URLhaus Database

You are currently viewing the URLhaus database entry for http://heaventechnologies.com.pk/apitest/xrshVmcy0pb5CIgxfrE/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2122645
URL: http://heaventechnologies.com.pk/apitest/xrshVmcy0pb5CIgxfrE/
URL Status:Offline
Host: heaventechnologies.com.pk
Date added:2022-03-30 14:51:06 UTC
Last online:2022-05-12 06:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-30 14:52:06 UTC to abuse{at}dimenoc[dot]com)
Takedown time:1 month, 12 days, 15 hours, 43 minutes Bad (down since 2022-05-12 06:35:28 UTC)
Tags:emotet link epoch4 heodo link redir-doc SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01BW-488408193669675.xlsmxlsm 303c09084f427ef59bc3be795f3eca2fdbe4a953816cee78c711da6d57a944b6Virustotal results 42.86% Heodo
2022-04-01FFH-330947764.xlsmxlsm dcc6409e704780116523a3e6ca35edf1399b381568d26b6d0373d1d9e00be491Virustotal results 40.32% Heodo
2022-04-01YF-183730290340.xlsmxlsm 004f6c9fad398f8dda13f421a6faa1a78916ba04c3eabe988acd669f8cb1b112Virustotal results 39.68% Heodo
2022-04-01LIW-919932131507.xlsmxlsm 5270afd30069d36cee5d2bb013f3d1d7765e90cce7cb4d7244c92a62596f108dn/a Heodo
2022-04-01FXI-63449316.xlsmxlsm b25b9d420c3585bd014abd2e590a74feab98bbb0ee612c465a5e152b28c67e0bn/a Heodo
2022-04-01RL-416156613195.xlsmxlsm 3390185d81ea6becb7bb5c59f26400a3c75b99da77bd95eb76e9417ca984b4dfn/a Heodo
2022-04-01NNA-255771044616425.xlsmxlsm 7aadba6319e34f3f67650c7e4835b28bad03ae427d25c01860412b9180eb0d7bn/a Heodo
2022-04-01IG-15652473369.xlsmxlsm 8c3a1df0298f1bddbc6946c5ab191ef80476cf4a3a8cefe7493c189035d2f0cbn/a Heodo
2022-04-01FT-1898904.xlsmxlsm e99a1144b3f8e1ef8f39b170d03c0b95f551aef01c0f6ad02a526b61bdbd0442n/a Heodo
2022-04-01QWK-12265996.xlsmxlsm b42ac7850efc6c39b4c7db61d4be9a131d78b545eaaa868dab373c45bff2fd72n/a Heodo
2022-04-01RI-6301977375.xlsmxlsm e407f7217907368560ef28caf164f34190a5295c4c75afaaeea21386e8bed99cn/a Heodo
2022-04-01LFB-908636621161.xlsmxlsm 3d3d238ca4765fb46ab4acd05120295ee765c8788700ef65625607b08920bf9fn/a Heodo
2022-04-01WDU-6253325026839.xlsmxlsm 45a99040aab95ccb6eae75a169ae10f79883e11c53c29bc41ffffd0a329940cen/a Heodo
2022-04-01ZAR-3276359.xlsmxlsm 4c7b060bb7b1693ef3943692ce9c62204426393f9af92ca39c4c57e09b03cc25n/a c8fc17ff030feb3383d8889f69abbb
2022-04-01DKQ-91807644678.xlsmxlsm 73dc0a16c8430b50b28054c9e0b1e54cc8174554e7b63b4e2fa4be17c3cac1d6n/a Heodo
2022-04-01KB-054992153.xlsmxlsm 7865998de760d97246decb7fc619579d9389e6c2cdf72097738e48a74a0bafe2n/a Heodo
2022-04-01IS-959725167775175.xlsmxlsm 23c128385a0702939e1b4bd33875e38dc27cec42b5561f54859abaa962d2930dn/a Heodo
2022-03-31RS-10584784.xlsmxlsm 26505592fe23711a237d0af8fd2c3644b821bf8b9436bd5b92d3132815ba26b4n/a Heodo
2022-03-31UIJ-65715835171.xlsmxlsm 525f6667c0439d7c21905eb0aec33c64c4b4ee34d0f3896f67f5140927b44d90n/a Heodo
2022-03-31YF-1797562508.xlsmxlsm 5144b4176d2f9e56ad483565884642378be09039de1f2a353cb355c00dfa1894n/aHeodo
2022-03-31ZR-45482156338.xlsmxlsm 73a1d60faa31200f09f2567671137d6b5f9be02a97eec33fc20971d151d5c8f1n/a Heodo
2022-03-31ECI-6376833235820.xlsmxlsm ccd9dcb6dc115061ff6e011cb77ac0c73d785a23c2019aabe11eba9b7500b118n/a Heodo
2022-03-31GB-0365562986405.xlsmxlsm 10281dd74601704b43cbce7093951762bfb6cc0402f747ba01250b2ebc438c27Virustotal results 35.48% Heodo
2022-03-31PV-013082868439.xlsmxlsm c10cd4c9b699a22be539e47e16dbb91c80084b3afa570a9eb66c2206c3096b9aVirustotal results 40.00% Heodo
2022-03-31PK-94951085.xlsmxlsm 0e92cfd04405b8b597562761080285f19807c04c48c7278fe7632271ded41c3dVirustotal results 40.00% Heodo
2022-03-31JR-3398788155258.xlsmxlsm 9c234ce84ff77dfc1466c436eea9d46c50c3055c50f0029b81dba5052864f4ban/a Heodo
2022-03-31KFV-378126863586505.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31RP-244804480980.xlsmxlsm b034cfc88c6603dc0f5519ecba2dbba8c5382b26b8c25da23f8d40368ce8e7b5Virustotal results 33.87% Heodo
2022-03-31HF-22413772427.xlsmxlsm b5df411a9037fcd4dc6b3e92145aae14064c20edf7476a543c778bdb8af22600Virustotal results 36.51% Heodo
2022-03-31LIT-740650747.xlsmxlsm 575cdc6658b85600efd2d3c07f461b8adaeb0b181dfacfd318c0806e4915c95bn/a Heodo
2022-03-31BDH-5340740.xlsmxlsm 287f8b49b0107a7e303a4d327d34a8fe117d4696af06bb3bbd73d25e5a39270fVirustotal results 40.98% Heodo
2022-03-31CL-64931587323366.xlsmxlsm f869263419a75a1350a78400b9e3dd186488c7c76d299e7984af7e5e0c91d75dn/a Heodo
2022-03-31KZ-0427375.xlsmxlsm 764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590n/a Heodo
2022-03-31YDL-1444197582.xlsmxlsm ecfb46439586ddfd60ed5763f7b103d7487e94bf095208d8967dd838c5a68c27n/a Heodo
2022-03-31QZU-523590298441907.xlsmxlsm 30966974e86a66616cc16777afa85aae655f75123db0418c503c03e389091e69n/a Heodo
2022-03-30CMU-92449134.xlsmxlsm 39bbb570609ea300f9d959dcf23f2161043c6dedc230f97e7eab2388db651831Virustotal results 37.10% Heodo
2022-03-30MPT-74409309666068.xlsmxlsm 93629f0e94046fc0c1c1a2779a8e58d101136842695fc4ad3addbde6c7757dcdVirustotal results 31.67% Heodo
2022-03-30CB-954463746066088.xlsxls a14fb7f51582ec1f9af65f4300ff4dde6a99d12bd2b08f70863ca16d508c72baVirustotal results 28.33% Heodo
2022-03-30GVS-852377916.xlsxls bc8049d90da2c6ed214cd043d2d754a1f8fc802010a6367d5cac254aa1853a67Virustotal results 26.67%SilentBuilder
2022-03-30n/ahtml c8c28c56ae74c586c76ed9b3b4e910daa805d70594f17127d8fd05ed38709f87n/a