URLhaus Database

You are currently viewing the URLhaus database entry for http://dunyaaslan.com/cgi-bin/rjdweFNH5/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2118856
URL: http://dunyaaslan.com/cgi-bin/rjdweFNH5/?i=1
URL Status:Offline
Host: dunyaaslan.com
Date added:2022-03-29 11:36:08 UTC
Last online:2022-04-09 18:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 11:37:06 UTC to abuse{at}bluehost[dot]com)
Takedown time:11 days, 7 hours, 14 minutes Bad (down since 2022-04-09 18:52:01 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31MA-1998333.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31ICI-7347811.xlsmxlsm aae715bd593347d4b94a81d9367b35a192014b0d17aa40e05652b3d84e5aedcbn/a Heodo
2022-03-31AA-1128445435285.xlsmxlsm a7ae8fb40c5d93e9ddbfc68b000b65ba19b085e7a19d3a5d9bef1c243a6add91Virustotal results 43.55% Heodo
2022-03-31UJ-5742073274.xlsmxlsm 5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366n/a Heodo
2022-03-31VED-0296291.xlsmxlsm d496d617d84291189c4e523cd4b174b705c401ea76c1782f79077eca4eef5512n/a Heodo
2022-03-31QFK-52162170082.xlsmxlsm 54bb2433c32ae91e6033d49276536fd303652e555e7d1cdf5e1aa0bf9f483d18Virustotal results 40.32% Heodo
2022-03-31LC-22953652550423.xlsmxlsm 9490224310276e55dea4f02cf1d9c3c81919929e8abc13c37b670025f1f7a3d0n/a Heodo
2022-03-31PCQ-102689836414.xlsmxlsm 2617b3b15f0d97a163be4c1cf6df03a45313c05bf0f36c3c2b37e56732608493n/a Heodo
2022-03-31EA-7507357495517.xlsmxlsm 4409b097292f1ed1adedbae38fcecf71370a64209f9bb5ffff019b71e8a88533n/a Heodo
2022-03-31XUT-98664541576355.xlsmxlsm 764d8e72174b0666952016caf95096e85219dba6554a8ce6db74b8244b3e7590n/a Heodo
2022-03-30LNG-539364312293040.xlsmxlsm 355981d4c8400968deaa8a13a04a79c90bf9aab795af2ff1b3273b825a477968n/a Heodo
2022-03-30HQ-19476013290.xlsmxlsm 51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578cVirustotal results 35.00% Heodo
2022-03-30HS-58414791084.xlsmxlsm 93629f0e94046fc0c1c1a2779a8e58d101136842695fc4ad3addbde6c7757dcdn/a Heodo
2022-03-30PO-373313212959.xlsxls 6e01ff3d58fa651f18f924c8458cd62827fef98bc3e43893fb927f34b9ed02c1Virustotal results 28.33% SilentBuilder
2022-03-30TY-2692953985.xlsxls dd89ded2be5b0a176d6a4d7e4d75f19fd83294a5b0a6da3fcaf12119bbf6f6f2n/a SilentBuilder
2022-03-30506888867983799527.xlsxls 7e0fed83342cb9194e28095ab63cea9de221517ac891b52d151316e4a6b0647an/aSilentBuilder
2022-03-3040148794993.xlsxls 47d56d48a9d1124c93c30fceca3e85139262e561196d7e483048f00952a1dfaen/a SilentBuilder
2022-03-3075922663424034716655.xlsxls ca7ae0768d8ec84c9636a4287b0924f63b6c34a876d90a1db949444a9f913e9eVirustotal results 25.00%SilentBuilder
2022-03-302913939081824.xlsxls 539de96d81ed4955f2d70a8c888ba181357736c83b1c56383797bb82f18abb52n/aSilentBuilder
2022-03-3024715585968299.xlsxls b2565c24c9c72461d71c25df5d6ea291c53cd27725217f8c6585653cbdf72648Virustotal results 25.00%Heodo
2022-03-309124039441044.xlsxls 05b7de9ea6dc7fc6aa9bee8c26c08424ecb944f734630f2f5f708dd38c643200Virustotal results 25.42% SilentBuilder
2022-03-30316818468924.xlsxls 1c245a21651a8c0b846115b2fd1f0d4486ef0c80522d6d2384ca6ebac23fcc90Virustotal results 25.00% SilentBuilder
2022-03-3040200824220519.xlsxls 9aae3a9d0d57dec1eb2e6151e4930c4624c95638ea038cfcd64436bf32abb39fn/a Heodo
2022-03-3000961195287050350.xlsxls 92b068c533ae97aca8470cdbc6e8d3bf23caaf19f593b462e8352e58cf21c352n/a SilentBuilder
2022-03-30598826466773399.xlsxls f1ec936230e60a9c080eee9bd8e29abdfe9959fae0d2fec695d9d43efac61dean/a SilentBuilder
2022-03-30464260147184073.xlsxls 9b3c07ec8e135d5706a87f86ddac9da3702a1913064f7982abee3545039bc251Virustotal results 30.51% SilentBuilder
2022-03-30615197161489.xlsxls 60e88edf882041b4b5d3d2d44bef62b53fc478dc719df2d61ce6f55771cda593n/a SilentBuilder
2022-03-3044262837393832.xlsxls 8662a8f28d4d13e0f36dda09d1734704123a06015f1be22a52db01bcdbe53e51Virustotal results 25.00% SilentBuilder
2022-03-3036634767884679472.xlsxls 73a7d36de3e4f7ddc7f714ff205b0ccd1660020f04898ec79764150268cc31e5n/a SilentBuilder
2022-03-30566438649984856845.xlsxls ed919e7317e9edb91eb7468e26cad1b08ecd328cfb669e1fb95bc2f3171b2ec8n/a SilentBuilder
2022-03-3046026755854056.xlsxls f30f9c9233859f2549dc271d14fd86bdebcc72c70e9c51ba4606b75cbf745473n/a SilentBuilder
2022-03-3011293361219.xlsxls d8fa6629e2e76e50fca563d0c65c4ebdeb6d3476fbf62a732152525b3d650f18n/a SilentBuilder
2022-03-30451837096361892.xlsxls 04ac8d4f88206b66f708ec4c0160a66be9b7e9dc3b06c3e1e7faa48648b347dbn/a SilentBuilder
2022-03-3071518373467353842.xlsxls 1b089c16d2adf32a8ea9e0ba5b62334000ff4929d32cc909f2d55bf738497a2an/a SilentBuilder
2022-03-3055414002608.xlsxls 85a517c8a98c039c699d728c89dd5cd5aa6aac0c77601894e0c40a528d987736n/a SilentBuilder
2022-03-3011274740028036.xlsxls b1f9a8c2b79e9e80247652fcb54a87ead4d7b32c51769ae1622b94d9af3edeecVirustotal results 21.67% SilentBuilder
2022-03-30357755036857824537.xlsxls ec7482a190a882585f05c887e5aa7d8f6f468ef0b21a83470506677a9a4fb172n/a SilentBuilder
2022-03-306419733354.xlsxls cc8036bb6d492ceccb562c81d9f23fc68d16c4556fe30ee39c461f4c4e436c3fn/a SilentBuilder
2022-03-309709215489807320490.xlsxls 4b1bbda0a79f94fcfb3e365b20d67277bf11d406f08d6a6417636af0142eea75Virustotal results 22.41% SilentBuilder
2022-03-306608307139165940.xlsxls b8d670ca1984f7ecc9e90c4bc0c4c4d96172690aead7080171735f96c11ba21fn/a SilentBuilder
2022-03-29025707429891.xlsxls 97df6ceb1a63712a6b1bf8f40f12d8add7b3a4e7f8191734eaee45dc10aee3ecn/a Heodo
2022-03-29992395065973957.xlsxls cf32dd8b34af56ba98e8e60de33e463349578b7c5f034c6b5394c1de65d8b3bbn/a SilentBuilder
2022-03-299403332602.xlsxls d2c2f994b521bda48acab4fdb007d4fd5b14e1d30efd50a47348c9021992ff50n/a Heodo
2022-03-298898719155482220.xlsxls cad159477bdcc1a893cefc1b3c89fb0108c077f05f516817b1d9b1c226df132bVirustotal results 21.67%SilentBuilder
2022-03-29372484634729534146.xlsxls 67a20d8315c3e1cb24416ae035906dcd81592e4320a2168428e11db1afeee329n/a SilentBuilder
2022-03-295878737935874724397.xlsxls 37b9f7f289229073f7615e9694ead523ff3f6cdf77a0cf2d0694d910a10ce6b7Virustotal results 21.67% Heodo
2022-03-2969582690127810416.xlsxls 366adc2e4e00c246f9a2a1098ec0a355f457480203eca3a7402695cef7d6bab3n/a Heodo
2022-03-29063647113946382.xlsxls 5f9fa7d4e83fcb1c43adfec5645e4c5c89c9fda111fcc3258eb052aa51eb1206Virustotal results 21.67% Heodo
2022-03-29597610892984376972.xlsxls 22daeddd01102db47e51040281f74ceb59a25e612288ef7010287a71977a6044n/a SilentBuilder
2022-03-290630906253740624533.xlsxls 82712ef6878423d4241b9bb9d22d2c9188f6d92ba57da69b6c7da9128fd3dfe6n/a Heodo
2022-03-2992384345043.xlsxls 7d802416dfc0522e641b121da6bec6f5b2b4f1357dab51c7cb08d81894099893Virustotal results 21.67%Heodo
2022-03-29164114842504483932.xlsxls f07ba2bbbcf7e8695e579db41bdabdf9c8c0de567c3d52a2f1733571e564ec10n/a Heodo
2022-03-2913761930688262778.xlsxls a909791cbe01905c835db3b85c057da505b76e2fa962c0d73ef2af6c817119e2n/a Heodo
2022-03-297176907474.xlsxls fe87862f90549755efaee245f8cc61081d11411aa993e5afbbf3d8f3880309d6Virustotal results 25.00%SilentBuilder
2022-03-296665605195416191.xlsxls 14e8db56fca9ef89953aa6a21f61ebbccfe2782c5fdd241c5ad63eecc3c4279en/aHeodo
2022-03-294583360791255094242.xlsxls 0394cd1a49e6b3499d3a10081c5682e2c304a84ce3915d0ca3effeb5e533ae10n/a SilentBuilder
2022-03-29378489782049715.xlsxls 620168857952bcc4a31ded039fae54820360183f4e6f14e787ff3039c964510bn/a Heodo