URLhaus Database

You are currently viewing the URLhaus database entry for http://deti.czsv.dp.ua/wp/b-8868533/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1974040
URL:	http://deti.czsv.dp.ua/wp/b-8868533/?i=1
URL Status:	Offline
Host:	deti.czsv.dp.ua
Date added:	2022-01-13 14:22:04 UTC
Last online:	2022-01-22 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-13 14:23:07 UTC to abuse{at}hostprolab[dot]com[dot]ua)
Takedown time:	8 days, 19 hours, 12 minutes (down since 2022-01-22 09:36:01 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-20	076923_8313104.xlsm	xlsm	abcb66b53b95af620cadc12ea7507b5b20b4eb4eccb9f9661e3c1fb34518b3fd	30.65%	Heodo
2022-01-14	R-8679029.xlsm	xlsm	8930ee76733f7d47386802541a1c011bacf01d3a97b98801b53dc4906502f824	32.26%	Heodo
2022-01-14	222_99952197.xlsm	xlsm	2c3eab42ebaf7d7d0d6a7c3a7e6c46f0a85b674670566f5c4925347ba5677666	n/a	Heodo
2022-01-14	HHKZW-0103.xlsm	xlsm	d2248407231158d69f414895bb9f2abc24b31d39c156c0f46e25a49fc0f6942b	28.57%	Heodo
2022-01-14	YLSXx_10121896.xlsm	xlsm	033b712fd7d4d23cef910bf6ad4440c6e7c3d79f483b9d79ee72db130881a05b	30.16%
2022-01-14	n60.xlsm	xlsm	93797babbd39191ec7414750b549df061089d4b224c2465baa56820ed3583b66	n/a	Heodo
2022-01-14	CF528.xlsm	xlsm	3466d520bb73d37c5ba72056b46d00bd6346db16cfdef557cf14e6554b7cf98f	27.42%	Heodo
2022-01-14	R-4589847.xlsm	xlsm	d8fd315efba4dd6e72aaf30eb91ac6bbdc046717708c740158751ebf6a9e18d4	n/a	Heodo
2022-01-14	QJ-69084.xlsm	xlsm	38b84fcdf7e7ed1a95a221a66ebb59bf63847b414da3370144e103a23b9a577a	26.67%	Heodo
2022-01-14	216585349-60251.xlsm	xlsm	bd84338df7f1e8eae032de81e2839eb85a6f05c8e7f3afb88bade961419a9d49	n/a
2022-01-14	SG_6429.xlsm	xlsm	ff585f534b9fcb8f660da3a92bdf92629e9d66cc31aceff6d3cf69be3aa2da60	26.98%
2022-01-14	yP_6.xlsm	xlsm	19da7acace7648f617cc949600d423f00148861c9f82b7eaf35c2487033bd905	n/a
2022-01-14	JD_59336635.xlsm	xlsm	c38669a80f2dce6bbc2dbfc67e98ecead22379ea9733a7e496c8cc6896d61d11	n/a	Heodo
2022-01-14	KO6476.xlsm	xlsm	ec237a7588cb70688e3f57edf9ec59126b234f51b996b68000604002a379dc5d	27.87%	Heodo
2022-01-14	QBF_59123326.xlsm	xlsm	59ae2ce51e3e9e2d3e412dcf23488aa002acb72d34656606872d00bb4ab0eca3	26.98%
2022-01-14	nAWhDY012563.xlsm	xlsm	a49399789b01cd98a86c1e039af45a87a2c9ec07d14956bb189152912239bc4c	n/a
2022-01-14	HUQ_35488764.xlsm	xlsm	3b63ba5e81eedd06656eca70b56b6d9490b598df1646dd83dacefe8cd52d6a77	n/a	Heodo
2022-01-14	zKFUZ57.xlsm	xlsm	cb0d9916b6be6d3b9d52d057b5b8aa3b223284abe331467dea72eca27165a618	26.98%	Heodo
2022-01-14	78037158016795.xlsm	xlsm	0e2db8bad325d450826ee98740532c44b36d70a95f31178c85a50f4e8ee9c8b0	n/a	Heodo
2022-01-14	6161_4857.xlsm	xlsm	d7e424ccc4f316f9abbabc2a3b0bc47b61daf071111fed745056ffc823c541c1	n/a	Heodo
2022-01-14	81627695_33.xlsm	xlsm	b8b1fb98701bf450f491a99a027c35455ecc635801276ec74d0f637aa91aa3f9	25.40%	Heodo
2022-01-14	216_83.xlsm	xlsm	a0a8993ac49af8c9a67d95350e800f6adfbc38b6bfc5a7c213eca23b0b9e5857	25.45%
2022-01-14	88788769-9104632.xlsm	xlsm	a1a5295caf727bb6210b32ba53371db4451b4355c8bf0b420b09dc8e1182fad5	n/a	Heodo
2022-01-14	250456120_98.xlsm	xlsm	9c8a39e1e2d7547aebadc4f37b84543d9e48faca443b9acd76cdf46d65459acd	n/a
2022-01-14	2421-0993010.xlsm	xlsm	5e752b11e5c8a995688ec34e8bacbf253a0450479c1c2582dbd770d004babe51	27.87%
2022-01-14	696864818_19.xlsm	xlsm	4eab3977f88e6444a99925c2a5769e6b720e8a6ba4ee8cc8235e23a33a1e6658	24.19%
2022-01-14	IVVGL60044.xlsm	xlsm	700465c4be1e671b009e46928a0479f311b16f05004d4e24755bb22c405781f1	n/a	Heodo
2022-01-13	H-704.xlsm	xlsm	731ec98a6308e19709812083b3dfba8b079aa48f36b486f2f06d7170de5d1541	22.58%	Heodo
2022-01-13	wtffdm_48957538.xlsm	xlsm	e15f4ab1af0935e26f54b19c1221a5dd41698713dfa44c327a206ffd708f3cee	n/a	Heodo
2022-01-13	72820691287.xlsm	xlsm	88d07eac813b81a446e976b9d46feb95a86d3e4d0cdfb6e604d42bba8757db02	n/a	Heodo
2022-01-13	191298-56482.xlsm	xlsm	7585b5ae0e18149ef1ef83b54ff727158a1f11364edde0d8e4ecaa3462369f3b	21.31%
2022-01-13	exg-392.xlsm	xlsm	bade694a72c3d8e5887ae4e1f1554aa85add86c8748b60af2e53e4241570d8f7	n/a
2022-01-13	ON_154.xlsm	xlsm	6e346a952b92ea8d7ecde685f07f01806f0d66530eb588748cfdf35aa4467797	22.58%
2022-01-13	AIHFA-958120.xlsm	xlsm	929400abfc42d038419315b35d0fd68f85270fee48b20985276ff79651f09264	n/a	Heodo
2022-01-13	I-413542633.xlsm	xlsm	f1ec4f871b40968083790f9f1e19eaf6c17301f20743055e00b6382b3d5b2f55	n/a	Heodo
2022-01-13	CC2811471.xlsm	xlsm	3ee5184a13e445cfb1886d07497ad642ebcf9b1d33fa9628d60e50e8cfa882e3	n/a	Heodo
2022-01-13	pwoH_788695.xlsm	xlsm	bdaea2c03177079e3874c6f5d9df40bd1d98dc7adf2f25e7226e35852c2a633b	31.75%
2022-01-13	D399.xlsm	xlsm	86a1ee206571860bb3bad454634ec72849381988ddef82b11da1360046a070a6	n/a
2022-01-13	30995672SEELKVRYF_4641584.xlsm	xlsm	8b8691c729c4aae4cda2049c3fcbf3153562829da68bfd3121e61dc3f9bf2cfb	n/a	Heodo
2022-01-13	sWge-0045.xlsm	xlsm	a58fa75e6f2b26544b017856c6e1c56cb39d7769f3854c1cebdebdc0bcdbee9e	30.65%	Heodo
2022-01-13	GM-54539.xlsm	xlsm	a139884d68aacbe19a1b68501de5392ef5ba05cc3eb5a5b2ed0c347db44af4ca	n/a
2022-01-13	6383-182.xlsm	xlsm	5cf53f9f40389a8c56abd3a90681dadd27c0db904fbc2422ec9baa37e84c1584	n/a	Heodo
2022-01-13	51699_4467088.xlsm	xlsm	aefebee74f868174371b6f9925e3484198f01753d2e1ed58c2b99a6c2e24de08	n/a
2022-01-13	NN_3056.xlsm	xlsm	4c82d1c41c6287dbc29a8404a82c908dc052b2b7120ea9e58c0cec067ad4fca2	n/a	Heodo
2022-01-13	748926941722.xlsm	xlsm	dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6	n/a	Heodo
2022-01-13	MH_6122.xlsm	xlsm	aa95f57035882d90669b43af7c454c22d91f4e3c0525a83fcc6a0138d12d2a8b	n/a	Heodo
2022-01-13	36QGHUZBQV70.xlsm	xlsm	603fc4bf5e141be1b30fb64551545d7f757d7f508891d17256ffc5564f3ccfc8	n/a	Heodo
2022-01-13	cu65953.xlsm	xlsm	115b1bbc0363cd535f4336aac31bed3fa17e2c2a4ebcb15618e55c9dfc91896b	n/a	Heodo
2022-01-13	QAX_021229.xlsm	xlsm	e8da2349f8ec549d999a3e63b1f859f0452b0301aaf4fced70ecbba675b81247	n/a
2022-01-13	r-10.xlsm	xlsm	febd9978510715acb1f4bb87d04412fb1e3e6e2720329590b6b146de515d2d85	30.16%
2022-01-13	eiis215407.xlsm	xlsm	73aba3d6a7b537481c898581b8ccc0131152c0d0fc93500b4c562db824073360	n/a	Heodo
2022-01-13	5645-43.xlsm	xlsm	41750a936f4e59a899e45972dd3ccf154305807c52bd7e5f5b19344e909f86ba	n/a	Heodo
2022-01-13	7853789607.xlsm	xlsm	4c2cf1d0796d8ac276ad283bbb14986b510a2a3b33e76005c8968b653d43d844	n/a	Heodo