URLhaus Database

You are currently viewing the URLhaus database entry for https://skymaster.de/efqk/OQR5hro8b40FSzA315C1CEctXq/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1912470
URL: https://skymaster.de/efqk/OQR5hro8b40FSzA315C1CEctXq/
URL Status:Offline
Host: skymaster.de
Date added:2021-12-23 02:00:10 UTC
Last online:2022-01-04 13:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2021-12-23 02:02:25 UTC to abuse{at}home[dot]pl)
Takedown time:12 days, 11 hours, 56 minutes Bad (down since 2022-01-04 13:59:24 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2021-12-235335314497755090.xlsxls bbac5e6b835871cce53a72d0a187852eabbd62cdc73a87da37b4cc66ab117cfcVirustotal results 33.90% Heodo
2021-12-233460846.xlsxls c51418c5ccadd13c4bb14eea18d062f50951081c4e30eec638b9a955bb5159ebn/a Heodo
2021-12-233045671421130827.xlsxls d8ce431c8f66c5820833818bb6f2d447458aeeadf654d90232bcd3b5c1188644n/a Heodo
2021-12-2367972595067.xlsxls c9545cde86c62ed4ad3a2f8d9d2a685754794c32c958146044977f0a075813e4n/a Heodo
2021-12-230378215077.xlsxls 68ed5dfabe948c5eeb56e15202aebe6e35cfa9d38acd0a01198acd98b58f5a6an/a SilentBuilder
2021-12-23019690035.xlsxls 4fe65c13808d8fc349cd60fec4ff4891272efe6201b7f09157c3347d9fdde210n/aHeodo
2021-12-2300421318.xlsxls 9f919173cdf65e5b12855f5c603f2bf26de71e419626176c8d65bf63bfd478ebVirustotal results 30.51% Heodo
2021-12-234879107561031984.xlsxls a93b912164cc5b81e32e1e0f26d5a7426a687739e8620aa2c9b9b0fff0fecad1n/a Heodo
2021-12-2311534892776.xlsxls aaff2c307777c6ab23e1133f10f4a4a8598c98577ea247b5e685104838a8ac97n/a Heodo
2021-12-23937990449.xlsxls 2e89f5037f0f890ba32a68f80492447a38a435abf32960348b0ce191e79de247n/a Heodo
2021-12-238785548357666786.xlsxls 18cd90d12603bd245e2cb179512b3039b65f47eda84d5381073f5c33f78b6815n/a Heodo
2021-12-2321790412.xlsxls 9d5dbc40d82c366feb36b148f4d3b2e5c6784c243b64c4cfd5abac1b9f05b6e2Virustotal results 28.33%Heodo
2021-12-23647714157229028.xlsxls 60d0b1a03eca2a23c1337d4b0138f3f27e42de6faaf5d3cda9a409cb80cafe06n/a Heodo
2021-12-23610234405.xlsxls 1da3bee0567ea13e2fffb9e2f8a9063aff91e164b391bc3064127ae1b68f0f37Virustotal results 20.34% Heodo
2021-12-236360342912.xlsxls 9f704b952fdff3e6bc02a2f25cf3df6ebd4f6041967e0ad7a184a33475c67537n/a Heodo
2021-12-231056860410937770.xlsxls 3bd76c21ddc8ce464f239926304160909ad0688f9b0e891b08b03e8799eb4ed8n/aHeodo
2021-12-2354051343510.xlsxls a5bdf7705717cb73f4652533b1628e9c2fc0a5de66e54bfe370a8ab4f01935f6Virustotal results 28.33% SilentBuilder
2021-12-235139273.xlsxls b19d930f6c3ffbba5422d62c048421f85ed5625fcb1ba52277e402104ec74988n/a Heodo
2021-12-2387387937218434.xlsxls 5aac4952db1844170eec9aab339f1efa8b9a0d0dc6227a4b45447e32bba2e88bn/a Heodo
2021-12-23003644698535334.xlsxls e2bdbf5c0daab27403d2b4fb71e14ba1431ce77af1eb101c1aa11d91529ef581n/a SilentBuilder
2021-12-232404767400620094.xlsxls cd4efd1d8e9a8f0778597ac784ce489a02ed7ef8ab742cb3111b37a7ed6cf7can/a Heodo
2021-12-233721936.xlsxls 4c9b243a083c632568be76fbf2e3f79e8d4a072e74a6d793931ed1c18f4b6981n/a Heodo
2021-12-231511364656519.xlsxls bd1ddfbb2390d5865299be2f8da009b582da2c9aab723d7e0f5f6077b692de14n/a SilentBuilder
2021-12-23858988537001622.xlsxls 5c294fe562bd01c69bbdbb1437208abf1ef4098c31444af2d32a31056b47fbbfn/a SilentBuilder
2021-12-2353541986.xlsxls 2991e95d6d3b92341bd33e2c9dc75dab521b1e38be10120fdc3e542ee4eba881n/a SilentBuilder
2021-12-2314186657.xlsxls 33c37dc1e96fdceddcc765370af16b1d5b20ef374ae04ab75ea6c4c95e06bcedn/a SilentBuilder
2021-12-2388069526186.xlsxls 0564019bae796d2300aaac993d851131a1ef1b3d348be92356ecbdfe3bce29b0n/a SilentBuilder
2021-12-2320999580492.xlsxls f5a335ee24fa41b3fa92c6ea5bece9322f2fd375136a1575673ca2abe323f24dn/aHeodo
2021-12-2351425276.xlsxls 98129ad7ffef48ee9545ff21e9295f54d6062e38ba637fc26d01a4db71878f90n/a SilentBuilder
2021-12-235477829804520895.xlsxls bdf78e25ae666795658b92797fad50ff224cd5f52f4c2b7a38259dea667d6681n/a SilentBuilder
2021-12-239923418265138772.xlsxls c4357d9b592c32ab709d295c6f0c06530f1747ffc07e8939c2743c3fcb76df59Virustotal results 23.73%Heodo
2021-12-23832059081.xlsxls eec031da304539d9cd2d1107b8ac16fb8415662f96b8b979c103d3ea4c780accn/a Heodo
2021-12-239163781522905.xlsxls 3872c321886be0e22e3063113e957978408eab0ed39b6430dc5b94e0fe7caa5cn/a SilentBuilder
2021-12-2392099964.xlsxls 70d0d557db77f8eaa47a791d85e5323c02a9e1628fabcaa29836bf3d8b877390n/a SilentBuilder
2021-12-230139367526.xlsxls 2fe52a04ad50a62b3c0248ad8a319bdc8e22cf9ec351f2d2c21b3e433e41d5c1Virustotal results 11.86% SilentBuilder
2021-12-2355988298686341.xlsxls 3ec8692a3495e85f60bcd436beaf96a2626f10da6ab4c46f545168f92d2d06f4n/a SilentBuilder
2021-12-23308707190064271.xlsxls 1aa52da08de6b2732f449f29515ec792060270972541fe18d3494b4dd4779c7en/a SilentBuilder
2021-12-236061960211047.xlsxls 9fbef3bf291c5ce45854de786b83be78d6d79172da8f3dfddc8c752dbf5390bfn/a SilentBuilder
2021-12-23287569413674367.xlsxls bb1f500a59544aa8e44a0377cc506dfbebca1ecb7a8c73dc72d3268803976ff5n/aHeodo
2021-12-23369581723587.xlsxls 190fa8d2b5297aeb55c75f696f69cf1a0ea1ab45703e4047dc6baed4708833c1n/aSilentBuilder
2021-12-238990147675932.xlsxls 58b6f1c79906e917ccd06eb3c83917af37d249284b707e1bfe6220d245c057adn/a SilentBuilder
2021-12-23635781287680.xlsxls f762edc3ae2ee2d4806395532cefca19990e468c50675601ae2fadbac22cf6a1n/a SilentBuilder
2021-12-232643909.xlsxls 46549909e329faf4ef851f602d8c1091c253897e0292ae05d83b73da7914077en/aSilentBuilder