URLhaus Database

You are currently viewing the URLhaus database entry for http://phatthalung.drr.go.th/content/YBG_98151568/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1984651
URL:	http://phatthalung.drr.go.th/content/YBG_98151568/?i=1
URL Status:	Offline
Host:	phatthalung.drr.go.th
Date added:	2022-01-17 21:46:06 UTC
Last online:	2022-01-24 09:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Blocked
AdGuard :	Blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Blocked
OpenBLD :	Blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-01-17 21:47:08 UTC to nip{at}symphony[dot]net[dot]th)
Takedown time:	6 days, 11 hours, 29 minutes (down since 2022-01-24 09:16:46 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-18	1028144111635.xls	xls	59cb2552a34b231acb92fcee121b13d662ca7f0049a70aae86fe312270f548e5	n/a	SilentBuilder
2022-01-18	085938947481507201.xls	xls	42086786392d71f57268416d14275638e2955c797babcbd5ec21b7eed6703652	n/a	Heodo
2022-01-18	2460068738700775479.xls	xls	b463abec1dfc612e1ea59fa20ed07f468fbdc69e8694a5af639fa79435ce4f58	n/a	Heodo
2022-01-18	3112671422.xls	xls	35be5819e56e15ca1bc78bb61ba08a38d392461405142da722d534c2f87e55f5	n/a	Heodo
2022-01-18	67813151044.xls	xls	26b4ee804e6a317a802f1c370398c6629f516477378bf94cad94413237e05c34	n/a	SilentBuilder
2022-01-18	488320044384.xls	xls	ef7820c85bc6c3df2447132bbed914ed101aeb7baf6e6edf25026375f9df3980	n/a	Heodo
2022-01-18	61220776703533151.xls	xls	96fb18491f6cf868e63171c4ba461b95b4b74d39b1ce4ea5e4e96373f97dde26	n/a	Heodo
2022-01-18	44569884282902170.xls	xls	ebe7c1008e98277cac317211c9fb8db1371f256f9c344209fba11039fcfc1576	n/a	SilentBuilder
2022-01-18	69151910739.xls	xls	c1a761edd3badd0226e48b8622372de2feddd9d4ced41445685022600816aa7c	n/a	Heodo
2022-01-18	541470811652.xls	xls	f992f21f03b86aefe34db46f747ad9c063feebaac70cc1eff8cb76806aed499d	n/a	SilentBuilder
2022-01-18	839669659204.xls	xls	0971b78a1fa100002ec0c3cd1d18af109e56369c4a52b4445f10c30ea8ade7fc	n/a	SilentBuilder
2022-01-18	0168671489529106899.xls	xls	30ec22e5f956439cc697c71a92a8f806335253f5b692b8375cb4acad148b5cd2	16.67%	Heodo
2022-01-18	86643632190.xls	xls	4ad545641ce10800bcd2a75f03ae32b78d9fce1feb504c5353da50438959e3b0	n/a	SilentBuilder
2022-01-18	166554031085.xls	xls	14e06e9395a20e63635c321d4e8f23e03da439bfd81766dab0a621ec1c4627ae	n/a	SilentBuilder
2022-01-18	414856489531414.xls	xls	909cae6e044629c7d0356bc96ced029549d3a1572031da350ee6b96489664f31	n/a	SilentBuilder
2022-01-18	015085880913202355.xls	xls	bc1172240f277c311e80e1e9149ebab58d1870bc0a9e94f3bd898a025495be3e	n/a	SilentBuilder
2022-01-18	759667564871812.xls	xls	e07cb07d8a2b296d0f506a805e5721233820e0f8d4c9d552940f71fca7be7a8c	n/a	SilentBuilder
2022-01-18	9905775153005964909.xls	xls	78edafc9ef5c586ac250ab33c4670eb0777e862160498429f24acbb551b6f3e4	n/a	Heodo
2022-01-18	3276666567797671.xls	xls	eb7193559a0f423ea0f4c9d50884ff6e053a6cd4b1a81563ac619e72595779ec	n/a	SilentBuilder
2022-01-18	35812007781715676782.xls	xls	cce8350caeca1753a8904e4cbaaf763ceb8eac0445b3235b74a9635727d39118	n/a	SilentBuilder
2022-01-18	84834272610723.xls	xls	027a72970eec77e5214269c8f79a87f5f614a1ecee11257b3feac2fbf54740f2	n/a	SilentBuilder
2022-01-18	3325924432999943636.xls	xls	ba5cec050921142c70a9666d32ed2689badaae0afbf6105f2c3a570638634d84	n/a	SilentBuilder
2022-01-18	789609306973360.xls	xls	5255b0788b382c41d46027fda6dc4e3c717a4cbc46469614299d184bf77037df	n/a	SilentBuilder
2022-01-18	86577874973.xls	xls	321d80f76297387803acdb4fd4e6a4dc6073d515955445752390767e95884b67	n/a	SilentBuilder
2022-01-18	609438914549.xls	xls	b933c6fc1ce4b9df0d65fae6724a3053c183cbdf921053873252181bf50ed7a0	n/a	SilentBuilder
2022-01-18	860100153635066724.xls	xls	6d894e2cd1eaad5f13a55f94de79b6dc01a1f37c48b884d488e46003c054eb8b	n/a	Heodo
2022-01-17	26261393624679331592.xls	xls	6c42a94654de5ebe226d285c0ad13e26b01ba97ec5f8faf8e2fb9411a2fc1380	n/a	Heodo
2022-01-17	47561049733.xls	xls	d90276f1e57f91966cccef797f36ba18dfdc19cf92a4505d0f59f2421f4eb2ba	n/a	SilentBuilder
2022-01-17	64791725423.xls	xls	6c45d08768b929c1e9e51c06e8e11e0f679c9a66a33415a427417ee1a3391ee0	n/a	Heodo
2022-01-17	87223506547897.xls	xls	63ca712aa3ded137254262b9946785369c094b3e58b186e4ddaf34ba8b5d9e85	n/a	Heodo
2022-01-17	03881226862.xls	xls	f6c6e2de6c48ffc623320a3b19ef24f8dc009d55b9d388b58847ef5008962cc3	16.67%	SilentBuilder
2022-01-17	BGK_679493.xls	xls	9d3854a143ef21ea2f229b04928a70a0bb2f546162e2eae563243d867e00d1ce	n/a	SilentBuilder
2022-01-17	14298631-67236.xls	xls	8ec79669414afa81c586c25f9508a0e51e77a474b567e19fbc426d33f324d1ed	20.69%	SilentBuilder
2022-01-17	YBG_98151568.xls	xls	8976395bbc9ade87e7ecaf509860c9a460299dba5418b0c536818a7d14d5941f	20.34%	SilentBuilder