URLhaus Database

You are currently viewing the URLhaus database entry for https://foodmacho.com/wp-content/Y6rl29/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1965469
URL:	https://foodmacho.com/wp-content/Y6rl29/?i=1
URL Status:	Offline
Host:	foodmacho.com
Date added:	2022-01-11 11:11:06 UTC
Last online:	2022-01-13 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Status unknown
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-11 11:12:09 UTC to abuse{at}hostinger[dot]com)
Takedown time:	1 day, 17 hours, 9 minutes (down since 2022-01-13 04:21:32 UTC)
Tags:	emotet epoch4 heodo redir-doc SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	JWUS_59739.xlsm	xls	aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bd	28.33%	Heodo
2022-01-12	OP-7863510.xlsm	xls	aa0e36780912b94ce9abefe196de12d6f4097dbc7fa864d24778638043de4084	n/a	SilentBuilder
2022-01-12	xrbumol004105821.xlsm	xls	d7638004f7dc1a884abf073a6c04d5d205ba31f4d66800216ddc303dd3f41249	28.33%	SilentBuilder
2022-01-12	WAMtw8923657.xlsm	xls	796cb1dfe07dac51d9dd955ef372b6283adbfc38e34c92ee379fff29c89bacce	27.12%	SilentBuilder
2022-01-12	4859_092.xlsm	xls	8642a84875b30eeae2bec0b16db37715f4a2ff15caf6e5185a4012107ec1e87b	26.67%	SilentBuilder
2022-01-12	528672605495.xlsm	xls	926c822e2c4d78b252f788d3fa75a77bfed1380ad50cdacf21f3efddf15b0b26	n/a	SilentBuilder
2022-01-12	793435-44135.xlsm	xls	9d277bf6e9b937c6b9d79db16b78f65ef5346b79c5c68fd3fda71a4e18171fe7	23.33%	SilentBuilder
2022-01-12	kkcn01145899.xlsm	xls	9e0c891bd4b687d10b5c7d8082a2d4c7d24a0c9ea90b1d0aa09dafa6dee22047	23.33%	SilentBuilder
2022-01-11	2271257_25617902.xlsm	xls	66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6	n/a	SilentBuilder
2022-01-11	10231829216534305.xlsm	xls	a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339	20.00%	SilentBuilder
2022-01-11	BPLDT-7927.xlsm	xls	71520c6b61c641945ab1d47dd755be9ecb8dfd171fa5daf9773a99459cb45efb	n/a	SilentBuilder
2022-01-11	cyBcL-244197.xlsm	xls	15808d5cf09ee4a60ed9e18d0b403cd762cbf7613246e2cdfa6fba88eb654dd8	13.79%	SilentBuilder
2022-01-11	W5901143885378609758.xls	xls	62ec5aff1c6c20ac27c09077ff459dbe375a4d8841b6b47f85c7e51b7d26fd9b	n/a	SilentBuilder
2022-01-11	956563483686866164X.xls	xls	2057afa974ff72e5f28439f4cdef17396772fe0edde04405fbcf8c5cb5a47888	n/a	Heodo
2022-01-11	Z89645456369540509776.xls	xls	3d2ad015f60956cee32029cb7d6fee846f34a91d0f6dae2b68cfde31c99b4a77	n/a	Heodo
2022-01-11	403617493805298F.xls	xls	afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292e	20.69%	SilentBuilder
2022-01-11	797796527740090.xls	xls	fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7	n/a	SilentBuilder
2022-01-11	035214220712397109.xls	xls	60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440a	15.52%	SilentBuilder
2022-01-11	N674109751H.xls	xls	f9dc6d359581da286cc014340d248cea2acedf09a9dc0cf9280641f3393fba35	n/a	SilentBuilder
2022-01-11	R977138021283.xls	xls	7c45ae8cc81f5981a7fbbcc9a7ffb75a40a98bd60b6cb8ba4323351ae933a773	n/a	SilentBuilder
2022-01-11	4912593457G.xls	xls	0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6	n/a	SilentBuilder
2022-01-11	S76135849411048164595C.xls	xls	0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9	n/a	Heodo
2022-01-11	776859413P.xls	xls	b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931c	n/a	SilentBuilder
2022-01-11	776733808344Z.xls	xls	9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36	17.24%	SilentBuilder
2022-01-11	1142390868J.xls	xls	b4f4e361680cbe98e26106393beca73acc80418fdae4ab118917b7e8bd9fc917	n/a	Heodo
2022-01-11	28235896172779336945X.xls	xls	d71f960574a42f577d5397574467ba2f556d0be9bec55b99c58946fab29ee994	n/a	Heodo
2022-01-11	94099064420L.xls	xls	89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9	n/a	SilentBuilder
2022-01-11	6248738C.xls	xls	645258c3eec8a24b056403664b65d66c43f78566a0f33270723a6edc4d0c7ed8	n/a	SilentBuilder
2022-01-11	M83201035263807013090X.xls	xls	e16adb6f1a775a983cf7e36a35ac0200ae5fa21bbb48325bf9af0e86d7b96be9	n/a	Heodo
2022-01-11	73849049R.xls	xls	803ba1efe4554351d3b7b7768773cdc8c3e3fd66286c993520c86cea7a4fe01e	n/a	SilentBuilder