URLhaus Database

You are currently viewing the URLhaus database entry for https://mentaos.kim.banjarbarukota.go.id/cgi-bin/981702_45257608/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1987778
URL: https://mentaos.kim.banjarbarukota.go.id/cgi-bin/981702_45257608/?i=1
URL Status:Offline
Host: mentaos.kim.banjarbarukota.go.id
Date added:2022-01-18 23:25:08 UTC
Last online:2022-01-31 11:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-18 23:26:09 UTC to ito{at}banjarbarukota[dot]go[dot]id)
Takedown time:12 days, 11 hours, 57 minutes Bad (down since 2022-01-31 11:24:08 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-19522703025_8776.xlsmxlsm 6e0f1798503f0e8463ff4f2d2d2e8c72ff56d1afecc1308fa4ace80eb24cf9f3n/a Heodo
2022-01-191573_8.xlsmxlsm 97313991ad9bc5b9cfb36aa7eafd9afbf163fe97c7180ff29a23173331387e5eVirustotal results 25.81% Heodo
2022-01-19vh_8747.xlsmxlsm c3c36da69de48f38c2d39dc8a6675c4d397b745e01d5b8e9f314cf465fe849d8n/a Heodo
2022-01-19xrmj5462800.xlsmxlsm 2ef3416e562bce54a825d048a989566f6f14e3f396d453e6efab5664d6066b3bVirustotal results 20.69% Heodo
2022-01-19hqg_67.xlsmxlsm 8f1383b4d7504257b4e3da2743e895eead15a36132d6bac13452a546fd20bbdbVirustotal results 28.57% Heodo
2022-01-19uig23394233.xlsmxlsm 619c3ee3590e414b2de3333ff07b4cb2df3c76fc7512468d4a6499833db70078Virustotal results 23.81% Heodo
2022-01-1938863967133.xlsmxlsm d3f4d5fc34a444c8ae251c04b1e12ad1371e72f9f7f5682c02e0339eb3fb6ba8Virustotal results 26.98% Heodo
2022-01-19FSGXD_4548782.xlsmxlsm 88390a46879f6c9ff67152cbf22d1868e9edb89c0724e1e144a789c73f69b086n/a Heodo
2022-01-1972756461SAYXFCGG_263132740.xlsmxlsm dd2013ad0148de7b9a7877b7b27f3372c04615fb214c98f8a96d3d5dc80b03f5n/a Heodo
2022-01-19XVC_2605313.xlsmxlsm 1cfe5e523eb76253a7b3270d91f99f4998ab8ad60ec974444451ef69632a0d29Virustotal results 29.03% Heodo
2022-01-19UFj614763.xlsmxlsm c8b489b858ea1f5536525a2b538ee8d955f10b8f43b86e4eb06894d5c48e885fVirustotal results 28.57% Heodo
2022-01-19Bxs41.xlsmxlsm 05aeb3fe4bd3f690ebe97d33014d66f3adc9e4a7517507d6df3be40dcbea26d4n/a Heodo
2022-01-19499789965-7944062.xlsmxlsm 39d40e8b39b2ded1846a5ac1aa2441a8bc1e11f4edf26d60f60d49862a3435bbn/a Heodo
2022-01-19JKL_0168885.xlsmxlsm 3879470574f426659493e8ba460017b0c7e6d26446a49c161486027559030032Virustotal results 26.98% Heodo
2022-01-19SL60.xlsmxlsm 8866cd8ebac58f0fd038a21db8094be78be8577a1e3613be93fe9ff78388e192Virustotal results 25.40% Heodo
2022-01-19VuHF-287.xlsmxlsm bc7476f9d9148b939127a2024a1b341cec82fb398bf06667bdd3da4b1acc8bd2n/a Heodo
2022-01-197460_6059956.xlsmxlsm 061f1cbf244c489c29d77924140bd6d380d4d09c0b1019aa2bd30751a08ed12dVirustotal results 23.81% Heodo
2022-01-1993470-5.xlsmxlsm d13c581258a7b7cea4c550025cf6e9a52d509d4759d34753a8386e339153ef11n/a Heodo
2022-01-1954YEF13.xlsmxlsm 84edb0a7a964669aefad50dd27f6a69ab2f4fc6cc70c1f10288a87104775a801Virustotal results 26.98% Heodo
2022-01-19537_27356.xlsmxlsm 26aa470c4f697dd7102f845f4a9588bdd6f76982a3f269646889b90ce6cbc706Virustotal results 28.57% Heodo
2022-01-1905_806264.xlsmxlsm 4cda0434ce312685fb50ca7a27ea563cca49e9721b3353edae62c0f103228985n/a Heodo
2022-01-19865281_075.xlsmxlsm 5fc2151bdd72d6e042fa1ef2cca0e353859c48634ffa97a00a546a701939c78bVirustotal results 26.98% Heodo
2022-01-19634696326_807066.xlsmxlsm d217e68146e4a0d5d03dde307b715860fb950fe6d113c134822272e5166f9381n/a Heodo
2022-01-19rljt29.xlsmxlsm 61951055cc0d0c6d0cb0676bf6d838590c069ade35a51f512216b4b066cc8bb4Virustotal results 30.16% Heodo
2022-01-1922595JROCAFG_145324.xlsmxlsm 3c1a977b592b8e43c086b92cff49d48f18bdaa55f8f9ff09fe5eed747cf47321Virustotal results 28.57% Heodo
2022-01-19LGY_0734.xlsmxlsm de02ded5db971410ad7eea0fd4d54fdc32d3dc91a0c1cdcb4d5186cac18ce672Virustotal results 26.98% Heodo
2022-01-19970184-284.xlsmxlsm 7539852b85e95b5a61e66f191fe9e27aa53ccd1a1e2e1ea3b92fc8249442f3baVirustotal results 26.98% Heodo
2022-01-196256938044343.xlsmxlsm 66671730c5926c7cdb67988548c731b379e7437dba331f236f2209d92ed06da6Virustotal results 28.57% Heodo
2022-01-19946750498436.xlsmxlsm 9844ba0b5c96276df5d7c5f8857d3aeec368f716b39fa9f6be3e02d32aacce76Virustotal results 24.59% Heodo
2022-01-19236448416813.xlsmxlsm 5c57c1974bf29931f379b6b95707c210126c11efbcba4755aab7345074fbfbc5Virustotal results 26.98% Heodo
2022-01-19575956_5.xlsmxlsm 72206de99ea932e8b27b263377db9549955b1fc26c367b1c2a34609120cbfe8fVirustotal results 25.40% Heodo
2022-01-19PQI810.xlsmxlsm 539bd5697617a77934404cfa22605577a8d2ee6aaf4f0d6b6ae03ba4b8022822Virustotal results 28.57% Heodo
2022-01-1925112447199525743.xlsmxlsm 04cbc0b177c15fce9d0ab4d483fae95e6eee3979d6ef931066c569b1748c3908Virustotal results 26.98% Heodo
2022-01-191414320_32130.xlsmxlsm cbeb6cffc2929e1c03c50b82e0f2d8963de4f27eaf2e07ee308a1c55cdc9f261n/a Heodo
2022-01-192264XMQU_54613998.xlsmxlsm 2b357a6854a4e084dca442a6b7434aead0bccd70a18a8c09c7c93d6373243dafn/a Heodo
2022-01-19867652_378.xlsmxlsm 8ca7a419419e924a7675290d45554c539b42e00a87b9e7621a0bd702e8ae9783n/a Heodo
2022-01-19QzrDG_001.xlsmxlsm 71407e6c3854f830dcdf5ac3bd633139a9855893eb9f436c5b9330a14bfeb6f8n/a Heodo
2022-01-194135417965400.xlsmxlsm 0a5ec61016cfddb3a1bdb08e5ace9b7a977bc5e48d4d67db303db0198476e0b1n/a Heodo
2022-01-19SBD88082651.xlsmxlsm 7b0c31e2bebb43c3b611177b359cdc3c7ee1ec93e44b50eef4d22fcdbe208e99n/a Heodo
2022-01-19IJC82.xlsmxlsm ac03c3399ac04478cedf169a23531a3164359bbd767192f31d216aee3fa06580n/a Heodo
2022-01-19E_4843.xlsmxlsm 86126169aa0ea824a141217cdfb2b6796f7c513fe9e21559cfd3ee05f9e32e28n/a Heodo
2022-01-195022-52.xlsmxlsm 70c3b06d79b22a8f1fb97fa743ac74835f80bf9dc17949f9940631cf20f1ea9eVirustotal results 20.97% Heodo
2022-01-19M-9540159.xlsmxlsm f2136dea41d8f87bda99e7a714825442517cef672c6081c69904bd3ca8b51455Virustotal results 18.18% Heodo
2022-01-1917961-7243.xlsmxlsm b92a036ddd73d18ed97801d7a77457c7395bb64f94aa3272439748c1eb334021n/a Heodo
2022-01-19978838543_50.xlsmxlsm 18d6d143faa6a760ba0a476fa10612391cb6ea8c22ab604dc7c47fd3f1f04afan/a Heodo
2022-01-19675333168250945.xlsmxlsm a520ea7a2ccefc4192333c4ecc52eda0fc0702a3a8d9e6de11d13a9f9fede9c9Virustotal results 25.40% Heodo
2022-01-1984299128_63.xlsmxlsm 0d0b8301a65a0f3ee350a52c1771044e326d54e851e5cc43c47a8d3bce1200d9n/a Heodo
2022-01-19YWK_40260619.xlsmxlsm 05b8d6322852c3054d0dd30228d150e394160d4f1a8bf281c39953a012e691c3Virustotal results 20.97% Heodo
2022-01-19797_2293.xlsmxlsm 7200e5724315590135f88283962627c70469223398ba6674b2bcfb070f0ebbd9n/a Heodo
2022-01-19SYSVT-94.xlsmxlsm 7de2931164359aa2be398a6cf5ebf4f09884a1232b6f19314b68a5eb2a711a05Virustotal results 20.63% Heodo
2022-01-19GIUPC_264.xlsmxlsm c13305fdd9e7e4ce379937deb578ce2e788370bc2b547e027db59c59b722efd4Virustotal results 22.22% Heodo
2022-01-19PY_765.xlsmxlsm 1fa60639ea962861142d2efeb77fd77c280fb3442d31d2db07918d54e6b5336cVirustotal results 28.33% Heodo
2022-01-19641815035548.xlsmxlsm 894a023ed44d99d8947ce2e484d9febd346dbfb7ea54d7f2506e257f641f292an/a Heodo
2022-01-19OU-2396.xlsmxlsm ceaa2e4a3e4521b680dbbb7645140a69929ac5ecb0d9342bd88ffe34e33bfcb6Virustotal results 25.81% Heodo
2022-01-18448144OWPFJ_672.xlsmxlsm c367a9422665976310f8899e0ae55a7415babdc88f2377d6bdc4e62aa373368eVirustotal results 19.35% Heodo
2022-01-18a-90349.xlsmxlsm 6001966534b597395906f4462e7dcc3068171124579b7265e5e7be7e05e5c427Virustotal results 25.00% Heodo
2022-01-18BI_31697304.xlsmxlsm 256a56de41a6a0e96dd9b8c581075fc900b450f2f872e4403f332c509c328ca6n/a Heodo