URLhaus Database

You are currently viewing the URLhaus database entry for https://headsetreview.xyz/wp-includes/N4TMqlb8Y5dOsiiA/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1964808
URL: https://headsetreview.xyz/wp-includes/N4TMqlb8Y5dOsiiA/?i=1
URL Status:Offline
Host: headsetreview.xyz
Date added:2022-01-11 10:41:04 UTC
Last online:2022-01-13 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 10:42:06 UTC to abuse{at}amazonaws[dot]com)
Takedown time:2 days, 6 hours, 49 minutes Poor (down since 2022-01-13 17:31:47 UTC)
Tags:emotet link epoch4 heodo link redir-doc SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12RT_32815.xlsmxls aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdVirustotal results 28.33%Heodo
2022-01-1293771_122.xlsmxls 58c5a48579e8499ec3aa409ee960a020592e422516e0aaa2847880ca43f84e90n/aSilentBuilder
2022-01-1230370_00865144.xlsmxls e58cd1fc646d37b9fd8040d9f7f4110bb07cbdadb1f5dd4a55413acacd33807dVirustotal results 30.00%SilentBuilder
2022-01-12WSIMH_09.xlsmxls 48d83d3b6c7ddfcbf30ed8ebe2feb9bc8b5c97dbec16fdbbec64d120181f94a3n/a SilentBuilder
2022-01-12255138_816.xlsmxls 3f4b1c98cb91608ce0ef51a77efb1ba624e38ff17e01567f9d61747a5e49421dVirustotal results 26.67%Heodo
2022-01-12625575071.xlsmxls d7638004f7dc1a884abf073a6c04d5d205ba31f4d66800216ddc303dd3f41249n/aSilentBuilder
2022-01-12X_133306.xlsmxls 796cb1dfe07dac51d9dd955ef372b6283adbfc38e34c92ee379fff29c89bacceVirustotal results 27.12%SilentBuilder
2022-01-12JLS_073281.xlsmxls 8642a84875b30eeae2bec0b16db37715f4a2ff15caf6e5185a4012107ec1e87bVirustotal results 26.67%SilentBuilder
2022-01-12xrc-8689.xlsmxls 926c822e2c4d78b252f788d3fa75a77bfed1380ad50cdacf21f3efddf15b0b26n/aSilentBuilder
2022-01-120480-99649.xlsmxls 1b7581c8be4bf9197005067c42e581bcc1c41b10d6d9768daa8c4642f6e3ef7bn/a SilentBuilder
2022-01-12G79672096.xlsmxls 9e0c891bd4b687d10b5c7d8082a2d4c7d24a0c9ea90b1d0aa09dafa6dee22047Virustotal results 23.33%SilentBuilder
2022-01-124378761-412784.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-11LTPKO_328.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-1146145_86.xlsmxls bb32c9472ef2faeae273e266c7fd2dd749d5b200affe3e0e3d3cbacd4cf6e904Virustotal results 23.33%SilentBuilder
2022-01-11HTCRX_49544342.xlsmxls bfe1c65501eb9a22ea914fe380d24127cdf99ce17fc20683f99a7b1e0ccc06f8Virustotal results 18.33%SilentBuilder
2022-01-11n_74273011.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-11R-499085.xlsmxls 71520c6b61c641945ab1d47dd755be9ecb8dfd171fa5daf9773a99459cb45efbn/aSilentBuilder
2022-01-117333864-8168.xlsmxls 4732ca576ac4a1b57726b01684356326dabe72f56f1f90308801953e421ce1dfVirustotal results 18.64% Heodo
2022-01-11515448035924L.xlsxls 4c7d6ecc64662c61351cf50dafc4647c4d5f39b8efb3b097e5c1ab937e120c37n/a SilentBuilder
2022-01-1184291267115774.xlsxls 73a93604b31a5b4b301dad4849b63d5e6e48ef8d946f6fbff48b485b1bce7a37n/a Heodo
2022-01-11Q5528780.xlsxls 62ec5aff1c6c20ac27c09077ff459dbe375a4d8841b6b47f85c7e51b7d26fd9bn/a SilentBuilder
2022-01-11R7367392R.xlsxls 416e811b6839dbe39092f82dbb62064350da5400ce2e1fd94870f305f5b2b77dVirustotal results 16.95%SilentBuilder
2022-01-117001297140480066E.xlsxls dd5655dd2bb0e1d2dec7b8b92b7795dd64bae918b46c32fa5144129822729d56n/a SilentBuilder
2022-01-11O483827559481796262E.xlsxls fe48432635e691df0782c8195559f80acd38518a812ec1ea5fc96957d94f6642Virustotal results 23.73%SilentBuilder
2022-01-11T75780928075541263147R.xlsxls 24160ff88a8c4ee8d12c4cad09dbd7e744c2bf1bfd24b636cb436cb047d3324dVirustotal results 22.03%SilentBuilder
2022-01-119381239528.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292en/aSilentBuilder
2022-01-11G264876935084716.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-11L5442873G.xlsxls 60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440aVirustotal results 15.52% SilentBuilder
2022-01-119255716302N.xlsxls f9dc6d359581da286cc014340d248cea2acedf09a9dc0cf9280641f3393fba35n/aSilentBuilder
2022-01-11R690141551.xlsxls ac54419fabe46284edceb8053b9d82d570dc0bdf6c0f0302122329da99c28a12n/a SilentBuilder
2022-01-11T9988530185684554856T.xlsxls a88483cdfd340711d7a65d74a5646e6bc7159a4af250074e0fea6db954177753n/a SilentBuilder
2022-01-11A8437141955142296J.xlsxls 659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76Virustotal results 18.18%SilentBuilder
2022-01-11N43433878079328671432.xlsxls 1cdf6133fd1d4138849b8f2b29f199d90ccce54c369b74a88a14e8329e1051c3n/aHeodo
2022-01-11A51992282182165.xlsxls b4f4e361680cbe98e26106393beca73acc80418fdae4ab118917b7e8bd9fc917n/a Heodo
2022-01-11311451033132621D.xlsxls 071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604bVirustotal results 16.67%Heodo
2022-01-1157082379W.xlsxls 5b8d0b12d4a393432ef70e1832915b20c0a39b948c524ac301e3ae5f9794b84dVirustotal results 13.33%SilentBuilder
2022-01-1158490339906212W.xlsxls d71f960574a42f577d5397574467ba2f556d0be9bec55b99c58946fab29ee994n/a Heodo
2022-01-1184700182.xlsxls b53a3f09073ba4c63f1634b32bc6328f22d9965ebc1384797a886d07959313fan/aSilentBuilder
2022-01-112675972H.xlsxls 045946e253af3bae2e2ae5be021b6a2032c8fd4df027ced949a3a9a09310928fVirustotal results 13.33% Heodo
2022-01-112191544098028179E.xlsxls 7c1004454dd200c8e01f09e796c996a70ee951164ec546ae10634a41c1eb4d22n/aSilentBuilder
2022-01-1184100398341806.xlsxls 06b383970ed4fab68a430bc021dd0744b77518ec82ef09f6d167c8edbf50fd53n/a SilentBuilder
2022-01-11N91831614227820889152.xlsxls a672f734a98a5b287eb96d134893701f055f20573dd9f9d778b1e7953b00a944n/aSilentBuilder
2022-01-1118172124872134083Y.xlsxls c17cf152edefc6ce2ed0a5fa783f3bbfd6348b41a22f0da9cdd2722311ddfd62n/a Heodo
2022-01-115313784.xlsxls 54517f5914c526589a1b1ad61249c75209d239c1885cd72f638d9924d53983den/aSilentBuilder
2022-01-1130739108V.xlsxls f218c6867a0a060d313d1592c39f606f2193f4d587a404b4372971a6344d0f16Virustotal results 16.67% SilentBuilder
2022-01-116464626679138488735.xlsxls 2c100919fb5cad55230897d07dbce3bc2b04df71b4776e51ea5d68390e308b40n/a Heodo
2022-01-11008999337711333808737.xlsxls 5d5960ceec11681300fcf26d61f3e8c614aa21a0eeec555c70a63c4049587756n/a Heodo
2022-01-11034473381074441455L.xlsxls e16adb6f1a775a983cf7e36a35ac0200ae5fa21bbb48325bf9af0e86d7b96be9n/a Heodo
2022-01-11G111186537255072962N.xlsxls 803ba1efe4554351d3b7b7768773cdc8c3e3fd66286c993520c86cea7a4fe01en/a SilentBuilder
2022-01-11662239871720227.xlsxls 7cdaadfceae5a41f40a2981e46f0c03a16496610c54c5a2adc39d51cbe56e535Virustotal results 13.56%SilentBuilder
2022-01-11Y091627151789435945V.xlsxls 81f7473d9815e7d0330bebf39c8a44797e6ff74a1f1331c55bee02e92fda3092n/a SilentBuilder