URLhaus Database

You are currently viewing the URLhaus database entry for https://cms.gdtnbvu.club/Gordius/gmInuE7Prsy8oi5b/ which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1917300
URL:	https://cms.gdtnbvu.club/Gordius/gmInuE7Prsy8oi5b/
URL Status:	Offline
Host:	cms.gdtnbvu.club
Date added:	2021-12-24 13:30:10 UTC
Last online:	2021-12-27 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	sugimu_sec
Abuse complaint sent (?):	Yes (2021-12-24 13:32:57 UTC to hm-changed{at}vnnic[dot]vn)
Takedown time:	2 days, 18 hours, 41 minutes (down since 2021-12-27 08:14:14 UTC)
Tags:	emotet epoch4 heodo SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2021-12-25	K3724812060025K.xls	xls	ad703c5d173ecc9110d797f3272128d0bd21745acd34d207171021b8f448c5b3	n/a	Heodo
2021-12-25	0214843362.xls	xls	dd409a3b24157f00201f140cf79f430c8502614b4191cb0f9e03c33bf9c4f570	n/a	Heodo
2021-12-25	99962652216193647505.xls	xls	ae5fffd3376b48104fce4b5b7d2e560121fe0fadf87af15fb7b817ef722a2e0c	n/a	Heodo
2021-12-25	5343912552624404.xls	xls	763fdb4556b1530e15905708e6d30dc0b09b6611d2a0dbaade942a5dcf5b8293	n/a	Heodo
2021-12-25	29634228212945176832.xls	xls	5c7e4e28d75b2ea240f43bee2cc893d6551e84f14a94de2ad23927b5fb7d39b1	n/a	Heodo
2021-12-25	H94412349940808H.xls	xls	38fa968034359f55deb1a1c62096736c9aa7f211fe9e9d24baae2008848e6b61	n/a	Heodo
2021-12-25	A28443651.xls	xls	a56da39c9dc097c0ce0b9f4b152eaf51130ee318b41ba18cc4d30c5fb82df45a	n/a	Heodo
2021-12-25	W768936330049147K.xls	xls	d79f4b9e846d2c382e00d9bc8f4adbd426d83e5cb8a1d126f1d8c588d6fc3076	n/a	Heodo
2021-12-25	N11655347286022292.xls	xls	b065259b68e96859cdcbb55267d6c383f3c2e8d402bec89dbde0140297f0ca9d	n/a	Heodo
2021-12-25	2466736I.xls	xls	4962a9c89094252b6675b0a22a0b184cabdd5b1e7fb90f310009c9afb0ed8271	n/a	Heodo
2021-12-25	4050655429D.xls	xls	bd47d239b29d4672ce03908c935d65dd98b77db7c23343a2c2f670eab11e246d	n/a	Heodo
2021-12-25	Z020579393473244500345.xls	xls	df7cb4340e87a513ca0d9742b637e094703ced5b4fdf66c1eb55592e4bc5c617	n/a	Heodo
2021-12-25	O231940126549J.xls	xls	d07e4dfa568d4e4a8fbc562c94d76bfab5cea12e43f588f4636c5e534e21ccdc	n/a	Heodo
2021-12-25	X1850889773199086V.xls	xls	e1a5cc8515ef1b47840fb70df27622e76ec27c964696a609c89c546c14a3c4b6	n/a	Heodo
2021-12-25	99233647468898149K.xls	xls	d640ebdaaace549312d95a4167f80ca760b80bb315e64a8c64df46b8a138708c	n/a	Heodo
2021-12-25	A5325425.xls	xls	2652611ca466a920c9bd8e89c8d766054e773135bfc6863d0b465b61faad47da	31.67%	Heodo
2021-12-25	T519942673952740578L.xls	xls	c45ebc2f0a1e592d11d3db45a8b42c58385daa5c0fd1ef07ea7f98c82d269006	n/a	Heodo
2021-12-25	Q7765405783355695107N.xls	xls	aac54a8f946e691601a4a54d03d84fbb759e507ec62668ee167dc849d7fe557f	n/a	Heodo
2021-12-25	S168860942760L.xls	xls	cae75be087a7c1d95b76a52c33579b4e4dc31d9e55aa8bddc4e280c5808a8253	n/a	Heodo
2021-12-25	605598272.xls	xls	37029ffaf8784e69ca60e4f34de09623001928c7a7c24e74abe50d5c173da19c	n/a	SilentBuilder
2021-12-25	R987872088510H.xls	xls	0014d33e8c71e69c819ad117c82bd13a3eeda011d9323f365e070af2bd9a1ba4	n/a	Heodo
2021-12-25	0292706947346545G.xls	xls	7c0670ec89192761547d22a78c16740fb805189921b5b3d24c194521074d832d	n/a	Heodo
2021-12-25	C87172688714962K.xls	xls	ede7bf91c5ead371f631ecdc1a2c1186c37d4abe6a92a03278d4b49e237154d8	n/a	SilentBuilder
2021-12-25	J19478523261706710.xls	xls	77aa74d92c1314ffb5a41afe0bcd68c49e8d5389c3db99a12ab59bca64797539	n/a	SilentBuilder
2021-12-25	982640828M.xls	xls	70823ef7763f858a6ed65f0f62fa8516634ba7b6d4b904b50c6cdf0b5135a991	n/a	Heodo
2021-12-25	787991058338Y.xls	xls	9492c90284f7df741ed772499f70217b8b190c7406b3f917ac31d3eea224c498	n/a	Heodo
2021-12-25	J113291518544002117V.xls	xls	1e75f3a274000ba65f07eaa7ab508c251f32420782f5f89199d2285bf9cacdda	n/a	Heodo
2021-12-25	Q900965298752330466205U.xls	xls	ed1c76dc252e5796effc932b9c751518080d610c35f431f5e72b285bae07abc6	n/a	Heodo
2021-12-25	E1552726777.xls	xls	60c0cb213c196027985ad7655f12ffbebb5ec878816364a7c60e5afd10e2a335	n/a	Heodo
2021-12-25	9148652503242163702O.xls	xls	782a6a0914a448f1c1c108b0d64c566128c20af00c0dc7221eee964a1714a7ea	n/a	Heodo
2021-12-25	57312124G.xls	xls	56f256ebed180da8fefccf1b94718a2a384b267071183c8ae71723dd6920ec28	n/a	Heodo
2021-12-25	A351120993125223238.xls	xls	b218aee4e476247d486833202846c5cfc6b843d85aed8c0bc38ab233f93a941d	n/a	Heodo
2021-12-25	03326798369M.xls	xls	c9ad9b698a1a96ea9d6e4a2b7050c57f3ecf6a1bb2de7f951e91655077cd3da0	n/a	Heodo
2021-12-25	508072421D.xls	xls	ded44edb24175626f74d3f7981050b5e533e5899723c8c29229c572c49a36091	n/a	Heodo
2021-12-25	S5056750479008858.xls	xls	7d5ca446a36bc17eaa288ad6221f0745c49bffa2e406dd8eba1412e5a80bce41	n/a	Heodo
2021-12-25	J624636233097337528148.xls	xls	475df6c66949bb75502714bea5daec7d80e0472e4af59faa8484cec9d27dd726	n/a	Heodo
2021-12-25	60589106558.xls	xls	4e81011c72eb2ba60239e868d2cc9692d87fd3492cf9a3d6f9c7bd97ecd7f99c	n/a	Heodo
2021-12-25	L919268959940013886W.xls	xls	ff882bb7e0bddb77d0b6402ceee2fdc1b551521f00d19b5dbc942064261a53d8	n/a	Heodo
2021-12-25	5437415777251838990.xls	xls	939a22e5c01e9709d1891390a97d96167a60b8f6b40fb589cc6359877c1719f5	n/a	Heodo
2021-12-25	8237303156T.xls	xls	65b7f6dbe659d058eba46f9e4dc65306cfd32f952067afa7234b1ecf9bdd87fa	n/a	Heodo
2021-12-25	4059832M.xls	xls	7ee042d9934f9598e42f82899db420943e42b1fdaf703c3645f01c615684c780	n/a	Heodo
2021-12-25	897109317031939X.xls	xls	552931c9f848c4a4aec845cdb73da4f75c987210739022ca9faa0ea58346d74e	n/a	Heodo
2021-12-25	C34378345064940.xls	xls	82d9adb557fa314e3101740c3509c722daa1be5ac6a476580dc3a6bbede5e33d	n/a	SilentBuilder
2021-12-25	4535089019067768P.xls	xls	2dea6b2c64e11de4e2dbbc73e0d56e5fbcd0605caa2c1a5ed94a658486dceabe	n/a	Heodo
2021-12-25	15634565362648X.xls	xls	c0c13574659dead22ebd0c6e771522b39a7b45705644f6dbe6a3eac0343b0853	n/a	Heodo
2021-12-25	579356285085587C.xls	xls	11b39550a8c7e5b11ca65e7f9f0b8e33f1c24aeff1234901529dc11980e8bb03	n/a	Heodo
2021-12-25	959360768806819632.xls	xls	c7114a2e4319745cfd7bac7675667be07a3d414ea0fc6331c9f584dd96517b50	n/a	Heodo
2021-12-25	125956373339942836T.xls	xls	c22beb5c0723cafc06d7706decd844a8e50477540cbdfcf05b47b895c6e1ce02	n/a	Heodo
2021-12-25	V6329875568.xls	xls	d7a318a0dc8e111a79ba80f8af607849c3fe7158b0627d0539bde12d190a9460	n/a	SilentBuilder
2021-12-25	4716655835N.xls	xls	2f9dc9c44ec5c248067843135aa0d8d49099d6578d645f64d3489ed873b65cf4	n/a	Heodo
2021-12-25	049329790709720.xls	xls	b8403fab8e756e881a14bd25996508d692cf13748493e4669d2ae94be6aae320	n/a	Heodo
2021-12-25	72273860K.xls	xls	18724966647c4a52e6d6663ec10c82731882c5700b9eaa8040c6bc9ded5c32c9	n/a	Heodo
2021-12-25	12430046463231090R.xls	xls	6316d20f79717f55ff79380438c9d49204681ebad80c5a5a9d83f7d2c7817566	n/a	Heodo
2021-12-24	04816409064F.xls	xls	171ab065c531efdd511197d6683a686875a71f88e18a0690903ee06f3d250e6e	n/a	Heodo
2021-12-24	U3565619.xls	xls	d78aa5431239e7bab7f143d7366f472a1047d395a1bdd1460605a4964d42d0ec	n/a	Heodo
2021-12-24	V3755896780851.xls	xls	8995ae7d4815746fd91ef526c2e91f82d2023c6b6892c39f97cfd5b8d5897716	n/a	Heodo
2021-12-24	A356519104.xls	xls	bc82a370a985332a3cd9d6b7e1f6b2da28e63e4b6c0900550ecd1947cc36cac2	n/a	Heodo
2021-12-24	11148373N.xls	xls	d35720f7e82bc34a1b20cbfdb0a050faad44f63f6917a9aa9e2ea0b7c2d169ff	n/a	Heodo
2021-12-24	83789351.xls	xls	79d4dc0d5b21cef7fdd7efbf7326204ef7d464dab8ca3b7acbdb97d76096c6c3	n/a	Heodo
2021-12-24	F433759708.xls	xls	36a5b2cc9a7536eeae3952b6d9fc19da1e334166a20144159f982d473b009431	n/a	Heodo
2021-12-24	D0593487999864.xls	xls	6c6da7c34b42c07220d44da3a95f77c0fa43b9404833f8889326fd357215c324	n/a	Heodo
2021-12-24	34448946.xls	xls	ebad32d3393974502f894cc2ba95df6e40afed688bba9cf9c40a24adb8dce19a	n/a	Heodo
2021-12-24	Y0144334969968276.xls	xls	eed3a943f2fd66cc828b629aa0f6edbddd940c42d17eee84fc2094a0e884355c	n/a	Heodo
2021-12-24	962148267930870.xls	xls	eab8cf9d91d5334fbfd805d05137c5cc672c98ed615582fb755d03dc03a9b51b	n/a	Heodo
2021-12-24	920265165P.xls	xls	c74e30782d8afd70e68b56e0d95417eec7e0b017e3d582a5728807f6cbb54630	n/a	Heodo
2021-12-24	6593860.xls	xls	f3c1bf8142ac41a78587f55dc7737dc30558e380338619969bb1e542f7863513	n/a	Heodo
2021-12-24	070025418367720.xls	xls	f61a8e096979c8bba90fe19423377e9eba4b24587977e4a77d8e87fe45239c15	n/a	Heodo
2021-12-24	B03893725M.xls	xls	014efb3b2bb77a85a302bd8aecc2159836e4304ea33e47256a0c549d20c8fac5	n/a	SilentBuilder
2021-12-24	828417714422422C.xls	xls	ff3c37f2ba563f21df4c775a7c5045fb1cb936ab4904d6e4f7f8d674e0631427	n/a	Heodo
2021-12-24	T0588205093.xls	xls	4c09a09e5dc029d3bd748ab7140b7725266e1afd57f9d089ef0f637f5ff8540d	n/a	Heodo
2021-12-24	U4601226.xls	xls	d8df8a0afba07f21568870502f6febcd170a1eabb126de4f6bf8b38577f95917	n/a	Heodo
2021-12-24	9048059233173.xls	xls	76f683a31126eb28ca638470852ff61540f14bfb64aa0b96e988b33135914e71	15.79%	SilentBuilder
2021-12-24	F15810983269133900G.xls	xls	4fe0d70d436c5b511eda36abc3d3a5e9175a5d538f8ade8be05b6325f9811283	n/a	Heodo
2021-12-24	F278194170372275999H.xls	xls	525cad864e0ca1450fc2e30caefab55372398cff8f5f3822566022ee0a652345	n/a	SilentBuilder
2021-12-24	D099373814Z.xls	xls	fdfff97212d6e1afb79225c87e425c8e8833fc9bc092bb85531971ea9dc1223f	14.81%	Heodo
2021-12-24	14469042.xls	xls	84c2b6725eedbdc1b41be855207751e014248f4c080b0100967d6fcff5387f8a	n/a	Heodo
2021-12-24	X754115136108354610560.xls	xls	d9c1afc8e865216cce3cae19c37443006611a82478dd7f7964f6a447babd7c29	n/a	Heodo
2021-12-24	X544526007593.xls	xls	12eccfb619092d5346c3c30206d65cf01b763f4b69d2442d979c3125337c4d2f	n/a	Heodo
2021-12-24	7816882156.xls	xls	bee4916dab0472f151858184d864660508e7531ad9eb137b94899d232f0b8aca	n/a	Heodo
2021-12-24	995856834783.xls	xls	d0bc4d17c08094766c7ffdf6598a4bdcb56188235dc5aacfd3b7f5b954688564	n/a	Heodo
2021-12-24	H0480515E.xls	xls	9bc5575c0c3ecaca2c0db836e8193ed102d36d708bef28c6e5f923ea10b22c8f	n/a	Heodo
2021-12-24	Q478194343503495R.xls	xls	37f604a4f1963e910372cb78ec03430e0dd569e51f782c37233eeb1338f815bc	n/a	Heodo
2021-12-24	394111189.xls	xls	d164840618e7ebc972ae2eabafe581184c7e13d5c66d5b8fa62fc0b25dc3726a	n/a	Heodo
2021-12-24	0287421777010.xls	xls	951d32c00565fc0fd560f3aea25d1c55a627a2a78c7bd7673ed417bd38c1e5a4	n/a	Heodo
2021-12-24	C897573984196413V.xls	xls	eb68214b76274151e286e13c5df225a00d04914b90aa252a4352aa47a11cfa41	n/a	Heodo
2021-12-24	364326343743Z.xls	xls	5662ec401d2ac0abc625c67c35f213e15851516a13e4c7717483d3254acb0ec9	n/a	Heodo
2021-12-24	S761601930078856726R.xls	xls	fedb4729e7f2adfcccd43a48c46953926ff38557ad7170e577ad5e076d5e9469	n/a	Heodo
2021-12-24	W53549122069.xls	xls	1535007646e477e96afd4d46b9c2e18c8b1bb41f3212e66f983d4b4515734539	n/a	Heodo
2021-12-24	P276690912357017.xls	xls	0f306a6675c81c3dcd55ae5043b2009a0f633f4791110be4078d2b6e1c1bc188	16.67%	Heodo
2021-12-24	18439276.xls	xls	75723df59362d020051f526db842dd7b0d429e0638d7d6ed42a17416f4959c24	n/a	Heodo
2021-12-24	21674367353V.xls	xls	3fdfa8fca0397d424779a3ce7f0e46682e6fea8603c388108a5f5d09800310f4	n/a	Heodo