URLhaus Database

You are currently viewing the URLhaus database entry for http://hbaa.law/wp/SM42099/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1983502
URL:	http://hbaa.law/wp/SM42099/?i=1
URL Status:	Offline
Host:	hbaa.law
Date added:	2022-01-17 11:24:04 UTC
Last online:	2022-02-10 18:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	sugimu_sec
Abuse complaint sent (?):	Yes (2022-01-17 11:25:08 UTC to abuse{at}ovh[dot]net)
Takedown time:	24 days, 6 hours, 44 minutes (down since 2022-02-10 18:09:59 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-02-02	XFK_701764.xlsm	xlsm	5951f2e9692548b9221f83d17d2495b963300952539c88355ebb9a7357076104	47.62%	Heodo
2022-01-17	668272382.xlsm	xlsm	50cbe9118f2f994c659e087e8bcc79c4335a7b77644e2e55086ae9ef303abeab	n/a	Heodo
2022-01-17	80569_5.xlsm	xlsm	0f2531f6017dbdb8385b0b2243e836b999b88b204074a6d3fb2a59a92e7c9791	23.81%	Heodo
2022-01-17	HP201.xlsm	xlsm	bb129e52a34554610dab76d4c4ca56c04d62af6df6db2663fe68e8367805250e	n/a	Heodo
2022-01-17	jkx_9.xlsm	xlsm	8950d1ad9e167268737a0496f61a0ce8e1243b09f5f6a5fe06ee04f7b5b89e1d	n/a	Heodo
2022-01-17	63_92.xlsm	xlsm	3a8f3b99f34a569a677b366f37af5485668d556b85970cf76c6d0fb009b5b6b4	n/a	Heodo
2022-01-17	459353XUAYFJO_0409067.xlsm	xlsm	39875d1bd13a9725e4927c66b9446dfeaf91baa724b1a3ab6cffd030d63fcdb8	n/a	Heodo
2022-01-17	IBOW_65389.xlsm	xlsm	190219458719434f62500232bdaff2d64739f2794b857b90f740e4b4acc9199b	n/a	Heodo
2022-01-17	01401792_4.xlsm	xlsm	562ddc0012e73ed85326fa4e511d9d25b03fd9d6767e8dcc1b84df292dfff604	n/a	Heodo
2022-01-17	EOEIJ-948707.xlsm	xlsm	6bee685b8b324236eb8b115a9e45415d17156584fd6a5766b216655909a50f02	n/a	Heodo
2022-01-17	58-31.xlsm	xlsm	16298042b5073b61f8937b60ccb4efc10b28e4e0b2043383d0e07ff7d302ba7d	n/a	Heodo
2022-01-17	tdtw_75995.xlsm	xlsm	9fd076e3d8214023a2c4dd24dae3611c7d260f41db72dbf5eca2d37dc6cd25ef	22.22%	Heodo
2022-01-17	974130-395.xlsm	xlsm	509adf48f1d34c9f19758904a9ed30240a16ef34f64ea4e6ad4b28b9284c4fc5	n/a	Heodo
2022-01-17	FTYB_672430.xlsm	xlsm	c2e540d9d68762dd0d6b0e5fb6b71d8f01ed205e4b041a36edf232000bbd7093	n/a	Heodo
2022-01-17	BAQ-563.xlsm	xlsm	130a3440d27d5f57af151858f121b978fc0c8e09b553ab84b9ca65a3a891187b	n/a	Heodo
2022-01-17	xHSG-7712.xlsm	xlsm	6c7d0b65c32f54ee602ebbdb96d1112f99348bc1af781977328d531431c36b24	n/a	Heodo
2022-01-17	087657-65329.xlsm	xlsm	34a1b0b5d38a036c45fa73926dedfaff07606db3a238014cc94e799c8ec6bbfe	n/a	Heodo
2022-01-17	CR_770363.xlsm	xlsm	fc7606f8432f0726d5994b3cc3851d1fd0fdd15a9a376d66cf8d22d885fca2ca	n/a	Heodo
2022-01-17	W8272.xlsm	xlsm	94da71270fde1ac82e4f19eec9b474540390cc1866f491b7eb6cedea4ae1fa6d	n/a	Heodo
2022-01-17	12232-79376.xlsm	xlsm	532f03e76c61427a70bb8770f709a22d964a7a5bcbd7fe4ee417747f14987761	n/a	Heodo
2022-01-17	cq_569379.xlsm	xlsm	25d793cd75aaef43bbc1856a93ab45be96fb42063a96ed3a5bb6332c826345fe	n/a	Heodo
2022-01-17	104306_9.xlsm	xlsm	fbcbe1e47f074b616977ffe5aa2c083b39be92f726319a987d016ba8941edb64	n/a	Heodo
2022-01-17	UR8703.xlsm	xlsm	fee69d011e8cbfe4072a561b1b7332fc48687cc61f7277e26295843c1a3f16da	n/a	Heodo
2022-01-17	ByiZHQ_26.xlsm	xlsm	a26052fa2c65c7f6dad6b24d745c9bba1a040aab34b7a72623a016fbd79189ed	n/a	Heodo
2022-01-17	zrxek_31.xlsm	xlsm	8e8d1c3d3997e21e024c039b896efc13ded9351258763a0d5bb7d2fb578f87e3	n/a	Heodo
2022-01-17	O-8109.xlsm	xlsm	3cd21d1ab4cf52a40bf8e1af3d7ee588d88779d5a8a18c36a3245e413feaa465	n/a	Heodo
2022-01-17	95101089-55073.xlsm	xlsm	8d209fcf2f9009c909f1a62b0a87100c7bf3eccf9a61e853e0b1ff836bc21def	n/a	Heodo
2022-01-17	D_05.xlsm	xlsm	e572dfa20efb7fe613e7c6109441e73b9627f73182a87257c82c0d91bac1c2c1	n/a	Heodo
2022-01-17	09879-277985.xlsm	xlsm	baa2ed08258707eb934b19384846f3c9f8ad7c4f84c43bf18e4624a51f00d574	n/a	Heodo
2022-01-17	2491012-695.xlsm	xlsm	6b06f4116937e4ac8d663228e3a0fac9a024f5cfc2356afed999f320c5ed12b6	n/a	Heodo
2022-01-17	UQ_755031.xlsm	xlsm	cd10266dba86101c4ad9a523800ec7b6cf71e0be8aaf1bcdcd0645acbf6e362d	n/a	Heodo
2022-01-17	9581981311.xlsm	xlsm	75a2be267f5f14510539392c72273557934123014e1c9c0cc7ece689bb5dec04	n/a	Heodo
2022-01-17	14926.xlsm	xlsm	db4a998e0e404ff7a8795edb2198cca0903ec4cc2682cb2b09dcc3cdeaabcff5	n/a	Heodo
2022-01-17	59ZVBX_6048262.xlsm	xlsm	d57b0cb918fe26017b8a6d794c032b45e84a94cb0313742457e81e8fba677a0f	n/a	Heodo
2022-01-17	27AVOHIZY_404.xlsm	xlsm	2449eb351e345e1aa06b6dc0acf4f2eb4ccc8961568ad46cc5f188d0b990b685	n/a	Heodo
2022-01-17	O_8817014.xlsm	xlsm	c21c42734fc745a132026c1c45e006a4ce12072ba6d0fadedacfbd260c700694	n/a	Heodo
2022-01-17	8975497694.xlsm	xlsm	e7d07654ab4ed593855719a626ba94157b4a165dfed49672565111d4dc20c397	n/a	Heodo