URLhaus Database

You are currently viewing the URLhaus database entry for http://buymoviejackets.sogoflowers.com/cgi-bin/MsWE4NLR/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967323
URL: http://buymoviejackets.sogoflowers.com/cgi-bin/MsWE4NLR/?i=1
URL Status:Offline
Host: buymoviejackets.sogoflowers.com
Date added:2022-01-11 13:47:06 UTC
Last online:2022-01-21 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2022-01-11 13:48:10 UTC to abuse{at}corespace[dot]com)
Takedown time:10 days, 0 hours, 40 minutes Bad (down since 2022-01-21 14:28:59 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12C-1544071.xlsmxls d3d61558116adba228714e7e660ef421ae85b439fd2224a440e617fdeae70987Virustotal results 27.12%SilentBuilder
2022-01-1260617277_911796.xlsmxls e74813a3530752434c9dae40f5f1cbd367cc16a541547e3a2d5b35295539390dn/aHeodo
2022-01-121583867125.xlsmxls d70eea3a457a572c1ee00b87e0c62ad39c9a8307340a7bff3bae0a08ade7c556n/aSilentBuilder
2022-01-12gotrcqf170.xlsmxls ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68Virustotal results 28.33%SilentBuilder
2022-01-12JrB977308.xlsmxls ee39e88c3c79292adf03f167d3b538ed98543b64a867264a09a9d19b0ac28645n/a Heodo
2022-01-12p022056760.xlsmxls a196a7f762ccc713b4c96a96ad4d8d50c3a27964758730b87741f65f609c91abn/a SilentBuilder
2022-01-121014_075404.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-1126OPJY-3332631.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-1111872-64565224.xlsmxls 44c675302c6fd62e15e5c9ae9bb98325870093ceed92a30601a13ad1dc2bd4f2Virustotal results 16.67% SilentBuilder
2022-01-1129-9568006.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-119436_7386.xlsmxls 9b3fb2f88edc75661d9aba9ccac4bd15607dbf2fa7542c47be3d533c0db5cbe5n/aSilentBuilder
2022-01-11B-47.xlsmxls 4732ca576ac4a1b57726b01684356326dabe72f56f1f90308801953e421ce1dfVirustotal results 18.64% Heodo
2022-01-1181335846O.xlsxls 446d074d88398efd9a59c8bdabf3f4909ae1bc5c12c418b98c3f185459844fafn/a SilentBuilder
2022-01-11754763775920.xlsxls a88137e6086255207269b721d3cdb9d6a67cbb8861ba98d4681f83945fa29299Virustotal results 16.67% SilentBuilder
2022-01-1169013860980361.xlsxls 8ea7ac4cc4dd1576b45451813ade47420f9196a212e173e174aada937cb8f4a7n/a SilentBuilder
2022-01-11V09787842V.xlsxls 1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866bVirustotal results 21.67% Heodo
2022-01-1136001359100L.xlsxls 416e811b6839dbe39092f82dbb62064350da5400ce2e1fd94870f305f5b2b77dVirustotal results 16.95%SilentBuilder
2022-01-11L615237536148817332I.xlsxls d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2Virustotal results 23.73%SilentBuilder
2022-01-1142366520.xlsxls 426fda840765e44250686f1102e902242babe0cea36a756beac6c0757a73c28an/a SilentBuilder
2022-01-1192544311638377.xlsxls a43e422bf49682cd2dd5c53f5e3c8b8712c76cd9f082309e92decc55f0f8f92en/aHeodo
2022-01-11122714986688761062916.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292eVirustotal results 20.69%SilentBuilder
2022-01-1161382720241344458.xlsxls 18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51n/aSilentBuilder
2022-01-11499143045U.xlsxls a5a1c304ab3b2351a82da736cf9c022ea2ad1cbff6321b64b0a741b575c8a6c4n/a SilentBuilder
2022-01-1181236596119.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-1132486313397002144574.xlsxls 38b51ee1239079bda9d7d55d94ad241f9595a1bad8a9538a140cd3504ce559c0n/aSilentBuilder
2022-01-11O94593296746817.xlsxls 0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6n/a SilentBuilder
2022-01-116521454220D.xlsxls 659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76Virustotal results 18.18%SilentBuilder
2022-01-1130606876768011K.xlsxls 1cdf6133fd1d4138849b8f2b29f199d90ccce54c369b74a88a14e8329e1051c3n/aHeodo
2022-01-11N45282836290715433U.xlsxls 9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36n/a SilentBuilder
2022-01-1188812595457.xlsxls 071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604bn/aHeodo
2022-01-11597798089S.xlsxls 2b6937e90b3f57eb3f26b8a3f50b86def03b2d4b3bc30d93e1af1c96656bb4dan/aHeodo
2022-01-11908097564292133391303M.xlsxls 17832170dc965d40f1a4b7b5abf6dd5f8d131468c82c281388bf6f6967b77490n/aSilentBuilder
2022-01-11P833965983331972X.xlsxls b53a3f09073ba4c63f1634b32bc6328f22d9965ebc1384797a886d07959313fan/aSilentBuilder
2022-01-110743271063180316Y.xlsxls 89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9n/aSilentBuilder
2022-01-11P88221013.xlsxls 645258c3eec8a24b056403664b65d66c43f78566a0f33270723a6edc4d0c7ed8n/a SilentBuilder
2022-01-114289736U.xlsxls 85b88ed279f103f41ae22a4adc9e432be6770a9d241fa124e7a62bf857995c8bVirustotal results 16.67%SilentBuilder
2022-01-1154714264449588757932M.xlsxls 7550a2a99fe2768446351c653515cda693fc4978cdb437177efcc2133117efbcVirustotal results 16.67%SilentBuilder