URLhaus Database

You are currently viewing the URLhaus database entry for http://blowerindian.com/-/a1JLHwkP/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967360
URL: http://blowerindian.com/-/a1JLHwkP/?i=1
URL Status:Offline
Host: blowerindian.com
Date added:2022-01-11 13:58:04 UTC
Last online:2022-01-21 06:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 13:59:10 UTC to abuse{at}contabo[dot]de)
Takedown time:9 days, 16 hours, 10 minutes Bad (down since 2022-01-21 06:09:53 UTC)
Tags:emotet link epoch4 heodo link SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-117807036_1304.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdan/aHeodo
2022-01-110433YKSEWYJYP_78008106.xlsmxls b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548fn/aSilentBuilder
2022-01-11uhxnyma_4.xlsmxls 207177c3c5eb0fe56e8614f9107063106f39167ae239ada435312ba0455fe349n/aSilentBuilder
2022-01-11837-48714.xlsmxls 71520c6b61c641945ab1d47dd755be9ecb8dfd171fa5daf9773a99459cb45efbn/aSilentBuilder
2022-01-11JdoWT1733707.xlsmxls 4732ca576ac4a1b57726b01684356326dabe72f56f1f90308801953e421ce1dfVirustotal results 18.33% Heodo
2022-01-11U6210281962018556.xlsxls 244f3b421f675868b3b87f562c2b307e3f4c3b914d67008406a8f9ed0594b4c1n/aSilentBuilder
2022-01-11O613091526294115462926Q.xlsxls 9ade9daf48cb63c929cd8e7ec03ac77ed41d362efaa79453d0eda4553747c404Virustotal results 18.33%SilentBuilder
2022-01-111230299083223369U.xlsxls c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7Virustotal results 16.95% Heodo
2022-01-1100815310.xlsxls 315dd45566ca97fd4266848666711fa05631dc30b00721506b62bf5dfd247dc6Virustotal results 10.34% Heodo
2022-01-11994154513053C.xlsxls b3a64afe3a1360279c7354909eb0733a15870549ca068a851cb8dc7b672ee168Virustotal results 23.33% SilentBuilder
2022-01-11I90897529.xlsxls 1ee39644692931c717336eb3e00db7e82c9a27e987a8931e45d3eca7abd009c1n/a Heodo
2022-01-11136093770932988L.xlsxls e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1bn/a SilentBuilder
2022-01-11T83746408.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292eVirustotal results 20.69%SilentBuilder
2022-01-11900439644625667.xlsxls 18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51n/aSilentBuilder
2022-01-11F842593628590909.xlsxls 60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440an/a SilentBuilder
2022-01-1125828652922.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-11Z440729089936610267016P.xlsxls 1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1n/aSilentBuilder
2022-01-11M6372595.xlsxls 0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6Virustotal results 16.67% SilentBuilder
2022-01-1123229470.xlsxls 0237b96acc934eba1b920d0b6fa654c22128101417298a9f940ca2e53c85dab9n/aHeodo
2022-01-11237363308847048514X.xlsxls b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931cn/a SilentBuilder
2022-01-11R786617811P.xlsxls 7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116cn/aSilentBuilder
2022-01-11F170275954G.xlsxls 2f80ecbe8f3eb45c354fb36640dc4be6b13064be8550f2d49e41090e5c113b72n/aHeodo
2022-01-11F38073004232134K.xlsxls dda6bd51ff45aa0e3b4e72d47460f7a78c5bb0bc0f1c43d09a20c88b01b6f851Virustotal results 16.67%SilentBuilder
2022-01-11E345299645142608627311V.xlsxls bdb3e9a556bc850867023c8e1c5ea1e20cda48c72bd0396ef667d3352b14d65fn/aSilentBuilder
2022-01-110848214030166898113V.xlsxls 125d84a3e35c42f4464704bc17b835fd488c8116476a7c61d170e47def200dd6Virustotal results 15.25% Heodo
2022-01-11Y085125376076.xlsxls 12db004e136ba9f8fd95d9d6e3a08d5b3cfde159c0ca3f99a75df8922fbdcd85n/a SilentBuilder
2022-01-1187033378922.xlsxls bd70c3c5fc66e6e16f357179f6a76273bfd128d8f203716b035864ca4a4806een/a SilentBuilder
2022-01-11729647200491227.xlsxls cab722a553d0e662a2c4e18e2300d30338fa957f7b0ade2c8f4450bd375bb8f9Virustotal results 16.67%SilentBuilder