3c01ffc362dfb72f24d8fad6889bd89db870a79684f63f6eae6b6n/a Heodo
2022-01-1201257891UKACOT_04907557.xlsmxlsm 7dcd68024365fd30579b4707f0a9ad5f12f539cda108142174ea46efcf32f7f9Virustotal results 14.04% Heodo
2022-01-12322089WWHUCANXP_70886388.xlsmxlsm feb79a563fb0b9180b8575e4cadda7ef1cb87b85ab987a569113cc27b1feee34Virustotal results 11.29% Heodo
2022-01-1246808_1966874.xlsmxlsm c9c2bdbfd9418db13bdf5b96a5d8003f7b924235629db4766ad743a09f30163bn/aHeodo
2022-01-12WPUKD24.xlsmxlsm 92713b457c90861b16201ffa88fe2c16b77c58265d9a4c249d683fe899fe4af1n/aHeodo
2022-01-1201111217136.xlsmxlsm 99704dcf815cd49262652add049aa8b90b0549e6c769adce9de208f71bf5d7cdVirustotal results 16.39% Heodo
2022-01-12354879319352707.xlsmxlsm 53d745257e1430ace340b142aa29bd85ff198cdcacb5b0375d4978bb1cfe9a5eVirustotal results 10.00% 
2022-01-12FIU_97321.xlsmxlsm fd138fc1c11cb3a0c9243e3fda5087708700823b6a770584510cbef7ba1ae88dVirustotal results 14.52% 
2022-01-128831_0223541.xlsmxlsm d2bcf2bda4b017286f8f68c4a613bc34f230670d136e5140fce43194dda7c86en/a Heodo
2022-01-1286KUXWGZH-3574656.xlsmxlsm 3e7066da17af7c130e2a5ca11a470f3061cda5bf089c34ed3831dd8cec6bee96n/a Heodo
2022-01-1262865402-00.xlsmxlsm 2290d005f9baba04f5ee48f1545bb6cbc2db9d5bada9763698233eb8a95c033bn/a 
2022-01-12DU_2320.xlsmxlsm 009fcd5e4bdcdcbc640380482ae293b7becc5dc522eab10e0bc3ccb143ff2331n/aHeodo
2022-01-12747_09961082.xlsmxlsm f3c5183187bec6e03d69db279fdacf6ef6da9f243b263c82fff3a206ae4879a3n/a Heodo
2022-01-12399299_2756034.xlsmxlsm 3ef2b8a6070172d50448713db5b705ec1884d4b5e67e984d8a84d1a1329ebaebVirustotal results 14.29% Heodo
2022-01-1254SIRXVGYNN_61.xlsmxlsm 0e561cf1d0141ee1c6cf188bcee782fd4b201bc0313fcf12a1175a457387d1bcn/a Heodo
2022-01-12AHx-792.xlsmxlsm 7a51acd202737a1d65c2e42f2924cb9a20e996383b579a3dc49148e4d62600e3n/a Heodo
2022-01-12ECFHB-438.xlsmxlsm ca3b70bb575b63fa0d338b50c754cc20f08794e00eba276722d96e3d00b5a2c1Virustotal results 14.29% Heodo
2022-01-12qw424.xlsmxlsm e9350858ca006841536198bc6409c198a77861e0b9eaca0ff32d00a35c500dd4n/a Heodo
2022-01-12krguayq_844984.xlsmxlsm f6eb92eefd23279c500288c9ad0001b53d55cb734bc2406315af250547aeeacdn/a Heodo
2022-01-127375_41069197.xlsmxlsm 43b1fd1045c3f14e9e12685a2fd7074bd2a0d7cf9e47d23af2e2ff8dca2a2f5cVirustotal results 14.29%Heodo
2022-01-1266-15.xlsmxlsm 415300c2f414cfc61f306f8c226629e2d51fe419eaf5e59ceb84a612c0b935f8n/a Heodo
2022-01-123807347-14.xlsmxlsm c7361097a3fd04904faaab145a9e15e79e0a3f772aa9f0e374e8ecb7e2bca145Virustotal results 15.52% Heodo