URLhaus Database

You are currently viewing the URLhaus database entry for http://hbaa.law/wp/30136_0/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1976020
URL: http://hbaa.law/wp/30136_0/?i=1
URL Status:Offline
Host: hbaa.law
Date added:2022-01-14 07:22:04 UTC
Last online:2022-02-10 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-14 07:23:24 UTC to abuse{at}ovh[dot]net)
Takedown time:27 days, 10 hours, 47 minutes Bad (down since 2022-02-10 18:10:31 UTC)
Tags:doc emotet link epoch5 heodo link

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-156034933-2956.xlsmxlsm d90488474a115987753f7d96f2810900bd6abfc52ac05aeed67710e18e0314adn/a Heodo
2022-01-15437459FVV404290.xlsmxlsm af74adf2376ab0a8fb16735d44fc3e72bc4480a91b2cf9de85cd2f9ab7fe1fb5n/a Heodo
2022-01-15547611594.xlsmxlsm 9e6ff25a737baf5b6e837a5adec1a04f237f97615cccdd44c7052878b10ca1ban/a Heodo
2022-01-15263-044126.xlsmxlsm ad1b7552699a3ccef19229a0eff41da0233a54e065123850af66488c3d64c266n/a Heodo
2022-01-15Cb7751146.xlsmxlsm 7048b590b47e71cb6a20b35c192d264bc4bb1fb4213dbb9a9a2c9748d53af762n/a Heodo
2022-01-15588477325540.xlsmxlsm 1f93c92652672883150a833d6bdfdf434bde9d61121c95b4a0b77740afa8479cn/a Heodo
2022-01-150867663_63589.xlsmxlsm 2966763dc88ba44de5f3aa8ff82addad4bb4b567bdfe60a067f169098258c418n/a Heodo
2022-01-15Y_5615.xlsmxlsm 20f452bb488539a7e3a4840a8ed88bff9a700b89e50439e71b40181a71ee604dn/a Heodo
2022-01-15ANABM_036861.xlsmxlsm 7a75b8d2c5567ef0c4fc7270b77c7deab2f2a81ea2f1b969f66d680a781b5065n/a Heodo
2022-01-15PT-46.xlsmxlsm 22f20d029b24272da77ea4b56a36a93a3f837d0d98cc207433d92f7eed14074en/a Heodo
2022-01-15bg-1653.xlsmxlsm 5225cb80d26dfdd86adfb738e4bd1db0465b96e113af141c8cbd9d0bf4dc1e45n/a Heodo
2022-01-1570602TEGDWSVZ_666984.xlsmxlsm db676ef714ea818edca3ff4a25da38808cbec2a6d7b944a237e44ad29d8932dan/a Heodo
2022-01-15779_48934111.xlsmxlsm 27e87e375006f747c439d7ee9faf69843cc289ff75a5eb062abbea47c57efcacVirustotal results 34.92% Heodo
2022-01-15241445ZQAQB9632056.xlsmxlsm d50cee0c37b5505705bfc80ada4886f885ef7a2d9ea5729f811645f9c49ffd01n/a Heodo
2022-01-1595860658925.xlsmxlsm d6d33e7076e3ff778ea32c349701dc2c599fc78d287883f2ad9c16a820386e37n/a Heodo
2022-01-15cyyIK16.xlsmxlsm 3abfe866becd4133977aa353ac9851353631d67be57d77cd85419f68a31b3f69n/a Heodo
2022-01-1567MYVUV_97.xlsmxlsm ac7bc114197f00db5cdc8220478ccee911aaa8a17481da2be5bd05e884c00b2an/a Heodo
2022-01-15423643_6583167.xlsmxlsm d23b6087f9c63fee7bf5d8e620cf88ca2c38fe8ee342deed923d705fa9b6d68cn/a Heodo
2022-01-15ttnkuxg-12451600.xlsmxlsm 7fc63e1724aca1d4d1d13512a6e3e950a54b7f44d426f8317d88d0744f986fd4n/a Heodo
2022-01-1539110-847631.xlsmxlsm a59149fcacf8a5c564f48dc446b7cef1203a0ab92fec9dead2b3645bb24d3e51n/a Heodo
2022-01-15vrMj264.xlsmxlsm b654e1b1f4906be1e6155ad03eba53894dfa66ba899732c7f4cacac7a98d1f6eVirustotal results 34.92% Heodo
2022-01-15kimk704244.xlsmxlsm b8121edc6cc2e93b9a7832beca7e11a32f3c0b8214816c8276a2d2eeec251050n/a Heodo
2022-01-15449354_16097058.xlsmxlsm c20613da92dc6c60ccdd38a6c41f069e973921e2e618c3e9b673480e0fdbe172n/a Heodo
2022-01-15AU-312775.xlsmxlsm f58905138f947e83a11dabe1d0fcacd0f6b6390a4b2c968f6de1e7f388ff5f1en/a Heodo
2022-01-15ARNMT_8.xlsmxlsm df3d1c9f634b214294ffb42adacb58b20d8aa9f35da387af12be4ef35556a1ean/a Heodo
2022-01-15N_47.xlsmxlsm f843518359dd39cc1adc8c717ca65addcc0803b0130440152c1a23923820ac9an/a Heodo
2022-01-1446-975.xlsmxlsm c7f2afe51337a22d7458aad225f6c867436b3c51c0897ddd6815294d8731353aVirustotal results 37.70% Heodo
2022-01-1432217-45515.xlsmxlsm 2a5d979303bbfb1841259d7d749dfbd18ede67591c12a1bf6226ee347e5987a7Virustotal results 36.51% Heodo
2022-01-1495294_3994.xlsmxlsm d2569a5701a8fc23468530b950ed661832ef6d909e2a1a921da07a879135f612n/a Heodo
2022-01-148823901-4815666.xlsmxlsm 269e9c81c482255515158bebf6c871afb18b879ac13cfcd7e9a22a6e6476423fn/a Heodo
2022-01-14752893128-8733.xlsmxlsm d9d89cefabc087af2be25fadd162ff8d73bc3cc83ed65bfa30cc860af14db3c8n/a Heodo
2022-01-1410_460.xlsmxlsm a51724da5a2c220ccb551df3d43ba4004b8231ff7848bc4058daf8477c56f75en/a Heodo
2022-01-1497688213349.xlsmxlsm 9847be420a77fa4d97933e016eb214a440c741157a2f13e93b2b770dc01954fcVirustotal results 36.51% Heodo
2022-01-14357NLTD_97121588.xlsmxlsm 013f28c036fa5af595b6c61d98cb6dc88cb8045194ef50facb59d481041c23cdn/a Heodo
2022-01-14NcBKR_09543.xlsmxlsm 21279987ba4135e6afcbc5527f9c26b7d4e3aec26aa1e1863d2e144edd7f7730n/a Heodo
2022-01-14606822706.xlsmxlsm d88d83fc565c556b4332a98efdf1c1eb765b0526e632d40c50f8f0bc75d30857n/a Heodo
2022-01-14NJN_23661571.xlsmxlsm 6c0e05648d4f157e4d9aaeaba27c463a21b4039a0a3ed03209a6c711b556e35cn/a 
2022-01-14WUJ_6.xlsmxlsm 87a33eb014251fbd3e80d9dce2bf789e0c1b579d59554f4efbdd3f6d78a6e57fn/a Heodo
2022-01-1406974834-805.xlsmxlsm 8e5f2412f3d12b279e75f2237ca109db4bcf1196f89e12bf331a48f4b7850668n/a Heodo
2022-01-1462998830SITTO_69445469.xlsmxlsm ef09ff5f022c6e6a1dbc2d46edece778a389d5074c01aa184fbcaf30fe35fa42n/a Heodo
2022-01-1405901705590.xlsmxlsm 01e7bf755c02b2a01e54ba0c464ce80a6e64a404a541e9fd46ac00fd1d3b22f2n/a Heodo
2022-01-14zyrse9575789.xlsmxlsm 4fca1c54e08fdaa16e2a0697f33e798e9dcacde746cc035fe595bdbf1822b2f1n/a Heodo
2022-01-14573413743-44522.xlsmxlsm c95f568471e97a600183f2a71c62c8c16c86552989bf03e2e1b9104282700689n/a Heodo
2022-01-1453102802_2808.xlsmxlsm ed0448141caba757e10c045d97e8593777ba7c60b8871b5871622b2b80ad1519n/a Heodo
2022-01-14867934393.xlsmxlsm 0d689f583f780d0dbd3e9197bac7b961ad20c2a5d4e0df322ec0308f43eac999n/a Heodo
2022-01-14WQXZQ_584402.xlsmxlsm 8af80399bba56ded76bb3e7373388d1354841bbea61dfab0094215403def66c0n/a Heodo
2022-01-14IMgQ_43860.xlsmxlsm 76e281e4666c4a90938595d81796364bfc4521ba33fddeecae09aa8fdb0c3b93n/a 
2022-01-14PX_130776112.xlsmxlsm 518ada94017758d7fc52e229e1470a4b5285da78a90d748232462647e910104cVirustotal results 34.92% 
2022-01-14KF_4358418.xlsmxlsm 6e3f7fbf88f0c06a06f7c3fa532eb76dc49819a18988ab866c98c246717e1e5en/a 
2022-01-14veksue_98.xlsmxlsm 2b25518c74a4620e944ebbb70b30787175d702d7c2b9dab5072d25bda750f042n/a Heodo
2022-01-1421TGLYBRGX194459.xlsmxlsm 689555499fd2dff9a85acca987cf63ecb004150fb9428e7336b11a90eed8a4a6Virustotal results 33.33% 
2022-01-144062_3459.xlsmxlsm fb51ebfd72054de8cbd7f74a05ce8d3cce650a9224c21504077cce9e86ae6fd1n/a Heodo
2022-01-14940575120-6884.xlsmxlsm fc35484b7ef1a18a7ceb82df9d86f0b80de2741cddc33c3fdb8d5a51ab630b1en/a Heodo
2022-01-14077163-538806.xlsmxlsm f3623a62008214216481fe10c617e9ca5a5c4c73017e1abd575cf48faf21078cn/a 
2022-01-147368983_0030100.xlsmxlsm 1205cb62fc6aa2332681d1cd2f1f626c67c13a8fd8bb2814ad1f0c474f72cf46Virustotal results 31.75% 
2022-01-145754412.xlsmxlsm c51b53b80e46faa2609fc03aa38720a82a939a25e4999abdd30b94a915ddc24cn/a Heodo
2022-01-14547503298208.xlsmxlsm a071e68277a7133cb48b04e16b3df8081238c690317747153fc4c48d7f508952n/a 
2022-01-1462757788_0696.xlsmxlsm 1d5a664f5ee71027f50ea0456755bd1285f2d04b4bbfbdb59389b49e9aa3f06dn/a 
2022-01-14STX_08581.xlsmxlsm 60373a2b7942416a3047d1724d055f1383105920170390683cf2e74aea7d632dn/a 
2022-01-14VINTZ-17643.xlsmxlsm 1e42138c4309e5be0268be8f2e1b3a5831f56b26749146dbfa02a7ccf863b3fcVirustotal results 33.33% Heodo
2022-01-14JGNN_9062241.xlsmxlsm 014ff5c82b7c1bdb0b30b6c7148eba05ceb93243f3a0611ff6ee6be8d29009a3n/a Heodo
2022-01-1415962FIVCKL_131360518.xlsmxlsm 6adebb1f908d95b0e98266710b732c600ff552131a6844031fc5417ea84615b9Virustotal results 33.87% Heodo
2022-01-1409044992-050535741.xlsmxlsm 38fae338f6c68c5cf6e80768b44a9286d484b36262b24c1766f66e76de463aafn/a Heodo
2022-01-14VE_78833395.xlsmxlsm 91d755374725859f64dc3160258cc1f6a2f04cb768b0da56e86e04511d57aca7Virustotal results 33.33% Heodo
2022-01-14J-7421.xlsmxlsm dd6f67bc6417791f565e1ddd1c550b3888a6673f3bc8d689ba259d955f373430n/a 
2022-01-14LDFWK_840648.xlsmxlsm 44f26e4d53adb8ef86a7002203ec875caaa24b24a0ae88d88eccb71c5b610b56n/a Heodo
2022-01-1435788_282.xlsmxlsm f36635fc524dee008c90bd6556c998119d281be4995e4a5fd140a69fbbfea36dn/aHeodo
2022-01-14451340_894.xlsmxlsm 4ec65acfeccdd87a918f6a5a09d569b4f8ec2553e67f558f432c89e3a2d0300en/a 
2022-01-14Xm_01.xlsmxlsm 1c183538db4d2feaec54995ab30b00d70fa772995b7afd8203198db1816e0664n/a 
2022-01-1421361533_894.xlsmxlsm ccaa6507919076a28b38c5b5e30d2091705e482d54aedc76bec5163d31e21fe1Virustotal results 33.33% Heodo
2022-01-143247170420425721.xlsmxlsm c10d40fd29ee12ca187becbe26e5d7f132695ffca909bf6013247c9146b71b81n/a 
2022-01-14817873_9.xlsmxlsm 4388bfb3d3bd1ca9b1fc3350e1a4b12fa5eb80e25003b4cf503e7613279e4aceVirustotal results 30.16% Heodo
2022-01-14365166078-64751648.xlsmxlsm 2a27ce2154d11dc966ffa667153ed128ea0b55eafd8cdd00ec37a4068ea6f5ebn/a
2022-01-14djgX_017751285.xlsmxlsm 31880b7b69938b12824c65ef7240304c054a61f2c4e62b7f596cafbad8b63eben/a Heodo
2022-01-14OX0577893.xlsmxlsm d2248407231158d69f414895bb9f2abc24b31d39c156c0f46e25a49fc0f6942bVirustotal results 28.57% Heodo
2022-01-1469424117EXWQFV-97.xlsmxlsm 033b712fd7d4d23cef910bf6ad4440c6e7c3d79f483b9d79ee72db130881a05bn/a 
2022-01-14KW8393.xlsmxlsm e431741ede2c4e1a83b0a6c32b22491dc3a339ff2bd6fbc65a790a1b40d9c504n/a Heodo