URLhaus Database

You are currently viewing the URLhaus database entry for https://cloudlucky.xyz/hjxe/PMSa/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1964767
URL: https://cloudlucky.xyz/hjxe/PMSa/?i=1
URL Status:Offline
Host: cloudlucky.xyz
Date added:2022-01-11 10:25:07 UTC
Last online:2022-01-15 01:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 10:26:07 UTC to ipas{at}cnnic[dot]cn)
Takedown time:3 days, 14 hours, 46 minutes Bad (down since 2022-01-15 01:12:13 UTC)
Tags:emotet link epoch4 heodo link redir-doc SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12qrvz_973829601.xlsmxls aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdVirustotal results 28.33%Heodo
2022-01-1207436407_524.xlsmxls 58c5a48579e8499ec3aa409ee960a020592e422516e0aaa2847880ca43f84e90n/aSilentBuilder
2022-01-12VUI824.xlsmxls e58cd1fc646d37b9fd8040d9f7f4110bb07cbdadb1f5dd4a55413acacd33807dVirustotal results 30.00%SilentBuilder
2022-01-1228964664529915.xlsmxls f73b8e79809cb64463d53b4ecd9dd6b93721ce156d434bebcdc63bebb23eff07n/aSilentBuilder
2022-01-124162848_394554489.xlsmxls 3f4b1c98cb91608ce0ef51a77efb1ba624e38ff17e01567f9d61747a5e49421dVirustotal results 26.67%Heodo
2022-01-12jXaTi_073589.xlsmxls d7638004f7dc1a884abf073a6c04d5d205ba31f4d66800216ddc303dd3f41249n/aSilentBuilder
2022-01-12881110759.xlsmxls c468d97804e7a9fa569cfab4952c6fda72685adc622cec8aee02bb9c8f1a79aaVirustotal results 26.67% Heodo
2022-01-122862168322.xlsmxls 8642a84875b30eeae2bec0b16db37715f4a2ff15caf6e5185a4012107ec1e87bVirustotal results 26.67%SilentBuilder
2022-01-12027335_1391119.xlsmxls 926c822e2c4d78b252f788d3fa75a77bfed1380ad50cdacf21f3efddf15b0b26n/aSilentBuilder
2022-01-1295845127.xlsmxls 1b7581c8be4bf9197005067c42e581bcc1c41b10d6d9768daa8c4642f6e3ef7bn/a SilentBuilder
2022-01-12288809524-7903804.xlsmxls 9e0c891bd4b687d10b5c7d8082a2d4c7d24a0c9ea90b1d0aa09dafa6dee22047Virustotal results 23.33%SilentBuilder
2022-01-1251650538_34558.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bVirustotal results 25.42%SilentBuilder
2022-01-1122-712.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-11JsnhS772.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-117918_949233.xlsmxls d616af039b685a1e393e85dfd6d3558a0a062fc2cd776bfdbfd55dd1cca9e55en/a SilentBuilder
2022-01-11DT_5377124.xlsmxls e48f10cc12e08a32f523982c024f49dca076b06c6bd47b5cdf3d43aee5097091Virustotal results 16.67%Heodo
2022-01-11zohlel_86404866.xlsmxls 12e3064b327fef718bd5c25b6d26ad24846b3612bfff59eb566107d957b9f854n/a SilentBuilder
2022-01-116397069.xlsxls a88137e6086255207269b721d3cdb9d6a67cbb8861ba98d4681f83945fa29299Virustotal results 16.67% SilentBuilder
2022-01-110769478S.xlsxls 8ea7ac4cc4dd1576b45451813ade47420f9196a212e173e174aada937cb8f4a7n/a SilentBuilder
2022-01-11D1553996805559453984.xlsxls 77d7199bee787fb17ba47e4461be479b626921734ac55b7b76d42531c3b1a211Virustotal results 21.67%SilentBuilder
2022-01-11769180527.xlsxls 1224a3bcb32b16ac401374219c7e304bcfd5eba23875426fdbb6bd06345e9e9dn/aSilentBuilder
2022-01-11G441199424509.xlsxls 44375fae220fa8f7a7b515b8e1e77037fc8138819eb2be2ea5fe090907169db7n/aSilentBuilder
2022-01-11300650864.xlsxls dcb00705bd4681e612936e68e5787d289bc846201184546aeb1d4edfc4df791bn/a Heodo
2022-01-111416157003753790591.xlsxls 24160ff88a8c4ee8d12c4cad09dbd7e744c2bf1bfd24b636cb436cb047d3324dVirustotal results 22.03%SilentBuilder
2022-01-11F7805619518X.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292eVirustotal results 20.69%SilentBuilder
2022-01-1169813925930207644082.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-1127829537.xlsxls b1f305f02b8cf58ae2906c7eed8287d62d121b30f99795c803a124d69b54d363n/a SilentBuilder
2022-01-1168970791188316516945.xlsxls 51f016277428080390343a5eb97dd40ffba5eb44df145b1c7ad507583d8386e8n/a SilentBuilder
2022-01-11815875127342314E.xlsxls 26356d230c56228215ac800ef5e4b0341a653d88d8ebb1c162ccd53a51a94c35n/a SilentBuilder
2022-01-11V10783616119877Z.xlsxls a88483cdfd340711d7a65d74a5646e6bc7159a4af250074e0fea6db954177753n/a SilentBuilder
2022-01-11X29631396602719270504F.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9Virustotal results 15.52%Heodo
2022-01-11Q670360033639323G.xlsxls 2709ea59d34478c496b08e82eb77182fba9c9af001b75cfab5aaa44621d359bdn/a Heodo
2022-01-118165368607159853235.xlsxls b4f4e361680cbe98e26106393beca73acc80418fdae4ab118917b7e8bd9fc917n/a Heodo
2022-01-113666765386349590.xlsxls 071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604bVirustotal results 16.67%Heodo
2022-01-11W325894852000F.xlsxls 5b8d0b12d4a393432ef70e1832915b20c0a39b948c524ac301e3ae5f9794b84dVirustotal results 13.33%SilentBuilder
2022-01-117936117970207Q.xlsxls 0a0fe064ed83d5fb4be5577a78d4659be6d7fec5ee345f01edda10c2e6221868n/aHeodo
2022-01-119283017650214706077L.xlsxls bcd9548679c87026f7119b2a46f731fa2d1c20fdd1ba546f5e20281b30ade8e9Virustotal results 16.67% Heodo
2022-01-11P99748931455604326L.xlsxls 9272f102aa79bc52b9a154a55c4252c52e1136a9ec4fdcb5356be76ba17236a2n/aSilentBuilder
2022-01-11V2895748J.xlsxls 56aa7905b1536290b2b7369e456e757c0245678ba3834bed356d8ff776b9d015n/a Heodo
2022-01-11D072668517276470K.xlsxls cafded5c0d6a87f484352676ed465476295fa9da9c91f228acd6962182d3350bn/a SilentBuilder
2022-01-11681812121031L.xlsxls 619a36bb106284a941479a0f0c4ec11dded72ed93a1e9c0909eaf2ebc84a69d4Virustotal results 12.07% SilentBuilder
2022-01-11O8347472K.xlsxls be0b11916ecb4101f05770478b70375165650d7ea4330c4e9c98c407058de722n/a SilentBuilder
2022-01-11H522295693447740378D.xlsxls 03c7dce022ba5927f0047e1ff4eae1b193016b57a701ea176975290263d7893fn/a SilentBuilder
2022-01-11M1839109927313219Q.xlsxls bd340cd4783cfc7f2e8d3362be0e846c95b1a0f89d28d9df48ed36cbfec86e87n/a Heodo
2022-01-1107627500650S.xlsxls 07ba265b088af587be86368377a4266ac868709decd8fc747c2c4af835eea5edn/a Heodo
2022-01-11U4184377D.xlsxls c704afb7e8e2d110cd4d850402130a8378203481f49f1eff54556198c8b30ef5n/a SilentBuilder
2022-01-11S064603790277321046S.xlsxls e06b2bd94b115a121508c9518519e2600108f967561760a1119f40d36ef352f1n/a SilentBuilder
2022-01-11N5649200906324062705.xlsxls 8d553f79df6c325e23d3dbf5395971d1e0e1132eb66d882f365a931e848a6556n/aSilentBuilder
2022-01-11M65685455611864526713.xlsxls 87d2527c68c9ea1c31c3026fe12e753bb96388bddc964eec6542b307085e3c65n/a Heodo
2022-01-11X35467911Z.xlsxls adb18f0c0687762b5298ec79ad39e1656c39e1a82e03d33890de86ada80d5232n/a SilentBuilder