URLhaus Database

You are currently viewing the URLhaus database entry for http://naeem-kareem-aldeen.webmyidea.com/dmzf3/thdDfBtJigEJWB7/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1967625
URL: http://naeem-kareem-aldeen.webmyidea.com/dmzf3/thdDfBtJigEJWB7/?i=1
URL Status:Offline
Host: naeem-kareem-aldeen.webmyidea.com
Date added:2022-01-11 15:57:04 UTC
Last online:2022-01-12 21:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: sugimu_sec
Abuse complaint sent (?): Yes (2022-01-11 15:58:07 UTC to abuse{at}contabo[dot]de)
Takedown time:1 day, 5 hours, 57 minutes Poor (down since 2022-01-12 21:55:27 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-12234_46900548.xlsmxls b4e5abec6cda8d6601e77495e9eaf91756cfc834e816faa0fd327029da72d881Virustotal results 25.42% SilentBuilder
2022-01-12LM-42.xlsmxls 662f993ddf616adf7550191c5036d719e0cb02c2c5e1fb9b0e87d51598b71190Virustotal results 25.42%SilentBuilder
2022-01-12983869139_688.xlsmxls 894ae1ab382fe85d09096d1997f468b8e5f327326c39e15bd1ba47f4c4d2f14fn/a Heodo
2022-01-12334-3330.xlsmxls a196a7f762ccc713b4c96a96ad4d8d50c3a27964758730b87741f65f609c91abn/a SilentBuilder
2022-01-12W-48.xlsmxls 05dc48ca9e5d5feb04a32c1ef3a8d18453a2a679e7257ce24856895a5dea268bn/aSilentBuilder
2022-01-11353717273_804114.xlsmxls 66f5d61a2c4246c3bc39141c46e41bdc84c3f12a7db0b2ec3090eace070392d6n/a SilentBuilder
2022-01-11CUXG5.xlsmxls 429e0de91bc404f5fc886f0618177f5bc49fe0da3940e98426c5d5cd8aed57cfVirustotal results 16.67%Heodo
2022-01-11a_6038.xlsmxls 5c5fd037c414e33a6538da72a5ea4ae89c8dac15b396b6a10e8504a0b5a7ee75Virustotal results 20.34%Heodo
2022-01-11JKWKE70405016.xlsmxls e48f10cc12e08a32f523982c024f49dca076b06c6bd47b5cdf3d43aee5097091Virustotal results 16.67%Heodo
2022-01-11CZ_883.xlsmxls 1b07cb00b2a9790fd3d3dbc858112dc7308a0fa920fbc8a8ba019af5ea216752n/aHeodo
2022-01-11040440215680712K.xlsxls e7065618e785e98792d570656fd412ecf695c45ec5a8123d04cf4ee302d225bfn/aSilentBuilder
2022-01-116464583644142638.xlsxls 9ade9daf48cb63c929cd8e7ec03ac77ed41d362efaa79453d0eda4553747c404n/aSilentBuilder
2022-01-11232152562T.xlsxls 77d7199bee787fb17ba47e4461be479b626921734ac55b7b76d42531c3b1a211Virustotal results 21.67%SilentBuilder
2022-01-11Q13363613981H.xlsxls fd3087fa953ec989caff35845ec2bc3cc41303ac26e0f0d0b8e25a325fee3a29Virustotal results 22.03%SilentBuilder
2022-01-11425348698147729.xlsxls 0dec37edf7d179a139b89569d030dc83a715e5d9a945d9dedc410c3fcdd09125n/a SilentBuilder
2022-01-11D71644770576783R.xlsxls fa034a838fb84b119629b49d3a9fc672aea0004d361e94548bdfc5153f761c50Virustotal results 18.64% Heodo
2022-01-11421271822854764B.xlsxls e8ada03261f05e1c91d784bf58d10322d3765c686bb4a52278362e0e62288d1bn/a SilentBuilder
2022-01-11S586613640143391212.xlsxls 7b273da870150fa002d6651be951c45565ecfb209c9516b78a60d5e6274d4f9cn/a SilentBuilder
2022-01-118376386898002B.xlsxls 18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51n/aSilentBuilder
2022-01-11K6581041220914T.xlsxls 5567612a01ddde62a81334d73dc09a4e0f78d8e552d2686d44eb3e3910ecf13dVirustotal results 18.64%SilentBuilder
2022-01-11309062116253.xlsxls e540aa4c8a0a7eb9acf80aa3e76a804c5f492a69e052e33584c0ce432b33de75n/a SilentBuilder
2022-01-11J867222926432682147927.xlsxls 38b51ee1239079bda9d7d55d94ad241f9595a1bad8a9538a140cd3504ce559c0Virustotal results 21.67%SilentBuilder
2022-01-11L6149428124337451148.xlsxls 0c9de24621d73ddfb33b0d2607b84d523a103ff59e318980f134dac1726e11a6n/a SilentBuilder
2022-01-11W413383035546791915168.xlsxls 659c21119c192bd5c4c698d0e9c0ef6c5d0ed38bf40907318ccbc4dece45ec76n/aSilentBuilder
2022-01-11D81195212134924099979B.xlsxls 3d349cfaac69f883e7538584bf43d45307da7e0e04c37f970836d3326feb2948n/aHeodo
2022-01-11F61550821993710R.xlsxls d9e8186197c9776750383674b38e165df50905b376adc941e62ace8f92f23389n/a SilentBuilder
2022-01-11X40956215496814117320.xlsxls f31aafb0655ae81a6f7c09b055844a3bcbb45ac80124b0135fbe2317750dbc2an/a SilentBuilder
2022-01-11G71096063.xlsxls d5faf5bd112848b0ea104fc72fa52612a4c89280bf7d378493acbf0f9028bd9aVirustotal results 15.00% SilentBuilder