URLhaus Database

You are currently viewing the URLhaus database entry for http://www.escueladecinemza.com.ar/_installation/AxyH53DnAgWuZCichBN7ZHqLx/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2123386
URL:	http://www.escueladecinemza.com.ar/_installation/AxyH53DnAgWuZCichBN7ZHqLx/
URL Status:	Offline
Host:	www.escueladecinemza.com.ar
Date added:	2022-03-30 23:10:09 UTC
Last online:	2022-04-23 01:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-30 23:11:06 UTC to abuse{at}hostmar[dot]com,abuse{at}dattatec[dot]com,pablo[dot]pepe{at}adinet[dot]com[dot]uy)
Takedown time:	23 days, 1 hours, 51 minutes (down since 2022-04-23 01:02:15 UTC)
Tags:	emotet epoch4 heodo xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-04-01	SQU-893401591728589.xlsm	xlsm	5d31e83b1dda43ba478dbf1bbd5b1ab90021810860493110ac6175f69e58a93d	43.55%	Heodo
2022-04-01	DY-9851359265.xlsm	xlsm	c4cad5d5b47c3ff87c13590baac506dd7292f1e93b72c0f3e990b4726243b6b4	n/a	Heodo
2022-04-01	DT-540278283416295.xlsm	xlsm	f05bfe09754313735c1939aa2a1a85f904c8bd3fb4deb0a44b70ddb02166b319	n/a	Heodo
2022-04-01	PE-205399350800015.xlsm	xlsm	5e318e7afaeff1da0ab8f38c466b9fb4e911da7fae7a6eb58cfbab3175d51263	41.27%	Heodo
2022-04-01	ZXT-467454796131.xlsm	xlsm	d32c4d0a8c9ac509e3acbd4b041b2d01cc771c0e20828ebd64d2d8fbf49fba7a	45.16%	Heodo
2022-04-01	CZC-17114681967.xlsm	xlsm	dd701c6097144f29f8fbdddc93a18a1c0ce3c3b51d5b4f0c6683e906ba8426d9	42.86%	Heodo
2022-04-01	ZTF-73103267304735.xlsm	xlsm	178e56af34b8983297784e7e795578c7567350c8ef3be2b30a43a05de59b9e8b	47.62%	Heodo
2022-04-01	NN-7627730019.xlsm	xlsm	05aecb805762b1c7cae04f8f46d0d43392d1b6e4880c93d82f69ef52d8dd2660	41.27%	Heodo
2022-04-01	LQ-1644415669.xlsm	xlsm	d058072d305f952c54981e50bbd34cf23dd0386a4924a4bdb8a91f46e0498d4f	n/a	Heodo
2022-04-01	CQL-82040307191.xlsm	xlsm	64d236fdcb188d517ddb0fd6ffcaf1759dddd828de26d1cf6b605031589da663	n/a	Heodo
2022-04-01	ZR-2009534203.xlsm	xlsm	8f4649ad2259125c87f3339f5e5089f1f425485a0f16ac55a672a31b8ba49c2c	n/a	Heodo
2022-04-01	VCP-68617170.xlsm	xlsm	b784d4f4f32d64afab8f413f40ca82365ae3115763bc79d6fa46a5e4ea94f01e	n/a	Heodo
2022-04-01	VT-3234716609971.xlsm	xlsm	f4e10c5743205f55ce4eca43f3741f71ecfdca9391ae883123c3372d5daae4b1	41.94%	Heodo
2022-04-01	CAF-619607754368679.xlsm	xlsm	5a5c8a3d5de13a95ffc29d40c54fe8440d1c84f706e59960f5f1621715b8a1dc	n/a	Heodo
2022-04-01	EY-2464163251.xlsm	xlsm	b25b9d420c3585bd014abd2e590a74feab98bbb0ee612c465a5e152b28c67e0b	n/a	Heodo
2022-04-01	MR-6935307309.xlsm	xlsm	3390185d81ea6becb7bb5c59f26400a3c75b99da77bd95eb76e9417ca984b4df	n/a	Heodo
2022-04-01	MJ-3356063595197.xlsm	xlsm	5ea7243ee6fea62276b79e7f2bf602ec3058d33fb8ddbc31faf71eb0eadf1a90	n/a	Heodo
2022-04-01	WE-975581058205224.xlsm	xlsm	5118b85e7ffcf61644564e2660990ff4e6becc430b13aca19a931d25f3d4c1d9	38.10%	Heodo
2022-04-01	NSF-29130408.xlsm	xlsm	e407f7217907368560ef28caf164f34190a5295c4c75afaaeea21386e8bed99c	n/a	Heodo
2022-04-01	YOH-68890893387.xlsm	xlsm	7347e4cf31a837aec00dd4d093a63e3f2b67a89b6af8965707c47717e8075482	n/a	Heodo
2022-04-01	EA-4036014337.xlsm	xlsm	9ae3ff917d99c0e0ba1f6dde3bcfebd781ab332d65552b032855ca627606cccb	n/a	Heodo
2022-04-01	HT-2100272728.xlsm	xlsm	5144b4176d2f9e56ad483565884642378be09039de1f2a353cb355c00dfa1894	43.55%	Heodo
2022-04-01	DK-0481899072.xlsm	xlsm	441ae7dcf7d20f39dce4201542202d7c62c067457d1476c2bda9c819979879eb	45.90%	Heodo
2022-04-01	GJ-9553126006.xlsm	xlsm	68696caf69e14a066ca54423f72a2e7693b03f5ce299e609265a3e72df925abc	39.68%	Heodo
2022-04-01	DQQ-447619994.xlsm	xlsm	7865998de760d97246decb7fc619579d9389e6c2cdf72097738e48a74a0bafe2	n/a	Heodo
2022-04-01	BFT-540833752773.xlsm	xlsm	d470a9368b15c6f1e3e1c49a452ab86e75500fc1585044f4c9dcdadaadd804d7	n/a	c8fc17ff030feb3383d8889f69abbb
2022-04-01	TK-189466116.xlsm	xlsm	d17e95fb87ae8a3011b050d5c9c089f3bc06fddd1a61feb4812380e96b541e73	46.77%	Heodo
2022-03-31	KH-24638501509.xlsm	xlsm	872c806b2f7f3d9e9fa2365cf07997b152c6209d41197d5584295b3f3cbdfb70	n/a	Heodo
2022-03-31	VW-66675006043529.xlsm	xlsm	da7fdf635815dc2ebb6fe69fa637d655ab6667aa7195ba89002790a17c19dc19	41.94%	Heodo
2022-03-31	DRB-125610968397735.xlsm	xlsm	dffde7ff06d4b4d38ae8f02750d5c59b2a1a293d05af04210b8e79d0b3fd4043	38.10%	Heodo
2022-03-31	ZWJ-8180982.xlsm	xlsm	a395d2ca627270c1b53481050d39c6395c778682e98aeedcb00d1f68fd1ec23f	n/a	Heodo
2022-03-31	VM-672804666952.xlsm	xlsm	62c189060c43573eb24597cf25c683c10baa2d25165f5de393f846864ecefc46	n/a	Heodo
2022-03-31	JIQ-575128168205875.xlsm	xlsm	c10cd4c9b699a22be539e47e16dbb91c80084b3afa570a9eb66c2206c3096b9a	40.00%	Heodo
2022-03-31	PHQ-887499822753.xlsm	xlsm	317b14af792a2e4b877fd65cd6dc1cdceaf3d9573dcc1cf673e5008d38f7b6ca	35.59%	Heodo
2022-03-31	MY-034348012299544.xlsm	xlsm	d17f996f89de5c8c22e600186d7d54a2e0172758ad5cd4d2accbf22b58848bbf	n/a	Heodo
2022-03-31	UBO-285353624042849.xlsm	xlsm	894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7	36.51%	Heodo
2022-03-31	XS-40621706.xlsm	xlsm	162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231	40.98%	Heodo
2022-03-31	AE-036408131230656.xlsm	xlsm	64c57c337892c7579a7c6d302233570e6f2450b0d0152b3b32de811347079a2a	n/a	Heodo
2022-03-31	KT-9488956145463.xlsm	xlsm	a099f9c9c8eff7049da288a1205f1c0ccd52a4954930cabdd7a00dafbe8bbe6d	38.10%	Heodo
2022-03-31	BD-935652076.xlsm	xlsm	f88eb7101fdc0fe20190969ec3bb4651bf4f270d9a9636d6c1e1a84ae46a9cd6	37.10%	Heodo
2022-03-31	IZ-3225005431.xlsm	xlsm	30deb7a7086f74317285271a2e26e40dc43b461a1a77c77480ea742b02cbe51f	38.10%	Heodo
2022-03-31	XOD-7924136454337.xlsm	xlsm	a43da1637de01a06d72a9d09981de5132b8bd971844704ee9fc7c5e07450a49d	36.51%	Heodo
2022-03-31	IOJ-4021193207533.xlsm	xlsm	61ad9b2b8c9707a14412bf30d2e17c11d75dd548e841d9b4eb6299ca1e0456d5	n/a	Heodo
2022-03-31	TQE-424737306915.xlsm	xlsm	0c71f0ce426be3dfeacb36cfb08349362327fa6041d1669a1d2ef8b1110bfab3	n/a	Heodo
2022-03-31	JY-13709431594530.xlsm	xlsm	f93f882fe4bac2b1210512c64a2985c99282b49a95a2aaa3bfcf6865d6dd0056	n/a	Heodo
2022-03-30	JQP-2251165.xlsm	xlsm	d3ad5641b527c4ec7e77e037ed81f1913c394f063e13677b8744b26fb09bdece	n/a	Heodo
2022-03-30	GII-722001350816393.xlsm	xlsm	265f4ce97b8c4a17c8f27359496edc3f97e2e6926a267fba16797dd5c6e3a70b	n/a	Heodo