URLhaus Database

You are currently viewing the URLhaus database entry for http://hbaa.law/wp/szremm-05/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1972981
URL: http://hbaa.law/wp/szremm-05/?i=1
URL Status:Offline
Host: hbaa.law
Date added:2022-01-13 06:38:05 UTC
Last online:2022-02-10 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-13 06:39:22 UTC to abuse{at}ovh[dot]net)
Takedown time:28 days, 11 hours, 33 minutes Bad (down since 2022-02-10 18:13:02 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-14SG_79949665.xlsmxlsm d08e195ad3750d53f5dab90cbc01f05dc26d11db16c7eb3dc74a1656b7417cf7Virustotal results 26.98% Heodo
2022-01-14JOJFN_8193.xlsmxlsm 8f7a9cc8cbc19032e25ab6524b05b1e6807b05e96abe4e3467200394ef44f5a8n/a Heodo
2022-01-14b-52283.xlsmxlsm 046d5f85d492903e52b9161d9454a1b6a18f3980482650fff9a9b2ba7086c1c0n/a Heodo
2022-01-141421542964173.xlsmxlsm 9bbdbbf2e16c8304a30bc12313362864d0b4611b6b5564e5fa4efeb559c9a4c6n/aHeodo
2022-01-14XDMtJ_88410.xlsmxlsm 0db8962b34a097cbefe62d17aae56cbb6e86fd1f8302a190427bf5de9e3a678cVirustotal results 27.42% Heodo
2022-01-14qwS-97.xlsmxlsm 5e5e12a3a114f3edcabd2e37239ea81f03db5f04ae7c6a5b5436f8898489f84fn/a Heodo
2022-01-14WKBW_939.xlsmxlsm 4098eed9c3a2b676312fcf3dcdbcf4f18affb50ab9b31d02868aeee1b6e7d932n/aHeodo
2022-01-1467674_9154956.xlsmxlsm 427030980a8af62adaf28fc00d1ee2507de9cf4f09b4cbcd5b00b064e60d4d3dn/a 
2022-01-142865673_458.xlsmxlsm 878245ca533c239b7066ce1bb483d8cd42a8d5887954c3e4db00b5a52d46f354n/a 
2022-01-14ZQ_85.xlsmxlsm 3b63ba5e81eedd06656eca70b56b6d9490b598df1646dd83dacefe8cd52d6a77Virustotal results 23.81%Heodo
2022-01-14brncwm995.xlsmxlsm 6fd0e2563b3a57caea1e0d3feb66a44be67ba02e5a317dab989189508a1117fen/a Heodo
2022-01-1490794-62.xlsmxlsm 9072fc8fc3985edddb5521d1cded73e42a33e20f9afc2df23525b7a3a32b55bcn/a Heodo
2022-01-14236565-5600266.xlsmxlsm d7e424ccc4f316f9abbabc2a3b0bc47b61daf071111fed745056ffc823c541c1n/a Heodo
2022-01-14numphxq_07501331.xlsmxlsm 77f9047608db228251671697e703de19448819776d18446a1c5cbae840087e02n/a 
2022-01-14167909381_2866291.xlsmxlsm c2ab14bf957655123abdaeec4efe8202b1e6038c324c3492e2b610175334ff58Virustotal results 25.40% Heodo
2022-01-14WH-6770.xlsmxlsm a85027f7373bfd8ef12904927f1e429ac96c5e8b67f47fbd24ab5d51a7c5d297n/a Heodo
2022-01-14064009343_9237742.xlsmxlsm 5766f9389fd5614c2813569aec65e79c52d1ef751cbeceeaac953ed5a80c2af6n/a Heodo
2022-01-14VAYFF-526.xlsmxlsm 6de1b20d93771763cb7ad66c40ee46a585ce85885919aad6e3b2a4fd9e342e08n/a Heodo
2022-01-1425241552ZSVVDNVIY_784910.xlsmxlsm 675e9b8ca552efccc34ac7a2f9fff8ef872d7a5cf5790aca00d33baebff47a87Virustotal results 24.19% 
2022-01-1324UTOAFILADU_965.xlsmxlsm 1dc1502f0c204e7a8764600b6b75007ee88b4a50e3e8c71152430b82b49d4945n/a 
2022-01-136473162-4037.xlsmxlsm 5f8e1fe6837bff619f9978ac9fe558613c1130481ab403c460e5ec5f9f057c90n/a Heodo
2022-01-1325931961927317.xlsmxlsm 29154824706d6615c15ccf36a9cb16c3a3348916dcd95844df4301f1a16e1187n/aHeodo
2022-01-138296_6195.xlsmxlsm 792a7b8e75aa51f90c66ee711faf429dfe3220b038cc3725ee935083fcb60e0fVirustotal results 22.95% Heodo
2022-01-13FCO-2530935.xlsmxlsm cfcf60f2a598ac8e1abc547928fb7b32fa3b58afb00c098f3b6b34b77d0ffbb9Virustotal results 21.67% Heodo
2022-01-13632_33.xlsmxlsm cbfdd288ed81b34166f40cbb96b59bf5836fe4dc0f06b4f121a97ad11fed7786n/a Heodo
2022-01-1315309081SUZYWFKE218.xlsmxlsm 256409e023ca18f652f8e92da9946701eddf5fb8083560d6ccb6198dbe611d73Virustotal results 22.58% Heodo
2022-01-1368556585840709626.xlsmxlsm 80f732153350e276a2b676506c38904e02387501bbd7946340ee90858bcc5f79n/a Heodo
2022-01-13986832_47737.xlsmxlsm ac61723d025f90be4b2b44d6643e6ef15327be31899b8cbdaa43c0a2fac25f5eVirustotal results 30.16% Heodo
2022-01-1331374-57562.xlsmxlsm ea518dd18446672c07dfd03a7b14e0f939a89b414a670198e7cf429b6cba7d84n/a Heodo
2022-01-13ygv4998.xlsmxlsm 920f3ff6aeb6ae3263757fc11949ff22476eaf9c6471b521bf891b9a18192465n/a Heodo
2022-01-13KMXPV_4615.xlsmxlsm 840b14be8c10c32e02b2c43fb7fce553f9a5fd5131d87cc9d95b514583ef2d49n/a 
2022-01-134446_77506.xlsmxlsm 890e54734498c0cf6c05a9678b66b29e3c38203ea61f83937a017ba7afed9809Virustotal results 31.15% 
2022-01-13om_68292.xlsmxlsm 8186f82da42f9f07b405d280632e62d7632c4b472cbb489761bf400bc9ac2b74n/a Heodo
2022-01-136605-0641.xlsmxlsm b4fb2c694f76e85c361b9c285f67b7a5a15074919db0b9eb2d55521390eedbc3n/a 
2022-01-13097980_0200.xlsmxlsm 43b4a4ded4844dc3840f383b8b10f7c9691f0044e5cf6a24681fdd62927988acn/a 
2022-01-1354347LZUP0064.xlsmxlsm 55831e6466e727c6dc0efc619eefaf7ff2a89d4ccb2f770e34aa49cd4a9894b9n/a Heodo
2022-01-13OCZ_03.xlsmxlsm 6aba2f1108a54a6e94dddf1fd12bc6f4b8b8a6d083fc5481e8ad35dc9b20b192n/a Heodo
2022-01-1311779540JPHISIDSC33502.xlsmxlsm 3e8ac5b89fdb8697813438a75aec6df15ad029e5c499a023f5bc7a209ff1b13bn/aHeodo
2022-01-13148637681_6339942.xlsmxlsm 603fc4bf5e141be1b30fb64551545d7f757d7f508891d17256ffc5564f3ccfc8n/a Heodo
2022-01-13GT_7043.xlsmxlsm e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320aVirustotal results 29.51% Heodo
2022-01-138750_873.xlsmxlsm 0a15c90622fb7efdc89dd32dd7eebdf84b3544b5e9b63a281ef38d59ebc446e1n/a Heodo
2022-01-13227285481020.xlsmxlsm febd9978510715acb1f4bb87d04412fb1e3e6e2720329590b6b146de515d2d85Virustotal results 31.75% 
2022-01-13GAI-633356.xlsmxlsm c9d6e67d61769e32b703185a1035e43bbc9c7c053cc1d06594fad3979da3cc9eVirustotal results 27.42% Heodo
2022-01-13CIQIB_8045.xlsmxlsm 41750a936f4e59a899e45972dd3ccf154305807c52bd7e5f5b19344e909f86ban/a Heodo
2022-01-134551_95699.xlsmxlsm 2d009791d777c752c4fddb6e32e5d123d7ecf80145baef849436bf4879259b8en/a Heodo
2022-01-1358924586276681.xlsmxlsm 109868bbf981851bac44548c11bee90f08fd3c83e06c9b9539f568e047f45e0an/a Heodo
2022-01-13O_68173481.xlsmxlsm 4624a6c75a73e206d26cf23225ddf8c14c9bd3fac85edc04aebf63a281aa8bd4n/a Heodo
2022-01-137211272_402216.xlsmxlsm aeb70e41209244bbbb3f870a325ee369ce718361b2caf361f8472ce7b1b7001dn/a Heodo
2022-01-139088_2789.xlsmxlsm 8b97c32b643fd911fc305bdb62b94e1b34bf97ba87335b1f81cabe2bbf250d24n/a Heodo
2022-01-131742161_61393603.xlsmxlsm 6acfbc04a4d8ee5bed51c551d533b4b99936760fdf3f6db32d1216130c89700cn/a Heodo
2022-01-13190415_52.xlsmxlsm 1837567c1c4771488aaff8602f2c98711463d9afd7dbe2a3ab3413e37e30f610Virustotal results 28.57% Heodo
2022-01-130804-968080.xlsmxlsm cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46cn/a 
2022-01-13LDP_34813.xlsmxlsm 13f975538e7e72ac755218c6a35604d36e0278e74fed8e2270476b89268a7f2cVirustotal results 23.33% Heodo
2022-01-13XQ_97.xlsmxlsm 726be01c1600c33b9a3d322885ca12383ec5b64546bb389670176f77f7faf162Virustotal results 19.05% Heodo
2022-01-13MN_576385.xlsmxlsm 6a8fc7cb880a404032161e81d67152873581b6614b238faebd731fb7fbd8cb92n/a Heodo
2022-01-1373_30158.xlsmxlsm f745757e79c9411ab969a3e2ab5ccff444e4542b87681828c091f595826410b5n/a Heodo
2022-01-1368481459LHWTOKG_79.xlsmxlsm 6c5843f31e83acb3be71be737cb15c279df63ad2191db42d1687985925eee1c9n/a Heodo
2022-01-13675_046358.xlsmxlsm 2cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4n/a Heodo
2022-01-13731_75516.xlsmxlsm ff6fd9c7c63b598cfeaf21e261d13bc4807564dde366b8f407be4d189390f883n/a Heodo
2022-01-1396_7.xlsmxlsm 1080082d0eec3c4e3583b6e259b0863c746d211af8a8b6b645b21059e60f1119n/a Heodo
2022-01-13xMAn74983.xlsmxlsm 27142990970a1968021bca00b4005ef206e3a553179b2e717e82ebfe8a8af1b9n/a Heodo
2022-01-13796416DUKG-8.xlsmxlsm 8e8824a855908e301cb873fe67e37eb4af99b32f75fb1ea8997af913540ece02Virustotal results 17.46% Heodo
2022-01-13315869949_10.xlsmxlsm 7116287ff5fc3e837e06fb2ea4d6a131127ceecf8ef165f088114fdc8aa9e17bn/a Heodo
2022-01-1366858OXPFU29092708.xlsmxlsm 5ecaca761cd39de3bd3acc762b09edb997c02a40e3a20e53e466c70524bd639fn/a Heodo