URLhaus Database

You are currently viewing the URLhaus database entry for http://meca-global.com/wp-admin/dCSOtk_27/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1985747
URL:	http://meca-global.com/wp-admin/dCSOtk_27/?i=1
URL Status:	Offline
Host:	meca-global.com
Date added:	2022-01-18 08:04:05 UTC
Last online:	2022-02-10 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-18 08:05:17 UTC to abuse{at}godaddy[dot]com)
Takedown time:	22 days, 20 hours, 7 minutes (down since 2022-02-10 04:12:26 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-19	ZJY_0016452.xlsm	xlsm	d145d8bd97ef82aed65a01e30b7523f9380bdef7e4af3cbb706c3fe571d2accb	n/a	Heodo
2022-01-19	996884_473.xlsm	xlsm	a98ce7c10f03702a9933c42dc4c7e46238f2596d3c49ec5df2c6f595e1f7e313	n/a	Heodo
2022-01-19	151754344_79.xlsm	xlsm	bf358073ed5741312e901e0fac9cc9af2c7d3f4b3b9f6d1f89f0c02fcaae63f8	22.22%	Heodo
2022-01-19	42_8295.xlsm	xlsm	6b326bd8775334752e05a398a534955fd2ae44993cd2d6c4f1f85e3ee38503ce	28.33%	Heodo
2022-01-19	9089703-77148914.xlsm	xlsm	d6553545b1163cac98c8454f5751dfd16b73d1c9262916d86996b3fe3cfb632d	n/a	Heodo
2022-01-19	GN-11568.xlsm	xlsm	48c97edd7f122c3b86c922c49da7c372c030284af6010de38dd5191b7d1044c2	n/a	Heodo
2022-01-19	nsxxuw_77.xlsm	xlsm	fef7017d59c99fb7ef55f867d66297ace1a66b98f61817b5f42b0b9c4e22a3e0	n/a	Heodo
2022-01-19	P_054972339.xlsm	xlsm	891104d63f0866d8f682ab48115cb56a4d83df1c7d38aed7e390dd7f79f1f40c	20.63%	Heodo
2022-01-19	496_57.xlsm	xlsm	17e58485ceea86f7c5a32f35a478b985b7a90573512c8cd051e090e4888e1f20	19.67%	Heodo
2022-01-19	3424669710451634.xlsm	xlsm	bea5921badee43603291587c2cbed8fc2d82b15583a6d11fa66afc9bdf2b84e2	22.58%	Heodo
2022-01-19	RTnRwy_6300513.xlsm	xlsm	e3f5e0fe4b1a91a4511c3621a2d351a6132fe0bf448379a4953829cbc6579641	28.33%	Heodo
2022-01-19	ye2064.xlsm	xlsm	84529344649591a9fee25983b732a5171630e0eae26c5109f8916587672efafb	n/a	Heodo
2022-01-19	774704.xlsm	xlsm	3f25b33a654731325f43de1d4580715d04256dbc9a5edadae6cdecf84897d962	22.22%	Heodo
2022-01-19	PPA_303.xlsm	xlsm	b92a036ddd73d18ed97801d7a77457c7395bb64f94aa3272439748c1eb334021	22.22%	Heodo
2022-01-19	605050051016655.xlsm	xlsm	18d6d143faa6a760ba0a476fa10612391cb6ea8c22ab604dc7c47fd3f1f04afa	n/a	Heodo
2022-01-19	14029444-2094.xlsm	xlsm	237b2490c0e6d27ef3badff081fa7ba4b7e05a805a3664047eac211affbf612e	n/a	Heodo
2022-01-19	783933_15.xlsm	xlsm	aa2a65229b69fd6ac54c602b320e13c8b883087f9f221cbb358cb563443bffe1	23.81%	Heodo
2022-01-19	MCJUQ22308862.xlsm	xlsm	0d0b8301a65a0f3ee350a52c1771044e326d54e851e5cc43c47a8d3bce1200d9	19.64%	Heodo
2022-01-19	517253000-199.xlsm	xlsm	42b3f45dbdebb32d3b00bb80dc8e8f559d772005a06a6e08c256f25d088a6e46	n/a	Heodo
2022-01-19	03244_2044480.xlsm	xlsm	05b8d6322852c3054d0dd30228d150e394160d4f1a8bf281c39953a012e691c3	20.97%	Heodo
2022-01-19	30000RVMJJ97178245.xlsm	xlsm	df2769638bd691851f529a5320a54d92d23f6d702c88d31a37ebbce68491a635	n/a	Heodo
2022-01-19	bytsrbx_12.xlsm	xlsm	c13305fdd9e7e4ce379937deb578ce2e788370bc2b547e027db59c59b722efd4	21.67%	Heodo
2022-01-19	ii_588.xlsm	xlsm	1fa60639ea962861142d2efeb77fd77c280fb3442d31d2db07918d54e6b5336c	28.33%	Heodo
2022-01-19	IeGOo39354.xlsm	xlsm	79cfdb919315844deefdaa5f9ad364a026f3a795b473171647cd0176a4333f01	n/a	Heodo
2022-01-19	AFNTM-1669202.xlsm	xlsm	ceaa2e4a3e4521b680dbbb7645140a69929ac5ecb0d9342bd88ffe34e33bfcb6	25.81%	Heodo
2022-01-18	204493-8299760.xlsm	xlsm	c367a9422665976310f8899e0ae55a7415babdc88f2377d6bdc4e62aa373368e	19.35%	Heodo
2022-01-18	574982_1635615.xlsm	xlsm	6001966534b597395906f4462e7dcc3068171124579b7265e5e7be7e05e5c427	n/a	Heodo
2022-01-18	FWWN3301.xlsm	xlsm	256a56de41a6a0e96dd9b8c581075fc900b450f2f872e4403f332c509c328ca6	n/a	Heodo
2022-01-18	NT_952704.xlsm	xlsm	96cbfe690490f4cfdbfdf395626f5f393deb559f0c078aecfa9facc6fdac9d54	19.35%	Heodo
2022-01-18	7369-6260.xlsm	xlsm	42fce6fdb4460cd9ed23a7e05582c8344c254ca42bf5a384ec854274e372b0dd	n/a	Heodo
2022-01-18	028_4580662.xlsm	xlsm	f601b3c0045352c178e7dead3f2dc7077202e24e4621bfeb5436905417814a72	n/a	Heodo
2022-01-18	98TFF-5227220.xlsm	xlsm	c96f85662e9b91ef48116048a2b379783a961a851b6281497f1e93de0721ad15	n/a	Heodo
2022-01-18	09517-67.xlsm	xlsm	231fdc944ad9a605313f77ebb619006eb317e7cfc930852e645a5cbd1c072202	19.67%	Heodo
2022-01-18	TM_6206528.xlsm	xlsm	a0cc02185b718d8a8caec87fdee0f6aae676b61e1c69915cbd8d8e2600263b12	n/a	Heodo
2022-01-18	cpbbgjf_047219.xlsm	xlsm	835db3973cdab6d1ba4bb09fdfee00ae18d67ae017701d72c6201448a770af01	n/a	Heodo
2022-01-18	CW-23.xlsm	xlsm	a7ef22eea242dc9a67cc5034c73575de2b7ae3e9e4faadcb6f6a515b6f44cfed	22.41%	Heodo
2022-01-18	32427625836.xlsm	xlsm	1ee2c82f323e72a8e1f05e759de7a35743417caf0286f0c145824a610c3ac074	n/a	Heodo
2022-01-18	GG11.xlsm	xlsm	232b0ace6a2a7e19d01426b6e41288d2b789d50da050eb26fbf1b5e076ad452a	20.97%	Heodo
2022-01-18	503444267089.xlsm	xlsm	c852ae2ba337c41a7ce54bbf6eaafbc8d089229c71b854049014e5e3fc09f653	n/a	Heodo
2022-01-18	DG82545610.xlsm	xlsm	c80a32c49ac7bde59c31966abd4db02186a8fa1cb19f389a95c909243a438e70	n/a	Heodo
2022-01-18	Q-660791.xlsm	xlsm	fdbf8a4d28493e5f168a0acdd61ca7706c68009cfcc4d7b79705cc8ed5d2ec21	n/a	Heodo
2022-01-18	3564NCUPZRUL_941.xlsm	xlsm	05ec8d1e038ee19393cb946a344369bdc29287188d4c6bb1df7771ad33ea7cb3	n/a	Heodo
2022-01-18	5156813-99633.xlsm	xlsm	6416de9fc007add8b239ca4905a85218c357b2ec6bb70e5ccc859a57509fa575	n/a	Heodo
2022-01-18	545_010.xlsm	xlsm	baca5c47790b27a55be5819c846c4cffea11dfb400abbab5120d525f828fc450	n/a	Heodo
2022-01-18	9584555_871.xlsm	xlsm	d06dcdc68f9ffae4fa7b1cd5c05668c2ec07765b411b5c2c17f05788459d89ad	34.92%	Heodo
2022-01-18	QMC_35381.xlsm	xlsm	06c1843bd1d6be39a1c9e366fb9f72fa9bb9c3f6c5e54a555c4e2fe0497cc14e	n/a	Heodo
2022-01-18	4123-6747677.xlsm	xlsm	59ec2f5112030ddb2113cb3b1ccb9a375493b1d8696f245777c78e8bc0f491e7	n/a	Heodo
2022-01-18	UOUYf-53526.xlsm	xlsm	309cb3f81bdea9f9b0de31530c7466aa28e4b709f09d4eca9fb755393b131e72	26.98%	Heodo
2022-01-18	rrgw0029944.xlsm	xlsm	95bed38948795ae7159be296e9390bdf122c8050af85ae734ad611c743243b3c	n/a	Heodo
2022-01-18	QBAEQ88.xlsm	xlsm	84bad34c5bdcb90470bfd094dd7544663f454f3adc3d7ab0466ce45a66785a4b	27.42%	Heodo
2022-01-18	05_1810339.xlsm	xlsm	d4845bca888e567f9b92d2868359f607b1f04d2d9c969b34cdcb569ac7d9064a	n/a	Heodo
2022-01-18	6590320-58607.xlsm	xlsm	2084f9c4525bb5bde2f85657f7df20cf59ac77b05732175346adf11a85f2a5bd	34.92%	Heodo
2022-01-18	0500_227278.xlsm	xlsm	91e32f317a2d6f6c524bebb7765f3a932419aa156fdfe3f0f4b21c4b7e48857a	n/a	Heodo
2022-01-18	470661-2178.xlsm	xlsm	4889efed9c85c43bb7fc44b41b4fb792cf258ef217d882f3f04dff7ad4e84a34	n/a	Heodo
2022-01-18	0236492208507.xlsm	xlsm	497986cb6601de28325152cb3345f31bef9ce993fb27b04bdbaf5c4cc6b9277c	n/a	Heodo
2022-01-18	GCB_658290.xlsm	xlsm	8359f349841fcc2b88f6451564aa661c7da3dfe8ac4c98de260bff6f3a53568d	n/a	Heodo
2022-01-18	HA419.xlsm	xlsm	28e102334f9af06c71b1d551a857336371f56e35841b7e6147f4fb7225ca202f	n/a	Heodo
2022-01-18	26693622_85947.xlsm	xlsm	1f533f685ff1399be3b9fc2f568b61c5db310a756277dba8982b10d8e17e2251	n/a	Heodo
2022-01-18	0159816077.xlsm	xlsm	717c730c6bf439e9117cb7619d4bbd8788ce9be80427abec2d0440bc9ef1cb0a	n/a	Heodo
2022-01-18	3592_32237288.xlsm	xlsm	dc66327f1ce46ac5b53068d806855d091dd25c3189aef5e79ac84b4bda007228	n/a	Heodo
2022-01-18	4160294994825.xlsm	xlsm	f5e44ee7f6d87e54aab6cc273d1251cb4a29e7389241c086a4406f066685c5df	n/a	Heodo
2022-01-18	jon_9919.xlsm	xlsm	3a8060f115fb2d0a46952181010c96593442b87eef2f5c0b17f8543a05a10b3c	n/a	Heodo
2022-01-18	42485615142.xlsm	xlsm	05361d3314ba8b997821bdeada471675b4082d1c8ad3c66bd57e84cba149a79d	n/a	Heodo
2022-01-18	74462_42224999.xlsm	xlsm	c813694b5dfadf4bd3263c88d014c5c3728a6997fd110e542ecfbd771cef501b	n/a	Heodo
2022-01-18	65797095-84.xlsm	xlsm	fc441ded42ca35daa8bba9000913077ec4b2f03c85e500a881697955ecee11f7	n/a	Heodo
2022-01-18	543253935937.xlsm	xlsm	d049d62982fcda04887b9a9498b4196e902f68db4e0b167cedfe56d6dd9629b6	n/a	Heodo
2022-01-18	S9.xlsm	xlsm	c0dea966c1ef3760d6bd0bd050428a336dee656946c3b8e30470cb22994980dd	n/a	Heodo
2022-01-18	589767356_701.xlsm	xlsm	8297ef45e3224510e2c1e3724618f59e77c48297b24ecb4bd4c86746b537a4e3	n/a	Heodo
2022-01-18	210586840352936.xlsm	xlsm	3e032ba51d442c17fdb632232b8f8a9c753149e7d8fe7549f62896d198204fb0	n/a	Heodo
2022-01-18	50492140377.xlsm	xlsm	7353eb07f83a469fc7c44624ac07b7a4758d26644aa766347346cf45c41071a1	n/a	Heodo
2022-01-18	YU-568.xlsm	xlsm	50cbe9118f2f994c659e087e8bcc79c4335a7b77644e2e55086ae9ef303abeab	24.19%	Heodo
2022-01-18	4928475-23.xlsm	xlsm	da198bd29ab2b8ac1ccd449a337bacc98398e640c2af91cb5301c387afc6e13a	n/a	Heodo
2022-01-18	41561-6.xlsm	xlsm	ab3dabac1606aa1c1db34608b51cb4970d1a7e91ebfe0f1dcea7148bc9172e9f	n/a	Heodo
2022-01-18	975877XPDWPE12324.xlsm	xlsm	e6606ca94847ec10df1e4a012f532da41ec49a2658c1f4193e06f7b9baf6a010	23.21%	Heodo
2022-01-18	F-882.xlsm	xlsm	a281b5cab132da12542e3f18f07d70c09f119a39ba935e1f0ef13ddf7a971b7d	n/a	Heodo
2022-01-18	kdbwbbg_28145.xlsm	xlsm	b85f09c08d50cf243dcc5c8b5024ce96cbc3c978e7814f4251815d7e460ced4f	n/a	Heodo
2022-01-18	1835_15478650.xlsm	xlsm	c37bb5e5919e2979bc1d29876f8cb83d96d74410744663de68dbbedbeba6918a	n/a	Heodo
2022-01-18	LK_23701179.xlsm	xlsm	056ef35dfd7dc275406120e48efb7d568f1a94ed528a708e3d9c4a7972f207f2	n/a	Heodo
2022-01-18	QJZQV3.xlsm	xlsm	a3409c7d0a48544286cad68da17ec6fc1148ed2a66d308800830cd70e2431584	n/a	Heodo
2022-01-18	70812619-139.xlsm	xlsm	ec819f1715a458e5814d06532dce66b4bad98cbf45428e9a6e44dd587d51118f	n/a	Heodo
2022-01-18	rqbrl_52892169.xlsm	xlsm	27d5342d287598dc00361e27aaaa435658ecdbba5946fa1f57676e19c1bd5b51	n/a	Heodo
2022-01-18	94037317_57714.xlsm	xlsm	79163124a8a24f2f79ba154915ae6be70627ddec4f1580517d40dc1f06c37d0d	n/a	Heodo
2022-01-18	37989967885.xlsm	xlsm	8cff1f7d8faf9952a91a69c6823dfc216f1511c6914147ce5ca6b91610886fde	n/a	Heodo
2022-01-18	08954773_5300.xlsm	xlsm	7f159d0eb0b6d2465ebf70576df6c99319e03d43a7407336af07668bb753f425	n/a	Heodo
2022-01-18	KZN_0180.xlsm	xlsm	37f0fcfac070450d59863cb3b9a1590d9b40c0780a840f94f59e6ee9d94f64d8	n/a	Heodo
2022-01-18	14042SIHWA-42959939.xlsm	xlsm	3e9a8ef6641c29b3eaf9049f7df3aaa7500dcb1bccf602d6f3756bbc1c7564c6	n/a	Heodo
2022-01-18	zru_230.xlsm	xlsm	6a53d32a582b4680361b8d157243f7eca13a0930597eecd0a06d16393b763acc	n/a	Heodo
2022-01-18	64471-68.xlsm	xlsm	348096634dee34b5a2997542f31eba52bbff0f83680ac20e2c2c4030ec0b4baa	n/a	Heodo