URLhaus Database

You are currently viewing the URLhaus database entry for http://blog.mazda.co.il/a/U-189/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1972461
URL: http://blog.mazda.co.il/a/U-189/?i=1
URL Status:Offline
Host: blog.mazda.co.il
Date added:2022-01-13 02:34:04 UTC
Last online:2022-03-01 20:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-13 02:35:10 UTC to abuse{at}xglobe[dot]com)
Takedown time:1 month, 17 days, 17 hours, 45 minutes Bad (down since 2022-03-01 20:21:09 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-14FOKBW_36418.xlsmxlsm 07182ae5f4de5bc294feeecdd94ad0a6e8fe552c92f4b80bacd7e87b90d848bcn/a Heodo
2022-01-14E14.xlsmxlsm d8eb28ba7038dd673602a96e242b10c5af8ea2f296fe49eb1b36bf837fbeef06n/a Heodo
2022-01-14VTQV-124471.xlsmxlsm c2ab14bf957655123abdaeec4efe8202b1e6038c324c3492e2b610175334ff58Virustotal results 25.81% Heodo
2022-01-147899555_52.xlsmxlsm 51440e8cba24fd67d0740d594ff569772cf56558655a79bd316271567c702d7en/a 
2022-01-14VPOTL029948.xlsmxlsm 5766f9389fd5614c2813569aec65e79c52d1ef751cbeceeaac953ed5a80c2af6n/a Heodo
2022-01-14413419_74480.xlsmxlsm 6de1b20d93771763cb7ad66c40ee46a585ce85885919aad6e3b2a4fd9e342e08n/a Heodo
2022-01-14168985-00968816.xlsmxlsm 675e9b8ca552efccc34ac7a2f9fff8ef872d7a5cf5790aca00d33baebff47a87Virustotal results 24.19% 
2022-01-14222118915.xlsmxlsm 212776ac19bae91f65534fa3995bc54aaea2fa402380cb3d9aefb4cfb6a1a302n/a 
2022-01-13413_6617.xlsmxlsm da82f1d4fefd343481585cf68b60330590b552ab3e3ad3acaf639732166f17a6n/a Heodo
2022-01-1320763_58.xlsmxlsm b23d03b69fe38e5455c97081efdb773b4a1d55c44279acd32686a04ab1e70aaeVirustotal results 22.95% 
2022-01-1315094_33.xlsmxlsm 29154824706d6615c15ccf36a9cb16c3a3348916dcd95844df4301f1a16e1187n/aHeodo
2022-01-139472204-43.xlsmxlsm 792a7b8e75aa51f90c66ee711faf429dfe3220b038cc3725ee935083fcb60e0fVirustotal results 22.95% Heodo
2022-01-13FEAIL-4273.xlsmxlsm cfcf60f2a598ac8e1abc547928fb7b32fa3b58afb00c098f3b6b34b77d0ffbb9Virustotal results 21.67% Heodo
2022-01-13085980440-28260.xlsmxlsm 9f47ddb444c9cffedc84c7eaf7c80d10b990146564954a6134a910733bc0a38dVirustotal results 22.58% Heodo
2022-01-13O7519178.xlsmxlsm 0a3e258bcd978e0bef0ad77f9a203e03f6b939e243ac9d04a3ca9224819a64ccn/a Heodo
2022-01-136499_2655.xlsmxlsm f1ec4f871b40968083790f9f1e19eaf6c17301f20743055e00b6382b3d5b2f55n/a Heodo
2022-01-13GJX_425793.xlsmxlsm 48c3c2d26bd19b1dc2eb3c36a851b00ef5cd2db217ae6bd0d89cc11c8a1a8513Virustotal results 27.59% 
2022-01-13LNJCI_19160.xlsmxlsm bdaea2c03177079e3874c6f5d9df40bd1d98dc7adf2f25e7226e35852c2a633bVirustotal results 31.75% 
2022-01-133366_26561.xlsmxlsm 5f078012b57ca56c92cb000baabb72b809c64fac6e70911c9175074c54839087Virustotal results 33.33% Heodo
2022-01-13PTVV_62625.xlsmxlsm accddc7c06e08cf3517f7277a5c299c85176cd7821220fcbc6681c3dfba5be01Virustotal results 30.16% Heodo
2022-01-13272407148198.xlsmxlsm a58fa75e6f2b26544b017856c6e1c56cb39d7769f3854c1cebdebdc0bcdbee9eVirustotal results 30.65% Heodo
2022-01-13mcqhl_8752.xlsmxlsm a139884d68aacbe19a1b68501de5392ef5ba05cc3eb5a5b2ed0c347db44af4caVirustotal results 30.16% 
2022-01-138847-9911935.xlsmxlsm 67db098ffc37f7ee91efe9d171ee286e1f72b744f50dce8d4e83309ba5f21593Virustotal results 30.16% Heodo
2022-01-1305373936_3503.xlsmxlsm d652c467b10eb9cec0d36d73accbe00a2d4704678683e8ab611e8de487e34cf2n/a 
2022-01-13A_836071.xlsmxlsm dee5ec66769ff7c294f4e80dd10d6d284a306774dcd6f62308d0f7052c6b87b1n/a 
2022-01-13RLP_50.xlsmxlsm da2a461e20d4c87bd5324dad79a728e4223d6b8b70ec892fce58fdec3ca86af6Virustotal results 30.16% Heodo
2022-01-13quq_6200354.xlsmxlsm 3fc26c9fd1f5685b0dbd0bf5f56d85f5ae94056eb3a8ab041389b3f2948cf3f0n/a Heodo
2022-01-13LBCM0666219.xlsmxlsm 304e17c2ef41373d5b2ded923de19336a227658abf49881fe446df0cfcfac00bVirustotal results 30.65% 
2022-01-13WKHRN_28674.xlsmxlsm eda2e0f86dc8a29ae0f9c8b2e7a0905b0f57b9195b807e87f72e8595c31d9b64n/a 
2022-01-13LE_31915.xlsmxlsm 8608639c6c3e1751110c5b4fc5078577eaecbefd2cd33819947c1d16b81ebe8fn/a Heodo
2022-01-13iojaB8625137.xlsmxlsm 32f785274c5192e0d3a7ccf56461fafb892a3a510d7199479c521142ae6ddb46n/a Heodo
2022-01-1307112427-591978.xlsmxlsm 8d8c71ccb4edeb5921ad5707da3ba344381ae7a4ec1bfeeced87110809975cc4n/a Heodo
2022-01-13103622605038181.xlsmxlsm 41750a936f4e59a899e45972dd3ccf154305807c52bd7e5f5b19344e909f86ban/a Heodo
2022-01-13YS_7139410.xlsmxlsm 2d009791d777c752c4fddb6e32e5d123d7ecf80145baef849436bf4879259b8en/a Heodo
2022-01-13QR-113.xlsmxlsm 109868bbf981851bac44548c11bee90f08fd3c83e06c9b9539f568e047f45e0an/a Heodo
2022-01-13224_14349.xlsmxlsm b8f140e8a83cdb10b7816fd789deccef6d4373e8441fa40618b48484359041b5n/a Heodo
2022-01-13wa_9273.xlsmxlsm 399fd8ce9218a6b24bbf3c9e307934df9b2954d45119371365be1360c88ec6f5Virustotal results 25.40% Heodo
2022-01-13061.xlsmxlsm e867e8691b17fd95fce36eb933b1c36744f45513e44d931d07bf95229e47bef1n/a Heodo
2022-01-13XNTZ17949.xlsmxlsm 6acfbc04a4d8ee5bed51c551d533b4b99936760fdf3f6db32d1216130c89700cn/a Heodo
2022-01-13KOLOR4620.xlsmxlsm 1837567c1c4771488aaff8602f2c98711463d9afd7dbe2a3ab3413e37e30f610Virustotal results 28.57% Heodo
2022-01-13085823945.xlsmxlsm cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46cn/a 
2022-01-13WTFH80.xlsmxlsm 07fddbd97e1846aa7ef2fae79ea0d177a89210725b1a66a8b52bb066cc36bb1en/a Heodo
2022-01-13PO80770.xlsmxlsm 726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162n/a Heodo
2022-01-132262GARNO-013482.xlsmxlsm d47dc5f481df3ec15f19e8625c29b0beaf33c401b23191b818c9ecf885e3c8dcn/a Heodo
2022-01-1360378697_223342.xlsmxlsm 2b8b0ca757e3eccb527d9ce11a9a8815f5a9ce3c6d2ed5a8711d4c109e88bd71Virustotal results 22.22% Heodo
2022-01-13491-684226316.xlsmxlsm ca6662f6a52a16a294b7d873a1f4b60f6ed054cb1cbaf3207081f30380c573e2n/a Heodo
2022-01-13716379292655673.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305n/a Heodo
2022-01-1324644_158.xlsmxlsm 2cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4n/a Heodo
2022-01-13776188_27369582.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefn/a Heodo
2022-01-13467-80486565.xlsmxlsm 22ed1803ea7fa2aa21adb614d88627eaf141fb5663bac536d56f3db835dd0811n/a Heodo
2022-01-13XUTLZ_90126.xlsmxlsm 4dc514dc9290b966a14aadaab3d4c168419ed606a81d0a1262318d8b305cfc8dVirustotal results 17.46% Heodo
2022-01-1312338384367533628.xlsmxlsm 6169a4500b717ca5de60b77b01c2c1ddf5dbe18bafd0af142248d5066eef19ecn/a Heodo
2022-01-132533004_1369165.xlsmxlsm 49ec26f8a352003e43a32615495ae4554e0bb8485ef889e7ba57cf869f026c4cVirustotal results 20.97% Heodo
2022-01-13RNM_5783.xlsmxlsm 967d8e1ecaddadf97ad824647e734535d41e1996b725dd594a03a043d3795b1fn/a Heodo
2022-01-13MMC_52115991.xlsmxlsm 20d7c4f7e882c414b403403773c244fa421744c48bb9e52a2f9236825be9a76fVirustotal results 11.11% Heodo
2022-01-1375004IMLQIZGS181270.xlsmxlsm 9eb7d16794f6e4e2e701458af298b2b16c91a04dd45361cc306f32bc5fd25491n/a Heodo
2022-01-1320798TRJUCSL7.xlsmxlsm d96dba578ec6bbb043e6ef20f9f43779bd471f5329b9ba5416a0a4785564ebd6n/a Heodo
2022-01-13Y_326495324.xlsmxlsm 37bb74fcd5b1ff6bbd323163e21277b3ed80d124cc4d727f4ec64d1048a2c85en/a Heodo
2022-01-130346599.xlsmxlsm ae8e1d5678b54ef2ddb35fcf1233370916f4e2355f1aeb9066b9f7e12d07bcacn/a Heodo
2022-01-13019390_895620785.xlsmxlsm cffc89330574a0b7d5096c64bff0483e4dbc38d09be06dd3fd4cafca0a4e99edVirustotal results 23.33% Heodo
2022-01-1387261516-469561769.xlsmxlsm 876844b7e19d8b57429b07b92fd1092f3847f3e2521cb00e52b9a418fab8b6a1n/a Heodo
2022-01-1301730_6443.xlsmxlsm d9d0e65da97a353a9cc189af41082ae0bf1dff0acb39bb620a34ddb0c642ac79n/aHeodo
2022-01-13970467993-730089.xlsmxlsm 5e9b0c9265b7d3fc1ff598bf2c6da327b90d200944fc0462f1079231b5403185n/a Heodo
2022-01-1374437775_703.xlsmxlsm bdba8de0c76cdcb58edc0f3d1f6b6f7550c2d8e471440b6838923b5341d61131n/a Heodo
2022-01-1390_682.xlsmxlsm 6fe7b78ea9db6e96209e494f360de1bd7916f994b0f7aaca76264f486fde5d95Virustotal results 8.33% Heodo