URLhaus Database

You are currently viewing the URLhaus database entry for http://enduringhighperformance.demo9lec.co.za/kxqyx/NYZY_91409/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1973577
URL: http://enduringhighperformance.demo9lec.co.za/kxqyx/NYZY_91409/?i=1
URL Status:Offline
Host: enduringhighperformance.demo9lec.co.za
Date added:2022-01-13 10:49:05 UTC
Last online:2022-01-14 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-13 10:50:12 UTC to abusepoc{at}afrinic[dot]net)
Takedown time:1 day, 5 hours, 27 minutes Poor (down since 2022-01-14 16:17:56 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1474041539.xlsmxlsm ee32ff0e25e569a3e5146055fac6c20e2d9216d44702df62552302b1e28a42d6n/a Heodo
2022-01-14zmup_812103003.xlsmxlsm 240d9c912338f39fde436264a56a9b48ded82608f23ae5f4a8f732110c2b30a2n/a Heodo
2022-01-14372727297_1824365.xlsmxlsm ebad9571e78364fa9499fcd9e9978bb492d1c00918cd730afc15175919b31a28n/a Heodo
2022-01-1495-83210.xlsmxlsm 920dccc135e7f573d85fc925df056af68170bbdead1b6cd0e1fcd31b1e1b2e7en/a 
2022-01-14XQFZ_234.xlsmxlsm dd43f7aff805ec6fe3bd061d0b56f766348dc687159a25895ae03963e70e3d4fVirustotal results 30.16% 
2022-01-14IZV_83001.xlsmxlsm 3c1065f5a3bd623799cdc9f2d15405189dd2604a1ddc45c113c19eec70f81c77n/a 
2022-01-14qvxeo_914212.xlsmxlsm e7dff9977a528e887ecaa6aa818a1ddf868d700f6e13078ac53d801c61d4771aVirustotal results 27.87% Heodo
2022-01-14WKYX_5818.xlsmxlsm dc929317cca3b519661820052cd357c4891f7725de37b15637010b5903292a0bn/a Heodo
2022-01-14283156037.xlsmxlsm fdb92c93fc55216d88ecb346e4b600385fb8cc3ee2aa598cef3cad99b3f59fb3n/a Heodo
2022-01-14yr20631671.xlsmxlsm 8f7a9cc8cbc19032e25ab6524b05b1e6807b05e96abe4e3467200394ef44f5a8n/a Heodo
2022-01-14405PXDDT392679.xlsmxlsm 44e19014ff150d3e22446507b5bc37be8660bf0cd9130a211434997867391938n/a 
2022-01-14UF-4710.xlsmxlsm 0db8962b34a097cbefe62d17aae56cbb6e86fd1f8302a190427bf5de9e3a678cn/a Heodo
2022-01-14I_00931.xlsmxlsm 5ebbbd43a04a87e9d85a876ce8c8a0fe2e737082fd820835c7d4378d380ed20dn/a Heodo
2022-01-1428BJGZET51958748.xlsmxlsm cf5ed745b4a6923a96dd4239ddf13cc355814ea3d0ef98f71204bc0f085937aan/a Heodo
2022-01-1459365QQEMUBAE-8.xlsmxlsm 38aa8bb59cfaed48d361e496e1682f677a3f58223fbe1a6a9e2e1fcd5d837c43n/a Heodo
2022-01-14N63694.xlsmxlsm 878245ca533c239b7066ce1bb483d8cd42a8d5887954c3e4db00b5a52d46f354Virustotal results 26.98% 
2022-01-1410-457150.xlsmxlsm 296171d1b92b175041ee3829e60a6880b93861ef09614e912d112777fc2fe13an/a Heodo
2022-01-14366240_791198.xlsmxlsm 6ac14b86db1b807b8bdc126d8e1ba66536ff55b5fcddb9ba068bd70b176c52ben/a Heodo
2022-01-14PHP530293.xlsmxlsm 0e2db8bad325d450826ee98740532c44b36d70a95f31178c85a50f4e8ee9c8b0n/a Heodo
2022-01-14653515_7741.xlsmxlsm e59685a5244eb67b90182bec159a7ec89a66592e8a06efd89dd4e5b19b11cbd6n/a Heodo
2022-01-14siedn-6987882.xlsmxlsm 77f9047608db228251671697e703de19448819776d18446a1c5cbae840087e02Virustotal results 25.81% 
2022-01-14onvrg_0972.xlsmxlsm 5388d17d28ba671fbe8a27779a4ff0a97c15a00c1a91e946824b81b38c6d8e90n/a Heodo
2022-01-14RU_87196.xlsmxlsm a1a5295caf727bb6210b32ba53371db4451b4355c8bf0b420b09dc8e1182fad5Virustotal results 26.98% Heodo
2022-01-141657RHZNORFHV_226.xlsmxlsm 28d2e274a082c7de870cd52bde0f9bb929bcb9331d7ce9e85f5c9bb6948a59dbn/a 
2022-01-148995833_186.xlsmxlsm 3dd7791745ef386d30fdac27e392533cbf154de6881440bf6bae3b947c775402n/a Heodo
2022-01-1419168834-37.xlsmxlsm 9914b76a0ba3fb9da5a56e91338779ce902665c925d401d929aadf7974293d79n/a Heodo
2022-01-1479_6.xlsmxlsm 700465c4be1e671b009e46928a0479f311b16f05004d4e24755bb22c405781f1n/a Heodo
2022-01-13TVX11758828.xlsmxlsm 731ec98a6308e19709812083b3dfba8b079aa48f36b486f2f06d7170de5d1541n/a Heodo
2022-01-1365428_8369.xlsmxlsm e15f4ab1af0935e26f54b19c1221a5dd41698713dfa44c327a206ffd708f3ceen/a Heodo
2022-01-13wkz_7095.xlsmxlsm 88d07eac813b81a446e976b9d46feb95a86d3e4d0cdfb6e604d42bba8757db02Virustotal results 22.58%Heodo
2022-01-1323447697RUMJ3575655.xlsmxlsm 792a7b8e75aa51f90c66ee711faf429dfe3220b038cc3725ee935083fcb60e0fVirustotal results 22.95% Heodo
2022-01-13234359_5919.xlsmxlsm bade694a72c3d8e5887ae4e1f1554aa85add86c8748b60af2e53e4241570d8f7n/a 
2022-01-1365269_48309.xlsmxlsm 6e346a952b92ea8d7ecde685f07f01806f0d66530eb588748cfdf35aa4467797Virustotal results 22.58% 
2022-01-13wzriar_44276068.xlsmxlsm 929400abfc42d038419315b35d0fd68f85270fee48b20985276ff79651f09264n/a Heodo
2022-01-13403546711.xlsmxlsm f1ec4f871b40968083790f9f1e19eaf6c17301f20743055e00b6382b3d5b2f55n/a Heodo
2022-01-134227_5.xlsmxlsm f82aed370591fd8b536179975bac82d0c6c17f97b74d1dcf5c235fbfb66dad72n/a 
2022-01-1313255505.xlsmxlsm e894314815096ab9fbaa2b7f084fbe70f1de47caf8d5f282e012a8095831da67n/a 
2022-01-13dw_607.xlsmxlsm 5f078012b57ca56c92cb000baabb72b809c64fac6e70911c9175074c54839087Virustotal results 33.33% Heodo
2022-01-1342647EHGYMKZZZ-348.xlsmxlsm accddc7c06e08cf3517f7277a5c299c85176cd7821220fcbc6681c3dfba5be01Virustotal results 30.16% Heodo
2022-01-13NOVNI-243965.xlsmxlsm a58fa75e6f2b26544b017856c6e1c56cb39d7769f3854c1cebdebdc0bcdbee9eVirustotal results 30.65% Heodo
2022-01-132331754_82146074.xlsmxlsm 4a3a254a975f87ed78ab0ab53de0a7f8ab2235a1bc8abea99ade0593d3c2c450Virustotal results 31.15% Heodo
2022-01-1342160781_1.xlsmxlsm 84367a10ef0a1067456f443303350ecc02e59f1a99aea05fd6c748000092a797n/a 
2022-01-1399189952_599985.xlsmxlsm 8731dcd378702d6a9d4a679e338cbd69e94a5030d0dc0520456e30760f81cc6en/a Heodo
2022-01-13yixzJ-264.xlsmxlsm ac680177934f28cf84fc94b0e1f006de320955fd9f17bed4d39699cda13c8bd6n/a 
2022-01-13517737YFTCPXSMK_2.xlsmxlsm dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6n/a Heodo
2022-01-137788764_07509.xlsmxlsm c04abc3378a389c7769ed89de8e5d82f4cb311647e4f363641a807fc6a399f39n/a Heodo
2022-01-13404NOUJVQU_137070.xlsmxlsm 78dd5816d66701839612b5caf64d4337e45d516e52b5f177345f5019ce4aa907n/a Heodo
2022-01-13939087-901419.xlsmxlsm e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320aVirustotal results 29.51% Heodo
2022-01-131581146_20420679.xlsmxlsm e8da2349f8ec549d999a3e63b1f859f0452b0301aaf4fced70ecbba675b81247n/a 
2022-01-1371OZY7948.xlsmxlsm 7d20451deedc42248ceeb3cc205328d45bdc50d6d9a652f08773d052e1c598cen/a Heodo
2022-01-13T-165.xlsmxlsm c9d6e67d61769e32b703185a1035e43bbc9c7c053cc1d06594fad3979da3cc9eVirustotal results 27.42% Heodo
2022-01-13rxmO-04957917.xlsmxlsm 1070ee81825904e9b69247d5ecd09aa91e0be9722ff1b627740e98e0bd48ee7fn/a Heodo
2022-01-1341-0182.xlsmxlsm 5d7049ddd0c94d31087e9b7809dd67ab2c097e01ffacb571225e7ab561f57f39Virustotal results 31.75% Heodo
2022-01-136976-977056.xlsmxlsm 08c7c9f40c6db283966c794771c90b7d9f65dedfb785b861e02187f62f0dc0c8n/a Heodo
2022-01-1378546-88794.xlsmxlsm b8f140e8a83cdb10b7816fd789deccef6d4373e8441fa40618b48484359041b5n/a Heodo
2022-01-1364_31655763.xlsmxlsm aeb70e41209244bbbb3f870a325ee369ce718361b2caf361f8472ce7b1b7001dn/a Heodo
2022-01-1333561_795807.xlsmxlsm 8440f26c78450c4b1f022a497363963b84b99da232ca91b5da7f4aad2234bbc1n/a Heodo
2022-01-13wercalz-18286115.xlsmxlsm b3a8073712469f70329fad465825f867bd6dcf83420de3004730f91ecc938138n/a Heodo
2022-01-138002944968752.xlsmxlsm 1837567c1c4771488aaff8602f2c98711463d9afd7dbe2a3ab3413e37e30f610Virustotal results 28.57% Heodo
2022-01-13509OJH9323.xlsmxlsm a64b918b227ae002b52f8ca07c1e57fbf11e0f6a0c5a06abbf79e2b209bce48bVirustotal results 22.22% Heodo
2022-01-13xAINP_116063064.xlsmxlsm 13f975538e7e72ac755218c6a35604d36e0278e74fed8e2270476b89268a7f2cVirustotal results 23.33% Heodo
2022-01-13CLU-9443.xlsmxlsm 726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162Virustotal results 19.05% Heodo