URLhaus Database

You are currently viewing the URLhaus database entry for http://avantage-doc.ru/wp-snapshots/ldVENN/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1964673
URL:	http://avantage-doc.ru/wp-snapshots/ldVENN/?i=1
URL Status:	Offline
Host:	avantage-doc.ru
Date added:	2022-01-11 09:55:06 UTC
Last online:	2022-01-17 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-11 09:56:07 UTC to abuse{at}reg[dot]ru)
Takedown time:	6 days, 3 hours, 36 minutes (down since 2022-01-17 13:32:43 UTC)
Tags:	emotet epoch4 heodo redir-doc SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	48644028.xlsm	xls	769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968	28.81%	SilentBuilder
2022-01-12	6643855128882.xlsm	xls	796cb1dfe07dac51d9dd955ef372b6283adbfc38e34c92ee379fff29c89bacce	27.12%	SilentBuilder
2022-01-12	87876818284803.xlsm	xls	ca65e9146957f09c7cdbb479666279a91d9065b309e29fea80fc5e3b7bd49393	n/a	SilentBuilder
2022-01-12	OU_2210979.xlsm	xls	b4e5abec6cda8d6601e77495e9eaf91756cfc834e816faa0fd327029da72d881	n/a	SilentBuilder
2022-01-12	81042656_86.xlsm	xls	ee39e88c3c79292adf03f167d3b538ed98543b64a867264a09a9d19b0ac28645	n/a	Heodo
2022-01-12	P_04.xlsm	xls	9e0c891bd4b687d10b5c7d8082a2d4c7d24a0c9ea90b1d0aa09dafa6dee22047	23.33%	SilentBuilder
2022-01-12	Dgpo237.xlsm	xls	05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268b	23.33%	SilentBuilder
2022-01-11	mY_6855376.xlsm	xls	66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6	22.03%	SilentBuilder
2022-01-11	5710055_51091.xlsm	xls	bfe1c65501eb9a22ea914fe380d24127cdf99ce17fc20683f99a7b1e0ccc06f8	n/a	SilentBuilder
2022-01-11	DVGB828.xlsm	xls	a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339	20.00%	SilentBuilder
2022-01-11	s1712446.xlsm	xls	9b3fb2f88edc75661d9aba9ccac4bd15607dbf2fa7542c47be3d533c0db5cbe5	n/a	SilentBuilder
2022-01-11	T_4924.xlsm	xls	14222deeec10d32091a2947e045833bd25c041a662f4090df26e50381cf922c6	n/a	Heodo
2022-01-11	90836571445935923276.xls	xls	e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bf	18.64%	SilentBuilder
2022-01-11	I555121943376424900R.xls	xls	62ec5aff1c6c20ac27c09077ff459dbe375a4d8841b6b47f85c7e51b7d26fd9b	18.33%	SilentBuilder
2022-01-11	96864366029545S.xls	xls	c630d761d951cbb2a45247adbe0361f1311dbc9c9dd2e90447ef752f3927a4fc	16.67%	Heodo
2022-01-11	M332223575698347802158D.xls	xls	2057afa974ff72e5f28439f4cdef17396772fe0edde04405fbcf8c5cb5a47888	n/a	Heodo
2022-01-11	S691899733.xls	xls	f9e789531cb031e9e6767f54a780f6ee8b53a417acb2b2012dbfaf1579aee55f	n/a	SilentBuilder
2022-01-11	K665932456193.xls	xls	067076b82d8006677b674411e2ac9d00f6b68e93ff460cb2f113d9150e73a88c	n/a	SilentBuilder
2022-01-11	439546597702989836.xls	xls	3d2ad015f60956cee32029cb7d6fee846f34a91d0f6dae2b68cfde31c99b4a77	n/a	Heodo
2022-01-11	N985037284754693573F.xls	xls	afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292e	n/a	SilentBuilder
2022-01-11	M209088115025.xls	xls	18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51	n/a	SilentBuilder
2022-01-11	88454482719715W.xls	xls	60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440a	n/a	SilentBuilder
2022-01-11	P8451928453034I.xls	xls	f9dc6d359581da286cc014340d248cea2acedf09a9dc0cf9280641f3393fba35	n/a	SilentBuilder
2022-01-11	18149545103.xls	xls	ac54419fabe46284edceb8053b9d82d570dc0bdf6c0f0302122329da99c28a12	n/a	SilentBuilder
2022-01-11	2359037210353730748.xls	xls	a88483cdfd340711d7a65d74a5646e6bc7159a4af250074e0fea6db954177753	n/a	SilentBuilder
2022-01-11	T56060518154502298241Y.xls	xls	c5850b16a368ab7c8f2d03cebcc7dd51173a704cdd1d6c105ba43083a40b6063	n/a	SilentBuilder
2022-01-11	215024899.xls	xls	1cdf6133fd1d4138849b8f2b29f199d90ccce54c369b74a88a14e8329e1051c3	n/a	Heodo
2022-01-11	S35301427W.xls	xls	b4f4e361680cbe98e26106393beca73acc80418fdae4ab118917b7e8bd9fc917	n/a	Heodo
2022-01-11	O84448205T.xls	xls	d998c674fa44d16219511679b665d89c572e0ba8736919f99baaf7ba096f072c	10.71%	SilentBuilder
2022-01-11	M627606087929871867.xls	xls	17832170dc965d40f1a4b7b5abf6dd5f8d131468c82c281388bf6f6967b77490	n/a	SilentBuilder
2022-01-11	939544914743983.xls	xls	b53a3f09073ba4c63f1634b32bc6328f22d9965ebc1384797a886d07959313fa	n/a	SilentBuilder
2022-01-11	583238255131113427R.xls	xls	89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9	n/a	SilentBuilder
2022-01-11	62662707.xls	xls	645258c3eec8a24b056403664b65d66c43f78566a0f33270723a6edc4d0c7ed8	n/a	SilentBuilder
2022-01-11	F14820483244I.xls	xls	06b383970ed4fab68a430bc021dd0744b77518ec82ef09f6d167c8edbf50fd53	15.00%	SilentBuilder
2022-01-11	P5162861284470896154I.xls	xls	a672f734a98a5b287eb96d134893701f055f20573dd9f9d778b1e7953b00a944	n/a	SilentBuilder
2022-01-11	0406784821432332784.xls	xls	ffd39f522cb9bcdb3dac93c34aa136be3cdc6cc6f6b878cf756a5a53443546fe	n/a	Heodo
2022-01-11	472260510364570333X.xls	xls	54517f5914c526589a1b1ad61249c75209d239c1885cd72f638d9924d53983de	n/a	SilentBuilder
2022-01-11	F292092020457913L.xls	xls	7344902cb22762b87d48eb15a20c8bf0f2e6ac3753f23922d6cf2fd721277d2c	11.86%	Heodo
2022-01-11	P550347979181123H.xls	xls	25a3e55a8c505687b78fb62ff041db36ed577b17dbd1b9ebf4e8628b9cf7b18e	n/a	SilentBuilder
2022-01-11	P107687236626616.xls	xls	5d5960ceec11681300fcf26d61f3e8c614aa21a0eeec555c70a63c4049587756	11.86%	Heodo
2022-01-11	30111258324124340874.xls	xls	aa4aad81decb8b0cb81bef9f2fb19aaf9d7ab1e30e1c4bb6f983b4b45973d250	16.67%	SilentBuilder
2022-01-11	302188338.xls	xls	014fc0f35570524af821c5eba7c6efd66e8b973be290e6aefcc2b4ba1d56870a	n/a	SilentBuilder
2022-01-11	8830735.xls	xls	8d553f79df6c325e23d3dbf5395971d1e0e1132eb66d882f365a931e848a6556	n/a	SilentBuilder
2022-01-11	O04771511905799541674.xls	xls	7443d5335a207cca176825bd774a412e72882c815206c7f59ace1feb111bb4e9	n/a	SilentBuilder
2022-01-11	K9554084B.xls	xls	276395e58ccf322a3705f0f21c4b4c62fa416a5ff02bb8e65e5b9d4289ebf763	n/a	SilentBuilder
2022-01-11	G7107242871671861.xls	xls	b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15	n/a	Heodo