URLhaus Database

You are currently viewing the URLhaus database entry for https://onebet.co.ug/wp-content/42398854OCM_1903954/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	1984727
URL:	https://onebet.co.ug/wp-content/42398854OCM_1903954/?i=1
URL Status:	Offline
Host:	onebet.co.ug
Date added:	2022-01-17 22:17:06 UTC
Last online:	2022-06-29 07:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Not blocked
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Not blocked
ProtonDNS :	Not blocked
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	sugimu_sec
Abuse complaint sent (?):	Yes (2022-01-17 22:18:08 UTC to abuse{at}alibaba-inc[dot]com,intl-abuse{at}list[dot]alibaba-inc[dot]com)
Takedown time:	5 months, 12 days, 9 hours, 38 minutes (down since 2022-06-29 07:56:11 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-01-18	97514400482462.xls	xls	2bf7a9b12869b6f85ff0f29c8500d06494577586d332fc7b32f8c12f218a1da8	n/a	SilentBuilder
2022-01-18	5979858138349.xls	xls	2113509ff71a6a0676367c8b50e39e52b82b6639a88afe1ec06942389993c44b	n/a	SilentBuilder
2022-01-18	4272189320793.xls	xls	d572ba5baf8c120807fbced6c72b7da32fe4570963874f2f04fdabc560caeb2e	n/a	SilentBuilder
2022-01-18	41786777936.xls	xls	37dbee696ec38e589581d1b748765702ff2c7c810a2e5e244e3607a7e80993a0	n/a	SilentBuilder
2022-01-18	2235733904071.xls	xls	ebe7c1008e98277cac317211c9fb8db1371f256f9c344209fba11039fcfc1576	16.95%	SilentBuilder
2022-01-18	78815123297727419.xls	xls	36b7b1b95cc85317f49f5a0f4b636e977a0a7534a330be0bd317d2f86edf23e3	n/a	SilentBuilder
2022-01-18	41839339481084.xls	xls	b383f0d5f5b73ff5916fa1f95a60374c30be3dded207d8fb5abf9e4d547f316d	n/a	Heodo
2022-01-18	214325735128874.xls	xls	10d3cb55e800fbd099d09514ccfa2eb757d1d4523ce78508696052e7c5cf6d24	n/a	SilentBuilder
2022-01-18	053631527586.xls	xls	d6343441527c5d54f075865a30ee2741e2990408e8f3040de90ffe2fbda8d6db	n/a	SilentBuilder
2022-01-18	8168071179.xls	xls	e91404f2f0023114d75fac9c22b509c457ead8f54865344e0974a495778e8d22	18.33%	SilentBuilder
2022-01-18	5116561058331413109.xls	xls	6d624915e5462bc3ab2100be22ddc87a74530d9fe8a151d28170ceeb6564da90	n/a	Heodo
2022-01-18	9992991019633.xls	xls	7f1401025e5fb7eff13fd2ceb9805323ac67f183a06fd97481516a01438dc8d6	n/a	SilentBuilder
2022-01-18	5877604360.xls	xls	4e59c5e250a49a3e1b4ab0856c1ffcdfe541d7533ae31d22aed84ea3e4aa5c6c	n/a	SilentBuilder
2022-01-18	6511367044084.xls	xls	c61718c0dc7f0d5c5f66455826fd222262b081893085b7a528d3217b0bc6316d	n/a	SilentBuilder
2022-01-18	120789426683209041.xls	xls	909cae6e044629c7d0356bc96ced029549d3a1572031da350ee6b96489664f31	n/a	SilentBuilder
2022-01-18	80744998183579674.xls	xls	7c92ba7d9752e651b0bf808e5bddbc3f107ccf9ef6ee0c272339621eb8908e04	n/a	Heodo
2022-01-18	546028533273.xls	xls	e07cb07d8a2b296d0f506a805e5721233820e0f8d4c9d552940f71fca7be7a8c	n/a	SilentBuilder
2022-01-18	465161743960944.xls	xls	e64f53d96cf4624502733103a45f67cc0635e35e624610cbec57ea9844d43203	n/a	Heodo
2022-01-18	176246574757.xls	xls	9b0a59dcae7eca85fa1088f429b85a4a491f79207a68cb7cb8925ef9d95f8ba4	n/a	SilentBuilder
2022-01-18	3280489388417358.xls	xls	e83230dd5995b3cb0477ab358fc13505cbe4ef8a103ee5eafc8763545ed64d8e	n/a	Heodo
2022-01-18	36875369303029063287.xls	xls	92bf6d722708e0e9428275c7d0789a52e3fefca383f020e0b8a9cf32e01fb954	16.95%	Heodo
2022-01-18	307308648169852307.xls	xls	ba5cec050921142c70a9666d32ed2689badaae0afbf6105f2c3a570638634d84	n/a	SilentBuilder
2022-01-18	325437708333491.xls	xls	853bf53e1de361a8c42c16b3a74dd673f990ca41f7f540ab98004a9a39e60725	n/a	SilentBuilder
2022-01-18	923543032026467501.xls	xls	ee8b7476fa35280678b3b70ee6f8142bb7945783f64da2a541c0a42e0e804506	n/a	Heodo
2022-01-18	29279896665.xls	xls	321d80f76297387803acdb4fd4e6a4dc6073d515955445752390767e95884b67	n/a	SilentBuilder
2022-01-18	495928233920350.xls	xls	6d894e2cd1eaad5f13a55f94de79b6dc01a1f37c48b884d488e46003c054eb8b	n/a	Heodo
2022-01-17	64302674066473.xls	xls	b5abaa61ee5a2795808e2dc90c87c149ea7927be1431f1595fb1061e045b8657	n/a	SilentBuilder
2022-01-17	98340021163551351.xls	xls	d90276f1e57f91966cccef797f36ba18dfdc19cf92a4505d0f59f2421f4eb2ba	n/a	SilentBuilder
2022-01-17	21664335687625310410.xls	xls	6c45d08768b929c1e9e51c06e8e11e0f679c9a66a33415a427417ee1a3391ee0	n/a	Heodo
2022-01-17	238860568741144581.xls	xls	24c794c4bff6d31e618de4a6fab59f41d7f55dc7cfaaf520728bdaa54cd4c0d3	n/a	SilentBuilder
2022-01-17	97379768297006.xls	xls	01476eaa4b0f7bdde2a764be2f017d11e0a9743bdf0447c63288607ef7437ac1	n/a	Heodo
2022-01-17	28054520096278975.xls	xls	f6c6e2de6c48ffc623320a3b19ef24f8dc009d55b9d388b58847ef5008962cc3	16.67%	SilentBuilder
2022-01-17	42398854OCM_1903954.xls	xls	d9aa91dbe35dc3237e8ae898bcea021fc060c2dd41ae62ab1044eb4c47d0a1e8	n/a	SilentBuilder