URLhaus Database

You are currently viewing the URLhaus database entry for http://ona.pradex.pl/2196/GKM7P8p5fx/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967016
URL: http://ona.pradex.pl/2196/GKM7P8p5fx/?i=1
URL Status:Offline
Host: ona.pradex.pl
Date added:2022-01-11 12:03:03 UTC
Last online:2022-01-14 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2022-01-11 12:04:14 UTC to abuse{at}atman[dot]pl)
Takedown time:2 days, 12 hours, 16 minutes Poor (down since 2022-01-14 00:20:20 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-121744582_2465.xlsmxls aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bdVirustotal results 28.33%Heodo
2022-01-121785519_88767.xlsmxls 9960d32985df1b5cfa49908148f8ca999ff3b82aff1645280ff9f71ca61f2805Virustotal results 28.33%Heodo
2022-01-12iiwvb-715.xlsmxls 441669b9a3767d3fe26e857bc4cf46626a3cd23843a551f7e0182b2cf5cf2a4fVirustotal results 31.67% SilentBuilder
2022-01-12ONN-7758.xlsmxls ab10f99205c871817f94e6f2e7a2c654504a2bfde5ed375401a200735694560cVirustotal results 28.33%SilentBuilder
2022-01-12929481682437.xlsmxls aa0e36780912b94ce9abefe196de12d6f4097dbc7fa864d24778638043de4084Virustotal results 30.00% SilentBuilder
2022-01-12T_2.xlsmxls 046d125d4eaf4ae30ad4a794405fd7c905b58db18824dfbe24dff1cd4cfd13b6Virustotal results 30.51% SilentBuilder
2022-01-1275814-76107381.xlsmxls 796cb1dfe07dac51d9dd955ef372b6283adbfc38e34c92ee379fff29c89bacceVirustotal results 27.12%SilentBuilder
2022-01-12yjMORD_979.xlsmxls 8642a84875b30eeae2bec0b16db37715f4a2ff15caf6e5185a4012107ec1e87bVirustotal results 26.67%SilentBuilder
2022-01-121540367_14.xlsmxls 926c822e2c4d78b252f788d3fa75a77bfed1380ad50cdacf21f3efddf15b0b26n/aSilentBuilder
2022-01-12thywv-9300756.xlsmxls 9d277bf6e9b937c6b9d79db16b78f65ef5346b79c5c68fd3fda71a4e18171fe7n/a SilentBuilder
2022-01-1208859408183944.xlsmxls f9cbf3cdfa7ed91bca677fd8d8e1f0f53c193323abfbbb1ce4d7c6d2f1b9feeaVirustotal results 25.00% SilentBuilder
2022-01-124394209-900.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-1145DNKRT-56091212.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-11GR_24345.xlsmxls b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548fVirustotal results 16.67%SilentBuilder
2022-01-1107866_6074.xlsmxls 207177c3c5eb0fe56e8614f9107063106f39167ae239ada435312ba0455fe349n/aSilentBuilder
2022-01-11wr-015016440.xlsmxls e48f10cc12e08a32f523982c024f49dca076b06c6bd47b5cdf3d43aee5097091Virustotal results 16.67%Heodo
2022-01-11MP80869794.xlsmxls 12e3064b327fef718bd5c25b6d26ad24846b3612bfff59eb566107d957b9f854n/a SilentBuilder
2022-01-11D8833580720881O.xlsxls b6221570f7605955141baf72141654a10cd2269e0c9c328fd7339bd40b4f83dcVirustotal results 16.67% SilentBuilder
2022-01-11J1310859330227396J.xlsxls 0bce8c631bc35e734c8be9fefb75ea3ce0e66a22e217c7ff6385afb1df2d0878n/a SilentBuilder
2022-01-11527002263594445405536V.xlsxls 8183c2318ca3074812c65267bfa07f37152cf4fd78fce24265a3847e91f00be2n/a SilentBuilder
2022-01-11A21724686022418.xlsxls 416e811b6839dbe39092f82dbb62064350da5400ce2e1fd94870f305f5b2b77dVirustotal results 16.95%SilentBuilder
2022-01-11J566560075368072933783B.xlsxls d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2n/aSilentBuilder
2022-01-117920906V.xlsxls 067076b82d8006677b674411e2ac9d00f6b68e93ff460cb2f113d9150e73a88cn/a SilentBuilder
2022-01-115648689C.xlsxls 3d2ad015f60956cee32029cb7d6fee846f34a91d0f6dae2b68cfde31c99b4a77n/aHeodo
2022-01-1163830725220263958I.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292eVirustotal results 20.69%SilentBuilder
2022-01-114215934108841626715.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-110819377866D.xlsxls 60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440aVirustotal results 15.52% SilentBuilder
2022-01-11C22567035381W.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-11734075331.xlsxls 1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1n/aSilentBuilder
2022-01-11E42238838.xlsxls 0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6n/a SilentBuilder
2022-01-11R82098078494763037G.xlsxls 37e872cc3b4e9e0f9e1472f6865ac985496582ef138fd1646fe13bd14bb92c0fn/a Heodo
2022-01-113263942399.xlsxls 1289c645dc8d8ff1a81ca74c01191f7f2deaa2b0b5337e534dc094a4510fd865n/aSilentBuilder
2022-01-11635139237001D.xlsxls 7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116cVirustotal results 15.52%SilentBuilder
2022-01-11Z99462760C.xlsxls 2f80ecbe8f3eb45c354fb36640dc4be6b13064be8550f2d49e41090e5c113b72n/aHeodo
2022-01-11S48278721.xlsxls 445e137304a2c43b06f0c98f4655f6fc4d69db7ae73ddf9094295c48f0701047n/a SilentBuilder
2022-01-117996214423460152981.xlsxls 17832170dc965d40f1a4b7b5abf6dd5f8d131468c82c281388bf6f6967b77490Virustotal results 18.33%SilentBuilder
2022-01-11J62851359197184706D.xlsxls d2c48bc93b2b0711be6bafd81a7eeddc944514e110ef2e1014151dac42e8ab62n/a SilentBuilder
2022-01-1117465929545604918029.xlsxls 89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9n/aSilentBuilder
2022-01-1103354924701767E.xlsxls 645258c3eec8a24b056403664b65d66c43f78566a0f33270723a6edc4d0c7ed8n/a SilentBuilder
2022-01-1155015257418113R.xlsxls 85b88ed279f103f41ae22a4adc9e432be6770a9d241fa124e7a62bf857995c8bVirustotal results 16.67%SilentBuilder
2022-01-11817723321348755925957Y.xlsxls a672f734a98a5b287eb96d134893701f055f20573dd9f9d778b1e7953b00a944n/aSilentBuilder
2022-01-11U6927999241642I.xlsxls ffd39f522cb9bcdb3dac93c34aa136be3cdc6cc6f6b878cf756a5a53443546fen/a Heodo
2022-01-111922988Z.xlsxls 54517f5914c526589a1b1ad61249c75209d239c1885cd72f638d9924d53983den/aSilentBuilder
2022-01-113055201093328104.xlsxls f218c6867a0a060d313d1592c39f606f2193f4d587a404b4372971a6344d0f16Virustotal results 16.67% SilentBuilder
2022-01-11053132698185984951779.xlsxls c26e7bcb1137bc26303dc119131a3e3e229acc32c7ed38d1792aa7a620c7ae8aVirustotal results 16.67%SilentBuilder
2022-01-1120259298J.xlsxls 244e38598a1d03f533889b35b310f7e2a83cbf5b57b93c116b57a73482176a22n/a SilentBuilder