URLhaus Database

You are currently viewing the URLhaus database entry for https://xn----dxfcb0dpc9czaq0a0b1aj1dxcfb3fwgna1b5hpb2h.com/wp-includes/UI7LCyrpzZQvk5Xjl5M3gyQ9kb4z/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1911926
URL:	https://xn----dxfcb0dpc9czaq0a0b1aj1dxcfb3fwgna1b5hpb2h.com/wp-includes/UI7LCyrpzZQvk5Xjl5M3gyQ9kb4z/
URL Status:	Offline
Host:	เอ็มบีที-โซลูชั่นเซอร์วิส.com
Date added:	2021-12-22 21:41:10 UTC
Last online:	2021-12-23 13:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2021-12-22 22:59:37 UTC to ip_admin{at}csl[dot]co[dot]th)
Takedown time:	15 hours, 26 minutes (down since 2021-12-23 13:09:31 UTC)
Tags:	emotet heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-23	20272045137.xls	xls	081ba0d2825548ebed528cadc5c597819690cbb0a93451d15bfd71aa089f278c	30.00%	Heodo
2021-12-23	3984370301298.xls	xls	06a7f7a6296b774253c7bc810254dac777e521daaef2ee031849b9194c635529	25.00%	Heodo
2021-12-23	53499333344.xls	xls	296e3773821633c66d27b4c4438ec9ae76ee2cad7fc00a9f6b852394ca2b1a41	22.41%	Heodo
2021-12-23	991906544229.xls	xls	99ed0d39c05e7f5c0495b4112cdf0cbc2fe07e88066b644524f134b0450a87cb	n/a	Heodo
2021-12-23	36945048.xls	xls	bf9c5da5a619725b7e1236035d41d5bfd7d3aa3d88d0be766d31deafc00bf5b0	n/a	Heodo
2021-12-23	222242738191.xls	xls	6f83a6ead72ff0d14bb2a3d7b8eb3db5f845be37678dc1577f8aa199b4aeab22	n/a	Heodo
2021-12-23	3297499.xls	xls	0e32a98533816d8ab208379bcabce2d48d062e0de5cc36835e883bdf74bfdbe1	n/a	Heodo
2021-12-23	80490424147862.xls	xls	3f281c52f76f37ec6c7af45149aa8ee290cc1a5c57589290447e8cb2a4bdce9d	n/a	Heodo
2021-12-23	0491475.xls	xls	4393bf49903e8d699fa450df1c35c2bcaf3d6669c092433f7f788f7214c64f9b	n/a	Heodo
2021-12-23	5276359761.xls	xls	435a3b34c0bd974f368bce0cc95457050f3e727c580c104534377c66edfc8ec2	n/a	Heodo
2021-12-23	239641234662009.xls	xls	cccfc20f200c0af867f7557dcab45bbfd82ffc96adee9277a7aecef0a01282d1	n/a	Heodo
2021-12-23	325579345982.xls	xls	f9d1b2ac0446fed5d00c61bf9767fba85018d86908c3a74398d4f2c30f3d080f	n/a	Heodo
2021-12-23	46696781782034.xls	xls	38b0a1134b4dbc0535e2af788c285b2a9a920118a4c467b12de6841242437041	n/a	Heodo
2021-12-23	1483021397807848.xls	xls	0d8f1e5757e420044664a67e1605ac8c6c3d86b2db074dec26bfcea1a22b8cc6	27.12%	Heodo
2021-12-23	82355591.xls	xls	a830905d19c1b1a262f5b6484dcbf74166b52e6742b363f5049fa03cec849557	25.86%	Heodo
2021-12-23	7022402.xls	xls	bd1ddfbb2390d5865299be2f8da009b582da2c9aab723d7e0f5f6077b692de14	n/a	SilentBuilder
2021-12-23	206176686.xls	xls	fa2dbb22999bae5686e353cc57b1b76fe79d4181c5f8360a6325f643deeaec3d	n/a	SilentBuilder
2021-12-23	0892258.xls	xls	2991e95d6d3b92341bd33e2c9dc75dab521b1e38be10120fdc3e542ee4eba881	n/a	SilentBuilder
2021-12-23	08381554546747.xls	xls	11bacde63fd95e99c4061fabbba6c504fa4e782eb0923513bb8e6433857ada23	n/a	SilentBuilder
2021-12-23	758882574.xls	xls	0934d436a87cc83e019e9ee2949ead8c647bb4c26738be5c91f568dd6f023c2c	n/a	SilentBuilder
2021-12-23	690927966547.xls	xls	f43334acc07f6a013334b7399e0e4ce391fbfd6a73dd40daf68397d1de426731	n/a	SilentBuilder
2021-12-23	1220296.xls	xls	b4fdc798e4c49df58164144b8bc115b1f9757ee3ca92832554dd921e65ea5e24	n/a	SilentBuilder
2021-12-23	5296404979583.xls	xls	b7c6a3d65ca7c2fe92b81b8271ebf8d781a8e17295133aef89864ff6cc0db08c	n/a	SilentBuilder
2021-12-23	6600755810.xls	xls	a36fe3a855e95e22df1200bc1678183cf6e56215d765ae39d4e7728cad9971c6	n/a	SilentBuilder
2021-12-23	93920073925834.xls	xls	eec031da304539d9cd2d1107b8ac16fb8415662f96b8b979c103d3ea4c780acc	n/a	Heodo
2021-12-23	900429050723596.xls	xls	3872c321886be0e22e3063113e957978408eab0ed39b6430dc5b94e0fe7caa5c	n/a	SilentBuilder
2021-12-23	40044273768629.xls	xls	70d0d557db77f8eaa47a791d85e5323c02a9e1628fabcaa29836bf3d8b877390	n/a	SilentBuilder
2021-12-23	859125897606.xls	xls	f76190b18d28381afc2abcba75ae59ed1d8f25fcb03df777dbe0da1eaf1d3fe1	n/a	SilentBuilder
2021-12-23	49733951506951.xls	xls	a74a6a8140c11fc076d82f4a808994b267aaa839b9076dd2bae14909922e7efd	15.25%	SilentBuilder
2021-12-23	8920444342007072.xls	xls	1aa52da08de6b2732f449f29515ec792060270972541fe18d3494b4dd4779c7e	n/a	SilentBuilder
2021-12-23	2684155358664.xls	xls	0025199852ca978ef7bce4aaff59fbfa4b7bba5e1a1a0ce30eadfe03665bed22	n/a	SilentBuilder
2021-12-23	12940049089319.xls	xls	22f3dd823009e3b1c3547eaf2ae78c54fcb499e4a0055c5db099ea28bdea93ac	n/a	SilentBuilder
2021-12-23	622425373166362.xls	xls	f2103aadb258b32c6b334b37a3c7d9d34e6ccf93e46cff50be69c9e6c5f4eaef	n/a	SilentBuilder
2021-12-23	638424447.xls	xls	7ab793a1270a4fb7bd09fb7de0de1e7b5888d779d754cad8c37e66f9c67324d3	10.34%	Heodo
2021-12-23	516328936174879.xls	xls	c835ed1a6caf23a3b743904304bb129af57cdde25b5bda909b79c8403f26ec8f	8.62%	SilentBuilder
2021-12-23	82398258.xls	xls	46d6a384fe1773327c74c5e6daf03b4e1346cfef7e79d6e16045eccea064acde	n/a	Heodo
2021-12-23	3844735.xls	xls	fbb0cc09d355c9dc86dfd388b1ba518fa033f164d9fd7d7c153569d634c2d344	n/a	SilentBuilder
2021-12-23	3375351965.xls	xls	c7f887f62cc9dfe2d1671f88ad3a5ffff3aeb616d0cc417794417ecb8eb2e2a6	n/a	SilentBuilder
2021-12-23	9109083.xls	xls	bfba685c79afbf6e71cfa6d89ee8b0c7e87673c4e33556b6eb5fb2852830b480	n/a	Heodo
2021-12-23	7092621.xls	xls	27f8caadd89e37f700e1f7d559e30ab71197ebd6ee61c11a47cfb196022f1181	n/a	SilentBuilder
2021-12-23	300187753.xls	xls	71ce4d2a61218d2eb7aa64f6eb54ee882b91858a6637b249236ba2311306a47a	n/a	Heodo
2021-12-23	94421570544.xls	xls	cd4d619ab506aae0783d235a65a5ea81ecf24e23ff0aa826290204b32d09312d	n/a	SilentBuilder
2021-12-22	5821130.xls	xls	b2b44b7062a6cdfb2cf542803949ac33f58e3771be2a1317b1e45563708b76cb	n/a	Heodo
2021-12-22	9423066132.xls	xls	782ce88a29e9dd5110563619aaa8f38aaadee5e45274bffa62cbb9add8c268f7	n/a	SilentBuilder
2021-12-22	3961828060497938.xls	xls	a18e4bb956b6b38e27093989c5216b66d255179e4ee3a202b512cb1c2978d30b	8.47%	Heodo
2021-12-22	5334808.xls	xls	8198d38eec5db0d3d520fbd8134884815417db8678630b611fee32b88e02950e	n/a	SilentBuilder
2021-12-22	68098318.xls	xls	4bc82c0fffc76a0de6a0c01538814e95761bf7a623aca56f4c09e08ee1a35dba	n/a	SilentBuilder
2021-12-22	2609331.xls	xls	b080439aaf1036ac2d617cf00fa4021e336c9083d60c134a371f33705d040da7	n/a	Heodo
2021-12-22	95376286341.xls	xls	42b1a56d963f34383be3599330ecc37c2d003379e082fda309f2648189091cf6	n/a	SilentBuilder
2021-12-22	866908278447.xls	xls	74b0a40422f59f58409cb66005be0bff31a108460ca83d61ca0a28818ebfe8b9	n/a	Heodo
2021-12-22	0451774174183431.xls	xls	feeac990622d076845452171c5e728463e91f6aef7a9377e30b9584608c6c384	8.47%	Heodo