URLhaus Database

You are currently viewing the URLhaus database entry for https://xn--12cfk3cebpobe3c8aogidb2a4tc9a9cf9bxpydufndih9f.com/wp-includes/FMJzuWmM/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1912039
URL: https://xn--12cfk3cebpobe3c8aogidb2a4tc9a9cf9bxpydufndih9f.com/wp-includes/FMJzuWmM/
URL Status:Offline
Host: รับตัดต้นไม้เคลียร์พื้นที่รกร้าง.com
Date added:2021-12-22 22:33:11 UTC
Last online:2021-12-23 10:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-12-22 22:59:37 UTC to ip_admin{at}csl[dot]co[dot]th)
Takedown time:14 hours, 1 minutes Good (down since 2021-12-23 12:36:56 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-12-23194689695844364.xlsxls 92fb9cc8f01c849cd02bdeebd46696fe241bbcebde3fde3812b5e2750d28d279Virustotal results 25.00% Heodo
2021-12-232866953.xlsxls b19d930f6c3ffbba5422d62c048421f85ed5625fcb1ba52277e402104ec74988n/a Heodo
2021-12-23329216186153.xlsxls 4844d06a5beb96371f8eff71f3f0e1523d870056cade9341971938c7253ae8f0n/a Heodo
2021-12-234210691.xlsxls 435a3b34c0bd974f368bce0cc95457050f3e727c580c104534377c66edfc8ec2n/a Heodo
2021-12-2325815937370391.xlsxls cccfc20f200c0af867f7557dcab45bbfd82ffc96adee9277a7aecef0a01282d1n/a Heodo
2021-12-2306639153208612.xlsxls f9d1b2ac0446fed5d00c61bf9767fba85018d86908c3a74398d4f2c30f3d080fn/a Heodo
2021-12-23906025597129.xlsxls 38b0a1134b4dbc0535e2af788c285b2a9a920118a4c467b12de6841242437041n/a Heodo
2021-12-2302889758255263.xlsxls 9f16e116a70060507f773bc94da066aed1c061ee297187782804cc292e0bb11dn/a Heodo
2021-12-23920711705.xlsxls a830905d19c1b1a262f5b6484dcbf74166b52e6742b363f5049fa03cec849557Virustotal results 25.86%Heodo
2021-12-2301044373.xlsxls bd1ddfbb2390d5865299be2f8da009b582da2c9aab723d7e0f5f6077b692de14n/a SilentBuilder
2021-12-2330357585130.xlsxls ef628739521d7af4df6459f02442985d4a9a3f122cd55c98540bb3a1d648cae5n/a SilentBuilder
2021-12-2316046639319600.xlsxls 2c082f893abab3d5123d930a0b32e95cc1fd5876dcf862ee0238c49eaad3bed9n/a SilentBuilder
2021-12-23425743570434928.xlsxls 11bacde63fd95e99c4061fabbba6c504fa4e782eb0923513bb8e6433857ada23n/a SilentBuilder
2021-12-236746826789.xlsxls afdbed432f0ebb3f625b0c3be873ecf66dadcf498552b4fd9bd6e9f2344c268en/a SilentBuilder
2021-12-2384162667447.xlsxls de7de9765eabead5bd6377dc654014f8f40d0db4203a42f4dd041590306627fen/a SilentBuilder
2021-12-23670209200248.xlsxls b4fdc798e4c49df58164144b8bc115b1f9757ee3ca92832554dd921e65ea5e24n/a SilentBuilder
2021-12-2350907265.xlsxls d518f3288658ae304b6cf729edc4df00aa31c18bc6ddf5586518d077bab48b71n/a SilentBuilder
2021-12-2363971973.xlsxls a36fe3a855e95e22df1200bc1678183cf6e56215d765ae39d4e7728cad9971c6Virustotal results 20.34%SilentBuilder
2021-12-237997797.xlsxls eec031da304539d9cd2d1107b8ac16fb8415662f96b8b979c103d3ea4c780accn/a Heodo
2021-12-239710099.xlsxls 52a5a4d7c1aa0abcc55b9f88a4f0879c142237774c175dcb7f448f08561ce2b6n/a SilentBuilder
2021-12-238208384758149.xlsxls 9d9089bcf08e495632926e8d6fb4f627120ac5234491a4b5b381859b2723ac12n/a SilentBuilder
2021-12-2347973739.xlsxls 388718aeffcd0ca8303035764e58b3ee102812707fb2537f7676ef821b1bd57an/a SilentBuilder
2021-12-2390262901437.xlsxls 3ec8692a3495e85f60bcd436beaf96a2626f10da6ab4c46f545168f92d2d06f4n/a SilentBuilder
2021-12-230526949.xlsxls ff86eb3305c0520dd0fa6cecb08120a60af4352e065e5cfce7cff30eeb0259efn/a SilentBuilder
2021-12-2323690444.xlsxls 9fbef3bf291c5ce45854de786b83be78d6d79172da8f3dfddc8c752dbf5390bfn/a SilentBuilder
2021-12-232416510.xlsxls bb1f500a59544aa8e44a0377cc506dfbebca1ecb7a8c73dc72d3268803976ff5n/aHeodo
2021-12-23494124761.xlsxls 2f27f733dc8f8f0fbd78adc150ebb307d25a7a94e8e7c0e3f4430277228ee985n/a SilentBuilder
2021-12-239133950639048493.xlsxls 64fd394081f3e12eecc37b1b20d6b540ca8dcd22dc6cf673c289db5b71e52644n/a SilentBuilder
2021-12-23978647404373.xlsxls ae5e102eaa17097cc093b588917e66039bdc369f7b3a8945315ff9a079598e36n/a SilentBuilder
2021-12-23105907292400.xlsxls 46549909e329faf4ef851f602d8c1091c253897e0292ae05d83b73da7914077en/aSilentBuilder
2021-12-230024384477580.xlsxls fbb0cc09d355c9dc86dfd388b1ba518fa033f164d9fd7d7c153569d634c2d344n/a SilentBuilder
2021-12-23347395023.xlsxls a77fdd8caa031879de1d7b1219b9699cd855f89cab181b1288263dc2b9aa46aen/a SilentBuilder
2021-12-231247353384.xlsxls 36e9b3190a9f5aaa096db55662e3b86f587c3437ba1171e3ce4989738ce3a8b3n/a SilentBuilder
2021-12-2304354421.xlsxls d58f6338b65915d66827a3760075350560ec2789c74cc1b5e6720c1b4ea1fee6Virustotal results 11.86% SilentBuilder
2021-12-236641449627233019.xlsxls cd4d619ab506aae0783d235a65a5ea81ecf24e23ff0aa826290204b32d09312dn/a SilentBuilder
2021-12-222418101443774.xlsxls b2b44b7062a6cdfb2cf542803949ac33f58e3771be2a1317b1e45563708b76cbn/a Heodo
2021-12-22886570021090.xlsxls db92f422b8f88e6dd2cc9cdd5a44b484dd285b5c96be3dd600f8bc6930e4d067n/a SilentBuilder
2021-12-22329987312280.xlsxls 9d1405bee9fa9e4c7da304d8881c0bd2b48dff6f44dc851647bfbe60865df1bfn/aHeodo
2021-12-22843677684074466.xlsxls 0e3ea94e49a4691e4d6b0c77b3b6b80ab109d41b4a605d0b010131a1cdd2a80en/a SilentBuilder
2021-12-229156209458331058.xlsxls a1b3ca2239e199f15779dcc54004b69e3413b89b0fcde2494fac1fdb7197f7adVirustotal results 8.47% SilentBuilder
2021-12-2274587203024934.xlsxls d3c5ba78fbe36732919124da26dcfccb7f122d30033d709ca02b48d4d7f41bdbn/a SilentBuilder