URLhaus Database

You are currently viewing the URLhaus database entry for https://dubaiflowers.ru/js/YqIUdAC9WxCrXZQYr/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1967501
URL:	https://dubaiflowers.ru/js/YqIUdAC9WxCrXZQYr/?i=1
URL Status:	Offline
Host:	dubaiflowers.ru
Date added:	2022-01-11 15:05:05 UTC
Last online:	2022-01-12 06:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-11 15:06:09 UTC to abuse{at}hetzner[dot]com)
Takedown time:	15 hours, 46 minutes (down since 2022-01-12 06:52:55 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	ukbwfcm112.xlsm	xls	aa65a34067b0c50e89c1078d0c7ff08de43e5036241404574f846265de6ff6bd	28.33%	Heodo
2022-01-12	BASd_2969.xlsm	xls	ab506a8e25b64558a0069af7f78035c4ae3848d8873a5ddd3542d01d2e195565	29.31%	Heodo
2022-01-12	65054_82091.xlsm	xls	d57efe94adedaeac797cbb79d71e10325536f42c27c9cf5154fddaeb7bc797be	n/a	Heodo
2022-01-12	APX_00682.xlsm	xls	fea0e3dc5015a4f0d14555e51520aed1594e9b0a3310bac2598db38f11e311c7	30.51%	SilentBuilder
2022-01-12	393481-61.xlsm	xls	aaa15e90e9bb12fae4b2e72b32897244c2ef286adc0e58d7570de362b8c342b1	30.51%	SilentBuilder
2022-01-12	lLC_477.xlsm	xls	5c2972a5491e6d8209aa42964c99ad4f8621686005fbc5e1836b4b18d165a888	n/a	SilentBuilder
2022-01-12	aqlnb_06750.xlsm	xls	e74813a3530752434c9dae40f5f1cbd367cc16a541547e3a2d5b35295539390d	30.00%	Heodo
2022-01-12	CG_937883936.xlsm	xls	ca65e9146957f09c7cdbb479666279a91d9065b309e29fea80fc5e3b7bd49393	n/a	SilentBuilder
2022-01-12	2756STAKJ623246427.xlsm	xls	ecaa8fa10f2e5726552f68f4c691133bb782d791b23c96e2c26b5c4838a00e68	n/a	SilentBuilder
2022-01-12	L_04705.xlsm	xls	894ae1ab382fe85d09096d1997f468b8e5f327326c39e15bd1ba47f4c4d2f14f	n/a	Heodo
2022-01-12	VSS_132.xlsm	xls	fb59d08c1c00da6e08768d759d984922ef2726cade6ed27fe5713a79e7b7022e	23.33%	SilentBuilder
2022-01-12	7663_963.xlsm	xls	05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268b	n/a	SilentBuilder
2022-01-11	ZSE_2100651.xlsm	xls	66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6	n/a	SilentBuilder
2022-01-11	vz5778010.xlsm	xls	44c675302c6fd62e15e5c9ae9bb98325870093ceed92a30601a13ad1dc2bd4f2	n/a	SilentBuilder
2022-01-11	55163866_601363.xlsm	xls	a7fe36211a0be63df4c3929830b8fc4e21fc0548b5446377ce9c83b3d1fd9339	n/a	SilentBuilder
2022-01-11	3628_4898.xlsm	xls	9b3fb2f88edc75661d9aba9ccac4bd15607dbf2fa7542c47be3d533c0db5cbe5	n/a	SilentBuilder
2022-01-11	b-288567924.xlsm	xls	15808d5cf09ee4a60ed9e18d0b403cd762cbf7613246e2cdfa6fba88eb654dd8	16.67%	SilentBuilder
2022-01-11	G7341309115252780E.xls	xls	244f3b421f675868b3b87f562c2b307e3f4c3b914d67008406a8f9ed0594b4c1	n/a	SilentBuilder
2022-01-11	Y9893644782.xls	xls	dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259	16.67%	SilentBuilder
2022-01-11	X0228346400447352O.xls	xls	c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7	n/a	Heodo
2022-01-11	921189927076780.xls	xls	1224a3bcb32b16ac401374219c7e304bcfd5eba23875426fdbb6bd06345e9e9d	n/a	SilentBuilder
2022-01-11	U617144476F.xls	xls	fd3087fa953ec989caff35845ec2bc3cc41303ac26e0f0d0b8e25a325fee3a29	n/a	SilentBuilder
2022-01-11	60655032397151A.xls	xls	e8b123fd61bfeabe7b45797f6cceaef77207d8d93d2a2b38065976603120c558	20.00%	SilentBuilder
2022-01-11	O3973679022923.xls	xls	fa034a838fb84b119629b49d3a9fc672aea0004d361e94548bdfc5153f761c50	n/a	Heodo
2022-01-11	P51368596687.xls	xls	e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1b	n/a	SilentBuilder
2022-01-11	010616463831207668867.xls	xls	afe04f54612c86612a56bf8a3a228a2aeae275f4730552228f8a4bb6f71c292e	n/a	SilentBuilder
2022-01-11	3752966531.xls	xls	18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51	n/a	SilentBuilder
2022-01-11	V444546028F.xls	xls	5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13d	18.64%	SilentBuilder
2022-01-11	1125954325786617528R.xls	xls	e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75	n/a	SilentBuilder
2022-01-11	X116336180428U.xls	xls	1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1	n/a	SilentBuilder
2022-01-11	77710297948.xls	xls	0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6	16.67%	SilentBuilder
2022-01-11	D605822972789049120489.xls	xls	659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76	n/a	SilentBuilder
2022-01-11	7450490X.xls	xls	2709ea59d34478c496b08e82eb77182fba9c9af001b75cfab5aaa44621d359bd	n/a	Heodo
2022-01-11	U81091831964011X.xls	xls	9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36	17.24%	SilentBuilder
2022-01-11	4058320.xls	xls	071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604b	n/a	Heodo
2022-01-11	647608860722.xls	xls	2b6937e90b3f57eb3f26b8a3f50b86def03b2d4b3bc30d93e1af1c96656bb4da	n/a	Heodo
2022-01-11	W2638994160640138X.xls	xls	3a3a5f5444557caa3c86b58560956c0a0452818a2349ef7328bb8c948e36d465	n/a	Heodo
2022-01-11	857715079336080.xls	xls	b53a3f09073ba4c63f1634b32bc6328f22d9965ebc1384797a886d07959313fa	n/a	SilentBuilder