URLhaus Database

You are currently viewing the URLhaus database entry for http://gzndfit.com/520/72171-019/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1975735
URL: http://gzndfit.com/520/72171-019/?i=1
URL Status:Offline
Host: gzndfit.com
Date added:2022-01-14 04:08:05 UTC
Last online:2022-09-19 02:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-14 04:09:10 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:8 months, 7 days, 22 hours, 44 minutes Bad (down since 2022-09-19 02:53:37 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-15MVWXQ-956234.xlsmxlsm 3f43c23136f5191faf31ea5f6225fc307a16c10ef14a6f6c3aca86df78a0a56bVirustotal results 34.92% Heodo
2022-01-1524OMNHKTWP406489656.xlsmxlsm 8a8beca7c7df4e9c7cdd5863515e6f21c9364dec275cf0ea8eaf47b7b0d3bcc3n/a Heodo
2022-01-15NQA_472745.xlsmxlsm d204957fc2a0a5c3b4b93cc3e7ed68df92f662c8c7c763e38d9772a4a600221bn/a Heodo
2022-01-15nOjc-1180.xlsmxlsm 39f197d5432cbc827d3371ccf8cb2898440927ba265b191fabcc95a16016958an/a Heodo
2022-01-150030470208.xlsmxlsm 42ed3bb6a9eb967306b94792873658ed40373112671f23cc9127147172ee9354n/a Heodo
2022-01-15SxFE_7197.xlsmxlsm 2889cce7964115e3a806f70e6b7d33666cf27eabd15712b2e4c2c01d9c43e3acn/a Heodo
2022-01-151445399060.xlsmxlsm acc909b16bebc45d5321810acc605b915d831920e00fc443380298a602eb911dn/a Heodo
2022-01-15E621.xlsmxlsm d18ee35b037d473e3ef71c9d7b34e4a758b27a2ac27316621475b6944e5d453cn/a Heodo
2022-01-15nabuafc-23964.xlsmxlsm 17f92479a5b8f4bd0e4ea0601f49f3d43a2998b0fe44ad764e298f6fd561074dn/a Heodo
2022-01-1529YRC51539514.xlsmxlsm 38e63247da950af1a3a96864cef46f801d99fe847c9cfab2022dd1bbfd969247n/a Heodo
2022-01-15dOwk_7.xlsmxlsm 26261f6683880339a902fbe83bf577ff5656ba5e8b1b274c694a8a2f31a83346n/a Heodo
2022-01-1517565599-81651982.xlsmxlsm 591d03b3f9091387f618bff8ca7227aa4bfc2f067d0998bcdff6eae0100093f6n/a Heodo
2022-01-15jf-17313462.xlsmxlsm 7c6700d88b841ee2fef7de88ce4486004142a265bc1ab53c49bfc35e56a93608n/a Heodo
2022-01-15603_924.xlsmxlsm 69dd17d667b01b8c139033215bad8690a13db67dcab99d323edee2a21ad0a44en/a Heodo
2022-01-15RYONP-023.xlsmxlsm c58ec0360d977c3351cf691b6f778bff30e6392de98f919995bbfa8b77712bdbVirustotal results 34.92% Heodo
2022-01-14ado124.xlsmxlsm 8f0f2077aa3edcc93ab9afc1a8e9b37a8e2188bd636656b06daedf8135750b73Virustotal results 36.51% Heodo
2022-01-14ZV_34.xlsmxlsm c7f2afe51337a22d7458aad225f6c867436b3c51c0897ddd6815294d8731353aVirustotal results 37.70% Heodo
2022-01-148115_952.xlsmxlsm 23d904c32148793e80d050809ec6989aa4733e705e1aa03df256c3fa6ae218cfn/a Heodo
2022-01-147317_32121725.xlsmxlsm d2569a5701a8fc23468530b950ed661832ef6d909e2a1a921da07a879135f612n/a Heodo
2022-01-14521374ADMJLFKO_3.xlsmxlsm 269e9c81c482255515158bebf6c871afb18b879ac13cfcd7e9a22a6e6476423fVirustotal results 34.92% Heodo
2022-01-14xQerXP8356337.xlsmxlsm 46b8a68b043ea9ede033a603ef771e24c4e2255070731c00b909c41607b2bdf3Virustotal results 34.92% Heodo
2022-01-14skq_4259.xlsmxlsm 1f9d9fca72abbfae3dc8f70790c4d8ee3916adc5c68ab73c3d2cdd1fa38198b4n/a Heodo
2022-01-14GZCKC0018801.xlsmxlsm a51724da5a2c220ccb551df3d43ba4004b8231ff7848bc4058daf8477c56f75en/a Heodo
2022-01-147598642.xlsmxlsm 2819520aee64e6800af25eca5fa2aa0bc926fc6dd13200b425c0a686d95db027n/a Heodo
2022-01-14wqdlk_6020349.xlsmxlsm 9847be420a77fa4d97933e016eb214a440c741157a2f13e93b2b770dc01954fcn/a Heodo
2022-01-14Luqd-9.xlsmxlsm 21279987ba4135e6afcbc5527f9c26b7d4e3aec26aa1e1863d2e144edd7f7730n/a Heodo
2022-01-148982920_31.xlsmxlsm d88d83fc565c556b4332a98efdf1c1eb765b0526e632d40c50f8f0bc75d30857n/a Heodo
2022-01-148846_196072.xlsmxlsm 6c0e05648d4f157e4d9aaeaba27c463a21b4039a0a3ed03209a6c711b556e35cn/a 
2022-01-14X1292.xlsmxlsm e4789d37fc052b9ccb7af72cfe30d0c26d4567dc3c55f9c1436db541d1e09e12n/a Heodo
2022-01-145487930_72.xlsmxlsm 21961b0d16c7d2561ef0c3d8a055eee86e90688f4a6fbe27c7f64c61096d0aecn/a Heodo
2022-01-1444484068-193243733.xlsmxlsm fa130c4577ad2bd4ea26ec8f6183a9ba6b14a91ed5e8f6bcd576cad3b9880a9an/a Heodo
2022-01-14k_63990.xlsmxlsm 8ac60a4dd90aa35456bca26f504442bf3464e6931317017199138907cf34f7bdn/a 
2022-01-14WJPF-1288786.xlsmxlsm 45d0ff33414f7e28bd4bf48ec71ad16080126ebdf84d54e9c5b90ac9510eb5c7n/a Heodo
2022-01-1431173775XQLTSFRV-620491.xlsmxlsm a0275c9c329d34b36de75185370f870fd9f5b7531e100d597213b4b78cc979acn/a Heodo
2022-01-14RYY_05.xlsmxlsm bcef43c0374c4f0463953105cce147e3c10b0f69436436a8b4f8506aaf3f0748n/a 
2022-01-14876859_403310.xlsmxlsm 514cea821d5d4c28b8a3a56cde53d806dc7ef8637ff6f5cec8ee936c75f16c07n/a 
2022-01-14Xj-28698482.xlsmxlsm 2c889a7d64cc2b42fa7e958f055e2350821ecb0f0c6d555f0de3268ffd752dfcn/a Heodo
2022-01-1463455_73383.xlsmxlsm 76e281e4666c4a90938595d81796364bfc4521ba33fddeecae09aa8fdb0c3b93Virustotal results 33.33% 
2022-01-1441305_3239263.xlsmxlsm 518ada94017758d7fc52e229e1470a4b5285da78a90d748232462647e910104cVirustotal results 34.92% 
2022-01-14550112352_644.xlsmxlsm 69c12e112b530ad17135d9bfde2781898ee661501702c81ba5c27903d439623bn/a Heodo
2022-01-141780_445.xlsmxlsm ab5d8bf5fc5242d31fac07794a032f75a097559e76c27991d42d0afa48519db5n/a Heodo
2022-01-14An181.xlsmxlsm 689555499fd2dff9a85acca987cf63ecb004150fb9428e7336b11a90eed8a4a6Virustotal results 33.33% 
2022-01-1467880127_32.xlsmxlsm fb51ebfd72054de8cbd7f74a05ce8d3cce650a9224c21504077cce9e86ae6fd1n/a Heodo
2022-01-14l_9386.xlsmxlsm fc35484b7ef1a18a7ceb82df9d86f0b80de2741cddc33c3fdb8d5a51ab630b1en/a Heodo
2022-01-141219632525108.xlsmxlsm f3623a62008214216481fe10c617e9ca5a5c4c73017e1abd575cf48faf21078cn/a 
2022-01-14SNYW-9218601.xlsmxlsm b0a265b0d24252c4692de5729a76f1258a03a12694e20a49e306a0f83709270an/a Heodo
2022-01-1480308_713.xlsmxlsm 5a2aef933d4e5f7047736fa4cf87af3ced016c1e6b1bdd7afba9e7e0cfe81d1fn/a Heodo
2022-01-1429546865ODOYHTH363.xlsmxlsm a071e68277a7133cb48b04e16b3df8081238c690317747153fc4c48d7f508952n/a 
2022-01-14355501535.xlsmxlsm 4798497313ab844457b411ab2b7dd381ff709e35009c92e6adf769777919b08en/a Heodo
2022-01-14h-36369506.xlsmxlsm 1e42138c4309e5be0268be8f2e1b3a5831f56b26749146dbfa02a7ccf863b3fcn/a Heodo
2022-01-14H60.xlsmxlsm d5410b70cb30784d5cb00821826ddbbcb7aebec8f3cef9658c6dca679e86aff0Virustotal results 33.33% 
2022-01-142605647079.xlsmxlsm ca10d23a4990ebac124b1dda44768d00c6592d955ed3ed5814954a99c9f8f5d8n/a Heodo
2022-01-1473146_560.xlsmxlsm 38fae338f6c68c5cf6e80768b44a9286d484b36262b24c1766f66e76de463aafVirustotal results 35.00% Heodo
2022-01-145582_1.xlsmxlsm 92c7fba0fee06ca863d7e6a4e46452a07184d6c7c412c331dd151f28fea0e2edn/a 
2022-01-14JRFKM-11887.xlsmxlsm e5ea982fad618db997eb7226e1645f84043456aa8eacaef80949073af7958635n/a 
2022-01-14QW_060.xlsmxlsm 684179a59ccb9a4240a2cb91d8dcc96b15c6aa79eb8a928080a253684d3c2b2cn/a Heodo
2022-01-14yrpokyx_7.xlsmxlsm 3aa0a90872759b35bb2892f042fa8a9b8b296d265e9f068d29d588b81458bdd2n/a Heodo
2022-01-146252909_685.xlsmxlsm 1c297a6ab065acb1152f13e630509d68b98eedaca18dd4ab43062f8f95ea9a16Virustotal results 30.16% Heodo
2022-01-14948865_53340928.xlsmxlsm 1c183538db4d2feaec54995ab30b00d70fa772995b7afd8203198db1816e0664n/a 
2022-01-14AG_55.xlsmxlsm ccaa6507919076a28b38c5b5e30d2091705e482d54aedc76bec5163d31e21fe1Virustotal results 33.33% Heodo
2022-01-142949640_6.xlsmxlsm c10d40fd29ee12ca187becbe26e5d7f132695ffca909bf6013247c9146b71b81n/a 
2022-01-1401856530_5739150.xlsmxlsm d853a787212fe504d5224c16b769a947ab8a04dafadfa9efcf9209c82b92d530n/a Heodo
2022-01-14MFA68.xlsmxlsm 320e9b7c12da6a0484b786666c2e5bd35a707234d1503379ac882d9a9c7ecd69n/a Heodo
2022-01-14ROGIt06.xlsmxlsm c6d25e85c9b94f389f35a0dcf68e58dd96c1b1dd4269ef4b5b8aac454b2efcban/a 
2022-01-14D_905.xlsmxlsm 3c1065f5a3bd623799cdc9f2d15405189dd2604a1ddc45c113c19eec70f81c77n/a 
2022-01-14541939.xlsmxlsm c94b6907928429e7d56f171d9a379d24c0250086ffbeb2a9da5dde1049fa569fn/a Heodo
2022-01-148662-5477308.xlsmxlsm 1b541aec384ee441ed95203089c219b335fc960c20351c2b7abda2fd6ef0d502n/a 
2022-01-1466338996214332.xlsmxlsm 3466d520bb73d37c5ba72056b46d00bd6346db16cfdef557cf14e6554b7cf98fVirustotal results 27.42% Heodo
2022-01-1400591FZBGLVOATP_16726.xlsmxlsm b2b9242ff9294f3a3a597468afebc70e405c7e6d1c5b94e4e4821e8f6bf62aabn/a Heodo
2022-01-1412784787_83116140.xlsmxlsm 046d5f85d492903e52b9161d9454a1b6a18f3980482650fff9a9b2ba7086c1c0n/a Heodo
2022-01-140612794_6364601.xlsmxlsm 9bbdbbf2e16c8304a30bc12313362864d0b4611b6b5564e5fa4efeb559c9a4c6n/aHeodo
2022-01-14S-97390135.xlsmxlsm 0db8962b34a097cbefe62d17aae56cbb6e86fd1f8302a190427bf5de9e3a678cn/a Heodo
2022-01-148816302-529.xlsmxlsm 5e5e12a3a114f3edcabd2e37239ea81f03db5f04ae7c6a5b5436f8898489f84fn/a Heodo
2022-01-14lq-349234.xlsmxlsm 9fc43645a59ffc54409d20d58c7198ee61f8ab3a982a0928bf62523b1c61a575Virustotal results 26.98%Heodo
2022-01-1400850118PCQR_986374.xlsmxlsm 59994a64b70f1f0e6bbd5e80f1e6d1e8c7f28872d6678cd67c0055f903823c26n/a Heodo
2022-01-1471846260356.xlsmxlsm 2b237f590b41d6ca7757dd232fd99ccac59a7bef70a3c6f4b33e9d37ac73686dn/a