URLhaus Database

You are currently viewing the URLhaus database entry for https://waterfloosereview360.xyz/wp-includes/YJCvBpN8GcPZge9zs/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1964933
URL: https://waterfloosereview360.xyz/wp-includes/YJCvBpN8GcPZge9zs/?i=1
URL Status:Offline
Host: waterfloosereview360.xyz
Date added:2022-01-11 11:02:07 UTC
Last online:2022-01-13 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 11:03:12 UTC to abuse{at}amazonaws[dot]com)
Takedown time:2 days, 6 hours, 20 minutes Poor (down since 2022-01-13 17:23:36 UTC)
Tags:emotet link epoch4 heodo link redir-doc SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12L_99542.xlsmxls aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdVirustotal results 28.33%Heodo
2022-01-12C-9872187.xlsmxls 9960d32985df1b5cfa49908148f8ca999ff3b82aff1645280ff9f71ca61f2805Virustotal results 28.33%Heodo
2022-01-12636376016.xlsmxls 788c6ae40bf00e27769846c7ab03bfee240d5ee52f765f498918a0333498eb82n/a SilentBuilder
2022-01-12YU20.xlsmxls 48d83d3b6c7ddfcbf30ed8ebe2feb9bc8b5c97dbec16fdbbec64d120181f94a3n/a SilentBuilder
2022-01-12315-76659.xlsmxls 3f4b1c98cb91608ce0ef51a77efb1ba624e38ff17e01567f9d61747a5e49421dVirustotal results 26.67%Heodo
2022-01-120645525_706.xlsmxls 046d125d4eaf4ae30ad4a794405fd7c905b58db18824dfbe24dff1cd4cfd13b6Virustotal results 30.51% SilentBuilder
2022-01-12xu_74.xlsmxls 769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968Virustotal results 28.81%SilentBuilder
2022-01-12FS581.xlsmxls ca65e9146957f09c7cdbb479666279a91d9065b309e29fea80fc5e3b7bd49393Virustotal results 28.33% SilentBuilder
2022-01-121520328_071.xlsmxls ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68Virustotal results 28.33%SilentBuilder
2022-01-12MJU564.xlsmxls c51d8cb997287ed9a94d3d5dfd322c073e1eeea0634bfe18f7d92a3d7fd85543n/a Heodo
2022-01-1277478108035049.xlsmxls a196a7f762ccc713b4c96a96ad4d8d50c3a27964758730b87741f65f609c91abn/a SilentBuilder
2022-01-12tjlbiez-08.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-1108031261_3.xlsmxls 66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6n/a SilentBuilder
2022-01-11WTUI926834.xlsmxls bfe1c65501eb9a22ea914fe380d24127cdf99ce17fc20683f99a7b1e0ccc06f8Virustotal results 18.33%SilentBuilder
2022-01-11CR69.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-11916-0168.xlsmxls 207177c3c5eb0fe56e8614f9107063106f39167ae239ada435312ba0455fe349n/aSilentBuilder
2022-01-11FNBJ5.xlsmxls 9b3fb2f88edc75661d9aba9ccac4bd15607dbf2fa7542c47be3d533c0db5cbe5Virustotal results 18.33%SilentBuilder
2022-01-116922384-4.xlsmxls 14222deeec10d32091a2947e045833bd25c041a662f4090df26e50381cf922c6n/a Heodo
2022-01-11S393534074D.xlsxls e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bfVirustotal results 18.33%SilentBuilder
2022-01-11B93874855.xlsxls 73a93604b31a5b4b301dad4849b63d5e6e48ef8d946f6fbff48b485b1bce7a37n/a Heodo
2022-01-115153354U.xlsxls 47d359db574e7e651cbf4e0b4d24fe1a2eb3f7b0e3170dbd84c2caae8c0d0a2an/a SilentBuilder
2022-01-11S184402611565P.xlsxls 2057afa974ff72e5f28439f4cdef17396772fe0edde04405fbcf8c5cb5a47888n/a Heodo
2022-01-11B928332782961156500657R.xlsxls dd5655dd2bb0e1d2dec7b8b92b7795dd64bae918b46c32fa5144129822729d56n/a SilentBuilder
2022-01-11826227818372366604757U.xlsxls 3f4ddde39dc20ae5a2558fe48b7341187c1bba0dbd1c95a32644b14592a38653n/a SilentBuilder
2022-01-110423516166P.xlsxls 24160ff88a8c4ee8d12c4cad09dbd7e744c2bf1bfd24b636cb436cb047d3324dn/aSilentBuilder
2022-01-11N691206788077416N.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292en/aSilentBuilder
2022-01-11623106055N.xlsxls 18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51n/aSilentBuilder
2022-01-1144526177131913369473.xlsxls 60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440aVirustotal results 15.52% SilentBuilder
2022-01-11C061245114757073.xlsxls 6808535f95480e34f3c2c575420e072a74fa57f20d5c69a99b7bc614f19d7b1an/a SilentBuilder
2022-01-1170132227W.xlsxls 26356d230c56228215ac800ef5e4b0341a653d88d8ebb1c162ccd53a51a94c35n/a SilentBuilder
2022-01-11662646131E.xlsxls a88483cdfd340711d7a65d74a5646e6bc7159a4af250074e0fea6db954177753n/a SilentBuilder
2022-01-116819881.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9n/aHeodo
2022-01-11W77735273005736951772.xlsxls 1cdf6133fd1d4138849b8f2b29f199d90ccce54c369b74a88a14e8329e1051c3n/aHeodo
2022-01-11495911999P.xlsxls b4f4e361680cbe98e26106393beca73acc80418fdae4ab118917b7e8bd9fc917n/a Heodo
2022-01-11G7071472419793.xlsxls d4ab41fa48cb03ac55da7c05e857ea1b5a88a2b31cde074f3036f6129662a10fn/a SilentBuilder
2022-01-11N2806864T.xlsxls 5b8d0b12d4a393432ef70e1832915b20c0a39b948c524ac301e3ae5f9794b84dVirustotal results 13.33%SilentBuilder
2022-01-1134415408401Y.xlsxls bdb3e9a556bc850867023c8e1c5ea1e20cda48c72bd0396ef667d3352b14d65fn/aSilentBuilder
2022-01-11196575698279449387916A.xlsxls bcd9548679c87026f7119b2a46f731fa2d1c20fdd1ba546f5e20281b30ade8e9Virustotal results 16.67% Heodo
2022-01-11N71912629714764.xlsxls 2b3edf1dce5ad17220c402308e28a5f2ca0032703557b04aa816d53bb30bb97cn/a SilentBuilder
2022-01-11O5268465.xlsxls 361e7457bfd87680419fd11b82e2c11ba668205e8421b38cfcb7e879e5267ddan/aSilentBuilder
2022-01-110578459H.xlsxls 474cb0554cd5fb8976244c74a115a07164b25952cbbe6e7868a99045b435f535n/a SilentBuilder
2022-01-11R262098128171F.xlsxls 5471bc0d0b81c3ee5e169546f5eb63613253af486bc28e14da70e43ba2acbdf7n/aSilentBuilder
2022-01-115610326N.xlsxls f0ca4bbe2594076644e5f27040111f3f422d61a3268078140077095c40d8dd6bn/a Heodo
2022-01-11P74470351912772039195.xlsxls a8085602b4f2d9fa12e7cdc848185b57baef023cbe353df862fac4ff279cf3f4Virustotal results 16.67%SilentBuilder
2022-01-11444743706577628R.xlsxls a1713a6e838656d686b56ed5f3822eac423bddd1637b56f9e24b3245ed798d99n/a SilentBuilder
2022-01-11W039572542839606167624L.xlsxls bd340cd4783cfc7f2e8d3362be0e846c95b1a0f89d28d9df48ed36cbfec86e87n/a Heodo
2022-01-115290933938398474147.xlsxls d78c9ad266c4e93e0c97fe9cc3bd593afa995a93f59aba16c1bb63c421d6a9dcn/a SilentBuilder
2022-01-110339313.xlsxls a2e296ce454120b7c7bd67add90fc0de4f7c805c6fd66471a1ef2ce19a7de34en/a SilentBuilder
2022-01-11382367158875848.xlsxls e06b2bd94b115a121508c9518519e2600108f967561760a1119f40d36ef352f1Virustotal results 13.33% SilentBuilder
2022-01-11Z0059074868991.xlsxls 5f022a207e0c1dd2686b5d72c46ea068977477361fb54123e038ef9812590ed7n/aSilentBuilder