URLhaus Database

You are currently viewing the URLhaus database entry for http://gta.devsrm.com/wp-content/U7NZwI5keFIZSnyAM13keIkGU9/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2117783
URL: http://gta.devsrm.com/wp-content/U7NZwI5keFIZSnyAM13keIkGU9/?i=1
URL Status:Offline
Host: gta.devsrm.com
Date added:2022-03-28 19:32:05 UTC
Last online:2023-01-21 09:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-28 19:33:06 UTC to abuse{at}asmallorange[dot]com,eig-abuse{at}endurance[dot]com)
Takedown time:9 months, 28 days, 14 hours, 18 minutes Bad (down since 2023-01-21 09:51:33 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-3052056306230498505210.xlsxls 60e88edf882041b4b5d3d2d44bef62b53fc478dc719df2d61ce6f55771cda593n/a SilentBuilder
2022-03-3034261793982781.xlsxls 1368718563ca6d717e28a11f2ed560ef1e7ebd71253649ab0bd46a45a96e835dn/a SilentBuilder
2022-03-30059312228831.xlsxls 2ed370e7b10a0832ccc6c51912b84345f0b6b1a0d19f212a86886497ec9bee8fn/a SilentBuilder
2022-03-300520151487239262130.xlsxls ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8n/a SilentBuilder
2022-03-301739706464.xlsxls 0dc349ced3a964c30dbc65e647487d5692c66b5de22baed873d295f384f570f4n/a SilentBuilder
2022-03-3078805289874482.xlsxls a612e9a7b8f4a08f1b73f5a7e07b586913f327d8bd789ca7ce7c1e6e80883f91n/a SilentBuilder
2022-03-3068003427306823662925.xlsxls 9117b358fef580b72cc48274e46eafc4a2306217554282aced54fc9ee05a8bedn/a SilentBuilder
2022-03-300365281033100.xlsxls 562cb8922d82b50caf2e7452a6db106849432c9577c62aca3f1fd5fe90cd5308Virustotal results 23.33% SilentBuilder
2022-03-3045991393623995433881.xlsxls fd2ecf04bb4da7241599359cdb7b7f3a79197b33968f784ea57336faf2c84ba9n/a SilentBuilder
2022-03-3075815738360.xlsxls 077d5f3c90f36e76e1697b778d051790eb2544941b0b5d91647fd7936c658be3n/a SilentBuilder
2022-03-30708859508938005.xlsxls f736398345593d7694cc483eef6daa8b0530fe9ac5371d53d29f75e4ac5293fen/a Heodo
2022-03-3013161861395.xlsxls ec2aa6f18594a4bc61f6fc977efd358ed21b613e43f91d5acd869c689c687f1dn/a SilentBuilder
2022-03-30886818800675028818.xlsxls 805ea337e3e761a017b54b6a0dd8dacc8e1e05f20f2b5ae129fa1882c4e2ecf4Virustotal results 23.33% SilentBuilder
2022-03-309590003847555927126.xlsxls b8d670ca1984f7ecc9e90c4bc0c4c4d96172690aead7080171735f96c11ba21fn/a SilentBuilder
2022-03-295122441233.xlsxls 3cd17e7df9642d09bd3d735e259ca8f9c4ff061f1070a601f3e638df5fbe1647n/a SilentBuilder
2022-03-29384834990723746946.xlsxls cf32dd8b34af56ba98e8e60de33e463349578b7c5f034c6b5394c1de65d8b3bbn/a SilentBuilder
2022-03-2967979800213765.xlsxls 3e97f09fc53890ba2d5ae2539b5c8df372ed2506ed217d05ff2cf8899d15b8e6n/aSilentBuilder
2022-03-2925144214887792959458.xlsxls cad159477bdcc1a893cefc1b3c89fb0108c077f05f516817b1d9b1c226df132bVirustotal results 21.67%SilentBuilder
2022-03-293634129956.xlsxls 5facd7e6e06801b2f98d8622d9dfa7549dc7fbcc4d2f1cd957f193d81a1e7e31Virustotal results 23.33% Heodo
2022-03-298934883119407384.xlsxls 11e85a3bcab8d5d4f43929a8cf0783d612f20f10f38a0d84e702f110e149e565Virustotal results 23.33% SilentBuilder
2022-03-29548655255504484.xlsxls c52e93e91b5d59d300c8514569b22a800531880de8cf3da12f3bf4166ebb3781Virustotal results 23.73%Heodo
2022-03-29710363744002.xlsxls 299eef9367c7d46794f985f1653108dff2ea664d29f31b8ba1a08c934e1d42b6Virustotal results 23.33% SilentBuilder
2022-03-2979999987113057434041.xlsxls 867434fed6520d51d6ab9e462cc33d2a09e120de7603f17cb852687812ffb18fn/a SilentBuilder
2022-03-29662892587637929.xlsxls d88413ed8bb6c8e22c93bbeeedcdbadc2ec6f0a39dfa83b931dd065eac775edeVirustotal results 23.33% SilentBuilder
2022-03-294218142607.xlsxls d32e7772c5e0a4b5efc90ec207f69a7e3339f692038776b1532299a837356affn/a SilentBuilder
2022-03-29793525051900.xlsxls 63bd32a0fe469f74ded0c05b18cd562e671cf5d2655ccdd9b54ed62c92004750Virustotal results 28.81%SilentBuilder
2022-03-298807944964.xlsxls 1d2a970a13f178da4a04cec74076a142eeb0fd2d6c9a1c639661da703fa83ec1n/aSilentBuilder
2022-03-29652986635531355.xlsxls 0dc5296a03aeb5181c43d4422d84a121157bc97108bb8684f08e593dd428dca5n/a Heodo
2022-03-2973160561026331531887.xlsxls 0d7bdf15ee8c4f287fc1c55f2994e83f273a094154ad42fcf34944ac51dd2791n/a SilentBuilder
2022-03-29427796375056229.xlsxls d3b0a7583d5d42e5abf93d85c63deef61760149573d9da863eddc63b6fe6c168n/aSilentBuilder
2022-03-294180111134325165327.xlsxls 620168857952bcc4a31ded039fae54820360183f4e6f14e787ff3039c964510bn/a Heodo
2022-03-2857027308123355122183.xlsxls 6cfd86adfe720a6432fb65748f6d9c8607f6c15fe412f73e1efd964268152bbaVirustotal results 21.67%SilentBuilder
2022-03-282703531924354.xlsxls 69cfcb0822207ba5d2438f1936d2522c9eaba929f78897554b0b100c7abac3f8Virustotal results 20.00%SilentBuilder
2022-03-2854034187497506.xlsxls 337ee78277daf4f7c28f4a764d468d4e364a6751d2351cbfd0989b4f95bb275dVirustotal results 26.32%SilentBuilder
2022-03-286567003213752.xlsxls bd153489b6964882bb93ee2729a522b9321ba834d9bdbee82d698193cde207cfVirustotal results 21.67% SilentBuilder
2022-03-2895846915757336609933.xlsxls 715d273bbcaee528fef280696afa12b1db53d556971290bc836408e1c7b1bfean/aHeodo
2022-03-28348422987464162.xlsxls 9f74c4f337fab9b9fc01a7bf734c6695a36bb10862579fd703c9738c8ae7d3c5n/a SilentBuilder
2022-03-2863819936111350.xlsxls db268a65e19b4d14944eec024f7d6f01367ea7b6ced86ef086e33e6684e1473en/a SilentBuilder