URLhaus Database

You are currently viewing the URLhaus database entry for http://behaviouralworkshop.com/msuvpkl/694NGFUVO-7/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1971380
URL:	http://behaviouralworkshop.com/msuvpkl/694NGFUVO-7/?i=1
URL Status:	Offline
Host:	behaviouralworkshop.com
Date added:	2022-01-12 17:54:05 UTC
Last online:	2022-03-23 10:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	sugimu_sec
Abuse complaint sent (?):	Yes (2022-01-12 17:55:08 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:	2 months, 9 days, 16 hours, 10 minutes (down since 2022-03-23 10:05:35 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-13	O_448.xlsm	xlsm	e2053410b37647f1f7e190f99174fbe37bf5833edbc9801319f4443e1478eb7c	30.65%	Heodo
2022-01-13	48804010.xlsm	xlsm	55831e6466e727c6dc0efc619eefaf7ff2a89d4ccb2f770e34aa49cd4a9894b9	n/a	Heodo
2022-01-13	TXB_27.xlsm	xlsm	dc8adc8e13d3e5a64f2d69f2163da90a19cd80594bf4db6b8d17c381312d28b6	30.00%	Heodo
2022-01-13	UZPW07558.xlsm	xlsm	22a61ad6c9715296ffe0d288650cadff57697c93c047bb60ee8feb45820cac07	32.79%
2022-01-13	OD_6090.xlsm	xlsm	304e17c2ef41373d5b2ded923de19336a227658abf49881fe446df0cfcfac00b	30.65%
2022-01-13	73317_4197408.xlsm	xlsm	f2c2b34b3d0b8b5e85cfecf0bb20d225e589c18841538e9283f91302bb27bde3	n/a	Heodo
2022-01-13	YA_67.xlsm	xlsm	132b4dea20861342b68e5c2485ade61c87962f5b17c8c73c2235a75110fd2104	n/a	Heodo
2022-01-13	0386320-102.xlsm	xlsm	febd9978510715acb1f4bb87d04412fb1e3e6e2720329590b6b146de515d2d85	n/a
2022-01-13	nw_68.xlsm	xlsm	f1d5904d51c4f979acbd63d484b167b8cfe3b6476c70a47a80f22399c27253b6	n/a	Heodo
2022-01-13	36220179305.xlsm	xlsm	97a28f39e64f29aa43aaaea8797e145ccc300757164905ee08775c079f7f68ac	n/a	Heodo
2022-01-13	W-400.xlsm	xlsm	6452605acbfd7439e825e954124dd53046c5f148daad80558e64ccf1887a2ccf	n/a
2022-01-13	20400_34.xlsm	xlsm	b19bc21f8451f79c07538d17976a4e7881e2046722f28008cf12c70034478b8e	n/a	Heodo
2022-01-13	8063_96231225.xlsm	xlsm	650bbdbc87791034d76982f257174ba4504b95273cc4b6f2abaa4e361cb190e7	30.16%	Heodo
2022-01-13	5729701.xlsm	xlsm	772971a6b4223ed654648f6e79e34133c55e788e60337e0ac7c29b53592adf17	n/a	Heodo
2022-01-13	NDK_75475.xlsm	xlsm	ec54edb8fa77d810e6deba4e6105fe4fa06c193915fbe03ddad082f3e24da369	n/a	Heodo
2022-01-13	565820277.xlsm	xlsm	eb9fbf10b29d11bb18b47f49d8ba8ff07ffe92024f4daeee6d420c96bba7e8fd	26.98%	Heodo
2022-01-13	U-06.xlsm	xlsm	48d8ba8e0832a4ee318f4fb4653345ed1d8e48e2bd90b55648e18d541e534d92	n/a	Heodo
2022-01-13	xvL719055.xlsm	xlsm	a64b918b227ae002b52f8ca07c1e57fbf11e0f6a0c5a06abbf79e2b209bce48b	22.22%	Heodo
2022-01-13	909921XESZPR_984.xlsm	xlsm	13f975538e7e72ac755218c6a35604d36e0278e74fed8e2270476b89268a7f2c	23.33%	Heodo
2022-01-13	2774-693.xlsm	xlsm	9e443aedd2833d67bb9b858bd14abc6a235186f865e05497ac39ab8cd0185156	n/a	Heodo
2022-01-13	MIH672106.xlsm	xlsm	d32a60905cbcf3b82765d7291ede8777aa420c096699a8f848d3417e53158346	n/a	Heodo
2022-01-12	C_6966.xlsm	xlsm	57dd75934f8e97adf3ea865291bb9766cae096c65aa55bcf8df2ff2325779fa1	14.75%	Heodo
2022-01-12	7529-010.xlsm	xlsm	7a42c12bcce014e382336c9ed46aa93e6f6c6573b7fec7e5d3ef6dedf721383a	17.46%	Heodo
2022-01-12	9875538-103120.xlsm	xlsm	c57fd2c02c895b4ae7bfd0dccf3721e4c979b931c8f1215e168678ce2c11b641	n/a	Heodo
2022-01-12	063513630_63016200.xlsm	xlsm	513bc7378d724e7a7c4cfb48291919fdfa001bb5e07b6cf06fc33c19055e057a	17.74%	Heodo