URLhaus Database

You are currently viewing the URLhaus database entry for http://onafrica.tech/xh4z1v5/04512194_32/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1972063
URL: http://onafrica.tech/xh4z1v5/04512194_32/?i=1
URL Status:Offline
Host: onafrica.tech
Date added:2022-01-12 22:57:05 UTC
Last online:2022-01-16 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-12 22:58:08 UTC to abuse{at}a2hosting[dot]com)
Takedown time:3 days, 1 hours, 47 minutes Bad (down since 2022-01-16 00:45:13 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-139591-37599598.xlsmxlsm 1217dcbf810cee6fe242d7835078f9e5177ce7d1bb925405d550ea413b08fbb0n/aHeodo
2022-01-13WCIW951.xlsmxlsm ebcf8ce780273a62dfc735a9ca26cab21be68b0ff57bd22a97fcb60537a979ffn/a 
2022-01-1335_987.xlsmxlsm aa13ae55198d07ca88b97900dfc331543971593d694d45a94f290a25b5bf0edfn/a Heodo
2022-01-13931850390897.xlsmxlsm 1f79a3aaba0bcb4a01de9ed8c7ff49c87c419b7af3ba808588e67bb898434b75n/a 
2022-01-13pojsklq_83512.xlsmxlsm 0a3e258bcd978e0bef0ad77f9a203e03f6b939e243ac9d04a3ca9224819a64ccn/a Heodo
2022-01-1355752-490693056.xlsmxlsm 7e897b5f2c8c39557b9f0352db07c0db4238faf52f3b616fdb4cfcb2d0eeca71n/a Heodo
2022-01-13932308436_137.xlsmxlsm 7b6f6a4bbc69ade611b991ec40d097b4b37590aa12be7376228f7a7a3b13220dn/a Heodo
2022-01-13UPPV7211.xlsmxlsm b76e18e3aa77d8a35159a5b34f93940a933d206ef27896c6abca13c2686d24abn/a Heodo
2022-01-130118-10123.xlsmxlsm 3ccc385404055d349d08f8743232053863df38651ccac0bc96a0935598a00c1an/a Heodo
2022-01-13521720KMJPHRWI-147411.xlsmxlsm accddc7c06e08cf3517f7277a5c299c85176cd7821220fcbc6681c3dfba5be01Virustotal results 30.16% Heodo
2022-01-139917964WPBB86015.xlsmxlsm 890e54734498c0cf6c05a9678b66b29e3c38203ea61f83937a017ba7afed9809Virustotal results 31.15% 
2022-01-13819012683_7959279.xlsmxlsm 8186f82da42f9f07b405d280632e62d7632c4b472cbb489761bf400bc9ac2b74n/a Heodo
2022-01-13svonko_1529372.xlsmxlsm 16a16ae0734ca9a2fc30199cc0c63a5839677da947c1d03f30e26802208f0c13n/a 
2022-01-135419-36.xlsmxlsm 43b4a4ded4844dc3840f383b8b10f7c9691f0044e5cf6a24681fdd62927988acn/a 
2022-01-13337917_921.xlsmxlsm 6aba2f1108a54a6e94dddf1fd12bc6f4b8b8a6d083fc5481e8ad35dc9b20b192n/a Heodo
2022-01-13NR-100295.xlsmxlsm c04abc3378a389c7769ed89de8e5d82f4cb311647e4f363641a807fc6a399f39n/a Heodo
2022-01-131195_8.xlsmxlsm 603fc4bf5e141be1b30fb64551545d7f757d7f508891d17256ffc5564f3ccfc8n/a Heodo
2022-01-13TR_448.xlsmxlsm e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320aVirustotal results 29.51% Heodo
2022-01-13MYN-9473768.xlsmxlsm e8da2349f8ec549d999a3e63b1f859f0452b0301aaf4fced70ecbba675b81247n/a 
2022-01-13A_7853416.xlsmxlsm febd9978510715acb1f4bb87d04412fb1e3e6e2720329590b6b146de515d2d85Virustotal results 30.16% 
2022-01-1344569048330177.xlsmxlsm c9d6e67d61769e32b703185a1035e43bbc9c7c053cc1d06594fad3979da3cc9en/a Heodo
2022-01-13WYEH_01672071.xlsmxlsm 41750a936f4e59a899e45972dd3ccf154305807c52bd7e5f5b19344e909f86baVirustotal results 33.33% Heodo
2022-01-13TGRB_88.xlsmxlsm 2d009791d777c752c4fddb6e32e5d123d7ecf80145baef849436bf4879259b8en/a Heodo
2022-01-13wRpJxN-6810675.xlsmxlsm 109868bbf981851bac44548c11bee90f08fd3c83e06c9b9539f568e047f45e0an/a Heodo
2022-01-135992MQXUFTVDFJ-67960236.xlsmxlsm 4624a6c75a73e206d26cf23225ddf8c14c9bd3fac85edc04aebf63a281aa8bd4n/a Heodo
2022-01-13qexRn-673.xlsmxlsm aeb70e41209244bbbb3f870a325ee369ce718361b2caf361f8472ce7b1b7001dn/a Heodo
2022-01-13hTl_6097.xlsmxlsm 8440f26c78450c4b1f022a497363963b84b99da232ca91b5da7f4aad2234bbc1n/a Heodo
2022-01-13ClVnf585059.xlsmxlsm b3a8073712469f70329fad465825f867bd6dcf83420de3004730f91ecc938138n/a Heodo
2022-01-136021435587.xlsmxlsm 125468fda9c224d8a3ccdf92f08037a343c0341a8e64dc2c1182e1d3d4e496a7Virustotal results 26.98% Heodo
2022-01-13DIID_78230830.xlsmxlsm a64b918b227ae002b52f8ca07c1e57fbf11e0f6a0c5a06abbf79e2b209bce48bVirustotal results 22.22% Heodo
2022-01-13RL_89945568.xlsmxlsm 915354db100b6c7c744bede05828fd397ef2ab000bced2ac46e799b5d5a8e9d5n/a Heodo
2022-01-1309212469458868.xlsmxlsm 9e443aedd2833d67bb9b858bd14abc6a235186f865e05497ac39ab8cd0185156n/a Heodo
2022-01-131425065MUQPQWMUHV_3.xlsmxlsm 726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162n/a Heodo
2022-01-1322950-06942.xlsmxlsm 6a8fc7cb880a404032161e81d67152873581b6614b238faebd731fb7fbd8cb92n/a Heodo
2022-01-1359622814_477.xlsmxlsm e87856edf8567e6e432ef09f0cc575e581c36b5df71a16c71658a5fb980a3d86Virustotal results 23.81% Heodo
2022-01-139669756_4956148.xlsmxlsm 1d8482afdb97aba866fc26b21eaa9f92f46ea841566bb0588150aecd4347cd45n/a Heodo
2022-01-13175933116_8555812.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305n/a Heodo
2022-01-13D_3536.xlsmxlsm 2cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4n/a Heodo
2022-01-13461OVXCM-610.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefn/a Heodo
2022-01-13569973-02469001.xlsmxlsm c062d769449f6c74f82252e4215d23c83a360d97a7ed1b75001ba3250df330e7n/a Heodo
2022-01-137578AGJL_10181.xlsmxlsm 113636402be711e8a8e0e2fc59491b969fc825e8352ebbc316418ea6f30a4befVirustotal results 12.70% Heodo
2022-01-13612138OVFGTVOH_0075422.xlsmxlsm 152d0b25ca2f0f4066edf77906c112fe4e6d49c17f6fc35a039686276ad7686dn/a Heodo
2022-01-13063503069_4.xlsmxlsm 259272a5032f537239c61ba1c8b5bdd26e8e6c4f1ec9b54ee52eaeeac5f5690cn/a Heodo
2022-01-1370980856-343.xlsmxlsm 7cc308d2b68ad53627ac036acadc7456d8c9456f551d6cd4137fa2eaa3bf439en/a Heodo
2022-01-13930170_1172253.xlsmxlsm 90d0f5a1133f995ef6280f0b82b5de6d04f94f727ee5842a0a36f6e4a0b4460cn/a Heodo
2022-01-135960985-46.xlsmxlsm c14e76a48aa71dbc135baf60cb71367b03353dfd7e1e256ec9158c9ab9566677n/a Heodo
2022-01-1316010-7.xlsmxlsm 4c39dc4744a0993917117b044891085adf8c6f0be913b189984e1b1ceea358f1n/a Heodo
2022-01-13Yqqny_22651267.xlsmxlsm ae8e1d5678b54ef2ddb35fcf1233370916f4e2355f1aeb9066b9f7e12d07bcacn/a Heodo
2022-01-13A_278183.xlsmxlsm 7307f52f4602fafb7f46175f916f3008b1ad82ef146a8b59bceea6e2b060a2f0n/a Heodo
2022-01-137069241795519.xlsmxlsm b37d95d32bc52906936476afa82ab71a8713be20d6c0bf4353f890f9c34e116fn/a Heodo
2022-01-130620376_82984.xlsmxlsm d9d0e65da97a353a9cc189af41082ae0bf1dff0acb39bb620a34ddb0c642ac79n/aHeodo
2022-01-13ZDTMI_34567.xlsmxlsm 69af6706b85f8b7530add4d0277acf97e3f30aa8240e27adf3c97ba52581e86cVirustotal results 10.00% Heodo
2022-01-13YOVJ67546822.xlsmxlsm 4e334f1e7d8c85ec0ef565959898a1ddbe225377df8590e806143832bc768320n/a Heodo
2022-01-1307724244_7497465.xlsmxlsm b98bb81e71273e575642ed7f7099c846ad35017b883a860554a891c23ab9595an/a Heodo
2022-01-1312-4704757.xlsmxlsm bda64d87a6c5a5cd6926f31ff7be5bbe30123e2285e026e4d00028eb2e3221d5n/a Heodo
2022-01-13lFnKmA_436963.xlsmxlsm bfc5772205c81262f1c0e3bd7742f6aa7d2f41e03cbdd43729f2376a9b96ea16Virustotal results 8.06% Heodo
2022-01-13934285166229198.xlsmxlsm e479adbf5f0acc27094c482523f9ae3ad97b43f50f4df328d126ab9e98f0bbf0n/a Heodo
2022-01-13V-7.xlsmxlsm 07efdf65fbb6c43bdc3ac46453701f3d1bb0f284bad5865fb4f4cf54c127708en/a Heodo
2022-01-13UL-86.xlsmxlsm 18c55721fbff7b023ffab344abd151b7627bcdac0645f7074a1ad6b311828779Virustotal results 8.62%Heodo
2022-01-13p_25820076.xlsmxlsm ae3ac0659210f9f66b73bb14858d53a215ed91ef3c5b812c671fd4e824ee150an/aHeodo
2022-01-1307471PRMJP05956031.xlsmxlsm 38e984900acb5a6830c8ea2b34c0b1b85c45b32848da185c5bd3e2546ade2311Virustotal results 8.06% Heodo
2022-01-12GFU_1982.xlsmxlsm 2ece719378f63a328fbf4fcb4a059dea6cbb9a7d2be5481ec168f1e681fc7c56Virustotal results 8.06% Heodo
2022-01-12Xue29723.xlsmxlsm e62d334e565115ed95712c266991de6e26054d57b5c019a4ef2c0382377c93f9n/a Heodo
2022-01-12502_3646.xlsmxlsm 2b7d52fdf5cf60cf008016216c752a2fc6d74308772073a7157f9cd29cfd0d1en/a