URLhaus Database

You are currently viewing the URLhaus database entry for https://erizo.webarrive.com/cgi-bin/N5611/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1976483
URL: https://erizo.webarrive.com/cgi-bin/N5611/?i=1
URL Status:Offline
Host: erizo.webarrive.com
Date added:2022-01-14 12:10:05 UTC
Last online:2022-02-16 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-14 12:11:07 UTC to abuse{at}1and1[dot]com)
Takedown time:1 month, 2 days, 21 hours, 47 minutes Bad (down since 2022-02-16 09:58:26 UTC)
Tags:emotet link epoch5 heodo link xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1567680_654.xlsmxlsm 24e6bb90d4b84c8fb6769e7637035f9154e23fa9ba28b65c5162f1d5e3b9a0cen/a Heodo
2022-01-15W-42960510.xlsmxlsm dbc67eae8cf5aa397d880b1e61190254bdca1215f2164c56bcde816fc3b25492n/a Heodo
2022-01-15OB_3035.xlsmxlsm 7b13a221a0b62f54ec6947573c797094f113558c1bc574b6bacdffe3061cf72en/a Heodo
2022-01-15wEW_30.xlsmxlsm d0209810287321712b7d094dce723b36cf1fdb8258c3b3c41b49b7684f854983n/a Heodo
2022-01-157283119776.xlsmxlsm 676121a2e44ebeec23e8103a93adec3154731c96e594e194b21398eb0da2ad1dn/a Heodo
2022-01-15A679194.xlsmxlsm 460f8a1daadf1518b1f27f19ce641ba92a1ae23c0452656a068e5f46bce16623n/a Heodo
2022-01-15AG_596282.xlsmxlsm d956d51c896100523138bc649194b56fea4da4499f148db37930b4b2aee39101n/a Heodo
2022-01-15hxud3421649.xlsmxlsm a74e56368e271fed755aa1071a1286036351e04358f0707a7f062d2d18457874n/a Heodo
2022-01-151165825846.xlsmxlsm 3eb7ff0ef35d108a0719b6beea7306c849157fc6b8ef972d9d1f4b24696f71c8n/a Heodo
2022-01-151362723-44.xlsmxlsm d88a7ac3b8616da5e351a91188251a68584ec2d51a5c491c18f661a322ce9319n/a Heodo
2022-01-15H-8.xlsmxlsm c8ae806c1fad8007f17331fc0ea71d000140443e4596a430f7cd80332ac3c2cbVirustotal results 34.92% Heodo
2022-01-15101042690-659.xlsmxlsm 3a65abf1b08c0b1d64979d349e28077ac40c68c38fd7f2581468337a6e5d848an/a Heodo
2022-01-15243603945673.xlsmxlsm d90488474a115987753f7d96f2810900bd6abfc52ac05aeed67710e18e0314adn/a Heodo
2022-01-15blrf73696162.xlsmxlsm af74adf2376ab0a8fb16735d44fc3e72bc4480a91b2cf9de85cd2f9ab7fe1fb5Virustotal results 37.10% Heodo
2022-01-15H_7792232.xlsmxlsm 55609e9411de2aa6dca0995747f89cc0b89081e6722e497433da8f8d02e9a2f2n/a Heodo
2022-01-15NJ7.xlsmxlsm c909891cc6ab3148cc2e5af0f42b18f4fea635079447729eba2203ffdbdf32d4n/a Heodo
2022-01-15916644-9545.xlsmxlsm 7048b590b47e71cb6a20b35c192d264bc4bb1fb4213dbb9a9a2c9748d53af762n/a Heodo
2022-01-1577911_82534275.xlsmxlsm 1f93c92652672883150a833d6bdfdf434bde9d61121c95b4a0b77740afa8479cn/a Heodo
2022-01-1527775135626153.xlsmxlsm 2966763dc88ba44de5f3aa8ff82addad4bb4b567bdfe60a067f169098258c418n/a Heodo
2022-01-15K_1885.xlsmxlsm 20f452bb488539a7e3a4840a8ed88bff9a700b89e50439e71b40181a71ee604dn/a Heodo
2022-01-1558_67560382.xlsmxlsm 7a75b8d2c5567ef0c4fc7270b77c7deab2f2a81ea2f1b969f66d680a781b5065n/a Heodo
2022-01-1526448-032.xlsmxlsm 22f20d029b24272da77ea4b56a36a93a3f837d0d98cc207433d92f7eed14074en/a Heodo
2022-01-15435585_57546.xlsmxlsm 5225cb80d26dfdd86adfb738e4bd1db0465b96e113af141c8cbd9d0bf4dc1e45n/a Heodo
2022-01-15k0790820.xlsmxlsm db676ef714ea818edca3ff4a25da38808cbec2a6d7b944a237e44ad29d8932dan/a Heodo
2022-01-15RWy-393.xlsmxlsm 7502d81e1850ddeca8f2a9b2b5b986b1402710ac10ba7247fa34dbde1e9f1399n/a Heodo
2022-01-15LOu_472553.xlsmxlsm 771e8eb9454d09d3f655f55713b1791583aaa6f813d896737b38d1da511fcb15Virustotal results 34.48% Heodo
2022-01-15677620859744693.xlsmxlsm 1f7a5f12dd0eb712be2e7b1743244984f5924481524eb1c67cac97df0c34ddf2Virustotal results 36.51% Heodo
2022-01-1574648_51538244.xlsmxlsm 3abfe866becd4133977aa353ac9851353631d67be57d77cd85419f68a31b3f69n/a Heodo
2022-01-15CHRPG_4443137.xlsmxlsm 91f1fcbd97c98c8228da3ca85b422fc21a0efff0bd3299bb423d23ff15834d9fn/a Heodo
2022-01-15LY39527982.xlsmxlsm d23b6087f9c63fee7bf5d8e620cf88ca2c38fe8ee342deed923d705fa9b6d68cVirustotal results 36.51% Heodo
2022-01-158435932417545.xlsmxlsm 35101e24e0d9b97edc46d35011a21e505ee4b05036998544ad3dad3444e09376n/a Heodo
2022-01-15992IRYHEAFC8931901.xlsmxlsm b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6eVirustotal results 34.92% Heodo
2022-01-155912953_89861.xlsmxlsm de54a7c99135db230ba151e513f7813ccca74b08201d7592958e82c51b152386n/a Heodo
2022-01-154726_98440556.xlsmxlsm b8121edc6cc2e93b9a7832beca7e11a32f3c0b8214816c8276a2d2eeec251050Virustotal results 36.51% Heodo
2022-01-1547942868_2156.xlsmxlsm c20613da92dc6c60ccdd38a6c41f069e973921e2e618c3e9b673480e0fdbe172n/a Heodo
2022-01-1567448612_30.xlsmxlsm 69dd17d667b01b8c139033215bad8690a13db67dcab99d323edee2a21ad0a44en/a Heodo
2022-01-15S_04.xlsmxlsm df3d1c9f634b214294ffb42adacb58b20d8aa9f35da387af12be4ef35556a1ean/a Heodo
2022-01-14943060CWCB1948995.xlsmxlsm 8f0f2077aa3edcc93ab9afc1a8e9b37a8e2188bd636656b06daedf8135750b73Virustotal results 36.51% Heodo
2022-01-143071ALFKETM_3244.xlsmxlsm c7f2afe51337a22d7458aad225f6c867436b3c51c0897ddd6815294d8731353aVirustotal results 37.70% Heodo
2022-01-14OBOGG615562.xlsmxlsm 2c1629903649cbcf3b885c468c648e7b9caad9bce1bad13edf832b78d8e98d96n/aHeodo
2022-01-148080019_9377.xlsmxlsm d2569a5701a8fc23468530b950ed661832ef6d909e2a1a921da07a879135f612n/a Heodo
2022-01-14055KFFZGF191528.xlsmxlsm cf04f9d9d12315b27f3fc16c12ca6860a84b391e604598b91b704eaabcca52d7n/a Heodo
2022-01-1486199291CMDTUN-3525.xlsmxlsm 46b8a68b043ea9ede033a603ef771e24c4e2255070731c00b909c41607b2bdf3Virustotal results 34.92% Heodo
2022-01-14729099-615660.xlsmxlsm d9d89cefabc087af2be25fadd162ff8d73bc3cc83ed65bfa30cc860af14db3c8n/a Heodo
2022-01-14ilDO_3463298.xlsmxlsm a51724da5a2c220ccb551df3d43ba4004b8231ff7848bc4058daf8477c56f75en/a Heodo
2022-01-1415157767_96966612.xlsmxlsm 9847be420a77fa4d97933e016eb214a440c741157a2f13e93b2b770dc01954fcVirustotal results 36.51% Heodo
2022-01-14PfCbr-1.xlsmxlsm 013f28c036fa5af595b6c61d98cb6dc88cb8045194ef50facb59d481041c23cdn/a Heodo
2022-01-14SWUFL_73854.xlsmxlsm efd30552aad21aeac0f4a05a866a996d283149a65d8af4139c50960523c46bbfn/a Heodo
2022-01-14CM63.xlsmxlsm 1945d61931cc7e9819244230ab70575eb1cebf7348d804e518182aecd018c76aVirustotal results 37.10% Heodo
2022-01-14US_093801.xlsmxlsm a5a72434f5357b664856b5ce941ab93a74e2a5e9765cd65139c74b8d0c6c999cVirustotal results 33.87% Heodo
2022-01-14xEJZ039.xlsmxlsm 87a33eb014251fbd3e80d9dce2bf789e0c1b579d59554f4efbdd3f6d78a6e57fn/a Heodo
2022-01-14ikozxyu_68778.xlsmxlsm 8e5f2412f3d12b279e75f2237ca109db4bcf1196f89e12bf331a48f4b7850668n/a Heodo
2022-01-144917034.xlsmxlsm ef09ff5f022c6e6a1dbc2d46edece778a389d5074c01aa184fbcaf30fe35fa42n/a Heodo
2022-01-14QY-17702479.xlsmxlsm 01e7bf755c02b2a01e54ba0c464ce80a6e64a404a541e9fd46ac00fd1d3b22f2n/a Heodo
2022-01-148310_94523045.xlsmxlsm 816516a15351123612dd485904b4c1d86fbfe3e1964affa72fcf1e7db73975fcn/a Heodo
2022-01-14742AZZVZILP85952.xlsmxlsm 5d096704a430b052afbdbc31e3ab50be22354e158b327750c24aad5193cbc305n/a 
2022-01-1482040693915731.xlsmxlsm 89be0892e2374d1d0423930f73ad31cda4da82ee29970a5fef0a996357609051n/a Heodo
2022-01-14jf20607591.xlsmxlsm 0d689f583f780d0dbd3e9197bac7b961ad20c2a5d4e0df322ec0308f43eac999n/a Heodo
2022-01-14ea_0614803.xlsmxlsm f79292fd55509a135e97ccf4fed6dd3d4a3f363a0c0023c63bf44699a74a5767n/a Heodo
2022-01-14Khj8134278.xlsmxlsm 76e281e4666c4a90938595d81796364bfc4521ba33fddeecae09aa8fdb0c3b93n/a 
2022-01-14qVfxN_04382.xlsmxlsm 91b698296f9258f576362d0b0eb4449692d940a43cc0a15da04204736ee3d17cn/a Heodo
2022-01-14XZVYW-9248.xlsmxlsm 6e3f7fbf88f0c06a06f7c3fa532eb76dc49819a18988ab866c98c246717e1e5en/a 
2022-01-1432374836_81527012.xlsmxlsm 2b25518c74a4620e944ebbb70b30787175d702d7c2b9dab5072d25bda750f042n/a Heodo
2022-01-1455056_3784.xlsmxlsm 689555499fd2dff9a85acca987cf63ecb004150fb9428e7336b11a90eed8a4a6n/a 
2022-01-14QCL4449387.xlsmxlsm fb51ebfd72054de8cbd7f74a05ce8d3cce650a9224c21504077cce9e86ae6fd1n/a Heodo
2022-01-14QM_09542.xlsmxlsm fc35484b7ef1a18a7ceb82df9d86f0b80de2741cddc33c3fdb8d5a51ab630b1en/a Heodo
2022-01-14KZRWE-78991.xlsmxlsm 1c68f30f7393f7ed3b31069e559a5247a7b2dca41c214fcf30a88a67f89f5d21n/a 
2022-01-14568822564-14921.xlsmxlsm dfde0acf3284d504559d7ba1a52f478ec7e78a6a34cc8626f3bb5eced2d456b1Virustotal results 31.75% 
2022-01-14662151893_2958609.xlsmxlsm 5a2aef933d4e5f7047736fa4cf87af3ced016c1e6b1bdd7afba9e7e0cfe81d1fn/a Heodo
2022-01-146935YRF_7238256.xlsmxlsm 6cff3d5e3c5707635db1923840914536dc835efa272d105bf3e5011fbdde5e8en/a Heodo
2022-01-14FaBZ40073.xlsmxlsm c8175fb03f70a070ab1ca8042c43eaaf50aba2ef42bfa49df621c12fb4452f39n/a Heodo
2022-01-14ljlb36436.xlsmxlsm 60373a2b7942416a3047d1724d055f1383105920170390683cf2e74aea7d632dn/a 
2022-01-14H-53185.xlsmxlsm 1e42138c4309e5be0268be8f2e1b3a5831f56b26749146dbfa02a7ccf863b3fcn/a Heodo
2022-01-14683_1667.xlsmxlsm d5410b70cb30784d5cb00821826ddbbcb7aebec8f3cef9658c6dca679e86aff0n/a 
2022-01-14f_061038607.xlsmxlsm 6adebb1f908d95b0e98266710b732c600ff552131a6844031fc5417ea84615b9n/a Heodo
2022-01-148029_90549922.xlsmxlsm 38fae338f6c68c5cf6e80768b44a9286d484b36262b24c1766f66e76de463aafn/a Heodo
2022-01-1435_12526.xlsmxlsm 91d755374725859f64dc3160258cc1f6a2f04cb768b0da56e86e04511d57aca7n/a Heodo