URLhaus Database

You are currently viewing the URLhaus database entry for http://polarrefrigeracao.com.br/fontes/8BqeW89lYBFfhiJlQYr2DZ7OorJ948/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2125413
URL: http://polarrefrigeracao.com.br/fontes/8BqeW89lYBFfhiJlQYr2DZ7OorJ948/
URL Status:Offline
Host: polarrefrigeracao.com.br
Date added:2022-03-31 19:52:05 UTC
Last online:2022-04-01 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-31 19:53:08 UTC to andrebruce{at}gmail[dot]com)
Takedown time:20 hours, 33 minutes Good (down since 2022-04-01 16:26:48 UTC)
Tags:emotet link epoch4 heodo link xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01QD-784107123932.xlsmxlsm 27111e69db95c5de5c99629d1caba2f1c45e9e2403beac08aaab7dc8c3caa092n/a Heodo
2022-04-01IQA-19725623635059.xlsmxlsm f29f0ba02cb498dad7d65453ecc558f159db3694f8f5cdba8d96fe63fb61d986Virustotal results 41.94% Heodo
2022-04-01ISR-66820406.xlsmxlsm e407f7217907368560ef28caf164f34190a5295c4c75afaaeea21386e8bed99cVirustotal results 40.32% Heodo
2022-04-01VG-0103168560659.xlsmxlsm 5ee7da1557872d5aa45f2b0dd720348fa08f31e3b2b3bb5aa5fcac583cc2d9adn/a Heodo
2022-04-01UFR-57285543672098.xlsmxlsm f43408a5254cbcdcebadf6d4f5f4e2e7202cd88b8a6bb1ff62f5caf1bea5a0e7n/a Heodo
2022-04-01BH-462730886659811.xlsmxlsm fa9f8c915e7e2c8f789e6e390d3b655689e5cb9e29f1b971fb833bad6cfdb0c9Virustotal results 41.27% Heodo
2022-04-01RM-7232171479281.xlsmxlsm 8e5835d0209196b133cd57a2e62020eb4553f72a8436e3b16f0fa666661e8326n/a Heodo
2022-04-01RN-23736091034.xlsmxlsm 8c3a1df0298f1bddbc6946c5ab191ef80476cf4a3a8cefe7493c189035d2f0cbn/a Heodo
2022-04-01KDL-544022114.xlsmxlsm 1cef59b0cfd651edd1b587c50988c75a14b39c325a3f41839e3ce51c08f7f753n/a Heodo
2022-04-01DI-45726571900915.xlsmxlsm 5118b85e7ffcf61644564e2660990ff4e6becc430b13aca19a931d25f3d4c1d9Virustotal results 38.10% Heodo
2022-04-01FQL-7589698557271.xlsmxlsm f3c06e72e6b0cddb3d66545d59bef1288458f9c106ede60b0507f095971e7067n/a Heodo
2022-04-01TLO-801407002.xlsmxlsm 7347e4cf31a837aec00dd4d093a63e3f2b67a89b6af8965707c47717e8075482n/a Heodo
2022-04-01ZFN-1617855301210.xlsmxlsm a5935a412c23ba191d5b45d6c5d4bc9ef13f7e88766c37571502a79ee381ef5dn/a Heodo
2022-04-01MIF-8280913311311.xlsmxlsm 45a99040aab95ccb6eae75a169ae10f79883e11c53c29bc41ffffd0a329940cen/a Heodo
2022-04-01WQB-051144505818.xlsmxlsm 441ae7dcf7d20f39dce4201542202d7c62c067457d1476c2bda9c819979879ebVirustotal results 45.90% Heodo
2022-04-01GO-280028606.xlsmxlsm 68696caf69e14a066ca54423f72a2e7693b03f5ce299e609265a3e72df925abcVirustotal results 39.68% Heodo
2022-04-01KVK-2878663891523.xlsmxlsm 7865998de760d97246decb7fc619579d9389e6c2cdf72097738e48a74a0bafe2n/a Heodo
2022-04-01NBS-512232659.xlsmxlsm ccd56be98c55e12bd6055a6653472e9d7f1a8847dec281a9a3b6af0ed000c226n/a Heodo
2022-03-31JA-58150926001534.xlsmxlsm 5131287d80e747b0ac91053a0490859150d9f84995214a9136ed22466de08835Virustotal results 38.10% Heodo
2022-03-31QR-94006658433.xlsmxlsm 10ce10aeef8f6d0f3daf5292f589879e748af9adc9d29ad0bf9143c2115cfa23n/a Heodo
2022-03-31QB-384543882.xlsmxlsm f4e10c5743205f55ce4eca43f3741f71ecfdca9391ae883123c3372d5daae4b1n/aHeodo
2022-03-31EE-2009868658.xlsmxlsm 0e0d8dc4db15ad8d199eab417dc846552e869c3968a063d0886f02604ee42c64Virustotal results 41.27% Heodo
2022-03-31AMJ-366665243.xlsmxlsm 2fa93c2dfef003816d473094a03ffe57ed6fd6cbbd21f22831af88634fc3287dVirustotal results 37.10% Heodo
2022-03-31JG-45068381118098.xlsmxlsm 0a23b203754e6a043fa99f6cf518c8ffa19a34557a7471edad072d54c4a76dacVirustotal results 42.86% Heodo