URLhaus Database

You are currently viewing the URLhaus database entry for http://salwa-khit.webmyidea.com/assets/rJZuJkVisJhJ/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967485
URL: http://salwa-khit.webmyidea.com/assets/rJZuJkVisJhJ/?i=1
URL Status:Offline
Host: salwa-khit.webmyidea.com
Date added:2022-01-11 14:53:04 UTC
Last online:2022-01-11 23:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-11 14:54:07 UTC to abuse{at}contabo[dot]de)
Takedown time:8 hours, 32 minutes Good (down since 2022-01-11 23:26:56 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-11R_6758648.xlsmxls 429e0de91bc404f5fc886f0618177f5bc49fe0da3940e98426c5d5cd8aed57cfn/aHeodo
2022-01-11ZFG1.xlsmxls f326b9b9af87bd43878455ac75b4e61fadd71bdfcebf5b4508525cbbb4e8038bVirustotal results 16.95% Heodo
2022-01-11ngReA_16344.xlsmxls a3977aa3c358df0d9777be64e5c10b4a874fd0eac63183e92837d58038e5c4c1n/a Heodo
2022-01-117958799615386L.xlsxls e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bfVirustotal results 18.64%SilentBuilder
2022-01-11C1349615703695Z.xlsxls dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259Virustotal results 16.67%SilentBuilder
2022-01-11306475425507794174962.xlsxls 1db259b0063d26f9af684e7246d336250e289514a4e900eab1337ee9981a866bn/a Heodo
2022-01-11D9720200123H.xlsxls b5d8116e0b4f01eb2affa09d857d1be4df2e18dd793e4ab0b6ad28e0d5eadc15Virustotal results 13.33%Heodo
2022-01-11L5723420922269644876.xlsxls d92b0ebb1f64086c8c4d5b238f3683a3319bcf041cdfc9e6736f742a260a5ce2n/aSilentBuilder
2022-01-11S650661736783073849361.xlsxls 426fda840765e44250686f1102e902242babe0cea36a756beac6c0757a73c28an/a SilentBuilder
2022-01-11M62731683921211.xlsxls e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1bn/a SilentBuilder
2022-01-11L48354474J.xlsxls afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292en/aSilentBuilder
2022-01-11842975666847532O.xlsxls 18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51n/aSilentBuilder
2022-01-1108127115822R.xlsxls 60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440an/a SilentBuilder
2022-01-113593986753178.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-11P69394844323596.xlsxls b1facac75e8c07b20f413b7083f889cd502c32847a97c5cbed0d3e4051f9a139n/aSilentBuilder
2022-01-11868958126642631322.xlsxls 54e67293d34aa1794e6227fa0641f88d5206b073319b30e5e68e238f8b698b98n/a SilentBuilder
2022-01-11655193297760T.xlsxls 13a116b4d63f461fc1ef2413ad32b486cefd432df4324dd3f9fa6ca9697a65d3n/a Heodo
2022-01-113475931854.xlsxls b68760371e947df68d4f69a1f9b43a56de082932df771b0ef088adaae130931cn/a SilentBuilder
2022-01-11O5868345R.xlsxls 7955874a069fbde3eb5144ea8420f8b9e80d0c8ccd822c21b54150e53608116cn/aSilentBuilder
2022-01-11449224816931.xlsxls 2f80ecbe8f3eb45c354fb36640dc4be6b13064be8550f2d49e41090e5c113b72n/aHeodo
2022-01-11Z128529709437453669764D.xlsxls 0b52372793be51e4313df2cb64a2b43650e47eb55920506fa6ac3f0726da0a89Virustotal results 12.07%SilentBuilder
2022-01-11V181171846707741599.xlsxls bdb3e9a556bc850867023c8e1c5ea1e20cda48c72bd0396ef667d3352b14d65fVirustotal results 14.04%SilentBuilder
2022-01-11048676883Y.xlsxls 3dbfb9a583de71af6ce19cbfb294476ab7d6fcfd2fe42c9bf38886ace35c58fbn/aSilentBuilder
2022-01-1118474343.xlsxls 125d84a3e35c42f4464704bc17b835fd488c8116476a7c61d170e47def200dd6Virustotal results 15.25% Heodo