URLhaus Database

You are currently viewing the URLhaus database entry for http://metrodreamslifestyle.com/wp-includes/SjCf9f/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1967490
URL:	http://metrodreamslifestyle.com/wp-includes/SjCf9f/?i=1
URL Status:	Offline
Host:	metrodreamslifestyle.com
Date added:	2022-01-11 14:56:08 UTC
Last online:	2022-01-13 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-11 14:57:12 UTC to abuse{at}contabo[dot]de)
Takedown time:	1 day, 20 hours, 50 minutes (down since 2022-01-13 11:47:27 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	64164ZRLRJ-25.xlsm	xls	5c2972a5491e6d8209aa42964c99ad4f8621686005fbc5e1836b4b18d165a888	26.67%	SilentBuilder
2022-01-12	vWrs4208170.xlsm	xls	bfef414d160297040d78c63e659994d668374244c68cdf1ff2220420460fc9e2	n/a	SilentBuilder
2022-01-12	300FHSTSH96.xlsm	xls	e74813a3530752434c9dae40f5f1cbd367cc16a541547e3a2d5b35295539390d	30.00%	Heodo
2022-01-12	88252910.xlsm	xls	d70eea3a457a572c1ee00b87e0c62ad39c9a8307340a7bff3bae0a08ade7c556	n/a	SilentBuilder
2022-01-12	395781.xlsm	xls	ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68	28.33%	SilentBuilder
2022-01-12	yD9269.xlsm	xls	894ae1ab382fe85d09096d1997f468b8e5f327326c39e15bd1ba47f4c4d2f14f	n/a	Heodo
2022-01-12	4891-3.xlsm	xls	fb59d08c1c00da6e08768d759d984922ef2726cade6ed27fe5713a79e7b7022e	23.33%	SilentBuilder
2022-01-12	t_3496854.xlsm	xls	1c5ad6e4718ec14f2180c8f047a7867ba5ce9f4498024dd2a4f66974ca1cdfce	n/a	SilentBuilder
2022-01-11	vPoauU-84.xlsm	xls	66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6	22.03%	SilentBuilder
2022-01-11	3481868015826.xlsm	xls	b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548f	n/a	SilentBuilder
2022-01-11	45164062RBEECZVG_809306843.xlsm	xls	a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339	n/a	SilentBuilder
2022-01-11	WW_3086363.xlsm	xls	1dd1ac79293bf11e4adbb3cce1c9760b154fa558bceb95a5a85d73e753c3c603	n/a	SilentBuilder
2022-01-11	26527_87377.xlsm	xls	f062c2a1622bb6bbddf6250cae210e3c341320104c09b649e9748bb7ad87c232	18.33%	SilentBuilder
2022-01-11	C6310036391320.xls	xls	e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bf	18.33%	SilentBuilder
2022-01-11	73570653181374288715R.xls	xls	9ade9daf48cb63c929cd8e7ec03ac77ed41d362efaa79453d0eda4553747c404	18.33%	SilentBuilder
2022-01-11	H183888950500649568737.xls	xls	c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7	n/a	Heodo
2022-01-11	048568239505396855968C.xls	xls	fd3087fa953ec989caff35845ec2bc3cc41303ac26e0f0d0b8e25a325fee3a29	22.03%	SilentBuilder
2022-01-11	S22505836193774106.xls	xls	0dec37edf7d179a139b89569d030dc83a715e5d9a945d9dedc410c3fcdd09125	23.33%	SilentBuilder
2022-01-11	V0029513880.xls	xls	03319a0f6c37911983650f91c2a01b29eac84b17bd99133626d11d08952ad9d4	n/a	SilentBuilder
2022-01-11	7830474166096.xls	xls	e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1b	n/a	SilentBuilder
2022-01-11	K412727618907825576068.xls	xls	a0a6e55d2714273e7c3866776a187cc320e9bfa5086632fc12ed94db2efbfc3d	n/a	SilentBuilder
2022-01-11	0934783076199476469.xls	xls	18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51	n/a	SilentBuilder
2022-01-11	37465217689810692.xls	xls	5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13d	18.33%	SilentBuilder
2022-01-11	7943639239771817551.xls	xls	e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75	n/a	SilentBuilder
2022-01-11	2744524.xls	xls	1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1	n/a	SilentBuilder
2022-01-11	O2803924193995.xls	xls	14e585c42b502e7e5ba9cd07618751748e748fd0a938c114c51a379de2d1082b	n/a	SilentBuilder
2022-01-11	M8492034335J.xls	xls	659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76	n/a	SilentBuilder
2022-01-11	E492194887647H.xls	xls	2709ea59d34478c496b08e82eb77182fba9c9af001b75cfab5aaa44621d359bd	n/a	Heodo
2022-01-11	D03438714.xls	xls	9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36	n/a	SilentBuilder
2022-01-11	7359455628281750.xls	xls	071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604b	n/a	Heodo
2022-01-11	X19815571480.xls	xls	2b6937e90b3f57eb3f26b8a3f50b86def03b2d4b3bc30d93e1af1c96656bb4da	n/a	Heodo
2022-01-11	D9259944F.xls	xls	3a3a5f5444557caa3c86b58560956c0a0452818a2349ef7328bb8c948e36d465	n/a	Heodo
2022-01-11	7783806667.xls	xls	bfc76e9c14731133060c6c54109692d36bccdf23cfbb78a87ab709bc48445714	n/a	Heodo