URLhaus Database

You are currently viewing the URLhaus database entry for http://eles-tech.com/css/qkqeXqE6lo4AOVDGmqIQu5i4JKB/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

You are viewing an historical record

While the URL referenced below has been used by bad actors to spread malware in the past, the malicious content has obviously been removed around 2022-12-20. Hence the the URL / website should no longer represent a threat. As a result, URLhaus considers this record as historical. This database entry has not impact on the reputation of the website / domain nor does it appear in any of our blocklists anymore.

ID:	2118032
URL:	http://eles-tech.com/css/qkqeXqE6lo4AOVDGmqIQu5i4JKB/?i=1
URL Status:	Offline
Host:	eles-tech.com
Date added:	2022-03-28 23:21:04 UTC
Last online:	2022-04-04 11:XX:XX UTC
Threat:	Malware download
URLhaus blocklist:	Not blocked
Spamhaus DBL :	Not blocked
SURBL :	Not blocked
Quad9 :	Status unknown
AdGuard :	Not blocked
Cloudflare :	Not blocked
dns0.eu :	Status unknown
ProtonDNS :	Status unknown
OpenBLD :	Not blocked
DNS4EU :	Blocked
Reporter:	Cryptolaemus1
Abuse complaint sent (?):	Yes (2022-03-28 23:22:07 UTC to info{at}atakteknoloji[dot]com)
Takedown time:	6 days, 11 hours, 57 minutes (down since 2022-04-04 11:19:54 UTC)
Tags:	doc emotet epoch4 heodo SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

Firstseen	Filename	File Type	Payload (SHA256)	VT	Signature
2022-03-30	EXO-808520946.xlsm	xlsm	0f0f7b2909d785721bac9e084861e0e82096d63f5a895e6b4cd3c02b490dbc9a	34.92%	Heodo
2022-03-30	XP-748962047020.xlsm	xlsm	08e64e582d9d42f5f3a21eaff52bcb72b4a3abfc761561ff28f40bf937dedb2c	35.48%	Heodo
2022-03-30	POF-33944658911.xlsm	xlsm	96fac13010c22cdd9510ed06c70ed29257b59aa3fc3be17a9515bdcf3596aa51	n/a	Heodo
2022-03-30	CW-601467351565028.xls	xls	2fb5d6b4684b1f180fd682f92fc346420c16376d64b8b8ec6b0564247000dc58	n/a	SilentBuilder
2022-03-30	XSJ-237653747693.xls	xls	7813b5f2ba1876b183aec911e5a55402903c7b4702fef4c3c0055557490ef04a	n/a	SilentBuilder
2022-03-30	88893622201326217.xls	xls	6edf2bbc238af34d4d9a013d6ae99ec1a1df41d15caa4bf4e90ec5fd50ac19ee	28.33%	SilentBuilder
2022-03-30	0120644947785640875.xls	xls	afab90f284e5f643a8fa8a6eafd154175a22394254db310f0dcddc607a5ed468	28.33%	Heodo
2022-03-30	725896598463013429.xls	xls	cbe967409fa0442df555f0fbff61695f558354b193886923b01f29a6617cd9dc	n/a	SilentBuilder
2022-03-30	75961158346951684744.xls	xls	8a6effb1430c591fa0e6e8ac6f84b1991bf8cc18f70a432ae63e6bda131914c6	28.33%	Heodo
2022-03-30	3663033230854552580.xls	xls	b7591b7a18cb144c1108bb4bf93c5fccf323fb6d211e1875fedca3717fdc59d9	n/a	Heodo
2022-03-30	849478530225551375.xls	xls	b2565c24c9c72461d71c25df5d6ea291c53cd27725217f8c6585653cbdf72648	25.00%	Heodo
2022-03-30	44249577183367316.xls	xls	82dd13809bbcd68f4c4cb0b98c2c979c8275fd86dfaaeb01eb3c1e17d6a3d990	21.67%	Heodo
2022-03-30	202279214982039.xls	xls	48d2c47b01e93706dda133adf355e55dd92bfe38a56ccb83ad69afa8328d241f	n/a	Heodo
2022-03-30	31008841174474825.xls	xls	fafb5b78b4090ec62a5226d6f23c69288afa050ae47b4d77365b863b0b65f704	n/a	Heodo
2022-03-30	694158586504015006.xls	xls	d2bbd8120515b265d888b7a8f53e83db7a6b22e79a65a720d69198d989b07a34	n/a	SilentBuilder
2022-03-30	63394485077676.xls	xls	d165b715b1c473df33c059be50a8eec754b9dc819ed59230ab9c74e352584753	n/a	SilentBuilder
2022-03-30	73762314862547410576.xls	xls	ead83de1e59469537742bc196a815d261330e012b2864dd56cb91f93de66a3ba	25.00%	SilentBuilder
2022-03-30	4263205964.xls	xls	15b8f817ad756bd04cd33d34f0a4670b25afa33c7ab59f37b322284809532d05	n/a	SilentBuilder
2022-03-30	3180814507.xls	xls	553da5e4c71464540693e53e16cdb2c9285cfe93168bcc63cddabadaef5504e5	n/a	SilentBuilder
2022-03-30	42575641812.xls	xls	5e42f72b6f48384d2369d13cce199bc20da44c757705ba69765152d0d1d02f96	n/a	SilentBuilder
2022-03-30	97732345422759928074.xls	xls	17ecc742902925465369b5dc8bb6c8c87d9e16a1cdde0c38c3b4264f73029cd6	n/a	SilentBuilder
2022-03-30	113152774500436.xls	xls	905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34a	n/a	SilentBuilder
2022-03-30	52847013214511.xls	xls	7597defb4baf2b0e2bac5b71f4f2cce4b215b9269a11b07be5dd44e5a750956d	n/a	SilentBuilder
2022-03-30	20894636667570431.xls	xls	562cb8922d82b50caf2e7452a6db106849432c9577c62aca3f1fd5fe90cd5308	n/a	SilentBuilder
2022-03-30	3229773619593.xls	xls	810ab94aefd1a5dc68f1df21a77fa2a83f96cc60bb42d7887fae6c365713f2e5	n/a	SilentBuilder
2022-03-30	03233787269113170.xls	xls	44d5403251abf78bcc06490d12cef37dfb9c334dea049aedafa5e6a86bbfb235	n/a	SilentBuilder
2022-03-30	523133212134107915.xls	xls	de1dce37963bd312b3353cd23393b5c9603ab5a2c969ac420447e9183ad18a47	21.67%	SilentBuilder
2022-03-30	036212147520439890.xls	xls	d85257ca0a2f223bcc90abd52ac068212254a99602477b162b091d5a04f2d588	n/a	SilentBuilder
2022-03-30	20877660601685.xls	xls	e2e11b7c2865a2aed4a388d9144668fab90d56b091cee3cca497139a109f9c24	n/a	SilentBuilder
2022-03-30	1261698715657313.xls	xls	a86068c11ddc91fe81492d31c721514cb80c6bb1948c7cf126fe733af7205e52	21.67%	SilentBuilder
2022-03-29	9014000548734258460.xls	xls	5945c872c336b1839e2d24e8ade8c28cd4bfda3b45281798c978e0989334a219	n/a	Heodo
2022-03-29	6499575738036593.xls	xls	4db12a7472a2427ea88cb16a24494b46824688abd29824abffa27f9366e46f30	n/a	SilentBuilder
2022-03-29	78429126711577.xls	xls	82fc4fee02805ea0fbd6578b5e33d809165c90f10143c644566ea6991cecc4a8	20.69%	SilentBuilder
2022-03-29	637929203469.xls	xls	6ddbab092ea3334218e1a42e8c21dacd63db67a4c382a78095e0712c06d9a667	n/a	SilentBuilder
2022-03-29	29107816843.xls	xls	d2d3ee44f59528659d087d1782d7d4f6c95c2c5e22fcdeb342fbfd95014f3869	23.33%	Heodo
2022-03-29	56451645249144839.xls	xls	c52e93e91b5d59d300c8514569b22a800531880de8cf3da12f3bf4166ebb3781	23.73%	Heodo
2022-03-29	5357949436088854366.xls	xls	b5e1171cc46588b6ee855ab2c57f90f2889b34542621c1a7d65c5bddb449f679	n/a	SilentBuilder
2022-03-29	979489140415650.xls	xls	de0451fa84d12094775843b0424bfcc18832943128c01ba088acae9c80a402e3	n/a	SilentBuilder
2022-03-29	17268196378553780.xls	xls	d88413ed8bb6c8e22c93bbeeedcdbadc2ec6f0a39dfa83b931dd065eac775ede	23.33%	SilentBuilder
2022-03-29	03798665349645152877.xls	xls	409d6cb4ec67f0e74ec6a09036063b8203e6ecfc95d24e2518701779773b82b5	n/a	Heodo
2022-03-29	20076960759617065.xls	xls	16edd2b91e319c859000e5b7f14b093ef09d72a10753d1c7a3452c1a059bf2a6	30.00%	Heodo
2022-03-29	5587250774758635787.xls	xls	061e17e2d439a3a3345414a01c54208e9ca6e4fb189542b8124668e6dd9659b7	27.59%	SilentBuilder
2022-03-29	90624899157679800478.xls	xls	b27cdd913a87253ea55001d2db3724f441cfb36c91a603982cf4c0fc7a9d3c22	n/a	SilentBuilder
2022-03-29	7173533660017.xls	xls	4c815a49ee680d680791d6675b253a0407bee7805e8d7d9a443ea0869df8097e	n/a	SilentBuilder
2022-03-29	4900457286.xls	xls	5a004200cb6d06164729fd88e5f06276468288808064ce9830f2e5dad73654b5	n/a	SilentBuilder
2022-03-28	8154460879463908.xls	xls	6cfd86adfe720a6432fb65748f6d9c8607f6c15fe412f73e1efd964268152bba	21.67%	SilentBuilder
2022-03-28	412148679326087852.xls	xls	30b98714004926df00d1c71bf7c6e5dd673fa31627f3a130bb3f31c5fe0b0118	22.03%	SilentBuilder