URLhaus Database

You are currently viewing the URLhaus database entry for https://bluetoothheadsetreview.xyz/wp-includes/fEDN3ZDb2rNzcVjbC/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1964845
URL: https://bluetoothheadsetreview.xyz/wp-includes/fEDN3ZDb2rNzcVjbC/?i=1
URL Status:Offline
Host: bluetoothheadsetreview.xyz
Date added:2022-01-11 10:59:05 UTC
Last online:2022-01-13 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 11:00:08 UTC to abuse{at}amazonaws[dot]com)
Takedown time:2 days, 6 hours, 29 minutes Poor (down since 2022-01-13 17:29:25 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12hXHFWc-0045.xlsmxls aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdVirustotal results 28.33%Heodo
2022-01-12fft_32.xlsmxls 58c5a48579e8499ec3aa409ee960a020592e422516e0aaa2847880ca43f84e90n/aSilentBuilder
2022-01-123235725457.xlsmxls e58cd1fc646d37b9fd8040d9f7f4110bb07cbdadb1f5dd4a55413acacd33807dVirustotal results 30.00%SilentBuilder
2022-01-1226WXCLSY824595.xlsmxls 48d83d3b6c7ddfcbf30ed8ebe2feb9bc8b5c97dbec16fdbbec64d120181f94a3n/a SilentBuilder
2022-01-12vrnd-908.xlsmxls 3f4b1c98cb91608ce0ef51a77efb1ba624e38ff17e01567f9d61747a5e49421dVirustotal results 26.67%Heodo
2022-01-12032641254.xlsmxls d7638004f7dc1a884abf073a6c04d5d205ba31f4d66800216ddc303dd3f41249Virustotal results 28.33%SilentBuilder
2022-01-128960788_0758060.xlsmxls 769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968Virustotal results 28.81%SilentBuilder
2022-01-1271905_5992.xlsmxls d70eea3a457a572c1ee00b87e0c62ad39c9a8307340a7bff3bae0a08ade7c556n/aSilentBuilder
2022-01-12DX_2.xlsmxls ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68Virustotal results 28.33%SilentBuilder
2022-01-12CSP_26427.xlsmxls ee39e88c3c79292adf03f167d3b538ed98543b64a867264a09a9d19b0ac28645n/a Heodo
2022-01-12JP_62.xlsmxls 9e0c891bd4b687d10b5c7d8082a2d4c7d24a0c9ea90b1d0aa09dafa6dee22047Virustotal results 23.33%SilentBuilder
2022-01-12gZvKIt77.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-11gpaoflw20808524.xlsmxls 66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6Virustotal results 23.73% SilentBuilder
2022-01-11ZRK610.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-1102779_30.xlsmxls e48f10cc12e08a32f523982c024f49dca076b06c6bd47b5cdf3d43aee5097091Virustotal results 16.67%Heodo
2022-01-110071_702307678.xlsmxls a3977aa3c358df0d9777be64e5c10b4a874fd0eac63183e92837d58038e5c4c1n/a Heodo
2022-01-11D2137456209135T.xlsxls 446d074d88398efd9a59c8bdabf3f4909ae1bc5c12c418b98c3f185459844fafn/a SilentBuilder
2022-01-11P7166108777754559X.xlsxls dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259Virustotal results 16.67%SilentBuilder
2022-01-11R112438682008512075064.xlsxls c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7Virustotal results 16.95% Heodo
2022-01-11R71221789661112339881W.xlsxls fd3087fa953ec989caff35845ec2bc3cc41303ac26e0f0d0b8e25a325fee3a29Virustotal results 22.03%SilentBuilder
2022-01-11Q115918111G.xlsxls a3a4ed6c0dc82a194aefe74659cb5d64dea43645f9be704174fb7a5bf2164c7dn/a SilentBuilder
2022-01-115212392.xlsxls 715e1b02dc46e04da1af0b562710965698e7d6605e48771cbb547964d0ba826cn/a SilentBuilder
2022-01-1124796662532.xlsxls 24160ff88a8c4ee8d12c4cad09dbd7e744c2bf1bfd24b636cb436cb047d3324dn/aSilentBuilder
2022-01-119958774093702393846.xlsxls e9a7a09bdacc562bedc71638c17bacb72b445281366d192033d7c8c85f83ce7fVirustotal results 20.00% SilentBuilder
2022-01-11O745654614927290859852.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-11282715376461802.xlsxls 5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13dVirustotal results 18.33%SilentBuilder
2022-01-116939182411706021.xlsxls 51f016277428080390343a5eb97dd40ffba5eb44df145b1c7ad507583d8386e8n/a SilentBuilder
2022-01-11X72287609U.xlsxls 26356d230c56228215ac800ef5e4b0341a653d88d8ebb1c162ccd53a51a94c35n/a SilentBuilder
2022-01-11W17040321171525327090R.xlsxls a88483cdfd340711d7a65d74a5646e6bc7159a4af250074e0fea6db954177753n/a SilentBuilder
2022-01-11B7126680.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9Virustotal results 15.52%Heodo
2022-01-11Z28899126443363452867.xlsxls b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931cn/a SilentBuilder
2022-01-11A8982103054699E.xlsxls a6854cf37029a39a9a86de7f468e16d520cc046bef6fcd50290cd7c19843cd74n/aHeodo
2022-01-11Z90004532966787409766Z.xlsxls 7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116cn/aSilentBuilder
2022-01-11R5212603581.xlsxls 0b52372793be51e4313df2cb64a2b43650e47eb55920506fa6ac3f0726da0a89Virustotal results 12.07%SilentBuilder
2022-01-117643174873N.xlsxls 17832170dc965d40f1a4b7b5abf6dd5f8d131468c82c281388bf6f6967b77490Virustotal results 18.33%SilentBuilder
2022-01-11S678892417900048072.xlsxls b53a3f09073ba4c63f1634b32bc6328f22d9965ebc1384797a886d07959313fan/aSilentBuilder
2022-01-11Z600456916324L.xlsxls 045946e253af3bae2e2ae5be021b6a2032c8fd4df027ced949a3a9a09310928fn/a Heodo
2022-01-11B33062712426286.xlsxls 7c1004454dd200c8e01f09e796c996a70ee951164ec546ae10634a41c1eb4d22n/aSilentBuilder
2022-01-1119269103476.xlsxls 06b383970ed4fab68a430bc021dd0744b77518ec82ef09f6d167c8edbf50fd53n/a SilentBuilder
2022-01-11575710048.xlsxls 7550a2a99fe2768446351c653515cda693fc4978cdb437177efcc2133117efbcn/aSilentBuilder
2022-01-11873392313035112096193.xlsxls c17cf152edefc6ce2ed0a5fa783f3bbfd6348b41a22f0da9cdd2722311ddfd62n/a Heodo
2022-01-11O26428370556293007.xlsxls 1425f5537eb61a9749bd505596b164f2eb187cc50468b623129d5fa7b5f07ce9n/a SilentBuilder
2022-01-1152965682308862063.xlsxls f218c6867a0a060d313d1592c39f606f2193f4d587a404b4372971a6344d0f16Virustotal results 16.67% SilentBuilder
2022-01-11L85931464Q.xlsxls 25a3e55a8c505687b78fb62ff041db36ed577b17dbd1b9ebf4e8628b9cf7b18en/a SilentBuilder
2022-01-11U945644350675147040423W.xlsxls 5d5960ceec11681300fcf26d61f3e8c614aa21a0eeec555c70a63c4049587756n/a Heodo
2022-01-11302006223478353941.xlsxls fe4727cac94d6f363bace24a0f8a94e5fd4c766c05468a98aec87b4dbce2a2faVirustotal results 13.33% SilentBuilder
2022-01-117958646R.xlsxls 803ba1efe4554351d3b7b7768773cdc8c3e3fd66286c993520c86cea7a4fe01en/a SilentBuilder
2022-01-11R954354396759958880S.xlsxls 7cdaadfceae5a41f40a2981e46f0c03a16496610c54c5a2adc39d51cbe56e535Virustotal results 13.33%SilentBuilder