URLhaus Database

You are currently viewing the URLhaus database entry for https://site.aau.edu.et/pigeonholer/5755_795/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1973014
URL: https://site.aau.edu.et/pigeonholer/5755_795/?i=1
URL Status:Offline
Host: site.aau.edu.et
Date added:2022-01-13 06:53:07 UTC
Last online:2022-06-27 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-13 06:54:38 UTC to abuse{at}ripe[dot]net)
Takedown time:5 months, 15 days, 7 hours, 4 minutes Bad (down since 2022-06-27 13:59:23 UTC)
Tags:emotet link epoch5 heodo link xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-14FCV_9679767.xlsmxlsm a49399789b01cd98a86c1e039af45a87a2c9ec07d14956bb189152912239bc4cVirustotal results 27.42% 
2022-01-14nmxqr_530562.xlsmxlsm cf3602d572beaa1cc60ba79a77321e44dbcbae1fb6b095a6196d551d03c65727n/a Heodo
2022-01-14yyUx_572.xlsmxlsm 68a933359b3763ca27f3ad54dc136f2836e4060f851f1ef534ab5a9c57894508n/a Heodo
2022-01-14ITVQ_010.xlsmxlsm 450c4c636faac74ffc97bf931aec060b6fa4e3a1ad9e886c26eff92f991019bcn/a Heodo
2022-01-14re_047933418.xlsmxlsm 405cdc1576c516c6c55594c4253f59ee2a9954a1d70221e996a79d2d0cb34c3bn/a 
2022-01-14icbvygs_1862836.xlsmxlsm 07182ae5f4de5bc294feeecdd94ad0a6e8fe552c92f4b80bacd7e87b90d848bcn/a Heodo
2022-01-14ESB6309590.xlsmxlsm b8b1fb98701bf450f491a99a027c35455ecc635801276ec74d0f637aa91aa3f9n/a Heodo
2022-01-14T_36964003.xlsmxlsm 6cf915a1c386b1addb58623871457702ee092cd9954762e41e283c213b0523e5n/a Heodo
2022-01-14hat_26377541.xlsmxlsm 620279fcd1238b22b28ff6e4d98f577b33d7dcfe09e7729f6ffd76070cec42e8n/a Heodo
2022-01-1449288217_580576541.xlsmxlsm 217dab1dcf450f814ccba0ec24734922bd9924881e63323677e377f709310938n/aHeodo
2022-01-143829978613334568.xlsmxlsm c319f68747fd435aca46ca88df79a412e6e2e3fd14935007ded0525bd0666416n/a Heodo
2022-01-14AGV_3895708.xlsmxlsm 68101ea79f3a35a4103b72a787eb642abf500a92e92b34853c1929b645d4f11dn/a Heodo
2022-01-14403_61699.xlsmxlsm 81bb7a133cc21a5f209bb293819b5157ff69fb246fd652a40caea0a5d98d90c3n/a Heodo
2022-01-13382599_4409.xlsmxlsm e50a105ddea8f6a8d4e939cfb72b87b38a7ca408cbbf06301b2955af36c978edVirustotal results 24.19% Heodo
2022-01-13368-621098.xlsmxlsm 41c387caad91677f20b6feddc3ce80cf855fad1ae7fbf716f5d1aabc68eedce9n/a 
2022-01-13oitzb9314.xlsmxlsm e4bcb4190ee0b2f367514f3a89cc0f1b5799f27511d34d41f4f8886d6afa1a5en/a Heodo
2022-01-13GYC88.xlsmxlsm 792a7b8e75aa51f90c66ee711faf429dfe3220b038cc3725ee935083fcb60e0fn/a Heodo
2022-01-1388_73.xlsmxlsm cfcf60f2a598ac8e1abc547928fb7b32fa3b58afb00c098f3b6b34b77d0ffbb9n/a Heodo
2022-01-1339406398257.xlsmxlsm 581fc75adefc48a9698d1bc72dce3048ee18acc2a34ef3af5c72a1f83c1761b0Virustotal results 22.58% Heodo
2022-01-13312171657_596.xlsmxlsm 88876b87c1e34620663cc95177326339d7853e695ff37d35a180f61d76d019ben/a 
2022-01-13YSE_8746817.xlsmxlsm a82961d7ec81fbc9a29aa3a06007eb18b887dfbe3e97ca6580c7682aa6021a86Virustotal results 22.58% Heodo
2022-01-13077-0.xlsmxlsm 00c4657fa8734227eb769bbed474082f1140185ab579073204135735b2c32f9cVirustotal results 32.26% 
2022-01-13574063XTQZUNDKV_27986303.xlsmxlsm ea518dd18446672c07dfd03a7b14e0f939a89b414a670198e7cf429b6cba7d84n/a Heodo
2022-01-1317472664.xlsmxlsm 920f3ff6aeb6ae3263757fc11949ff22476eaf9c6471b521bf891b9a18192465Virustotal results 30.16% Heodo
2022-01-13EXUWX4306961.xlsmxlsm 840b14be8c10c32e02b2c43fb7fce553f9a5fd5131d87cc9d95b514583ef2d49n/a 
2022-01-1387775888_76.xlsmxlsm 05329907bc087ee86b8ae6bda563613a6891d861b5e7eceaacd742a96de38c7fn/a 
2022-01-13r-17626.xlsmxlsm 8186f82da42f9f07b405d280632e62d7632c4b472cbb489761bf400bc9ac2b74n/a Heodo
2022-01-13UB_59715916.xlsmxlsm b4fb2c694f76e85c361b9c285f67b7a5a15074919db0b9eb2d55521390eedbc3n/a 
2022-01-135464510_19044292.xlsmxlsm 2fc174fae6bcf5ff45e069783a751950e4989cdebf6f04fe8ddfe2121ca28f15n/a Heodo
2022-01-13690-3564.xlsmxlsm 55831e6466e727c6dc0efc619eefaf7ff2a89d4ccb2f770e34aa49cd4a9894b9n/a Heodo
2022-01-13278_571.xlsmxlsm dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6n/a Heodo
2022-01-13D1094842.xlsmxlsm 3e8ac5b89fdb8697813438a75aec6df15ad029e5c499a023f5bc7a209ff1b13bVirustotal results 31.15%Heodo
2022-01-13K_27.xlsmxlsm 78dd5816d66701839612b5caf64d4337e45d516e52b5f177345f5019ce4aa907Virustotal results 31.15% Heodo
2022-01-1379787793.xlsmxlsm 115b1bbc0363cd535f4336aac31bed3fa17e2c2a4ebcb15618e55c9dfc91896bn/a Heodo
2022-01-136296ZSAF_21.xlsmxlsm 0a15c90622fb7efdc89dd32dd7eebdf84b3544b5e9b63a281ef38d59ebc446e1n/a Heodo
2022-01-13234217428867483.xlsmxlsm a8b105b33e639fbfaf784868e4c8b14639d7e0dfbde96bb5071fa8d7160595fen/a Heodo
2022-01-13qimfr-593826.xlsmxlsm c9d6e67d61769e32b703185a1035e43bbc9c7c053cc1d06594fad3979da3cc9en/a Heodo
2022-01-13deaotu-82276.xlsmxlsm 2d009791d777c752c4fddb6e32e5d123d7ecf80145baef849436bf4879259b8en/a Heodo
2022-01-13BGATP-0252.xlsmxlsm 08c7c9f40c6db283966c794771c90b7d9f65dedfb785b861e02187f62f0dc0c8n/a Heodo
2022-01-13PNSB955.xlsmxlsm b8f140e8a83cdb10b7816fd789deccef6d4373e8441fa40618b48484359041b5n/a Heodo
2022-01-13593700_625.xlsmxlsm aeb70e41209244bbbb3f870a325ee369ce718361b2caf361f8472ce7b1b7001dn/a Heodo
2022-01-1339_028752.xlsmxlsm 8440f26c78450c4b1f022a497363963b84b99da232ca91b5da7f4aad2234bbc1n/a Heodo
2022-01-132636993690.xlsmxlsm 6acfbc04a4d8ee5bed51c551d533b4b99936760fdf3f6db32d1216130c89700cVirustotal results 26.23% Heodo
2022-01-13RZZUC-4907149.xlsmxlsm 125468fda9c224d8a3ccdf92f08037a343c0341a8e64dc2c1182e1d3d4e496a7n/a Heodo
2022-01-13amnw-708.xlsmxlsm cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46cVirustotal results 26.98% 
2022-01-13E_220.xlsmxlsm 915354db100b6c7c744bede05828fd397ef2ab000bced2ac46e799b5d5a8e9d5n/a Heodo
2022-01-133706_96943859.xlsmxlsm 726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162Virustotal results 19.05% Heodo
2022-01-1389904838431.xlsmxlsm d32a60905cbcf3b82765d7291ede8777aa420c096699a8f848d3417e53158346Virustotal results 19.05% Heodo
2022-01-1386335_2155.xlsmxlsm e87856edf8567e6e432ef09f0cc575e581c36b5df71a16c71658a5fb980a3d86Virustotal results 23.81% Heodo
2022-01-1349NBIK_47498.xlsmxlsm ca6662f6a52a16a294b7d873a1f4b60f6ed054cb1cbaf3207081f30380c573e2n/a Heodo
2022-01-138766770_91.xlsmxlsm ae4c37f20738b2bc766ca1b1437dd27be15c5a86e663f8ce3fc8be6762483305n/a Heodo
2022-01-137081-784300.xlsmxlsm c841d1d5ae704ec93026da23d3f2b9e5f00d5a229a91117df6188db2e444e87dn/a 
2022-01-130747373174745177.xlsmxlsm 9e1460b0a4debafe9636cf43ad6de3069afc41e53b2c0c09b6337bd165a7bcefn/a Heodo
2022-01-13192497353_3213.xlsmxlsm 22ed1803ea7fa2aa21adb614d88627eaf141fb5663bac536d56f3db835dd0811n/a Heodo
2022-01-1361932_533622644.xlsmxlsm 4dc514dc9290b966a14aadaab3d4c168419ed606a81d0a1262318d8b305cfc8dn/a Heodo
2022-01-132536112-721.xlsmxlsm 6169a4500b717ca5de60b77b01c2c1ddf5dbe18bafd0af142248d5066eef19ecn/a Heodo
2022-01-13i_714746.xlsmxlsm 49ec26f8a352003e43a32615495ae4554e0bb8485ef889e7ba57cf869f026c4cn/a Heodo