URLhaus Database

You are currently viewing the URLhaus database entry for http://dulichdichvu.net/libraries/vNjJU0JOEiZVljVrZavkePpju/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2125289
URL: http://dulichdichvu.net/libraries/vNjJU0JOEiZVljVrZavkePpju/
URL Status:Offline
Host: dulichdichvu.net
Date added:2022-03-31 18:49:06 UTC
Last online:2022-07-03 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-31 18:50:10 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:3 months, 3 days, 21 hours, 10 minutes Bad (down since 2022-07-03 16:01:03 UTC)
Tags:emotet link epoch4 heodo link xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01XOO-784959532035.xlsmxlsm 5d31e83b1dda43ba478dbf1bbd5b1ab90021810860493110ac6175f69e58a93dn/a Heodo
2022-04-01DXZ-188648757061903.xlsmxlsm f316a9b48040c007a792f5b99f7367b7d6996c7db03a377dd159a22db01e6546Virustotal results 39.68% Heodo
2022-04-01YQO-95920724.xlsmxlsm 233f7895cc0f09422ffae4daccf844e985c31c8d5ca0ba98092b108828e22f0cn/a Heodo
2022-04-01OI-38457762313.xlsmxlsm 97fc1c969103278fd6fddd2f117d3b418d3f7925a9971bafa8bafd8b2d3df632Virustotal results 36.51% Heodo
2022-04-01FK-4562882193.xlsmxlsm f5b4ac04b08a06f6b3baa4b35784bcbf477479d425c42cdd443b99aab8fa6d38n/a Heodo
2022-04-01ZVF-631409733624.xlsmxlsm 41169580013c884c968404a805765bab464032270676b792b39ae2b521a64dfeVirustotal results 39.66% Heodo
2022-04-01VG-591991803.xlsmxlsm e60bc99d183be33a1787fa2d49cf9ffa132e958a48f6c9f44ae73df878d51ceen/a Heodo
2022-04-01IZG-65765920643.xlsmxlsm 95a5818025092c8bd5c223d791220072df4eee4b7391f34e0868b32e3ce355a3Virustotal results 46.77% Heodo
2022-04-01IHV-05895100.xlsmxlsm 6463322a887744e8e04715bf20b67bc671561c87d8cf5ef5d4791ddfb5f1eb0aVirustotal results 39.68% Heodo
2022-04-01QD-36391807219029.xlsmxlsm 8ce2a97a8318d629daf6b48ca033dceb8988c32bf5023f8938f354bdfeb5e25bVirustotal results 44.26% Heodo
2022-04-01GQ-15734754580.xlsmxlsm 60833a18e14a8b4eb21cec280bdac63e8a03eeda78c1c5e0e641624b72000be8n/a Heodo
2022-04-01QQN-348229525217787.xlsmxlsm 53ba0571642eb8162dba83cbc3390d3483fdc2cc3748ac1bb4cfbe34542f57f5n/a Heodo
2022-04-01YA-4234744542.xlsmxlsm f43408a5254cbcdcebadf6d4f5f4e2e7202cd88b8a6bb1ff62f5caf1bea5a0e7n/a Heodo
2022-04-01QE-576851343348.xlsmxlsm 8cfdb13bd3fba245b5e3c5a06b90cdab4f8970b13e3ea5262aeb7bd089474bb3Virustotal results 36.67% Heodo
2022-04-01HIU-14682905445.xlsmxlsm 8e5835d0209196b133cd57a2e62020eb4553f72a8436e3b16f0fa666661e8326n/a Heodo
2022-04-01RU-07969278470.xlsmxlsm fdaef695835e1a9e056fe2496ef611e4250388f7712102116b6717894e578f50n/a Heodo
2022-04-01DCA-182038063.xlsmxlsm 1cef59b0cfd651edd1b587c50988c75a14b39c325a3f41839e3ce51c08f7f753n/a Heodo
2022-04-01ML-267928877924.xlsmxlsm 73dc0a16c8430b50b28054c9e0b1e54cc8174554e7b63b4e2fa4be17c3cac1d6Virustotal results 40.32% Heodo
2022-04-01OZW-36548523829.xlsmxlsm 05aecb805762b1c7cae04f8f46d0d43392d1b6e4880c93d82f69ef52d8dd2660n/a Heodo
2022-04-01UFC-710346482663.xlsmxlsm bae96f9a32122e9edb5b64e650dad2249b1dae898540a74641fdd9a4fe860edfn/a Heodo
2022-04-01OK-7680737781242.xlsmxlsm 2288e29a0367cbb5c666e9de201e597cdc4c8eb6cf4c484735212a482a2e38ddn/a c8fc17ff030feb3383d8889f69abbb
2022-04-01PE-437460405711477.xlsmxlsm 5c887aec3ff6d6b86adb64e688521d4b396689f6e29bb2106125af1b20b9d5c3Virustotal results 38.10% c8fc17ff030feb3383d8889f69abbb
2022-04-01DBL-40301274738.xlsmxlsm 9ca7e881cd1e46ca3a73efbad250390fbb3fbc92c6d90d0f25c6a218055f323bn/a Heodo
2022-04-01XO-5151863.xlsmxlsm 48dbe9ae0ca66bc67080a8b6e6748b7454b8d47c0e6f867f1fc0402d451ccbf2n/a Heodo
2022-04-01YPZ-479645543198228.xlsmxlsm dcc6409e704780116523a3e6ca35edf1399b381568d26b6d0373d1d9e00be491n/a Heodo
2022-04-01LEF-1314894.xlsmxlsm 55af29e8285944f573d931d856bd099dac92ab1868000f8346d13a0bce7f1e3dn/a Heodo
2022-04-01GE-5541167508508.xlsmxlsm bad29f90618ce3abdf8296b3212e2b256d0ba9047f64c50681339f93fdc7a729n/a Heodo
2022-03-31AM-378199275806858.xlsmxlsm 26505592fe23711a237d0af8fd2c3644b821bf8b9436bd5b92d3132815ba26b4n/a Heodo
2022-03-31WJ-92299062.xlsmxlsm aa3fff2c2d0daf56b10654b5f1f501b45c0cfd50fef9004498bca2a83c359e69Virustotal results 36.51% Heodo
2022-03-31HAD-320968743705.xlsmxlsm 73a1d60faa31200f09f2567671137d6b5f9be02a97eec33fc20971d151d5c8f1n/a Heodo
2022-03-31RR-9502982281079.xlsmxlsm 10281dd74601704b43cbce7093951762bfb6cc0402f747ba01250b2ebc438c27Virustotal results 35.48% Heodo
2022-03-31IS-995893849066632.xlsmxlsm c201ae0ab0516a27d14400b4af28d4189bb2c6d8b589c4fadb025c26645f19bfVirustotal results 38.10% Heodo
2022-03-31MX-238762269376.xlsmxlsm 0e92cfd04405b8b597562761080285f19807c04c48c7278fe7632271ded41c3dVirustotal results 40.00% Heodo