URLhaus Database

You are currently viewing the URLhaus database entry for https://www.gasmar.com.br/Facebook/F4yHC/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2123214
URL: https://www.gasmar.com.br/Facebook/F4yHC/
URL Status:Offline
Host: www.gasmar.com.br
Date added:2022-03-30 20:23:05 UTC
Last online:2022-04-01 15:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-30 20:24:06 UTC to abuse{at}locaweb[dot]com[dot]br)
Takedown time:1 day, 19 hours, 4 minutes Poor (down since 2022-04-01 15:28:34 UTC)
Tags:emotet link epoch4 heodo link redir-doc xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01IO-9203725.xlsmxlsm 178e56af34b8983297784e7e795578c7567350c8ef3be2b30a43a05de59b9e8bn/a Heodo
2022-04-01GSZ-91986181612631.xlsmxlsm e503bdfaa287dcd3634ddd3c3b00f7c0a162768c200e6739e356328e6c8c1ed1n/a Heodo
2022-04-01TNJ-152305024.xlsmxlsm 3ae76b8b56720b9de3d4d679e5e5b70232ade7e9461635465d025c0a9b861ffdn/a Heodo
2022-04-01OKT-950809654.xlsmxlsm fa5f3e1ad7a0966fac2a2d091be90b6c0d70c79e258c9b19a2e93c47cd0c4818n/a Heodo
2022-04-01IF-6002136.xlsmxlsm 81b6929fa5ca90e9e08f68e7aa10eeb6a557a65880ce71b3c4976a67f4e5aebcn/a Heodo
2022-04-01AWB-483784604868.xlsmxlsm 989afb22d889ef10aefc7185c5a8d051fa3dd6c0f2a6a811c1a89498e293b615n/a Heodo
2022-04-01MY-8740109.xlsmxlsm 027cdc2c1f7a5137ca0fb9585bd5b7b98bb73c9e51073632d4101a1b533eddf8n/a Heodo
2022-04-01RV-99689533274.xlsmxlsm 58099af2e9bd32d5a3fbe9104059728b9e530bdcce642e6bf3594d92804ea7e7n/a Heodo
2022-04-01PNE-6098274997498.xlsmxlsm fd9c7b2de5f9a936c9a16ba8ae8e5215dc92021e435a8285fb36ccadd20e871fVirustotal results 38.98% Heodo
2022-04-01IUU-4878442052858.xlsmxlsm f3c06e72e6b0cddb3d66545d59bef1288458f9c106ede60b0507f095971e7067n/a Heodo
2022-04-01BE-290767564.xlsmxlsm bae96f9a32122e9edb5b64e650dad2249b1dae898540a74641fdd9a4fe860edfn/a Heodo
2022-04-01TRD-20932127.xlsmxlsm 41169580013c884c968404a805765bab464032270676b792b39ae2b521a64dfeVirustotal results 40.32% Heodo
2022-04-01ZZY-16252757.xlsmxlsm 6f36dc00ba84a24fd67899a3d293172a34cc74c02819e190d0fe946a5aec8bc1n/a Heodo
2022-04-01GA-667102219363.xlsmxlsm 9ca7e881cd1e46ca3a73efbad250390fbb3fbc92c6d90d0f25c6a218055f323bn/a Heodo
2022-04-01TNS-399924055210055.xlsmxlsm f44647dcfb785e6463e4203aaecc8f5d7dcbebf18418667ed31c226c92372383Virustotal results 43.55% Heodo
2022-04-01BYL-98902953.xlsmxlsm feaefe1adc1f1f9a68bd8211b8c2f3c5e76ee4fcacf1d2ed3336a04de96fcfa2n/a Heodo
2022-04-01QJ-8480505.xlsmxlsm 55af29e8285944f573d931d856bd099dac92ab1868000f8346d13a0bce7f1e3dn/a Heodo
2022-03-31DW-2495072432018.xlsmxlsm 26505592fe23711a237d0af8fd2c3644b821bf8b9436bd5b92d3132815ba26b4n/a Heodo
2022-03-31SSI-2729057903.xlsmxlsm 393c558f60c7190e056556b57da065bb44ac852b380fa78204461fe90db003c4Virustotal results 38.71% Heodo
2022-03-31PLX-5490412224.xlsmxlsm 1bdada6954ab20722dfb51b2ace2e6fcdfb556210c74bb059752552f5fa8f78fVirustotal results 42.86% Heodo
2022-03-31CV-997216666798.xlsmxlsm ccd9dcb6dc115061ff6e011cb77ac0c73d785a23c2019aabe11eba9b7500b118n/a Heodo
2022-03-31HZ-6973783.xlsmxlsm 522056ad088097c5c827ddabc4a8e7ad95b16563043dcfde8aa2fc4b0df81a1fVirustotal results 41.94% Heodo
2022-03-31EX-35362002030197.xlsmxlsm 2fa93c2dfef003816d473094a03ffe57ed6fd6cbbd21f22831af88634fc3287dn/a Heodo
2022-03-31NRI-761236986015631.xlsmxlsm 0e92cfd04405b8b597562761080285f19807c04c48c7278fe7632271ded41c3dVirustotal results 40.00% Heodo
2022-03-31ZX-11437218955055.xlsmxlsm fcefa2ebaa9e5cce06f5519640eab5413a9b9f6a53ed3fe2f3754c9a610418ban/a Heodo
2022-03-31DED-126615981167.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31EI-06179060361766.xlsmxlsm fea58fae76c86e5f07c7f8b032f84174206bc489d92c49fe54a5b51d2658faf8Virustotal results 34.92% Heodo
2022-03-31RH-5867653022.xlsmxlsm bc2b30e9969aa7dc11544b73955d47d12ec3d2febe998b5cef4b57c89dde7215n/a Heodo
2022-03-31IVG-0970931647.xlsmxlsm a099f9c9c8eff7049da288a1205f1c0ccd52a4954930cabdd7a00dafbe8bbe6dVirustotal results 38.10% Heodo
2022-03-31UXN-2379177945.xlsmxlsm f88eb7101fdc0fe20190969ec3bb4651bf4f270d9a9636d6c1e1a84ae46a9cd6Virustotal results 37.10% Heodo
2022-03-31ZWA-3310998994.xlsmxlsm 30deb7a7086f74317285271a2e26e40dc43b461a1a77c77480ea742b02cbe51fVirustotal results 38.10% Heodo
2022-03-31BR-293968510.xlsmxlsm a43da1637de01a06d72a9d09981de5132b8bd971844704ee9fc7c5e07450a49dn/a Heodo
2022-03-31TJ-67888412469.xlsmxlsm 00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564n/a Heodo
2022-03-31DSL-206437554330090.xlsmxlsm 764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590n/a Heodo
2022-03-31TN-1767118949.xlsmxlsm d0e1bf9a8969b0e7856ed1015033cef4c745a120413c76d61b1560e323de2359n/a Heodo
2022-03-30XM-997872233106.xlsmxlsm b4f7a7bd6f99c0ea09617160e6bf753419f6d731901828662049ac8abfed4959n/a Heodo
2022-03-30UL-578758645.xlsmxlsm 533372e6130ad44ced6eae30ab3af8be4ae172cc7585719b61074bb861f2dbben/a Heodo
2022-03-30TF-271993176815.xlsmxlsm 93629f0e94046fc0c1c1a2779a8e58d101136842695fc4ad3addbde6c7757dcdVirustotal results 31.67% Heodo
2022-03-30XU-132153472.xlsxls a14fb7f51582ec1f9af65f4300ff4dde6a99d12bd2b08f70863ca16d508c72baVirustotal results 28.33% Heodo
2022-03-30n/ahtml a501f366ea830a4cf43eb038222c230ac13fdd5c21cec90757c6658883e5de1fn/a