URLhaus Database

You are currently viewing the URLhaus database entry for http://whatsapp.bakelake.in/hjbq9b/G475/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1984467
URL: http://whatsapp.bakelake.in/hjbq9b/G475/?i=1
URL Status:Offline
Host: whatsapp.bakelake.in
Date added:2022-01-17 20:31:06 UTC
Last online:2022-01-20 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-17 20:43:07 UTC to support{at}nxtgen[dot]com)
Takedown time:2 days, 18 hours, 9 minutes Poor (down since 2022-01-20 14:52:50 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-17345606372595471.xlsxls 6c42a94654de5ebe226d285c0ad13e26b01ba97ec5f8faf8e2fb9411a2fc1380n/a Heodo
2022-01-17248548388185.xlsxls 5edfa18d54052256d62cd14523eee828be94dbd74b83296ece55b13122e94c56Virustotal results 13.56%SilentBuilder
2022-01-1753253411579641.xlsxls 6c45d08768b929c1e9e51c06e8e11e0f679c9a66a33415a427417ee1a3391ee0n/a Heodo
2022-01-1721028206941210332.xlsxls 5ae8846c8c7b641f282ee57e2c7e43ecbb26ef440b76a0fc3d4134df1c6e4867n/aSilentBuilder
2022-01-179579384411529506532.xlsxls 29709d03acee721410a55e3e7456f31bba930f697066acc6c5649882231cf288n/a SilentBuilder
2022-01-175729212333.xlsxls b57b7792f2d74379892499f9a23972aed0b7206a9041b5e3b0720b2a683c0d53n/aHeodo
2022-01-17635687076-7845.xlsxls 3bffdc24f84177cd3c0cb5d7a9eed6da2b8f55d4b121f155de26ca172706742an/aHeodo
2022-01-1798861635HBOI6783317.xlsxls d786500c90a058e4f9fb3611f21c3c3854c9dd23c9a6925a21bcfd850cb8aa1cn/aHeodo
2022-01-17213770190-5287050.xlsxls abc4e0519d48cbf6a484cf91eb17ed6f206f0a84f0bc9cb7fe3567f0cbe004a4n/a SilentBuilder
2022-01-17OM58775208.xlsxls ab5d55fb39f73d1da2f46b54b81c0f720e5c6585ac2f41d074ed77434fbf65e4Virustotal results 20.34%SilentBuilder
2022-01-17010154631_1991.xlsmxls 92ea90e9ca6052449ea85bb78e4a5c9e08e52ed9afe3c80472f23178b98c6e02n/a SilentBuilder
2022-01-17GSpx262.xlsmxls 5e897463122b22a156bc90c923968185229ec794c4c8ea09aa4e4a9bbef80243n/a Heodo