URLhaus Database

You are currently viewing the URLhaus database entry for https://baliflowers.ru/wp-includes/hj/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1967599
URL:	https://baliflowers.ru/wp-includes/hj/?i=1
URL Status:	Offline
Host:	baliflowers.ru
Date added:	2022-01-11 15:45:04 UTC
Last online:	2022-01-12 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Not blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-11 15:46:07 UTC to abuse{at}hetzner[dot]com)
Takedown time:	12 hours, 21 minutes (down since 2022-01-12 04:07:49 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	D078326.xlsm	xls	6dc848517d7b84bf3ddedef42381a124b7b6106f45bad33ebf90e789bbef103e	n/a	SilentBuilder
2022-01-12	OPM-82.xlsm	xls	e74813a3530752434c9dae40f5f1cbd367cc16a541547e3a2d5b35295539390d	n/a	Heodo
2022-01-12	521828-724.xlsm	xls	ca65e9146957f09c7cdbb479666279a91d9065b309e29fea80fc5e3b7bd49393	28.33%	SilentBuilder
2022-01-12	905342197_1269539.xlsm	xls	b4e5abec6cda8d6601e77495e9eaf91756cfc834e816faa0fd327029da72d881	n/a	SilentBuilder
2022-01-12	tohxl_80.xlsm	xls	c51d8cb997287ed9a94d3d5dfd322c073e1eeea0634bfe18f7d92a3d7fd85543	n/a	Heodo
2022-01-12	y-516318.xlsm	xls	a196a7f762ccc713b4c96a96ad4d8d50c3a27964758730b87741f65f609c91ab	n/a	SilentBuilder
2022-01-12	514_160.xlsm	xls	05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268b	n/a	SilentBuilder
2022-01-11	44871881_0.xlsm	xls	66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6	18.33%	SilentBuilder
2022-01-11	BRbECB_7234.xlsm	xls	b5207887a27a42330a6b8e863e0550008a6375de1f4c9c6c0edcc7a9bb6d548f	16.67%	SilentBuilder
2022-01-11	XLPNK63435403.xlsm	xls	207177c3c5eb0fe56e8614f9107063106f39167ae239ada435312ba0455fe349	n/a	SilentBuilder
2022-01-11	nXUHrL_18874.xlsm	xls	9b3fb2f88edc75661d9aba9ccac4bd15607dbf2fa7542c47be3d533c0db5cbe5	n/a	SilentBuilder
2022-01-11	AQMJ2139.xlsm	xls	14222deeec10d32091a2947e045833bd25c041a662f4090df26e50381cf922c6	n/a	Heodo
2022-01-11	F542814377149941968.xls	xls	446d074d88398efd9a59c8bdabf3f4909ae1bc5c12c418b98c3f185459844faf	n/a	SilentBuilder
2022-01-11	K0422225.xls	xls	dc1a568534305e8dd82443bd62f3fefe364de2073558c8237bbe099593714259	16.67%	SilentBuilder
2022-01-11	726264427892035443694.xls	xls	c7cc8c98988b0b5cdbd103db7c61f01a6e92f96f525c36f15bfaae039bb46cd7	n/a	Heodo
2022-01-11	2881049218538269640.xls	xls	fd3087fa953ec989caff35845ec2bc3cc41303ac26e0f0d0b8e25a325fee3a29	22.03%	SilentBuilder
2022-01-11	3439565229800283.xls	xls	e8b123fd61bfeabe7b45797f6cceaef77207d8d93d2a2b38065976603120c558	20.00%	SilentBuilder
2022-01-11	S6735683063956838017.xls	xls	03319a0f6c37911983650f91c2a01b29eac84b17bd99133626d11d08952ad9d4	20.69%	SilentBuilder
2022-01-11	Q260720641602860T.xls	xls	a0a6e55d2714273e7c3866776a187cc320e9bfa5086632fc12ed94db2efbfc3d	18.33%	SilentBuilder
2022-01-11	B877333864152852.xls	xls	7b273da870150fa002d6651be951c45565ecfb209c9516b78a60d5e6274d4f9c	n/a	SilentBuilder
2022-01-11	L349258670483720914.xls	xls	fbc4a5db3ab48741c10a226dae4e2b64d924110962224bef57910478251cf3c7	n/a	SilentBuilder
2022-01-11	0083150685678949695.xls	xls	60fdf680c8e0272784588bf87ead2814df683a2fcb697522ddd4ef323166440a	n/a	SilentBuilder
2022-01-11	A0542629265H.xls	xls	e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75	n/a	SilentBuilder
2022-01-11	C692212838347L.xls	xls	1e4e0feb94cf74d61c7557fd8b7883f71b80547083bc339bc808b9703d4c03c1	n/a	SilentBuilder
2022-01-11	861565605156091.xls	xls	14e585c42b502e7e5ba9cd07618751748e748fd0a938c114c51a379de2d1082b	18.64%	SilentBuilder
2022-01-11	614946660788378806F.xls	xls	659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76	n/a	SilentBuilder
2022-01-11	G7130825X.xls	xls	1cdf6133fd1d4138849b8f2b29f199d90ccce54c369b74a88a14e8329e1051c3	n/a	Heodo
2022-01-11	R995887285398398K.xls	xls	9e3e47f20134301b475d2d5477000f2ff061b7e2ccf7c02aa892d300c3da3b36	17.24%	SilentBuilder
2022-01-11	T046441816545611.xls	xls	071d6c9a40d6721f41c7064edb52f46d766703ea2e9bbe033939b6d60f24604b	16.67%	Heodo
2022-01-11	8753549031.xls	xls	5b8d0b12d4a393432ef70e1832915b20c0a39b948c524ac301e3ae5f9794b84d	13.33%	SilentBuilder