URLhaus Database

You are currently viewing the URLhaus database entry for http://buildotech.com/hijy/11PLKCJMED_49806929/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1973220
URL:	http://buildotech.com/hijy/11PLKCJMED_49806929/?i=1
URL Status:	Offline
Host:	buildotech.com
Date added:	2022-01-13 08:19:05 UTC
Last online:	2022-01-20 04:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-13 08:20:10 UTC to google-cloud-compliance{at}google[dot]com)
Takedown time:	6 days, 20 hours, 39 minutes (down since 2022-01-20 04:59:42 UTC)
Tags:	doc emotet epoch5 heodo

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-14	25500946-52.xlsm	xlsm	9fc43645a59ffc54409d20d58c7198ee61f8ab3a982a0928bf62523b1c61a575	26.98%	Heodo
2022-01-14	403_07.xlsm	xlsm	878245ca533c239b7066ce1bb483d8cd42a8d5887954c3e4db00b5a52d46f354	n/a
2022-01-14	322396_1319442.xlsm	xlsm	3b63ba5e81eedd06656eca70b56b6d9490b598df1646dd83dacefe8cd52d6a77	23.81%	Heodo
2022-01-14	awzjulw_68853.xlsm	xlsm	cb0d9916b6be6d3b9d52d057b5b8aa3b223284abe331467dea72eca27165a618	n/a	Heodo
2022-01-14	071949_4898475.xlsm	xlsm	b8e60cbecfbe9cdc725b0f3fc1524d2004d7a1e7a7aca69e4f7bc0ce89fe2f54	26.23%
2022-01-14	rbm_95289427.xlsm	xlsm	d7e424ccc4f316f9abbabc2a3b0bc47b61daf071111fed745056ffc823c541c1	n/a	Heodo
2022-01-14	ktQGs-610000123.xlsm	xlsm	b8b1fb98701bf450f491a99a027c35455ecc635801276ec74d0f637aa91aa3f9	25.40%	Heodo
2022-01-14	4269709.xlsm	xlsm	c2ab14bf957655123abdaeec4efe8202b1e6038c324c3492e2b610175334ff58	n/a	Heodo
2022-01-14	365297_54.xlsm	xlsm	d55979fab69e6383de91fecd3232f4f013cc7eb8de5a4a0090c6e0a371765b4c	n/a
2022-01-14	AcprLB-487995.xlsm	xlsm	28d2e274a082c7de870cd52bde0f9bb929bcb9331d7ce9e85f5c9bb6948a59db	n/a
2022-01-14	ANJX_17300.xlsm	xlsm	3dd7791745ef386d30fdac27e392533cbf154de6881440bf6bae3b947c775402	n/a	Heodo
2022-01-14	FM-425.xlsm	xlsm	9914b76a0ba3fb9da5a56e91338779ce902665c925d401d929aadf7974293d79	n/a	Heodo
2022-01-14	IDQ18579995.xlsm	xlsm	1c240992b743818ab5c0ee5f4de32be4555853fde4d92d8f8264dd975f5ae3b3	n/a
2022-01-13	riT-278426.xlsm	xlsm	3761b25fa3d41a38d6d55c5e87d4a89bd1c35bdf0d06d744642ddbd14c852964	n/a	Heodo
2022-01-13	209255299_2798.xlsm	xlsm	5682c16dc6480cd638a0cf0f42280955d063b47a3f33fa3d7100d11b26113c60	24.19%	Heodo
2022-01-13	71685520.xlsm	xlsm	1217dcbf810cee6fe242d7835078f9e5177ce7d1bb925405d550ea413b08fbb0	n/a	Heodo
2022-01-13	6270_94623.xlsm	xlsm	ebcf8ce780273a62dfc735a9ca26cab21be68b0ff57bd22a97fcb60537a979ff	n/a
2022-01-13	ojpsgq0674.xlsm	xlsm	7f6d428bde4ea1f1e20a3872a38c373d16aab94f268de327856f09e683833b60	n/a	Heodo
2022-01-13	ZZfJ33080859.xlsm	xlsm	1f79a3aaba0bcb4a01de9ed8c7ff49c87c419b7af3ba808588e67bb898434b75	n/a
2022-01-13	6962380_880215743.xlsm	xlsm	236a6d0de83a050c7865dba3da1e5ec1e210668e47a23499a833dd10551e9087	n/a	Heodo
2022-01-13	21741751_13535724.xlsm	xlsm	6330ce41125fbef35c867af34ed93f63e40f62525e13c3e6dec6ea73c83e269a	n/a
2022-01-13	154206_04586.xlsm	xlsm	3ee5184a13e445cfb1886d07497ad642ebcf9b1d33fa9628d60e50e8cfa882e3	n/a	Heodo
2022-01-13	1639_23.xlsm	xlsm	e894314815096ab9fbaa2b7f084fbe70f1de47caf8d5f282e012a8095831da67	n/a
2022-01-13	MZPE967.xlsm	xlsm	5f078012b57ca56c92cb000baabb72b809c64fac6e70911c9175074c54839087	33.33%	Heodo
2022-01-13	5191088-928364.xlsm	xlsm	accddc7c06e08cf3517f7277a5c299c85176cd7821220fcbc6681c3dfba5be01	30.16%	Heodo
2022-01-13	66334201MHCZKPPBP_909997466.xlsm	xlsm	f6319e708e7c942acfec28dcc5e23df293475f01d892e4992d9717277f79d6ee	30.65%	Heodo
2022-01-13	C_519213850.xlsm	xlsm	a9faf8e0d840e990acabdc3c8b31755962bf1759ef2da0f93763670eb3f2e738	30.16%	Heodo
2022-01-13	YRNCJ_138.xlsm	xlsm	67db098ffc37f7ee91efe9d171ee286e1f72b744f50dce8d4e83309ba5f21593	30.16%	Heodo
2022-01-13	AGF_07.xlsm	xlsm	d652c467b10eb9cec0d36d73accbe00a2d4704678683e8ab611e8de487e34cf2	n/a
2022-01-13	04757148_038098.xlsm	xlsm	6ce5fc9630e85823c37196bfe8439166095e763ef9367c575e11b78d7cb59c03	n/a
2022-01-13	8850_46.xlsm	xlsm	842a15b1ebf8393eaa47f357e6f07b8567eba44d143daadcb8aff6970c5655d2	n/a	Heodo
2022-01-13	13171085382805.xlsm	xlsm	a50956fa0d478857706f9ec687526eb7d9c07a269101ec5dd97da987f78943fb	n/a
2022-01-13	34969968_9984.xlsm	xlsm	78dd5816d66701839612b5caf64d4337e45d516e52b5f177345f5019ce4aa907	31.15%	Heodo
2022-01-13	O_10059046.xlsm	xlsm	e07efb44e73f01e1cd957c1874bce0e453c91eaa561f46efb373edb97100320a	29.51%	Heodo
2022-01-13	ZK-16.xlsm	xlsm	0a15c90622fb7efdc89dd32dd7eebdf84b3544b5e9b63a281ef38d59ebc446e1	n/a	Heodo
2022-01-13	fouh_7893367.xlsm	xlsm	a8b105b33e639fbfaf784868e4c8b14639d7e0dfbde96bb5071fa8d7160595fe	n/a	Heodo
2022-01-13	asbwsig_253019.xlsm	xlsm	c87454534ee25d7d677e5bab46857f861240685ce17532b788892d370096be83	30.16%	Heodo
2022-01-13	04153771_723.xlsm	xlsm	1070ee81825904e9b69247d5ecd09aa91e0be9722ff1b627740e98e0bd48ee7f	n/a	Heodo
2022-01-13	763965_63.xlsm	xlsm	2d009791d777c752c4fddb6e32e5d123d7ecf80145baef849436bf4879259b8e	n/a	Heodo
2022-01-13	6338_496457555.xlsm	xlsm	08c7c9f40c6db283966c794771c90b7d9f65dedfb785b861e02187f62f0dc0c8	n/a	Heodo
2022-01-13	butik-011138605.xlsm	xlsm	b8f140e8a83cdb10b7816fd789deccef6d4373e8441fa40618b48484359041b5	n/a	Heodo
2022-01-13	54096.xlsm	xlsm	aeb70e41209244bbbb3f870a325ee369ce718361b2caf361f8472ce7b1b7001d	n/a	Heodo
2022-01-13	XmfC-60.xlsm	xlsm	e867e8691b17fd95fce36eb933b1c36744f45513e44d931d07bf95229e47bef1	n/a	Heodo
2022-01-13	E_185253406.xlsm	xlsm	6acfbc04a4d8ee5bed51c551d533b4b99936760fdf3f6db32d1216130c89700c	n/a	Heodo
2022-01-13	TI82.xlsm	xlsm	125468fda9c224d8a3ccdf92f08037a343c0341a8e64dc2c1182e1d3d4e496a7	26.98%	Heodo
2022-01-13	FcWFR_35.xlsm	xlsm	cd1b8b06a27b93f21a8da161ab4af2768ecdcbe5f8f5122d89c33caf145da46c	n/a
2022-01-13	RG_85302570.xlsm	xlsm	915354db100b6c7c744bede05828fd397ef2ab000bced2ac46e799b5d5a8e9d5	n/a	Heodo
2022-01-13	S_1910.xlsm	xlsm	9e443aedd2833d67bb9b858bd14abc6a235186f865e05497ac39ab8cd0185156	n/a	Heodo
2022-01-13	838507_385791.xlsm	xlsm	6a8fc7cb880a404032161e81d67152873581b6614b238faebd731fb7fbd8cb92	n/a	Heodo
2022-01-13	508_5278.xlsm	xlsm	f745757e79c9411ab969a3e2ab5ccff444e4542b87681828c091f595826410b5	22.95%	Heodo
2022-01-13	mypbwz60037.xlsm	xlsm	ca6662f6a52a16a294b7d873a1f4b60f6ed054cb1cbaf3207081f30380c573e2	n/a	Heodo
2022-01-13	JTRD_10101316.xlsm	xlsm	6c5843f31e83acb3be71be737cb15c279df63ad2191db42d1687985925eee1c9	22.22%	Heodo
2022-01-13	QUBC_2818.xlsm	xlsm	2cfe6cc60d786a8b94d9d3114d344fb74c21e5ce5391dea3d1550df17fee05b4	n/a	Heodo
2022-01-13	079-87.xlsm	xlsm	80f7072eb1b894cec06813c3267356f693ff21d0d1f116d1cf53d5b8035277de	16.13%	Heodo
2022-01-13	173456_3056.xlsm	xlsm	076405ad2bba11d84012c05321cd7e6ab77c3cbd5f4f04072a2f98d26f604e0a	n/a	Heodo