URLhaus Database

You are currently viewing the URLhaus database entry for http://elearning.physiotraining.com.gt/AAQ/3990682_65635580/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1983505
URL:	http://elearning.physiotraining.com.gt/AAQ/3990682_65635580/?i=1
URL Status:	Offline
Host:	elearning.physiotraining.com.gt
Date added:	2022-01-17 11:31:04 UTC
Last online:	2022-01-17 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-17 11:32:08 UTC to abuse{at}1and1[dot]com)
Takedown time:	12 hours, 25 minutes (down since 2022-01-17 23:57:56 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-17	k_56712331.xlsm	xlsm	6f547f1af075434c1f8fd54fb78b5a4f15d49e4a38e86d6e129d88c3e83ea230	29.03%	Heodo
2022-01-17	Yali202.xlsm	xlsm	3205e9241e6f23942fd5b8ff4babdf561cd0022a6d42a800075046bb9e627eb8	23.81%	Heodo
2022-01-17	1688960-1716.xlsm	xlsm	b74ebda344b21397a7dda793d725fc98a04efae5d4cc51c8c8b6f9c253bdcb83	22.22%	Heodo
2022-01-17	prow_55200803.xlsm	xlsm	47c80c975818ab9bd09449d2130bcfb94eeab3b0aaaa784f5c2b56cc3d32c796	25.40%	Heodo
2022-01-17	61-6208.xlsm	xlsm	f4bb1e4f32c5444db3de6d023a3e27ecd0b948e8b13b1d54d7c725ff63dbd7da	22.22%	Heodo
2022-01-17	75178507_1553.xlsm	xlsm	1227b6464953ca3a4307804a94c248736f40446a42121d3e0ceb52fc63629f8a	n/a	Heodo
2022-01-17	VRY-0824370.xlsm	xlsm	ffb2a0ff4ab817787bae6e304ecc561e2e839edd4d20194227a194e6e8bb7b0f	n/a	Heodo
2022-01-17	P_690466.xlsm	xlsm	2350f0180119d36193a0ff0d35370865e389ebf2b910fbfa8419c7a2258a9356	23.81%	Heodo
2022-01-17	7194519_309345.xlsm	xlsm	d617e18915823ed787d6a6d05689a574c7286b6e0c1dccfda44870670679f7b5	27.42%	Heodo
2022-01-17	666004_34.xlsm	xlsm	9994c128dac8fef0f5b7a94e7379a6eb0f2b3ab28cf8c641f2fecfc11a1100a9	n/a	Heodo
2022-01-17	n_63796.xlsm	xlsm	5951f2e9692548b9221f83d17d2495b963300952539c88355ebb9a7357076104	23.81%	Heodo
2022-01-17	477398507.xlsm	xlsm	50cbe9118f2f994c659e087e8bcc79c4335a7b77644e2e55086ae9ef303abeab	n/a	Heodo
2022-01-17	04379-9330188.xlsm	xlsm	0f2531f6017dbdb8385b0b2243e836b999b88b204074a6d3fb2a59a92e7c9791	n/a	Heodo
2022-01-17	K-49691.xlsm	xlsm	21c572c1a346c877990cb9682c8b0f8c5389f2df679b028a32b9c1e23b0b8ec3	n/a	Heodo
2022-01-17	7234_375.xlsm	xlsm	5561c442628b59260698ebf2645820e36704856a4974246c8ca1f93e8b5203cb	n/a	Heodo
2022-01-17	88960QAWXGXU11180.xlsm	xlsm	bac5bcbe06ad5a143b2d435de9c1e2074ba318eeaccec3c1e31ca60c1bd75463	n/a	Heodo
2022-01-17	096581_02379180.xlsm	xlsm	9200eedfb05a8401ce051aa398cf19931387d047aba7b49c746fd316297ab5b7	n/a	Heodo
2022-01-17	y7616.xlsm	xlsm	83af043165c31e1dc1a2f84ab1b7a3793e7885f670fd1b3e5fd6da44ef25c4d0	23.73%	Heodo
2022-01-17	5007-1480.xlsm	xlsm	48493d15ecbcbe199bb069031dd2b2dc6fcee3baad249f61235c3ceb9cd7c33e	n/a	Heodo
2022-01-17	Y_3791.xlsm	xlsm	6bee685b8b324236eb8b115a9e45415d17156584fd6a5766b216655909a50f02	n/a	Heodo
2022-01-17	7074381505.xlsm	xlsm	16298042b5073b61f8937b60ccb4efc10b28e4e0b2043383d0e07ff7d302ba7d	n/a	Heodo
2022-01-17	84-20360844.xlsm	xlsm	669ac99da95c3d69c870bd4678588ee24467471637b56b8a9d26739fbb7696da	n/a	Heodo
2022-01-17	YDHV_01786042.xlsm	xlsm	88d3af486e197b891b1a5dec3356f7655754ce0a21bd57cbc874a066b73ee78b	n/a	Heodo
2022-01-17	ZVSRP_03004.xlsm	xlsm	130a3440d27d5f57af151858f121b978fc0c8e09b553ab84b9ca65a3a891187b	n/a	Heodo
2022-01-17	ZLFM_6578708.xlsm	xlsm	7c3c2188b9cc8f4f771664509a37bb3c4cf568743a9e887095bc598b96d72c33	n/a	Heodo
2022-01-17	9418-36081.xlsm	xlsm	136486d9857b5cc401cdd33c2ba110d61f9a6842f8edc9065352d4f8fb153234	n/a	Heodo
2022-01-17	XM_490976.xlsm	xlsm	34a1b0b5d38a036c45fa73926dedfaff07606db3a238014cc94e799c8ec6bbfe	n/a	Heodo
2022-01-17	DwxR-771.xlsm	xlsm	fc7606f8432f0726d5994b3cc3851d1fd0fdd15a9a376d66cf8d22d885fca2ca	n/a	Heodo
2022-01-17	99730_234048.xlsm	xlsm	eaa45fb291dc0a9f4aedbc4240bb250a5d8d76d6e09b3bbc071cb7aa32493600	n/a	Heodo
2022-01-17	254025242-92471513.xlsm	xlsm	292fdc91610f3758448cd20465cda055cca6df8b9fd19c579b79178b90ae0ccf	n/a	Heodo
2022-01-17	C47987130.xlsm	xlsm	a26052fa2c65c7f6dad6b24d745c9bba1a040aab34b7a72623a016fbd79189ed	n/a	Heodo
2022-01-17	9506566406.xlsm	xlsm	449e938f92f6e62137992e9a8aecc7acb53c42a71bbedf52a3128e07f40ed794	n/a	Heodo
2022-01-17	84350-6911.xlsm	xlsm	03bebc007311f303fd442d966d3c4da9976dd7a141f06f24ebd01484c6fae233	n/a	Heodo
2022-01-17	T_1067148.xlsm	xlsm	8d209fcf2f9009c909f1a62b0a87100c7bf3eccf9a61e853e0b1ff836bc21def	n/a	Heodo
2022-01-17	ONM_6239.xlsm	xlsm	e572dfa20efb7fe613e7c6109441e73b9627f73182a87257c82c0d91bac1c2c1	n/a	Heodo
2022-01-17	7414_485.xlsm	xlsm	0a7cadbf546500694eb8955b04cc185df7c57838232cde27c164c800d0d3607a	n/a	Heodo
2022-01-17	57-568428.xlsm	xlsm	0e90ce84f858de6a068f3293fea92a9e699c604ffde8720fb16b9a701a814d94	n/a	Heodo
2022-01-17	gglhjwo8947.xlsm	xlsm	cd10266dba86101c4ad9a523800ec7b6cf71e0be8aaf1bcdcd0645acbf6e362d	n/a	Heodo
2022-01-17	63755874131.xlsm	xlsm	819a09ea3b10819778967cc28c931a976ca7e2a6de4a416e17fe184c4b85bd22	n/a	Heodo
2022-01-17	ZHVAP804.xlsm	xlsm	6e1260c195a67f6eaa2fffb4f69ae857073a62f9276129f045cd8c7ef72a4a50	n/a	Heodo
2022-01-17	igbb_5885427.xlsm	xlsm	b48be95446b982c21a63af04bdf375a696013d07f9867b1df40b431b231ddcc5	n/a	Heodo
2022-01-17	487282_931.xlsm	xlsm	39103f075e15bcf6cc381e0d3ded98cf651a31ede2ed95f8b6eb59c14f99021d	17.74%	Heodo
2022-01-17	8883357.xlsm	xlsm	8764a4f89bd4ccf54d7a1a600c06d1433b028ca7cc767f3b45b07f3cfb0f2752	n/a	Heodo
2022-01-17	zeizqbx_2013479.xlsm	xlsm	562dc637737d488da3b2dd7cde035fca03c3fbd653f3a0aed858d0acd7d09aff	n/a	Heodo