URLhaus Database

You are currently viewing the URLhaus database entry for http://egpp.pl/wp-content/uploads/Z_51/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1970185
URL: http://egpp.pl/wp-content/uploads/Z_51/?i=1
URL Status:Offline
Host: egpp.pl
Date added:2022-01-12 08:41:05 UTC
Last online:2022-01-13 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-12 08:42:12 UTC to abuse{at}tech[dot]ceti[dot]pl)
Takedown time:1 day, 0 hours, 59 minutes Poor (down since 2022-01-13 09:41:18 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-13vgfxkky_5221002.xlsmxlsm ff6fd9c7c63b598cfeaf21e261d13bc4807564dde366b8f407be4d189390f883Virustotal results 10.20% Heodo
2022-01-1368176-3.xlsmxlsm 80f7072eb1b894cec06813c3267356f693ff21d0d1f116d1cf53d5b8035277deVirustotal results 16.13% Heodo
2022-01-135804120ZJJIU-772.xlsmxlsm 14ed7e5b5f7ae5dac4028d9356f587eb66a36a4ca1c5234a87880210b4129f51n/a Heodo
2022-01-1335307-59080376.xlsmxlsm 5ce3974dd9d1a7f17941c4dee3c1c93ae15d1e8baf393fc89239e8f649c0ffa7n/a Heodo
2022-01-1314179323139.xlsmxlsm 8e8824a855908e301cb873fe67e37eb4af99b32f75fb1ea8997af913540ece02Virustotal results 19.35% Heodo
2022-01-13TD_95.xlsmxlsm 5a1d1f29b6a5d54eeba67fdca1334895847a0667577626f5e273e3c9dcb67041n/a Heodo
2022-01-1344558_08010.xlsmxlsm 66aeea59b545894b858733af53ebb1e6ae6ede82ad79a0c5aac0d23e6f2074cfVirustotal results 23.33% Heodo
2022-01-1374830913_7955.xlsmxlsm 8e2712e45fb0cbdc5a565ba4f5582ef6b0d871a0159abaed0fb6c4d519382547n/a Heodo
2022-01-1350_13503408.xlsmxlsm 40c1afd52c86bae8bfb0c51cace1a0eb0e0ba0c12003ff8685f47df8cd3f9348n/a Heodo
2022-01-13511826683_1510535.xlsmxlsm ff782330fa53c402a91c06a1199ccdc467f8470af11fb786ee746df1ab19f594Virustotal results 11.11% Heodo
2022-01-13B_722.xlsmxlsm 32d200a99b9495fe0dfcab75190eb5fcb348e6fa879763d132c924fe25bfc799Virustotal results 17.46% Heodo
2022-01-135923223LFLC7.xlsmxlsm ae8e1d5678b54ef2ddb35fcf1233370916f4e2355f1aeb9066b9f7e12d07bcacVirustotal results 22.95% Heodo
2022-01-13GALB-99.xlsmxlsm a31aca91b05fbf55ff7e2ebb699e532dbd3025bdc3b9f2646fef0f330f6e574aVirustotal results 11.11% Heodo
2022-01-134363179-66834734.xlsmxlsm 64825f1053e2b84f1722fa107fb145a1d75eae2332ad47973a102f015a7a9d33Virustotal results 11.29%Heodo
2022-01-1359049293-4896.xlsmxlsm 69af6706b85f8b7530add4d0277acf97e3f30aa8240e27adf3c97ba52581e86cVirustotal results 10.00% Heodo
2022-01-13084420235_4209.xlsmxlsm 9fbfeb3873dee627be46cf7c10015435d027d718dd42a7842badd45e590f782bn/a Heodo
2022-01-13DFK_6.xlsmxlsm 1918d6d8bf450d7fd3967624c0502daebf5ff795df5bfee51911ecd7c43797a4n/a Heodo
2022-01-13965979-0437.xlsmxlsm ad80a159607095ce60f84198a537f9ed0bc3b5205b2a84a49c8173d53d942e60n/a Heodo
2022-01-13CwSiEA_692.xlsmxlsm bda64d87a6c5a5cd6926f31ff7be5bbe30123e2285e026e4d00028eb2e3221d5n/a Heodo
2022-01-137882642_6145162.xlsmxlsm bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16n/a Heodo
2022-01-13soqTbk_55.xlsmxlsm ed02cf2428790fc05964cbe66c268a67503551249437381125a51401de15e753Virustotal results 14.52%Heodo
2022-01-13wleed929465391.xlsmxlsm 00714061c46c2698b29d0f88c92096cc433a3b26acac70825717dde40e0ff407Virustotal results 8.47% Heodo
2022-01-1390799946-47199494.xlsmxlsm 47171e7e88ede748460af600d64eaf005c1f606df64bca51bcabb9e3a4e872d9Virustotal results 20.00% Heodo
2022-01-13U-3230312.xlsmxlsm e19c4cdeb5c2e9417e8976342dcf2494d337be7e4f6be1f465e9eacf998a6d5dn/aHeodo
2022-01-127619639_3376750.xlsmxlsm 38e984900acb5a6830c8ea2b34c0b1b85c45b32848da185c5bd3e2546ade2311Virustotal results 8.06% Heodo
2022-01-123257207_34.xlsmxlsm 20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6n/aHeodo
2022-01-12bi-66794.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaaVirustotal results 8.47% Heodo
2022-01-1205617504-176.xlsmxlsm 24355720d9e3b12c0bd49ad9b2ade504263a3bc06d95103a3c086a316dc2ecbcn/a Heodo
2022-01-12LH_20159.xlsmxlsm 45a53e72db4a9d55d161277cf30ab36f2bdb6881937d80538c8468630a59b392n/a Heodo
2022-01-12V_20911476.xlsmxlsm 135ace077486200deffc6797336cc464b62f91268eef6e6cee687a8c6d792053n/a Heodo
2022-01-128825_38448.xlsmxlsm 292826fa66737d718d0d23f5842dc88e05c8ba5ade7e51212dded85137631b31n/a Heodo
2022-01-12sjZHvc_991865.xlsmxlsm 3c8b54def22442aaa334cbae48263d897ca2d62d76dc4df4e6efb03849d8c2a7n/aHeodo
2022-01-123014_28555.xlsmxlsm 43456f22a22af4bc49f0c52a891b5993721cd8595dc6f051a1a5ceff1f107621Virustotal results 8.06% Heodo
2022-01-12knh_95803.xlsmxlsm 8f99cab09eb9674d602d903701978b39bbe6bf9eb123a358837b44e4076a5e86n/a Heodo
2022-01-12699392437-324726714.xlsmxlsm ce3a9a1bb876ea9fff89585c65bf9dddfac55d27dfffac6a762087ba73c0412eVirustotal results 17.46% Heodo
2022-01-1272960895.xlsmxlsm 9b6c2d3a2e0010b47a9e3f6a391bb288234c1edad441716ec99b1188a5ae2915n/a Heodo
2022-01-12Sclx4519.xlsmxlsm e51255b61860adae1096b1521ad1fcaaa48b92d4c992c8fb3c449339af2d01dfn/a Heodo
2022-01-12317667RVVFCTSFJ_150.xlsmxlsm f4d388e756c6671857985c8b0a17656c92e1f22da75e28cce94a65f17daf8266Virustotal results 17.46% Heodo
2022-01-12W_10.xlsmxlsm d396dc8d4f96a0295c0f5db969ab4116c03ab365e2c28400807c613656e87cd3n/a Heodo
2022-01-12BYGSA-05.xlsmxlsm d71345f2aba73f7209585626467e21128fb342e43c8a64c475e1c9d8a052527fVirustotal results 17.46% 
2022-01-12LVNLB_718900.xlsmxlsm 4ba298f5eb285e1caf8eec898984ac6cd199b8311648d62aaece404c80edf321Virustotal results 17.46%Heodo
2022-01-126482981_4310.xlsmxlsm 6511bf0cd0a150e9e4530b6b27ec3c9227b0e6ff38eafd6f6045f71ded06bc03Virustotal results 17.46%Heodo
2022-01-1296197258_5502.xlsmxlsm bc346c8af9a4c313ecdce8c2ce4027bb2f3fff1889df84c0f2dd80f38f8be94bn/a Heodo
2022-01-1263673515XCQVCDZME407758620.xlsmxlsm e64991c009715f3cd077bfef9f339f8b58c16ac9d35300e911fce66b692b4f3cn/aHeodo
2022-01-129073184372774618.xlsmxlsm 27d6855c830f8df3fde9a9f56e1cf9c88ad097a4cb45b4983f63e70a7c0517d0n/aHeodo
2022-01-1286448_3.xlsmxlsm ce390c83df0a362de9c0a4704f3a7a22d52e5e536a46f3d64618812f24e7ad27n/a Heodo
2022-01-123728586-407121.xlsmxlsm 79daeb5bf882947dee2541dcc653db008700b0f5b528335398d1ee9d934e3e7aVirustotal results 17.46% Heodo
2022-01-12WZS_47750459.xlsmxlsm 2051d6466a893843330b994b1f7584192cc51ba381b1ccd71b4bdcf79d69a0f4Virustotal results 18.33%Heodo
2022-01-12456_5254.xlsmxlsm 1ac9eded30edbaf2faea6046d10ae01b4198654689f23a87627ad11d3c73e274Virustotal results 17.46%Heodo
2022-01-123867151_34846.xlsmxlsm 0bafd60ddca971a6e30bc4b88c757eb075c063b03d728b237331e60e83e33f63n/aHeodo
2022-01-12L-53684364.xlsmxlsm b73be43b52094fb92e8b8d58def03cd5521d7e3421833ec6d60249a14f7883a3n/a Heodo
2022-01-12I-3966576.xlsmxlsm 9bbfda85a16beeb3a6503af69b10eae50d4237439103733d78aa8e67fba12686Virustotal results 16.13% 
2022-01-12685660780_134006.xlsmxlsm ea3e85162646a07f1e9328a85f012d22517bf42b58e0eb11987d8fc701357292n/a 
2022-01-121704_444.xlsmxlsm f54ff4934b65899480f141bfe79a38e43a4b13d642f0c95369f1a3296ba83998n/a Heodo
2022-01-12949260857_10.xlsmxlsm 24500afc55a2aeda51f02a46650d3ab1b4819cd32182f7cd39048098aee011den/a 
2022-01-128819144.xlsmxlsm 1ceb6ae7bb554145cab1b5890a3f695d20a8d9184c9d5bfd2b7c0dd04d33c03bn/a Heodo
2022-01-126307-49175.xlsmxlsm edd636c8f738b0cf504e216d9ee701b4d5dc59238f23581ce530df5f8b3c1968n/a Heodo
2022-01-1270983317TTFZKXV-968117.xlsmxlsm 8679aa6bfcd5e3177948929f4722ebf6ba365309370d3bd101aef94395d428e4n/a Heodo
2022-01-12zibg-88718395.xlsmxlsm a171fe47aad91856984e779b31770f3e33598e208b8b3a63a510159937d43766n/a Heodo
2022-01-12JBBY_4675.xlsmxlsm 8a6158a2ff4695e06f93b318856526a5ffa730ba8ae4027796d172cf338286e3n/a 
2022-01-1296630564_17.xlsmxlsm 0931df1c8f6f64bb1eed834909d091c56fae86bdef99bc2f0ceb31098b86cf17n/a 
2022-01-1211253262FOCKTMRXV_91.xlsmxlsm c4d0f3ae42ee96525f7c0b08e3e7eab28f6560c351b324b2926d0e74cd8c004cn/a Heodo
2022-01-12GFpd_76.xlsmxlsm 0ce7f819733d08362b743df1f8a94ed0d3abd4469a31fc411ea7e26d3119b02en/a Heodo
2022-01-12zg127.xlsmxlsm be10453a52896b015918544aaf0516c3958756437aebedaa86a451be03c4eaebn/a Heodo
2022-01-12R-860078.xlsmxlsm de017049eca352dd5d9af6c3d715c5f84b0093ff26a1c6d273166e77cd7ab317n/a Heodo
2022-01-128381364-89.xlsmxlsm 50f5a67e3e4adb54941c9094c9f9ec98aeea6c506f89efcaab79405a11d7e5b9n/a Heodo
2022-01-12WZ-51887.xlsmxlsm 09397d06bd0a367611c90df46568a7a21af0db290fc3ae6235e9c88d66a55ff1Virustotal results 14.29% Heodo