URLhaus Database

You are currently viewing the URLhaus database entry for http://www.glendbank.com/wp-admin/0660433/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1970690
URL: http://www.glendbank.com/wp-admin/0660433/?i=1
URL Status:Offline
Host: www.glendbank.com
Date added:2022-01-12 12:44:03 UTC
Last online:2022-01-24 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Status unknown
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-12 12:45:09 UTC to abuse{at}24shells[dot]net)
Takedown time:11 days, 22 hours, 12 minutes Bad (down since 2022-01-24 10:57:59 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-13OKU-96272.xlsmxlsm e8f7635b18c4c4839e484cff628d95af7c590344a8639630639c5cc6e0afae6dVirustotal results 28.57% Heodo
2022-01-13500415-635240.xlsmxlsm d35125cbfb93cba7e424f3ad372bbfbbe9945f51fa513495beb5d7bc76351430n/a Heodo
2022-01-13gsckdid-2.xlsmxlsm 2428a6248b7bcc60abaa1acbbe53598eb6787bca46c66775fe9e34257c73c01fn/a Heodo
2022-01-13326_481698.xlsmxlsm 77bd81aadc128be82b209eb045f35a0807d48641e3899af7143672f7a76a46c6n/a Heodo
2022-01-13323145-634735773.xlsmxlsm 9be7257858cb4a52549d8339ff573f9a1a8e1aaf43bfa52506caf9ae6993252an/a Heodo
2022-01-139727VUCZYAAKE_43141.xlsmxlsm bbfb17586e236c40aa79fe1b9301fb2b7c24bad1eb90f255a77b96d228bd030en/a Heodo
2022-01-13777425410.xlsmxlsm 2b8b0ca757e3eccb527d9ce11a9a8815f5a9ce3c6d2ed5a8711d4c109e88bd71Virustotal results 22.22% Heodo
2022-01-13008_8276.xlsmxlsm ca6662f6a52a16a294b7d873a1f4b60f6ed054cb1cbaf3207081f30380c573e2n/a Heodo
2022-01-139536921774.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305n/a Heodo
2022-01-13206088.xlsmxlsm c841d1d5ae704ec93026da23d3f2b9e5f00d5a229a91117df6188db2e444e87dn/a 
2022-01-13L_09671.xlsmxlsm ff6fd9c7c63b598cfeaf21e261d13bc4807564dde366b8f407be4d189390f883n/a Heodo
2022-01-1306724-684423.xlsmxlsm 1080082d0eec3c4e3583b6e259b0863c746d211af8a8b6b645b21059e60f1119Virustotal results 14.52% Heodo
2022-01-13561_4.xlsmxlsm 27142990970a1968021bca00b4005ef206e3a553179b2e717e82ebfe8a8af1b9Virustotal results 22.95% Heodo
2022-01-13H_00693.xlsmxlsm 8e8824a855908e301cb873fe67e37eb4af99b32f75fb1ea8997af913540ece02Virustotal results 19.35% Heodo
2022-01-13WH115459.xlsmxlsm 259272a5032f537239c61ba1c8b5bdd26e8e6c4f1ec9b54ee52eaeeac5f5690cVirustotal results 11.11% Heodo
2022-01-13693892943-06877.xlsmxlsm 967d8e1ecaddadf97ad824647e734535d41e1996b725dd594a03a043d3795b1fn/a Heodo
2022-01-1367293587_476976.xlsmxlsm 20d7c4f7e882c414b403403773c244fa421744c48bb9e52a2f9236825be9a76fVirustotal results 11.11% Heodo
2022-01-13790690195_46.xlsmxlsm d96dba578ec6bbb043e6ef20f9f43779bd471f5329b9ba5416a0a4785564ebd6Virustotal results 20.63% Heodo
2022-01-1374042179327.xlsmxlsm c14e76a48aa71dbc135baf60cb71367b03353dfd7e1e256ec9158c9ab9566677n/a Heodo
2022-01-13s-19047797.xlsmxlsm 32d200a99b9495fe0dfcab75190eb5fcb348e6fa879763d132c924fe25bfc799n/a Heodo
2022-01-1360379649.xlsmxlsm cffc89330574a0b7d5096c64bff0483e4dbc38d09be06dd3fd4cafca0a4e99edVirustotal results 23.33% Heodo
2022-01-13vbmnl_4076940.xlsmxlsm 869b3e37539d37f91353d70a91951ea1da88ee298ed6992b06315984bfb23247n/a Heodo
2022-01-136805808_6287640.xlsmxlsm d9d0e65da97a353a9cc189af41082ae0bf1dff0acb39bb620a34ddb0c642ac79n/aHeodo
2022-01-135725-156184.xlsmxlsm e5443ba12fbad5317a3453443db7196c10c1819f92872377cb8b61212aa56804n/a Heodo
2022-01-13xmtd5.xlsmxlsm ee49f3ff07ef559fa5be77fbc12091b27970f3ea8dc8b8aa46bab089adb8213eVirustotal results 12.90% Heodo
2022-01-13503193_28.xlsmxlsm ad80a159607095ce60f84198a537f9ed0bc3b5205b2a84a49c8173d53d942e60Virustotal results 12.50% Heodo
2022-01-13jfhvj_324.xlsmxlsm 1d9de75895fb5076dfa112538287f13f40512cff9fdea541f4481c5e0d64137bn/a Heodo
2022-01-13O_81402.xlsmxlsm bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16Virustotal results 8.06% Heodo
2022-01-13000_4193131.xlsmxlsm e479adbf5f0acc27094c482523f9ae3ad97b43f50f4df328d126ab9e98f0bbf0n/a Heodo
2022-01-13sEL_6.xlsmxlsm 07efdf65fbb6c43bdc3ac46453701f3d1bb0f284bad5865fb4f4cf54c127708eVirustotal results 20.69% Heodo
2022-01-13UVC_48292775.xlsmxlsm 18c55721fbff7b023ffab344abd151b7627bcdac0645f7074a1ad6b311828779Virustotal results 8.62%Heodo
2022-01-13HBV46.xlsmxlsm ae3ac0659210f9f66b73bb14858d53a215ed91ef3c5b812c671fd4e824ee150an/aHeodo
2022-01-13TNF-761854.xlsmxlsm 1463c17a7f06236bf5e8cf4ce7964cc17b2eabaedf00822387824b45f83021b5Virustotal results 14.52%Heodo
2022-01-12393998_240.xlsmxlsm 20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6Virustotal results 20.00%Heodo
2022-01-12XPK-170884.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaaVirustotal results 8.47% Heodo
2022-01-12555-336.xlsmxlsm 24355720d9e3b12c0bd49ad9b2ade504263a3bc06d95103a3c086a316dc2ecbcn/a Heodo
2022-01-12H-24271858.xlsmxlsm 45a53e72db4a9d55d161277cf30ab36f2bdb6881937d80538c8468630a59b392n/a Heodo
2022-01-12MGJB599352726.xlsmxlsm 292826fa66737d718d0d23f5842dc88e05c8ba5ade7e51212dded85137631b31n/a Heodo
2022-01-12BLA_879563132.xlsmxlsm 33c82b63397536a8a585f5d1987fe791d2f3c7f7a59c28e18d261d95cf574da5n/a Heodo
2022-01-12673664132149.xlsmxlsm a42f26a92b5577ba3b49e955cd4d80d61ce39343f2cac4a17868774d87f08499n/a Heodo
2022-01-1236219-080528.xlsmxlsm 64d99b928974aebaf398137d54b64011c61752365aea111625000865835581e8n/a Heodo
2022-01-122261541785818303.xlsmxlsm ce3a9a1bb876ea9fff89585c65bf9dddfac55d27dfffac6a762087ba73c0412eVirustotal results 17.46% Heodo
2022-01-12SHB-70694.xlsmxlsm e7b03810c084cc91f8463fb84d4b8979db88914b82a7808716e013f7b6b03eb6Virustotal results 17.46% Heodo
2022-01-128621286-440649.xlsmxlsm e51255b61860adae1096b1521ad1fcaaa48b92d4c992c8fb3c449339af2d01dfVirustotal results 17.46% Heodo
2022-01-12SHA52311.xlsmxlsm a1d6ccc8d4baeb930c4466081955434ffc07b1ad4105058d4b3cafefe0d50098Virustotal results 17.46% 
2022-01-124470_64.xlsmxlsm d2081a087e12bbda13228bf6473570e76d0776157f719f7814f825018db9ea7cn/a Heodo
2022-01-12038162_38277629.xlsmxlsm d396dc8d4f96a0295c0f5db969ab4116c03ab365e2c28400807c613656e87cd3n/a Heodo
2022-01-12522169HNXVF_2983645.xlsmxlsm e39304e5761525a2038957233d6586c769837ac3c5a02b742e2fba6fb84b061bn/aHeodo
2022-01-12l-557396.xlsmxlsm 4ba298f5eb285e1caf8eec898984ac6cd199b8311648d62aaece404c80edf321n/aHeodo
2022-01-12U_4122.xlsmxlsm 6511bf0cd0a150e9e4530b6b27ec3c9227b0e6ff38eafd6f6045f71ded06bc03Virustotal results 17.46%Heodo
2022-01-12WX304118957.xlsmxlsm bc346c8af9a4c313ecdce8c2ce4027bb2f3fff1889df84c0f2dd80f38f8be94bn/a Heodo
2022-01-1206320_7697.xlsmxlsm 27d6855c830f8df3fde9a9f56e1cf9c88ad097a4cb45b4983f63e70a7c0517d0Virustotal results 13.79%Heodo
2022-01-12Z9945.xlsmxlsm aa0e7e06ef6a8326e0d55630872406ec5a56ab4677760157c5b8cf9c7bc49623n/aHeodo
2022-01-124711575688473.xlsmxlsm cc9a3186ed59f67e245a6076b2f2bd30650692259e6665b4c3a46aa9d044f814n/aHeodo
2022-01-12231717.xlsmxlsm 79daeb5bf882947dee2541dcc653db008700b0f5b528335398d1ee9d934e3e7aVirustotal results 17.46% Heodo
2022-01-125605_1088740.xlsmxlsm 2051d6466a893843330b994b1f7584192cc51ba381b1ccd71b4bdcf79d69a0f4Virustotal results 18.33%Heodo
2022-01-1228DUXFYMD_6596.xlsmxlsm 1ac9eded30edbaf2faea6046d10ae01b4198654689f23a87627ad11d3c73e274Virustotal results 17.46%Heodo
2022-01-1266-6379.xlsmxlsm 0bafd60ddca971a6e30bc4b88c757eb075c063b03d728b237331e60e83e33f63n/aHeodo
2022-01-1240304-88.xlsmxlsm ecda95e13eaad051279976a5ff4bf109941d61714b646abed4582c7754b4b961n/aHeodo
2022-01-12RYEL594631.xlsmxlsm 5b8c11198dceda8da8407fe0e68a5a0053b213f03e157317f0e9961f818fb5e7n/a Heodo
2022-01-12I-765.xlsmxlsm 7dcd68024365fd30579b4707f0a9ad5f12f539cda108142174ea46efcf32f7f9n/a Heodo
2022-01-12423984_3257.xlsmxlsm feb79a563fb0b9180b8575e4cadda7ef1cb87b85ab987a569113cc27b1feee34Virustotal results 11.29% Heodo
2022-01-12I98353727.xlsmxlsm c9c2bdbfd9418db13bdf5b96a5d8003f7b924235629db4766ad743a09f30163bn/aHeodo
2022-01-1262446668.xlsmxlsm 92713b457c90861b16201ffa88fe2c16b77c58265d9a4c249d683fe899fe4af1n/aHeodo