URLhaus Database

You are currently viewing the URLhaus database entry for http://buld.ru/yElYL-uCgY_nUfZeq-8d/848018/SurveyQuestionsUS/Important-Please-Read/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry




ID:103899
URL: http://buld.ru/yElYL-uCgY_nUfZeq-8d/848018/SurveyQuestionsUS/Important-Please-Read/
URL Status:Offline
Host: buld.ru
Date added:2019-01-16 05:12:12 UTC
Threat:Malware download Malware download
Google Safe Browsing:Clean
Spamhaus DBL :Not listed
SURBL :Not listed
Quad9 :Blocked
AdGuard :Not blocked
Reporter:@Cryptolaemus1
Abuse complaint sent (?): Yes (2019-01-16 05:14:35 UTC to abuse{at}reg[dot]ru)
Takedown time:4 hours, 2 minutes Good (down since 2019-01-16 09:17:11 UTC)
Tags:doc emotet link epoch2 heodo link

Payload delivery


The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTSignature
2019-01-1662447668373773277.docdoc 9b8d80b18ce7849e7be22615a192ca30f4cd2bafee6adb7b26ffb78a6ae548f5Virustotal results 17.24%Heodo
2019-01-16US794212337855.docdoc 512ec5b03376581c8ee4c65e21e9b2e9966017551c28a76310729ff44d661a52n/aHeodo
2019-01-16PAY6303740464121395.docdoc f6d3c9abc6ddb2a5b0b88f1b0737f4c2d25febbea2822c411ab8fdcda2e0734eVirustotal results 16.95%Heodo
2019-01-16US418804238912898.docdoc b01700c2715b92973f8a54a9f478d269c98f065cfe14e43f3cdb6eeda77e504fVirustotal results 16.67%Heodo
2019-01-16ATT771531231457018.docdoc e01fd8b0d49aabbdd6506dac67eaefb794ef6e6a3e8e6db8ab9314017b4fb000Virustotal results 18.33%Heodo
2019-01-16PAY4981765543468415.docdoc 9b2a3d826b621706a832ca9b8c8cfecbcaa0f182565faf46b5fb6c137e223e01n/aHeodo
2019-01-16US39591760724363347.docdoc 88bd59d5cbdaa89a919961ef9c2af7cd643844100a4c36e0775e85286a1c4f71Virustotal results 21.67%Heodo
2019-01-16US939568717875358.docdoc fb3f9c2fa4da38083e182a4dc9f941a7b8b4f23f4da3bed7c51aea64c6ba6b16Virustotal results 21.43%Heodo
2019-01-1635608869735910.docdoc 851f42b2bc5cd34e97fcd6f72e11a58b49cb66e3482ac0cd4faae086d530be5fVirustotal results 15.79%Heodo
2019-01-16US54852505937.docdoc 13f1cfc8b58ac4d9b8f02df492eaae39d09318798eda093ef6954bf2788c10fen/aHeodo
2019-01-16ATT9055892347885885.docdoc 4fb0a7b276294ff5e3b63a47928915d35fd1ace3aea908c2d23d0f6a42f8b3a7Virustotal results 21.67%Heodo