URLhaus Database

You are currently viewing the URLhaus database entry for http://blowerindian.com/-/Z_915781209/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1971385
URL: http://blowerindian.com/-/Z_915781209/?i=1
URL Status:Offline
Host: blowerindian.com
Date added:2022-01-12 18:01:04 UTC
Last online:2022-01-21 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-12 18:02:07 UTC to abuse{at}contabo[dot]de)
Takedown time:8 days, 13 hours, 27 minutes Bad (down since 2022-01-21 07:29:20 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-13S8828045.xlsmxlsm 2cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4n/a Heodo
2022-01-1323060_98362863.xlsmxlsm c841d1d5ae704ec93026da23d3f2b9e5f00d5a229a91117df6188db2e444e87dn/a 
2022-01-1355_892435.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefn/a Heodo
2022-01-137172_3.xlsmxlsm 7fc994decafbc81cd090c28c1de605c93e2ae18f645faac2d1f6680b85ef7c13Virustotal results 14.29% Heodo
2022-01-132514_26136992.xlsmxlsm 4dc514dc9290b966a14aadaab3d4c168419ed606a81d0a1262318d8b305cfc8dn/a Heodo
2022-01-1317881371_093007.xlsmxlsm 113636402be711e8a8e0e2fc59491b969fc825e8352ebbc316418ea6f30a4befVirustotal results 12.70% Heodo
2022-01-1332612800_844971117.xlsmxlsm e7f4bf895ad6d1231979ba107852d5a46e77c65a8cc86cea2b458306c3a2c318n/a Heodo
2022-01-13JFO-15.xlsmxlsm 66aeea59b545894b858733af53ebb1e6ae6ede82ad79a0c5aac0d23e6f2074cfVirustotal results 23.33% Heodo
2022-01-13XHW-766.xlsmxlsm 20d7c4f7e882c414b403403773c244fa421744c48bb9e52a2f9236825be9a76fVirustotal results 11.11% Heodo
2022-01-13928503_51.xlsmxlsm 9eb7d16794f6e4e2e701458af298b2b16c91a04dd45361cc306f32bc5fd25491n/a Heodo
2022-01-13gTGL-18912.xlsmxlsm c14e76a48aa71dbc135baf60cb71367b03353dfd7e1e256ec9158c9ab9566677n/a Heodo
2022-01-13501135-68.xlsmxlsm 4c39dc4744a0993917117b044891085adf8c6f0be913b189984e1b1ceea358f1n/a Heodo
2022-01-13k_900257.xlsmxlsm 89136b644b6aa4c447540dd585039676d3308c0a434bc3f72322a45bc35df7acVirustotal results 11.29%Heodo
2022-01-135376333724.xlsmxlsm a31aca91b05fbf55ff7e2ebb699e532dbd3025bdc3b9f2646fef0f330f6e574aVirustotal results 11.11% Heodo
2022-01-13GFEG79219.xlsmxlsm 869b3e37539d37f91353d70a91951ea1da88ee298ed6992b06315984bfb23247n/a Heodo
2022-01-1377050-933080.xlsmxlsm d1a30b9b19b21d52e0d3bb831b52aa3a875a3cb9df1c021a57bb9766228ce3den/a Heodo
2022-01-13qbs_36278885.xlsmxlsm 0f3edf4e46a263ca74e1089aaebc8b85db3e80677f8f4606e5f9a09fecec3903n/a Heodo
2022-01-13SPF-26995913.xlsmxlsm e5443ba12fbad5317a3453443db7196c10c1819f92872377cb8b61212aa56804n/a Heodo
2022-01-13QJW_79814.xlsmxlsm b98bb81e71273e575642ed7f7099c846ad35017b883a860554a891c23ab9595an/a Heodo
2022-01-136597584538954.xlsmxlsm bda64d87a6c5a5cd6926f31ff7be5bbe30123e2285e026e4d00028eb2e3221d5n/a Heodo
2022-01-13ff_6.xlsmxlsm 18b6cbb0d07ff485318c932b7c8704153e563545e4741e5dfa42229519287263n/a Heodo
2022-01-1371342759_807.xlsmxlsm e479adbf5f0acc27094c482523f9ae3ad97b43f50f4df328d126ab9e98f0bbf0n/a Heodo
2022-01-138063543NUQZ-062.xlsmxlsm ac8219f7bf6ba3f72506c84bee52caf739e9bfce0d43c4ccf69a0ad7480fcfc1Virustotal results 17.74%Heodo
2022-01-13496235253-922.xlsmxlsm 47171e7e88ede748460af600d64eaf005c1f606df64bca51bcabb9e3a4e872d9n/a Heodo
2022-01-13MSS_990.xlsmxlsm ae3ac0659210f9f66b73bb14858d53a215ed91ef3c5b812c671fd4e824ee150aVirustotal results 8.06%Heodo
2022-01-13SO_90.xlsmxlsm 1463c17a7f06236bf5e8cf4ce7964cc17b2eabaedf00822387824b45f83021b5Virustotal results 14.52%Heodo
2022-01-12009DHLKPN2539621.xlsmxlsm 20039ff121b47e5026b29877b299b76e47f3c7f766b9010a04e148a19823dbb6Virustotal results 20.00%Heodo
2022-01-1278655810_8.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaan/a Heodo
2022-01-12SXA8959476.xlsmxlsm 24355720d9e3b12c0bd49ad9b2ade504263a3bc06d95103a3c086a316dc2ecbcn/a Heodo
2022-01-12ILY_97.xlsmxlsm 9f0a7342511328df49b73e718bb20dd3db1437cb3d115548f9d6a0cfda3af0d3Virustotal results 19.67% Heodo
2022-01-12NCYVE-3603.xlsmxlsm 9220fc47e54d3b04029eb989ec18b7cd46278893300c6ec1e8ae5d12209bc396Virustotal results 13.11% Heodo
2022-01-12pR_95.xlsmxlsm 33a1ebf304cd7ad73ed93ceddaf39faca80625dfa1da2ea8ced042479157e15dn/a 
2022-01-123771NEZNMHP96.xlsmxlsm 9dee7ff2bd3004489efc095782412235b35f95c28c23696b3a4512b8780ffbean/a Heodo
2022-01-127079131-8061821.xlsmxlsm 8f99cab09eb9674d602d903701978b39bbe6bf9eb123a358837b44e4076a5e86Virustotal results 17.46% Heodo
2022-01-12VGSWL392011.xlsmxlsm 2788eb80c7259a61607cac6a4c3e4b606cec2fc2a5a24c44bda07ae17251c103n/a Heodo
2022-01-12233120494_006936.xlsmxlsm a97e6687df80aa71cf6f4453f1c59e67544177a5ccfec939c00e863a9487be54n/a 
2022-01-12BHV_589.xlsmxlsm 30890f213f71b2008ae8b074bb35412d67375613a462a88aa7e4593151188e3bn/a Heodo
2022-01-1285244953_129.xlsmxlsm 383d6a730a28d0d9206c191bae830c3084f5980bd4a45be32b5f9cd0cfd8e9ecn/a Heodo
2022-01-12WVFW_054108.xlsmxlsm 7a42c12bcce014e382336c9ed46aa93e6f6c6573b7fec7e5d3ef6dedf721383aVirustotal results 17.74%Heodo
2022-01-12pbbnbiy_9183.xlsmxlsm 751860b0793aa0128ca038bf61fd55eef8d6c91e9c6fd876ec3492ba27f03e8eVirustotal results 17.46% Heodo
2022-01-12156141-721.xlsmxlsm 306c0ade7aec03b53887263f4de92b9b0c8ab0a469f9b195b0cc172121258e86n/a Heodo
2022-01-12pp-19.xlsmxlsm ec7e9f374064916c2f383b32a38c7256c25ca569de1bfb91234c074d0ef8c1e1n/a Heodo