URLhaus Database

You are currently viewing the URLhaus database entry for https://www.guedala.com.br/cgi-bin/c349IB7OmLvMgcZEoCe/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2123247
URL:	https://www.guedala.com.br/cgi-bin/c349IB7OmLvMgcZEoCe/
URL Status:	Offline
Host:	www.guedala.com.br
Date added:	2022-03-30 21:04:08 UTC
Last online:	2022-08-24 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 21:05:08 UTC to abuse{at}matrix[dot]com[dot]br)
Takedown time:	4 months, 26 days, 16 hours, 29 minutes (down since 2022-08-24 13:34:33 UTC)
Tags:	emotet epoch4 heodo xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-01	PXC-626460313826.xlsm	xlsm	8ad8a4352be7c292bc6aff0e00e38f039c395650acffec2cf7c44d28e820eb7c	n/a	Heodo
2022-04-01	GR-8444605317758.xlsm	xlsm	3005686dd6b770a4a0af0ba70ec91ea407d32838aa2acea56c5ab75f2a47ff56	46.77%	Heodo
2022-04-01	RW-47007205937683.xlsm	xlsm	5e318e7afaeff1da0ab8f38c466b9fb4e911da7fae7a6eb58cfbab3175d51263	41.27%	Heodo
2022-04-01	VBZ-5569267856245.xlsm	xlsm	0a23b203754e6a043fa99f6cf518c8ffa19a34557a7471edad072d54c4a76dac	42.86%	Heodo
2022-04-01	LF-017317735.xlsm	xlsm	0f6cfe4c94b7444729077741d333e0388edf05a02cd4dc40e515a03f5d4bf01b	40.32%	Heodo
2022-04-01	FG-7011871073.xlsm	xlsm	99717c4eea8cfa905a207ea753e12bcd957f480eda47749d5cd5ae2f362a4f7d	40.32%	Heodo
2022-04-01	JWG-3794503.xlsm	xlsm	d058072d305f952c54981e50bbd34cf23dd0386a4924a4bdb8a91f46e0498d4f	n/a	Heodo
2022-04-01	VHZ-741973762073.xlsm	xlsm	534f4ab246459c91599d4d14e916a2f16707134075a5a88d897105a0e782632b	n/a	Heodo
2022-04-01	UP-423048197.xlsm	xlsm	8090d0b6d046091604553a331f669273c32d27943faae06a33b6ffda57479daf	45.16%	Heodo
2022-04-01	RW-530898348.xlsm	xlsm	f316a9b48040c007a792f5b99f7367b7d6996c7db03a377dd159a22db01e6546	n/a	Heodo
2022-04-01	NZ-62299370124055.xlsm	xlsm	82484ebe66d4a702e915f98b23d90b6cae0c2a0eedf9de279b5dfe5f18b4ef32	n/a	Heodo
2022-04-01	JFR-0045254077.xlsm	xlsm	db05585c173bca5c340fd01dffcf23be710be4b482131d5bc16f4eedb265754d	37.70%	Heodo
2022-04-01	BB-410013931696995.xlsm	xlsm	3390185d81ea6becb7bb5c59f26400a3c75b99da77bd95eb76e9417ca984b4df	n/a	Heodo
2022-04-01	GGU-49244198.xlsm	xlsm	8e5835d0209196b133cd57a2e62020eb4553f72a8436e3b16f0fa666661e8326	n/a	Heodo
2022-04-01	UWY-472781783730575.xlsm	xlsm	3e1d94f17a0b086b807988a4a026e4e5a9748045766df076577d83476aa52d34	n/a	Heodo
2022-04-01	ES-62450194507365.xlsm	xlsm	f53321cb8389d05b2d4c2f1a82efdf89e8d00a44ed13e02f649c90fb3169a7a5	n/a	Heodo
2022-04-01	EKR-1315870.xlsm	xlsm	5118b85e7ffcf61644564e2660990ff4e6becc430b13aca19a931d25f3d4c1d9	38.10%	Heodo
2022-04-01	FVX-39084637680571.xlsm	xlsm	f3c06e72e6b0cddb3d66545d59bef1288458f9c106ede60b0507f095971e7067	n/a	Heodo
2022-04-01	FA-5196960919.xlsm	xlsm	9f342795c6ad73cb790eb75a652804c6a00f21b0806986310ce8ac0208d7ec58	n/a	Heodo
2022-04-01	RNJ-986236069.xlsm	xlsm	c0e952a6f3524c6ad386d70392deb83c2e0677409d38454d38759abb44e2058c	41.94%	Heodo
2022-04-01	NR-83580329962619.xlsm	xlsm	2fff16868f10c6160310b0a347d813df22d0876f07b6d43eef2bf272eb84723d	n/a	Heodo
2022-04-01	CD-073089480.xlsm	xlsm	ea8981ffdb13c6d1dd874a5a86e7079bb053c862a92849bc571846a6762dc7d4	n/a	Heodo
2022-04-01	RYV-41418526712.xlsm	xlsm	68696caf69e14a066ca54423f72a2e7693b03f5ce299e609265a3e72df925abc	39.68%	Heodo
2022-04-01	AF-8164382928779.xlsm	xlsm	dcc6409e704780116523a3e6ca35edf1399b381568d26b6d0373d1d9e00be491	n/a	Heodo
2022-04-01	QOW-328310773575.xlsm	xlsm	23c128385a0702939e1b4bd33875e38dc27cec42b5561f54859abaa962d2930d	n/a	Heodo
2022-03-31	WVO-615598335.xlsm	xlsm	3cea415c72cf99f730ca00ed40940ba35c82dd2582786d91fb329459f88328ef	n/a	Heodo
2022-03-31	QO-97394620075.xlsm	xlsm	5fb54e96fe17c395fa69dc06933558b083ae9cfb1391218f12c539c2645a8311	n/a	Heodo
2022-03-31	LYI-226616887306.xlsm	xlsm	c7f63ce6becdd48402150d223d11b5fb003ec48c57f2d856c8d979e5b3da4254	n/a	Heodo
2022-03-31	FV-6329875568.xlsm	xlsm	73a1d60faa31200f09f2567671137d6b5f9be02a97eec33fc20971d151d5c8f1	n/a	Heodo
2022-03-31	JM-27115320932.xlsm	xlsm	0baff6c11648937580735dcff8208034790a0e1ee649431e79b2b6221d825c40	44.26%	Heodo
2022-03-31	UP-0371421453483.xlsm	xlsm	2fa93c2dfef003816d473094a03ffe57ed6fd6cbbd21f22831af88634fc3287d	36.07%	Heodo
2022-03-31	CDJ-475126999303.xlsm	xlsm	896ef5fb12bd10c84fa96213d6a86aa368388e4806b9c882fd601a113482ff74	n/a	Heodo
2022-03-31	ZWK-4760354392441.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	NXA-5219602560.xlsm	xlsm	fea58fae76c86e5f07c7f8b032f84174206bc489d92c49fe54a5b51d2658faf8	34.92%	Heodo
2022-03-31	BYF-9541681646823.xlsm	xlsm	b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5	33.87%	Heodo
2022-03-31	MZW-574125284884276.xlsm	xlsm	63ba5c63fa8f569c1870ab57faeeec2933a7bdb28c90458f6c5373f1a71dcef4	36.51%	Heodo
2022-03-31	WE-91812681793.xlsm	xlsm	409e55effd488af9a3d098060e33fe5d66743135fc711a07d6ce4c57e2f2c2bb	n/a	Heodo
2022-03-31	EXE-966908751940623.xlsm	xlsm	c3a5d5bc890f935056c127bdeda35cfcfbb8e292e59774a24ca5611e94430907	37.70%	Heodo
2022-03-31	RZ-36080679357.xlsm	xlsm	65b87a95369159fb3d54556f3f316f9e13eadd8b95e9e13f6a8d9cc79f43a8e6	40.68%	Heodo
2022-03-31	JM-5738200737.xlsm	xlsm	00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564	n/a	Heodo
2022-03-31	MR-52065740358.xlsm	xlsm	764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590	n/a	Heodo
2022-03-31	RH-1986080840.xlsm	xlsm	638588dd97949a25ee7322aa73731204406054bf2db2043063ebfdc82d353f65	n/a	Heodo
2022-03-30	IBY-98916040821.xlsm	xlsm	3bfd193ea92a687030d7b2fb3354e52980ad28ba1cae92579b53f5473b44f37a	n/a	Heodo
2022-03-30	EM-602594250.xlsm	xlsm	8eb161bd22ea52d987b19953ebebe364df8a0779ed9f42ad96c6dec32f8cce52	n/a	Heodo
2022-03-30	CK-96301164572960.xlsm	xlsm	51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578c	n/a	Heodo
2022-03-30	HV-591034830.xls	xls	c37ffc0e87ede2e654c4112c8d1b9172041a21bc4174b248ee2c81af738bcaf5	n/a	Heodo