URLhaus Database

You are currently viewing the URLhaus database entry for http://gml.sogoflowers.com/cgi-bin/3yeWExuSLKaQlg6eYpVLv2J/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:1992174
URL: http://gml.sogoflowers.com/cgi-bin/3yeWExuSLKaQlg6eYpVLv2J/?i=1
URL Status:Offline
Host: gml.sogoflowers.com
Date added:2022-01-20 10:41:05 UTC
Last online:2022-01-21 14:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-01-20 10:42:10 UTC to abuse{at}corespace[dot]com)
Takedown time:1 day, 3 hours, 47 minutes Poor (down since 2022-01-21 14:29:34 UTC)
Tags:emotet link heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-01-214399775019756.xlsxls 6407591df6ce61f946e24715faa6fba1b1f3221e2baf22f6c4f5a64f1ea98eb5n/aHeodo
2022-01-2180766768897928.xlsxls aba8e5024172cc0cd240eda2c379e91825cb922f0c5d56d82a560dcb15eef097n/a Heodo
2022-01-210943602716451631.xlsxls 5d169667000bc1687817d941ea002d71996eca10e2e275c926b485f87827be44n/a Heodo
2022-01-213001935950335.xlsxls b8fef9073b247386d53e1eba4723994cf6300b257f2b637cb1eccead6b68904cn/a Heodo
2022-01-2138447072691809.xlsxls d6dc0e91ea39f267e9ccc86886be00d8ec8b7a3a1b1dd423ebb01fb771412204n/a Heodo
2022-01-21000291653093.xlsxls aa41c47fd919bc06f4b17ea69e649032b5a995e04b81a34dafbb3f0e4e5f1e43n/a Heodo
2022-01-21752584340739.xlsxls 595457287262641f193afae7ac66120029ef90f2ba59b310fce3d9335b1cf304Virustotal results 30.51% Heodo
2022-01-218133482550.xlsxls 03f8ab0e08386a7dcad36af464f60e8e879787d760562de70588313f7668f83cn/a SilentBuilder
2022-01-219399312875.xlsxls 09cac9c9cb6daf68f51433121e6e0678e7c9703512d4abb09623c1363ab92689n/a Heodo
2022-01-2135337103042476609352.xlsxls e06d794800a6c8e29eaee2ec0e2ccd9f60b00c7d6c9b4a80ce605a4c156f9982n/aHeodo
2022-01-21161380983896.xlsxls c1cf0024cf0ea94cafe10459912b6db4e4b66bb5b5a08fd061b4e72b227a63e4n/a Heodo
2022-01-21908999510994324.xlsxls fe0ea8701f0d1d1b08de951b55324c38441ca10539fdac0274a95e293448f8f3n/a Heodo
2022-01-2115891580620755178745.xlsxls 322c57757251a738ad054ef39b079a236e8f4747bd3ea260a3494021ca5e14d9n/a SilentBuilder
2022-01-21174647408829.xlsxls 053d625d162a5e1ad61603ca7d6dfd915cc175e991eaf3377a55b00853fabd07Virustotal results 30.00% Heodo
2022-01-2194219444095042217.xlsxls a35dd8234181c606ed2622bc7e8682a83326670684b0179ec886eebd8727a6a9n/a Heodo
2022-01-2126664473574089.xlsxls 21e23ea56b3d3198bc790c23569c989367c1907f23680e1760b7e76250e87549n/a Heodo
2022-01-2199321785148781.xlsxls 5ceff31125b1d5b68a48d4ce817ba3b487201c0c24e2efe3ad2e14400edccd42n/a Heodo
2022-01-2160715464721.xlsxls 2a76a4f3259fcd851ca4b6600ce2f79b588a682c7dabcc1d1db8269b5021d7ddn/a Heodo
2022-01-212092268218623793481.xlsxls eca323ddf5c863072e76cef170025ffcb611946ac3656f641ff0d2a0b17aa382n/a Heodo
2022-01-2178668526215509.xlsxls c853e3e650463ca03b11d37a51d45c21e90abb85fe410073c435eba0d168d28cn/a Heodo
2022-01-2181926529026470731.xlsxls 17c8e59bb1ddb5280a54987b4ccdf4c98cfb72071d795eb10b5c50b7d32b9d8bn/aHeodo
2022-01-21667278781937.xlsxls 1b6134b3db142025a7ebff094a48928647019264965031e089063502561e7ca5n/a Heodo
2022-01-21905697751732.xlsxls 358e8e25ef848f0530a1b2094f471f68415b1b8f84cf21e6f9f1dbb774759140n/a SilentBuilder
2022-01-211189357809.xlsxls b056a3191538792998936cef580c7cd75e9b49d40a53452f6e8dd20d5814934en/a 
2022-01-21633096260821238.xlsxls 71ef7935e65760f4ec2fc7a2d24246ee5db75c28000b0a7303ec8ac0c9e98634n/a Heodo
2022-01-21161161688094989465.xlsxls f8b8104e17358beef65e6fdff2be55feefca3de5b25cc90d42f3476aa563adf8n/a Heodo
2022-01-2077065000749396.xlsxls 88c13197081731462e05ef64b1c9abbdc1b85e0e573437506270137fb7b735d8Virustotal results 22.03%Heodo
2022-01-206375504966357269368.xlsxls 4ae5de8f34f1d8cf899bbe86265b6a4fc23672ac6471628a671f40404ef5302bn/a Heodo
2022-01-204272816243356771036.xlsxls 345965e8a8dc6b64c4fad5c48851aa3a2efb483d409eb259fb2ceaaec1f01dbcn/a Heodo
2022-01-2041612874413675384731.xlsxls 536582463c4d7bc11c931e61b72316d539e0b4ed677451ec3ab8942f6a02a040n/aHeodo
2022-01-2051116309479.xlsxls 514af468cf8a54d3ba4fd08208de3119721d9a9b5e4d2c96373add4d3dd7688dn/a Heodo
2022-01-2073044784190172.xlsxls b069423ac3753a4878bd652c9c55362c541db7529bd0b294ddc47bb7c6475946n/a Heodo
2022-01-2032527588316648.xlsxls 0aa692cc9abe6360ac72502a9f27fb0e3d401153dfe067524c82c56b7e5f8625n/aHeodo
2022-01-201394558027017967279.xlsxls 3b63534dcaf71bdf8293d2a3ce3310a02d2eda37deac68d5ccbdc89cfbc8f408n/aHeodo
2022-01-209939926951170.xlsxls 698ac4754c91f79900c81b961534ff29b9a260b82efb690fedc38b0f76ffd278n/a 
2022-01-205302730709027580.xlsxls 8a07b30e84df7c4db85691e055e4f39fb78621392b7a282b3b64d13a675e14b1n/a Heodo
2022-01-202323614881665.xlsxls 67d5e8d2c3fcf5a17f0c7aad1b6f8963102dd00bdb62a3179605c3cdf659ab3cn/a Heodo
2022-01-20671314112122080683.xlsxls 5ba1e7e7b37d9efbafaaa5049277348349998f11e6252edb0aa7fcc37bf94c99n/aHeodo
2022-01-205100815027.xlsxls e8499e295f03f08e5b88e949410d47da75c2088340bfc860fa5c9d1e1ec915e9n/a Heodo
2022-01-2084312687408446456.xlsxls b0255e42b75c0e2899d56ee898a141bb6f4f63c23e6fad05fbe0f4fe08534d4dVirustotal results 20.34%SilentBuilder
2022-01-2060820363989.xlsxls 4102ee23d580a34ad9a1790ea81e7d9739cae27b843165e0daa30b9450585db4Virustotal results 23.73% Heodo
2022-01-20053466652766349810.xlsxls 88c52c4d1940f16219506b7c10ded1fa314e5f05e0aa03cf441a7dee30f41aa6Virustotal results 22.41%Heodo
2022-01-2061150036455735.xlsxls 402b387ff9eaca12395e5ea30d7252c77d49ce1d1478784bdb329641136043ean/aHeodo
2022-01-2009293877807249341.xlsxls 1b56b512e143bf588017e0ef26bea37c85688b638e6b4aa2ca0d7a443ecf95beVirustotal results 22.41% Heodo
2022-01-2023505981508855745.xlsxls ad511015e8c542a03954c1be8721ddcce85dbe997f7b2048bc6e1b35823c5ffcn/aHeodo
2022-01-20618677476324.xlsxls 039adcca4d205850117d5b2348ceec561c57868668ab822350ef94a9b9467842Virustotal results 41.67%Heodo
2022-01-20022339047321.xlsxls 164c4462564895150dfc560f123efd7a59af8c5720ed9937070c77875cc54031Virustotal results 22.03%SilentBuilder
2022-01-2046015907833540034112.xlsxls 33bcc678281337839c7121adf32e1ea0fab2974709ab30d0099e4bbd147916b6Virustotal results 17.31% Heodo
2022-01-207132583710830619.xlsxls 093eb9276d5df2490f9dc0dd324349648f030d92ca6d4ab24d386d1d0eaea799n/a SilentBuilder
2022-01-208173162672.xlsxls 4627d88cb27d885555625326c40717630dbfc7708869fdde4d0064f2d59e5bb4n/aHeodo
2022-01-20938040099724802390.xlsxls fff3ac0f2ce35babb7cf736ec26a8374c8babd255489994937c41a8c005e5b46Virustotal results 22.03%Heodo
2022-01-2006359732752152872.xlsxls da69822f904bfa19d91103dea07f20d35d09cf37a2c76f4d45317d26728de3edVirustotal results 28.81% Heodo
2022-01-2040855580491381065.xlsxls 92f65a0fe643c1d601633944790e1263b9dc30881b77636627c624581aac4acbn/a Heodo
2022-01-201716235904111663.xlsxls bcfa7cbaded9c6144689692a9ea193431c16e7bf18e7ab361ef65fce375d93ben/aSilentBuilder
2022-01-2083836982448554355.xlsxls b3973d991b4f3e3870404c40bf59257bd40f4207f10dd5a6c34a8d4e29e0f7eaVirustotal results 24.14%SilentBuilder
2022-01-2038320892903671741.xlsxls b24ab935f6d7ae64a036e919f70a63590db56ebd6dea1660d89827851be32e93Virustotal results 20.69% Heodo
2022-01-2001897214920900.xlsxls 446673c01480c79b21b7725ee529350f4995cc39532a324b01b61b352f50ab60n/aHeodo
2022-01-20856621400214995.xlsxls b9528394574eccc85daaac7ef8f647b72b48d2e0a13fd681e3727291a2c2885bn/a Heodo
2022-01-209935078790801248.xlsxls 167d9ba9d50caf33f2e4e83958b809b81e5a3f9bd5e259d2e233ab5c299afecfVirustotal results 34.48% Heodo
2022-01-2070165991938803.xlsxls fa118d305bad13e6c33a570a4bcd6159971ca1c5c3cf06eb7c8a5612e0d42aafVirustotal results 23.73% Heodo
2022-01-2007373920106734432.xlsxls 6c993bfdab714689f5b5924440eb9d1289f73941b3784a6b1fe4798ef65ce200Virustotal results 40.00%Heodo
2022-01-2093201146010488048248.xlsxls 1db2ec499c11b096c4a468a878a9e6bb791183ca2156eb2e8c233fd7b172b607n/aHeodo
2022-01-2056831324329.xlsxls 0a20a1b82fd605aaca4441f2be6c35ce6d486d0a55de5efda00150db78b3e6d4Virustotal results 38.98%Heodo
2022-01-208508107285035795415.xlsxls 6d56c4a60ec2d451673ce2ce76e1fd89e23fa89a05c872736d78e15020cabe71Virustotal results 20.34% Heodo
2022-01-2023767159488451.xlsxls b8da4b3b5705e6c881a49b0e94bf1a9592bd260de46a435d0c07a401e295e0e0Virustotal results 41.67% Heodo
2022-01-2016420999690139.xlsxls 2973cc99c73795a2e3a00ef11ea792c3800f933fc073fe670d2907261f6c965cVirustotal results 18.64% Heodo
2022-01-20032721428423738299.xlsxls c00fde8c38e8b4c0c0f538ebc3e15353f409ce1b147c85f25a14e96cfc5afb3cVirustotal results 38.98%Heodo
2022-01-207150295447073081.xlsxls c90c1b4626812603a3199a0a72c7eeaf6ec5eaccb326c48d2e5795ae26485ee4Virustotal results 18.64% Heodo
2022-01-202732771598719779.xlsxls 32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597fVirustotal results 16.95% Heodo
2022-01-20201914238864555325.xlsxls 4a4ee3f8e96ff14a83d4f61b0c94a52dab1ed3a0bcd3d588cfc52606df19d1d4n/aHeodo
2022-01-20296692409594586.xlsxls 9ba56efec9dfbeaca7216f658c75a50962169d958ce15e168479e490539e84dcVirustotal results 35.59%Heodo
2022-01-2061827948013803993415.xlsxls 54afab7495df32a4992bbf3b49a156d0701358881ff8c996345fa6788a80d789n/a Heodo
2022-01-20513108716357630787.xlsxls 4d0157605b0e16509f6e417d88912258c1a532204522a42e2c9a771c081df49cVirustotal results 35.59% Heodo
2022-01-20560254584884892.xlsxls 2b7fb1d9849ed25b33a5d477c71965b5ff31bfbf98d5892d510caf3eb0de221dVirustotal results 33.90% Heodo
2022-01-2045877291898173885.xlsxls 4b1800da594032e6944a2b0728eaa50223d1ca0a6eaf3883ce9a0dc05d2e982aVirustotal results 18.64%Heodo
2022-01-2012308260123270381311.xlsxls 8a464dfc159ef035f950a356301f0ca156ee957dcca035dd3d3b25071806b490n/a Heodo
2022-01-20171794126305874945.xlsxls 325659ef6619e8c64629ed81b4155895f88d729382090dbd83d2ca5f2633c517Virustotal results 37.29% Heodo