URLhaus Database

You are currently viewing the URLhaus database entry for https://tripthaithai.com/cgi-bin/BFcXshRsIWIdbZk/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1912129
URL:	https://tripthaithai.com/cgi-bin/BFcXshRsIWIdbZk/
URL Status:	Offline
Host:	tripthaithai.com
Date added:	2021-12-22 23:15:12 UTC
Last online:	2022-03-10 23:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2021-12-22 23:17:38 UTC to noc{at}premianet[dot]com)
Takedown time:	2 months, 18 days, 0 hours, 4 minutes (down since 2022-03-10 23:22:24 UTC)
Tags:	emotet epoch4 heodo SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-23	58454178.xls	xls	9f16e116a70060507f773bc94da066aed1c061ee297187782804cc292e0bb11d	25.42%	Heodo
2021-12-23	27929977.xls	xls	0d8f1e5757e420044664a67e1605ac8c6c3d86b2db074dec26bfcea1a22b8cc6	27.12%	Heodo
2021-12-23	4119948218406.xls	xls	3b448a4902f9e1d985beaa5989d261c52da7386dc56af861f0bf19aa28a0b235	n/a	SilentBuilder
2021-12-23	09096044467.xls	xls	4d8d170d7e4981f57bc7f628b4ac01800a7c97e9edc66396e79bb788781ee407	n/a	Heodo
2021-12-23	66808533906.xls	xls	ef628739521d7af4df6459f02442985d4a9a3f122cd55c98540bb3a1d648cae5	n/a	SilentBuilder
2021-12-23	900619243398.xls	xls	2991e95d6d3b92341bd33e2c9dc75dab521b1e38be10120fdc3e542ee4eba881	n/a	SilentBuilder
2021-12-23	242875026248.xls	xls	11bacde63fd95e99c4061fabbba6c504fa4e782eb0923513bb8e6433857ada23	n/a	SilentBuilder
2021-12-23	58076075280357.xls	xls	0934d436a87cc83e019e9ee2949ead8c647bb4c26738be5c91f568dd6f023c2c	n/a	SilentBuilder
2021-12-23	2674620928186.xls	xls	de7de9765eabead5bd6377dc654014f8f40d0db4203a42f4dd041590306627fe	n/a	SilentBuilder
2021-12-23	35686829.xls	xls	b4fdc798e4c49df58164144b8bc115b1f9757ee3ca92832554dd921e65ea5e24	n/a	SilentBuilder
2021-12-23	5600329.xls	xls	d518f3288658ae304b6cf729edc4df00aa31c18bc6ddf5586518d077bab48b71	n/a	SilentBuilder
2021-12-23	506316627.xls	xls	a36fe3a855e95e22df1200bc1678183cf6e56215d765ae39d4e7728cad9971c6	n/a	SilentBuilder
2021-12-23	6449525122112.xls	xls	35be18251c8a0a0f21b6db45c2238f65f17a18168556f31e146652496bf60926	n/a	Heodo
2021-12-23	9948421647238213.xls	xls	3872c321886be0e22e3063113e957978408eab0ed39b6430dc5b94e0fe7caa5c	20.69%	SilentBuilder
2021-12-23	63390458.xls	xls	70d0d557db77f8eaa47a791d85e5323c02a9e1628fabcaa29836bf3d8b877390	n/a	SilentBuilder
2021-12-23	130290068745.xls	xls	f76190b18d28381afc2abcba75ae59ed1d8f25fcb03df777dbe0da1eaf1d3fe1	n/a	SilentBuilder
2021-12-23	94218622.xls	xls	3ec8692a3495e85f60bcd436beaf96a2626f10da6ab4c46f545168f92d2d06f4	n/a	SilentBuilder
2021-12-23	643838468577.xls	xls	ff86eb3305c0520dd0fa6cecb08120a60af4352e065e5cfce7cff30eeb0259ef	n/a	SilentBuilder
2021-12-23	597464357.xls	xls	9fbef3bf291c5ce45854de786b83be78d6d79172da8f3dfddc8c752dbf5390bf	n/a	SilentBuilder
2021-12-23	28367204817237.xls	xls	3800d681c53d137034ff44b7e95a3065379f905a7f3f85733d4550739afe9772	n/a	SilentBuilder
2021-12-23	7761595.xls	xls	2f27f733dc8f8f0fbd78adc150ebb307d25a7a94e8e7c0e3f4430277228ee985	n/a	SilentBuilder
2021-12-23	10795081.xls	xls	64fd394081f3e12eecc37b1b20d6b540ca8dcd22dc6cf673c289db5b71e52644	n/a	SilentBuilder
2021-12-23	99186535.xls	xls	fc427adb111a2cdd28c3799b619887f125d8c79900419fdd0918cb4f09084ab9	n/a	SilentBuilder
2021-12-23	25009969.xls	xls	c835ed1a6caf23a3b743904304bb129af57cdde25b5bda909b79c8403f26ec8f	n/a	SilentBuilder
2021-12-23	219362620998945.xls	xls	46d6a384fe1773327c74c5e6daf03b4e1346cfef7e79d6e16045eccea064acde	n/a	Heodo
2021-12-23	4580482.xls	xls	5eb66d76f40bfc2a8b27ae16d451f2f8c3eddb77bf14e8fa7006f0d7ed9925c2	n/a	SilentBuilder
2021-12-23	4895110232621.xls	xls	a77fdd8caa031879de1d7b1219b9699cd855f89cab181b1288263dc2b9aa46ae	n/a	SilentBuilder
2021-12-23	209449023646.xls	xls	36e9b3190a9f5aaa096db55662e3b86f587c3437ba1171e3ce4989738ce3a8b3	n/a	SilentBuilder
2021-12-23	92774120189.xls	xls	d58f6338b65915d66827a3760075350560ec2789c74cc1b5e6720c1b4ea1fee6	n/a	SilentBuilder
2021-12-23	32610234405946.xls	xls	cd4d619ab506aae0783d235a65a5ea81ecf24e23ff0aa826290204b32d09312d	n/a	SilentBuilder
2021-12-22	54808059388.xls	xls	b2b44b7062a6cdfb2cf542803949ac33f58e3771be2a1317b1e45563708b76cb	n/a	Heodo
2021-12-22	5413482763749981.xls	xls	db92f422b8f88e6dd2cc9cdd5a44b484dd285b5c96be3dd600f8bc6930e4d067	n/a	SilentBuilder
2021-12-22	9567040509578376.xls	xls	a18e4bb956b6b38e27093989c5216b66d255179e4ee3a202b512cb1c2978d30b	8.47%	Heodo
2021-12-22	2995315866795799.xls	xls	8198d38eec5db0d3d520fbd8134884815417db8678630b611fee32b88e02950e	n/a	SilentBuilder