URLhaus Database

You are currently viewing the URLhaus database entry for http://landleader.riseentrepreneur.co/wp-admin/G/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1967904
URL:	http://landleader.riseentrepreneur.co/wp-admin/G/?i=1
URL Status:	Offline
Host:	landleader.riseentrepreneur.co
Date added:	2022-01-11 17:42:06 UTC
Last online:	2022-01-16 08:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-11 17:43:13 UTC to abuse{at}serversaustralia[dot]com[dot]au)
Takedown time:	4 days, 15 hours, 15 minutes (down since 2022-01-16 08:58:18 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-12	toqv_6359623.xlsm	xls	c468d97804e7a9fa569cfab4952c6fda72685adc622cec8aee02bb9c8f1a79aa	26.67%	Heodo
2022-01-12	070361188329.xlsm	xls	769ecd4d91e53cc734ede1b06a3935096e838020e44061032964dd769dda3968	28.81%	SilentBuilder
2022-01-12	PQQN_96495.xlsm	xls	8642a84875b30eeae2bec0b16db37715f4a2ff15caf6e5185a4012107ec1e87b	n/a	SilentBuilder
2022-01-12	2812484527590.xlsm	xls	926c822e2c4d78b252f788d3fa75a77bfed1380ad50cdacf21f3efddf15b0b26	n/a	SilentBuilder
2022-01-12	bqid68055053.xlsm	xls	9d277bf6e9b937c6b9d79db16b78f65ef5346b79c5c68fd3fda71a4e18171fe7	23.73%	SilentBuilder
2022-01-12	Y6980337.xlsm	xls	f9cbf3cdfa7ed91bca677fd8d8e1f0f53c193323abfbbb1ce4d7c6d2f1b9feea	25.00%	SilentBuilder
2022-01-12	gpkxb-326.xlsm	xls	9e0c891bd4b687d10b5c7d8082a2d4c7d24a0c9ea90b1d0aa09dafa6dee22047	23.33%	SilentBuilder
2022-01-12	078596024.xlsm	xls	f710943ccdadad818f80e208b3ea05bb57523b5ca7ff2e9647abe730a65afe5f	n/a	SilentBuilder
2022-01-11	ZOIAI_55.xlsm	xls	4e4fed9bc0e99667d6959b4513a5c89a5f76f2437b19ae6b5b8c3ff15ba2b71c	n/a	SilentBuilder
2022-01-11	JRX_90100644.xlsm	xls	bfe1c65501eb9a22ea914fe380d24127cdf99ce17fc20683f99a7b1e0ccc06f8	n/a	SilentBuilder
2022-01-11	K_314.xlsm	xls	429e0de91bc404f5fc886f0618177f5bc49fe0da3940e98426c5d5cd8aed57cf	16.67%	Heodo
2022-01-11	QE_349.xlsm	xls	cd8e0110b182d3afd4d91cc9be83efb4de17b54e76e93d861acbd9e981906fb0	18.33%	SilentBuilder
2022-01-11	44335-0.xlsm	xls	15808d5cf09ee4a60ed9e18d0b403cd762cbf7613246e2cdfa6fba88eb654dd8	16.67%	SilentBuilder
2022-01-11	G97754102469626S.xlsm	xls	755b4ee15682c5a1e3567c5d710b241e03a8b6ce7080dc3ef0816be9ed6e06f7	15.25%	SilentBuilder
2022-01-11	X60462048072996386.xls	xls	73a93604b31a5b4b301dad4849b63d5e6e48ef8d946f6fbff48b485b1bce7a37	n/a	Heodo
2022-01-11	8988315Q.xls	xls	0dec37edf7d179a139b89569d030dc83a715e5d9a945d9dedc410c3fcdd09125	n/a	SilentBuilder
2022-01-11	C7773641954602.xls	xls	03319a0f6c37911983650f91c2a01b29eac84b17bd99133626d11d08952ad9d4	18.33%	SilentBuilder
2022-01-11	3209521703949041335.xls	xls	a0a6e55d2714273e7c3866776a187cc320e9bfa5086632fc12ed94db2efbfc3d	n/a	SilentBuilder
2022-01-11	916066876395.xls	xls	18e24e9b03fde05fa41b9d86aa612dbbd5deabcebbe97ee5b3a3b7fa8fb43f51	n/a	SilentBuilder
2022-01-11	65360086758125347672.xls	xls	a5a1c304ab3b2351a82da736cf9c022ea2ad1cbff6321b64b0a741b575c8a6c4	n/a	SilentBuilder
2022-01-11	K6759577W.xls	xls	b8600d1365521e1a2f83ae356900d38cf8c44b60594bbe30df2ac04418cd823e	n/a	SilentBuilder
2022-01-11	83641870932585.xls	xls	b1facac75e8c07b20f413b7083f889cd502c32847a97c5cbed0d3e4051f9a139	20.00%	SilentBuilder