URLhaus Database

You are currently viewing the URLhaus database entry for http://girlfriendbackfast.com/assets/2wLh37tammIrx/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967412
URL: http://girlfriendbackfast.com/assets/2wLh37tammIrx/?i=1
URL Status:Offline
Host: girlfriendbackfast.com
Date added:2022-01-11 14:20:07 UTC
Last online:2022-01-12 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 14:21:15 UTC to abuse{at}wehostwebsites[dot]com)
Takedown time:19 hours, 8 minutes Good (down since 2022-01-12 09:29:26 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12IAO_24917630.xlsmxls 034eaef52f3dc5154e7a94121703ea759fd19784df604e48c8e73ff4fa06cfdaVirustotal results 27.27%Heodo
2022-01-117480-139.xlsmxls 66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6n/a SilentBuilder
2022-01-1101548052RJNBPXVMK_454.xlsmxls 44c675302c6fd62e15e5c9ae9bb98325870093ceed92a30601a13ad1dc2bd4f2n/a SilentBuilder
2022-01-113555798_09416.xlsmxls a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339Virustotal results 20.00%SilentBuilder
2022-01-1140081516_91204642.xlsmxls 71520c6b61c641945ab1d47dd755be9ecb8dfd171fa5daf9773a99459cb45efbn/aSilentBuilder
2022-01-1176275961_98.xlsmxls 14222deeec10d32091a2947e045833bd25c041a662f4090df26e50381cf922c6n/a Heodo
2022-01-11730908606242989Y.xlsxls 446d074d88398efd9a59c8bdabf3f4909ae1bc5c12c418b98c3f185459844fafn/a SilentBuilder
2022-01-11848757526076.xlsxls 8ea7ac4cc4dd1576b45451813ade47420f9196a212e173e174aada937cb8f4a7n/a SilentBuilder
2022-01-11V133055782753033804D.xlsxls c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7Virustotal results 16.95% Heodo
2022-01-11J9390461.xlsxls fd3087fa953ec989caff35845ec2bc3cc41303ac26e0f0d0b8e25a325fee3a29Virustotal results 22.03%SilentBuilder
2022-01-11K486836548803313664.xlsxls 0dec37edf7d179a139b89569d030dc83a715e5d9a945d9dedc410c3fcdd09125Virustotal results 23.33% SilentBuilder
2022-01-11Y43614911864799252P.xlsxls fa034a838fb84b119629b49d3a9fc672aea0004d361e94548bdfc5153f761c50n/a Heodo
2022-01-11794735588356V.xlsxls e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1bn/a SilentBuilder
2022-01-11D21103798842.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292en/aSilentBuilder
2022-01-11F5253618298856045.xlsxls 18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51n/aSilentBuilder
2022-01-11U906952346377.xlsxls 60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440an/a SilentBuilder
2022-01-1118208349407A.xlsxls b8600d1365521e1a2f83ae356900d38cf8c44b60594bbe30df2ac04418cd823en/aSilentBuilder
2022-01-112276227042048.xlsxls 38b51ee1239079bda9d7d55d94ad241f9595a1bad8a9538a140cd3504ce559c0n/aSilentBuilder
2022-01-1166905627772M.xlsxls 0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6n/a SilentBuilder
2022-01-11807123961997.xlsxls 659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76Virustotal results 18.18%SilentBuilder
2022-01-1127887926655920490912S.xlsxls 1cdf6133fd1d4138849b8f2b29f199d90ccce54c369b74a88a14e8329e1051c3n/aHeodo
2022-01-11I7443037238709.xlsxls 9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36n/a SilentBuilder
2022-01-11I73655915J.xlsxls 071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604bVirustotal results 14.04%Heodo
2022-01-11T4664724881.xlsxls 2b6937e90b3f57eb3f26b8a3f50b86def03b2d4b3bc30d93e1af1c96656bb4dan/aHeodo
2022-01-11727368829381014032K.xlsxls 3a3a5f5444557caa3c86b58560956c0a0452818a2349ef7328bb8c948e36d465n/a Heodo
2022-01-11599099983166.xlsxls b53a3f09073ba4c63f1634b32bc6328f22d9965ebc1384797a886d07959313fan/aSilentBuilder
2022-01-11539183405O.xlsxls 89224af568d4e29e7836c2961d33045490b337a9d5d40db852137e1f2dbbfbf9n/aSilentBuilder
2022-01-1199311229319346045379P.xlsxls f5f396e71e90d6098cfb4e727f15f69161c77765936b2460da751ffca6a43955n/aSilentBuilder