URLhaus Database

You are currently viewing the URLhaus database entry for https://milanflowers.shop/wp-admin/puC4/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967308
URL: https://milanflowers.shop/wp-admin/puC4/?i=1
URL Status:Offline
Host: milanflowers.shop
Date added:2022-01-11 13:42:04 UTC
Last online:2022-01-12 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2022-01-11 13:43:07 UTC to abuse{at}hetzner[dot]com)
Takedown time:17 hours, 31 minutes Good (down since 2022-01-12 07:14:41 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12VJVF3641.xlsmxls 5c2972a5491e6d8209aa42964c99ad4f8621686005fbc5e1836b4b18d165a888Virustotal results 26.67%SilentBuilder
2022-01-124567581_05343.xlsmxls bfef414d160297040d78c63e659994d668374244c68cdf1ff2220420460fc9e2Virustotal results 28.33%SilentBuilder
2022-01-12372586288035.xlsmxls e74813a3530752434c9dae40f5f1cbd367cc16a541547e3a2d5b35295539390dVirustotal results 30.00%Heodo
2022-01-1248155477EDB_6352.xlsmxls d70eea3a457a572c1ee00b87e0c62ad39c9a8307340a7bff3bae0a08ade7c556n/aSilentBuilder
2022-01-1222377057614.xlsmxls ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68Virustotal results 28.33%SilentBuilder
2022-01-12803235_19806806.xlsmxls ee39e88c3c79292adf03f167d3b538ed98543b64a867264a09a9d19b0ac28645n/a Heodo
2022-01-12rcpthzb-8010.xlsmxls a196a7f762ccc713b4c96a96ad4d8d50c3a27964758730b87741f65f609c91abn/a SilentBuilder
2022-01-12SL-115.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-12AK-82874002.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-11809502873533.xlsmxls b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548fn/aSilentBuilder
2022-01-115377_480248.xlsmxls 207177c3c5eb0fe56e8614f9107063106f39167ae239ada435312ba0455fe349n/aSilentBuilder
2022-01-11m_928490.xlsmxls 0174c6534f42113ca8854a6ae91e267fb1915bb32b5760b52bbb551aa1580da2Virustotal results 16.67% Heodo
2022-01-1115_2.xlsmxls 4732ca576ac4a1b57726b01684356326dabe72f56f1f90308801953e421ce1dfVirustotal results 18.33% Heodo
2022-01-11T768316540190266043327C.xlsxls a88137e6086255207269b721d3cdb9d6a67cbb8861ba98d4681f83945fa29299n/a SilentBuilder
2022-01-11O0961580135044830468.xlsxls dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259Virustotal results 16.67%SilentBuilder
2022-01-11796883034499905.xlsxls 1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866bVirustotal results 21.67% Heodo
2022-01-11412885329128355279.xlsxls b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15Virustotal results 13.33%Heodo
2022-01-1152915495116584.xlsxls d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2n/aSilentBuilder
2022-01-1116295495D.xlsxls 426fda840765e44250686f1102e902242babe0cea36a756beac6c0757a73c28an/a SilentBuilder
2022-01-11458241939567977956.xlsxls a43e422bf49682cd2dd5c53f5e3c8b8712c76cd9f082309e92decc55f0f8f92en/aHeodo
2022-01-1157542317901915985559H.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292eVirustotal results 20.69%SilentBuilder
2022-01-116909406I.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-112184804918715L.xlsxls 5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13dVirustotal results 18.33%SilentBuilder
2022-01-11W8932842300359085764T.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-11O6543254931P.xlsxls 38b51ee1239079bda9d7d55d94ad241f9595a1bad8a9538a140cd3504ce559c0n/aSilentBuilder
2022-01-112275500410P.xlsxls e99c27037595f4931d753f7e372cbad60953e56c327d9ea2a2c3042db0f5f4e4Virustotal results 18.64%SilentBuilder
2022-01-11G224479756320479253H.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9n/aHeodo
2022-01-1112788447713708305831W.xlsxls b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931cn/a SilentBuilder
2022-01-1157703721866491059208.xlsxls a6854cf37029a39a9a86de7f468e16d520cc046bef6fcd50290cd7c19843cd74n/aHeodo
2022-01-1108071392988T.xlsxls 2f80ecbe8f3eb45c354fb36640dc4be6b13064be8550f2d49e41090e5c113b72n/aHeodo
2022-01-11X029677658567712.xlsxls dda6bd51ff45aa0e3b4e72d47460f7a78c5bb0bc0f1c43d09a20c88b01b6f851Virustotal results 16.67%SilentBuilder
2022-01-117223312753.xlsxls bdb3e9a556bc850867023c8e1c5ea1e20cda48c72bd0396ef667d3352b14d65fn/aSilentBuilder
2022-01-11J94766733854891030158.xlsxls 3dbfb9a583de71af6ce19cbfb294476ab7d6fcfd2fe42c9bf38886ace35c58fbn/aSilentBuilder
2022-01-11L2142484655997606.xlsxls 9272f102aa79bc52b9a154a55c4252c52e1136a9ec4fdcb5356be76ba17236a2Virustotal results 15.00%SilentBuilder
2022-01-11F71731914397336815924.xlsxls b5772788406d55232df72c3ea2ae90ecda40f165c5246b1328bc173905630adan/a SilentBuilder
2022-01-11Q9907668.xlsxls 56aa7905b1536290b2b7369e456e757c0245678ba3834bed356d8ff776b9d015n/a Heodo
2022-01-11M623197016898571Z.xlsxls cafded5c0d6a87f484352676ed465476295fa9da9c91f228acd6962182d3350bn/a SilentBuilder