URLhaus Database

You are currently viewing the URLhaus database entry for http://behaviouralworkshop.com/msuvpkl/829TZopiHU/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967325
URL: http://behaviouralworkshop.com/msuvpkl/829TZopiHU/?i=1
URL Status:Offline
Host: behaviouralworkshop.com
Date added:2022-01-11 13:47:07 UTC
Last online:2022-01-20 04:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter:Anonymous
Abuse complaint sent (?): Yes (2022-01-11 13:48:12 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:8 days, 15 hours, 8 minutes Bad (down since 2022-01-20 04:56:21 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-1683542199053.xlsmdoc 2716f9020aa78a6e1aacbff93050366bd8138ada0afece8e82e470b983d96712n/a Heodo
2022-01-1283542199053.xlsmxls 29bd3f3218b35ec402cc8c174823b00c2f26b30556c45f2158d175895f9d40c0Virustotal results 26.67%Heodo
2022-01-12UX_620491.xlsmxls 813438ff7ef652ea23e922f8a5e61c7f14ec49b270546d3ce47f66161707cc03n/a SilentBuilder
2022-01-12ej_6.xlsmxls ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68Virustotal results 28.33%SilentBuilder
2022-01-12252076KDYIB_575875.xlsmxls 894ae1ab382fe85d09096d1997f468b8e5f327326c39e15bd1ba47f4c4d2f14fn/a Heodo
2022-01-12GP_4126530.xlsmxls fb59d08c1c00da6e08768d759d984922ef2726cade6ed27fe5713a79e7b7022eVirustotal results 23.33%SilentBuilder
2022-01-12Z_0739.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-110011340739.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-11G-6370770.xlsmxls bfe1c65501eb9a22ea914fe380d24127cdf99ce17fc20683f99a7b1e0ccc06f8Virustotal results 18.33%SilentBuilder
2022-01-11xppi-0548.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-11TVPG5.xlsmxls 9b3fb2f88edc75661d9aba9ccac4bd15607dbf2fa7542c47be3d533c0db5cbe5n/aSilentBuilder
2022-01-11ofiijl_7609.xlsmxls 4732ca576ac4a1b57726b01684356326dabe72f56f1f90308801953e421ce1dfVirustotal results 18.33% Heodo
2022-01-1172955942A.xlsxls 446d074d88398efd9a59c8bdabf3f4909ae1bc5c12c418b98c3f185459844fafn/a SilentBuilder
2022-01-11271466915076025534.xlsxls dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259Virustotal results 16.67%SilentBuilder
2022-01-11502770887346231426776.xlsxls 1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866bVirustotal results 21.67% Heodo
2022-01-11466293806378415115.xlsxls b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15Virustotal results 13.33%Heodo
2022-01-111008491505714826.xlsxls d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2Virustotal results 23.73%SilentBuilder
2022-01-110715552G.xlsxls 426fda840765e44250686f1102e902242babe0cea36a756beac6c0757a73c28an/a SilentBuilder
2022-01-111646730329851.xlsxls c415f6432a14864da8d7cd66dab9263599364b3b1d8b3fd13e4c725d1a0c4562n/aSilentBuilder
2022-01-11F890022874406418629.xlsxls 7b273da870150fa002d6651be951c45565ecfb209c9516b78a60d5e6274d4f9cn/a SilentBuilder
2022-01-11J795432585T.xlsxls fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7n/aSilentBuilder
2022-01-114723016.xlsxls 5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13dVirustotal results 18.64%SilentBuilder
2022-01-11K33502024.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-1170645620758781.xlsxls 1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1n/aSilentBuilder
2022-01-11H497952800423868B.xlsxls 14e585c42b502e7e5ba9cd07618751748e748fd0a938c114c51a379de2d1082bn/aSilentBuilder
2022-01-11O0552890.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9n/aHeodo
2022-01-11M5099012307T.xlsxls b326b87763654f966a5ebf61052d38487bb8b36b173e3db613ffe8329256a044n/a SilentBuilder
2022-01-11P02063461.xlsxls 7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116cn/aSilentBuilder
2022-01-11I59305011.xlsxls 2f80ecbe8f3eb45c354fb36640dc4be6b13064be8550f2d49e41090e5c113b72n/aHeodo
2022-01-11U32506373105506412.xlsxls 445e137304a2c43b06f0c98f4655f6fc4d69db7ae73ddf9094295c48f0701047n/a SilentBuilder
2022-01-11Q202428049241454H.xlsxls 361e7457bfd87680419fd11b82e2c11ba668205e8421b38cfcb7e879e5267ddaVirustotal results 16.67%SilentBuilder
2022-01-11943993990062P.xlsxls bd70c3c5fc66e6e16f357179f6a76273bfd128d8f203716b035864ca4a4806een/a SilentBuilder
2022-01-112871395.xlsxls 474cb0554cd5fb8976244c74a115a07164b25952cbbe6e7868a99045b435f535n/a SilentBuilder
2022-01-110917227716827.xlsxls 5471bc0d0b81c3ee5e169546f5eb63613253af486bc28e14da70e43ba2acbdf7n/aSilentBuilder