URLhaus Database

You are currently viewing the URLhaus database entry for https://hz1.xhjmmm.com/fz/NRU_22/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1975801
URL:	https://hz1.xhjmmm.com/fz/NRU_22/?i=1
URL Status:	Offline
Host:	hz1.xhjmmm.com
Date added:	2022-01-14 04:59:05 UTC
Last online:	2022-02-10 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-14 05:00:10 UTC to anti-spam{at}list[dot]alibaba-inc[dot]com,abuse{at}12321[dot]cn,abuse{at}alibaba-inc[dot]com)
Takedown time:	27 days, 2 hours, 55 minutes (down since 2022-02-10 07:55:49 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-15	725AJASMB97476.xlsm	xlsm	7a75b8d2c5567ef0c4fc7270b77c7deab2f2a81ea2f1b969f66d680a781b5065	n/a	Heodo
2022-01-15	NPHYO_965437.xlsm	xlsm	0400c5d7c8ad85387bca95f3beb4be0b192f8a53aaf64f60e631ac66c60b5504	n/a	Heodo
2022-01-15	FYC05.xlsm	xlsm	5225cb80d26dfdd86adfb738e4bd1db0465b96e113af141c8cbd9d0bf4dc1e45	n/a	Heodo
2022-01-15	y-5348173.xlsm	xlsm	db676ef714ea818edca3ff4a25da38808cbec2a6d7b944a237e44ad29d8932da	n/a	Heodo
2022-01-15	ns3.xlsm	xlsm	27e87e375006f747c439d7ee9faf69843cc289ff75a5eb062abbea47c57efcac	34.92%	Heodo
2022-01-15	23275111_518.xlsm	xlsm	771e8eb9454d09d3f655f55713b1791583aaa6f813d896737b38d1da511fcb15	n/a	Heodo
2022-01-15	afzy_272849.xlsm	xlsm	1f7a5f12dd0eb712be2e7b1743244984f5924481524eb1c67cac97df0c34ddf2	36.51%	Heodo
2022-01-15	9616882JESZROJE_9819.xlsm	xlsm	3abfe866becd4133977aa353ac9851353631d67be57d77cd85419f68a31b3f69	n/a	Heodo
2022-01-15	64435_17.xlsm	xlsm	acc909b16bebc45d5321810acc605b915d831920e00fc443380298a602eb911d	n/a	Heodo
2022-01-15	75455168204160.xlsm	xlsm	d18ee35b037d473e3ef71c9d7b34e4a758b27a2ac27316621475b6944e5d453c	n/a	Heodo
2022-01-15	r_0024816.xlsm	xlsm	17f92479a5b8f4bd0e4ea0601f49f3d43a2998b0fe44ad764e298f6fd561074d	n/a	Heodo
2022-01-15	713877015068.xlsm	xlsm	38e63247da950af1a3a96864cef46f801d99fe847c9cfab2022dd1bbfd969247	n/a	Heodo
2022-01-15	440502.xlsm	xlsm	26261f6683880339a902fbe83bf577ff5656ba5e8b1b274c694a8a2f31a83346	n/a	Heodo
2022-01-15	09483_36.xlsm	xlsm	9e4e5949a37f75d6982aac9b092694911ce63a2c0bdda51d4a4e318d655f72a2	n/a	Heodo
2022-01-15	OLZ_13071951.xlsm	xlsm	7c6700d88b841ee2fef7de88ce4486004142a265bc1ab53c49bfc35e56a93608	n/a	Heodo
2022-01-15	qpcqkb_05.xlsm	xlsm	69dd17d667b01b8c139033215bad8690a13db67dcab99d323edee2a21ad0a44e	n/a	Heodo
2022-01-15	0005958951314.xlsm	xlsm	df3d1c9f634b214294ffb42adacb58b20d8aa9f35da387af12be4ef35556a1ea	n/a	Heodo
2022-01-14	NTQCI-00.xlsm	xlsm	7968b7e44f8390c379b215df6dc2409c6fead9c38927f667442a183da96df234	38.33%	Heodo
2022-01-14	36819_44101.xlsm	xlsm	c7f2afe51337a22d7458aad225f6c867436b3c51c0897ddd6815294d8731353a	37.70%	Heodo
2022-01-14	2851_875.xlsm	xlsm	2c1629903649cbcf3b885c468c648e7b9caad9bce1bad13edf832b78d8e98d96	n/a	Heodo
2022-01-14	eitrmsn_2835324.xlsm	xlsm	d2569a5701a8fc23468530b950ed661832ef6d909e2a1a921da07a879135f612	n/a	Heodo
2022-01-14	aLauA_773624.xlsm	xlsm	269e9c81c482255515158bebf6c871afb18b879ac13cfcd7e9a22a6e6476423f	n/a	Heodo
2022-01-14	5930171_6231.xlsm	xlsm	d9d89cefabc087af2be25fadd162ff8d73bc3cc83ed65bfa30cc860af14db3c8	n/a	Heodo
2022-01-14	65471802625617884.xlsm	xlsm	8e9e28c923feb00ff3fe04657945eb916f591f695f3ca3f43ab65944f9525e14	34.92%	Heodo
2022-01-14	0655532MIATLMMN_281.xlsm	xlsm	9967b76b33a804c01793c248fef68ef349bfc07f29bfbde28dc3ff44def1c504	n/a	Heodo
2022-01-14	LBZ_60.xlsm	xlsm	9847be420a77fa4d97933e016eb214a440c741157a2f13e93b2b770dc01954fc	36.51%	Heodo
2022-01-14	dzcmpaj-888.xlsm	xlsm	013f28c036fa5af595b6c61d98cb6dc88cb8045194ef50facb59d481041c23cd	n/a	Heodo
2022-01-14	82209SZDE974.xlsm	xlsm	21279987ba4135e6afcbc5527f9c26b7d4e3aec26aa1e1863d2e144edd7f7730	n/a	Heodo
2022-01-14	86603351.xlsm	xlsm	d88d83fc565c556b4332a98efdf1c1eb765b0526e632d40c50f8f0bc75d30857	n/a	Heodo
2022-01-14	Wg381446.xlsm	xlsm	6c0e05648d4f157e4d9aaeaba27c463a21b4039a0a3ed03209a6c711b556e35c	n/a
2022-01-14	V-67.xlsm	xlsm	87a33eb014251fbd3e80d9dce2bf789e0c1b579d59554f4efbdd3f6d78a6e57f	n/a	Heodo
2022-01-14	zksruu_012.xlsm	xlsm	21961b0d16c7d2561ef0c3d8a055eee86e90688f4a6fbe27c7f64c61096d0aec	n/a	Heodo
2022-01-14	0587106.xlsm	xlsm	8f06a62f37fbbb2344ff842ed6e0f7f450546ce8fdbb730a05226045d828fb12	n/a
2022-01-14	52432586OVYK_85795.xlsm	xlsm	ef09ff5f022c6e6a1dbc2d46edece778a389d5074c01aa184fbcaf30fe35fa42	n/a	Heodo
2022-01-14	AAEU_0.xlsm	xlsm	816516a15351123612dd485904b4c1d86fbfe3e1964affa72fcf1e7db73975fc	n/a	Heodo
2022-01-14	7009305_64276.xlsm	xlsm	c95f568471e97a600183f2a71c62c8c16c86552989bf03e2e1b9104282700689	n/a	Heodo
2022-01-14	9320845CCP-34057865.xlsm	xlsm	ed0448141caba757e10c045d97e8593777ba7c60b8871b5871622b2b80ad1519	n/a	Heodo
2022-01-14	0530568030837.xlsm	xlsm	df06e51b72166281110f90f19e518fd3a11af0a1ced6a279c8c16277ad38e62d	33.33%
2022-01-14	G-68494384.xlsm	xlsm	754727f1351a9c17908d09e7425e5643319d698c7d35b450155d1750fc243a5a	n/a	Heodo
2022-01-14	7896724-22.xlsm	xlsm	19c9c6f6944baa62d500484b962f67962eea9bc2e84c436bd8fadda4f01eebeb	n/a	Heodo
2022-01-14	L-2363257.xlsm	xlsm	421f268790f86e00e04dea67f750c9f089b6cc04b3bd52e8cb2755a53b60ea07	n/a	Heodo
2022-01-14	DODS-775.xlsm	xlsm	8a1759da5cf30cda277162bcabe0a579ee44c76e90293cad589f0d6f1e36310b	n/a
2022-01-14	5517.xlsm	xlsm	2b25518c74a4620e944ebbb70b30787175d702d7c2b9dab5072d25bda750f042	n/a	Heodo
2022-01-14	561478-2.xlsm	xlsm	689555499fd2dff9a85acca987cf63ecb004150fb9428e7336b11a90eed8a4a6	33.33%
2022-01-14	539747964-12.xlsm	xlsm	fc35484b7ef1a18a7ceb82df9d86f0b80de2741cddc33c3fdb8d5a51ab630b1e	n/a	Heodo
2022-01-14	71720535SCAJX_8363.xlsm	xlsm	f3623a62008214216481fe10c617e9ca5a5c4c73017e1abd575cf48faf21078c	n/a
2022-01-14	WY01.xlsm	xlsm	dfde0acf3284d504559d7ba1a52f478ec7e78a6a34cc8626f3bb5eced2d456b1	n/a
2022-01-14	81462-178.xlsm	xlsm	5a2aef933d4e5f7047736fa4cf87af3ced016c1e6b1bdd7afba9e7e0cfe81d1f	n/a	Heodo
2022-01-14	9536223YPAEU_765772.xlsm	xlsm	a071e68277a7133cb48b04e16b3df8081238c690317747153fc4c48d7f508952	n/a
2022-01-14	slwk_272.xlsm	xlsm	1d5a664f5ee71027f50ea0456755bd1285f2d04b4bbfbdb59389b49e9aa3f06d	n/a
2022-01-14	8681101-012515.xlsm	xlsm	60373a2b7942416a3047d1724d055f1383105920170390683cf2e74aea7d632d	31.75%
2022-01-14	OOBIA_13356.xlsm	xlsm	1e42138c4309e5be0268be8f2e1b3a5831f56b26749146dbfa02a7ccf863b3fc	n/a	Heodo
2022-01-14	MNWAO101334.xlsm	xlsm	d5410b70cb30784d5cb00821826ddbbcb7aebec8f3cef9658c6dca679e86aff0	n/a
2022-01-14	295TDHEQQU-08157.xlsm	xlsm	6adebb1f908d95b0e98266710b732c600ff552131a6844031fc5417ea84615b9	n/a	Heodo
2022-01-14	KR_513328.xlsm	xlsm	ffac8ef5da7f040ec7af96609d62c0596273659b04794ddca91ab138992d0620	n/a
2022-01-14	sdthoh_716.xlsm	xlsm	dd6f67bc6417791f565e1ddd1c550b3888a6673f3bc8d689ba259d955f373430	n/a
2022-01-14	nedueh_304.xlsm	xlsm	684179a59ccb9a4240a2cb91d8dcc96b15c6aa79eb8a928080a253684d3c2b2c	n/a	Heodo
2022-01-14	77889299_964666.xlsm	xlsm	3aa0a90872759b35bb2892f042fa8a9b8b296d265e9f068d29d588b81458bdd2	n/a	Heodo
2022-01-14	08404405_32.xlsm	xlsm	1c297a6ab065acb1152f13e630509d68b98eedaca18dd4ab43062f8f95ea9a16	30.16%	Heodo
2022-01-14	661743108_47471.xlsm	xlsm	240d9c912338f39fde436264a56a9b48ded82608f23ae5f4a8f732110c2b30a2	33.87%	Heodo
2022-01-14	TTU-941542.xlsm	xlsm	ccaa6507919076a28b38c5b5e30d2091705e482d54aedc76bec5163d31e21fe1	33.33%	Heodo
2022-01-14	74681727486.xlsm	xlsm	c10d40fd29ee12ca187becbe26e5d7f132695ffca909bf6013247c9146b71b81	n/a
2022-01-14	OhPs_7.xlsm	xlsm	efe6738d4ba36185f68784a158eaafecfa97f2a854ae278b8d193f6edc65ed2f	31.15%
2022-01-14	jhmbup-855284.xlsm	xlsm	8930ee76733f7d47386802541a1c011bacf01d3a97b98801b53dc4906502f824	n/a	Heodo
2022-01-14	C_18.xlsm	xlsm	31880b7b69938b12824c65ef7240304c054a61f2c4e62b7f596cafbad8b63ebe	n/a	Heodo
2022-01-14	315_289653481.xlsm	xlsm	d2248407231158d69f414895bb9f2abc24b31d39c156c0f46e25a49fc0f6942b	28.57%	Heodo
2022-01-14	02731_56.xlsm	xlsm	033b712fd7d4d23cef910bf6ad4440c6e7c3d79f483b9d79ee72db130881a05b	n/a
2022-01-14	1000_52665552.xlsm	xlsm	93797babbd39191ec7414750b549df061089d4b224c2465baa56820ed3583b66	n/a	Heodo
2022-01-14	155368814620925.xlsm	xlsm	0766c61d5d861dd6db71ee8f535e5f405f9d7ae80dfc5c83938e000d2b4ba58a	n/a	Heodo
2022-01-14	PWGP520.xlsm	xlsm	d8fd315efba4dd6e72aaf30eb91ac6bbdc046717708c740158751ebf6a9e18d4	n/a	Heodo
2022-01-14	QKQ_775188.xlsm	xlsm	a4fac371acf37f2dfbd34397e355ade1361d93fd5c85013e9a902677149da2f4	n/a
2022-01-14	E9412738.xlsm	xlsm	992922c0dd74c7f68096c93f4df4d4fb642f1503e40b7b20eef156edebe70839	n/a	Heodo
2022-01-14	ME609.xlsm	xlsm	ff585f534b9fcb8f660da3a92bdf92629e9d66cc31aceff6d3cf69be3aa2da60	n/a
2022-01-14	72593283203933.xlsm	xlsm	19da7acace7648f617cc949600d423f00148861c9f82b7eaf35c2487033bd905	n/a