URLhaus Database

You are currently viewing the URLhaus database entry for http://mtc.joburg.org.za/-/9153684_12245/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1972715
URL: http://mtc.joburg.org.za/-/9153684_12245/?i=1
URL Status:Offline
Host: mtc.joburg.org.za
Date added:2022-01-13 04:27:10 UTC
Last online:2022-02-07 12:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Blocked
DNS4EU :Not blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-13 04:28:23 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:25 days, 8 hours, 24 minutes Bad (down since 2022-02-07 12:52:30 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1486186655_7484287.xlsmxlsm 9fc43645a59ffc54409d20d58c7198ee61f8ab3a982a0928bf62523b1c61a575Virustotal results 26.98%Heodo
2022-01-14rowaw-0041330.xlsmxlsm 38aa8bb59cfaed48d361e496e1682f677a3f58223fbe1a6a9e2e1fcd5d837c43n/a Heodo
2022-01-1409_84008068.xlsmxlsm 878245ca533c239b7066ce1bb483d8cd42a8d5887954c3e4db00b5a52d46f354Virustotal results 26.98% 
2022-01-146557XVJ-160.xlsmxlsm 296171d1b92b175041ee3829e60a6880b93861ef09614e912d112777fc2fe13an/a Heodo
2022-01-14HG_1.xlsmxlsm 6fd0e2563b3a57caea1e0d3feb66a44be67ba02e5a317dab989189508a1117feVirustotal results 27.87% Heodo
2022-01-140976092_4764.xlsmxlsm 9072fc8fc3985edddb5521d1cded73e42a33e20f9afc2df23525b7a3a32b55bcn/a Heodo
2022-01-14UD-5652922.xlsmxlsm 07182ae5f4de5bc294feeecdd94ad0a6e8fe552c92f4b80bacd7e87b90d848bcn/a Heodo
2022-01-1446_46457617.xlsmxlsm d8eb28ba7038dd673602a96e242b10c5af8ea2f296fe49eb1b36bf837fbeef06n/a Heodo
2022-01-14vTLWn_7.xlsmxlsm a0a8993ac49af8c9a67d95350e800f6adfbc38b6bfc5a7c213eca23b0b9e5857n/a 
2022-01-149068_45808.xlsmxlsm 736d7dd8f6451b13696e026b82b6c6821497e1dcd096917e9c29c67209989d43n/a Heodo
2022-01-14Ef_8863741.xlsmxlsm db24f279d1e6ca28783d945c325f1a530ba117171035e72ca275e3bbc0d8bfd2n/a Heodo
2022-01-14jmkty_1365.xlsmxlsm 6865b7a1dc0601641ca16e96af174f9dfceb18c137e19db1801def5dccb3b79cn/a 
2022-01-14QY-83587.xlsmxlsm 675e9b8ca552efccc34ac7a2f9fff8ef872d7a5cf5790aca00d33baebff47a87Virustotal results 24.19% 
2022-01-1464562-664.xlsmxlsm 5cff33ed1b7a4ed8ef30baa3a47546681144826e18bdc2082c9676a4f32c4bbcn/a 
2022-01-13838_30740.xlsmxlsm da82f1d4fefd343481585cf68b60330590b552ab3e3ad3acaf639732166f17a6Virustotal results 24.19% Heodo
2022-01-13z7800.xlsmxlsm de4865c0852fca0e36d650b593966be6425eb478402e7eced10fa038abd2ae3en/a 
2022-01-13AMM-0409207.xlsmxlsm 382027190f16994bc76a439e666be02710c43ee123e5bbf37e0394d1bd7e4a39n/a Heodo
2022-01-13630026_385465.xlsmxlsm 792a7b8e75aa51f90c66ee711faf429dfe3220b038cc3725ee935083fcb60e0fn/a Heodo
2022-01-13DA_53905.xlsmxlsm 096504811c78492132ac12b84ad2a6ee435ac882bd0a59bed69a1b10775edf37Virustotal results 24.19% 
2022-01-13ZH32126.xlsmxlsm cbfdd288ed81b34166f40cbb96b59bf5836fe4dc0f06b4f121a97ad11fed7786n/a Heodo
2022-01-13hSA_4645322.xlsmxlsm 88876b87c1e34620663cc95177326339d7853e695ff37d35a180f61d76d019beVirustotal results 23.33% 
2022-01-1389265_0753.xlsmxlsm a82961d7ec81fbc9a29aa3a06007eb18b887dfbe3e97ca6580c7682aa6021a86n/a Heodo
2022-01-13RO_6.xlsmxlsm ac61723d025f90be4b2b44d6643e6ef15327be31899b8cbdaa43c0a2fac25f5eVirustotal results 30.16% Heodo
2022-01-13785036319_255.xlsmxlsm ea518dd18446672c07dfd03a7b14e0f939a89b414a670198e7cf429b6cba7d84n/a Heodo
2022-01-13GVAAM-7910.xlsmxlsm 178140aa190e5af477ce55e0e4eed3580b2bd4c9a7eeae1329291f31f286880fn/a Heodo
2022-01-13u_57935.xlsmxlsm 478d59d47026e5c19226e76dfd2efe51f203ad4f97a093363c1448dd97a12764n/a Heodo
2022-01-13V-06094033.xlsmxlsm b61f87bbf1bdfd5c3b46851f485213ae5a8abd6764d3e228d71ff34b9ce1c2d6Virustotal results 30.65% Heodo
2022-01-13182YOYQKW-81365100.xlsmxlsm ec995f8d459c0874c745d8677b81fddc202d0f1588488797bd81654f025a037cn/a Heodo
2022-01-13DXL-6.xlsmxlsm 16a16ae0734ca9a2fc30199cc0c63a5839677da947c1d03f30e26802208f0c13n/a 
2022-01-13835315-73360.xlsmxlsm 2fc174fae6bcf5ff45e069783a751950e4989cdebf6f04fe8ddfe2121ca28f15n/a Heodo
2022-01-13960015-893.xlsmxlsm 55831e6466e727c6dc0efc619eefaf7ff2a89d4ccb2f770e34aa49cd4a9894b9n/a Heodo
2022-01-135282-07.xlsmxlsm dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6n/a Heodo
2022-01-13IWU_383680.xlsmxlsm aa95f57035882d90669b43af7c454c22d91f4e3c0525a83fcc6a0138d12d2a8bn/a Heodo
2022-01-13X_485718.xlsmxlsm 78dd5816d66701839612b5caf64d4337e45d516e52b5f177345f5019ce4aa907n/a Heodo
2022-01-13t_3560.xlsmxlsm e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320an/a Heodo
2022-01-13606905775.xlsmxlsm e8da2349f8ec549d999a3e63b1f859f0452b0301aaf4fced70ecbba675b81247n/a 
2022-01-13253534956_2.xlsmxlsm 7d20451deedc42248ceeb3cc205328d45bdc50d6d9a652f08773d052e1c598cen/a Heodo
2022-01-136472_940807.xlsmxlsm c87454534ee25d7d677e5bab46857f861240685ce17532b788892d370096be83Virustotal results 30.16% Heodo
2022-01-13DSN_15214798.xlsmxlsm 41750a936f4e59a899e45972dd3ccf154305807c52bd7e5f5b19344e909f86ban/a Heodo
2022-01-13659279128096.xlsmxlsm 5d7049ddd0c94d31087e9b7809dd67ab2c097e01ffacb571225e7ab561f57f39n/a Heodo
2022-01-13G-80.xlsmxlsm 08c7c9f40c6db283966c794771c90b7d9f65dedfb785b861e02187f62f0dc0c8Virustotal results 32.26% Heodo
2022-01-13hi-5937477.xlsmxlsm 4624a6c75a73e206d26cf23225ddf8c14c9bd3fac85edc04aebf63a281aa8bd4Virustotal results 31.75% Heodo
2022-01-1326_28586.xlsmxlsm aeb70e41209244bbbb3f870a325ee369ce718361b2caf361f8472ce7b1b7001dn/a Heodo
2022-01-1316899_1406492.xlsmxlsm 8440f26c78450c4b1f022a497363963b84b99da232ca91b5da7f4aad2234bbc1n/a Heodo
2022-01-13784101-68.xlsmxlsm 6acfbc04a4d8ee5bed51c551d533b4b99936760fdf3f6db32d1216130c89700cn/a Heodo
2022-01-13BIO_210.xlsmxlsm 1837567c1c4771488aaff8602f2c98711463d9afd7dbe2a3ab3413e37e30f610Virustotal results 28.57% Heodo
2022-01-135855632NJLTB-0704.xlsmxlsm cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46cVirustotal results 26.98% 
2022-01-13282908NOXUED_739576.xlsmxlsm 13f975538e7e72ac755218c6a35604d36e0278e74fed8e2270476b89268a7f2cVirustotal results 23.33% Heodo
2022-01-13JRMEP_60443488.xlsmxlsm 726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162Virustotal results 19.05% Heodo
2022-01-1346408411KZZVJV-77449.xlsmxlsm 6a8fc7cb880a404032161e81d67152873581b6614b238faebd731fb7fbd8cb92n/a Heodo
2022-01-13DmokS60269.xlsmxlsm 2b8b0ca757e3eccb527d9ce11a9a8815f5a9ce3c6d2ed5a8711d4c109e88bd71Virustotal results 22.22% Heodo
2022-01-13onv_7808729.xlsmxlsm 1d8482afdb97aba866fc26b21eaa9f92f46ea841566bb0588150aecd4347cd45n/a Heodo
2022-01-13253DQQKSFOZ_32850.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305n/a Heodo
2022-01-13YQhdnI49800736.xlsmxlsm 2cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4n/a Heodo
2022-01-13IDE_306.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefn/a Heodo
2022-01-13349688_6871.xlsmxlsm 1080082d0eec3c4e3583b6e259b0863c746d211af8a8b6b645b21059e60f1119Virustotal results 14.52% Heodo
2022-01-13kFjM_655866.xlsmxlsm 4dc514dc9290b966a14aadaab3d4c168419ed606a81d0a1262318d8b305cfc8dn/a Heodo
2022-01-13561708_48.xlsmxlsm 6169a4500b717ca5de60b77b01c2c1ddf5dbe18bafd0af142248d5066eef19ecn/a Heodo
2022-01-13187_776269.xlsmxlsm 49ec26f8a352003e43a32615495ae4554e0bb8485ef889e7ba57cf869f026c4cn/a Heodo
2022-01-13Hlw_464970.xlsmxlsm 967d8e1ecaddadf97ad824647e734535d41e1996b725dd594a03a043d3795b1fn/a Heodo
2022-01-13pxFH_30451835.xlsmxlsm 8e2712e45fb0cbdc5a565ba4f5582ef6b0d871a0159abaed0fb6c4d519382547n/a Heodo
2022-01-1341_7.xlsmxlsm 90d0f5a1133f995ef6280f0b82b5de6d04f94f727ee5842a0a36f6e4a0b4460cn/a Heodo
2022-01-1320052973_70792399.xlsmxlsm c14e76a48aa71dbc135baf60cb71367b03353dfd7e1e256ec9158c9ab9566677n/a Heodo
2022-01-13DEF-5383.xlsmxlsm 37bb74fcd5b1ff6bbd323163e21277b3ed80d124cc4d727f4ec64d1048a2c85eVirustotal results 22.95% Heodo
2022-01-13uecs_64966870.xlsmxlsm ae8e1d5678b54ef2ddb35fcf1233370916f4e2355f1aeb9066b9f7e12d07bcacVirustotal results 22.95% Heodo
2022-01-1377834_803.xlsmxlsm e1de888c89a83b9cc12fc5432961766a1de1ad53ebd4aa7f3cda06d9c8cce841Virustotal results 22.95% Heodo