URLhaus Database

You are currently viewing the URLhaus database entry for http://avionxpress.com/lp/PZH-96/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1971331
URL: http://avionxpress.com/lp/PZH-96/?i=1
URL Status:Offline
Host: avionxpress.com
Date added:2022-01-12 17:32:06 UTC
Last online:2022-02-04 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-12 17:33:09 UTC to abuse{at}bluehost[dot]com)
Takedown time:23 days, 3 hours, 56 minutes Bad (down since 2022-02-04 21:29:25 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-13onozcl146.xlsmxlsm 6aba2f1108a54a6e94dddf1fd12bc6f4b8b8a6d083fc5481e8ad35dc9b20b192Virustotal results 35.00% Heodo
2022-01-1336944845437.xlsmxlsm 3fc26c9fd1f5685b0dbd0bf5f56d85f5ae94056eb3a8ab041389b3f2948cf3f0n/a Heodo
2022-01-133701828_6300855.xlsmxlsm 304e17c2ef41373d5b2ded923de19336a227658abf49881fe446df0cfcfac00bVirustotal results 30.65% 
2022-01-134011461245.xlsmxlsm f2c2b34b3d0b8b5e85cfecf0bb20d225e589c18841538e9283f91302bb27bde3n/a Heodo
2022-01-13ZAR_9.xlsmxlsm e8da2349f8ec549d999a3e63b1f859f0452b0301aaf4fced70ecbba675b81247n/a 
2022-01-135330315_819.xlsmxlsm febd9978510715acb1f4bb87d04412fb1e3e6e2720329590b6b146de515d2d85Virustotal results 31.75% 
2022-01-13162UYQQKQJE-002180.xlsmxlsm a9abb67d0afc58fc0b4d513805fbecde775e743e7d7922f1ec54e65e148dde5en/a Heodo
2022-01-13CVQ02.xlsmxlsm 97a28f39e64f29aa43aaaea8797e145ccc300757164905ee08775c079f7f68acn/a Heodo
2022-01-13607_71470987.xlsmxlsm cdf48801236d3cb83016605b603ad23fb52e6ac7de954595cea95034967f09adn/a Heodo
2022-01-13ZYQ_04.xlsmxlsm 26b70659f75983434e092f76f7a14aed02f68ecd203b7a90cd1ed6ca1ef8bbd4n/a Heodo
2022-01-13GOW_80.xlsmxlsm 650bbdbc87791034d76982f257174ba4504b95273cc4b6f2abaa4e361cb190e7Virustotal results 30.16% Heodo
2022-01-13VptG_174.xlsmxlsm 55ee677a0de78a959c32a5c45880efdbf9747c594250e254ebd00ee916c67a0dn/a Heodo
2022-01-13RMQ8.xlsmxlsm 772971a6b4223ed654648f6e79e34133c55e788e60337e0ac7c29b53592adf17n/a Heodo
2022-01-1307066513_62988826.xlsmxlsm ec54edb8fa77d810e6deba4e6105fe4fa06c193915fbe03ddad082f3e24da369n/a Heodo
2022-01-131921GHOIU_1559.xlsmxlsm d35125cbfb93cba7e424f3ad372bbfbbe9945f51fa513495beb5d7bc76351430n/a Heodo
2022-01-13CEMDE_30072302.xlsmxlsm 48d8ba8e0832a4ee318f4fb4653345ed1d8e48e2bd90b55648e18d541e534d92n/a Heodo
2022-01-135369319_2.xlsmxlsm 0c23040b2cdf922d16cfc8d568d6a8fae67ea86e7de5268d0aad58d9a592946eVirustotal results 25.40% Heodo
2022-01-134025869_864.xlsmxlsm 13f975538e7e72ac755218c6a35604d36e0278e74fed8e2270476b89268a7f2cVirustotal results 23.33% Heodo
2022-01-1397592339_9359.xlsmxlsm 9e443aedd2833d67bb9b858bd14abc6a235186f865e05497ac39ab8cd0185156n/a Heodo
2022-01-13876089-68408717.xlsmxlsm d47dc5f481df3ec15f19e8625c29b0beaf33c401b23191b818c9ecf885e3c8dcn/a Heodo
2022-01-1316632992054180.xlsmxlsm 2b8b0ca757e3eccb527d9ce11a9a8815f5a9ce3c6d2ed5a8711d4c109e88bd71Virustotal results 22.22% Heodo
2022-01-1330086_1717.xlsmxlsm f745757e79c9411ab969a3e2ab5ccff444e4542b87681828c091f595826410b5n/a Heodo
2022-01-13YJTEL_54141146.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305Virustotal results 22.22% Heodo
2022-01-13eiz_9447999.xlsmxlsm c841d1d5ae704ec93026da23d3f2b9e5f00d5a229a91117df6188db2e444e87dn/a 
2022-01-130989791-89.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefVirustotal results 15.87% Heodo
2022-01-136102-00425.xlsmxlsm 1080082d0eec3c4e3583b6e259b0863c746d211af8a8b6b645b21059e60f1119n/a Heodo
2022-01-13nXpLVx479.xlsmxlsm 8eb596f88bc2ba3ba62a765c607202109fa122dfb49673b6f34fdbcc921b34een/a Heodo
2022-01-13QM-151901.xlsmxlsm 8e8824a855908e301cb873fe67e37eb4af99b32f75fb1ea8997af913540ece02Virustotal results 17.46% Heodo
2022-01-13901WKNS_2743.xlsmxlsm 5a1d1f29b6a5d54eeba67fdca1334895847a0667577626f5e273e3c9dcb67041n/a Heodo
2022-01-13016715358_2.xlsmxlsm ae8e1d5678b54ef2ddb35fcf1233370916f4e2355f1aeb9066b9f7e12d07bcacVirustotal results 22.95% Heodo
2022-01-13421608206224453.xlsmxlsm cffc89330574a0b7d5096c64bff0483e4dbc38d09be06dd3fd4cafca0a4e99edVirustotal results 23.33% Heodo
2022-01-13318981_51.xlsmxlsm 869b3e37539d37f91353d70a91951ea1da88ee298ed6992b06315984bfb23247n/a Heodo
2022-01-13T_3.xlsmxlsm 69af6706b85f8b7530add4d0277acf97e3f30aa8240e27adf3c97ba52581e86cVirustotal results 10.00% Heodo
2022-01-13575567410697006.xlsmxlsm 0f3edf4e46a263ca74e1089aaebc8b85db3e80677f8f4606e5f9a09fecec3903n/a Heodo
2022-01-13CFBP_6568.xlsmxlsm 4e334f1e7d8c85ec0ef565959898a1ddbe225377df8590e806143832bc768320n/a Heodo
2022-01-1352088095934.xlsmxlsm ad80a159607095ce60f84198a537f9ed0bc3b5205b2a84a49c8173d53d942e60Virustotal results 12.50% Heodo
2022-01-13qlvsw40.xlsmxlsm 1d9de75895fb5076dfa112538287f13f40512cff9fdea541f4481c5e0d64137bn/a Heodo
2022-01-1310118480194.xlsmxlsm bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16Virustotal results 8.06% Heodo
2022-01-13095STZI784663.xlsmxlsm e479adbf5f0acc27094c482523f9ae3ad97b43f50f4df328d126ab9e98f0bbf0n/a Heodo
2022-01-138421_1674.xlsmxlsm 07efdf65fbb6c43bdc3ac46453701f3d1bb0f284bad5865fb4f4cf54c127708en/a Heodo
2022-01-13601216113777.xlsmxlsm 18c55721fbff7b023ffab344abd151b7627bcdac0645f7074a1ad6b311828779n/aHeodo
2022-01-13my6221153.xlsmxlsm e19c4cdeb5c2e9417e8976342dcf2494d337be7e4f6be1f465e9eacf998a6d5dn/aHeodo
2022-01-13SEIKF_315001421.xlsmxlsm 1463c17a7f06236bf5e8cf4ce7964cc17b2eabaedf00822387824b45f83021b5n/aHeodo
2022-01-12518888239_3889.xlsmxlsm 20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6n/aHeodo
2022-01-1227-0058615.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaaVirustotal results 8.47% Heodo
2022-01-12398_75673.xlsmxlsm 60610dee4927e907b5a6a4ac49f8c921fa8af7005b2e8deb2b26ffcc1cac6322n/aHeodo
2022-01-129804_529462.xlsmxlsm 9f0a7342511328df49b73e718bb20dd3db1437cb3d115548f9d6a0cfda3af0d3Virustotal results 19.67% Heodo
2022-01-12656753077_3.xlsmxlsm 586f3fcc8654a5be1b03a87a7ed56d234e5edc6a98977d78163fb83a8ef299cdVirustotal results 20.34% Heodo
2022-01-12zq_53806.xlsmxlsm 9220fc47e54d3b04029eb989ec18b7cd46278893300c6ec1e8ae5d12209bc396Virustotal results 13.11% Heodo
2022-01-12no_482851.xlsmxlsm af2883e71c1c33d15944d4bdd9bfe7f027a2f50299f203642ecdc906cedf3b2en/aHeodo
2022-01-123344737069206152.xlsmxlsm 9dee7ff2bd3004489efc095782412235b35f95c28c23696b3a4512b8780ffbean/a Heodo
2022-01-12184926995_58686.xlsmxlsm d46253bb266476f81af4c47a2ff0ae04f13ce9834bc2a63a810f79d2c5773f63Virustotal results 17.46% 
2022-01-129076421235981.xlsmxlsm 2788eb80c7259a61607cac6a4c3e4b606cec2fc2a5a24c44bda07ae17251c103n/a Heodo
2022-01-1269744_556.xlsmxlsm a97e6687df80aa71cf6f4453f1c59e67544177a5ccfec939c00e863a9487be54n/a 
2022-01-129478_89770691.xlsmxlsm bd2352395cde676c9869f03b4752f5aea4a08805a0337c0f8aa5c33022c9e490n/a Heodo
2022-01-122928RNJR_82744267.xlsmxlsm 90688cc903fcce78914f9868e62c3ef96e9c3f96fb6628767039fea0132aacfbVirustotal results 17.46% Heodo
2022-01-12uJEpw-06476070.xlsmxlsm 383d6a730a28d0d9206c191bae830c3084f5980bd4a45be32b5f9cd0cfd8e9ecn/a Heodo
2022-01-129826063_5.xlsmxlsm 7a42c12bcce014e382336c9ed46aa93e6f6c6573b7fec7e5d3ef6dedf721383aVirustotal results 17.46%Heodo
2022-01-12RB27761.xlsmxlsm 751860b0793aa0128ca038bf61fd55eef8d6c91e9c6fd876ec3492ba27f03e8eVirustotal results 17.46% Heodo
2022-01-12hUvJ_54664659.xlsmxlsm 306c0ade7aec03b53887263f4de92b9b0c8ab0a469f9b195b0cc172121258e86n/a Heodo
2022-01-12kwyvdti_27040.xlsmxlsm e50661ba08aa07cfba84e441bd7fc43ecb4f94e1a3469605981285745c07b857Virustotal results 17.46%Heodo
2022-01-1213656-9662675.xlsmxlsm 8e8348093645d1a6a11195a85467887d6f06ad0e5b1f5971fe2edd002912e775n/a Heodo