URLhaus Database

You are currently viewing the URLhaus database entry for http://formedable.nl/cgi-bin/saj2aBFZ/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119177
URL: http://formedable.nl/cgi-bin/saj2aBFZ/?i=1
URL Status:Offline
Host: formedable.nl
Date added:2022-03-29 12:22:03 UTC
Last online:2022-08-31 03:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 12:23:06 UTC to abuse{at}versio[dot]nl)
Takedown time:5 months, 4 days, 15 hours, 25 minutes Bad (down since 2022-08-31 03:48:33 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31ZUN-9275309745675.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31NR-920997130122241.xlsmxlsm 162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231Virustotal results 40.98% Heodo
2022-03-31ER-9885852.xlsmxlsm 9348419acaaa7a82adb28cd968f8b10b980dcfe9622044ff9a7a0383921a3c5fn/a Heodo
2022-03-31SKI-6183005423.xlsmxlsm d496d617d84291189c4e523cd4b174b705c401ea76c1782f79077eca4eef5512n/a Heodo
2022-03-31OT-08205643322.xlsmxlsm df344251ca9c5fdc148f67495779187ecfaeb8d12fb21d8fd0d3912176d9728fn/a Heodo
2022-03-31VKT-5560837.xlsmxlsm 9490224310276e55dea4f02cf1d9c3c81919929e8abc13c37b670025f1f7a3d0n/a Heodo
2022-03-31YVD-417914067.xlsmxlsm eb39b29661d81cbcd7a00f191c61ce9902b80b68e1e03215e56221bfc85863efVirustotal results 39.68% Heodo
2022-03-31CGV-738083554.xlsmxlsm 98a592dec22b8ac672dee0217d195c4a9880a55a26110f225c13f3fe6916495cn/a Heodo
2022-03-31UWB-38554866856946.xlsmxlsm 6f7875f81192db87ffea6b495f10f68edb22a26f0cbc22b47cc1fbaf1b160cddn/a Heodo
2022-03-31YZ-5102342836756.xlsmxlsm f93f882fe4bac2b1210512c64a2985c99282b49a95a2aaa3bfcf6865d6dd0056Virustotal results 38.10% Heodo
2022-03-31GNI-01713241587022.xlsmxlsm 08e924859a3a3f17c099cca75fbb3cfd7f8cd726fa2e89fb47ff02f9687143baVirustotal results 38.10% Heodo
2022-03-30IE-22813384141793.xlsmxlsm 2b1f1f87033e83e264f05939f180b63165e067861f9c6f1253aedc9c9e1efb6en/a Heodo
2022-03-30HVS-353311929.xlsmxlsm 51be5ff843565b3e8fe56f303452e018d305cc846181d2d79d435509b2dc578cVirustotal results 35.00% Heodo
2022-03-30XB-104873643830611.xlsmxlsm 93629f0e94046fc0c1c1a2779a8e58d101136842695fc4ad3addbde6c7757dcdn/a Heodo
2022-03-30VRO-1386607.xlsxls 403c28ce1df56f185d0824575299bea20d7d1738e6a9688c551d039b6d1aaea2Virustotal results 28.33% Heodo
2022-03-3087073731438244212.xlsxls 9adde116bf0bac725d59a9758fe3135672fcf8e2a7d30d3ae41d6df39452d54aVirustotal results 25.00% SilentBuilder
2022-03-306335899365860996.xlsxls afab90f284e5f643a8fa8a6eafd154175a22394254db310f0dcddc607a5ed468n/a Heodo
2022-03-3042098913814969.xlsxls 786cdbbcab12d6076e895521a41dc5e5bd48fd09dbc85d4843a128c04dec73c2n/a SilentBuilder
2022-03-301881282015053875932.xlsxls 8a6effb1430c591fa0e6e8ac6f84b1991bf8cc18f70a432ae63e6bda131914c6Virustotal results 28.33% Heodo
2022-03-30150401158973906.xlsxls bdaa48d2231c1b2486ed207cdf3114a4df1292b4defcef137daabfe6bc8070a5n/aSilentBuilder
2022-03-308153423844.xlsxls 494e147f4a06d709805c7816d8f3278c88e1616668c2a8440603286b0dc41024Virustotal results 25.00% SilentBuilder
2022-03-301606182794801.xlsxls 5206671cef156681bda1a374c1140c4dc8e4796b93d323161c15c6767afe3fcfVirustotal results 23.33%SilentBuilder
2022-03-3087353650041839824730.xlsxls b77ecd5a267d2c31bae67daf05f8319cd9545fee260ea343ae5b9ed7de7835b6Virustotal results 23.73% SilentBuilder
2022-03-305910641424328245.xlsxls d67f14a63d4b1018b28ad7b92dc29791b1aeab26d28ce20b6ef1d538b769df00n/a SilentBuilder
2022-03-302755393207459.xlsxls be9dfcc9a19c2b4a4c65c87d9c03a25c16c3afe1c68fae6125f181c13b556ee1n/a SilentBuilder
2022-03-30242775131707417492.xlsxls 86bb08b68bba280d181a658251d7085e43a2ff459f5b51885e13fd6082203729n/a SilentBuilder
2022-03-300724357490991938.xlsxls 01c4e6e6720cf12afd56900bf7f1866dfa6341b398b7d4f2141c7bc4aa49c467n/a SilentBuilder
2022-03-307753734146077685.xlsxls 1368718563ca6d717e28a11f2ed560ef1e7ebd71253649ab0bd46a45a96e835dn/a SilentBuilder
2022-03-30784611381099758.xlsxls c141fae72760b3ea499d3149ccac1732cee2f3c7b9c0a753fc649b91b5b120f2n/a SilentBuilder
2022-03-300055588000815734.xlsxls e3c025ea969a7801acd598c71b4efadd504f65f294d81eabeecc4fda103183b9n/a SilentBuilder
2022-03-3045153573409236191279.xlsxls 86e52f0a682a1df7d90d7bcd0397e524613976d02acd17e8af00191aa679645cn/a SilentBuilder
2022-03-305319801332464548954.xlsxls 47857229b4e3390c46a0c815ba051979c912f8098d62136f34264d948602e776n/a SilentBuilder
2022-03-30815632350527408318.xlsxls 62aa8fb3870140e002ff639cfd3d17fad96e93dd760c4ec46aa736195c8ee422n/a SilentBuilder
2022-03-3025588444182.xlsxls 153ed0822091516925dc6d0878a91cce7c48cf3015c7b66490832a19bd11eb4bn/a SilentBuilder
2022-03-302984620943313464233.xlsxls a325992d987854aa23fc54d4143bb86b30054da76dc366e5bb655cc628d1e847n/a SilentBuilder
2022-03-30916006279103972644.xlsxls f736398345593d7694cc483eef6daa8b0530fe9ac5371d53d29f75e4ac5293fen/a Heodo
2022-03-30074900595887338678.xlsxls b2384667cf5b1834ef6f3173c72953dd0544b2c49e5ec5b0075629a89e572132n/a SilentBuilder
2022-03-3071136954721.xlsxls 89136067e996c0c3a8e676d6ce711ab54ecf8a512369eb2075ad4e0fb8eea359n/a SilentBuilder
2022-03-3042984965801022.xlsxls ea264f889a1a89c80012dd0905c7a11fb6b541b0b0de6f6504e50101dc7bf0can/a Heodo
2022-03-30163608211680608773.xlsxls 115102a8cd87cce66147485f4ec78296fc8b4a2bc75f372c4bc3496b812fd7ddVirustotal results 23.33% SilentBuilder
2022-03-29353742077735826.xlsxls 6eb16e0690e24c1b65d09c39133e26dee115930191fbb0b6a2a6bbf2963962c1Virustotal results 23.33%SilentBuilder
2022-03-295001028342.xlsxls 5b37a9f3cd867eba54b6e22642861bc889fd2e10793dd90161cbe6e9c0f898e0n/a SilentBuilder
2022-03-29628236209964335.xlsxls b26329204d4a737b51b710c6fb4ca573291be87a1fb5606f0e0b75987c09908fVirustotal results 23.33% SilentBuilder
2022-03-29940871203444071073.xlsxls 62aa0bc0617f8f40908642b1e9b933ef99c9b9a46e7fd061ad689eff28a438fan/a SilentBuilder
2022-03-2972438569116.xlsxls 11e85a3bcab8d5d4f43929a8cf0783d612f20f10f38a0d84e702f110e149e565Virustotal results 23.33% SilentBuilder
2022-03-291100514937.xlsxls 4a1f67eac68a30b3e0d924a827eb976aebd1eca8f0cfdb68ca7d4adeb3d86abdn/a SilentBuilder
2022-03-29827097457968688.xlsxls 299eef9367c7d46794f985f1653108dff2ea664d29f31b8ba1a08c934e1d42b6Virustotal results 23.33% SilentBuilder
2022-03-291183108324.xlsxls de0451fa84d12094775843b0424bfcc18832943128c01ba088acae9c80a402e3n/a SilentBuilder
2022-03-292410130247424.xlsxls d88413ed8bb6c8e22c93bbeeedcdbadc2ec6f0a39dfa83b931dd065eac775edeVirustotal results 23.33% SilentBuilder
2022-03-290648672415229.xlsxls 7217ae6f8e403f079bb5706be7a6ccc2acfddf1713207b50f7521d488e6ae428Virustotal results 24.14% SilentBuilder
2022-03-293569432085305.xlsxls 63bd32a0fe469f74ded0c05b18cd562e671cf5d2655ccdd9b54ed62c92004750Virustotal results 28.81%SilentBuilder
2022-03-2990976916779642891866.xlsxls fa0b00a97c0fcdee52edad2f04692efa11a8567946cffac17a52cfef6da485a6Virustotal results 26.67%SilentBuilder
2022-03-2904028132895.xlsxls ade8be9f42310d7208c19f38eedbbdd38a925237d349718844a036d2ebaa7af3Virustotal results 26.67%Heodo
2022-03-293663126332.xlsxls cdab3f06fc800f2314d28a376016510f54a2e8db458fec38a874b0b9e11793e4Virustotal results 26.67% SilentBuilder
2022-03-29599956152541732959.xlsxls 866a14c5dd422c449b0f0178630e05b0dd997eb15b8d844360e18f8f9b8d4ddaVirustotal results 20.00%Heodo