URLhaus Database

You are currently viewing the URLhaus database entry for http://helmprecision.com/Helm/main/css/zkWu29ADVHwfnAZQ3rQSZx/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2122757
URL:	http://helmprecision.com/Helm/main/css/zkWu29ADVHwfnAZQ3rQSZx/?i=1
URL Status:	Offline
Host:	helmprecision.com
Date added:	2022-03-30 15:41:05 UTC
Last online:	2022-04-04 15:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 15:42:09 UTC to security{at}level3[dot]com)
Takedown time:	5 days, 0 hours, 2 minutes (down since 2022-04-04 15:44:28 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-01	DT-9241364543379.xlsm	xlsm	2ac3bf7095647237fe3a5bd46c3c7e85f0332e2bd3b8024452aad240a740c064	44.44%	Heodo
2022-04-01	HS-34767075271.xlsm	xlsm	7e16b96f674b1b3fa812fb1720851a37cb88e781ae92220bb858320fbe62c331	39.68%	Heodo
2022-04-01	AP-23644170592.xlsm	xlsm	534f4ab246459c91599d4d14e916a2f16707134075a5a88d897105a0e782632b	n/a	Heodo
2022-04-01	FRD-80776309133.xlsm	xlsm	2efeae28ad35e91b7abb28eec555e20e394693d8454514a43fc119fde473348e	n/a	Heodo
2022-04-01	NIR-665110712403.xlsm	xlsm	004f6c9fad398f8dda13f421a6faa1a78916ba04c3eabe988acd669f8cb1b112	39.68%	Heodo
2022-04-01	HJ-318347849444.xlsm	xlsm	5270afd30069d36cee5d2bb013f3d1d7765e90cce7cb4d7244c92a62596f108d	n/a	Heodo
2022-04-01	OH-2692805609.xlsm	xlsm	b25b9d420c3585bd014abd2e590a74feab98bbb0ee612c465a5e152b28c67e0b	n/a	Heodo
2022-04-01	IC-7821150.xlsm	xlsm	8cfdb13bd3fba245b5e3c5a06b90cdab4f8970b13e3ea5262aeb7bd089474bb3	36.67%	Heodo
2022-04-01	BQ-4164211160.xlsm	xlsm	1a8adefa7d083432f592ddc3797611b4e8076869a11177ebbdc1b5b6bc22982f	n/a	Heodo
2022-04-01	YXA-89166325950.xlsm	xlsm	4e6c2dd2bb0183aa17caa2084632719d1b9d42cae3e0c96f6770b216822b8d01	46.77%	Heodo
2022-04-01	ZA-900894083018.xlsm	xlsm	6463322a887744e8e04715bf20b67bc671561c87d8cf5ef5d4791ddfb5f1eb0a	n/a	Heodo
2022-04-01	WYE-68479692.xlsm	xlsm	d3052eaa2931548083181b1e4724bff791218f947c3f7640f9efeabeed21244c	n/a	Heodo
2022-04-01	ANO-879006316388434.xlsm	xlsm	e407f7217907368560ef28caf164f34190a5295c4c75afaaeea21386e8bed99c	n/a	Heodo
2022-04-01	WU-174474825451.xlsm	xlsm	c201ae0ab0516a27d14400b4af28d4189bb2c6d8b589c4fadb025c26645f19bf	48.39%	Heodo
2022-04-01	TP-1169107001.xlsm	xlsm	9ae3ff917d99c0e0ba1f6dde3bcfebd781ab332d65552b032855ca627606cccb	n/a	Heodo
2022-04-01	GI-52645437954334.xlsm	xlsm	b67f378396a813307cf0d9d7c4f272be83010272fcfa9af1791b517cf4f1ba05	n/a	Heodo
2022-04-01	TRM-078018750524692.xlsm	xlsm	ff29c4e7acfa113d826b2fcfcc5e8dea43a58a5db3ad37376750c95e58335050	n/a	Heodo
2022-04-01	WPC-891448017886611.xlsm	xlsm	a88019c1e8c87847f6816dba7e30475a768da155993e7fa208063dffd2422811	n/a	Heodo
2022-04-01	YK-3969392360284.xlsm	xlsm	57a73cab7fb65bf97b094b8ea188937cff862e7e55cb179ad32cc6d9200d8855	n/a	Heodo
2022-04-01	IHZ-7156876.xlsm	xlsm	d32c4d0a8c9ac509e3acbd4b041b2d01cc771c0e20828ebd64d2d8fbf49fba7a	n/a	Heodo
2022-03-31	WL-10907914804247.xlsm	xlsm	5fb54e96fe17c395fa69dc06933558b083ae9cfb1391218f12c539c2645a8311	n/a	Heodo
2022-03-31	JK-1052518292489.xlsm	xlsm	c7f63ce6becdd48402150d223d11b5fb003ec48c57f2d856c8d979e5b3da4254	n/a	Heodo
2022-03-31	BHG-4446378237.xlsm	xlsm	ccd9dcb6dc115061ff6e011cb77ac0c73d785a23c2019aabe11eba9b7500b118	n/a	Heodo
2022-03-31	DL-656043800.xlsm	xlsm	10281dd74601704b43cbce7093951762bfb6cc0402f747ba01250b2ebc438c27	35.48%	Heodo
2022-03-31	DPL-810094208.xlsm	xlsm	99bacd00ff714e00339dc64c1418b2c0c26ca69120e34bd32ba8e73d2044cd9c	n/a	Heodo
2022-03-31	UXQ-01709383642.xlsm	xlsm	0e92cfd04405b8b597562761080285f19807c04c48c7278fe7632271ded41c3d	40.00%	Heodo
2022-03-31	OYR-498276096875558.xlsm	xlsm	9c234ce84ff77dfc1466c436eea9d46c50c3055c50f0029b81dba5052864f4ba	n/a	Heodo
2022-03-31	NIL-0836708396.xlsm	xlsm	fcefa2ebaa9e5cce06f5519640eab5413a9b9f6a53ed3fe2f3754c9a610418ba	n/a	Heodo
2022-03-31	XO-4672007.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	NQE-8304045290874.xlsm	xlsm	fea58fae76c86e5f07c7f8b032f84174206bc489d92c49fe54a5b51d2658faf8	34.92%	Heodo
2022-03-31	JAQ-8615820485549.xlsm	xlsm	97f11e4cd509aefb731d8b1a4b299c8ab4096e270f05f52d8e0eb6d2366fa501	38.71%	Heodo
2022-03-31	FR-87936655337622.xlsm	xlsm	3f0534a7da98fb167cda2d3abd3e89f8f8f0ec65bd7146de1ad2ce762f1486b6	40.32%	Heodo
2022-03-31	XI-77879708734204.xlsm	xlsm	409e55effd488af9a3d098060e33fe5d66743135fc711a07d6ce4c57e2f2c2bb	n/a	Heodo
2022-03-31	KKS-74852720596864.xlsm	xlsm	00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564	38.10%	Heodo
2022-03-31	WIU-4153527568264.xlsm	xlsm	41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aaf	n/a	Heodo
2022-03-31	ZI-2625418750.xlsm	xlsm	4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533	n/a	Heodo
2022-03-31	WO-649567053926.xlsm	xlsm	764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590	n/a	Heodo
2022-03-31	GC-46540396.xlsm	xlsm	db67f0509c5f982c9eb1fab5a17d14ea07d5a1e13b2f5ee3b35ccf93700588e4	n/a	Heodo
2022-03-31	NL-1208713184709.xlsm	xlsm	7bd47c2f3e932a049d450f5a54be51e401ea041d669c7df91f71b903358f99d9	39.68%	Heodo
2022-03-30	ERL-500298488611075.xlsm	xlsm	51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578c	35.00%	Heodo
2022-03-30	KL-0152320082109.xlsm	xlsm	b8a9c6cb2992b99ed3cc0c82c5cc63dc9a4a3c509e8c67399d2d7c864ed83c03	38.33%	Heodo
2022-03-30	CDH-392938455489.xls	xls	c83aefdafdc478ffff051002d1c7b4675c068648d57fca17f788d575ce297596	28.33%	SilentBuilder
2022-03-30	QV-13737791.xls	xls	bc8049d90da2c6ed214cd043d2d754a1f8fc802010a6367d5cac254aa1853a67	26.67%	SilentBuilder
2022-03-30	54794795752.xls	xls	2cb06bc703f4db3b4f3d5d574ea8ffea1629ff6166037191f58ef01206ca0ef6	n/a	SilentBuilder
2022-03-30	263150384944.xls	xls	8a6effb1430c591fa0e6e8ac6f84b1991bf8cc18f70a432ae63e6bda131914c6	28.33%	Heodo
2022-03-30	247322939472446115.xls	xls	c2300b5d42357aec3b193bd2b998f9310b6d2656dc87e0ea5d4fce958c07f315	27.12%	SilentBuilder
2022-03-30	51125148011859192.xls	xls	ec525c39ad25d59ac4ac1f1de75dca892bfda29514701e4bf109f00894895fa5	26.67%	Heodo
2022-03-30	463753010614021035.xls	xls	3e7c9a89e957262b014b07250f015ccefdb050661e9564930d813c033a96b2e9	23.33%	SilentBuilder
2022-03-30	1427337730865.xls	xls	5206671cef156681bda1a374c1140c4dc8e4796b93d323161c15c6767afe3fcf	n/a	SilentBuilder