URLhaus Database

You are currently viewing the URLhaus database entry for http://fireandsafety.ie/flash/wiOEMwk9B3z4eYwbUjN7PcQz2nLOw/?i=1 which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry



Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:2119361
URL: http://fireandsafety.ie/flash/wiOEMwk9B3z4eYwbUjN7PcQz2nLOw/?i=1
URL Status:Offline
Host: fireandsafety.ie
Date added:2022-03-29 14:03:04 UTC
Last online:2023-01-21 17:XX:XX UTC
Threat:Malware download Malware download
URLhaus blocklist:Not blocked
Spamhaus DBL :Not blocked
SURBL :Not blocked
Quad9 :Not blocked
AdGuard :Not blocked
Cloudflare :Not blocked
dns0.eu :Not blocked
ProtonDNS :Not blocked
OpenBLD :Not blocked
DNS4EU :Not blocked
Reporter: Cryptolaemus1
Abuse complaint sent (?): Yes (2022-03-29 14:04:06 UTC to abuse{at}digiweb[dot]ie)
Takedown time:9 months, 28 days, 3 hours, 46 minutes Bad (down since 2023-01-21 17:50:21 UTC)
Tags:doc emotet link epoch4 heodo link SilentBuilder

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2022-03-31QT-67690930.xlsmxlsm 894658b992050ab6d7ee061f083a48264ce56c1b4fbc5ac87c142765405a47f7Virustotal results 36.51% Heodo
2022-03-31SI-375899535687.xlsmxlsm 5fe0d5c74d36af2db670ba08c72837740a66a82a2e8f0b206468474195578366n/a Heodo
2022-03-31ZL-1279972523587.xlsmxlsm 08e64e582d9d42f5f3a21eaff52bcb72b4a3abfc761561ff28f40bf937dedb2cVirustotal results 38.10% Heodo
2022-03-31HZ-76337277124213.xlsmxlsm 54bb2433c32ae91e6033d49276536fd303652e555e7d1cdf5e1aa0bf9f483d18Virustotal results 40.32% Heodo
2022-03-31DWQ-026404181.xlsmxlsm 9490224310276e55dea4f02cf1d9c3c81919929e8abc13c37b670025f1f7a3d0Virustotal results 38.10% Heodo
2022-03-31MLA-230312740508021.xlsmxlsm d4f941f7232c98be2d39a4a97edcad5b4648430bb60ad5a21747b37e705ff2d2n/a Heodo
2022-03-31JFU-99850311465.xlsmxlsm 00ea616ce33ef49268a2d6046f588bb73c80b7a90ae6e5e5067938d72e858564Virustotal results 38.10% Heodo
2022-03-31NOJ-096268357065.xlsmxlsm 162637428037d1f8f3bd675b122e5b830107b9ea7352c8c765e97a3afbce1231n/a Heodo
2022-03-31UL-499331184285822.xlsmxlsm 355981d4c8400968deaa8a13a04a79c90bf9aab795af2ff1b3273b825a477968n/a Heodo
2022-03-30UX-6961853171911.xlsmxlsm d3ad5641b527c4ec7e77e037ed81f1913c394f063e13677b8744b26fb09bdeceVirustotal results 38.10% Heodo
2022-03-30JTL-5626882308.xlsmxlsm 477477fc729f7eae198ac68c6d1a382c1f87d3e92f42c62a2c8fb367b38a658dVirustotal results 39.68% Heodo
2022-03-30UWY-558991478946.xlsmxlsm 93629f0e94046fc0c1c1a2779a8e58d101136842695fc4ad3addbde6c7757dcdVirustotal results 31.67% Heodo
2022-03-30TAJ-02798535376.xlsxls 2fba5997186a1e4e2da7496bd7a1bca3eaf425971cc76dd7be878f3fd88add07n/a SilentBuilder
2022-03-309232261638411.xlsxls 00f6421fe8f4847be025bde29b82ccb92d3bb76d95ca4d36c6b87d9f173d3d01n/a SilentBuilder
2022-03-305695909128340928.xlsxls 59cb698a7354641948808325fe575e61e34b626ab012f8ac911dda41a730b706n/a Heodo
2022-03-3072221095412623432725.xlsxls 6f77ca9db21a17fe2178927c42eb4577bb274ccc4fc4020c6ce808b29434ca37n/a SilentBuilder
2022-03-30789443816942354318.xlsxls 21cd95fb4f71525407b37a901590819a18d24ca48bd6b8f7170ff423e780dd4bn/aSilentBuilder
2022-03-30801163284096130339.xlsxls 89c9bba23213aec7d1d4ddbe14609b0d215e72dccc6c1d13444ec507d57c142en/a SilentBuilder
2022-03-30376369293361843.xlsxls 4744c844f2ac3fb1a611185968f458b2563a408114caf3d89b7e36f341abc2e9Virustotal results 25.00% Heodo
2022-03-30308969270775271713.xlsxls 2d368ee02fde0d0ce77097a1fa96916fbc4ef45ed1887d970b202a1d2ac95b97Virustotal results 14.63% Heodo
2022-03-309130748195678441772.xlsxls 69d8211fe32a1c511c6fd358005bceb8e19e01d9cc927c01b9f0760c13b75d6cn/a Heodo
2022-03-30631042075671.xlsxls df3a1b1930eac36bedd15b195db9439f01f4fe51e33c02ac2785506a585925e5Virustotal results 21.67% SilentBuilder
2022-03-3086952813153903.xlsxls 28c1994bc596421a111c75b795d98b2192edc5aa92b6d1e3adcefd40bd9d0bdfn/a SilentBuilder
2022-03-30098740812389365.xlsxls d626ec1f4b0e55088b727d50635b20660f9a213c239b37475ddaa729ac9cf60fn/a SilentBuilder
2022-03-304284594834619262.xlsxls d165b715b1c473df33c059be50a8eec754b9dc819ed59230ab9c74e352584753n/a SilentBuilder
2022-03-306000776813615224222.xlsxls 81a256099f04dbf352f0038e62c20eb749e9385d45dda82285e99faacd290eb5n/a SilentBuilder
2022-03-3056053232522899552116.xlsxls 0ed4a61da5b83e2f6e1f179296534712391f653cad49956df89b1f9af2651d26Virustotal results 25.00% SilentBuilder
2022-03-3090067425342216947039.xlsxls 549da6161eec4420a4332d23036934becf47e85be6387e5bbe24654e53925a8bVirustotal results 25.00% SilentBuilder
2022-03-30106306136675.xlsxls 05f2d1d207338ed10d39f408f69060015e7feb3324871ccc6058bdba143555fbn/a SilentBuilder
2022-03-30004257847120523256.xlsxls f30f9c9233859f2549dc271d14fd86bdebcc72c70e9c51ba4606b75cbf745473n/a SilentBuilder
2022-03-306048104322060488.xlsxls 2c0ff5e33df365214db21964fb200e964a99535bda26e34cad606c65dfe4f01fn/a SilentBuilder
2022-03-3060473619020205019721.xlsxls e2ee016889aedab89bbc5f12cac6caa90469cc9399fb4d492feda727602e4ed4n/a SilentBuilder
2022-03-30745183654933873797.xlsxls c12be159aaffc14d6672e97c280868c12ceadd8a60e48769ddefa0d64313e18an/a SilentBuilder
2022-03-309361705057278.xlsxls 1df353a49cdcdda3a2fd0975e56722ebb821d116c09ae34767166322b6d971adn/a SilentBuilder
2022-03-301661104579.xlsxls 8afc3601bdf149acb399f6b30fe3188535845cbd8af7c0cf469d02e7524b2b6an/a SilentBuilder
2022-03-3090391988234218581.xlsxls 30ca6fe2cdcf114cf2d4aaf09ec92ff5ef2f13a9ecf72ca8a5d37195f6688aa3n/a SilentBuilder
2022-03-303670049650918794513.xlsxls 39e9199a1a4f3bdec4b6df74937c1a5b178d8f55f2a9ed84a1480e5dbb2be75cn/a SilentBuilder
2022-03-30382472645077088797.xlsxls a75d0b0a3aee02f1a9f86ab7c10a09ca5764e21c8a2238ab6112653201971007Virustotal results 23.73% SilentBuilder
2022-03-308959227958719768.xlsxls 8bc576d7a20e6614e7b139a3ee525c37e46da65fcd2d59a8d4adf1b57354ae05n/a SilentBuilder
2022-03-298037591129655715.xlsxls c7e78d00cf4d1eda853fe906d22b26c5e9a03e67f2ab9f2755ee7b7fb8c54ee6n/a SilentBuilder
2022-03-29623032028383.xlsxls ccb548d41cebfcba2c1b04912fb4f992cca90e013536c6716e1cb2b8145b98d6n/a Heodo
2022-03-296658025261661.xlsxls fa71482fa174e9b6b3a1a1b356349d522ae45132349656afae93182a187ba493Virustotal results 21.67%SilentBuilder
2022-03-2985931171392358.xlsxls a679c80a799b163cf0ad3f464c4a1bc023c7d6dd0715662da376d6260a4b9040Virustotal results 24.56% Heodo
2022-03-296660825528369196228.xlsxls 6d7f03a15d7e07cfbc738ccb0b064abc31733873e7ddc662815454136a5fbc42Virustotal results 23.33%SilentBuilder
2022-03-2964927052825857731693.xlsxls 7afe6200950f155c027ed0e711a8400a4afdc11f99603506b75ffc757658d460n/a SilentBuilder
2022-03-2999850939637904.xlsxls b8815fc4a5adf0e8d11f79313180c3c444b056d9cceda1e151bd29a2dbd4b312n/a SilentBuilder
2022-03-2989978251628394689.xlsxls 299eef9367c7d46794f985f1653108dff2ea664d29f31b8ba1a08c934e1d42b6Virustotal results 23.33% SilentBuilder
2022-03-296350293817422828.xlsxls 785f830ec42e6e6de3f29b1037818fa35ba3bf5bdcc06cff94a3bc582927086cVirustotal results 21.67% SilentBuilder
2022-03-29484024299483320.xlsxls 5bff4b82853506733c25f44c2619c4c6d8c7a828eaa9d5efb088548c4b7ef559n/a SilentBuilder
2022-03-29767201250236492202.xlsxls 4c5383ffd6ae7cdc8f45354d2dca02b8f315980d3baab72da93884ff322c55d4n/aSilentBuilder
2022-03-294326355755767103347.xlsxls b14ce3444ba645ac1c54b14dab08b3ce92e6fae0293285e6cccb53cadce34d75Virustotal results 27.12% SilentBuilder
2022-03-29475460777975.xlsxls 579e2862831265f924368a1a99b50a704aa326d4aa1d02d931edc9cf5665801cn/aSilentBuilder
2022-03-2991158796531405298.xlsxls 25caa88d5f4891c575467c451c7a0382727f6b1ce039adad1bf3f52d76dc6ba9Virustotal results 28.33% Heodo