URLhaus Database

You are currently viewing the URLhaus database entry for http://bem.uisi.ac.id/wp-admin/peBBabkgC/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1967406
URL:	http://bem.uisi.ac.id/wp-admin/peBBabkgC/?i=1
URL Status:	Offline
Host:	bem.uisi.ac.id
Date added:	2022-01-11 14:18:05 UTC
Last online:	2022-01-17 17:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Anonymous
Abuse complaint sent (?):	Yes (2022-01-11 14:19:08 UTC to abuse{at}digitalocean[dot]com)
Takedown time:	6 days, 3 hours, 31 minutes (down since 2022-01-17 17:50:25 UTC)
Tags:	emotet epoch4 heodo SilentBuilder xls

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	882_087.xlsm	xls	796cb1dfe07dac51d9dd955ef372b6283adbfc38e34c92ee379fff29c89bacce	27.12%	SilentBuilder
2022-01-12	107898_51.xlsm	xls	8642a84875b30eeae2bec0b16db37715f4a2ff15caf6e5185a4012107ec1e87b	n/a	SilentBuilder
2022-01-12	GR_521958.xlsm	xls	926c822e2c4d78b252f788d3fa75a77bfed1380ad50cdacf21f3efddf15b0b26	26.67%	SilentBuilder
2022-01-12	75508088-1.xlsm	xls	1b7581c8be4bf9197005067c42e581bcc1c41b10d6d9768daa8c4642f6e3ef7b	n/a	SilentBuilder
2022-01-12	YBS_7271.xlsm	xls	f7d338277f13461262faa21c960479146f4261acc6efe564964f5cd0370afd6e	n/a	SilentBuilder
2022-01-12	zpm42.xlsm	xls	59f00806db4a68a10acb6aa0f9ea1d21c2e8527ff2b82d0ab36196ba0bda9183	n/a	SilentBuilder
2022-01-11	J9.xlsm	xls	66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6	n/a	SilentBuilder
2022-01-11	XYD-62.xlsm	xls	b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548f	n/a	SilentBuilder
2022-01-11	KUFMQ_6.xlsm	xls	a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339	20.00%	SilentBuilder
2022-01-11	68-640899.xlsm	xls	cd8e0110b182d3afd4d91cc9be83efb4de17b54e76e93d861acbd9e981906fb0	18.33%	SilentBuilder
2022-01-11	Q-58.xlsm	xls	15808d5cf09ee4a60ed9e18d0b403cd762cbf7613246e2cdfa6fba88eb654dd8	16.67%	SilentBuilder
2022-01-11	X065154625Z.xls	xls	e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bf	18.33%	SilentBuilder
2022-01-11	7035210402464094.xls	xls	dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259	16.67%	SilentBuilder
2022-01-11	7408984.xls	xls	c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7	n/a	Heodo
2022-01-11	118065320Z.xls	xls	416e811b6839dbe39092f82dbb62064350da5400ce2e1fd94870f305f5b2b77d	16.95%	SilentBuilder
2022-01-11	G0375696884.xls	xls	b3a64afe3a1360279c7354909eb0733a15870549ca068a851cb8dc7b672ee168	n/a	SilentBuilder
2022-01-11	H8075073835063601B.xls	xls	1ee39644692931c717336eb3e00db7e82c9a27e987a8931e45d3eca7abd009c1	n/a	Heodo
2022-01-11	50463922214146478875L.xls	xls	e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1b	n/a	SilentBuilder
2022-01-11	B868269312986106.xls	xls	a0a6e55d2714273e7c3866776a187cc320e9bfa5086632fc12ed94db2efbfc3d	n/a	SilentBuilder
2022-01-11	T3632910329930461082N.xls	xls	fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7	n/a	SilentBuilder
2022-01-11	Z5040421.xls	xls	5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13d	18.33%	SilentBuilder
2022-01-11	D80830552.xls	xls	b8600d1365521e1a2f83ae356900d38cf8c44b60594bbe30df2ac04418cd823e	n/a	SilentBuilder
2022-01-11	0637922055339789039A.xls	xls	1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1	n/a	SilentBuilder
2022-01-11	Y4730882.xls	xls	0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6	n/a	SilentBuilder
2022-01-11	28924523924986194R.xls	xls	c5850b16a368ab7c8f2d03cebcc7dd51173a704cdd1d6c105ba43083a40b6063	n/a	SilentBuilder
2022-01-11	E495413541G.xls	xls	2709ea59d34478c496b08e82eb77182fba9c9af001b75cfab5aaa44621d359bd	n/a	Heodo
2022-01-11	G69487463721246448.xls	xls	9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36	17.24%	SilentBuilder
2022-01-11	E274955282603521422071.xls	xls	071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604b	16.67%	Heodo
2022-01-11	0445822966479829546.xls	xls	5b8d0b12d4a393432ef70e1832915b20c0a39b948c524ac301e3ae5f9794b84d	13.33%	SilentBuilder
2022-01-11	358127354101237F.xls	xls	3a3a5f5444557caa3c86b58560956c0a0452818a2349ef7328bb8c948e36d465	n/a	Heodo
2022-01-11	1448489764U.xls	xls	d2c48bc93b2b0711be6bafd81a7eeddc944514e110ef2e1014151dac42e8ab62	n/a	SilentBuilder
2022-01-11	Z189625714.xls	xls	89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9	n/a	SilentBuilder
2022-01-11	T287344114257830068L.xls	xls	2d88cf677aeabdb77c1e2b34f7bd793635d9c8254af25ad79e8fd14cb2490fcf	n/a	SilentBuilder