URLhaus Database

You are currently viewing the URLhaus database entry for http://project4.monster-online.com/wzjmkm/42471635/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1972025
URL: http://project4.monster-online.com/wzjmkm/42471635/?i=1
URL Status:Offline
Host: project4.monster-online.com
Date added:2022-01-12 22:42:04 UTC
Last online:2022-01-18 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-12 22:43:10 UTC to abuse{at}savvii[dot]com)
Takedown time:5 days, 21 hours, 35 minutes Bad (down since 2022-01-18 20:18:53 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1337800390_40422.xlsmxlsm b92219911245e208dd5089a02ad54181c2646a905a59ef38fa3919bb0cda98a6n/a 
2022-01-1341316239_33800.xlsmxlsm 39b981154bd3a541546bf640b85b6db0a61dc37faa825ec9661473c85ac14f86n/a Heodo
2022-01-133711-1.xlsmxlsm 5beaacf0c6bee900893f52cff69c41a062fc684f58bf402487329402424c14b6n/a Heodo
2022-01-13868766_097.xlsmxlsm 0a3e258bcd978e0bef0ad77f9a203e03f6b939e243ac9d04a3ca9224819a64ccn/a Heodo
2022-01-1302134_864453.xlsmxlsm f1ec4f871b40968083790f9f1e19eaf6c17301f20743055e00b6382b3d5b2f55n/a Heodo
2022-01-13WS8935487.xlsmxlsm d3f516bf5c2e7ae269d225a0226777b8156bdbdc6133ea3c8e50a7e278f6832fn/a Heodo
2022-01-1370668877-908.xlsmxlsm f14c0298ea8bd8240e28f7545ea5b20e1e1000d41dbbf6037b7243b11fbcf159Virustotal results 28.57% 
2022-01-13wwaZg_17272580.xlsmxlsm 30a24f31a5ad5ce7d7ef2452f76f767be97dda2bac031dbbaa744ec0ba5993f7n/a Heodo
2022-01-139093579433.xlsmxlsm ddb30413f8a343f144e02f8b9e71d206b6c407b0e1cb5715c8965f6f9a6a122bn/a Heodo
2022-01-133045084285023.xlsmxlsm 890e54734498c0cf6c05a9678b66b29e3c38203ea61f83937a017ba7afed9809Virustotal results 31.15% 
2022-01-13179885.xlsmxlsm 8186f82da42f9f07b405d280632e62d7632c4b472cbb489761bf400bc9ac2b74n/a Heodo
2022-01-13973896_0.xlsmxlsm b4fb2c694f76e85c361b9c285f67b7a5a15074919db0b9eb2d55521390eedbc3n/a 
2022-01-1351843218-93.xlsmxlsm 43b4a4ded4844dc3840f383b8b10f7c9691f0044e5cf6a24681fdd62927988acn/a 
2022-01-136559564_1.xlsmxlsm e2053410b37647f1f7e190f99174fbe37bf5833edbc9801319f4443e1478eb7cn/a Heodo
2022-01-13013354165672.xlsmxlsm dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6n/a Heodo
2022-01-134091-3133847.xlsmxlsm 3e8ac5b89fdb8697813438a75aec6df15ad029e5c499a023f5bc7a209ff1b13bVirustotal results 31.15%Heodo
2022-01-13ZSNGK02892.xlsmxlsm 78dd5816d66701839612b5caf64d4337e45d516e52b5f177345f5019ce4aa907Virustotal results 31.15% Heodo
2022-01-13814444475138.xlsmxlsm e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320aVirustotal results 29.51% Heodo
2022-01-13GCAZI569366923.xlsmxlsm 4f9ce5c9c9dd88a6a01a3df3299e0aa43da3bad195036c22b141f28769708334n/a 
2022-01-13NCDNI425935.xlsmxlsm 265c8b63388f52b84bdd6028db6923447f7b027234bf5ff1f6da0bdca209b859n/a Heodo
2022-01-13LbBbBX_01.xlsmxlsm f1d5904d51c4f979acbd63d484b167b8cfe3b6476c70a47a80f22399c27253b6n/a Heodo
2022-01-139194_80.xlsmxlsm 63a3411c7f8a3feb0ac1d8c77cecfe948bd539c3566c5b1bafe0866b2f9b0747n/a Heodo
2022-01-13A-0655671.xlsmxlsm 6452605acbfd7439e825e954124dd53046c5f148daad80558e64ccf1887a2ccfn/a 
2022-01-13471_8845.xlsmxlsm b19bc21f8451f79c07538d17976a4e7881e2046722f28008cf12c70034478b8en/a Heodo
2022-01-13196479695_13.xlsmxlsm df5ad9633a767fe4cd01656bd094a53ce1ee7e2ba409eeb7852cc36bc8adcb58n/a Heodo
2022-01-13MX-59601.xlsmxlsm 772971a6b4223ed654648f6e79e34133c55e788e60337e0ac7c29b53592adf17n/a Heodo
2022-01-132718_9854.xlsmxlsm e8f7635b18c4c4839e484cff628d95af7c590344a8639630639c5cc6e0afae6dn/a Heodo
2022-01-1386965208-20.xlsmxlsm d35125cbfb93cba7e424f3ad372bbfbbe9945f51fa513495beb5d7bc76351430n/a Heodo
2022-01-135071015-074296160.xlsmxlsm 48d8ba8e0832a4ee318f4fb4653345ed1d8e48e2bd90b55648e18d541e534d92n/a Heodo
2022-01-13162531_884.xlsmxlsm a64b918b227ae002b52f8ca07c1e57fbf11e0f6a0c5a06abbf79e2b209bce48bVirustotal results 22.22% Heodo
2022-01-13qcz08340060.xlsmxlsm 07fddbd97e1846aa7ef2fae79ea0d177a89210725b1a66a8b52bb066cc36bb1en/a Heodo
2022-01-1355071_935.xlsmxlsm a501953c57d8bd92bf6c5402615466f3860e4820a2e9078e3739544172ad93e6n/a Heodo
2022-01-135359195_2053.xlsmxlsm d47dc5f481df3ec15f19e8625c29b0beaf33c401b23191b818c9ecf885e3c8dcn/a Heodo
2022-01-13FQ7779521.xlsmxlsm f745757e79c9411ab969a3e2ab5ccff444e4542b87681828c091f595826410b5n/a Heodo
2022-01-13599244972549650.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305n/a Heodo
2022-01-13II_28529447.xlsmxlsm c841d1d5ae704ec93026da23d3f2b9e5f00d5a229a91117df6188db2e444e87dn/a 
2022-01-13kcXn-748.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefn/a Heodo
2022-01-13DBK57384.xlsmxlsm 22ed1803ea7fa2aa21adb614d88627eaf141fb5663bac536d56f3db835dd0811n/a Heodo
2022-01-13JX_474306.xlsmxlsm 4dc514dc9290b966a14aadaab3d4c168419ed606a81d0a1262318d8b305cfc8dn/a Heodo
2022-01-133295453585422.xlsmxlsm 8e8824a855908e301cb873fe67e37eb4af99b32f75fb1ea8997af913540ece02n/a Heodo
2022-01-13xtuvwr_79122.xlsmxlsm 152d0b25ca2f0f4066edf77906c112fe4e6d49c17f6fc35a039686276ad7686dn/a Heodo
2022-01-13BDM_15.xlsmxlsm 967d8e1ecaddadf97ad824647e734535d41e1996b725dd594a03a043d3795b1fn/a Heodo
2022-01-13410_0285801.xlsmxlsm 8e2712e45fb0cbdc5a565ba4f5582ef6b0d871a0159abaed0fb6c4d519382547n/a Heodo
2022-01-1383075081SURRFYV_89615.xlsmxlsm 9eb7d16794f6e4e2e701458af298b2b16c91a04dd45361cc306f32bc5fd25491n/a Heodo
2022-01-13QKC488.xlsmxlsm c14e76a48aa71dbc135baf60cb71367b03353dfd7e1e256ec9158c9ab9566677n/a Heodo
2022-01-136412255_390305.xlsmxlsm 32d200a99b9495fe0dfcab75190eb5fcb348e6fa879763d132c924fe25bfc799Virustotal results 17.46% Heodo
2022-01-13Y426388.xlsmxlsm 89136b644b6aa4c447540dd585039676d3308c0a434bc3f72322a45bc35df7acVirustotal results 11.29%Heodo
2022-01-13X_67874.xlsmxlsm a31aca91b05fbf55ff7e2ebb699e532dbd3025bdc3b9f2646fef0f330f6e574aVirustotal results 11.11% Heodo
2022-01-1318183434_52.xlsmxlsm 869b3e37539d37f91353d70a91951ea1da88ee298ed6992b06315984bfb23247n/a Heodo
2022-01-13A-22.xlsmxlsm 69af6706b85f8b7530add4d0277acf97e3f30aa8240e27adf3c97ba52581e86cVirustotal results 10.00% Heodo
2022-01-131126_262581.xlsmxlsm 0f3edf4e46a263ca74e1089aaebc8b85db3e80677f8f4606e5f9a09fecec3903Virustotal results 20.00% Heodo
2022-01-1351244720860847.xlsmxlsm e5443ba12fbad5317a3453443db7196c10c1819f92872377cb8b61212aa56804n/a Heodo
2022-01-131718-170.xlsmxlsm ad80a159607095ce60f84198a537f9ed0bc3b5205b2a84a49c8173d53d942e60n/a Heodo
2022-01-13640_42006345.xlsmxlsm 1d9de75895fb5076dfa112538287f13f40512cff9fdea541f4481c5e0d64137bn/a Heodo
2022-01-1351031569-871208.xlsmxlsm bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16Virustotal results 8.06% Heodo
2022-01-13178_71.xlsmxlsm ed02cf2428790fc05964cbe66c268a67503551249437381125a51401de15e753n/aHeodo
2022-01-13KY_57140047.xlsmxlsm ac8219f7bf6ba3f72506c84bee52caf739e9bfce0d43c4ccf69a0ad7480fcfc1n/aHeodo
2022-01-13IVOYK_85777.xlsmxlsm 18c55721fbff7b023ffab344abd151b7627bcdac0645f7074a1ad6b311828779n/aHeodo
2022-01-13yauwefb_6886.xlsmxlsm 3e5b64b52565c051b6190475c55beaa31d91d75f0f4f4a853fa774d098aa30f3n/a Heodo
2022-01-13355-1558193.xlsmxlsm 38e984900acb5a6830c8ea2b34c0b1b85c45b32848da185c5bd3e2546ade2311Virustotal results 8.06% Heodo
2022-01-12L-5188752.xlsmxlsm 2ece719378f63a328fbf4fcb4a059dea6cbb9a7d2be5481ec168f1e681fc7c56Virustotal results 8.06% Heodo
2022-01-127230121-2.xlsmxlsm c2ddab3e04d60aef6cc2b227982e2701eeb4fb51f6a76c1f3047dffe536fccaaVirustotal results 8.47% Heodo
2022-01-129718WNHEQKFR76620487.xlsmxlsm 24355720d9e3b12c0bd49ad9b2ade504263a3bc06d95103a3c086a316dc2ecbcn/a Heodo
2022-01-1233_560.xlsmxlsm 9f0a7342511328df49b73e718bb20dd3db1437cb3d115548f9d6a0cfda3af0d3Virustotal results 19.67% Heodo