URLhaus Database

You are currently viewing the URLhaus database entry for http://havnet.net/email/N0OiATFOaFT2IZg1aO50LfjAV/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2122780
URL: http://havnet.net/email/N0OiATFOaFT2IZg1aO50LfjAV/?i=1
URL Status:Offline
Host: havnet.net
Date added:2022-03-30 16:06:04 UTC
Last online:2022-04-25 16:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-30 16:07:05 UTC to abuse{at}positive-internet[dot]com)
Takedown time:26 days, 0 hours, 49 minutes Bad (down since 2022-04-25 16:56:17 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-04-01YBY-597489442356.xlsmxlsm b05ff21e7a696091a19661b1e82447f30e2dc4e663b94b03b42cdc022e393e19n/aHeodo
2022-04-01PG-9932865805.xlsmxlsm 534f4ab246459c91599d4d14e916a2f16707134075a5a88d897105a0e782632bn/a Heodo
2022-04-01FBA-1306822734900.xlsmxlsm dcc6409e704780116523a3e6ca35edf1399b381568d26b6d0373d1d9e00be491Virustotal results 40.32% Heodo
2022-04-01JGL-0620308.xlsmxlsm 7e16b96f674b1b3fa812fb1720851a37cb88e781ae92220bb858320fbe62c331n/a Heodo
2022-04-01UEE-9616262279.xlsmxlsm 17745afc954df41d2b3f49d96ab76cf85baef03d4b9acbeefb44401a89f5b9bfn/a Heodo
2022-04-01WM-372715897.xlsmxlsm f43408a5254cbcdcebadf6d4f5f4e2e7202cd88b8a6bb1ff62f5caf1bea5a0e7n/a Heodo
2022-04-01RJE-684462936572900.xlsmxlsm 81b6929fa5ca90e9e08f68e7aa10eeb6a557a65880ce71b3c4976a67f4e5aebcn/a Heodo
2022-04-01WB-65842731804.xlsmxlsm 1a8adefa7d083432f592ddc3797611b4e8076869a11177ebbdc1b5b6bc22982fn/a Heodo
2022-04-01YLE-33997665427.xlsmxlsm 2fff16868f10c6160310b0a347d813df22d0876f07b6d43eef2bf272eb84723dVirustotal results 40.32% Heodo
2022-04-01CYB-3532458.xlsmxlsm 872c806b2f7f3d9e9fa2365cf07997b152c6209d41197d5584295b3f3cbdfb70Virustotal results 39.68% Heodo
2022-04-01CU-430118525.xlsmxlsm b42ac7850efc6c39b4c7db61d4be9a131d78b545eaaa868dab373c45bff2fd72n/a Heodo
2022-04-01XFG-61876413.xlsmxlsm 05aecb805762b1c7cae04f8f46d0d43392d1b6e4880c93d82f69ef52d8dd2660n/a Heodo
2022-04-01ZCQ-5656045616.xlsmxlsm 4967f52b4eec67dedea5ef764a47c545db43f04f5b0f1355dfa16c8b8bc6e1e8Virustotal results 41.27% Heodo
2022-04-01US-0148001477.xlsmxlsm a7b2353e3cc7e51e65aae622e1a0f4c8ce1feb70c9a7e385cfbd056528c812a7n/a Heodo
2022-04-01TMS-00778464123818.xlsmxlsm ff29c4e7acfa113d826b2fcfcc5e8dea43a58a5db3ad37376750c95e58335050n/a Heodo
2022-04-01LYJ-9318083.xlsmxlsm 83e4fb679d6d1c0567ea98f4800afcb2f1b36a3d0515fa429f17ba52984f6cbdn/a Heodo
2022-04-01LF-420804847.xlsmxlsm feaefe1adc1f1f9a68bd8211b8c2f3c5e76ee4fcacf1d2ed3336a04de96fcfa2n/a Heodo
2022-04-01PCH-34438939149582.xlsmxlsm 23c128385a0702939e1b4bd33875e38dc27cec42b5561f54859abaa962d2930dn/a Heodo
2022-04-01EH-062971738.xlsmxlsm d17e95fb87ae8a3011b050d5c9c089f3bc06fddd1a61feb4812380e96b541e73Virustotal results 46.77% Heodo
2022-03-31NVC-09317947306.xlsmxlsm 5fb54e96fe17c395fa69dc06933558b083ae9cfb1391218f12c539c2645a8311n/a Heodo
2022-03-31ZK-1563118.xlsmxlsm 65d9f4ae7d90232314fd04917e53e9f4e2a214ec3670daad35bd2f51fe9a45d7n/a Heodo
2022-03-31UXZ-47648655185.xlsmxlsm 73a1d60faa31200f09f2567671137d6b5f9be02a97eec33fc20971d151d5c8f1Virustotal results 38.10% Heodo
2022-03-31JGI-663465457.xlsmxlsm 10281dd74601704b43cbce7093951762bfb6cc0402f747ba01250b2ebc438c27Virustotal results 35.48% Heodo
2022-03-31CYC-886707689109614.xlsmxlsm c10cd4c9b699a22be539e47e16dbb91c80084b3afa570a9eb66c2206c3096b9aVirustotal results 40.00% Heodo
2022-03-31FQ-0061197878.xlsmxlsm 317b14af792a2e4b877fd65cd6dc1cdceaf3d9573dcc1cf673e5008d38f7b6caVirustotal results 35.59% Heodo
2022-03-31ZL-156989349878.xlsmxlsm 48f3f48c930933448b555efe67aa364e098504f2273ec2a4792803cb4a21b8bdVirustotal results 40.98% Heodo
2022-03-31FA-6962492543950.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31MH-18150551129.xlsmxlsm 62ab476e343b12678cf4018d6d930dd8a13ca58be794dcc0cd82e693a7ed2962Virustotal results 36.51% Heodo
2022-03-31HLX-616225304849.xlsmxlsm 5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366n/a Heodo
2022-03-31QNL-375292952.xlsmxlsm f88eb7101fdc0fe20190969ec3bb4651bf4f270d9a9636d6c1e1a84ae46a9cd6Virustotal results 37.10% Heodo
2022-03-31SK-5228763296520.xlsmxlsm 30deb7a7086f74317285271a2e26e40dc43b461a1a77c77480ea742b02cbe51fVirustotal results 38.10% Heodo
2022-03-31OTT-8101242021998.xlsmxlsm 265f4ce97b8c4a17c8f27359496edc3f97e2e6926a267fba16797dd5c6e3a70bVirustotal results 40.98% Heodo
2022-03-31DMD-694786608.xlsmxlsm c91108a630fb89be6e53e693ea5240bc7be18d74be099b965d92647bd239c6bfVirustotal results 38.10% Heodo
2022-03-31PC-11438832494449.xlsmxlsm 0c71f0ce426be3dfeacb36cfb08349362327fa6041d1669a1d2ef8b1110bfab3Virustotal results 36.51% Heodo
2022-03-31SNW-668952915638340.xlsmxlsm 93e06d8850641586fe31c662da490f8ff442f4f86021f50799e1174dcace1f72n/a Heodo
2022-03-30CTN-884231902818.xlsmxlsm ccf8147ef96ae47288019a25336c2935e73d2e06b8fe73823e3596fb1596ba8dVirustotal results 39.34% Heodo
2022-03-30VT-67980372.xlsmxlsm ae3937925f18c7db77b2fd19394cb114cb460741dfa2b7c5bd10de9c5c2e35fdVirustotal results 33.87% Heodo
2022-03-30GH-4863126986.xlsmxlsm a635724502ddf792c6bc78f232c678f559b02ac1baa5cb61f924b6d2d7aeccd0Virustotal results 39.66% Heodo
2022-03-30ZUF-8732127852010.xlsxls f3101b6d16751623f8a025bfbf75ae9a32c68b534dccbab4452ee72a9fbe0f5fVirustotal results 28.33%SilentBuilder
2022-03-302561356899.xlsxls 6edf2bbc238af34d4d9a013d6ae99ec1a1df41d15caa4bf4e90ec5fd50ac19eeVirustotal results 28.33%SilentBuilder
2022-03-3020838757001.xlsxls 0d2f6209d514a862d07974e11e6722888d1e7d63c2dfdb6777f734929b6e5aaan/aSilentBuilder
2022-03-302832032798341521468.xlsxls 4e0a9b8c7357af385134a483ebdb1110fc2d43a2714955e78483337ae1e3e3a1n/a SilentBuilder
2022-03-30314017701569.xlsxls 21cd95fb4f71525407b37a901590819a18d24ca48bd6b8f7170ff423e780dd4bn/aSilentBuilder
2022-03-30244898701418.xlsxls 89c9bba23213aec7d1d4ddbe14609b0d215e72dccc6c1d13444ec507d57c142en/a SilentBuilder
2022-03-3017677474421038800.xlsxls 2bfc4e240493a3e6546009b4db75783b3867e2e22f96a077c58853b516bb8da8Virustotal results 21.43% SilentBuilder