URLhaus Database

You are currently viewing the URLhaus database entry for http://helmprecision.com/Helm/main/css/zkWu29ADVHwfnAZQ3rQSZx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2122756
URL: http://helmprecision.com/Helm/main/css/zkWu29ADVHwfnAZQ3rQSZx/
URL Status:Offline
Host: helmprecision.com
Date added:2022-03-30 15:41:05 UTC
Last online:2022-04-04 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-30 15:42:09 UTC to security{at}level3[dot]com)
Takedown time:5 days, 0 hours, 44 minutes Bad (down since 2022-04-04 16:26:38 UTC)
Tags:emotet link epoch4 heodo link redir-doc SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01DT-9241364543379.xlsmxlsm 2ac3bf7095647237fe3a5bd46c3c7e85f0332e2bd3b8024452aad240a740c064Virustotal results 44.44% Heodo
2022-04-01AP-23644170592.xlsmxlsm 534f4ab246459c91599d4d14e916a2f16707134075a5a88d897105a0e782632bn/a Heodo
2022-04-01GNC-9856392332.xlsmxlsm b9a82fa6fb67d3ca785a7d8d842c76b3beecd65c9789af664049e029ce4e9a7aVirustotal results 45.16% Heodo
2022-04-01NIR-665110712403.xlsmxlsm 004f6c9fad398f8dda13f421a6faa1a78916ba04c3eabe988acd669f8cb1b112n/a Heodo
2022-04-01ELG-765494710.xlsmxlsm a657d3b4f65b1da6a9b498efd74772a6b8c393555587694e5da423b8e108ae2eVirustotal results 46.77% Heodo
2022-04-01YD-605603424331.xlsmxlsm db05585c173bca5c340fd01dffcf23be710be4b482131d5bc16f4eedb265754dVirustotal results 37.70% Heodo
2022-04-01JLU-90203037.xlsmxlsm fb304773b9bf33fc45eb1fb816a5bc5ce0e481528f81868e4fc5a81608fbad6dn/a Heodo
2022-04-01BQ-4164211160.xlsmxlsm 1a8adefa7d083432f592ddc3797611b4e8076869a11177ebbdc1b5b6bc22982fn/a Heodo
2022-04-01FJ-3483911262647.xlsmxlsm 486f0b5ec22adfb853de19d134c1b622d189a6b833765aab0ae9c0759ff19735Virustotal results 42.62% Heodo
2022-04-01IP-7470972.xlsmxlsm 09e3e96e0e415868e1458e08a45745eefd6455c7bc1d978a1dc345c4274c15d2n/a Heodo
2022-04-01NJ-048537566483.xlsmxlsm f9c9f51df261403227f4db33c8a418d0d9e90e02cba1b750d1b6c0cbd6b1892an/a Heodo
2022-04-01XFN-3128648507.xlsmxlsm f3c06e72e6b0cddb3d66545d59bef1288458f9c106ede60b0507f095971e7067n/a Heodo
2022-04-01AV-48670684173132.xlsmxlsm fc98891573651d036bc91667cbf079a445077325572a44f03802b5d6974c9ff0n/a Heodo
2022-04-01HXX-984762476.xlsmxlsm 2e515157ea5ff45d0b9143781dda25ee57be1eb7216becba6a66c87e5bc3b029n/a Heodo
2022-04-01DY-263233913794.xlsmxlsm dbf83f486a7c984113454c8adbaf67592ca234b8918c265d2f37e174aa0bc1ean/a Heodo
2022-04-01EIL-710687876.xlsmxlsm 9ca7e881cd1e46ca3a73efbad250390fbb3fbc92c6d90d0f25c6a218055f323bn/a Heodo
2022-04-01AER-884970495614814.xlsmxlsm 7865998de760d97246decb7fc619579d9389e6c2cdf72097738e48a74a0bafe2n/a Heodo
2022-04-01GYU-20391238973553.xlsmxlsm 3005686dd6b770a4a0af0ba70ec91ea407d32838aa2acea56c5ab75f2a47ff56n/a Heodo
2022-04-01MXH-11912587533.xlsmxlsm 183a6d5a3ef111869776ad189768e9388b9c069c9da1ba02ff7fe00068819894n/a Heodo
2022-03-31IJM-03681560101884.xlsmxlsm 7093cef5fa36d3a3226ede66e633684706991f11f806fdad017d28a40684cc76n/a Heodo
2022-03-31WL-10907914804247.xlsmxlsm 5fb54e96fe17c395fa69dc06933558b083ae9cfb1391218f12c539c2645a8311n/a Heodo
2022-03-31CF-769334116433534.xlsmxlsm b240ff1edec81e1d31562cbd34499c1f2085346a7de34e51016cb82e3cb85716n/a Heodo
2022-03-31BHG-4446378237.xlsmxlsm ccd9dcb6dc115061ff6e011cb77ac0c73d785a23c2019aabe11eba9b7500b118Virustotal results 38.10% Heodo
2022-03-31DL-656043800.xlsmxlsm 10281dd74601704b43cbce7093951762bfb6cc0402f747ba01250b2ebc438c27Virustotal results 35.48% Heodo
2022-03-31SSS-1823358.xlsmxlsm c201ae0ab0516a27d14400b4af28d4189bb2c6d8b589c4fadb025c26645f19bfVirustotal results 38.10% Heodo
2022-03-31TQ-930940089.xlsmxlsm 2fa93c2dfef003816d473094a03ffe57ed6fd6cbbd21f22831af88634fc3287dVirustotal results 36.07% Heodo
2022-03-31IUQ-21315327.xlsmxlsm 48f3f48c930933448b555efe67aa364e098504f2273ec2a4792803cb4a21b8bdVirustotal results 40.98% Heodo
2022-03-31LI-3936608.xlsmxlsm 764dc9c37da82215bfa8dce451fc0946c901984084015a98478a65bd670835c2n/a Heodo
2022-03-31YR-3301266.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31GDW-7512413639.xlsmxlsm b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5Virustotal results 33.87% Heodo
2022-03-31QC-101170252584.xlsmxlsm 63ba5c63fa8f569c1870ab57faeeec2933a7bdb28c90458f6c5373f1a71dcef4n/a Heodo
2022-03-31IE-05235142402.xlsmxlsm 5285de9e0e5323564d48a5d9fc627190ed9bae90f9c0e818958768b0d7c856b1Virustotal results 36.51% Heodo
2022-03-31WIU-4153527568264.xlsmxlsm 41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aafn/a Heodo
2022-03-31SD-915108067765.xlsmxlsm 00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564n/a Heodo
2022-03-31SHT-128110929.xlsmxlsm 162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231n/a Heodo
2022-03-31GC-46540396.xlsmxlsm db67f0509c5f982c9eb1fab5a17d14ea07d5a1e13b2f5ee3b35ccf93700588e4n/a Heodo
2022-03-30XP-219571644167324.xlsmxlsm f6d9028f6903f57570a969a97a510120fa11d93ce778cfeac61862c36d6b6bd2Virustotal results 38.98% Heodo
2022-03-30WR-928207242.xlsmxlsm 39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831Virustotal results 37.10% Heodo
2022-03-30KU-9569741472.xlsmxlsm 70c7353a1e172d428b42bed59b7ddb9a6d1b60c368ec7ae5eb64c0eeed368080Virustotal results 33.87% Heodo
2022-03-30CDH-392938455489.xlsxls c83aefdafdc478ffff051002d1c7b4675c068648d57fca17f788d575ce297596Virustotal results 28.33%SilentBuilder
2022-03-30QV-13737791.xlsxls bc8049d90da2c6ed214cd043d2d754a1f8fc802010a6367d5cac254aa1853a67Virustotal results 26.67%SilentBuilder
2022-03-30n/ahtml 9d319da6e878dad6f40682959cbee8541eaf6ec2efae0dd8ff43270431d49b0cn/a