URLhaus Database

You are currently viewing the URLhaus database entry for http://deltagases.com.br/wp-includes/555gssIAjRRQd7fdfx/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967122
URL: http://deltagases.com.br/wp-includes/555gssIAjRRQd7fdfx/?i=1
URL Status:Offline
Host: deltagases.com.br
Date added:2022-01-11 12:45:05 UTC
Last online:2022-01-12 00:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2022-01-11 12:46:14 UTC to abuse{at}phoenixnap[dot]com)
Takedown time:12 hours, 11 minutes Good (down since 2022-01-12 00:57:54 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1239715675242.xlsmxls fb59d08c1c00da6e08768d759d984922ef2726cade6ed27fe5713a79e7b7022eVirustotal results 23.33%SilentBuilder
2022-01-128044662QUCX-7195781.xlsmxls 1c5ad6e4718ec14f2180c8f047a7867ba5ce9f4498024dd2a4f66974ca1cdfcen/aSilentBuilder
2022-01-11STCWK_699.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-118297495.xlsmxls bb32c9472ef2faeae273e266c7fd2dd749d5b200affe3e0e3d3cbacd4cf6e904n/aSilentBuilder
2022-01-11VK-709220.xlsmxls 207177c3c5eb0fe56e8614f9107063106f39167ae239ada435312ba0455fe349Virustotal results 16.67%SilentBuilder
2022-01-11NM_293726.xlsmxls 71520c6b61c641945ab1d47dd755be9ecb8dfd171fa5daf9773a99459cb45efbn/aSilentBuilder
2022-01-114621_44057680.xlsmxls 4732ca576ac4a1b57726b01684356326dabe72f56f1f90308801953e421ce1dfVirustotal results 18.64% Heodo
2022-01-119582_66208.xlsmxls dffa5adc8791ebb0b764ab4b97a04158c846cf5f62f7e225a40a5eff5440e755n/a SilentBuilder
2022-01-1181115530591817387W.xlsxls dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259Virustotal results 16.67%SilentBuilder
2022-01-112304473.xlsxls 1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866bVirustotal results 21.67% Heodo
2022-01-11D98687781632811.xlsxls 416e811b6839dbe39092f82dbb62064350da5400ce2e1fd94870f305f5b2b77dVirustotal results 16.95%SilentBuilder
2022-01-11G450008115539525432821.xlsxls d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2n/aSilentBuilder
2022-01-11T70912129271150182090.xlsxls 1ee39644692931c717336eb3e00db7e82c9a27e987a8931e45d3eca7abd009c1n/a Heodo
2022-01-110064069013624759148.xlsxls e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1bn/a SilentBuilder
2022-01-11I4497476456105.xlsxls 7b273da870150fa002d6651be951c45565ecfb209c9516b78a60d5e6274d4f9cn/a SilentBuilder
2022-01-11D10623295079363222J.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-11762704665466361449.xlsxls a5a1c304ab3b2351a82da736cf9c022ea2ad1cbff6321b64b0a741b575c8a6c4n/a SilentBuilder
2022-01-1176756481093740.xlsxls 6808535f95480e34f3c2c575420e072a74fa57f20d5c69a99b7bc614f19d7b1an/a SilentBuilder
2022-01-11361541396077523470C.xlsxls e7133e75c8b62eae0ca8dceffad7785b809365feb928a7181deab88f8c30df16n/a SilentBuilder
2022-01-114716409834719K.xlsxls 0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6Virustotal results 16.67% SilentBuilder
2022-01-11C9073242F.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9n/aHeodo
2022-01-1168374658154.xlsxls b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931cn/a SilentBuilder
2022-01-11161728668656238912294.xlsxls 7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116cn/aSilentBuilder
2022-01-117706821757.xlsxls 7dcde20dd26c5388d734d658830ebb48bf5c1170cf9ec39a3e084d8e728715e8Virustotal results 16.67%Heodo
2022-01-117450701656O.xlsxls 445e137304a2c43b06f0c98f4655f6fc4d69db7ae73ddf9094295c48f0701047n/a SilentBuilder
2022-01-11V672411225409.xlsxls bdb3e9a556bc850867023c8e1c5ea1e20cda48c72bd0396ef667d3352b14d65fn/aSilentBuilder
2022-01-117280089406215830.xlsxls bcd9548679c87026f7119b2a46f731fa2d1c20fdd1ba546f5e20281b30ade8e9Virustotal results 16.67% Heodo
2022-01-1181362144845U.xlsxls 920b0df7acc9b9a74fead2dbcc553c65efc98e729a593ad21402109dcb6f66c0Virustotal results 13.33%SilentBuilder
2022-01-11Q07732781913584794.xlsxls b5772788406d55232df72c3ea2ae90ecda40f165c5246b1328bc173905630adan/a SilentBuilder
2022-01-11357836873916Y.xlsxls 474cb0554cd5fb8976244c74a115a07164b25952cbbe6e7868a99045b435f535n/a SilentBuilder
2022-01-1178299022851596240192.xlsxls cafded5c0d6a87f484352676ed465476295fa9da9c91f228acd6962182d3350bn/a SilentBuilder
2022-01-1130413998W.xlsxls e953e27734ea1a314cd9d63b06099f4bfca19df5ec11ccaebe5a2db2f3068b40n/a Heodo
2022-01-11354804413370040927963.xlsxls db1b447d50c59d7fed698e38d182b61defd8bf31e4570a437e038d6b532a4e39n/aSilentBuilder
2022-01-1168310939745X.xlsxls e4c8cc798cb05f75d4fd5939432eb850a46c95a2368288a593dfd007e00979a9n/a SilentBuilder