URLhaus Database

You are currently viewing the URLhaus database entry for https://z-r-law.com/landing/romIlSQqFzR824ezJ1nQyl/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1912361
URL:	https://z-r-law.com/landing/romIlSQqFzR824ezJ1nQyl/
URL Status:	Offline
Host:	z-r-law.com
Date added:	2021-12-23 01:06:13 UTC
Last online:	2021-12-25 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	waga_tw
Abuse complaint sent (?):	Yes (2021-12-24 17:31:58 UTC to abuse{at}upress[dot]io)
Takedown time:	2 days, 8 hours, 54 minutes (down since 2021-12-25 10:03:50 UTC)
Tags:	emotet epoch4 heodo SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-24	040346471629192713654.xls	xls	7a1108c5d9c895654aaec57e2d820d848b928f2ee8140a87f67dc877cc186738	n/a	Heodo
2021-12-24	X216829501231584413.xls	xls	ffe92f7aaf260898f3df88606385aa7439c7398c65f9a1e559e3b8fe2057a026	14.04%	Heodo
2021-12-24	F2545911286593008818.xls	xls	3fdfa8fca0397d424779a3ce7f0e46682e6fea8603c388108a5f5d09800310f4	n/a	Heodo
2021-12-24	V38572672306612J.xls	xls	2cf8e31889bc2fc3411cd90cd393663c25286cb24d94b2fd009cc5936d7bf8fc	n/a	Heodo
2021-12-24	K142104593277370.xls	xls	40325be64d0277f1d44bc5fa218ea5a5acf338b5daf6b5ccad3e39d4dfa3a5a8	n/a	Heodo
2021-12-24	4522760153.xls	xls	3317a4e30189b050f520cbd8b91a5b1d205b0ee92b7f9249fa05283c1833dab7	n/a	Heodo
2021-12-24	59242896057B.xls	xls	90b7cceec2847da6f3d058a594cde1c8a5b723a133b45746f0ee240ef37dd67e	14.04%	Heodo
2021-12-24	769613733992.xls	xls	7dacb839aaebd399571b719580bbf80651e75209464b8ceec4a6563b964b8f3f	13.56%	Heodo
2021-12-24	786277860859452.xls	xls	2d1a9e680faad9427e7bf65e180a0b666cf952ea1853232e4a4ace7eec43b15a	n/a	Heodo
2021-12-24	Z9002423296904.xls	xls	a822ac244946d74de9a6d4d72792fe0c7beea3f0bf8257e5d1a2c019ee320e58	n/a	Heodo
2021-12-24	T28217451917154557.xls	xls	f996e0b743efaea3a433be0deb64a90ab1333b17170819c677f6d91eacba3177	n/a	Heodo
2021-12-24	721383465936320858963.xls	xls	ab6f1003eb149818984e3f59fc72f4146a16ca1fb99f80f128b29f2681190e9e	n/a	Heodo
2021-12-24	X7569160B.xls	xls	942cf47bc37c1cd12b79363b561b7d9ab5bb327700b26f9775c4014d903e1713	n/a	Heodo
2021-12-24	H5711546.xls	xls	4925c4e6ebfc4a1527aa27571593704e38d106751c517f19677a1bb100a1b7a6	n/a	Heodo
2021-12-24	P354744709J.xls	xls	52ca2106b29802043f3b5295e65bff2fb7c6e40510bacdf11ad7fb12c194a48c	n/a	Heodo
2021-12-24	C87353228.xls	xls	d6987bc82da66d589bc494be71837529a2ebee4bbc7261bc94c0c4ce6be08053	n/a	Heodo
2021-12-24	446264728428999.xls	xls	9824333920b7b927b51675fad13b8078434cb5dfc0e795e0448656334d222666	n/a	Heodo
2021-12-24	1808019002992.xls	xls	864e888739c1db69ca9571e14d935805ea8699b691845000ba85c5f1311eb2e2	n/a	Heodo
2021-12-24	F1000297387190341610.xls	xls	d3608ac6d5e7dd6cd5087f173b3352d64b5c34dbc7d8fa0d2d5ef040a066f200	n/a	Heodo
2021-12-24	I0992388819582017.xls	xls	3c8d49a046157a3efca16ecd5e1786f4e1a169c2937572c322165f0048c34ed8	27.12%	Heodo
2021-12-24	G163578471332937087818.xls	xls	40027d0ef9f117e225450dd036834a009471833d4941317124256319a4da1f40	n/a	Heodo
2021-12-24	T0336216096.xls	xls	f9ebb3b7f652ca818c4394874d8bab531f34bb748fe010497e53c79f62962bd5	n/a	Heodo
2021-12-24	R500941675208873814017.xls	xls	dfd7779828492c51dbf83bfe709e2b29ae854940801beea6a77ad5734a9bd1ee	11.86%	Heodo
2021-12-24	E1937357606814187917.xls	xls	00a0231a0404a3d34c4e1ac3b596de550e696cccae94c7d26fcb9b997eedfe6d	n/a	Heodo
2021-12-24	V725518475554.xls	xls	4bc6426e9b3e82b0f2a8472b28dd62d91af6800f6bf24bfa295d2ed71085514f	n/a	Heodo
2021-12-24	Y117649124.xls	xls	88c5d701915407e6b24d8e53e41b428e1bbb0aa2d884fcf827ae1cac5e5a5754	n/a	Heodo
2021-12-24	P345987504.xls	xls	96b1e0959f08cd6ff91e59c2555eed096a7d25a5a58e7749cdd105ff71c82d5e	n/a	Heodo
2021-12-24	M7378901429009.xls	xls	c9ed7cd28c8f21e2ac04b27a30cb61da8793b1597871922a524ff42d467d8396	n/a	Heodo
2021-12-24	M195805790762242.xls	xls	b890dec1230f36728207c1188371965690acde07376030e28b3d563144c2aaf3	n/a	Heodo
2021-12-24	N2955099308.xls	xls	cdbb955f375a588fa658c5e4b65fecca4256c01531aeaca4dc573ae0f22aa96b	16.95%	Heodo
2021-12-24	U113792279400216360.xls	xls	40312f1abdb015946505d6e1e979cd664541d0f80dd892247bdbe578a47343f2	n/a	SilentBuilder
2021-12-24	W602050667993796.xls	xls	1877211be5c8aab1a2548c48de3e59ae0c82e2519d6cf0e867b1c96ae170dea7	28.33%	Heodo
2021-12-24	Z580370212210677.xls	xls	5dd5d028f230eebf3fce6cc37b76fd84532db7511e0567336b92bc563a5370ca	n/a	Heodo
2021-12-24	F08852964810912769.xls	xls	e3107603083a6d759ddc850614107753492874c668f138f2adc2e08a0ff6548a	n/a	Heodo
2021-12-24	K434873891.xls	xls	e5d54c7b48b69567be57903ee78decb03f41ef42725eb8143f386a6873e1d13e	n/a	SilentBuilder
2021-12-24	I7070131839.xls	xls	1044e20d92ba2de92d1f6d4bdc5abe76df396556e51952b83353cf9421a30663	n/a	Heodo
2021-12-24	C8052971394988.xls	xls	b162f10f8147c6dfe4d058b3b753572f71897b6df59a67216468d0754e54891d	n/a	Heodo
2021-12-24	Q660135395390266.xls	xls	954b6d66e38fa57ba1899919adf37a030cc4acf3879c300ba5309fc20edd6e25	26.67%	Heodo
2021-12-24	X22506150662198.xls	xls	751b4d3397d981fa9b9754f6865c4afef0845dab67264651de9fc51156affa13	n/a	Heodo
2021-12-24	P157569160716904744945.xls	xls	989761fa0d490c736b7991b5d81906236aa176cdb5e1d9462a6982d29751e335	n/a	Heodo
2021-12-24	V91928567508021721439.xls	xls	26d94b73b15f33bf95bb66650d5301c55998c58910c22f3eac6544524b29eaec	10.34%	Heodo
2021-12-24	G502831713452152628891.xls	xls	e816b8af8419f2ff9402737cf33c8a97c8c9f1ea64bdc49898c5e3879b49278d	n/a	Heodo
2021-12-24	W09684208741.xls	xls	7859496c99048f59656e296bed199b8e52ff3d9d5cee44a2794e52858caf19d4	21.67%	Heodo
2021-12-24	Q84366611.xls	xls	d7b1cb1ae00dca8fee12505663178144a9f6e73485e53b9e5bc644597514c2b7	26.67%	SilentBuilder
2021-12-24	P9308201.xls	xls	824a3f0277b943e71033fce00144f02f387109b820629795a6004b19b78504b4	n/a	SilentBuilder
2021-12-24	Z106248945312.xls	xls	cc99b256f4bd99f566c2e661dad0467b3be777012a49e0d95cbc80c80a8cd491	n/a	Heodo
2021-12-24	C8351599729590410.xls	xls	e1acc3c3226bb7e587798b540b427813726c832ae977843915fa820def5d4406	n/a	Heodo
2021-12-24	J0700563293.xls	xls	6cad1d9ef68b473f6f5f62f4fbc6742e81a8f967d9f242996fe49cb7c5eacf6a	n/a	Heodo
2021-12-24	X971968101.xls	xls	287a7ef27eed8371f56478d165928ae0ea26a650a32d3d461220b20dc696a43f	n/a	Heodo
2021-12-23	T0052895337418.xls	xls	b2af5bbfd6076126cdf53ebd3d6a7f2ab27479ff5157a841a6a41bda99aec50f	n/a	Heodo
2021-12-23	T03978650093.xls	xls	c40d34e4a36e023913b611711194fee37a9cd7a63feda45a49387e897df904e0	n/a	Heodo
2021-12-23	S01593867235321.xls	xls	ae275aba1d935bd3045e9cd3f258b72636e6759506e183423341a992faf47f80	n/a	SilentBuilder
2021-12-23	W7843459516490097.xls	xls	945deb86efd203ed3d615fce5604a879cafb463bd1a754d2eaf4b369961dee84	n/a	Heodo
2021-12-23	P94074321440.xls	xls	f5636a67c71d59ffa42ac87611bfe0c7161dec9d5004d04377528d41ae630e1f	20.00%	Heodo
2021-12-23	K1526015999650.xls	xls	1f5252bc724a264578c9a7e4085d19f80453627a4329a0e7c5733a699ec6f400	n/a	Heodo
2021-12-23	S2878500099324152688.xls	xls	6b91c74b0d9289320dc3bd15ef9eb3a130db4442a976774e433f9004d656fc78	n/a	Heodo
2021-12-23	W67767465194572.xls	xls	65d219b297e96b026b875c52560360f48d01fe25ccc78f5fe739804a4b4f05c6	n/a	Heodo
2021-12-23	L9864954830126217080.xls	xls	aa64beebc522dbbe289a6079db2bba77eebd7ec04ecae92c168b69a997433a8f	n/a	Heodo
2021-12-23	K0028468013504923.xls	xls	dc1641158c36eff2c4d91bbb19781d1af7344fa0f7caca62597bc783e242fa5e	n/a	Heodo
2021-12-23	62098859624.xls	xls	90115998772138bffb8e1316af9f9b63cda8d85f8f3aaca09ee5e79153831822	n/a	Heodo
2021-12-23	2312391449.xls	xls	95972f16bcf8cd10561dc8b65c0d73c85be8fb37d98dfd14ce088d7d6f2ad53f	n/a	Heodo
2021-12-23	7525930236.xls	xls	a5fa2e29416d63ec073466d556f1fa42d985d0438600e8422de2de87e26c3371	n/a	SilentBuilder
2021-12-23	99565106618840.xls	xls	7e621b111bf07463db0eee68a3fadaac1688642aa36f1406be1215547b36d7c8	n/a	Heodo
2021-12-23	5106651362.xls	xls	c57b5b0f907c2913aa78ca6b68ceef15dfb50e8a109427f3554d203d65932182	n/a	Heodo
2021-12-23	15378694.xls	xls	09a0c26818f83cd912922688f32145dc3457a678a5494ea4ff48f01efbe81179	n/a	SilentBuilder
2021-12-23	915219497135.xls	xls	60aba73bffd4d8285cd0fd090d2ae286e12fe0011cdceb5a260d731b58677462	10.17%	Heodo
2021-12-23	8107248321561395.xls	xls	a481d58b9b01954ee8c6c3d44b8297c2cfcc3895f07f9beda648106cf39462c5	n/a	Heodo
2021-12-23	0286815494783.xls	xls	3fcc643de96cc8f42515929e84f68cfb36f28537b37a1fa152bab2898d161a0f	n/a	Heodo
2021-12-23	154860341.xls	xls	957e2e936bd6ccfe9ef8d01273e933fee42bbfa89142d57f2e4aa35c9f7c701e	n/a	Heodo
2021-12-23	8914204527807405.xls	xls	0a1a9eb7e560b07a4193785740228d849600670776c5c9046279adb52c35bcd2	n/a	Heodo
2021-12-23	4274409.xls	xls	1abb015e73fe7e537eb6e24b839ca986ad28652e1f65c4a5f557fd37249253f2	n/a	Heodo
2021-12-23	6280832787408676.xls	xls	2a170f15029d9d55b7dad42d14f58e962f45df96879073456075ca40bcbdcb68	25.00%	Heodo
2021-12-23	8917714765.xls	xls	09cc1626b7035fceb82fede2fc19b9df65357eb5630793a34689999428696598	n/a	Heodo
2021-12-23	6297115804.xls	xls	dd50d59e8cac9895813154ed63dc4c845636e1a3de76904f6eeac5705a5ae9a8	n/a	Heodo
2021-12-23	87026814567900.xls	xls	65916858fdb5070aec22ea8b657a21ea61852283555116ddb92f9c7b83433982	n/a	Heodo
2021-12-23	08709437.xls	xls	38990b98bcbe75f670a50ad5bc99c0f1e88834d51c84e93f221b88b4472c1a04	n/a	Heodo
2021-12-23	988073483942.xls	xls	03359a1154c46ed7fa375c6d220c5f9b236f8a324657b3898d86eab19256913d	n/a	Heodo
2021-12-23	9217522.xls	xls	180264d53532243c05c249958ccd328feeb47ebd7dc9cc816cced55fd22c288f	n/a	Heodo
2021-12-23	8770764213968.xls	xls	96db156560d85a9601b70c1a695e9e2c1f1a7553af38397f29d6e426528663ca	n/a	Heodo
2021-12-23	03347606751.xls	xls	5d1f5d444aa2f95ecc107aeda2aab52be49b64103bc947cca075ef765e8deaca	n/a	Heodo
2021-12-23	1438947.xls	xls	1cdf3a619c05c0721bc6b9a6f7e9153c9ff4d2f47118ccd0ef47afea64427d13	32.20%	Heodo
2021-12-23	606783750.xls	xls	cfb91f4910d1b97c2d722dbb1d10b841a79af5011be3ee5dbcf47468a6db5083	n/a	Heodo
2021-12-23	0349497528751791.xls	xls	02f8f694d0b0c1188dd29591de21f625cb608a8d54487c1c7f5a68340b09f57c	n/a	SilentBuilder
2021-12-23	5214329553476407.xls	xls	2957ba9f049e25eabc2b1db094df4b4e0f8062c60f1d0483c722095c163ad263	n/a	Heodo
2021-12-23	29137979.xls	xls	b332f811bbd708b5f415c650da7ed0dc66483c140ae16e2fc8879d77be0be661	23.33%	SilentBuilder
2021-12-23	425181705.xls	xls	06a7f7a6296b774253c7bc810254dac777e521daaef2ee031849b9194c635529	25.00%	Heodo
2021-12-23	927330332.xls	xls	296e3773821633c66d27b4c4438ec9ae76ee2cad7fc00a9f6b852394ca2b1a41	22.41%	Heodo
2021-12-23	75169043691.xls	xls	99ed0d39c05e7f5c0495b4112cdf0cbc2fe07e88066b644524f134b0450a87cb	25.00%	Heodo
2021-12-23	660844573023330.xls	xls	bf9c5da5a619725b7e1236035d41d5bfd7d3aa3d88d0be766d31deafc00bf5b0	n/a	Heodo
2021-12-23	9581511183231755.xls	xls	f5c3b27d88339e8bab3bb47ce63b717a99264bc1e8c1d6866dd12260138ad2b0	n/a	Heodo
2021-12-23	12167331.xls	xls	0e32a98533816d8ab208379bcabce2d48d062e0de5cc36835e883bdf74bfdbe1	n/a	Heodo
2021-12-23	1599421.xls	xls	3f281c52f76f37ec6c7af45149aa8ee290cc1a5c57589290447e8cb2a4bdce9d	n/a	Heodo
2021-12-23	35106072326694.xls	xls	91d4f32d6a37e6013639cd5e523e6328604a95436f8d3b266480f57a97599f2c	n/a	Heodo
2021-12-23	416204663213.xls	xls	435a3b34c0bd974f368bce0cc95457050f3e727c580c104534377c66edfc8ec2	n/a	Heodo
2021-12-23	8217335074950.xls	xls	2cac0d0653467c80cb207bfb43d8d6f57e7473aeddf92a47e10c2ae62556f3bd	n/a	Heodo
2021-12-23	797176260582.xls	xls	f9d1b2ac0446fed5d00c61bf9767fba85018d86908c3a74398d4f2c30f3d080f	n/a	Heodo
2021-12-23	4121457467943531.xls	xls	38b0a1134b4dbc0535e2af788c285b2a9a920118a4c467b12de6841242437041	n/a	Heodo
2021-12-23	18076496.xls	xls	9f16e116a70060507f773bc94da066aed1c061ee297187782804cc292e0bb11d	25.42%	Heodo
2021-12-23	643508586.xls	xls	a830905d19c1b1a262f5b6484dcbf74166b52e6742b363f5049fa03cec849557	25.86%	Heodo
2021-12-23	67424261.xls	xls	4d8d170d7e4981f57bc7f628b4ac01800a7c97e9edc66396e79bb788781ee407	n/a	Heodo
2021-12-23	1828545376.xls	xls	ef628739521d7af4df6459f02442985d4a9a3f122cd55c98540bb3a1d648cae5	n/a	SilentBuilder
2021-12-23	4342781288720.xls	xls	2991e95d6d3b92341bd33e2c9dc75dab521b1e38be10120fdc3e542ee4eba881	n/a	SilentBuilder
2021-12-23	5584732448939316.xls	xls	11bacde63fd95e99c4061fabbba6c504fa4e782eb0923513bb8e6433857ada23	n/a	SilentBuilder
2021-12-23	04520140277934.xls	xls	0934d436a87cc83e019e9ee2949ead8c647bb4c26738be5c91f568dd6f023c2c	n/a	SilentBuilder
2021-12-23	9328882175810.xls	xls	f43334acc07f6a013334b7399e0e4ce391fbfd6a73dd40daf68397d1de426731	n/a	SilentBuilder
2021-12-23	7978651413.xls	xls	b4fdc798e4c49df58164144b8bc115b1f9757ee3ca92832554dd921e65ea5e24	n/a	SilentBuilder
2021-12-23	011056661581233.xls	xls	d518f3288658ae304b6cf729edc4df00aa31c18bc6ddf5586518d077bab48b71	n/a	SilentBuilder
2021-12-23	33162650979131.xls	xls	a36fe3a855e95e22df1200bc1678183cf6e56215d765ae39d4e7728cad9971c6	20.34%	SilentBuilder
2021-12-23	2473850375096662.xls	xls	35be18251c8a0a0f21b6db45c2238f65f17a18168556f31e146652496bf60926	21.05%	Heodo
2021-12-23	108622701108110.xls	xls	52a5a4d7c1aa0abcc55b9f88a4f0879c142237774c175dcb7f448f08561ce2b6	n/a	SilentBuilder
2021-12-23	9035635998207.xls	xls	7322337b79e75a1a0b494af3b323e8c60e134eab541ab836ee4a943ada51a268	11.86%	Heodo
2021-12-23	2392408566923762.xls	xls	2fe52a04ad50a62b3c0248ad8a319bdc8e22cf9ec351f2d2c21b3e433e41d5c1	11.86%	SilentBuilder
2021-12-23	330110066002.xls	xls	a74a6a8140c11fc076d82f4a808994b267aaa839b9076dd2bae14909922e7efd	15.25%	SilentBuilder
2021-12-23	690804254.xls	xls	1aa52da08de6b2732f449f29515ec792060270972541fe18d3494b4dd4779c7e	12.07%	SilentBuilder
2021-12-23	3303272212.xls	xls	9fbef3bf291c5ce45854de786b83be78d6d79172da8f3dfddc8c752dbf5390bf	n/a	SilentBuilder
2021-12-23	9968620.xls	xls	22f3dd823009e3b1c3547eaf2ae78c54fcb499e4a0055c5db099ea28bdea93ac	n/a	SilentBuilder
2021-12-23	27000842570892.xls	xls	190fa8d2b5297aeb55c75f696f69cf1a0ea1ab45703e4047dc6baed4708833c1	n/a	SilentBuilder
2021-12-23	490138163124.xls	xls	7ab793a1270a4fb7bd09fb7de0de1e7b5888d779d754cad8c37e66f9c67324d3	10.34%	Heodo
2021-12-23	0338293098514847.xls	xls	fc427adb111a2cdd28c3799b619887f125d8c79900419fdd0918cb4f09084ab9	n/a	SilentBuilder
2021-12-23	24588367484452.xls	xls	46549909e329faf4ef851f602d8c1091c253897e0292ae05d83b73da7914077e	n/a	SilentBuilder
2021-12-23	8479914727391.xls	xls	46d6a384fe1773327c74c5e6daf03b4e1346cfef7e79d6e16045eccea064acde	n/a	Heodo
2021-12-23	1429535961331.xls	xls	5eb66d76f40bfc2a8b27ae16d451f2f8c3eddb77bf14e8fa7006f0d7ed9925c2	n/a	SilentBuilder
2021-12-23	19042313199333.xls	xls	4ce312179df139b3a8bcaba9729f79e9c54413e250d3124b94050b9656c6c993	8.47%	SilentBuilder