URLhaus Database

You are currently viewing the URLhaus database entry for http://fisika.mipa.uns.ac.id/reseller/img/ldRfBVqQ/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119325
URL: http://fisika.mipa.uns.ac.id/reseller/img/ldRfBVqQ/?i=1
URL Status:Offline
Host: fisika.mipa.uns.ac.id
Date added:2022-03-29 13:41:07 UTC
Last online:2022-06-10 07:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Status unknown
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Status unknown
ProtonDNS :Status unknown
OpenBLD :Not blocked
DNS4EU :Blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 13:42:08 UTC to abuse{at}uns[dot]ac[dot]id)
Takedown time:2 months, 12 days, 17 hours, 24 minutes Bad (down since 2022-06-10 07:06:08 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31XM-1581178133.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31DF-44730482027754.xlsmxlsm b0fa5dda99558a54917cc9a5f6269d440cd8b30ed825f72c837d6e4044d9f628Virustotal results 42.62% Heodo
2022-03-31VR-7470872078.xlsmxlsm a1057f814e603d7b7ff7b711305cac0ef15e48b78499802d411424a19ee235f8Virustotal results 40.98% Heodo
2022-03-31FQY-979830718.xlsmxlsm ed2c24997ee2d47a9cc1d73571d3466166ce479c5bc10602b744894b32f9a009n/a Heodo
2022-03-31ABS-135585441907056.xlsmxlsm 54bb2433c32ae91e6033d49276536fd303652e555e7d1cdf5e1aa0bf9f483d18Virustotal results 40.32% Heodo
2022-03-31WP-3073137573897.xlsmxlsm 23dd125c7c3f736b183b9ba66bdd5ee5565f575fbb6c8c593f78f6da0b84e621n/a Heodo
2022-03-31ER-500082360.xlsmxlsm 41a73a914406df97e2944f7742f48272bab7d25486c9c2a5084a7f158fdb2aafn/a Heodo
2022-03-31QNX-28680353224.xlsmxlsm 17b9fb2a14f219a8533daeb04f710613ccf28ccc51a88e7560e932d296b1a856n/a Heodo
2022-03-31WQA-218513731.xlsmxlsm 0c71f0ce426be3dfeacb36cfb08349362327fa6041d1669a1d2ef8b1110bfab3n/a Heodo
2022-03-31WH-6921334333691.xlsmxlsm 08e924859a3a3f17c099cca75fbb3cfd7f8cd726fa2e89fb47ff02f9687143baVirustotal results 38.10% Heodo
2022-03-30VMT-7425778010697.xlsmxlsm ccf8147ef96ae47288019a25336c2935e73d2e06b8fe73823e3596fb1596ba8dVirustotal results 39.34% Heodo
2022-03-30LQ-28251968230423.xlsmxlsm ae3937925f18c7db77b2fd19394cb114cb460741dfa2b7c5bd10de9c5c2e35fdVirustotal results 33.87% Heodo
2022-03-30HS-90273023.xlsmxlsm a635724502ddf792c6bc78f232c678f559b02ac1baa5cb61f924b6d2d7aeccd0Virustotal results 39.66% Heodo
2022-03-30XBV-9629196.xlsxls a1b358f2c3e23ebd2be3bc520da7257052ffbfd336e2fb2fd2522f1847750fd6n/a SilentBuilder
2022-03-30DM-84653562799597.xlsxls 92a382930844cb9ee7f5e2bcf28d79c298b41e8403d2ed09b09e8559666b2bf2n/a SilentBuilder
2022-03-30460344271277169.xlsxls e6816092d6eb5bec7ab8d5463c45994379e212925e29994c9a28a826b9f0ee92n/a SilentBuilder
2022-03-3011218448398736.xlsxls 8e9fb85ebb086fea213c227c680f15a2a7de9341306b5e10f593744e696b05ben/aSilentBuilder
2022-03-30327679571145942769.xlsxls 4609576ebe318d7f78f3afabd1dc9fa8228b2a4926a14173363c59bb47840ef1n/a SilentBuilder
2022-03-30742694883812.xlsxls 9413cad13f6984ead99ed414e0569446e58817727b472a9ffea3097eb76d2e10n/a SilentBuilder
2022-03-307773609828230.xlsxls 947a2faee407c9cb8a073f40b886b47dac2898e9a318202e1206fcfa0720d2fbn/a SilentBuilder
2022-03-30958279328316421300.xlsxls ee0751444c28714ba1f0d4228dbfcee7ee0d8fe35176d8ab8ad52fe2d0eca562n/a SilentBuilder
2022-03-301590744479370340966.xlsxls 1368718563ca6d717e28a11f2ed560ef1e7ebd71253649ab0bd46a45a96e835dn/a SilentBuilder
2022-03-308847862086096.xlsxls 4d57182432ade39fbabce23e685ff21cc1d6cf5966f8bf69e222d84d6c2176e4n/a SilentBuilder
2022-03-3097654605453956351.xlsxls 9822c8d67fc1931f874b2f4e8677a6eb5492d20aa72d677e4d8309f37108668dVirustotal results 25.00% SilentBuilder
2022-03-30904553391146.xlsxls 86e52f0a682a1df7d90d7bcd0397e524613976d02acd17e8af00191aa679645cn/a SilentBuilder
2022-03-3063737058564.xlsxls 905937ee43f2fc5221d18f42e0e1b2514bd1059016ddac70a5fe00c2092cf34an/a SilentBuilder
2022-03-308016005018223958422.xlsxls 0064a9e50d81734b02d6e46a0c7438caaac87d97c3a8d2e252d116c08094820bn/a SilentBuilder
2022-03-305521713712.xlsxls bf39fbaddcce85b3e17ec69bd93ee1f801dedc4db33f7f966176290d1e5a7c1fn/a SilentBuilder
2022-03-3095139006832440.xlsxls b53e7fd809f9e654c0d9d6d4f0aa797529daadc82b205bcecc3b564b45892ac4n/a SilentBuilder
2022-03-30468550204499091.xlsxls 4c775dc66dd1e7eefeb86433444c9bbc877514e792cb453c194199333d0aba86Virustotal results 23.33% SilentBuilder
2022-03-3099087338021.xlsxls 8d68a2348c7a8e5c21b19f4602a4073af8c4f004aca606dc0bcc1639524e9c65n/a SilentBuilder
2022-03-30261007965411707.xlsxls 795d1cb7302f7f2d226a7a50f9a1dfaca81c320aabc71f47113736bc0712a6a7Virustotal results 24.56% SilentBuilder
2022-03-3057945006404430196.xlsxls f37c6c8662785514f852d04f94ac6b2217b3c5244e84dae528f13c5b8b95daecn/a SilentBuilder
2022-03-30363945342648.xlsxls b07c8759ea0818c38666726de4d94bc5d34ae86ca6f38e3470f4f1bb429fc38eVirustotal results 20.00% SilentBuilder
2022-03-3066332808473304769878.xlsxls 0d02c7086648aa7d020cc5a5ed181f99f3d51c2c9a2522726d0bf1cc14b9110fn/a Heodo
2022-03-2960226491655178.xlsxls 5945c872c336b1839e2d24e8ade8c28cd4bfda3b45281798c978e0989334a219n/a Heodo
2022-03-2901447909808552690116.xlsxls ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6n/a Heodo
2022-03-2904126752393594632747.xlsxls b26329204d4a737b51b710c6fb4ca573291be87a1fb5606f0e0b75987c09908fVirustotal results 23.33% SilentBuilder
2022-03-29895410256831.xlsxls a679c80a799b163cf0ad3f464c4a1bc023c7d6dd0715662da376d6260a4b9040Virustotal results 23.33% Heodo
2022-03-2927547622013739859164.xlsxls 0fe0a839f0443f5f4ed8ec44d12841acd9dc15fcd48d5c981483e6463102e4afVirustotal results 23.33% SilentBuilder
2022-03-292216845302.xlsxls 912ef80d96550207598474c59820892d1bf52be76ac1c04f833228027a222f0cn/a SilentBuilder
2022-03-2925555052560246.xlsxls 366adc2e4e00c246f9a2a1098ec0a355f457480203eca3a7402695cef7d6bab3n/a Heodo
2022-03-2934897373162293338565.xlsxls 5378941e26ce682d3e7979a83503640db4ccde8b49fdb1b38dacebfd0f200665n/a Heodo
2022-03-2926153076039080664061.xlsxls 8b374c1d932f35d409569aebfcdc8d691f79009c79916d9d794a892583968c88n/a SilentBuilder
2022-03-2949463644482574.xlsxls 1cac8ab3ebcb3d2cd35f78983f0f8376434e0df131e92784aeedaa28f17abd37n/a Heodo
2022-03-2930140168936853064834.xlsxls 3dc1ecfd1f0d9fe97274513ab0bbaf4b5447f9cc990bba9a95a6ac238116994dVirustotal results 20.34% Heodo
2022-03-297790868497476209718.xlsxls 6b0a69aa1b6d0afb8bce4b69dc04c6dd1b2ad8135fc96a3fdf508a5b418fc3baVirustotal results 27.12%SilentBuilder
2022-03-29405269115153.xlsxls db5152cda8a1d50ab64c64de4442a66c6193802ebf0250816f12fe1256036d37n/a SilentBuilder
2022-03-29102784958409285708.xlsxls fe87862f90549755efaee245f8cc61081d11411aa993e5afbbf3d8f3880309d6Virustotal results 25.00%SilentBuilder
2022-03-29496532927073.xlsxls d86934e6a162cdcebc09f09c00b807bfbbf3ac0e67b239be1480fb15e0ed76fdn/aSilentBuilder