URLhaus Database

You are currently viewing the URLhaus database entry for http://learning.fawe.org/wp-content/210322476-34286/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1974393
URL: http://learning.fawe.org/wp-content/210322476-34286/?i=1
URL Status:Offline
Host: learning.fawe.org
Date added:2022-01-13 17:15:04 UTC
Last online:2023-01-21 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2023-01-21 11:20:07 UTC to abuse{at}godaddy[dot]com)
Takedown time:1 year, 0 month, 12 days, 18 hours, 27 minutes Bad (down since 2023-01-21 11:43:11 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-14GUJL_562957.xlsmxlsm 2243ada22b4c83d5f5470d40be8a9a88035c7264ad4404dad0776975a93da710n/a Heodo
2022-01-146215-5.xlsmxlsm ebffb509fa2150ae4536dcc78d9afb9a6bc23d22d1b8efeb4dc6ad296fb94254n/a Heodo
2022-01-14303259549.xlsmxlsm 8a1759da5cf30cda277162bcabe0a579ee44c76e90293cad589f0d6f1e36310bn/a 
2022-01-14514JUORIPI-47.xlsmxlsm ab5d8bf5fc5242d31fac07794a032f75a097559e76c27991d42d0afa48519db5n/a Heodo
2022-01-148120_03924941.xlsmxlsm 689555499fd2dff9a85acca987cf63ecb004150fb9428e7336b11a90eed8a4a6Virustotal results 33.33% 
2022-01-1495_97311.xlsmxlsm 8af12a9f834703c63edad17992c5c74f775cae7734f8a363b88ab13d0599c6ffn/a Heodo
2022-01-1471819970069.xlsmxlsm dac736a5562b2a96cece573228b50c17f369d3912fef2b92dc5ea40d5c427034n/a Heodo
2022-01-14408077467.xlsmxlsm 74fe2ba2dea625d4f828ab4aa5527c83b29ae09a9a4f1c74980b998cf84f06c1Virustotal results 36.67% Heodo
2022-01-1491774439RQX717275.xlsmxlsm 25ffc4f1a9abeb750423f929d563d90c09121eee81a928f86f02f8e4421f5c7bn/a Heodo
2022-01-1423HGSXLVRO_5.xlsmxlsm 9770e911e79143121d645e9e5c84b8472e49263dd3ebe7f615b4051784d2ade9n/a Heodo
2022-01-1483421715WLMJPRA_0.xlsmxlsm a972c47050ae7cf97f0c52155e8ab1462d5a9606eaf7140f1ee56f1e8a45dbb8n/a Heodo
2022-01-1468881-728.xlsmxlsm de59e179f2f1f561d14fc8fe0d9e607430201108b22880bef5fb5284a2b0a41eVirustotal results 31.75% Heodo
2022-01-14alottbw-5942.xlsmxlsm 21765812bfbbb2dd7f212135f049e46468f8e4918a096a20ffb4f4048f77a49en/a Heodo
2022-01-1498CEFHHF-888599528.xlsmxlsm 02fef2f393dfa1693167af8424ff91f298d3c12bad8411580f82548c7876cdfdn/aHeodo
2022-01-14181318563_05988.xlsmxlsm 5cc2efe07bce9271f507e31985055a3f5a845b6269dcb80cc44de065b1f093cdVirustotal results 34.92% 
2022-01-14732_284.xlsmxlsm 1c8efbc70bde55f70789960968bfdb1a261eab6bc372e1f6859aee00261a7f82n/a 
2022-01-14JCZ-549181.xlsmxlsm 7ae8d061dd1dd74a37ac33eced5d361e376cc4b919bdfd82338595f8e17d1e46Virustotal results 33.87% Heodo
2022-01-1428902OHYBDBTNL677517.xlsmxlsm e96a3f5577ef1f2045def7dac6923247f9ea4baf84301b8425761d362301bd83Virustotal results 35.48% Heodo
2022-01-14592CVAGZE6.xlsmxlsm 141cd6be868c4fa899a6d5f3f2f0ea22d94887abe2e2a3246efb2908d25031ban/a Heodo
2022-01-1492236420607459.xlsmxlsm 127c23bfe45f05520e25aa2ee365653314949ad5bf52a5961e3b97b42ee942a4n/aHeodo
2022-01-140959584_205734.xlsmxlsm 4ae00681a3df217ac3d3dc4f3e7b9a154540d3047f51504700e9f6d937e6a29dn/a Heodo
2022-01-14qexpme-59438444.xlsmxlsm e528e3738d4b8284c74b4e98c0cd720a9656a76170631018efa083afe6775b20n/a 
2022-01-14971719-8.xlsmxlsm 3e81aeff6c3de374e2eccaf42502eb484fd572d9cfd1b165fb2d05169913a6e5n/a Heodo
2022-01-14J79.xlsmxlsm 4388bfb3d3bd1ca9b1fc3350e1a4b12fa5eb80e25003b4cf503e7613279e4aceVirustotal results 30.16% Heodo
2022-01-149159_28543948.xlsmxlsm 2a27ce2154d11dc966ffa667153ed128ea0b55eafd8cdd00ec37a4068ea6f5ebn/a
2022-01-140916982375.xlsmxlsm 31880b7b69938b12824c65ef7240304c054a61f2c4e62b7f596cafbad8b63eben/a Heodo
2022-01-143077LZARPTSR_705.xlsmxlsm 42c5bb56d6d7939abf3f29c32648b0239c79d8362d5b7634e96c8387b4376831n/a Heodo
2022-01-1449517_27830038.xlsmxlsm a45f772b66ff40e7de3bb7541d5563fc62563fb2aa9ab6b9343e4ab859593c7en/a 
2022-01-14lghgt75179189.xlsmxlsm 93797babbd39191ec7414750b549df061089d4b224c2465baa56820ed3583b66Virustotal results 29.51% Heodo
2022-01-14247UVM-5003955.xlsmxlsm 0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58an/a Heodo
2022-01-14o60.xlsmxlsm a89097e556d8e582deba3d9f6c471d585cd8ea41cf7e40480f967985ed90e60dn/a 
2022-01-1458678511.xlsmxlsm 38b84fcdf7e7ed1a95a221a66ebb59bf63847b414da3370144e103a23b9a577aVirustotal results 26.67% Heodo
2022-01-1458296812_5331315.xlsmxlsm bd84338df7f1e8eae032de81e2839eb85a6f05c8e7f3afb88bade961419a9d49n/a 
2022-01-145804769-2091.xlsmxlsm 69ef1b95072beb41ac0bd2bff9613836579a4e1b2738fd5f150a0507e1c97fa4n/a Heodo
2022-01-14RB932195.xlsmxlsm be9b720458252f06a6688c838079c24730523961b9242c3a0c76ef5c4c1ac949Virustotal results 26.98% Heodo
2022-01-14yG-6639.xlsmxlsm ec237a7588cb70688e3f57edf9ec59126b234f51b996b68000604002a379dc5dVirustotal results 27.87%Heodo
2022-01-1492508KZHCLBMEH-283623.xlsmxlsm 59ae2ce51e3e9e2d3e412dcf23488aa002acb72d34656606872d00bb4ab0eca3n/a 
2022-01-14Z_951036.xlsmxlsm a49399789b01cd98a86c1e039af45a87a2c9ec07d14956bb189152912239bc4cVirustotal results 27.42% 
2022-01-14IFYFW_9.xlsmxlsm 3b63ba5e81eedd06656eca70b56b6d9490b598df1646dd83dacefe8cd52d6a77n/aHeodo
2022-01-14714350.xlsmxlsm 6ac14b86db1b807b8bdc126d8e1ba66536ff55b5fcddb9ba068bd70b176c52ben/a Heodo
2022-01-14SmilQC0240200.xlsmxlsm b8e60cbecfbe9cdc725b0f3fc1524d2004d7a1e7a7aca69e4f7bc0ce89fe2f54Virustotal results 26.23% 
2022-01-1460EAKIWADJOC192053.xlsmxlsm d7e424ccc4f316f9abbabc2a3b0bc47b61daf071111fed745056ffc823c541c1n/a Heodo
2022-01-14687CGWIW_481.xlsmxlsm 77f9047608db228251671697e703de19448819776d18446a1c5cbae840087e02Virustotal results 25.81% 
2022-01-14KK_387.xlsmxlsm c2ab14bf957655123abdaeec4efe8202b1e6038c324c3492e2b610175334ff58n/a Heodo
2022-01-14CB1400.xlsmxlsm d55979fab69e6383de91fecd3232f4f013cc7eb8de5a4a0090c6e0a371765b4cn/a 
2022-01-14052023_56774280.xlsmxlsm 28d2e274a082c7de870cd52bde0f9bb929bcb9331d7ce9e85f5c9bb6948a59dbn/a 
2022-01-14939054296.xlsmxlsm 3dd7791745ef386d30fdac27e392533cbf154de6881440bf6bae3b947c775402n/a Heodo
2022-01-14ABM_96.xlsmxlsm 4eab3977f88e6444a99925c2a5769e6b720e8a6ba4ee8cc8235e23a33a1e6658n/a 
2022-01-140923151_1859452.xlsmxlsm 948bece3441056d04af338e263063315d45921d28cf536276011fab5b2127a00n/a Heodo
2022-01-13210JPND84177999.xlsmxlsm 731ec98a6308e19709812083b3dfba8b079aa48f36b486f2f06d7170de5d1541Virustotal results 22.58% Heodo
2022-01-1336-878161.xlsmxlsm 88422e6f6a8baaf355add1168faec3c2cf520438933d982dcff40a31f2468a09n/a 
2022-01-1371475OZJO3263.xlsmxlsm 88d07eac813b81a446e976b9d46feb95a86d3e4d0cdfb6e604d42bba8757db02Virustotal results 22.58%Heodo
2022-01-13583006_54.xlsmxlsm 17f3a4a5b8ba1daf0deed46f749b2df4846ff01f6abab21597fa0791667f9387n/a 
2022-01-13723054707-3399.xlsmxlsm bade694a72c3d8e5887ae4e1f1554aa85add86c8748b60af2e53e4241570d8f7n/a 
2022-01-13669227952_61751.xlsmxlsm 6e346a952b92ea8d7ecde685f07f01806f0d66530eb588748cfdf35aa4467797Virustotal results 22.58% 
2022-01-134009678-88132.xlsmxlsm 929400abfc42d038419315b35d0fd68f85270fee48b20985276ff79651f09264n/a Heodo
2022-01-1306360357730.xlsmxlsm f1ec4f871b40968083790f9f1e19eaf6c17301f20743055e00b6382b3d5b2f55n/a Heodo
2022-01-1337843573219077.xlsmxlsm f82aed370591fd8b536179975bac82d0c6c17f97b74d1dcf5c235fbfb66dad72n/a 
2022-01-135064120_913.xlsmxlsm e894314815096ab9fbaa2b7f084fbe70f1de47caf8d5f282e012a8095831da67n/a 
2022-01-13282739776.xlsmxlsm 5f078012b57ca56c92cb000baabb72b809c64fac6e70911c9175074c54839087Virustotal results 33.33% Heodo
2022-01-13ijz-46258.xlsmxlsm accddc7c06e08cf3517f7277a5c299c85176cd7821220fcbc6681c3dfba5be01Virustotal results 30.16% Heodo
2022-01-1344896558PUQRAHEH955.xlsmxlsm b935e9ee2e3088640c3924e7434607aa3af911123be613e2f1456c19afb23c9bn/a Heodo
2022-01-13Q550.xlsmxlsm a139884d68aacbe19a1b68501de5392ef5ba05cc3eb5a5b2ed0c347db44af4can/a 
2022-01-13OULMW-42.xlsmxlsm 67db098ffc37f7ee91efe9d171ee286e1f72b744f50dce8d4e83309ba5f21593n/a Heodo
2022-01-13052444_24360.xlsmxlsm 4c82d1c41c6287dbc29a8404a82c908dc052b2b7120ea9e58c0cec067ad4fca2n/a Heodo
2022-01-1386793309044.xlsmxlsm dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6n/a Heodo
2022-01-13b_21.xlsmxlsm 8bbb676c7050da79e895b56bb776939362302b3c8b14612ddda54109563de801n/a Heodo